From 11890e3e59a27cdbc473803a9655e4b03d09e953 Mon Sep 17 00:00:00 2001 From: tobkle Date: Sun, 21 May 2017 10:01:35 +0200 Subject: [PATCH 01/69] start branch authorization --- yarn.lock | 80 +++++++++++++++++++++++++++++++++++++++++++++---------- 1 file changed, 66 insertions(+), 14 deletions(-) diff --git a/yarn.lock b/yarn.lock index 45f42dc..e3480bb 100644 --- a/yarn.lock +++ b/yarn.lock @@ -169,6 +169,14 @@ babel-code-frame@^6.16.0: esutils "^2.0.2" js-tokens "^2.0.0" +babel-code-frame@^6.22.0: + version "6.22.0" + resolved "https://registry.yarnpkg.com/babel-code-frame/-/babel-code-frame-6.22.0.tgz#027620bee567a88c32561574e7fd0801d33118e4" + dependencies: + chalk "^1.1.0" + esutils "^2.0.2" + js-tokens "^3.0.0" + babel-core@6.17.0, babel-core@^6.16.0: version "6.17.0" resolved "https://registry.yarnpkg.com/babel-core/-/babel-core-6.17.0.tgz#6c4576447df479e241e58c807e4bc7da4db7f425" @@ -195,14 +203,14 @@ babel-core@6.17.0, babel-core@^6.16.0: slash "^1.0.0" source-map "^0.5.0" -babel-eslint@7.0.0: - version "7.0.0" - resolved "https://registry.yarnpkg.com/babel-eslint/-/babel-eslint-7.0.0.tgz#54e51b4033f54ac81326ecea4c646a779935196d" +babel-eslint@^7.0.0: + version "7.2.3" + resolved "https://registry.yarnpkg.com/babel-eslint/-/babel-eslint-7.2.3.tgz#b2fe2d80126470f5c19442dc757253a897710827" dependencies: - babel-traverse "^6.15.0" - babel-types "^6.15.0" - babylon "^6.11.2" - lodash.pickby "^4.6.0" + babel-code-frame "^6.22.0" + babel-traverse "^6.23.1" + babel-types "^6.23.0" + babylon "^6.17.0" babel-generator@^6.17.0: version "6.18.0" @@ -343,6 +351,12 @@ babel-helpers@^6.16.0: babel-runtime "^6.0.0" babel-template "^6.16.0" +babel-messages@^6.23.0: + version "6.23.0" + resolved "https://registry.yarnpkg.com/babel-messages/-/babel-messages-6.23.0.tgz#f3cdf4703858035b2a2951c6ec5edf6c62f2630e" + dependencies: + babel-runtime "^6.22.0" + babel-messages@^6.8.0: version "6.8.0" resolved "https://registry.yarnpkg.com/babel-messages/-/babel-messages-6.8.0.tgz#bf504736ca967e6d65ef0adb5a2a5f947c8e0eb9" @@ -747,6 +761,13 @@ babel-runtime@^6.0.0, babel-runtime@^6.11.6, babel-runtime@^6.9.0, babel-runtime core-js "^2.4.0" regenerator-runtime "^0.9.5" +babel-runtime@^6.22.0: + version "6.23.0" + resolved "https://registry.yarnpkg.com/babel-runtime/-/babel-runtime-6.23.0.tgz#0a9489f144de70efb3ce4300accdb329e2fc543b" + dependencies: + core-js "^2.4.0" + regenerator-runtime "^0.10.0" + babel-template@^6.14.0, babel-template@^6.15.0, babel-template@^6.16.0, babel-template@^6.8.0: version "6.16.0" resolved "https://registry.yarnpkg.com/babel-template/-/babel-template-6.16.0.tgz#e149dd1a9f03a35f817ddbc4d0481988e7ebc8ca" @@ -757,7 +778,7 @@ babel-template@^6.14.0, babel-template@^6.15.0, babel-template@^6.16.0, babel-te babylon "^6.11.0" lodash "^4.2.0" -babel-traverse@^6.15.0, babel-traverse@^6.16.0, babel-traverse@^6.18.0: +babel-traverse@^6.16.0, babel-traverse@^6.18.0: version "6.18.0" resolved "https://registry.yarnpkg.com/babel-traverse/-/babel-traverse-6.18.0.tgz#5aeaa980baed2a07c8c47329cd90c3b90c80f05e" dependencies: @@ -771,7 +792,21 @@ babel-traverse@^6.15.0, babel-traverse@^6.16.0, babel-traverse@^6.18.0: invariant "^2.2.0" lodash "^4.2.0" -babel-types@^6.13.0, babel-types@^6.15.0, babel-types@^6.16.0, babel-types@^6.18.0, babel-types@^6.8.0, babel-types@^6.9.0: +babel-traverse@^6.23.1: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-traverse/-/babel-traverse-6.24.1.tgz#ab36673fd356f9a0948659e7b338d5feadb31695" + dependencies: + babel-code-frame "^6.22.0" + babel-messages "^6.23.0" + babel-runtime "^6.22.0" + babel-types "^6.24.1" + babylon "^6.15.0" + debug "^2.2.0" + globals "^9.0.0" + invariant "^2.2.0" + lodash "^4.2.0" + +babel-types@^6.13.0, babel-types@^6.16.0, babel-types@^6.18.0, babel-types@^6.8.0, babel-types@^6.9.0: version "6.18.0" resolved "https://registry.yarnpkg.com/babel-types/-/babel-types-6.18.0.tgz#1f7d5a73474c59eb9151b2417bbff4e4fce7c3f8" dependencies: @@ -780,10 +815,23 @@ babel-types@^6.13.0, babel-types@^6.15.0, babel-types@^6.16.0, babel-types@^6.18 lodash "^4.2.0" to-fast-properties "^1.0.1" -babylon, babylon@^6.11.0, babylon@^6.11.2: +babel-types@^6.23.0, babel-types@^6.24.1: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-types/-/babel-types-6.24.1.tgz#a136879dc15b3606bda0d90c1fc74304c2ff0975" + dependencies: + babel-runtime "^6.22.0" + esutils "^2.0.2" + lodash "^4.2.0" + to-fast-properties "^1.0.1" + +babylon, babylon@^6.11.0: version "6.14.1" resolved "https://registry.yarnpkg.com/babylon/-/babylon-6.14.1.tgz#956275fab72753ad9b3435d7afe58f8bf0a29815" +babylon@^6.15.0, babylon@^6.17.0: + version "6.17.1" + resolved "https://registry.yarnpkg.com/babylon/-/babylon-6.17.1.tgz#17f14fddf361b695981fe679385e4f1c01ebd86f" + balanced-match@^0.4.1: version "0.4.2" resolved "https://registry.yarnpkg.com/balanced-match/-/balanced-match-0.4.2.tgz#cb3f3e3c732dc0f01ee70b403f302e61d7709838" @@ -1867,6 +1915,10 @@ js-tokens@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/js-tokens/-/js-tokens-2.0.0.tgz#79903f5563ee778cc1162e6dcf1a0027c97f9cb5" +js-tokens@^3.0.0: + version "3.0.1" + resolved "https://registry.yarnpkg.com/js-tokens/-/js-tokens-3.0.1.tgz#08e9f132484a2c45a30907e9dc4d5567b7f114d7" + js-yaml@^3.5.1: version "3.7.0" resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-3.7.0.tgz#5c967ddd837a9bfdca5f2de84253abe8a1c03b80" @@ -2029,10 +2081,6 @@ lodash.merge@^4.6.0: version "4.6.0" resolved "https://registry.yarnpkg.com/lodash.merge/-/lodash.merge-4.6.0.tgz#69884ba144ac33fe699737a6086deffadd0f89c5" -lodash.pickby@^4.6.0: - version "4.6.0" - resolved "https://registry.yarnpkg.com/lodash.pickby/-/lodash.pickby-4.6.0.tgz#7dea21d8c18d7703a27c704c15d3b84a67e33aff" - lodash@^4.0.0, lodash@^4.2.0, lodash@^4.3.0: version "4.16.6" resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.16.6.tgz#d22c9ac660288f3843e16ba7d2b5d06cca27d777" @@ -2472,6 +2520,10 @@ regenerate@^1.2.1: version "1.3.2" resolved "https://registry.yarnpkg.com/regenerate/-/regenerate-1.3.2.tgz#d1941c67bad437e1be76433add5b385f95b19260" +regenerator-runtime@^0.10.0: + version "0.10.5" + resolved "https://registry.yarnpkg.com/regenerator-runtime/-/regenerator-runtime-0.10.5.tgz#336c3efc1220adcedda2c9fab67b5a7955a33658" + regenerator-runtime@^0.9.5: version "0.9.6" resolved "https://registry.yarnpkg.com/regenerator-runtime/-/regenerator-runtime-0.9.6.tgz#d33eb95d0d2001a4be39659707c51b0cb71ce029" From f4227278edccdcd3c9c4ad099bb5ec76d309d68b Mon Sep 17 00:00:00 2001 From: tobkle Date: Sun, 21 May 2017 14:04:59 +0200 Subject: [PATCH 02/69] auth code in test/output-app --- test/input/Tweet.graphql | 13 +++++- test/input/User.graphql | 17 +++++++- test/output-app/model/Tweet.js | 57 +++++++++++++++++++++++++++ test/output-app/model/User.js | 63 ++++++++++++++++++++++++++++++ test/output-app/resolvers/Tweet.js | 40 +++++++++++++++---- test/output-app/resolvers/User.js | 40 +++++++++++++++---- test/seeds/User.json | 6 +-- 7 files changed, 217 insertions(+), 19 deletions(-) diff --git a/test/input/Tweet.graphql b/test/input/Tweet.graphql index 9fc371f..b0447d6 100644 --- a/test/input/Tweet.graphql +++ b/test/input/Tweet.graphql @@ -1,4 +1,15 @@ -type Tweet { +type Tweet + +@authorize( + create: ["owner"] + readOne: [] + readMany: ["world"] + update: ["owner", "editor"] + delete: ["owner", "admin"] + ownerField: "author" +) + +{ author: User! @unmodifiable body: String! diff --git a/test/input/User.graphql b/test/input/User.graphql index 842c07d..2dbd765 100644 --- a/test/input/User.graphql +++ b/test/input/User.graphql @@ -1,5 +1,20 @@ -type User { +type User + +@authorize( + create: ["admin"] + readOne: ["owner", "admin"] + readMany: ["admin"] + update: ["owner", "admin"] + delete: ["owner", "admin"] + ownerField: "_id" + roleField: "role" +) + +{ + role: String! + username: String! + bio: String notify: Boolean diff --git a/test/output-app/model/Tweet.js b/test/output-app/model/Tweet.js index ebe5063..d1a7e1e 100644 --- a/test/output-app/model/Tweet.js +++ b/test/output-app/model/Tweet.js @@ -1,14 +1,71 @@ +import _ from 'lodash'; import DataLoader from 'dataloader'; import findByIds from 'mongo-find-by-ids'; export default class Tweet { constructor(context) { + this.ownerField = 'authorId'; // @authorize(ownerField: "author") this.context = context; this.collection = context.db.collection('tweet'); this.pubsub = context.pubsub; this.loader = new DataLoader(ids => findByIds(this.collection, ids)); } + // returns the owner of the current document @authorize(ownerField) + owner(doc){ + return doc[this.ownerField] || null; + } + + // returns true, if the current user is authorized for the current mode and document + isAuthorized({doc, mode, user}){ + const owner = this.owner(doc); + const role = this.context.User.role(user); + + switch (mode) { + + case: 'create': + // @authorize(create: ["owner"]) + return (!!role && user._id === owner); + break; + + case: 'readOne': + // @authorize(readOne: []) + return false; + break; + + case: 'readMany': + // @authorize(readMany: ["world"]) + return true; + break; + + case: 'update': + // @authorize(update: ["owner", editor"]) + return (!!role && (user._id === owner || role === 'editor')); + break; + + case: 'delete': + // @authorize(delete: ["owner", "admin"]) + return (!!role && (user._id === owner || role === 'admin')); + break; + + default: + return false; + break; + + } + } + + // returns only authorized documents + authorized({doc, mode, user}){ + if (_.isArray(doc)){ + return _.filter(doc, d => this.isAuthorized({doc: d, mode, user}) ); + } else if (_.isObject(doc) && this.isAuthorized({doc, mode, user})) { + return doc; + } else { + return null; + } + } + findOneById(id) { return this.loader.load(id); } diff --git a/test/output-app/model/User.js b/test/output-app/model/User.js index fd61249..76c8ae2 100644 --- a/test/output-app/model/User.js +++ b/test/output-app/model/User.js @@ -1,14 +1,77 @@ +import _ from 'lodash'; import DataLoader from 'dataloader'; import findByIds from 'mongo-find-by-ids'; export default class User { constructor(context) { + this.ownerField = '_id'; // @authorize(ownerField: "_id") + this.roleField = 'role'; // @authorize(roleField: "role") this.context = context; this.collection = context.db.collection('user'); this.pubsub = context.pubsub; this.loader = new DataLoader(ids => findByIds(this.collection, ids)); } + // returns the owner of the current document @authorize(ownerField) + owner(doc){ + return doc[this.ownerField] || null; + } + + // returns the role of the current user @authorize(roleField) + role(user){ + return user[this.roleField] || null; + } + + // returns true, if the current user is authorized for the current mode and document + isAuthorized({doc, mode, user}){ + const owner = this.owner(doc); + const role = this.context.User.role(user); + + switch (mode) { + + case: 'create': + // @authorize(create: ["admin"]) + return (!!role && role === 'admin'); + break; + + case: 'readOne': + // @authorize(readOne: ["owner", "admin"]) + return (!!role && (user._id === owner || role === 'admin')); + break; + + case: 'readMany': + // @authorize(readMany: ["admin"]) + return (!!role && role === 'admin'); + break; + + case: 'update': + // @authorize(update: ["owner", "admin"]) + return (!!role && (user._id === owner || role === 'admin')); + break; + + case: 'delete': + // @authorize(delete: ["owner", "admin"]) + return (!!role && (user._id === owner || role === 'admin')); + break; + + default: + return false; + break; + + } + } + + // returns only authorized documents + authorized({doc, mode, user}){ + if (_.isArray(doc)){ + return _.filter(doc, d => this.isAuthorized({doc: d, mode, user}) ); + } else if (_.isObject(doc) && this.isAuthorized({doc, mode, user})) { + return doc; + } else { + return null; + } + } + findOneById(id) { return this.loader.load(id); } diff --git a/test/output-app/resolvers/Tweet.js b/test/output-app/resolvers/Tweet.js index 64cfed4..cc85b8e 100644 --- a/test/output-app/resolvers/Tweet.js +++ b/test/output-app/resolvers/Tweet.js @@ -13,26 +13,52 @@ const resolvers = { }, }, Query: { - tweets(root, { lastCreatedAt, limit }, { Tweet }) { - return Tweet.all({ lastCreatedAt, limit }); + tweets(root, { lastCreatedAt, limit }, { Tweet, user }) { + return Tweet.authorized({ + doc: Tweet.all({ lastCreatedAt, limit }), + mode: 'readMany', + user + }); }, - tweet(root, { id }, { Tweet }) { - return Tweet.findOneById(id); + tweet(root, { id }, { Tweet, user }) { + return Tweet.authorized({ + doc: Tweet.findOneById(id), + mode: 'readOne', + user + }); }, }, Mutation: { - async createTweet(root, { input }, { Tweet }) { + async createTweet(root, { input }, { Tweet, user }) { + const authorized = Tweet.isAuthorized({ + doc: input, + mode: 'create', + user + }); + if (!authorized) throw new Error('Not authorized'); const id = await Tweet.insert(input); return Tweet.findOneById(id); }, - async updateTweet(root, { id, input }, { Tweet }) { + async updateTweet(root, { id, input }, { Tweet, user }) { + const authorized = Tweet.isAuthorized({ + doc: Tweet.findOneById(id), + mode: 'update', + user + }); + if (!authorized) throw new Error('Not authorized'); await Tweet.updateById(id, input); return Tweet.findOneById(id); }, - removeTweet(root, { id }, { Tweet }) { + removeTweet(root, { id }, { Tweet, user }) { + const authorized = Tweet.isAuthorized({ + doc: Tweet.findOneById(id), + mode: 'delete', + user + }); + if (!authorized) throw new Error('Not authorized'); return Tweet.removeById(id); }, }, diff --git a/test/output-app/resolvers/User.js b/test/output-app/resolvers/User.js index 0e4abac..a5cef19 100644 --- a/test/output-app/resolvers/User.js +++ b/test/output-app/resolvers/User.js @@ -21,26 +21,52 @@ const resolvers = { }, }, Query: { - users(root, { lastCreatedAt, limit }, { User }) { - return User.all({ lastCreatedAt, limit }); + users(root, { lastCreatedAt, limit }, { User, user }) { + return User.authorized({ + doc: User.all({ lastCreatedAt, limit }), + mode: 'readMany', + user + }); }, - user(root, { id }, { User }) { - return User.findOneById(id); + user(root, { id }, { User, user }) { + return User.authorized({ + doc: User.findOneById(id), + mode: 'readOne', + user + }); }, }, Mutation: { - async createUser(root, { input }, { User }) { + async createUser(root, { input }, { User, user }) { + const authorized = User.isAuthorized({ + doc: input, + mode: 'create', + user + }); + if (!authorized) throw new Error('Not authorized'); const id = await User.insert(input); return User.findOneById(id); }, - async updateUser(root, { id, input }, { User }) { + async updateUser(root, { id, input }, { User, user }) { + const authorized = User.isAuthorized({ + doc: User.findOneById(id), + mode: 'update', + user + }); + if (!authorized) throw new Error('Not authorized'); await User.updateById(id, input); return User.findOneById(id); }, - removeUser(root, { id }, { User }) { + removeUser(root, { id }, { User, user }) { + const authorized = User.isAuthorized({ + doc: User.findOneById(id), + mode: 'delete', + user + }); + if (!authorized) throw new Error('Not authorized'); return User.removeById(id); }, }, diff --git a/test/seeds/User.json b/test/seeds/User.json index 1618acf..6012a04 100644 --- a/test/seeds/User.json +++ b/test/seeds/User.json @@ -1,3 +1,3 @@ -{"_id":{"$oid":"583291a1638566b3c5a92ca1"},"bio":"tech lead @meteorjs @apollographql","createdAt":1.479776905993e+12,"followingIds":[{"$oid":"583291a1638566b3c5a92ca0"}],"likedIds":[{"$oid":"583676d3618530145474e350"},{"$oid":"583676d3618530145474e351"}],"updatedAt":1.479776905993e+12,"username":"stubailo"} -{"_id":{"$oid":"583291a1638566b3c5a92ca0"},"bio":"I build things with @percolatestudio. Author of @discovermeteor. Exploring how to improve user experience through technology, design and performance.","createdAt":1.479776904993e+12,"followingIds":[{"$oid":"583291a1638566b3c5a92ca1"},{"$oid":"583291a1638566b3c5a92ca2"}],"likedIds":[{"$oid":"583676d3618530145474e352"},{"$oid":"583676d3618530145474e353"},{"$oid":"583676d3618530145474e354"}],"updatedAt":1.479776904993e+12,"username":"tmeasday"} -{"_id":{"$oid":"583291a1638566b3c5a92ca2"},"bio":"Co-founder of Parse, now at Facebook. Ex Google search quality, game developer \u0026 math contester.","createdAt":1.479776906993e+12,"followingIds":[{"$oid":"583291a1638566b3c5a92ca1"}],"likedIds":[{"$oid":"583676d3618530145474e350"},{"$oid":"583676d3618530145474e353"}],"updatedAt":1.479776906993e+12,"username":"lacker"} +{"_id":{"$oid":"583291a1638566b3c5a92ca1"},"bio":"tech lead @meteorjs @apollographql","createdAt":1.479776905993e+12,"followingIds":[{"$oid":"583291a1638566b3c5a92ca0"}],"likedIds":[{"$oid":"583676d3618530145474e350"},{"$oid":"583676d3618530145474e351"}],"updatedAt":1.479776905993e+12,"username":"stubailo", "role":"editor"} +{"_id":{"$oid":"583291a1638566b3c5a92ca0"},"bio":"I build things with @percolatestudio. Author of @discovermeteor. Exploring how to improve user experience through technology, design and performance.","createdAt":1.479776904993e+12,"followingIds":[{"$oid":"583291a1638566b3c5a92ca1"},{"$oid":"583291a1638566b3c5a92ca2"}],"likedIds":[{"$oid":"583676d3618530145474e352"},{"$oid":"583676d3618530145474e353"},{"$oid":"583676d3618530145474e354"}],"updatedAt":1.479776904993e+12,"username":"tmeasday", "role": "admin"} +{"_id":{"$oid":"583291a1638566b3c5a92ca2"},"bio":"Co-founder of Parse, now at Facebook. Ex Google search quality, game developer \u0026 math contester.","createdAt":1.479776906993e+12,"followingIds":[{"$oid":"583291a1638566b3c5a92ca1"}],"likedIds":[{"$oid":"583676d3618530145474e350"},{"$oid":"583676d3618530145474e353"}],"updatedAt":1.479776906993e+12,"username":"lacker", "role": "user"} From 2ba2f6cab67e1ca4ac8d3f458b7032fbb7c4ddd4 Mon Sep 17 00:00:00 2001 From: tobkle Date: Sun, 21 May 2017 18:19:24 +0200 Subject: [PATCH 03/69] auth end-to-end-test yet without generator --- test/input/Tweet.graphql | 4 +- test/output-app-end-to-end/mutations.js | 13 +++-- .../scripts/generateJWT.js | 23 +++++++++ test/output-app-end-to-end/sendQuery.js | 5 +- test/output-app/model/Tweet.js | 50 +++++++++---------- test/output-app/model/User.js | 50 +++++++++---------- test/output-app/resolvers/Tweet.js | 47 ++++++----------- test/output-app/resolvers/User.js | 47 ++++++----------- test/output-app/schema/User.graphql | 3 ++ test/seeds/User.json | 4 +- 10 files changed, 121 insertions(+), 125 deletions(-) create mode 100755 test/output-app-end-to-end/scripts/generateJWT.js diff --git a/test/input/Tweet.graphql b/test/input/Tweet.graphql index b0447d6..ddab880 100644 --- a/test/input/Tweet.graphql +++ b/test/input/Tweet.graphql @@ -2,9 +2,9 @@ type Tweet @authorize( create: ["owner"] - readOne: [] + readOne: ["world"] readMany: ["world"] - update: ["owner", "editor"] + update: ["owner", "admin"] delete: ["owner", "admin"] ownerField: "author" ) diff --git a/test/output-app-end-to-end/mutations.js b/test/output-app-end-to-end/mutations.js index 85f9efa..a2eb59e 100644 --- a/test/output-app-end-to-end/mutations.js +++ b/test/output-app-end-to-end/mutations.js @@ -9,18 +9,21 @@ describe('mutations', () => { function makeInput(user) { return `{ username: "${user.username}", - bio: "${user.bio}" + bio: "${user.bio}", + role: "${user.role}" }`; } const expectedUser = { username: 'zol', bio: 'Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead', + role: 'admin' }; const modifiedUser = { username: 'zoltan', bio: 'Maker of things, I guess', + role: 'admin' }; let userId; @@ -39,7 +42,7 @@ describe('mutations', () => { }) .then(() => sendQueryAndExpect( - `{ user(id: "${userId}") { username, bio } }`, + `{ user(id: "${userId}") { username, bio, role } }`, { user: expectedUser }) ) .then(() => @@ -48,13 +51,14 @@ describe('mutations', () => { updateUser(id: "${userId}", input: ${makeInput(modifiedUser)}) { username bio + role } } `, { updateUser: modifiedUser }) ) .then(() => sendQueryAndExpect( - `{ user(id: "${userId}") { username, bio } }`, + `{ user(id: "${userId}") { username, bio, role } }`, { user: modifiedUser }) ) .then(() => @@ -64,7 +68,7 @@ describe('mutations', () => { ) .then(() => sendQueryAndExpect( - `{ user(id: "${userId}") { username, bio } }`, + `{ user(id: "${userId}") { username, bio, role } }`, { user: null }) ); }); @@ -106,6 +110,7 @@ describe('mutations', () => { assert.isNotNull(result.data.createTweet); assert.isNotNull(result.data.createTweet.id); tweetId = result.data.createTweet.id; + console.log('tweetId', tweetId); }) .then(() => sendQueryAndExpect( diff --git a/test/output-app-end-to-end/scripts/generateJWT.js b/test/output-app-end-to-end/scripts/generateJWT.js new file mode 100755 index 0000000..bfe46ae --- /dev/null +++ b/test/output-app-end-to-end/scripts/generateJWT.js @@ -0,0 +1,23 @@ +import jwt from '../../output-app/node_modules/jwt-simple'; +import fs from 'fs'; + +const KEY = 'test-key'; + +const userFile = fs.readFileSync('../../seeds/User.json', 'utf8'); +const re = new RegExp("{.*}", 'g'); +let arr; + +while ((arr = re.exec(userFile)) !== null) { + let user = JSON.parse(arr[0]); + console.log(user); + console.log('------------------------------------'); + console.log('Generated JWT Token for tests:'); + const payload = { + userId: user._id.$oid.toString(), + }; + const token = jwt.encode(payload, KEY); + console.log(token); + console.log('######################################'); +} + + diff --git a/test/output-app-end-to-end/sendQuery.js b/test/output-app-end-to-end/sendQuery.js index 511c35f..db9eb13 100644 --- a/test/output-app-end-to-end/sendQuery.js +++ b/test/output-app-end-to-end/sendQuery.js @@ -6,7 +6,10 @@ const ENDPOINT = 'http://localhost:3000/graphql'; export function sendQuery({ query }) { return fetch(ENDPOINT, { method: 'POST', - headers: { 'content-type': 'application/json' }, + headers: { + 'content-type': 'application/json', + 'authorization': 'JWT eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VySWQiOiI1ODMyOTFhMTYzODU2NmIzYzVhOTJjYTEifQ.QaJYP81K7kgB8FVw6bOK7XSZYI6_gn9GCOlDToQcu0Q', + }, body: JSON.stringify({ query }), }).then((response) => { assert.equal(response.status, 200, response.statusText); diff --git a/test/output-app/model/Tweet.js b/test/output-app/model/Tweet.js index d1a7e1e..ce3c820 100644 --- a/test/output-app/model/Tweet.js +++ b/test/output-app/model/Tweet.js @@ -13,46 +13,40 @@ export default class Tweet { // returns the owner of the current document @authorize(ownerField) owner(doc){ - return doc[this.ownerField] || null; + return (doc && doc[this.ownerField]) ? doc[this.ownerField] : null; } // returns true, if the current user is authorized for the current mode and document - isAuthorized({doc, mode, user}){ + isAuthorized({doc, mode, user, debug = true}){ + let authResult = false; const owner = this.owner(doc); const role = this.context.User.role(user); switch (mode) { - - case: 'create': + case 'create': // @authorize(create: ["owner"]) - return (!!role && user._id === owner); + authResult = (!!role && !!user._id); break; - - case: 'readOne': - // @authorize(readOne: []) - return false; + case 'readOne': + // @authorize(readOne: ["world"]) + authResult = true; break; - - case: 'readMany': + case 'readMany': // @authorize(readMany: ["world"]) - return true; + authResult = true; break; - - case: 'update': + case 'update': // @authorize(update: ["owner", editor"]) - return (!!role && (user._id === owner || role === 'editor')); + authResult = (!!role && (user._id === owner || role === 'admin')); break; - - case: 'delete': + case 'delete': // @authorize(delete: ["owner", "admin"]) - return (!!role && (user._id === owner || role === 'admin')); + authResult = (!!role && (user._id === owner || role === 'admin')); break; - - default: - return false; - break; - } + + (debug) ? console.log('Tweet', mode, owner, role, "===>", authResult) : null; + return authResult; } // returns only authorized documents @@ -66,14 +60,16 @@ export default class Tweet { } } - findOneById(id) { - return this.loader.load(id); + async findOneById(id) { + const doc = await this.loader.load(id); + return doc; } - all({ lastCreatedAt = 0, limit = 10 }) { - return this.collection.find({ + async all({ lastCreatedAt = 0, limit = 10 }) { + const docs = await this.collection.find({ createdAt: { $gt: lastCreatedAt }, }).sort({ createdAt: 1 }).limit(limit).toArray(); + return docs; } author(tweet) { diff --git a/test/output-app/model/User.js b/test/output-app/model/User.js index 76c8ae2..cb64bcf 100644 --- a/test/output-app/model/User.js +++ b/test/output-app/model/User.js @@ -14,51 +14,45 @@ export default class User { // returns the owner of the current document @authorize(ownerField) owner(doc){ - return doc[this.ownerField] || null; + return (doc && doc[this.ownerField]) ? doc[this.ownerField] : null; } // returns the role of the current user @authorize(roleField) role(user){ - return user[this.roleField] || null; + return (user && user[this.roleField]) ? user[this.roleField] : null; } // returns true, if the current user is authorized for the current mode and document - isAuthorized({doc, mode, user}){ + isAuthorized({doc, mode, user, debug = true}){ + let authResult = false; const owner = this.owner(doc); const role = this.context.User.role(user); switch (mode) { - - case: 'create': + case 'create': // @authorize(create: ["admin"]) - return (!!role && role === 'admin'); + authResult = (!!role && role === 'admin'); break; - - case: 'readOne': + case 'readOne': // @authorize(readOne: ["owner", "admin"]) - return (!!role && (user._id === owner || role === 'admin')); + authResult = (!!role && (user._id === owner || role === 'admin')); break; - - case: 'readMany': + case 'readMany': // @authorize(readMany: ["admin"]) - return (!!role && role === 'admin'); + authResult = (!!role && role === 'admin'); break; - - case: 'update': + case 'update': // @authorize(update: ["owner", "admin"]) - return (!!role && (user._id === owner || role === 'admin')); + authResult = (!!role && (user._id === owner || role === 'admin')); break; - - case: 'delete': + case 'delete': // @authorize(delete: ["owner", "admin"]) - return (!!role && (user._id === owner || role === 'admin')); + authResult = (!!role && (user._id === owner || role === 'admin')); break; - - default: - return false; - break; - } + + (debug) ? console.log('User', mode, owner, role, "===>", authResult) : null; + return authResult; } // returns only authorized documents @@ -72,14 +66,16 @@ export default class User { } } - findOneById(id) { - return this.loader.load(id); + async findOneById(id) { + const doc = await this.loader.load(id); + return doc; } - all({ lastCreatedAt = 0, limit = 10 }) { - return this.collection.find({ + async all({ lastCreatedAt = 0, limit = 10 }) { + const docs = await this.collection.find({ createdAt: { $gt: lastCreatedAt }, }).sort({ createdAt: 1 }).limit(limit).toArray(); + return docs; } tweets(user, { minLikes, lastCreatedAt = 0, limit = 10 }) { diff --git a/test/output-app/resolvers/Tweet.js b/test/output-app/resolvers/Tweet.js index cc85b8e..8b6745f 100644 --- a/test/output-app/resolvers/Tweet.js +++ b/test/output-app/resolvers/Tweet.js @@ -13,52 +13,37 @@ const resolvers = { }, }, Query: { - tweets(root, { lastCreatedAt, limit }, { Tweet, user }) { - return Tweet.authorized({ - doc: Tweet.all({ lastCreatedAt, limit }), - mode: 'readMany', - user - }); + async tweets(root, { lastCreatedAt, limit }, { Tweet, user }) { + const doc = await Tweet.all({ lastCreatedAt, limit }); + return Tweet.authorized({doc, mode: 'readMany', user}); }, - tweet(root, { id }, { Tweet, user }) { - return Tweet.authorized({ - doc: Tweet.findOneById(id), - mode: 'readOne', - user - }); + async tweet(root, { id }, { Tweet, user }) { + const doc = await Tweet.findOneById(id); + return Tweet.authorized({doc, mode: 'readOne', user}); }, }, Mutation: { async createTweet(root, { input }, { Tweet, user }) { - const authorized = Tweet.isAuthorized({ - doc: input, - mode: 'create', - user - }); - if (!authorized) throw new Error('Not authorized'); + const doc = input; + const authorized = Tweet.isAuthorized({doc, mode: 'create', user}); + if (!authorized) throw new Error('Tweet: mode: create not authorized'); const id = await Tweet.insert(input); return Tweet.findOneById(id); }, async updateTweet(root, { id, input }, { Tweet, user }) { - const authorized = Tweet.isAuthorized({ - doc: Tweet.findOneById(id), - mode: 'update', - user - }); - if (!authorized) throw new Error('Not authorized'); + const doc = await Tweet.findOneById(id); + const authorized = Tweet.isAuthorized({doc, mode: 'update', user}); + if (!authorized) throw new Error('Tweet: mode: update not authorized'); await Tweet.updateById(id, input); return Tweet.findOneById(id); }, - removeTweet(root, { id }, { Tweet, user }) { - const authorized = Tweet.isAuthorized({ - doc: Tweet.findOneById(id), - mode: 'delete', - user - }); - if (!authorized) throw new Error('Not authorized'); + async removeTweet(root, { id }, { Tweet, user }) { + const doc = await Tweet.findOneById(id); + const authorized = Tweet.isAuthorized({doc, mode: 'delete', user}); + if (!authorized) throw new Error('Tweet: mode: delete not authorized'); return Tweet.removeById(id); }, }, diff --git a/test/output-app/resolvers/User.js b/test/output-app/resolvers/User.js index a5cef19..af99b67 100644 --- a/test/output-app/resolvers/User.js +++ b/test/output-app/resolvers/User.js @@ -21,52 +21,37 @@ const resolvers = { }, }, Query: { - users(root, { lastCreatedAt, limit }, { User, user }) { - return User.authorized({ - doc: User.all({ lastCreatedAt, limit }), - mode: 'readMany', - user - }); + async users(root, { lastCreatedAt, limit }, { User, user }) { + const doc = await User.all({ lastCreatedAt, limit }); + return User.authorized({doc, mode: 'readMany', user}); }, - user(root, { id }, { User, user }) { - return User.authorized({ - doc: User.findOneById(id), - mode: 'readOne', - user - }); + async user(root, { id }, { User, user }) { + const doc = await User.findOneById(id); + return User.authorized({doc, mode: 'readOne', user}); }, }, Mutation: { async createUser(root, { input }, { User, user }) { - const authorized = User.isAuthorized({ - doc: input, - mode: 'create', - user - }); - if (!authorized) throw new Error('Not authorized'); + const doc = input; + const authorized = User.isAuthorized({doc, mode: 'create', user}); + if (!authorized) throw new Error('User: mode: create not authorized'); const id = await User.insert(input); return User.findOneById(id); }, async updateUser(root, { id, input }, { User, user }) { - const authorized = User.isAuthorized({ - doc: User.findOneById(id), - mode: 'update', - user - }); - if (!authorized) throw new Error('Not authorized'); + const doc = await User.findOneById(id); + const authorized = User.isAuthorized({doc, mode: 'update', user}); + if (!authorized) throw new Error('User: mode: update not authorized'); await User.updateById(id, input); return User.findOneById(id); }, - removeUser(root, { id }, { User, user }) { - const authorized = User.isAuthorized({ - doc: User.findOneById(id), - mode: 'delete', - user - }); - if (!authorized) throw new Error('Not authorized'); + async removeUser(root, { id }, { User, user }) { + const doc = await User.findOneById(id); + const authorized = User.isAuthorized({doc, mode: 'delete', user}); + if (!authorized) throw new Error('User: mode: delete not authorized'); return User.removeById(id); }, }, diff --git a/test/output-app/schema/User.graphql b/test/output-app/schema/User.graphql index f504c7f..24d861e 100644 --- a/test/output-app/schema/User.graphql +++ b/test/output-app/schema/User.graphql @@ -1,5 +1,6 @@ type User { id: ObjID! + role: String! username: String! bio: String notify: Boolean @@ -18,12 +19,14 @@ extend type Query { input CreateUserInput { username: String! + role: String! bio: String notify: Boolean } input UpdateUserInput { username: String! + role: String bio: String notify: Boolean } diff --git a/test/seeds/User.json b/test/seeds/User.json index 6012a04..0c33842 100644 --- a/test/seeds/User.json +++ b/test/seeds/User.json @@ -1,3 +1,3 @@ -{"_id":{"$oid":"583291a1638566b3c5a92ca1"},"bio":"tech lead @meteorjs @apollographql","createdAt":1.479776905993e+12,"followingIds":[{"$oid":"583291a1638566b3c5a92ca0"}],"likedIds":[{"$oid":"583676d3618530145474e350"},{"$oid":"583676d3618530145474e351"}],"updatedAt":1.479776905993e+12,"username":"stubailo", "role":"editor"} -{"_id":{"$oid":"583291a1638566b3c5a92ca0"},"bio":"I build things with @percolatestudio. Author of @discovermeteor. Exploring how to improve user experience through technology, design and performance.","createdAt":1.479776904993e+12,"followingIds":[{"$oid":"583291a1638566b3c5a92ca1"},{"$oid":"583291a1638566b3c5a92ca2"}],"likedIds":[{"$oid":"583676d3618530145474e352"},{"$oid":"583676d3618530145474e353"},{"$oid":"583676d3618530145474e354"}],"updatedAt":1.479776904993e+12,"username":"tmeasday", "role": "admin"} +{"_id":{"$oid":"583291a1638566b3c5a92ca1"},"bio":"tech lead @meteorjs @apollographql","createdAt":1.479776905993e+12,"followingIds":[{"$oid":"583291a1638566b3c5a92ca0"}],"likedIds":[{"$oid":"583676d3618530145474e350"},{"$oid":"583676d3618530145474e351"}],"updatedAt":1.479776905993e+12,"username":"stubailo", "role":"admin"} +{"_id":{"$oid":"583291a1638566b3c5a92ca0"},"bio":"I build things with @percolatestudio. Author of @discovermeteor. Exploring how to improve user experience through technology, design and performance.","createdAt":1.479776904993e+12,"followingIds":[{"$oid":"583291a1638566b3c5a92ca1"},{"$oid":"583291a1638566b3c5a92ca2"}],"likedIds":[{"$oid":"583676d3618530145474e352"},{"$oid":"583676d3618530145474e353"},{"$oid":"583676d3618530145474e354"}],"updatedAt":1.479776904993e+12,"username":"tmeasday", "role": "editor", "hash":"$2a$10$SeepHv0X3GZfSzl0uqlXmucLsP2VjdI.nuA0UJnmOtEecLSx.RiWe"} {"_id":{"$oid":"583291a1638566b3c5a92ca2"},"bio":"Co-founder of Parse, now at Facebook. Ex Google search quality, game developer \u0026 math contester.","createdAt":1.479776906993e+12,"followingIds":[{"$oid":"583291a1638566b3c5a92ca1"}],"likedIds":[{"$oid":"583676d3618530145474e350"},{"$oid":"583676d3618530145474e353"}],"updatedAt":1.479776906993e+12,"username":"lacker", "role": "user"} From 8f86cfff396c1bdf67da1956b6df9ee2fa9e465c Mon Sep 17 00:00:00 2001 From: Tobias Klemmer Date: Sun, 28 May 2017 22:13:17 +0200 Subject: [PATCH 04/69] added further authorization tests --- test/input/User.graphql | 1 + test/output-app-end-to-end/index.js | 5 +- test/output-app-end-to-end/mutations.js | 146 ------- test/output-app-end-to-end/sendQuery.js | 22 +- test/output-app-end-to-end/test-1-roles.js | 70 +++ ...=> test-2-queries-with-user-role-admin.js} | 14 +- .../test-3-mutations-with-user-role-admin.js | 413 ++++++++++++++++++ .../test-4-mutations-with-unknown-user.js | 187 ++++++++ .../test-5-mutations-with-user-role-user.js | 329 ++++++++++++++ .../test-6-mutations-with-user-role-editor.js | 329 ++++++++++++++ test/output-app/model/Tweet.js | 13 +- test/output-app/model/User.js | 25 +- test/output-app/resolvers/User.js | 3 +- test/output-app/schema/Tweet.graphql | 2 +- 14 files changed, 1387 insertions(+), 172 deletions(-) delete mode 100644 test/output-app-end-to-end/mutations.js create mode 100644 test/output-app-end-to-end/test-1-roles.js rename test/output-app-end-to-end/{queries.js => test-2-queries-with-user-role-admin.js} (91%) create mode 100644 test/output-app-end-to-end/test-3-mutations-with-user-role-admin.js create mode 100644 test/output-app-end-to-end/test-4-mutations-with-unknown-user.js create mode 100644 test/output-app-end-to-end/test-5-mutations-with-user-role-user.js create mode 100644 test/output-app-end-to-end/test-6-mutations-with-user-role-editor.js diff --git a/test/input/User.graphql b/test/input/User.graphql index 2dbd765..1618b53 100644 --- a/test/input/User.graphql +++ b/test/input/User.graphql @@ -5,6 +5,7 @@ type User readOne: ["owner", "admin"] readMany: ["admin"] update: ["owner", "admin"] + updateRole: ["admin"] delete: ["owner", "admin"] ownerField: "_id" roleField: "role" diff --git a/test/output-app-end-to-end/index.js b/test/output-app-end-to-end/index.js index 9d15fe1..8cc625b 100644 --- a/test/output-app-end-to-end/index.js +++ b/test/output-app-end-to-end/index.js @@ -1,7 +1,6 @@ import { describe, it } from 'mocha'; import { assert } from 'chai'; - -import { sendQuery } from './sendQuery'; +import { sendQuery, adminUser } from './sendQuery'; describe('environment', () => { it('graphql server should be available', () => { @@ -11,7 +10,7 @@ describe('environment', () => { } }`; - return sendQuery({ query, operationName: 'foo' }) + return sendQuery({ query, operationName: 'foo', userId: adminUser }) .then((result) => { assert.isDefined(result.data); }); diff --git a/test/output-app-end-to-end/mutations.js b/test/output-app-end-to-end/mutations.js deleted file mode 100644 index a2eb59e..0000000 --- a/test/output-app-end-to-end/mutations.js +++ /dev/null @@ -1,146 +0,0 @@ -import { describe, it } from 'mocha'; -import { assert } from 'chai'; - -import { sendQuery, sendQueryAndExpect } from './sendQuery'; - -describe('mutations', () => { - describe('users', () => { - it('can do CRUD', () => { - function makeInput(user) { - return `{ - username: "${user.username}", - bio: "${user.bio}", - role: "${user.role}" - }`; - } - - const expectedUser = { - username: 'zol', - bio: 'Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead', - role: 'admin' - }; - - const modifiedUser = { - username: 'zoltan', - bio: 'Maker of things, I guess', - role: 'admin' - }; - - let userId; - return sendQuery({ query: ` - mutation { - createUser(input: ${makeInput(expectedUser)}) { - id - } - } - ` }) - .then((result) => { - assert.isNotNull(result.data); - assert.isNotNull(result.data.createUser); - assert.isNotNull(result.data.createUser.id); - userId = result.data.createUser.id; - }) - .then(() => - sendQueryAndExpect( - `{ user(id: "${userId}") { username, bio, role } }`, - { user: expectedUser }) - ) - .then(() => - sendQueryAndExpect(` - mutation { - updateUser(id: "${userId}", input: ${makeInput(modifiedUser)}) { - username - bio - role - } - } - `, { updateUser: modifiedUser }) - ) - .then(() => - sendQueryAndExpect( - `{ user(id: "${userId}") { username, bio, role } }`, - { user: modifiedUser }) - ) - .then(() => - sendQueryAndExpect( - `mutation { removeUser(id: "${userId}") }`, - { removeUser: true }) - ) - .then(() => - sendQueryAndExpect( - `{ user(id: "${userId}") { username, bio, role } }`, - { user: null }) - ); - }); - }); - - describe('tweets', () => { - it('can do CRUD', () => { - function makeInput(tweet) { - if (tweet.author) { - return `{ - authorId: "${tweet.author.id}", - body: "${tweet.body}" - }`; - } - return `{ - body: "${tweet.body}" - }`; - } - - const expectedTweet = { - author: { id: '583291a1638566b3c5a92ca1' }, - body: 'This is a test tweet', - }; - - const modifiedTweet = { - body: 'This is a modified test', - }; - - let tweetId; - return sendQuery({ query: ` - mutation { - createTweet(input: ${makeInput(expectedTweet)}) { - id - } - } - ` }) - .then((result) => { - assert.isNotNull(result.data); - assert.isNotNull(result.data.createTweet); - assert.isNotNull(result.data.createTweet.id); - tweetId = result.data.createTweet.id; - console.log('tweetId', tweetId); - }) - .then(() => - sendQueryAndExpect( - `{ tweet(id: "${tweetId}") { author { id } body } }`, - { tweet: expectedTweet }) - ) - .then(() => - sendQueryAndExpect(` - mutation { - updateTweet(id: "${tweetId}", input: ${makeInput(modifiedTweet)}) { - body - } - } - `, { updateTweet: modifiedTweet }) - ) - .then(() => - sendQueryAndExpect( - `{ tweet(id: "${tweetId}") { body } }`, - { tweet: modifiedTweet }) - ) - .then(() => - sendQueryAndExpect( - `mutation { removeTweet(id: "${tweetId}") }`, - { removeTweet: true }) - ) - .then(() => - sendQueryAndExpect( - `{ tweet(id: "${tweetId}") { body } }`, - { tweet: null }) - ); - }); - }); -}); diff --git a/test/output-app-end-to-end/sendQuery.js b/test/output-app-end-to-end/sendQuery.js index db9eb13..50f1e8a 100644 --- a/test/output-app-end-to-end/sendQuery.js +++ b/test/output-app-end-to-end/sendQuery.js @@ -1,14 +1,28 @@ import fetch from 'node-fetch'; import { assert } from 'chai'; +import jwt from '../output-app/node_modules/jwt-simple'; const ENDPOINT = 'http://localhost:3000/graphql'; -export function sendQuery({ query }) { +// For testing different user authorizations, set users to: +export const unknownUser = ''; // not signed in +export const defaultUser = '583291a1638566b3c5a92ca2'; // role = 'user' +export const roleUser = '583291a1638566b3c5a92ca0'; // role = 'editor' +export const adminUser = '583291a1638566b3c5a92ca1'; // role = 'admin' + +export function getToken(userId, KEY='test-key'){ + const payload = { userId }; + const token = (userId && userId !== '') ? `JWT ${jwt.encode(payload, KEY)}` : null; + return token; +} + +export function sendQuery({ query, userId }) { + const token = getToken(userId); return fetch(ENDPOINT, { method: 'POST', headers: { 'content-type': 'application/json', - 'authorization': 'JWT eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VySWQiOiI1ODMyOTFhMTYzODU2NmIzYzVhOTJjYTEifQ.QaJYP81K7kgB8FVw6bOK7XSZYI6_gn9GCOlDToQcu0Q', + 'authorization': token, }, body: JSON.stringify({ query }), }).then((response) => { @@ -17,8 +31,8 @@ export function sendQuery({ query }) { }); } -export function sendQueryAndExpect(query, expectedResult) { - return sendQuery({ query }) +export function sendQueryAndExpect(query, expectedResult, userId) { + return sendQuery({ query, userId }) .then((result) => { assert.isDefined(result.data); assert.deepEqual(result.data, expectedResult); diff --git a/test/output-app-end-to-end/test-1-roles.js b/test/output-app-end-to-end/test-1-roles.js new file mode 100644 index 0000000..103c8c9 --- /dev/null +++ b/test/output-app-end-to-end/test-1-roles.js @@ -0,0 +1,70 @@ +import { describe, it } from 'mocha'; +import { assert } from 'chai'; +import { sendQuery, defaultUser, roleUser, adminUser } from './sendQuery'; + +describe('test-1: roles', () => { + + describe('adminUser: stubailo', () => { + it('has role "admin"', () => { + return sendQuery({query: + `query { + user(id: "${adminUser}") { + role + username + } + }`, + userId: adminUser + }).then(result => { + assert.isDefined(result.data); + assert.isDefined(result.data.user); + assert.isDefined(result.data.user.role); + assert.equal(result.data.user.role, 'admin'); + assert.equal(result.data.user.username, 'stubailo'); + return false; + }) + }) + }); + + describe('roleUser: tmeasday', () => { + it('has role "editor"', () => { + return sendQuery({query: + `query { + user(id: "${roleUser}") { + role + username + } + }`, + userId: adminUser + }).then(result => { + assert.isDefined(result.data); + assert.isDefined(result.data.user); + assert.isDefined(result.data.user.role); + assert.equal(result.data.user.role, 'editor'); + assert.equal(result.data.user.username, 'tmeasday'); + return false; + }) + }) + }); + + describe('defaultUser: lacker', () => { + it('has role "user"', () => { + return sendQuery({query: + `query { + user(id: "${defaultUser}") { + role + username + } + }`, + userId: adminUser + }).then(result => { + assert.isDefined(result.data); + assert.isDefined(result.data.user); + assert.isDefined(result.data.user.role); + assert.equal(result.data.user.role, 'user'); + assert.equal(result.data.user.username, 'lacker'); + return false; + }) + }) + }); + +}); \ No newline at end of file diff --git a/test/output-app-end-to-end/queries.js b/test/output-app-end-to-end/test-2-queries-with-user-role-admin.js similarity index 91% rename from test/output-app-end-to-end/queries.js rename to test/output-app-end-to-end/test-2-queries-with-user-role-admin.js index 5a40453..043f743 100644 --- a/test/output-app-end-to-end/queries.js +++ b/test/output-app-end-to-end/test-2-queries-with-user-role-admin.js @@ -1,12 +1,13 @@ import { describe, it } from 'mocha'; import { assert } from 'chai'; +import { sendQuery, sendQueryAndExpect, unknownUser, defaultUser, roleUser, adminUser } from './sendQuery'; -import { sendQuery, sendQueryAndExpect } from './sendQuery'; -describe('queries', () => { +describe('test-2: queries as user with role "admin"', () => { + function itQueries(name, query, expectedResult) { it(name, () => { - sendQueryAndExpect(query, expectedResult); + sendQueryAndExpect(query, expectedResult, adminUser); }); } @@ -39,19 +40,21 @@ describe('queries', () => { } let lastCreatedAt; - return sendQuery({ query: constructQuery() }) + return sendQuery({ query: constructQuery(), userId: adminUser }) .then((result) => { const items = checkResult(result, 0, expectedItems.length); lastCreatedAt = items[0].createdAt; }) - .then(() => sendQuery({ query: constructQuery('(limit: 1)') })) + .then(() => sendQuery({ query: constructQuery('(limit: 1)'), userId: adminUser })) .then(result => checkResult(result, 0, 1)) .then(() => sendQuery({ query: constructQuery(`(lastCreatedAt: ${lastCreatedAt})`), + userId: adminUser, })) .then(result => checkResult(result, 1, expectedItems.length - 1)) .then(() => sendQuery({ query: constructQuery(`(lastCreatedAt: ${lastCreatedAt}, limit: 1)`), + userId: adminUser, })) .then(result => checkResult(result, 1, Math.min(expectedItems.length - 1, 1)) @@ -138,3 +141,4 @@ describe('queries', () => { }, [{ username: 'tmeasday' }, { username: 'lacker' }]); }); }); + diff --git a/test/output-app-end-to-end/test-3-mutations-with-user-role-admin.js b/test/output-app-end-to-end/test-3-mutations-with-user-role-admin.js new file mode 100644 index 0000000..7ae6243 --- /dev/null +++ b/test/output-app-end-to-end/test-3-mutations-with-user-role-admin.js @@ -0,0 +1,413 @@ +import { describe, it } from 'mocha'; +import { assert } from 'chai'; +import { sendQuery, sendQueryAndExpect, roleUser, adminUser } from './sendQuery'; + +let newUser; +let otherUser; +let tweetId; +let tweetIdOthers; + +function makeUserInput(user) { + return `{ + username: "${user.username}", + bio: "${user.bio}", + role: "${user.role}" + }`; +} + +function makeTweetInput(tweet, userId) { + if (tweet.author) { + return `{ + authorId: "${userId ? userId : tweet.author.id}", + body: "${tweet.body}" + }`; + } + return `{ + body: "${tweet.body}" + }`; +} + +describe('test-3: user with role "admin"', () => { + + before(function(done) { + const expectedUser = { + username: 'tobkle', + bio: 'someone', + role: 'admin' + }; + sendQuery({query: ` + mutation { + createUser(input: ${makeUserInput(expectedUser)}) { + id + role + } + } + `, + userId: adminUser + }) + .then(result => { + assert.isNotNull(result.data); + assert.isNotNull(result.data.createUser); + assert.isNotNull(result.data.createUser.id); + assert.equal(result.data.createUser.role, 'admin'); + newUser = result.data.createUser.id; + done(); + }) + }); + + describe('on type "user" (part 1)...', () => { + + it('admin user created new user "tobkle" with role "admin" for the next tests...', () => { + assert.isNotNull(newUser); + }); + + it('can create new users', () => { + const expectedUser = { + username: 'zol', + bio: 'Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead', + role: 'editor' + }; + return sendQuery({query: ` + mutation { + createUser(input: ${makeUserInput(expectedUser)}) { + id + } + } + `, + userId: newUser + }) + .then((result) => { + assert.isNotNull(result.data); + assert.isNotNull(result.data.createUser); + assert.isNotNull(result.data.createUser.id); + otherUser = result.data.createUser.id; + + let expectedTweet = { + author: { id: otherUser }, + body: 'This is a test tweet of user zoltan', + }; + + sendQuery({ query: ` + mutation { + createTweet(input: ${makeTweetInput(expectedTweet, otherUser)}) { + id + } + } + `, + userId: otherUser + }) + .then((result) => { + assert.isNotNull(result.data); + assert.isNotNull(result.data.createTweet); + assert.isNotNull(result.data.createTweet.id); + tweetIdOthers = result.data.createTweet.id; + }); + }); + }); + + it('can read other users', () => { + return sendQueryAndExpect(` + { user(id: "${otherUser}") { username, bio, role } } + `, { + user: { + username: 'zol', + bio: 'Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead', + role: 'editor' + } + }, + newUser) + }); + + it('can read himself', () => { + return sendQueryAndExpect(` + { user(id: "${newUser}") { username, role } } + `, { + user: { + username: 'tobkle', + role: 'admin' + } + }, + newUser) + }); + + it('can update other users', () => { + const modifiedUser = { + username: 'zoltan', + bio: 'Maker of things, I guess', + role: 'editor' + }; + return sendQueryAndExpect(` + mutation { + updateUser(id: "${otherUser}", input: ${makeUserInput(modifiedUser)}) { + username + bio + role + } + } + `, { updateUser: modifiedUser }, + newUser) + }); + + it('can update himself', () => { + const modifiedUser = { + username: 'tobkle', + bio: 'Maker of things, I guess', + role: 'admin' + }; + return sendQueryAndExpect(` + mutation { + updateUser(id: "${newUser}", input: ${makeUserInput(modifiedUser)}) { + username + bio + role + } + } + `, { + updateUser: modifiedUser + }, + newUser) + }); + + it('can update role of other user to "admin"', () => { + const modifiedUser = { + username: 'zoltan', + bio: 'now an admin', + role: 'admin' + }; + return sendQueryAndExpect(` + mutation { + updateUser(id: "${otherUser}", input: ${makeUserInput(modifiedUser)}) { + username + bio + role + } + } + `, { + updateUser: modifiedUser + }, + newUser) + }); + + it('can update his role from "admin" to "editor"', () => { + const modifiedUser = { + username: 'tobkle', + bio: 'Maker of things, I guess', + role: 'editor' + }; + return sendQueryAndExpect(` + mutation { + updateUser(id: "${newUser}", input: ${makeUserInput(modifiedUser)}) { + username + bio + role + } + } + `, { + updateUser: modifiedUser + }, + newUser) + }); + + it('can not update own role while being "editor"', () => { + const modifiedUser = { + username: 'tobkle', + bio: 'Maker of things, I guess', + role: 'admin' + }; + return sendQueryAndExpect(` + mutation { + updateUser(id: "${newUser}", input: ${makeUserInput(modifiedUser)}) { + username + bio + role + } + } + `, { + updateUser: { + username: 'tobkle', + bio: 'Maker of things, I guess', + role: 'editor' + } + }, + newUser) + }); + + it('other user with role "admin" can update role for user "tobkle" back to "admin"', () => { + const modifiedUser = { + username: 'tobkle', + bio: 'Maker of things, I guess', + role: 'admin' + }; + return sendQueryAndExpect(` + mutation { + updateUser(id: "${newUser}", input: ${makeUserInput(modifiedUser)}) { + username + bio + role + } + } + `, { + updateUser: modifiedUser + }, + otherUser) + }); + + it('can delete other users', () => { + return sendQueryAndExpect(` + mutation { + removeUser(id: "${otherUser}") + } + `, { + removeUser: true + }, + newUser) + }); + + }); + + describe('on type "tweet"...', () => { + + let expectedTweet = { + author: { id: newUser }, + body: 'This is a test tweet of user tobkle', + }; + + const expectedTweetOtherAuthor = { + author: { id: adminUser }, + body: 'We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:', + }; + + const modifiedTweet = { + body: 'This is a modified test tweet', + }; + + before(function (done) { + expectedTweet.author.id = newUser; + sendQuery({ query: ` + mutation { + createTweet(input: ${makeTweetInput(expectedTweet, newUser)}) { + id + } + } + `, + userId: newUser + }) + .then((result) => { + assert.isNotNull(result.data); + assert.isNotNull(result.data.createTweet); + assert.isNotNull(result.data.createTweet.id); + tweetId = result.data.createTweet.id; + done(); + }) + }); + + it('can create tweet for himself', () => { + assert.isNotNull(tweetId); + }); + + it('can not create tweet for other author', () => { + return sendQueryAndExpect(` + mutation { + createTweet(input: ${makeTweetInput(expectedTweetOtherAuthor, adminUser)}) { + id + } + } + `, + { createTweet: null }, + newUser); + }); + + it('can read own tweet', () => { + expectedTweet.author.id = newUser; + return sendQueryAndExpect( + `{ tweet(id: "${tweetId}") { author { id } body } }`, + { tweet: expectedTweet }, + newUser) + }); + + it('can read others tweet', () => { + return sendQueryAndExpect( + `{ tweet(id: "583676d3618530145474e352") { author { id } body } }`, + { tweet: expectedTweetOtherAuthor }, + newUser) + }); + + it('can update own tweet', () => { + return sendQueryAndExpect(` + mutation { + updateTweet(id: "${tweetId}", input: ${makeTweetInput(modifiedTweet, newUser)}) { + body + } + } + `, + { updateTweet: modifiedTweet }, + newUser) + }); + + it('can update other users tweet', () => { + return sendQueryAndExpect(` + mutation { + updateTweet(id: "${tweetIdOthers}", input: ${makeTweetInput(modifiedTweet)}) { + body + } + } + `, + { updateTweet: modifiedTweet }, + newUser) + }); + + it('can read updated tweet correctly', () => { + return sendQueryAndExpect( + `{ tweet(id: "${tweetId}") { body } }`, + { tweet: modifiedTweet }, + newUser) + }); + + it('can remove own tweet', () => { + return sendQueryAndExpect( + `mutation { removeTweet(id: "${tweetId}") }`, + { removeTweet: true }, + newUser) + }); + + it('can remove other users tweet', () => { + return sendQueryAndExpect( + `mutation { removeTweet(id: "${tweetIdOthers}") }`, + { removeTweet: true }, + newUser) + }); + + it('can not read removed tweet anymore', () => { + return sendQueryAndExpect( + `{ tweet(id: "${tweetId}") { body } }`, + { tweet: null }, + newUser) + }); + + }); + + describe('on type "user" (part 2)...', () => { + + it('can delete himself', () => { + return sendQueryAndExpect(` + mutation { + removeUser(id: "${newUser}") + } + `, { + removeUser: true + }, + newUser) + }); + + it('user "tobkle" is deleted', () => { + return sendQueryAndExpect(` + { user(id: "${newUser}") { username, bio, role } } + `, { + user: null + }, + newUser) + }); + + }); + +}); \ No newline at end of file diff --git a/test/output-app-end-to-end/test-4-mutations-with-unknown-user.js b/test/output-app-end-to-end/test-4-mutations-with-unknown-user.js new file mode 100644 index 0000000..3ed7eab --- /dev/null +++ b/test/output-app-end-to-end/test-4-mutations-with-unknown-user.js @@ -0,0 +1,187 @@ +import { describe, it } from 'mocha'; +import { assert } from 'chai'; +import { sendQuery, sendQueryAndExpect, unknownUser, adminUser } from './sendQuery'; + +let newUser; +let tweetId; +const tweetIdOthers = '583676d3618530145474e352'; + +function makeUserInput(user) { + return `{ + username: "${user.username}", + bio: "${user.bio}", + role: "${user.role}" + }`; +} + +function makeTweetInput(tweet, userId) { + if (tweet.author) { + return `{ + authorId: "${userId ? userId : tweet.author.id}", + body: "${tweet.body}" + }`; + } + return `{ + body: "${tweet.body}" + }`; +} + +describe('test-4: unkown user (e.g. not signed in, or expired token)', () => { + + describe('on type "user" (part 1)...', () => { + + it('can not create users', () => { + const expectedUser = { + username: 'zol', + bio: 'Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead', + role: 'user' + }; + return sendQuery({query: ` + mutation { + createUser(input: ${makeUserInput(expectedUser)}) { + id + } + } + `, + userId: unknownUser + }) + .then((result) => { + assert.isNotNull(result.data); + assert.isNull(result.data.createUser); + }) + }); + + it('can not read other users', () => { + return sendQueryAndExpect(` + { user(id: "${adminUser}") { username, bio, role } } + `, { + user: null + }, + unknownUser) + }); + + it('can not update other users', () => { + const modifiedUser = { + username: 'zoltan', + bio: 'Maker of things, I guess', + role: 'admin' + }; + return sendQueryAndExpect(` + mutation { + updateUser(id: "${adminUser}", input: ${makeUserInput(modifiedUser)}) { + username + bio + role + } + } + `, { updateUser: null }, + unknownUser) + }); + + it('can not delete other users', () => { + return sendQueryAndExpect(` + mutation { + removeUser(id: "${adminUser}") + } + `, { + removeUser: null + }, + unknownUser) + }); + + }); + + describe('on type "tweet"...', () => { + + let expectedTweet = { + author: { id: newUser }, + body: 'This is a test tweet of user tobkle', + }; + + const expectedTweetOtherAuthor = { + author: { id: adminUser }, + body: 'We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:', + }; + + const modifiedTweet = { + body: 'This is a modified test tweet', + }; + + before(function (done) { + expectedTweet.author.id = unknownUser; + sendQuery({ query: ` + mutation { + createTweet(input: ${makeTweetInput(expectedTweet, unknownUser)}) { + id + } + } + `, + userId: unknownUser + }) + .then((result) => { + assert.isNotNull(result.data); + assert.isNull(result.data.createTweet); + done(); + }) + .catch((error) => { + done(); + }); + }); + + it('can not create tweet for himself', () => { + assert.isUndefined(tweetId); + }); + + it('can not create tweet for other author', () => { + return sendQueryAndExpect(` + mutation { + createTweet(input: ${makeTweetInput(expectedTweetOtherAuthor, adminUser)}) { + id + } + } + `, + { createTweet: null }, + unknownUser); + }); + + it('can read others tweet', () => { + return sendQueryAndExpect( + `{ tweet(id: "${tweetIdOthers}") { author { id } body } }`, + { tweet: expectedTweetOtherAuthor }, + unknownUser) + }); + + it('can not update own tweet', () => { + return sendQueryAndExpect(` + mutation { + updateTweet(id: "${tweetIdOthers}", input: ${makeTweetInput(modifiedTweet, unknownUser)}) { + body + } + } + `, + { updateTweet: null }, + unknownUser) + }); + + it('can not update others tweet', () => { + return sendQueryAndExpect(` + mutation { + updateTweet(id: "${tweetIdOthers}", input: ${makeTweetInput(modifiedTweet)}) { + body + } + } + `, + { updateTweet: null }, + unknownUser) + }); + + it('can not remove other users tweet', () => { + return sendQueryAndExpect( + `mutation { removeTweet(id: "${tweetIdOthers}") }`, + { removeTweet: null }, + unknownUser) + }); + + }); + +}); \ No newline at end of file diff --git a/test/output-app-end-to-end/test-5-mutations-with-user-role-user.js b/test/output-app-end-to-end/test-5-mutations-with-user-role-user.js new file mode 100644 index 0000000..e496e05 --- /dev/null +++ b/test/output-app-end-to-end/test-5-mutations-with-user-role-user.js @@ -0,0 +1,329 @@ +import { describe, it } from 'mocha'; +import { assert } from 'chai'; +import { sendQuery, sendQueryAndExpect, roleUser, adminUser } from './sendQuery'; + +let newUser; +let tweetId; +const tweetIdOthers = '583676d3618530145474e352'; + +function makeUserInput(user) { + return `{ + username: "${user.username}", + bio: "${user.bio}", + role: "${user.role}" + }`; +} + +function makeTweetInput(tweet, userId) { + if (tweet.author) { + return `{ + authorId: "${userId ? userId : tweet.author.id}", + body: "${tweet.body}" + }`; + } + return `{ + body: "${tweet.body}" + }`; +} + +describe('test-5: user with role "user"', () => { + + before(function(done) { + const expectedUser = { + username: 'tobkle', + bio: 'someone', + role: 'user' + }; + sendQuery({query: ` + mutation { + createUser(input: ${makeUserInput(expectedUser)}) { + id + role + } + } + `, + userId: adminUser + }) + .then(result => { + assert.isNotNull(result.data); + assert.isNotNull(result.data.createUser); + assert.isNotNull(result.data.createUser.id); + assert.equal(result.data.createUser.role, 'user'); + newUser = result.data.createUser.id; + done(); + }) + }); + + describe('on type "user" (part 1)...', () => { + + it('admin user created new user "tobkle" with role "user" for the next tests...', () => { + assert.isNotNull(newUser); + }); + + it('can not create users', () => { + const expectedUser = { + username: 'zol', + bio: 'Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead', + role: 'user' + }; + return sendQuery({query: ` + mutation { + createUser(input: ${makeUserInput(expectedUser)}) { + id + } + } + `, + userId: newUser + }) + .then((result) => { + assert.isNotNull(result.data); + assert.isNull(result.data.createUser); + }) + }); + + it('can not read other users', () => { + return sendQueryAndExpect(` + { user(id: "${adminUser}") { username, bio, role } } + `, { + user: null + }, + newUser) + }); + + it('can read himself', () => { + return sendQueryAndExpect(` + { user(id: "${newUser}") { username, role } } + `, { + user: { + username: 'tobkle', + role: 'user' + } + }, + newUser) + }); + + it('can not update other users', () => { + const modifiedUser = { + username: 'zoltan', + bio: 'Maker of things, I guess', + role: 'admin' + }; + return sendQueryAndExpect(` + mutation { + updateUser(id: "${adminUser}", input: ${makeUserInput(modifiedUser)}) { + username + bio + role + } + } + `, { updateUser: null }, + newUser) + }); + + it('can update himself', () => { + const modifiedUser = { + username: 'tobkle', + bio: 'Maker of things, I guess', + role: 'user' + }; + return sendQueryAndExpect(` + mutation { + updateUser(id: "${newUser}", input: ${makeUserInput(modifiedUser)}) { + username + bio + role + } + } + `, { + updateUser: { + username: 'tobkle', + bio: 'Maker of things, I guess', + role: 'user' + } + }, + newUser) + }); + + it('can not update his role', () => { + const modifiedUser = { + username: 'tobkle', + bio: 'Maker of things, I guess', + role: 'admin' + }; + return sendQueryAndExpect(` + mutation { + updateUser(id: "${newUser}", input: ${makeUserInput(modifiedUser)}) { + username + bio + role + } + } + `, { + updateUser: { + username: 'tobkle', + bio: 'Maker of things, I guess', + role: 'user' + } + }, + newUser) + }); + + it('can not delete other users', () => { + return sendQueryAndExpect(` + mutation { + removeUser(id: "${adminUser}") + } + `, { + removeUser: null + }, + newUser) + }); + + }); + + describe('on type "tweet"...', () => { + + let expectedTweet = { + author: { id: newUser }, + body: 'This is a test tweet of user tobkle', + }; + + const expectedTweetOtherAuthor = { + author: { id: adminUser }, + body: 'We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:', + }; + + const modifiedTweet = { + body: 'This is a modified test tweet', + }; + + before(function (done) { + expectedTweet.author.id = newUser; + sendQuery({ query: ` + mutation { + createTweet(input: ${makeTweetInput(expectedTweet, newUser)}) { + id + } + } + `, + userId: newUser + }) + .then((result) => { + assert.isNotNull(result.data); + assert.isNotNull(result.data.createTweet); + assert.isNotNull(result.data.createTweet.id); + tweetId = result.data.createTweet.id; + done(); + }) + }); + + it('can create tweet for himself', () => { + assert.isNotNull(tweetId); + }); + + it('can not create tweet for other author', () => { + return sendQueryAndExpect(` + mutation { + createTweet(input: ${makeTweetInput(expectedTweetOtherAuthor, adminUser)}) { + id + } + } + `, + { createTweet: null }, + newUser); + }); + + it('can read own tweet', () => { + expectedTweet.author.id = newUser; + return sendQueryAndExpect( + `{ tweet(id: "${tweetId}") { author { id } body } }`, + { tweet: expectedTweet }, + newUser) + }); + + it('can read others tweet', () => { + return sendQueryAndExpect( + `{ tweet(id: "${tweetIdOthers}") { author { id } body } }`, + { tweet: expectedTweetOtherAuthor }, + newUser) + }); + + it('can update own tweet', () => { + return sendQueryAndExpect(` + mutation { + updateTweet(id: "${tweetId}", input: ${makeTweetInput(modifiedTweet, newUser)}) { + body + } + } + `, + { updateTweet: modifiedTweet }, + newUser) + }); + + it('can not update others tweet', () => { + return sendQueryAndExpect(` + mutation { + updateTweet(id: "${tweetIdOthers}", input: ${makeTweetInput(modifiedTweet)}) { + body + } + } + `, + { updateTweet: null }, + newUser) + }); + + it('can read updated tweet correctly', () => { + return sendQueryAndExpect( + `{ tweet(id: "${tweetId}") { body } }`, + { tweet: modifiedTweet }, + newUser) + }); + + it('can remove own tweet', () => { + return sendQueryAndExpect( + `mutation { removeTweet(id: "${tweetId}") }`, + { removeTweet: true }, + newUser) + }); + + it('can not remove other users tweet', () => { + return sendQueryAndExpect( + `mutation { removeTweet(id: "${tweetIdOthers}") }`, + { removeTweet: null }, + newUser) + }); + + it('can not read removed tweet anymore', () => { + return sendQueryAndExpect( + `{ tweet(id: "${tweetId}") { body } }`, + { tweet: null }, + newUser) + }); + + }); + + describe('on type "user" (part 2)...', () => { + + it('can delete himself', () => { + return sendQueryAndExpect(` + mutation { + removeUser(id: "${newUser}") + } + `, { + removeUser: true + }, + newUser) + }); + + it('user "tobkle" is deleted', () => { + return sendQueryAndExpect(` + { user(id: "${newUser}") { username, bio, role } } + `, { + user: null + }, + newUser) + }); + + }); + +}); \ No newline at end of file diff --git a/test/output-app-end-to-end/test-6-mutations-with-user-role-editor.js b/test/output-app-end-to-end/test-6-mutations-with-user-role-editor.js new file mode 100644 index 0000000..dfb43bb --- /dev/null +++ b/test/output-app-end-to-end/test-6-mutations-with-user-role-editor.js @@ -0,0 +1,329 @@ +import { describe, it } from 'mocha'; +import { assert } from 'chai'; +import { sendQuery, sendQueryAndExpect, roleUser, adminUser } from './sendQuery'; + +let newUser; +let tweetId; +const tweetIdOthers = '583676d3618530145474e352'; + +function makeUserInput(user) { + return `{ + username: "${user.username}", + bio: "${user.bio}", + role: "${user.role}" + }`; +} + +function makeTweetInput(tweet, userId) { + if (tweet.author) { + return `{ + authorId: "${userId ? userId : tweet.author.id}", + body: "${tweet.body}" + }`; + } + return `{ + body: "${tweet.body}" + }`; +} + +describe('test-6: user with role "editor"', () => { + + before(function(done) { + const expectedUser = { + username: 'tobkle', + bio: 'someone', + role: 'editor' + }; + sendQuery({query: ` + mutation { + createUser(input: ${makeUserInput(expectedUser)}) { + id + role + } + } + `, + userId: adminUser + }) + .then(result => { + assert.isNotNull(result.data); + assert.isNotNull(result.data.createUser); + assert.isNotNull(result.data.createUser.id); + assert.equal(result.data.createUser.role, 'editor'); + newUser = result.data.createUser.id; + done(); + }) + }); + + describe('on type "user" (part 1)...', () => { + + it('admin user created new user "tobkle" with role "editor" for the next tests...', () => { + assert.isNotNull(newUser); + }); + + it('can not create users', () => { + const expectedUser = { + username: 'zol', + bio: 'Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead', + role: 'editor' + }; + return sendQuery({query: ` + mutation { + createUser(input: ${makeUserInput(expectedUser)}) { + id + } + } + `, + userId: newUser + }) + .then((result) => { + assert.isNotNull(result.data); + assert.isNull(result.data.createUser); + }) + }); + + it('can not read other users', () => { + return sendQueryAndExpect(` + { user(id: "${adminUser}") { username, bio, role } } + `, { + user: null + }, + newUser) + }); + + it('can read himself', () => { + return sendQueryAndExpect(` + { user(id: "${newUser}") { username, role } } + `, { + user: { + username: 'tobkle', + role: 'editor' + } + }, + newUser) + }); + + it('can not update other users', () => { + const modifiedUser = { + username: 'zoltan', + bio: 'Maker of things, I guess', + role: 'admin' + }; + return sendQueryAndExpect(` + mutation { + updateUser(id: "${adminUser}", input: ${makeUserInput(modifiedUser)}) { + username + bio + role + } + } + `, { updateUser: null }, + newUser) + }); + + it('can update himself', () => { + const modifiedUser = { + username: 'tmeasday', + bio: 'Maker of things, I guess', + role: 'editor' + }; + return sendQueryAndExpect(` + mutation { + updateUser(id: "${newUser}", input: ${makeUserInput(modifiedUser)}) { + username + bio + role + } + } + `, { + updateUser: { + username: 'tmeasday', + bio: 'Maker of things, I guess', + role: 'editor' + } + }, + newUser) + }); + + it('can not update his role', () => { + const modifiedUser = { + username: 'tmeasday', + bio: 'Maker of things, I guess', + role: 'admin' + }; + return sendQueryAndExpect(` + mutation { + updateUser(id: "${newUser}", input: ${makeUserInput(modifiedUser)}) { + username + bio + role + } + } + `, { + updateUser: { + username: 'tmeasday', + bio: 'Maker of things, I guess', + role: 'editor' + } + }, + newUser) + }); + + it('can not delete other users', () => { + return sendQueryAndExpect(` + mutation { + removeUser(id: "${adminUser}") + } + `, { + removeUser: null + }, + newUser) + }); + + }); + + describe('on type "tweet"...', () => { + + let expectedTweet = { + author: { id: newUser }, + body: 'This is a test tweet of user tobkle', + }; + + const expectedTweetOtherAuthor = { + author: { id: adminUser }, + body: 'We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:', + }; + + const modifiedTweet = { + body: 'This is a modified test tweet', + }; + + before(function (done) { + expectedTweet.author.id = newUser; + sendQuery({ query: ` + mutation { + createTweet(input: ${makeTweetInput(expectedTweet, newUser)}) { + id + } + } + `, + userId: newUser + }) + .then((result) => { + assert.isNotNull(result.data); + assert.isNotNull(result.data.createTweet); + assert.isNotNull(result.data.createTweet.id); + tweetId = result.data.createTweet.id; + done(); + }) + }); + + it('can create tweet for himself', () => { + assert.isNotNull(tweetId); + }); + + it('can not create tweet for other author', () => { + return sendQueryAndExpect(` + mutation { + createTweet(input: ${makeTweetInput(expectedTweetOtherAuthor, adminUser)}) { + id + } + } + `, + { createTweet: null }, + newUser); + }); + + it('can read own tweet', () => { + expectedTweet.author.id = newUser; + return sendQueryAndExpect( + `{ tweet(id: "${tweetId}") { author { id } body } }`, + { tweet: expectedTweet }, + newUser) + }); + + it('can read others tweet', () => { + return sendQueryAndExpect( + `{ tweet(id: "${tweetIdOthers}") { author { id } body } }`, + { tweet: expectedTweetOtherAuthor }, + newUser) + }); + + it('can update own tweet', () => { + return sendQueryAndExpect(` + mutation { + updateTweet(id: "${tweetId}", input: ${makeTweetInput(modifiedTweet, newUser)}) { + body + } + } + `, + { updateTweet: modifiedTweet }, + newUser) + }); + + it('can not update others tweet', () => { + return sendQueryAndExpect(` + mutation { + updateTweet(id: "${tweetIdOthers}", input: ${makeTweetInput(modifiedTweet)}) { + body + } + } + `, + { updateTweet: null }, + newUser) + }); + + it('can read updated tweet correctly', () => { + return sendQueryAndExpect( + `{ tweet(id: "${tweetId}") { body } }`, + { tweet: modifiedTweet }, + newUser) + }); + + it('can remove own tweet', () => { + return sendQueryAndExpect( + `mutation { removeTweet(id: "${tweetId}") }`, + { removeTweet: true }, + newUser) + }); + + it('can not remove other users tweet', () => { + return sendQueryAndExpect( + `mutation { removeTweet(id: "${tweetIdOthers}") }`, + { removeTweet: null }, + newUser) + }); + + it('can not read removed tweet anymore', () => { + return sendQueryAndExpect( + `{ tweet(id: "${tweetId}") { body } }`, + { tweet: null }, + newUser) + }); + + }); + + describe('on type "user" (part 2)...', () => { + + it('can delete himself', () => { + return sendQueryAndExpect(` + mutation { + removeUser(id: "${newUser}") + } + `, { + removeUser: true + }, + newUser) + }); + + it('user "tobkle" is deleted', () => { + return sendQueryAndExpect(` + { user(id: "${newUser}") { username, bio, role } } + `, { + user: null + }, + newUser) + }); + + }); + +}); \ No newline at end of file diff --git a/test/output-app/model/Tweet.js b/test/output-app/model/Tweet.js index ce3c820..59e2f45 100644 --- a/test/output-app/model/Tweet.js +++ b/test/output-app/model/Tweet.js @@ -13,19 +13,20 @@ export default class Tweet { // returns the owner of the current document @authorize(ownerField) owner(doc){ - return (doc && doc[this.ownerField]) ? doc[this.ownerField] : null; + return (doc && doc[this.ownerField]) ? doc[this.ownerField].toString() : null; } // returns true, if the current user is authorized for the current mode and document isAuthorized({doc, mode, user, debug = true}){ let authResult = false; - const owner = this.owner(doc); + const ownerId = this.owner(doc); + const userId = (user && user._id) ? user._id.toString() : ''; const role = this.context.User.role(user); switch (mode) { case 'create': // @authorize(create: ["owner"]) - authResult = (!!role && !!user._id); + authResult = (!!role && userId === ownerId); break; case 'readOne': // @authorize(readOne: ["world"]) @@ -37,15 +38,15 @@ export default class Tweet { break; case 'update': // @authorize(update: ["owner", editor"]) - authResult = (!!role && (user._id === owner || role === 'admin')); + authResult = (!!role && (userId === ownerId || role === 'admin')); break; case 'delete': // @authorize(delete: ["owner", "admin"]) - authResult = (!!role && (user._id === owner || role === 'admin')); + authResult = (!!role && (userId === ownerId || role === 'admin')); break; } - (debug) ? console.log('Tweet', mode, owner, role, "===>", authResult) : null; + (debug) ? console.log('Tweet:', doc._id, 'User:', userId, 'Owner:', ownerId, 'Role:', role, 'Mode:', mode, "===>", 'Authorized:', authResult) : null; return authResult; } diff --git a/test/output-app/model/User.js b/test/output-app/model/User.js index cb64bcf..e371f0a 100644 --- a/test/output-app/model/User.js +++ b/test/output-app/model/User.js @@ -14,7 +14,7 @@ export default class User { // returns the owner of the current document @authorize(ownerField) owner(doc){ - return (doc && doc[this.ownerField]) ? doc[this.ownerField] : null; + return (doc && doc[this.ownerField]) ? doc[this.ownerField].toString() : null; } // returns the role of the current user @authorize(roleField) @@ -25,7 +25,8 @@ export default class User { // returns true, if the current user is authorized for the current mode and document isAuthorized({doc, mode, user, debug = true}){ let authResult = false; - const owner = this.owner(doc); + const ownerId = this.owner(doc); + const userId = (user && user._id) ? user._id.toString() : ''; const role = this.context.User.role(user); switch (mode) { @@ -35,7 +36,7 @@ export default class User { break; case 'readOne': // @authorize(readOne: ["owner", "admin"]) - authResult = (!!role && (user._id === owner || role === 'admin')); + authResult = (!!role && (userId === ownerId || role === 'admin')); break; case 'readMany': // @authorize(readMany: ["admin"]) @@ -43,15 +44,15 @@ export default class User { break; case 'update': // @authorize(update: ["owner", "admin"]) - authResult = (!!role && (user._id === owner || role === 'admin')); + authResult = (!!role && (userId == ownerId || role === 'admin')); break; case 'delete': // @authorize(delete: ["owner", "admin"]) - authResult = (!!role && (user._id === owner || role === 'admin')); + authResult = (!!role && (userId === ownerId || role === 'admin')); break; } - (debug) ? console.log('User', mode, owner, role, "===>", authResult) : null; + (debug) ? console.log('User:', userId, 'Owner:', ownerId, 'Role:', role, 'Mode:', mode, "===>", 'Authorized:', authResult) : null; return authResult; } @@ -66,6 +67,18 @@ export default class User { } } + // returns document without role field + // @authorize(updateRole: ["admin"]) + allowedFields(input, user){ + if (user.role === 'admin'){ + return input; + } + if (input[this.roleField]){ + delete input[this.roleField]; + } + return input; + } + async findOneById(id) { const doc = await this.loader.load(id); return doc; diff --git a/test/output-app/resolvers/User.js b/test/output-app/resolvers/User.js index af99b67..a2992a9 100644 --- a/test/output-app/resolvers/User.js +++ b/test/output-app/resolvers/User.js @@ -44,7 +44,8 @@ const resolvers = { const doc = await User.findOneById(id); const authorized = User.isAuthorized({doc, mode: 'update', user}); if (!authorized) throw new Error('User: mode: update not authorized'); - await User.updateById(id, input); + const updateDoc = User.allowedFields(input, user); + await User.updateById(id, updateDoc); return User.findOneById(id); }, diff --git a/test/output-app/schema/Tweet.graphql b/test/output-app/schema/Tweet.graphql index f5a6b3b..1f32b86 100644 --- a/test/output-app/schema/Tweet.graphql +++ b/test/output-app/schema/Tweet.graphql @@ -1,6 +1,6 @@ type Tweet { id: ObjID! - author: User! + author: User body: String! likers(lastCreatedAt: Float, limit: Int): [User!] createdAt: Float! From ec54b30a6aa5f3e14d6a916eaf598e9c6ad3dc87 Mon Sep 17 00:00:00 2001 From: Tobias Klemmer Date: Sun, 4 Jun 2017 00:50:32 +0200 Subject: [PATCH 05/69] reworked and plus authorizedFields() --- test/input/Tweet.graphql | 13 +- test/input/User.graphql | 12 +- .../test-3-mutations-with-user-role-admin.js | 11 + test/output-app/model/Tweet.js | 276 ++++++++++++++-- test/output-app/model/User.js | 295 ++++++++++++++---- test/output-app/model/constants.js | 10 + test/output-app/resolvers/Tweet.js | 70 +++-- test/output-app/resolvers/User.js | 75 +++-- test/output-app/schema/Tweet.graphql | 5 + test/output-app/schema/User.graphql | 2 + test/output-app/server/index.js | 1 - test/seeds/Tweet.json | 12 +- test/seeds/User.json | 6 +- 13 files changed, 633 insertions(+), 155 deletions(-) create mode 100644 test/output-app/model/constants.js diff --git a/test/input/Tweet.graphql b/test/input/Tweet.graphql index ddab880..bd16574 100644 --- a/test/input/Tweet.graphql +++ b/test/input/Tweet.graphql @@ -1,16 +1,15 @@ type Tweet @authorize( - create: ["owner"] - readOne: ["world"] - readMany: ["world"] - update: ["owner", "admin"] - delete: ["owner", "admin"] - ownerField: "author" + author: ["create", "read", "update", "delete"], + coauthors: ["read", "update"], + admin: ["create", "read", "update", "delete"], + world: ["read"] ) { - author: User! @unmodifiable + author: User! @unmodifiable @belongsTo @authRole("author") + coauthors: [User!] @belongsTo @authRole("coauthors") body: String! likers: [User!] @hasAndBelongsToMany(as: "liked") diff --git a/test/input/User.graphql b/test/input/User.graphql index 1618b53..ef54227 100644 --- a/test/input/User.graphql +++ b/test/input/User.graphql @@ -1,18 +1,12 @@ type User @authorize( - create: ["admin"] - readOne: ["owner", "admin"] - readMany: ["admin"] - update: ["owner", "admin"] - updateRole: ["admin"] - delete: ["owner", "admin"] - ownerField: "_id" - roleField: "role" + this: ["readOne", "update", "delete"] + admin: ["create", "read", "update", "delete"] ) { - role: String! + role: String! @authRole("admin") @authorize(this: ["read"], admin: ["create", "read", "update"]) username: String! diff --git a/test/output-app-end-to-end/test-3-mutations-with-user-role-admin.js b/test/output-app-end-to-end/test-3-mutations-with-user-role-admin.js index 7ae6243..f5c0e60 100644 --- a/test/output-app-end-to-end/test-3-mutations-with-user-role-admin.js +++ b/test/output-app-end-to-end/test-3-mutations-with-user-role-admin.js @@ -35,6 +35,8 @@ describe('test-3: user with role "admin"', () => { bio: 'someone', role: 'admin' }; + // console.log('before:', makeUserInput(expectedUser)); + // console.log('userId', adminUser); sendQuery({query: ` mutation { createUser(input: ${makeUserInput(expectedUser)}) { @@ -46,6 +48,7 @@ describe('test-3: user with role "admin"', () => { userId: adminUser }) .then(result => { + // console.log('after:', result); assert.isNotNull(result.data); assert.isNotNull(result.data.createUser); assert.isNotNull(result.data.createUser.id); @@ -53,6 +56,10 @@ describe('test-3: user with role "admin"', () => { newUser = result.data.createUser.id; done(); }) + .catch((error) => { + console.log('ERROR: BEFORE', error); + done(); + }) }); describe('on type "user" (part 1)...', () => { @@ -299,6 +306,10 @@ describe('test-3: user with role "admin"', () => { tweetId = result.data.createTweet.id; done(); }) + .catch((error) => { + console.log(error); + done(); + }) }); it('can create tweet for himself', () => { diff --git a/test/output-app/model/Tweet.js b/test/output-app/model/Tweet.js index 59e2f45..9e764e8 100644 --- a/test/output-app/model/Tweet.js +++ b/test/output-app/model/Tweet.js @@ -1,52 +1,213 @@ import _ from 'lodash'; import DataLoader from 'dataloader'; import findByIds from 'mongo-find-by-ids'; +import { CREATE, READ, READONE, READMANY, UPDATE, DELETE, DEBUG } from './constants'; export default class Tweet { constructor(context) { - this.ownerField = 'authorId'; // @authorize(ownerField: "author") + /* this is generated from ... + @authorize( + author: ["create", "read", "update", "delete"], + coauthors: ["read", "update"], + admin: ["read", "update", "delete"], + world: ["read"] + ) + */ + this.authorizations = { + author: { + create: true, + read: true, + readOne: true, + readMany: true, + update: true, + delete: true, + }, + coauthors: { + read: true, + readOne: true, + readMany: true, + update: true, + }, + admin: { + read: true, + readOne: true, + readMany: true, + update: true, + delete: true, + }, + world: { + read: true, + readOne: true, + readMany: true, + } + }; this.context = context; this.collection = context.db.collection('tweet'); this.pubsub = context.pubsub; this.loader = new DataLoader(ids => findByIds(this.collection, ids)); } - // returns the owner of the current document @authorize(ownerField) - owner(doc){ - return (doc && doc[this.ownerField]) ? doc[this.ownerField].toString() : null; - } + // returns true, if the user's role is of expected kind + // this is generated whenever @authorize appears in the type definition + hasUserRole({role, doc, user, mode}){ + let hasRole = false; + switch (role) { - // returns true, if the current user is authorized for the current mode and document - isAuthorized({doc, mode, user, debug = true}){ - let authResult = false; - const ownerId = this.owner(doc); - const userId = (user && user._id) ? user._id.toString() : ''; - const role = this.context.User.role(user); - - switch (mode) { - case 'create': - // @authorize(create: ["owner"]) - authResult = (!!role && userId === ownerId); - break; - case 'readOne': - // @authorize(readOne: ["world"]) - authResult = true; + // returns true, if the signed in user is an author + // this is generated by... + // author: User! @unmodifiable @belongsTo @authRole("author") + // ----- ------------------- + case 'author': + hasRole = ( + // valid signed in user id available + !!user && !!user._id && user._id.toString() !== '' && + // valid document author available + !!doc && !!doc.authorId && doc.authorId.toString() !== '' && + // document author equals signed in user + doc.authorId.toString() === user._id.toString() + ); break; - case 'readMany': - // @authorize(readMany: ["world"]) - authResult = true; + + // returns true, if the signed in user is one of the coauthors + // this is generated by... + // coauthors: [User!] @belongsTo @authRole("coauthors") + // ------- ---------------------- + case 'coauthors': + hasRole = ( + // valid signed in user id available + !!user && !!user._id && user._id.toString() !== '' && + // document has at least one coauthors + !!doc && !!doc.coauthorsIds && _.isArray(doc.coauthorsIds) && doc.coauthorsIds.length > 0 && + // current signed in user is a coauthors + _.indexOf(doc.coauthorsIds, user._id.toString()) > -1 + ); break; - case 'update': - // @authorize(update: ["owner", editor"]) - authResult = (!!role && (userId === ownerId || role === 'admin')); + + // returns true, if signed in user has a role "admin" + // this is generated by... + // @authorize(admin: ["read", "update", "delete"]) + // ----- + // and if there is no @authRole("admin") user on any of the fields + // then it assumes a role definition + // and it checks against the role of the signed in user + case 'admin': + hasRole = ( + // valid signed in user id available + !!user && !!user._id && user._id.toString() !== '' && + // the current user has the correct role + this.context.User.role(user) === 'admin' + ); break; - case 'delete': - // @authorize(delete: ["owner", "admin"]) - authResult = (!!role && (userId === ownerId || role === 'admin')); + + // returns true, if user has a role "world" + // this is generated by... + // @authorize(world: ["read"]) + // ----- + // and if there is no @authRole("world") user on any of the fields + // then it assumes the special role definition "world" + // which means for every user, signed in or not signed in + case 'world': + hasRole = true; break; + + } + + (DEBUG) ? console.log( + '\n---------------------------------------------------------------------------------\n', + 'hasRole?','\n', + 'check if role =', role,'\n', + 'for user:', user.username, user.role, user._id, '\n', + 'doc:', JSON.stringify(doc, null, 2),'\n', + '==>', hasRole + ) + : null; + + return hasRole; + } + + // returns true, if the user role is authorized for the current mode + // this is generated whenever @authorize appears in the type definition + isRoleAuthorizedForMode({role, mode}){ + (DEBUG) ? + console.log( + 'isRoleAuthorizedForMode?', '\n', + 'role:', role, + 'mode:', mode, + '==>', this.authorizations[role][mode] ? true : false, + '\n---------------------------------------------------------------------------------\n', + ) + : null; + return this.authorizations[role][mode] ? true : false; + } + + // returns true, if the current user is authorized for the current mode and document + // this is generated, whenever @authorize appears... + isAuthorized({doc, mode, user}){ + // for authorization DEBUGging and logging reasons, do individual checks... + + // generated by @authorize(author: ...) + const authorAuthorized = this.hasUserRole({role: 'author', doc, user, mode}) && + this.isRoleAuthorizedForMode({role: 'author', mode}); + if (authorAuthorized && DEBUG) { + console.log( + 'Mode:', mode, + 'Tweet:', (doc && doc._id) ? doc._id.toString() : '', + 'User:', (user && user._id) ? user._id.toString() : '', + 'Author:', (doc && doc.authorId) ? doc.authorId.toString() : 'Error', + "===>", 'Authorized:', authorAuthorized + ); + } + + // generated by @authorize(coauthors: ...) + const coauthorsAuthorized = this.hasUserRole({role: 'coauthors', doc, user, mode}) && + this.isRoleAuthorizedForMode({role: 'coauthors', mode}); + if (coauthorsAuthorized && DEBUG) { + console.log( + 'Mode:', mode, + 'Tweet:', (doc && doc._id) ? doc._id.toString() : '', + 'User:', (user && user._id) ? user._id.toString() : '', + 'Coauthors:', (doc && doc.coauthorsIds) ? doc.coauthorsIds.toString() : 'Error', + "===>", 'Authorized:', coauthorsAuthorized + ); + } + + // generated by @authorize(admin: ...) + const adminAuthorized = this.hasUserRole({role: 'admin', doc, user, mode}) && + this.isRoleAuthorizedForMode({role: 'admin', mode}); + if (adminAuthorized && DEBUG){ + console.log( + 'Mode:', mode, + 'Tweet:', (doc && doc._id) ? doc._id.toString() : '', + 'User:', (user && user._id) ? user._id.toString() : '', + 'Role:', (user && user._id && this.context.User.role(user)) ? this.context.User.role(user) : 'Error', + "===>", 'Authorized:', adminAuthorized + ); + } + + // generated by @authorize(world: ...) + const worldAuthorized = this.hasUserRole({role: 'world', doc, user, mode}) && + this.isRoleAuthorizedForMode({role: 'world', mode}); + if (worldAuthorized && DEBUG) { + console.log( + 'Mode:', mode, + 'Tweet:', (doc && doc._id) ? doc._id.toString() : '', + 'User:', (user && user._id) ? user._id.toString() : '', + 'Role:', 'world', + "===>", 'Authorized:', worldAuthorized + ); + } + + // generated by @authorize(author: ..., coauthors: ..., admin: ..., world: ...) + const authResult = authorAuthorized || coauthorsAuthorized || adminAuthorized || worldAuthorized; + if (!authResult && DEBUG) { + console.log( + 'Mode:', mode, + 'Tweet:', (doc && doc._id) ? doc._id.toString() : '', + 'User:', (user && user._id) ? user._id.toString() : '', + "===>", 'Authorized:', authResult + ); } - (debug) ? console.log('Tweet:', doc._id, 'User:', userId, 'Owner:', ownerId, 'Role:', role, 'Mode:', mode, "===>", 'Authorized:', authResult) : null; return authResult; } @@ -77,6 +238,21 @@ export default class Tweet { return this.context.User.findOneById(tweet.authorId); } + createdBy(tweet) { + return this.context.User.findOneById(tweet.createdById); + } + + updatedBy(tweet) { + return this.context.User.findOneById(tweet.updatedById); + } + + coauthors(tweet, { lastCreatedAt = 0, limit = 10 }) { + return this.context.User.collection.find({ + _id: { $in: tweet.coauthorsIds }, + createdAt: { $gt: lastCreatedAt }, + }).sort({ createdAt: 1 }).limit(limit).toArray(); + } + likers(tweet, { lastCreatedAt = 0, limit = 10 }) { return this.context.User.collection.find({ likedIds: tweet._id, @@ -84,6 +260,46 @@ export default class Tweet { }).sort({ createdAt: 1 }).limit(limit).toArray(); } + // adding the current signed in user as a document owner + // the field of the document owner is identified + // by a field in the type definition, which contains an @authRole + addUserToDoc({doc, mode, user}){ + let enhancedDoc = Object.assign({}, doc); + + // generated by... + // author: User! @unmodifiable @belongsTo @authRole("author") + // ----- ------------------- + if (user && user._id){ + enhancedDoc = Object.assign({}, { authorId: user._id}, enhancedDoc); + } + + // generated by ... + // coauthors: [User!] @belongsTo @authRole("coauthors") + // ------- ---------------------- + // TODO: is this logically correct? + if (user && user._id){ + let coauthorsIds = enhancedDoc.coauthorsIds || []; + coauthorsIds = _.union(coauthorsIds, [user._id]); + enhancedDoc = Object.assign({}, { coauthorsIds: coauthorsIds}, enhancedDoc); + } + + // generated by... + // createdBy: User! @unmodifiable @belongsTo + // ----- ------------------- + if (mode === CREATE && user && user._id){ + enhancedDoc = Object.assign({}, { createdById: user._id}, enhancedDoc); + } + + // generated by... + // changedBy: User! @unmodifiable @belongsTo + // ----- ------------------- + if (mode === UPDATE && user && user._id){ + enhancedDoc = Object.assign({}, { updatedById: user._id}, enhancedDoc); + } + + return enhancedDoc; + } + async insert(doc) { const docToInsert = Object.assign({}, doc, { createdAt: Date.now(), diff --git a/test/output-app/model/User.js b/test/output-app/model/User.js index e371f0a..f8d58c9 100644 --- a/test/output-app/model/User.js +++ b/test/output-app/model/User.js @@ -1,94 +1,239 @@ import _ from 'lodash'; import DataLoader from 'dataloader'; import findByIds from 'mongo-find-by-ids'; +import { CREATE, READ, READONE, READMANY, UPDATE, DELETE, DEBUG } from './constants'; export default class User { constructor(context) { - this.ownerField = '_id'; // @authorize(ownerField: "_id") - this.roleField = 'role'; // @authorize(roleField: "role") + /* this is generated from ... + @authorize( + this: ["readOne", "update", "delete"] + admin: ["create", "read", "update", "delete"] + ) + */ + this.authorizations = { + this: { + readOne: true, + update: true, + delete: true, + }, + admin: { + create: true, + read: true, + readOne: true, + readMany: true, + update: true, + delete: true, + }, + }; this.context = context; this.collection = context.db.collection('user'); this.pubsub = context.pubsub; this.loader = new DataLoader(ids => findByIds(this.collection, ids)); } - // returns the owner of the current document @authorize(ownerField) - owner(doc){ - return (doc && doc[this.ownerField]) ? doc[this.ownerField].toString() : null; + // returns true, if the user's role is of expected kind + // this is generated whenever @authorize appears in the type definition + hasUserRole({role, doc, user, mode}){ + let hasRole = false; + switch (role) { + + // returns true, if the signed in user is equal to the document id + // this is generated by... + // @authorize(this:) + // ----- + case 'this': + hasRole = ( + // valid signed in user id available + !!user && !!user._id && user._id.toString() !== '' && + // valid document user id available + !!doc && !!doc._id && doc._id.toString() !== '' && + // document user id equals signed in user + doc._id.toString() === user._id.toString() + ); + break; + + // returns true, if signed in user has a role "admin" + // this is generated by... + // @authorize(admin: ["create", "read", "update", "delete"]) + // ----- + // and if there is no @authRole("admin") user on any of the fields + // then it assumes a role definition + // and it checks against the role of the signed in user + case 'admin': + hasRole = ( + // valid signed in user id available + !!user && !!user._id && user._id.toString() !== '' && + // the current user has the correct role + this.context.User.role(user) === 'admin' + ); + break; + + } + + (DEBUG) ? console.log( + '\n---------------------------------------------------------------------------------\n', + 'hasRole?','\n', + 'check if role =', role,'\n', + 'for user:', (user) ? (user.username, user.role, user._id) : (''), '\n', + 'doc:', JSON.stringify(doc, null, 2),'\n', + '==>', hasRole + ) + : null; + + return hasRole; } - // returns the role of the current user @authorize(roleField) - role(user){ - return (user && user[this.roleField]) ? user[this.roleField] : null; + // returns true, if the user role is authorized for the current mode + // this is generated whenever @authorize appears in the type definition + isRoleAuthorizedForMode({role, mode}){ + (DEBUG) ? + console.log( + 'isRoleAuthorizedForMode?', '\n', + 'role:', role, + 'mode:', mode, + '==>', this.authorizations[role][mode] ? true : false, + '\n---------------------------------------------------------------------------------\n', + ) + : null; + return this.authorizations[role][mode] ? true : false; } // returns true, if the current user is authorized for the current mode and document - isAuthorized({doc, mode, user, debug = true}){ - let authResult = false; - const ownerId = this.owner(doc); - const userId = (user && user._id) ? user._id.toString() : ''; - const role = this.context.User.role(user); - - switch (mode) { - case 'create': - // @authorize(create: ["admin"]) - authResult = (!!role && role === 'admin'); - break; - case 'readOne': - // @authorize(readOne: ["owner", "admin"]) - authResult = (!!role && (userId === ownerId || role === 'admin')); - break; - case 'readMany': - // @authorize(readMany: ["admin"]) - authResult = (!!role && role === 'admin'); - break; - case 'update': - // @authorize(update: ["owner", "admin"]) - authResult = (!!role && (userId == ownerId || role === 'admin')); - break; - case 'delete': - // @authorize(delete: ["owner", "admin"]) - authResult = (!!role && (userId === ownerId || role === 'admin')); - break; + // this is generated, whenever @authorize appears... + isAuthorized({doc, mode, user}){ + // for authorization debugging and logging reasons, do individual checks... + if (mode === CREATE){ + console.log('\n\nisAuthorized:\n', JSON.stringify(doc, null, 2), '\n\n\n'); + } + + // generated by @authorize(this: ...) + const thisAuthorized = this.hasUserRole({role: 'this', doc, user, mode}) && + this.isRoleAuthorizedForMode({role: 'this', mode}); + if (thisAuthorized && DEBUG) { + console.log( + 'Mode:', mode, + 'User Doc:', (doc && doc._id) ? doc._id.toString() : '', + 'User:', (user && user._id) ? user._id.toString() : '', + "===>", 'Authorized:', thisAuthorized + ); + } + + // generated by @authorize(admin: ...) + const adminAuthorized = this.hasUserRole({role: 'admin', doc, user, mode}) && + this.isRoleAuthorizedForMode({role: 'admin', mode}); + if (adminAuthorized && DEBUG){ + console.log( + 'Mode:', mode, + 'User doc:', (doc && doc._id) ? doc._id.toString() : '', + 'User:', (user && user._id) ? user._id.toString() : '', + 'Role:', (user && user._id && this.context.User.role(user)) ? this.context.User.role(user) : 'Error', + "===>", 'Authorized:', adminAuthorized + ); + } + + // generated by @authorize(this: ..., admin: ...) + const authResult = thisAuthorized || adminAuthorized; + if (!authResult && DEBUG) { + console.log( + 'Mode:', mode, + 'Tweet:', (doc && doc._id) ? doc._id.toString() : '', + 'User:', (user && user._id) ? user._id.toString() : '', + "===>", 'Authorized:', authResult + ); } - (debug) ? console.log('User:', userId, 'Owner:', ownerId, 'Role:', role, 'Mode:', mode, "===>", 'Authorized:', authResult) : null; return authResult; } - // returns only authorized documents + // returns the role of the current user + // generated by... + // role: String! @authRole("admin") @authorize(this: ["read"], admin: ["read", "update"]) + // ------- ------------------ + // whereas the field is not of type User, it is of type String + role(user){ + return (user && user.role) ? user.role : null; + } + + // returns document without role field + // generated by... + // role: String! @authRole("admin") @authorize(this: ["read"], admin: ["read", "update"]) + // ------- ------------------ + authorizedFields({doc, mode, user}){ + // array contains all fields, whose authorization is to be checked + const fields = ['role']; + + // check authorization on field level now + fields.forEach(field => { + // default is: field is not authorized + let authorizedField = false; + + if (field === 'role'){ + // role: @authorize(this: ["read"]) + if ( this.hasUserRole({role: 'this', doc, user, mode}) && + (mode === READ || mode === READONE || mode === READMANY) ){ + authorizedField = true; + } + + // role: @authorize(admin: ["create", "read", "update"]) + if ( this.hasUserRole({role: 'admin', doc, user, mode}) && + (mode === CREATE || mode === READ || mode === READONE || mode === READMANY || mode === UPDATE) ){ + authorizedField = true; + } + } + + // role: otherwise remove field from doc, + // because the user and mode is not authorize to access this field + if ( !authorizedField && doc[field] ){ + delete doc[field]; + } + }); + + return doc; + } + + // returns only authorized documents and fields + // generated by ... + // @authorize() authorized({doc, mode, user}){ + if (!user) throw new Error('authorized: user is empty'); + // if it is an array of documents, .... if (_.isArray(doc)){ - return _.filter(doc, d => this.isAuthorized({doc: d, mode, user}) ); - } else if (_.isObject(doc) && this.isAuthorized({doc, mode, user})) { - return doc; + // then filter for the authorized documents + let authorizedDocs = _.filter(doc, d => this.isAuthorized({doc: d, mode, user}) ); + // provide only authorized fields + authorizedDocs.forEach(d => { + d = this.authorizedFields({doc: d, mode, user}); + }); + return authorizedDocs; + + // if it is a single document, check the authorization for it + } else if ( _.isObject(doc) && this.isAuthorized({doc, mode, user}) ) { + // return only authorized fields + const authorizedDoc = this.authorizedFields({doc, mode, user}); + return authorizedDoc; + + // or return null, if no authorized document was found } else { + console.log('authorized: no authorized doc found'); return null; } } - // returns document without role field - // @authorize(updateRole: ["admin"]) - allowedFields(input, user){ - if (user.role === 'admin'){ - return input; - } - if (input[this.roleField]){ - delete input[this.roleField]; - } - return input; - } - - async findOneById(id) { + async findOneById(id, user) { const doc = await this.loader.load(id); + // const authorizedDoc = this.authorized({doc, mode: READONE, user}); + // return authorizedDoc; return doc; } - async all({ lastCreatedAt = 0, limit = 10 }) { - const docs = await this.collection.find({ + async all({ lastCreatedAt = 0, limit = 10, user }) { + const doc = await this.collection.find({ createdAt: { $gt: lastCreatedAt }, }).sort({ createdAt: 1 }).limit(limit).toArray(); - return docs; + // const authorizedDocs = this.authorized({doc, mode: READMANY, user}); + // return authorizedDocs; + return doc; } tweets(user, { minLikes, lastCreatedAt = 0, limit = 10 }) { @@ -119,20 +264,44 @@ export default class User { }).sort({ createdAt: 1 }).limit(limit).toArray(); } - async insert(doc) { - const docToInsert = Object.assign({}, doc, { + createdBy(user) { + return this.context.User.findOneById(user.createdById); + } + + updatedBy(user) { + return this.context.User.findOneById(user.updatedById); + } + + async insert(doc, user) { + let docToInsert = Object.assign({}, doc, { createdAt: Date.now(), updatedAt: Date.now(), + createdById: (user && user._id) ? user._id : 'unknown', + updatedById: (user && user._id) ? user._id : 'unknown', }); + docToInsert = this.authorizedFields({doc: docToInsert, mode: CREATE, user}); + const authorized = this.isAuthorized({doc: docToInsert, mode: CREATE, user}); + if (!authorized) throw new Error('User: mode: create not authorized'); + const id = (await this.collection.insertOne(docToInsert)).insertedId; this.pubsub.publish('userInserted', await this.findOneById(id)); return id; } - async updateById(id, doc) { + async updateById(id, doc, user) { + const foundDoc = await this.findOneById(id); + console.log('foundDoc', JSON.stringify(foundDoc, null, 2)); + + const authorized = this.isAuthorized({doc: foundDoc, mode: UPDATE, user}); + if (!authorized) throw new Error('User: mode: update not authorized'); + + const updatedDoc = this.authorizedFields({doc, mode: UPDATE, user}); + console.log('updatedDoc', JSON.stringify(updatedDoc, null, 2)); + const ret = await this.collection.update({ _id: id }, { - $set: Object.assign({}, doc, { + $set: Object.assign({}, updatedDoc, { updatedAt: Date.now(), + updatedById: (user && user._id) ? user._id : 'unknown', }), }); this.loader.clear(id); @@ -140,7 +309,11 @@ export default class User { return ret; } - async removeById(id) { + async removeById(id, user) { + const doc = await this.findOneById(id); + const authorized = this.isAuthorized({doc, mode: DELETE, user}); + if (!authorized) throw new Error('User: mode: delete not authorized'); + const ret = this.collection.remove({ _id: id }); this.loader.clear(id); this.pubsub.publish('userRemoved', id); diff --git a/test/output-app/model/constants.js b/test/output-app/model/constants.js new file mode 100644 index 0000000..ac7a58d --- /dev/null +++ b/test/output-app/model/constants.js @@ -0,0 +1,10 @@ +// constants, to avoid typing errors +export const CREATE = 'create'; +export const READ = 'read'; +export const READONE = 'readOne'; +export const READMANY = 'readMany'; +export const UPDATE = 'update'; +export const DELETE = 'delete'; + +// debug to switch on additional logs +export const DEBUG = true; diff --git a/test/output-app/resolvers/Tweet.js b/test/output-app/resolvers/Tweet.js index 8b6745f..118661e 100644 --- a/test/output-app/resolvers/Tweet.js +++ b/test/output-app/resolvers/Tweet.js @@ -1,3 +1,5 @@ +import { CREATE, READ, READONE, READMANY, UPDATE, DELETE, DEBUG } from '../model/constants'; + const resolvers = { Tweet: { id(tweet) { @@ -8,43 +10,75 @@ const resolvers = { return Tweet.author(tweet); }, + createdBy(tweet, args, { Tweet }) { + return Tweet.createdBy(tweet); + }, + + updatedBy(tweet, args, { Tweet }) { + return Tweet.updatedBy(tweet); + }, + + coauthors(tweet, { lastCreatedAt, limit }, { Tweet }) { + return Tweet.coauthors(tweet, { lastCreatedAt, limit }); + }, + likers(tweet, { lastCreatedAt, limit }, { Tweet }) { return Tweet.likers(tweet, { lastCreatedAt, limit }); }, }, Query: { async tweets(root, { lastCreatedAt, limit }, { Tweet, user }) { - const doc = await Tweet.all({ lastCreatedAt, limit }); - return Tweet.authorized({doc, mode: 'readMany', user}); + try { + const doc = await Tweet.all({ lastCreatedAt, limit }); + return Tweet.authorized({doc, mode: 'readMany', user}); + } catch(error) { + console.log('ERROR:', error.message); + } }, async tweet(root, { id }, { Tweet, user }) { - const doc = await Tweet.findOneById(id); - return Tweet.authorized({doc, mode: 'readOne', user}); + try { + const doc = await Tweet.findOneById(id); + return Tweet.authorized({doc, mode: 'readOne', user}); + } catch(error) { + console.log('ERROR:', error.message); + } }, }, Mutation: { async createTweet(root, { input }, { Tweet, user }) { - const doc = input; - const authorized = Tweet.isAuthorized({doc, mode: 'create', user}); - if (!authorized) throw new Error('Tweet: mode: create not authorized'); - const id = await Tweet.insert(input); - return Tweet.findOneById(id); + try { + const doc = Tweet.addUserToDoc({doc: input, mode: 'create', user}); + const authorized = Tweet.isAuthorized({doc, mode: 'create', user}); + if (!authorized) throw new Error('Tweet: mode: create not authorized'); + const id = await Tweet.insert(input); + return Tweet.findOneById(id); + } catch(error) { + console.log('ERROR:', error.message); + } }, async updateTweet(root, { id, input }, { Tweet, user }) { - const doc = await Tweet.findOneById(id); - const authorized = Tweet.isAuthorized({doc, mode: 'update', user}); - if (!authorized) throw new Error('Tweet: mode: update not authorized'); - await Tweet.updateById(id, input); - return Tweet.findOneById(id); + try { + const doc = await Tweet.findOneById(id); + const authorized = Tweet.isAuthorized({doc, mode: 'update', user}); + if (!authorized) throw new Error('Tweet: mode: update not authorized'); + await Tweet.updateById(id, input); + return Tweet.findOneById(id); + } catch(error) { + console.log('ERROR:', error.message); + } }, async removeTweet(root, { id }, { Tweet, user }) { - const doc = await Tweet.findOneById(id); - const authorized = Tweet.isAuthorized({doc, mode: 'delete', user}); - if (!authorized) throw new Error('Tweet: mode: delete not authorized'); - return Tweet.removeById(id); + try { + const doc = await Tweet.findOneById(id); + const authorized = Tweet.isAuthorized({doc, mode: 'delete', user}); + if (!authorized) throw new Error('Tweet: mode: delete not authorized'); + return Tweet.removeById(id); + } catch(error) { + console.log('ERROR:', error.message); + } }, }, Subscription: { diff --git a/test/output-app/resolvers/User.js b/test/output-app/resolvers/User.js index a2992a9..a9801b9 100644 --- a/test/output-app/resolvers/User.js +++ b/test/output-app/resolvers/User.js @@ -1,59 +1,94 @@ +import { CREATE, READ, READONE, READMANY, UPDATE, DELETE, DEBUG } from '../model/constants'; + const resolvers = { User: { id(user) { return user._id; }, + createdBy(user, args, { User }) { + //return User.createdBy(user); + const doc = User.createdBy(user); + return User.authorized({doc, mode: READONE, user}); + }, + + updatedBy(user, args, { User }) { + //return User.updatedBy(user); + const doc = User.updatedBy(user); + return User.authorized({doc, mode: READONE, user}); + }, + tweets(user, { minLikes, lastCreatedAt, limit }, { User }) { return User.tweets(user, { minLikes, lastCreatedAt, limit }); + // const doc = User.tweets(user, { minLikes, lastCreatedAt, limit }); + // return Tweet.authorized({doc, mode: READMANY, user}); }, - liked(user, { lastCreatedAt, limit }, { User }) { + liked(user, { lastCreatedAt, limit }, { User, Tweet }) { return User.liked(user, { lastCreatedAt, limit }); + // const doc = User.liked(user, { lastCreatedAt, limit }); + // return Tweet.authorized({doc, mode: READMANY, user}); }, following(user, { lastCreatedAt, limit }, { User }) { return User.following(user, { lastCreatedAt, limit }); + // const doc = User.following(user, { lastCreatedAt, limit }); + // return User.authorized({doc, mode: READMANY, user}); }, followers(user, { lastCreatedAt, limit }, { User }) { return User.followers(user, { lastCreatedAt, limit }); + // const doc = User.followers(user, { lastCreatedAt, limit }); + // return User.authorized({doc, mode: READMANY, user}); }, }, Query: { async users(root, { lastCreatedAt, limit }, { User, user }) { - const doc = await User.all({ lastCreatedAt, limit }); - return User.authorized({doc, mode: 'readMany', user}); + try { + const doc = await User.all({ lastCreatedAt, limit, user }); + return User.authorized({doc, mode: READMANY, user}); + } catch(error) { + console.log('ERROR:', error.message); + } }, async user(root, { id }, { User, user }) { - const doc = await User.findOneById(id); - return User.authorized({doc, mode: 'readOne', user}); + try { + console.log('user', JSON.stringify(user, null, 2)); + const doc = await User.findOneById(id, user); + return User.authorized({doc, mode: READONE, user}); + } catch(error) { + console.log('ERROR:', error.message); + } }, }, Mutation: { async createUser(root, { input }, { User, user }) { - const doc = input; - const authorized = User.isAuthorized({doc, mode: 'create', user}); - if (!authorized) throw new Error('User: mode: create not authorized'); - const id = await User.insert(input); - return User.findOneById(id); + try { + const id = await User.insert(input, user); + const doc = await User.findOneById(id, user); + return User.authorized({doc, mode: READONE, user}); + } catch(error) { + console.log('ERROR:', error.message); + } }, async updateUser(root, { id, input }, { User, user }) { - const doc = await User.findOneById(id); - const authorized = User.isAuthorized({doc, mode: 'update', user}); - if (!authorized) throw new Error('User: mode: update not authorized'); - const updateDoc = User.allowedFields(input, user); - await User.updateById(id, updateDoc); - return User.findOneById(id); + try { + await User.updateById(id, input, user); + const doc = await User.findOneById(id, user); + return User.authorized({doc, mode: READONE, user}); + } catch(error) { + console.log('ERROR:', error.message); + } }, async removeUser(root, { id }, { User, user }) { - const doc = await User.findOneById(id); - const authorized = User.isAuthorized({doc, mode: 'delete', user}); - if (!authorized) throw new Error('User: mode: delete not authorized'); - return User.removeById(id); + try { + return User.removeById(id, user); + } catch(error) { + console.log('ERROR:', error.message); + } }, }, Subscription: { diff --git a/test/output-app/schema/Tweet.graphql b/test/output-app/schema/Tweet.graphql index 1f32b86..5a32ff7 100644 --- a/test/output-app/schema/Tweet.graphql +++ b/test/output-app/schema/Tweet.graphql @@ -1,10 +1,13 @@ type Tweet { id: ObjID! author: User + coauthors: [User!] body: String! likers(lastCreatedAt: Float, limit: Int): [User!] createdAt: Float! + createdBy: User! updatedAt: Float! + updatedBy: User } extend type Query { @@ -15,10 +18,12 @@ extend type Query { input CreateTweetInput { authorId: ObjID! body: String! + coauthorsIds: [ObjID!] } input UpdateTweetInput { body: String! + coauthorsIds: [ObjID!] } extend type Mutation { diff --git a/test/output-app/schema/User.graphql b/test/output-app/schema/User.graphql index 24d861e..590fb8f 100644 --- a/test/output-app/schema/User.graphql +++ b/test/output-app/schema/User.graphql @@ -9,7 +9,9 @@ type User { following(lastCreatedAt: Float, limit: Int): [User!] followers(lastCreatedAt: Float, limit: Int): [User!] createdAt: Float! + createdBy: User! updatedAt: Float! + updatedBy: User } extend type Query { diff --git a/test/output-app/server/index.js b/test/output-app/server/index.js index 073ae22..38eec4c 100644 --- a/test/output-app/server/index.js +++ b/test/output-app/server/index.js @@ -50,7 +50,6 @@ async function startServer() { // Probably indicates someone trying to send an overly expensive query throw new Error('Query too large.'); } - return { schema, context: Object.assign({ user }, req.context), diff --git a/test/seeds/Tweet.json b/test/seeds/Tweet.json index 1edc5e9..2934241 100644 --- a/test/seeds/Tweet.json +++ b/test/seeds/Tweet.json @@ -1,6 +1,6 @@ -{"_id":{"$oid":"583676d3618530145474e352"},"authorId":{"$oid":"583291a1638566b3c5a92ca1"},"body":"We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:","createdAt":1.479964371334e+12,"updatedAt":1.479964371334e+12} -{"_id":{"$oid":"583676d3618530145474e355"},"authorId":{"$oid":"583291a1638566b3c5a92ca2"},"body":"Where have I heard this before","createdAt":1.479964438372e+12,"updatedAt":1.479964438372e+12} -{"_id":{"$oid":"583676d3618530145474e351"},"authorId":{"$oid":"583291a1638566b3c5a92ca0"},"body":"Good times bringing Apollo Optics to Rails over the last few months with @tmeasday @chollier @cjoudrey @rmosolgo and others!","createdAt":1.479964352544e+12,"updatedAt":1.479964352544e+12} -{"_id":{"$oid":"583676d3618530145474e354"},"authorId":{"$oid":"583291a1638566b3c5a92ca2"},"body":"It will stop being insane. It will just be normal. TV changed presidential politics, now it's social media's turn.","createdAt":1.479964423351e+12,"updatedAt":1.479964423351e+12} -{"_id":{"$oid":"583676d3618530145474e353"},"authorId":{"$oid":"583291a1638566b3c5a92ca1"},"body":"Help improve @apollographql integration with #redux dev tools:","createdAt":1.479964386822e+12,"updatedAt":1.479964386822e+12} -{"_id":{"$oid":"583676d3618530145474e350"},"authorId":{"$oid":"583291a1638566b3c5a92ca0"},"body":"A #graphql-first development workflow based on real world lessons, from @danimman \u0026 @stubailo:","createdAt":1.479964340853e+12,"updatedAt":1.479964340853e+12} +{"_id":{"$oid":"583676d3618530145474e352"},"authorId":{"$oid":"583291a1638566b3c5a92ca1"},"coauthorsIds":[],"body":"We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:","createdAt":1.479964371334e+12,"updatedAt":1.479964371334e+12, "createdById":{"$oid":"583291a1638566b3c5a92ca1"}} +{"_id":{"$oid":"583676d3618530145474e355"},"authorId":{"$oid":"583291a1638566b3c5a92ca2"},"coauthorsIds":[{"$oid":"583291a1638566b3c5a92ca1"}],"body":"Where have I heard this before","createdAt":1.479964438372e+12,"updatedAt":1.479964438372e+12, "createdById":{"$oid":"583291a1638566b3c5a92ca1"}} +{"_id":{"$oid":"583676d3618530145474e351"},"authorId":{"$oid":"583291a1638566b3c5a92ca0"},"coauthorsIds":[{"$oid":"583291a1638566b3c5a92ca2"},{"$oid":"583291a1638566b3c5a92ca1"}],"body":"Good times bringing Apollo Optics to Rails over the last few months with @tmeasday @chollier @cjoudrey @rmosolgo and others!","createdAt":1.479964352544e+12,"updatedAt":1.479964352544e+12, "createdById":{"$oid":"583291a1638566b3c5a92ca1"}} +{"_id":{"$oid":"583676d3618530145474e354"},"authorId":{"$oid":"583291a1638566b3c5a92ca2"},"coauthorsIds":[{"$oid":"583291a1638566b3c5a92ca0"},{"$oid":"583291a1638566b3c5a92ca1"}],"body":"It will stop being insane. It will just be normal. TV changed presidential politics, now it's social media's turn.","createdAt":1.479964423351e+12,"updatedAt":1.479964423351e+12, "createdById":{"$oid":"583291a1638566b3c5a92ca1"}} +{"_id":{"$oid":"583676d3618530145474e353"},"authorId":{"$oid":"583291a1638566b3c5a92ca1"},"coauthorsIds":[{"$oid":"583291a1638566b3c5a92ca2"},{"$oid":"583291a1638566b3c5a92ca0"}],"body":"Help improve @apollographql integration with #redux dev tools:","createdAt":1.479964386822e+12,"updatedAt":1.479964386822e+12, "createdById":{"$oid":"583291a1638566b3c5a92ca1"}} +{"_id":{"$oid":"583676d3618530145474e350"},"authorId":{"$oid":"583291a1638566b3c5a92ca0"},"coauthorsIds":[{"$oid":"583291a1638566b3c5a92ca1"},{"$oid":"583291a1638566b3c5a92ca2"}],"body":"A #graphql-first development workflow based on real world lessons, from @danimman \u0026 @stubailo:","createdAt":1.479964340853e+12,"updatedAt":1.479964340853e+12, "createdById":{"$oid":"583291a1638566b3c5a92ca1"}} diff --git a/test/seeds/User.json b/test/seeds/User.json index 0c33842..64a0b91 100644 --- a/test/seeds/User.json +++ b/test/seeds/User.json @@ -1,3 +1,3 @@ -{"_id":{"$oid":"583291a1638566b3c5a92ca1"},"bio":"tech lead @meteorjs @apollographql","createdAt":1.479776905993e+12,"followingIds":[{"$oid":"583291a1638566b3c5a92ca0"}],"likedIds":[{"$oid":"583676d3618530145474e350"},{"$oid":"583676d3618530145474e351"}],"updatedAt":1.479776905993e+12,"username":"stubailo", "role":"admin"} -{"_id":{"$oid":"583291a1638566b3c5a92ca0"},"bio":"I build things with @percolatestudio. Author of @discovermeteor. Exploring how to improve user experience through technology, design and performance.","createdAt":1.479776904993e+12,"followingIds":[{"$oid":"583291a1638566b3c5a92ca1"},{"$oid":"583291a1638566b3c5a92ca2"}],"likedIds":[{"$oid":"583676d3618530145474e352"},{"$oid":"583676d3618530145474e353"},{"$oid":"583676d3618530145474e354"}],"updatedAt":1.479776904993e+12,"username":"tmeasday", "role": "editor", "hash":"$2a$10$SeepHv0X3GZfSzl0uqlXmucLsP2VjdI.nuA0UJnmOtEecLSx.RiWe"} -{"_id":{"$oid":"583291a1638566b3c5a92ca2"},"bio":"Co-founder of Parse, now at Facebook. Ex Google search quality, game developer \u0026 math contester.","createdAt":1.479776906993e+12,"followingIds":[{"$oid":"583291a1638566b3c5a92ca1"}],"likedIds":[{"$oid":"583676d3618530145474e350"},{"$oid":"583676d3618530145474e353"}],"updatedAt":1.479776906993e+12,"username":"lacker", "role": "user"} +{"_id":{"$oid":"583291a1638566b3c5a92ca1"},"bio":"tech lead @meteorjs @apollographql","createdAt":1.479776905993e+12,"followingIds":[{"$oid":"583291a1638566b3c5a92ca0"}],"likedIds":[{"$oid":"583676d3618530145474e350"},{"$oid":"583676d3618530145474e351"}],"updatedAt":1.479776905993e+12,"username":"stubailo", "role":"admin", "createdById":{"$oid":"583291a1638566b3c5a92ca1"}} +{"_id":{"$oid":"583291a1638566b3c5a92ca0"},"bio":"I build things with @percolatestudio. Author of @discovermeteor. Exploring how to improve user experience through technology, design and performance.","createdAt":1.479776904993e+12,"followingIds":[{"$oid":"583291a1638566b3c5a92ca1"},{"$oid":"583291a1638566b3c5a92ca2"}],"likedIds":[{"$oid":"583676d3618530145474e352"},{"$oid":"583676d3618530145474e353"},{"$oid":"583676d3618530145474e354"}],"updatedAt":1.479776904993e+12,"username":"tmeasday", "role": "editor", "hash":"$2a$10$SeepHv0X3GZfSzl0uqlXmucLsP2VjdI.nuA0UJnmOtEecLSx.RiWe", "createdById":{"$oid":"583291a1638566b3c5a92ca1"}} +{"_id":{"$oid":"583291a1638566b3c5a92ca2"},"bio":"Co-founder of Parse, now at Facebook. Ex Google search quality, game developer \u0026 math contester.","createdAt":1.479776906993e+12,"followingIds":[{"$oid":"583291a1638566b3c5a92ca1"}],"likedIds":[{"$oid":"583676d3618530145474e350"},{"$oid":"583676d3618530145474e353"}],"updatedAt":1.479776906993e+12,"username":"lacker", "role": "user", "createdById":{"$oid":"583291a1638566b3c5a92ca1"}} From 4cb3aa92c1a6218d8dd9644f95367be5346c96d6 Mon Sep 17 00:00:00 2001 From: Tobias Klemmer Date: Sun, 4 Jun 2017 14:16:02 +0200 Subject: [PATCH 06/69] User finished before Tweet update --- test/input/Tweet.graphql | 2 +- test/input/User.graphql | 4 +- test/output-app/.gitignore | 2 + test/output-app/model/Tweet.js | 1 + test/output-app/model/User.js | 290 ++++++++++++++------------- test/output-app/model/constants.js | 2 +- test/output-app/package.json | 4 +- test/output-app/resolvers/Tweet.js | 24 ++- test/output-app/resolvers/User.js | 80 ++++---- test/output-app/schema/Tweet.graphql | 2 +- test/output-app/schema/User.graphql | 4 +- test/output-app/server/index.js | 9 +- test/output-app/server/logger.js | 37 ++++ test/output-app/yarn.lock | 57 +++++- test/seeds/Tweet.json | 12 +- test/seeds/User.json | 6 +- 16 files changed, 328 insertions(+), 208 deletions(-) create mode 100644 test/output-app/server/logger.js diff --git a/test/input/Tweet.graphql b/test/input/Tweet.graphql index bd16574..4eb42f2 100644 --- a/test/input/Tweet.graphql +++ b/test/input/Tweet.graphql @@ -1,9 +1,9 @@ type Tweet @authorize( + admin: ["create", "read", "update", "delete"], author: ["create", "read", "update", "delete"], coauthors: ["read", "update"], - admin: ["create", "read", "update", "delete"], world: ["read"] ) diff --git a/test/input/User.graphql b/test/input/User.graphql index ef54227..7d6240b 100644 --- a/test/input/User.graphql +++ b/test/input/User.graphql @@ -1,12 +1,12 @@ type User @authorize( - this: ["readOne", "update", "delete"] admin: ["create", "read", "update", "delete"] + this: ["readOne", "update", "delete"] ) { - role: String! @authRole("admin") @authorize(this: ["read"], admin: ["create", "read", "update"]) + role: String! @authRole("admin") @authorize(admin: ["create", "read", "update"], this: ["read"]) username: String! diff --git a/test/output-app/.gitignore b/test/output-app/.gitignore index 50ffcff..c9d3b9d 100644 --- a/test/output-app/.gitignore +++ b/test/output-app/.gitignore @@ -1,3 +1,5 @@ node_modules /db /input +server/logs/all-logs.log +server/logs/*.log diff --git a/test/output-app/model/Tweet.js b/test/output-app/model/Tweet.js index 9e764e8..d96d709 100644 --- a/test/output-app/model/Tweet.js +++ b/test/output-app/model/Tweet.js @@ -1,4 +1,5 @@ import _ from 'lodash'; +import log from '../server/logger'; import DataLoader from 'dataloader'; import findByIds from 'mongo-find-by-ids'; import { CREATE, READ, READONE, READMANY, UPDATE, DELETE, DEBUG } from './constants'; diff --git a/test/output-app/model/User.js b/test/output-app/model/User.js index f8d58c9..7670ed6 100644 --- a/test/output-app/model/User.js +++ b/test/output-app/model/User.js @@ -1,4 +1,5 @@ import _ from 'lodash'; +import log from '../server/logger'; import DataLoader from 'dataloader'; import findByIds from 'mongo-find-by-ids'; import { CREATE, READ, READONE, READMANY, UPDATE, DELETE, DEBUG } from './constants'; @@ -7,16 +8,11 @@ export default class User { constructor(context) { /* this is generated from ... @authorize( - this: ["readOne", "update", "delete"] admin: ["create", "read", "update", "delete"] + this: ["readOne", "update", "delete"] ) */ this.authorizations = { - this: { - readOne: true, - update: true, - delete: true, - }, admin: { create: true, read: true, @@ -25,6 +21,11 @@ export default class User { update: true, delete: true, }, + this: { + readOne: true, + update: true, + delete: true, + }, }; this.context = context; this.collection = context.db.collection('user'); @@ -32,27 +33,20 @@ export default class User { this.loader = new DataLoader(ids => findByIds(this.collection, ids)); } + // returns the role of the current user + // generated by... + // role: String! @authRole("admin") @authorize(this: ["read"], admin: ["read", "update"]) + // ------- ------------------ + // whereas the field is not of type User, it is of type String + role(user){ + return (user && user.role) ? user.role : null; + } + // returns true, if the user's role is of expected kind // this is generated whenever @authorize appears in the type definition - hasUserRole({role, doc, user, mode}){ + hasUserRole({role, doc, user, mode, printLog = true, resolver}){ let hasRole = false; switch (role) { - - // returns true, if the signed in user is equal to the document id - // this is generated by... - // @authorize(this:) - // ----- - case 'this': - hasRole = ( - // valid signed in user id available - !!user && !!user._id && user._id.toString() !== '' && - // valid document user id available - !!doc && !!doc._id && doc._id.toString() !== '' && - // document user id equals signed in user - doc._id.toString() === user._id.toString() - ); - break; - // returns true, if signed in user has a role "admin" // this is generated by... // @authorize(admin: ["create", "read", "update", "delete"]) @@ -68,99 +62,91 @@ export default class User { this.context.User.role(user) === 'admin' ); break; - + // returns true, if the signed in user is equal to the document id + // this is generated by... + // @authorize(this:) + // ----- + case 'this': + hasRole = ( + // valid signed in user id available + !!user && !!user._id && user._id.toString() !== '' && + // valid document user id available + !!doc && !!doc._id && doc._id.toString() !== '' && + // document user id equals signed in user + doc._id.toString() === user._id.toString() + ); + break; + } + if (printLog){ + log.debug(''); + log.debug(`${resolver} hasRole: "${role}" "${user.username ? user.username : ''} ${user.role ? user.role : ''} ${user._id ? user._id : ''}" ==> "${hasRole}"`); } - - (DEBUG) ? console.log( - '\n---------------------------------------------------------------------------------\n', - 'hasRole?','\n', - 'check if role =', role,'\n', - 'for user:', (user) ? (user.username, user.role, user._id) : (''), '\n', - 'doc:', JSON.stringify(doc, null, 2),'\n', - '==>', hasRole - ) - : null; - return hasRole; } // returns true, if the user role is authorized for the current mode // this is generated whenever @authorize appears in the type definition - isRoleAuthorizedForMode({role, mode}){ - (DEBUG) ? - console.log( - 'isRoleAuthorizedForMode?', '\n', - 'role:', role, - 'mode:', mode, - '==>', this.authorizations[role][mode] ? true : false, - '\n---------------------------------------------------------------------------------\n', - ) - : null; + isRoleAuthorizedForMode({role, mode, resolver}){ + log.debug(`${resolver} isRoleAuthorizedForMode: "${role}" "${mode}" ==> "${this.authorizations[role][mode] ? true : false}"`); return this.authorizations[role][mode] ? true : false; } // returns true, if the current user is authorized for the current mode and document // this is generated, whenever @authorize appears... - isAuthorized({doc, mode, user}){ - // for authorization debugging and logging reasons, do individual checks... - if (mode === CREATE){ - console.log('\n\nisAuthorized:\n', JSON.stringify(doc, null, 2), '\n\n\n'); - } - - // generated by @authorize(this: ...) - const thisAuthorized = this.hasUserRole({role: 'this', doc, user, mode}) && - this.isRoleAuthorizedForMode({role: 'this', mode}); - if (thisAuthorized && DEBUG) { - console.log( - 'Mode:', mode, - 'User Doc:', (doc && doc._id) ? doc._id.toString() : '', - 'User:', (user && user._id) ? user._id.toString() : '', - "===>", 'Authorized:', thisAuthorized - ); - } + isAuthorized({doc, mode, user, resolver}){ // generated by @authorize(admin: ...) - const adminAuthorized = this.hasUserRole({role: 'admin', doc, user, mode}) && - this.isRoleAuthorizedForMode({role: 'admin', mode}); - if (adminAuthorized && DEBUG){ - console.log( - 'Mode:', mode, - 'User doc:', (doc && doc._id) ? doc._id.toString() : '', - 'User:', (user && user._id) ? user._id.toString() : '', - 'Role:', (user && user._id && this.context.User.role(user)) ? this.context.User.role(user) : 'Error', - "===>", 'Authorized:', adminAuthorized - ); + const adminAuthorized = this.hasUserRole({role: 'admin', doc, user, mode, printLog: true, resolver}) && + this.isRoleAuthorizedForMode({role: 'admin', mode, resolver}); + + // logging for debugging... + if (adminAuthorized){ + log.debug(`${resolver} isAuthorized: role: "${ + (user && user._id && this.context.User.role(user)) ? this.context.User.role(user) : '' + }" "${mode}" doc: "${ + (doc && doc._id) ? doc._id.toString() : '' + }" user: "${ + (user && user._id) ? user._id.toString() : '' + }" ===> "${adminAuthorized}"`); + + return adminAuthorized; } - // generated by @authorize(this: ..., admin: ...) - const authResult = thisAuthorized || adminAuthorized; - if (!authResult && DEBUG) { - console.log( - 'Mode:', mode, - 'Tweet:', (doc && doc._id) ? doc._id.toString() : '', - 'User:', (user && user._id) ? user._id.toString() : '', - "===>", 'Authorized:', authResult - ); + // generated by @authorize(this: ...) + const thisAuthorized = this.hasUserRole({role: 'this', doc, user, mode, printLog: true, resolver}) && + this.isRoleAuthorizedForMode({role: 'this', mode, resolver}); + + // logging for debugging... + if (thisAuthorized) { + log.debug(`${resolver} isAuthorized: doc: "${ + (doc && doc._id) ? doc._id.toString() : '' + }" "${mode}" user: "${ + (user && user._id) ? user._id.toString() : '' + }" ===> "${thisAuthorized}"`); + + return thisAuthorized; } - return authResult; - } + // logging for debugging... + log.debug(`${resolver} isAuthorized: role: "${ + (user && user._id && this.context.User.role(user)) ? this.context.User.role(user) : '' + }" "${mode}" doc: "${ + (doc && doc._id) ? doc._id.toString() : '' + }" user: "${ + (user && user._id) ? user._id.toString() : '' + }" ===> "false"`); - // returns the role of the current user - // generated by... - // role: String! @authRole("admin") @authorize(this: ["read"], admin: ["read", "update"]) - // ------- ------------------ - // whereas the field is not of type User, it is of type String - role(user){ - return (user && user.role) ? user.role : null; + return false; } // returns document without role field // generated by... // role: String! @authRole("admin") @authorize(this: ["read"], admin: ["read", "update"]) // ------- ------------------ - authorizedFields({doc, mode, user}){ + authorizedFields({doc, mode, user, resolver}){ // array contains all fields, whose authorization is to be checked + // role: String! @authorize() + // ---- ------------ const fields = ['role']; // check authorization on field level now @@ -168,23 +154,33 @@ export default class User { // default is: field is not authorized let authorizedField = false; + // role: String! @authorize() + // ---- ------------ if (field === 'role'){ - // role: @authorize(this: ["read"]) - if ( this.hasUserRole({role: 'this', doc, user, mode}) && + log.debug(''); + // role: String! @authorize(this: ["read"]) + // ----- ----- ---- + if ( this.hasUserRole({role: 'this', doc, user, mode, printLog: false, resolver}) && (mode === READ || mode === READONE || mode === READMANY) ){ - authorizedField = true; + log.debug(`${resolver} authorizedFields: "${field}" is authorized for role: "this" and mode: "${mode}"`); + authorizedField = true; } // role: @authorize(admin: ["create", "read", "update"]) - if ( this.hasUserRole({role: 'admin', doc, user, mode}) && + // ---- ----- ------ ---- ------ + if ( this.hasUserRole({role: 'admin', doc, user, mode, printLog: false, resolver}) && (mode === CREATE || mode === READ || mode === READONE || mode === READMANY || mode === UPDATE) ){ - authorizedField = true; + log.debug(`${resolver} authorizedFields: "${field}" is authorized for role: "admin" and mode: "${mode}"`); + authorizedField = true; } } - // role: otherwise remove field from doc, + // ... Checking other fields if there... + + // otherwise remove field from doc, // because the user and mode is not authorize to access this field if ( !authorizedField && doc[field] ){ + log.debug(`${resolver} authorizedFields: "${field}" not authorized for user/role and mode: "${mode}", removed from document`); delete doc[field]; } }); @@ -195,123 +191,133 @@ export default class User { // returns only authorized documents and fields // generated by ... // @authorize() - authorized({doc, mode, user}){ - if (!user) throw new Error('authorized: user is empty'); + authorized({doc, mode, user, resolver}){ // if it is an array of documents, .... if (_.isArray(doc)){ // then filter for the authorized documents - let authorizedDocs = _.filter(doc, d => this.isAuthorized({doc: d, mode, user}) ); + let authorizedDocs = _.filter(doc, d => this.isAuthorized({doc: d, mode, user, resolver}) ); // provide only authorized fields authorizedDocs.forEach(d => { - d = this.authorizedFields({doc: d, mode, user}); + d = this.authorizedFields({doc: d, mode, user, resolver}); }); return authorizedDocs; // if it is a single document, check the authorization for it - } else if ( _.isObject(doc) && this.isAuthorized({doc, mode, user}) ) { + } else if ( _.isObject(doc) && this.isAuthorized({doc, mode, user, resolver}) ) { // return only authorized fields - const authorizedDoc = this.authorizedFields({doc, mode, user}); + const authorizedDoc = this.authorizedFields({doc, mode, user, resolver}); return authorizedDoc; + } // or return null, if no authorized document was found - } else { - console.log('authorized: no authorized doc found'); - return null; - } + log.debug(`${resolver} authorized: no authorized doc found`); + return null; } - async findOneById(id, user) { + async findOneById(id, _user) { + //console.log('findOneById _user', id, JSON.stringify(_user, null, 2)); const doc = await this.loader.load(id); - // const authorizedDoc = this.authorized({doc, mode: READONE, user}); - // return authorizedDoc; return doc; + // wanted to do the authorization here, but in the query, the user is false, in mutations and resolvers it is there, why? + // the following doesn't work, because the user is not there at this point of time for a reason I don't understand + // const authorizedDoc = this.authorized({doc: doc, mode: READONE, user: user}); + // return authorizedDoc; } - async all({ lastCreatedAt = 0, limit = 10, user }) { + async all({ lastCreatedAt = 0, limit = 10 }, _user) { + //console.log('findOneById _user', id, JSON.stringify(_user, null, 2)); const doc = await this.collection.find({ createdAt: { $gt: lastCreatedAt }, }).sort({ createdAt: 1 }).limit(limit).toArray(); + return doc; + // wanted to do the authorization here, but in the query, the user is false, in mutations and resolvers it is there, why? + // the following doesn't work, because the user is not there at this point of time for a reason I don't understand // const authorizedDocs = this.authorized({doc, mode: READMANY, user}); // return authorizedDocs; - return doc; } - tweets(user, { minLikes, lastCreatedAt = 0, limit = 10 }) { - return this.context.Tweet.collection.find({ + async tweets(user, { minLikes, lastCreatedAt = 0, limit = 10 }, _user) { + const doc = await this.context.Tweet.collection.find({ authorId: user._id, createdAt: { $gt: lastCreatedAt }, }).sort({ createdAt: 1 }).limit(limit).toArray(); + return doc; } - liked(user, { lastCreatedAt = 0, limit = 10 }) { - return this.context.Tweet.collection.find({ + async liked(user, { lastCreatedAt = 0, limit = 10 }, _user) { + const doc = await this.context.Tweet.collection.find({ _id: { $in: user.likedIds || [] }, createdAt: { $gt: lastCreatedAt }, }).sort({ createdAt: 1 }).limit(limit).toArray(); + return doc; } - following(user, { lastCreatedAt = 0, limit = 10 }) { - return this.context.User.collection.find({ + async following(user, { lastCreatedAt = 0, limit = 10 }, _user) { + const doc = await this.context.User.collection.find({ _id: { $in: user.followingIds || [] }, createdAt: { $gt: lastCreatedAt }, }).sort({ createdAt: 1 }).limit(limit).toArray(); + const authorizedDoc = this.authorized({doc, mode: READMANY, user: _user, resolver: 'following'}); + return authorizedDoc; } - followers(user, { lastCreatedAt = 0, limit = 10 }) { - return this.context.User.collection.find({ + async followers(user, { lastCreatedAt = 0, limit = 10 }, _user) { + const doc = await this.context.User.collection.find({ followingIds: user._id, createdAt: { $gt: lastCreatedAt }, }).sort({ createdAt: 1 }).limit(limit).toArray(); + const authorizedDoc = this.authorized({doc, mode: READMANY, user: _user, resolver: 'followers'}); + return authorizedDoc; } - createdBy(user) { - return this.context.User.findOneById(user.createdById); + async createdBy(user, _user) { + const doc = await this.context.User.findOneById(user.createdById, _user); + const authorizedDoc = this.authorized({doc, mode: READONE, user: _user, resolver: 'createdBy'}); + return authorizedDoc; } - updatedBy(user) { - return this.context.User.findOneById(user.updatedById); + async updatedBy(user, _user) { + const doc = await this.context.User.findOneById(user.updatedById, _user); + const authorizedDoc = this.authorized({doc, mode: READONE, user: _user, resolver: 'updatedBy'}); + return authorizedDoc; } - async insert(doc, user) { + async insert(doc, _user) { let docToInsert = Object.assign({}, doc, { createdAt: Date.now(), updatedAt: Date.now(), - createdById: (user && user._id) ? user._id : 'unknown', - updatedById: (user && user._id) ? user._id : 'unknown', + createdById: (_user && _user._id) ? _user._id : 'unknown', + updatedById: (_user && _user._id) ? _user._id : 'unknown', }); - docToInsert = this.authorizedFields({doc: docToInsert, mode: CREATE, user}); - const authorized = this.isAuthorized({doc: docToInsert, mode: CREATE, user}); + docToInsert = this.authorizedFields({doc: docToInsert, mode: CREATE, user: _user, resolver: 'insert'}); + const authorized = this.isAuthorized({doc: docToInsert, mode: CREATE, user: _user, resolver: 'insert'}); if (!authorized) throw new Error('User: mode: create not authorized'); const id = (await this.collection.insertOne(docToInsert)).insertedId; - this.pubsub.publish('userInserted', await this.findOneById(id)); + this.pubsub.publish('userInserted', await this.findOneById(id, _user)); return id; } - async updateById(id, doc, user) { + async updateById(id, doc, _user) { const foundDoc = await this.findOneById(id); - console.log('foundDoc', JSON.stringify(foundDoc, null, 2)); - - const authorized = this.isAuthorized({doc: foundDoc, mode: UPDATE, user}); + const authorized = this.isAuthorized({doc: foundDoc, mode: UPDATE, user: _user, resolver: 'updateById'}); if (!authorized) throw new Error('User: mode: update not authorized'); - const updatedDoc = this.authorizedFields({doc, mode: UPDATE, user}); - console.log('updatedDoc', JSON.stringify(updatedDoc, null, 2)); - + const updatedDoc = this.authorizedFields({doc, mode: UPDATE, user: _user, resolver: 'updateById'}); const ret = await this.collection.update({ _id: id }, { $set: Object.assign({}, updatedDoc, { updatedAt: Date.now(), - updatedById: (user && user._id) ? user._id : 'unknown', + updatedById: (_user && _user._id) ? _user._id : 'unknown', }), }); this.loader.clear(id); - this.pubsub.publish('userUpdated', await this.findOneById(id)); + this.pubsub.publish('userUpdated', await this.findOneById(id, _user)); return ret; } - async removeById(id, user) { - const doc = await this.findOneById(id); - const authorized = this.isAuthorized({doc, mode: DELETE, user}); + async removeById(id, _user) { + const doc = await this.findOneById(id, _user); + const authorized = this.isAuthorized({doc, mode: DELETE, user: _user, resolver: 'removeById'}); if (!authorized) throw new Error('User: mode: delete not authorized'); const ret = this.collection.remove({ _id: id }); diff --git a/test/output-app/model/constants.js b/test/output-app/model/constants.js index ac7a58d..1103426 100644 --- a/test/output-app/model/constants.js +++ b/test/output-app/model/constants.js @@ -7,4 +7,4 @@ export const UPDATE = 'update'; export const DELETE = 'delete'; // debug to switch on additional logs -export const DEBUG = true; +export const DEBUG = false; diff --git a/test/output-app/package.json b/test/output-app/package.json index b5438f1..5eb5f10 100644 --- a/test/output-app/package.json +++ b/test/output-app/package.json @@ -47,9 +47,11 @@ "lodash": "4.16.4", "mongo-find-by-ids": "^1.0.0", "mongodb": "^2.2.11", + "morgan": "^1.8.2", "nodeify": "^1.0.1", "passport": "^0.3.2", "passport-jwt": "^2.2.1", - "subscriptions-transport-ws": "0.2.6" + "subscriptions-transport-ws": "0.2.6", + "winston": "^2.3.1" } } diff --git a/test/output-app/resolvers/Tweet.js b/test/output-app/resolvers/Tweet.js index 118661e..2938e39 100644 --- a/test/output-app/resolvers/Tweet.js +++ b/test/output-app/resolvers/Tweet.js @@ -1,7 +1,9 @@ +import log from '../server/logger'; import { CREATE, READ, READONE, READMANY, UPDATE, DELETE, DEBUG } from '../model/constants'; const resolvers = { Tweet: { + id(tweet) { return tweet._id; }, @@ -27,29 +29,29 @@ const resolvers = { }, }, Query: { - async tweets(root, { lastCreatedAt, limit }, { Tweet, user }) { + async tweets(root, { lastCreatedAt, limit }, { Tweet, _user }) { try { const doc = await Tweet.all({ lastCreatedAt, limit }); - return Tweet.authorized({doc, mode: 'readMany', user}); + return Tweet.authorized({doc, mode: 'readMany', user: _user}); } catch(error) { console.log('ERROR:', error.message); } }, - async tweet(root, { id }, { Tweet, user }) { + async tweet(root, { id }, { Tweet, _user }) { try { const doc = await Tweet.findOneById(id); - return Tweet.authorized({doc, mode: 'readOne', user}); + return Tweet.authorized({doc, mode: 'readOne', user: _user}); } catch(error) { console.log('ERROR:', error.message); } }, }, Mutation: { - async createTweet(root, { input }, { Tweet, user }) { + async createTweet(root, { input }, { Tweet, _user }) { try { - const doc = Tweet.addUserToDoc({doc: input, mode: 'create', user}); - const authorized = Tweet.isAuthorized({doc, mode: 'create', user}); + const doc = Tweet.addUserToDoc({doc: input, mode: 'create', user: _user}); + const authorized = Tweet.isAuthorized({doc, mode: 'create', user: _user}); if (!authorized) throw new Error('Tweet: mode: create not authorized'); const id = await Tweet.insert(input); return Tweet.findOneById(id); @@ -58,10 +60,10 @@ const resolvers = { } }, - async updateTweet(root, { id, input }, { Tweet, user }) { + async updateTweet(root, { id, input }, { Tweet, _user }) { try { const doc = await Tweet.findOneById(id); - const authorized = Tweet.isAuthorized({doc, mode: 'update', user}); + const authorized = Tweet.isAuthorized({doc, mode: 'update', user: _user}); if (!authorized) throw new Error('Tweet: mode: update not authorized'); await Tweet.updateById(id, input); return Tweet.findOneById(id); @@ -70,10 +72,10 @@ const resolvers = { } }, - async removeTweet(root, { id }, { Tweet, user }) { + async removeTweet(root, { id }, { Tweet, _user }) { try { const doc = await Tweet.findOneById(id); - const authorized = Tweet.isAuthorized({doc, mode: 'delete', user}); + const authorized = Tweet.isAuthorized({doc, mode: 'delete', user: _user}); if (!authorized) throw new Error('Tweet: mode: delete not authorized'); return Tweet.removeById(id); } catch(error) { diff --git a/test/output-app/resolvers/User.js b/test/output-app/resolvers/User.js index a9801b9..9ad3f61 100644 --- a/test/output-app/resolvers/User.js +++ b/test/output-app/resolvers/User.js @@ -1,91 +1,101 @@ +import log from '../server/logger'; import { CREATE, READ, READONE, READMANY, UPDATE, DELETE, DEBUG } from '../model/constants'; const resolvers = { User: { + id(user) { return user._id; }, - createdBy(user, args, { User }) { - //return User.createdBy(user); - const doc = User.createdBy(user); - return User.authorized({doc, mode: READONE, user}); + async createdBy(user, args, { User, _user }) { + const doc = await User.createdBy(user, _user); + return doc; }, - updatedBy(user, args, { User }) { - //return User.updatedBy(user); - const doc = User.updatedBy(user); - return User.authorized({doc, mode: READONE, user}); + async updatedBy(user, args, { User, _user }) { + const doc = await User.updatedBy(user, _user); + return doc; }, - tweets(user, { minLikes, lastCreatedAt, limit }, { User }) { + async tweets(user, { minLikes, lastCreatedAt, limit }, { User, _user }) { return User.tweets(user, { minLikes, lastCreatedAt, limit }); // const doc = User.tweets(user, { minLikes, lastCreatedAt, limit }); // return Tweet.authorized({doc, mode: READMANY, user}); }, - liked(user, { lastCreatedAt, limit }, { User, Tweet }) { + async liked(user, { lastCreatedAt, limit }, { User, Tweet, _user }) { return User.liked(user, { lastCreatedAt, limit }); // const doc = User.liked(user, { lastCreatedAt, limit }); // return Tweet.authorized({doc, mode: READMANY, user}); }, - following(user, { lastCreatedAt, limit }, { User }) { - return User.following(user, { lastCreatedAt, limit }); - // const doc = User.following(user, { lastCreatedAt, limit }); - // return User.authorized({doc, mode: READMANY, user}); + async following(user, { lastCreatedAt, limit }, { User, _user }) { + const doc = await User.following(user, { lastCreatedAt, limit }, _user); + return doc; }, - followers(user, { lastCreatedAt, limit }, { User }) { - return User.followers(user, { lastCreatedAt, limit }); - // const doc = User.followers(user, { lastCreatedAt, limit }); - // return User.authorized({doc, mode: READMANY, user}); + async followers(user, { lastCreatedAt, limit }, { User, _user }) { + const doc = await User.followers(user, { lastCreatedAt, limit }, _user); + return doc; }, }, Query: { - async users(root, { lastCreatedAt, limit }, { User, user }) { + async users(root, { lastCreatedAt, limit }, { User, _user }) { try { - const doc = await User.all({ lastCreatedAt, limit, user }); - return User.authorized({doc, mode: READMANY, user}); + log.debug('---------------------'); + log.debug('User resolver "users"'); + const doc = await User.all({ lastCreatedAt, limit }, _user); + // for any reason I don't understand the authorization has to remain here in Query + return User.authorized({doc, mode: READMANY, user: _user, resolver: 'users'}); } catch(error) { console.log('ERROR:', error.message); } }, - async user(root, { id }, { User, user }) { + async user(root, { id }, { User, _user }) { try { - console.log('user', JSON.stringify(user, null, 2)); - const doc = await User.findOneById(id, user); - return User.authorized({doc, mode: READONE, user}); + log.debug('--------------------'); + log.debug('User resolver "user"'); + const doc = await User.findOneById(id, _user); + // for any reason I don't understand the authorization has to remain here in Query + return User.authorized({doc, mode: READONE, user: _user, resolver: 'user'}); } catch(error) { console.log('ERROR:', error.message); } }, }, Mutation: { - async createUser(root, { input }, { User, user }) { + async createUser(root, { input }, { User, _user }) { try { - const id = await User.insert(input, user); - const doc = await User.findOneById(id, user); - return User.authorized({doc, mode: READONE, user}); + log.debug('--------------------------'); + log.debug('User resolver "createUser"'); + const id = await User.insert(input, _user); + const doc = await User.findOneById(id, _user); + return User.authorized({doc, mode: READONE, user: _user, resolver: 'createUser'}); } catch(error) { console.log('ERROR:', error.message); } }, - async updateUser(root, { id, input }, { User, user }) { + async updateUser(root, { id, input }, { User, _user }) { try { - await User.updateById(id, input, user); - const doc = await User.findOneById(id, user); - return User.authorized({doc, mode: READONE, user}); + log.debug('--------------------------'); + log.debug('User resolver "updateUser"'); + await User.updateById(id, input, _user); + const doc = await User.findOneById(id, _user); + return User.authorized({doc, mode: READONE, user: _user, resolver: 'updateUser'}); } catch(error) { console.log('ERROR:', error.message); } }, - async removeUser(root, { id }, { User, user }) { + async removeUser(root, { id }, { User, _user }) { try { - return User.removeById(id, user); + log.debug('--------------------------'); + log.debug('User resolver "removeUser"'); + const response = await User.removeById(id, _user); + return response; } catch(error) { console.log('ERROR:', error.message); } diff --git a/test/output-app/schema/Tweet.graphql b/test/output-app/schema/Tweet.graphql index 5a32ff7..2be1380 100644 --- a/test/output-app/schema/Tweet.graphql +++ b/test/output-app/schema/Tweet.graphql @@ -5,7 +5,7 @@ type Tweet { body: String! likers(lastCreatedAt: Float, limit: Int): [User!] createdAt: Float! - createdBy: User! + createdBy: User updatedAt: Float! updatedBy: User } diff --git a/test/output-app/schema/User.graphql b/test/output-app/schema/User.graphql index 590fb8f..61d6fa3 100644 --- a/test/output-app/schema/User.graphql +++ b/test/output-app/schema/User.graphql @@ -9,7 +9,7 @@ type User { following(lastCreatedAt: Float, limit: Int): [User!] followers(lastCreatedAt: Float, limit: Int): [User!] createdAt: Float! - createdBy: User! + createdBy: User updatedAt: Float! updatedBy: User } @@ -27,7 +27,7 @@ input CreateUserInput { } input UpdateUserInput { - username: String! + username: String role: String bio: String notify: Boolean diff --git a/test/output-app/server/index.js b/test/output-app/server/index.js index 38eec4c..2a0e52c 100644 --- a/test/output-app/server/index.js +++ b/test/output-app/server/index.js @@ -7,6 +7,8 @@ import { makeExecutableSchema } from 'graphql-tools'; import { MongoClient } from 'mongodb'; import cors from 'cors'; import passport from 'passport'; +import morgan from 'morgan'; +import log, { stream } from './logger'; import typeDefs from '../schema'; import resolvers from '../resolvers'; @@ -26,11 +28,14 @@ const { async function startServer() { + log.info('Logger started'); + const db = await MongoClient.connect(MONGO_URL); const app = express().use('*', cors()); app.use(bodyParser.urlencoded({ extended: true })); app.use(bodyParser.json()); + app.use(morgan("dev", { "stream": stream })); app.use((req, res, next) => { req.context = addModelsToContext({ db, pubsub }); @@ -40,7 +45,7 @@ async function startServer() { authenticate(app); app.use('/graphql', (req, res, next) => { - passport.authenticate('jwt', { session: false }, (err, user) => { + passport.authenticate('jwt', { session: false }, (err, _user) => { graphqlExpress(() => { // Get the query, the same way express-graphql does it // https://github.com/graphql/express-graphql/blob/3fa6e68582d6d933d37fa9e841da5d2aa39261cd/src/index.js#L257 @@ -52,7 +57,7 @@ async function startServer() { } return { schema, - context: Object.assign({ user }, req.context), + context: Object.assign({ _user }, req.context), debug: true, formatError(e) { console.log(e) }, }; diff --git a/test/output-app/server/logger.js b/test/output-app/server/logger.js new file mode 100644 index 0000000..5c9ced8 --- /dev/null +++ b/test/output-app/server/logger.js @@ -0,0 +1,37 @@ +import winston from 'winston'; + +winston.emitErrs = true; + +const logger = new winston.Logger({ + transports: [ + + new winston.transports.File({ + level: 'info', + filename: './server/logs/all-logs.log', + handleExceptions: true, + json: true, + maxsize: 5242880, //5MB + maxFiles: 5, + colorize: false + }), + + new winston.transports.Console({ + level: 'debug', + handleExceptions: true, + json: false, + colorize: true + }) + + ], + + exitOnError: false + +}); + +export default logger; + +export const stream = { + write: function(message, encoding) { + logger.info(message); + } +}; diff --git a/test/output-app/yarn.lock b/test/output-app/yarn.lock index ce8e5db..0d4ce4c 100644 --- a/test/output-app/yarn.lock +++ b/test/output-app/yarn.lock @@ -171,6 +171,10 @@ async@2.0.1: dependencies: lodash "^4.8.0" +async@~1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/async/-/async-1.0.0.tgz#f8fc04ca3a13784ade9e1641af98578cfbd647a9" + asynckit@^0.4.0: version "0.4.0" resolved "https://registry.yarnpkg.com/asynckit/-/asynckit-0.4.0.tgz#c79ed97f7f34cb8f2ba1bc9790bcc366474b4b79" @@ -849,6 +853,10 @@ base64url@2.0.0, base64url@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/base64url/-/base64url-2.0.0.tgz#eac16e03ea1438eff9423d69baa36262ed1f70bb" +basic-auth@~1.1.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/basic-auth/-/basic-auth-1.1.0.tgz#45221ee429f7ee1e5035be3f51533f1cdfd29884" + bcrypt-pbkdf@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.0.tgz#3ca76b85241c7170bf7d9703e7b9aa74630040d4" @@ -1087,6 +1095,10 @@ code-point-at@^1.0.0: version "1.1.0" resolved "https://registry.yarnpkg.com/code-point-at/-/code-point-at-1.1.0.tgz#0d070b4d043a5bea33a2f1a40e2edb3d9a4ccf77" +colors@1.0.x: + version "1.0.3" + resolved "https://registry.yarnpkg.com/colors/-/colors-1.0.3.tgz#0433f44d809680fdeb60ed260f1b0c262e82a40b" + combined-stream@^1.0.5, combined-stream@~1.0.5: version "1.0.5" resolved "https://registry.yarnpkg.com/combined-stream/-/combined-stream-1.0.5.tgz#938370a57b4a51dea2c77c15d5c5fdf895164009" @@ -1188,6 +1200,10 @@ currently-unhandled@^0.4.1: dependencies: array-find-index "^1.0.1" +cycle@1.0.x: + version "1.0.3" + resolved "https://registry.yarnpkg.com/cycle/-/cycle-1.0.3.tgz#21e80b2be8580f98b468f379430662b046c34ad2" + d@^0.1.1, d@~0.1.1: version "0.1.1" resolved "https://registry.yarnpkg.com/d/-/d-0.1.1.tgz#da184c535d18d8ee7ba2aa229b914009fae11309" @@ -1214,6 +1230,12 @@ debug@2, debug@2.2.0, debug@^2.1.1, debug@^2.2.0, debug@~2.2.0: dependencies: ms "0.7.1" +debug@2.6.8: + version "2.6.8" + resolved "https://registry.yarnpkg.com/debug/-/debug-2.6.8.tgz#e731531ca2ede27d188222427da17821d68ff4fc" + dependencies: + ms "2.0.0" + decamelize@^1.1.1, decamelize@^1.1.2: version "1.2.0" resolved "https://registry.yarnpkg.com/decamelize/-/decamelize-1.2.0.tgz#f6534d15148269b20352e7bee26f501f9a191290" @@ -1728,6 +1750,10 @@ extsprintf@1.0.2: version "1.0.2" resolved "https://registry.yarnpkg.com/extsprintf/-/extsprintf-1.0.2.tgz#e1080e0658e300b06294990cc70e1502235fd550" +eyes@0.1.x: + version "0.1.8" + resolved "https://registry.yarnpkg.com/eyes/-/eyes-0.1.8.tgz#62cf120234c683785d902348a800ef3e0cc20bc0" + fast-levenshtein@~2.0.4: version "2.0.5" resolved "https://registry.yarnpkg.com/fast-levenshtein/-/fast-levenshtein-2.0.5.tgz#bd33145744519ab1c36c3ee9f31f08e9079b67f2" @@ -2442,7 +2468,7 @@ isobject@^2.0.0: dependencies: isarray "1.0.0" -isstream@~0.1.2: +isstream@0.1.x, isstream@~0.1.2: version "0.1.2" resolved "https://registry.yarnpkg.com/isstream/-/isstream-0.1.2.tgz#47e63f7af55afa6f92e1500e690eb8b8529c099a" @@ -2885,10 +2911,24 @@ mongodb@^2.2.11: mongodb-core "2.1.0" readable-stream "2.1.5" +morgan@^1.8.2: + version "1.8.2" + resolved "https://registry.yarnpkg.com/morgan/-/morgan-1.8.2.tgz#784ac7734e4a453a9c6e6e8680a9329275c8b687" + dependencies: + basic-auth "~1.1.0" + debug "2.6.8" + depd "~1.1.0" + on-finished "~2.3.0" + on-headers "~1.0.1" + ms@0.7.1, ms@^0.7.1: version "0.7.1" resolved "https://registry.yarnpkg.com/ms/-/ms-0.7.1.tgz#9cd13c03adbff25b65effde7ce864ee952017098" +ms@2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/ms/-/ms-2.0.0.tgz#5608aeadfc00be6c2901df5f9861788de0d597c8" + mute-stream@0.0.5: version "0.0.5" resolved "https://registry.yarnpkg.com/mute-stream/-/mute-stream-0.0.5.tgz#8fbfabb0a98a253d3184331f9e8deb7372fac6c0" @@ -3687,6 +3727,10 @@ sshpk@^1.7.0: jsbn "~0.1.0" tweetnacl "~0.14.0" +stack-trace@0.0.x: + version "0.0.10" + resolved "https://registry.yarnpkg.com/stack-trace/-/stack-trace-0.0.10.tgz#547c70b347e8d32b4e108ea1a2a159e5fdde19c0" + stat-mode@^0.2.0: version "0.2.2" resolved "https://registry.yarnpkg.com/stat-mode/-/stat-mode-0.2.2.tgz#e6c80b623123d7d80cf132ce538f346289072502" @@ -4125,6 +4169,17 @@ window-size@^0.1.4: version "0.1.4" resolved "https://registry.yarnpkg.com/window-size/-/window-size-0.1.4.tgz#f8e1aa1ee5a53ec5bf151ffa09742a6ad7697876" +winston@^2.3.1: + version "2.3.1" + resolved "https://registry.yarnpkg.com/winston/-/winston-2.3.1.tgz#0b48420d978c01804cf0230b648861598225a119" + dependencies: + async "~1.0.0" + colors "1.0.x" + cycle "1.0.x" + eyes "0.1.x" + isstream "0.1.x" + stack-trace "0.0.x" + wordwrap@~1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/wordwrap/-/wordwrap-1.0.0.tgz#27584810891456a4171c8d0226441ade90cbcaeb" diff --git a/test/seeds/Tweet.json b/test/seeds/Tweet.json index 2934241..50bc59c 100644 --- a/test/seeds/Tweet.json +++ b/test/seeds/Tweet.json @@ -1,6 +1,6 @@ -{"_id":{"$oid":"583676d3618530145474e352"},"authorId":{"$oid":"583291a1638566b3c5a92ca1"},"coauthorsIds":[],"body":"We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:","createdAt":1.479964371334e+12,"updatedAt":1.479964371334e+12, "createdById":{"$oid":"583291a1638566b3c5a92ca1"}} -{"_id":{"$oid":"583676d3618530145474e355"},"authorId":{"$oid":"583291a1638566b3c5a92ca2"},"coauthorsIds":[{"$oid":"583291a1638566b3c5a92ca1"}],"body":"Where have I heard this before","createdAt":1.479964438372e+12,"updatedAt":1.479964438372e+12, "createdById":{"$oid":"583291a1638566b3c5a92ca1"}} -{"_id":{"$oid":"583676d3618530145474e351"},"authorId":{"$oid":"583291a1638566b3c5a92ca0"},"coauthorsIds":[{"$oid":"583291a1638566b3c5a92ca2"},{"$oid":"583291a1638566b3c5a92ca1"}],"body":"Good times bringing Apollo Optics to Rails over the last few months with @tmeasday @chollier @cjoudrey @rmosolgo and others!","createdAt":1.479964352544e+12,"updatedAt":1.479964352544e+12, "createdById":{"$oid":"583291a1638566b3c5a92ca1"}} -{"_id":{"$oid":"583676d3618530145474e354"},"authorId":{"$oid":"583291a1638566b3c5a92ca2"},"coauthorsIds":[{"$oid":"583291a1638566b3c5a92ca0"},{"$oid":"583291a1638566b3c5a92ca1"}],"body":"It will stop being insane. It will just be normal. TV changed presidential politics, now it's social media's turn.","createdAt":1.479964423351e+12,"updatedAt":1.479964423351e+12, "createdById":{"$oid":"583291a1638566b3c5a92ca1"}} -{"_id":{"$oid":"583676d3618530145474e353"},"authorId":{"$oid":"583291a1638566b3c5a92ca1"},"coauthorsIds":[{"$oid":"583291a1638566b3c5a92ca2"},{"$oid":"583291a1638566b3c5a92ca0"}],"body":"Help improve @apollographql integration with #redux dev tools:","createdAt":1.479964386822e+12,"updatedAt":1.479964386822e+12, "createdById":{"$oid":"583291a1638566b3c5a92ca1"}} -{"_id":{"$oid":"583676d3618530145474e350"},"authorId":{"$oid":"583291a1638566b3c5a92ca0"},"coauthorsIds":[{"$oid":"583291a1638566b3c5a92ca1"},{"$oid":"583291a1638566b3c5a92ca2"}],"body":"A #graphql-first development workflow based on real world lessons, from @danimman \u0026 @stubailo:","createdAt":1.479964340853e+12,"updatedAt":1.479964340853e+12, "createdById":{"$oid":"583291a1638566b3c5a92ca1"}} +{"_id":{"$oid":"583676d3618530145474e352"},"authorId":{"$oid":"583291a1638566b3c5a92ca1"},"coauthorsIds":[],"body":"We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:","createdAt":1.479964371334e+12,"updatedAt":1.479964371334e+12, "createdById":{"$oid":"583291a1638566b3c5a92ca1"}, "updatedById":{"$oid":"583291a1638566b3c5a92ca1"}} +{"_id":{"$oid":"583676d3618530145474e355"},"authorId":{"$oid":"583291a1638566b3c5a92ca2"},"coauthorsIds":[{"$oid":"583291a1638566b3c5a92ca1"}],"body":"Where have I heard this before","createdAt":1.479964438372e+12,"updatedAt":1.479964438372e+12, "createdById":{"$oid":"583291a1638566b3c5a92ca1"}, "updatedById":{"$oid":"583291a1638566b3c5a92ca1"}} +{"_id":{"$oid":"583676d3618530145474e351"},"authorId":{"$oid":"583291a1638566b3c5a92ca0"},"coauthorsIds":[{"$oid":"583291a1638566b3c5a92ca2"},{"$oid":"583291a1638566b3c5a92ca1"}],"body":"Good times bringing Apollo Optics to Rails over the last few months with @tmeasday @chollier @cjoudrey @rmosolgo and others!","createdAt":1.479964352544e+12,"updatedAt":1.479964352544e+12, "createdById":{"$oid":"583291a1638566b3c5a92ca1"}, "updatedById":{"$oid":"583291a1638566b3c5a92ca1"}} +{"_id":{"$oid":"583676d3618530145474e354"},"authorId":{"$oid":"583291a1638566b3c5a92ca2"},"coauthorsIds":[{"$oid":"583291a1638566b3c5a92ca0"},{"$oid":"583291a1638566b3c5a92ca1"}],"body":"It will stop being insane. It will just be normal. TV changed presidential politics, now it's social media's turn.","createdAt":1.479964423351e+12,"updatedAt":1.479964423351e+12, "createdById":{"$oid":"583291a1638566b3c5a92ca1"}, "updatedById":{"$oid":"583291a1638566b3c5a92ca1"}} +{"_id":{"$oid":"583676d3618530145474e353"},"authorId":{"$oid":"583291a1638566b3c5a92ca1"},"coauthorsIds":[{"$oid":"583291a1638566b3c5a92ca2"},{"$oid":"583291a1638566b3c5a92ca0"}],"body":"Help improve @apollographql integration with #redux dev tools:","createdAt":1.479964386822e+12,"updatedAt":1.479964386822e+12, "createdById":{"$oid":"583291a1638566b3c5a92ca1"}, "updatedById":{"$oid":"583291a1638566b3c5a92ca1"}} +{"_id":{"$oid":"583676d3618530145474e350"},"authorId":{"$oid":"583291a1638566b3c5a92ca0"},"coauthorsIds":[{"$oid":"583291a1638566b3c5a92ca1"},{"$oid":"583291a1638566b3c5a92ca2"}],"body":"A #graphql-first development workflow based on real world lessons, from @danimman \u0026 @stubailo:","createdAt":1.479964340853e+12,"updatedAt":1.479964340853e+12, "createdById":{"$oid":"583291a1638566b3c5a92ca1"}, "updatedById":{"$oid":"583291a1638566b3c5a92ca1"}} diff --git a/test/seeds/User.json b/test/seeds/User.json index 64a0b91..8c15dad 100644 --- a/test/seeds/User.json +++ b/test/seeds/User.json @@ -1,3 +1,3 @@ -{"_id":{"$oid":"583291a1638566b3c5a92ca1"},"bio":"tech lead @meteorjs @apollographql","createdAt":1.479776905993e+12,"followingIds":[{"$oid":"583291a1638566b3c5a92ca0"}],"likedIds":[{"$oid":"583676d3618530145474e350"},{"$oid":"583676d3618530145474e351"}],"updatedAt":1.479776905993e+12,"username":"stubailo", "role":"admin", "createdById":{"$oid":"583291a1638566b3c5a92ca1"}} -{"_id":{"$oid":"583291a1638566b3c5a92ca0"},"bio":"I build things with @percolatestudio. Author of @discovermeteor. Exploring how to improve user experience through technology, design and performance.","createdAt":1.479776904993e+12,"followingIds":[{"$oid":"583291a1638566b3c5a92ca1"},{"$oid":"583291a1638566b3c5a92ca2"}],"likedIds":[{"$oid":"583676d3618530145474e352"},{"$oid":"583676d3618530145474e353"},{"$oid":"583676d3618530145474e354"}],"updatedAt":1.479776904993e+12,"username":"tmeasday", "role": "editor", "hash":"$2a$10$SeepHv0X3GZfSzl0uqlXmucLsP2VjdI.nuA0UJnmOtEecLSx.RiWe", "createdById":{"$oid":"583291a1638566b3c5a92ca1"}} -{"_id":{"$oid":"583291a1638566b3c5a92ca2"},"bio":"Co-founder of Parse, now at Facebook. Ex Google search quality, game developer \u0026 math contester.","createdAt":1.479776906993e+12,"followingIds":[{"$oid":"583291a1638566b3c5a92ca1"}],"likedIds":[{"$oid":"583676d3618530145474e350"},{"$oid":"583676d3618530145474e353"}],"updatedAt":1.479776906993e+12,"username":"lacker", "role": "user", "createdById":{"$oid":"583291a1638566b3c5a92ca1"}} +{"_id":{"$oid":"583291a1638566b3c5a92ca1"},"bio":"tech lead @meteorjs @apollographql","createdAt":1.479776905993e+12,"followingIds":[{"$oid":"583291a1638566b3c5a92ca0"}],"likedIds":[{"$oid":"583676d3618530145474e350"},{"$oid":"583676d3618530145474e351"}],"updatedAt":1.479776905993e+12,"username":"stubailo", "role":"admin", "createdById":{"$oid":"583291a1638566b3c5a92ca1"}, "updatedById":{"$oid":"583291a1638566b3c5a92ca1"}} +{"_id":{"$oid":"583291a1638566b3c5a92ca0"},"bio":"I build things with @percolatestudio. Author of @discovermeteor. Exploring how to improve user experience through technology, design and performance.","createdAt":1.479776904993e+12,"followingIds":[{"$oid":"583291a1638566b3c5a92ca1"},{"$oid":"583291a1638566b3c5a92ca2"}],"likedIds":[{"$oid":"583676d3618530145474e352"},{"$oid":"583676d3618530145474e353"},{"$oid":"583676d3618530145474e354"}],"updatedAt":1.479776904993e+12,"username":"tmeasday", "role": "editor", "hash":"$2a$10$SeepHv0X3GZfSzl0uqlXmucLsP2VjdI.nuA0UJnmOtEecLSx.RiWe", "createdById":{"$oid":"583291a1638566b3c5a92ca1"}, "updatedById":{"$oid":"583291a1638566b3c5a92ca1"}} +{"_id":{"$oid":"583291a1638566b3c5a92ca2"},"bio":"Co-founder of Parse, now at Facebook. Ex Google search quality, game developer \u0026 math contester.","createdAt":1.479776906993e+12,"followingIds":[{"$oid":"583291a1638566b3c5a92ca1"}],"likedIds":[{"$oid":"583676d3618530145474e350"},{"$oid":"583676d3618530145474e353"}],"updatedAt":1.479776906993e+12,"username":"lacker", "role": "user", "createdById":{"$oid":"583291a1638566b3c5a92ca1"}, "updatedById":{"$oid":"583291a1638566b3c5a92ca1"}} From 95bc453434c958f5df47d892c69581b2484478b8 Mon Sep 17 00:00:00 2001 From: Tobias Klemmer Date: Sun, 4 Jun 2017 16:51:11 +0200 Subject: [PATCH 07/69] v0.1 --- .../test-4-mutations-with-unknown-user.js | 7 +- .../test-5-mutations-with-user-role-user.js | 7 +- .../test-6-mutations-with-user-role-editor.js | 7 +- test/output-app/model/Tweet.js | 386 ++++++++++-------- test/output-app/model/User.js | 8 +- test/output-app/resolvers/Tweet.js | 67 +-- test/output-app/resolvers/User.js | 12 +- 7 files changed, 279 insertions(+), 215 deletions(-) diff --git a/test/output-app-end-to-end/test-4-mutations-with-unknown-user.js b/test/output-app-end-to-end/test-4-mutations-with-unknown-user.js index 3ed7eab..18da560 100644 --- a/test/output-app-end-to-end/test-4-mutations-with-unknown-user.js +++ b/test/output-app-end-to-end/test-4-mutations-with-unknown-user.js @@ -103,6 +103,11 @@ describe('test-4: unkown user (e.g. not signed in, or expired token)', () => { body: 'We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:', }; + const expectedTweetOtherAuthorNoAuthor = { + author: null, + body: 'We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:', + }; + const modifiedTweet = { body: 'This is a modified test tweet', }; @@ -147,7 +152,7 @@ describe('test-4: unkown user (e.g. not signed in, or expired token)', () => { it('can read others tweet', () => { return sendQueryAndExpect( `{ tweet(id: "${tweetIdOthers}") { author { id } body } }`, - { tweet: expectedTweetOtherAuthor }, + { tweet: expectedTweetOtherAuthorNoAuthor }, unknownUser) }); diff --git a/test/output-app-end-to-end/test-5-mutations-with-user-role-user.js b/test/output-app-end-to-end/test-5-mutations-with-user-role-user.js index e496e05..0c16c90 100644 --- a/test/output-app-end-to-end/test-5-mutations-with-user-role-user.js +++ b/test/output-app-end-to-end/test-5-mutations-with-user-role-user.js @@ -193,6 +193,11 @@ describe('test-5: user with role "user"', () => { body: 'We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:', }; + const expectedTweetOtherAuthorNoAuthor = { + author: null, + body: 'We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:', + }; + const modifiedTweet = { body: 'This is a modified test tweet', }; @@ -244,7 +249,7 @@ describe('test-5: user with role "user"', () => { it('can read others tweet', () => { return sendQueryAndExpect( `{ tweet(id: "${tweetIdOthers}") { author { id } body } }`, - { tweet: expectedTweetOtherAuthor }, + { tweet: expectedTweetOtherAuthorNoAuthor }, newUser) }); diff --git a/test/output-app-end-to-end/test-6-mutations-with-user-role-editor.js b/test/output-app-end-to-end/test-6-mutations-with-user-role-editor.js index dfb43bb..b0fbe5b 100644 --- a/test/output-app-end-to-end/test-6-mutations-with-user-role-editor.js +++ b/test/output-app-end-to-end/test-6-mutations-with-user-role-editor.js @@ -193,6 +193,11 @@ describe('test-6: user with role "editor"', () => { body: 'We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:', }; + const expectedTweetOtherAuthorNoAuthor = { + author: null, + body: 'We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:', + }; + const modifiedTweet = { body: 'This is a modified test tweet', }; @@ -244,7 +249,7 @@ describe('test-6: user with role "editor"', () => { it('can read others tweet', () => { return sendQueryAndExpect( `{ tweet(id: "${tweetIdOthers}") { author { id } body } }`, - { tweet: expectedTweetOtherAuthor }, + { tweet: expectedTweetOtherAuthorNoAuthor }, newUser) }); diff --git a/test/output-app/model/Tweet.js b/test/output-app/model/Tweet.js index d96d709..56da25c 100644 --- a/test/output-app/model/Tweet.js +++ b/test/output-app/model/Tweet.js @@ -8,33 +8,33 @@ export default class Tweet { constructor(context) { /* this is generated from ... @authorize( + admin: ["read", "update", "delete"], author: ["create", "read", "update", "delete"], coauthors: ["read", "update"], - admin: ["read", "update", "delete"], world: ["read"] ) */ this.authorizations = { - author: { - create: true, + admin: { read: true, readOne: true, readMany: true, update: true, delete: true, }, - coauthors: { + author: { + create: true, read: true, readOne: true, readMany: true, update: true, + delete: true, }, - admin: { + coauthors: { read: true, readOne: true, readMany: true, update: true, - delete: true, }, world: { read: true, @@ -50,10 +50,24 @@ export default class Tweet { // returns true, if the user's role is of expected kind // this is generated whenever @authorize appears in the type definition - hasUserRole({role, doc, user, mode}){ + hasUserRole({role, doc, user, mode, printLog = true, resolver}){ let hasRole = false; switch (role) { - + // returns true, if signed in user has a role "admin" + // this is generated by... + // @authorize(admin: ["read", "update", "delete"]) + // ----- + // and if there is no @authRole("admin") user on any of the fields + // then it assumes a role definition + // and it checks against the role of the signed in user + case 'admin': + hasRole = ( + // valid signed in user id available + !!user && !!user._id && user._id.toString() !== '' && + // the current user has the correct role + this.context.User.role(user) === 'admin' + ); + break; // returns true, if the signed in user is an author // this is generated by... // author: User! @unmodifiable @belongsTo @authRole("author") @@ -68,7 +82,6 @@ export default class Tweet { doc.authorId.toString() === user._id.toString() ); break; - // returns true, if the signed in user is one of the coauthors // this is generated by... // coauthors: [User!] @belongsTo @authRole("coauthors") @@ -83,23 +96,6 @@ export default class Tweet { _.indexOf(doc.coauthorsIds, user._id.toString()) > -1 ); break; - - // returns true, if signed in user has a role "admin" - // this is generated by... - // @authorize(admin: ["read", "update", "delete"]) - // ----- - // and if there is no @authRole("admin") user on any of the fields - // then it assumes a role definition - // and it checks against the role of the signed in user - case 'admin': - hasRole = ( - // valid signed in user id available - !!user && !!user._id && user._id.toString() !== '' && - // the current user has the correct role - this.context.User.role(user) === 'admin' - ); - break; - // returns true, if user has a role "world" // this is generated by... // @authorize(world: ["read"]) @@ -110,219 +106,263 @@ export default class Tweet { case 'world': hasRole = true; break; - } - - (DEBUG) ? console.log( - '\n---------------------------------------------------------------------------------\n', - 'hasRole?','\n', - 'check if role =', role,'\n', - 'for user:', user.username, user.role, user._id, '\n', - 'doc:', JSON.stringify(doc, null, 2),'\n', - '==>', hasRole - ) - : null; - + if (printLog){ + log.debug(''); + log.debug(`${resolver} hasRole: "${role}" "${ + user.username ? user.username : '' + } ${ + user.role ? user.role : '' + } ${ + user._id ? user._id : '' + } doc: "${ + (doc && doc._id) ? doc._id.toString() : '' + }" author: "${ + (doc && doc.authorId) ? doc.authorId : '' + }" coauthors: "${ + (doc && doc.coauthorsIds && doc.coauthorsIds.length > 0) ? doc.coauthorsIds.toString() : '' + }" ==> "${hasRole}"`); + } return hasRole; } // returns true, if the user role is authorized for the current mode // this is generated whenever @authorize appears in the type definition - isRoleAuthorizedForMode({role, mode}){ - (DEBUG) ? - console.log( - 'isRoleAuthorizedForMode?', '\n', - 'role:', role, - 'mode:', mode, - '==>', this.authorizations[role][mode] ? true : false, - '\n---------------------------------------------------------------------------------\n', - ) - : null; + isRoleAuthorizedForMode({role, mode, resolver}){ + log.debug(`${resolver} isRoleAuthorizedForMode: "${role}" "${mode}" ==> "${this.authorizations[role][mode] ? true : false}"`); return this.authorizations[role][mode] ? true : false; } // returns true, if the current user is authorized for the current mode and document // this is generated, whenever @authorize appears... - isAuthorized({doc, mode, user}){ - // for authorization DEBUGging and logging reasons, do individual checks... + isAuthorized({doc, mode, user, resolver}){ + // generated by @authorize(admin: ...) + const adminAuthorized = this.hasUserRole({role: 'admin', doc, user, mode, printLog: true, resolver}) && + this.isRoleAuthorizedForMode({role: 'admin', mode, resolver}); + + // logging for debugging... + if (adminAuthorized){ + log.debug(`${resolver} isAuthorized: role: "${ + (user && user._id && this.context.User.role(user)) ? this.context.User.role(user) : '' + }" "${mode}" doc: "${ + (doc && doc._id) ? doc._id.toString() : '' + }" user: "${ + (user && user._id) ? user._id.toString() : '' + }" ===> "${adminAuthorized}"`); + + return adminAuthorized; + } // generated by @authorize(author: ...) - const authorAuthorized = this.hasUserRole({role: 'author', doc, user, mode}) && - this.isRoleAuthorizedForMode({role: 'author', mode}); - if (authorAuthorized && DEBUG) { - console.log( - 'Mode:', mode, - 'Tweet:', (doc && doc._id) ? doc._id.toString() : '', - 'User:', (user && user._id) ? user._id.toString() : '', - 'Author:', (doc && doc.authorId) ? doc.authorId.toString() : 'Error', - "===>", 'Authorized:', authorAuthorized - ); - } - - // generated by @authorize(coauthors: ...) - const coauthorsAuthorized = this.hasUserRole({role: 'coauthors', doc, user, mode}) && - this.isRoleAuthorizedForMode({role: 'coauthors', mode}); - if (coauthorsAuthorized && DEBUG) { - console.log( - 'Mode:', mode, - 'Tweet:', (doc && doc._id) ? doc._id.toString() : '', - 'User:', (user && user._id) ? user._id.toString() : '', - 'Coauthors:', (doc && doc.coauthorsIds) ? doc.coauthorsIds.toString() : 'Error', - "===>", 'Authorized:', coauthorsAuthorized - ); + const authorAuthorized = this.hasUserRole({role: 'author', doc, user, mode, printLog: true, resolver}) && + this.isRoleAuthorizedForMode({role: 'author', mode, resolver}); + + // logging for debugging... + if (authorAuthorized){ + log.debug(`${resolver} isAuthorized: role: "author" "${mode}" doc: "${ + (doc && doc._id) ? doc._id.toString() : '' + }" author: "${ + (doc && doc.authorId) ? doc.authorId : '' + }" user: "${ + (user && user._id) ? user._id.toString() : '' + }" ===> "${authorAuthorized}"`); + + return authorAuthorized; } - // generated by @authorize(admin: ...) - const adminAuthorized = this.hasUserRole({role: 'admin', doc, user, mode}) && - this.isRoleAuthorizedForMode({role: 'admin', mode}); - if (adminAuthorized && DEBUG){ - console.log( - 'Mode:', mode, - 'Tweet:', (doc && doc._id) ? doc._id.toString() : '', - 'User:', (user && user._id) ? user._id.toString() : '', - 'Role:', (user && user._id && this.context.User.role(user)) ? this.context.User.role(user) : 'Error', - "===>", 'Authorized:', adminAuthorized - ); + // generated by @authorize(coauthors: ...) + const coauthorsAuthorized = this.hasUserRole({role: 'coauthors', doc, user, mode, printLog: true, resolver}) && + this.isRoleAuthorizedForMode({role: 'coauthors', mode, resolver}); + + // logging for debugging... + if (coauthorsAuthorized){ + log.debug(`${resolver} isAuthorized: role: "coauthors" "${mode}" doc: "${ + (doc && doc._id) ? doc._id.toString() : '' + }" coauthors: "${ + (doc && doc.coauthorsIds && doc.coauthorsIds.length > 0) ? doc.coauthorsIds.toString() : '' + }" user: "${ + (user && user._id) ? user._id.toString() : '' + }" ===> "${coauthorsAuthorized}"`); + + return coauthorsAuthorized; } // generated by @authorize(world: ...) - const worldAuthorized = this.hasUserRole({role: 'world', doc, user, mode}) && - this.isRoleAuthorizedForMode({role: 'world', mode}); - if (worldAuthorized && DEBUG) { - console.log( - 'Mode:', mode, - 'Tweet:', (doc && doc._id) ? doc._id.toString() : '', - 'User:', (user && user._id) ? user._id.toString() : '', - 'Role:', 'world', - "===>", 'Authorized:', worldAuthorized - ); + const worldAuthorized = this.hasUserRole({role: 'world', doc, user, mode, printLog: true, resolver}) && + this.isRoleAuthorizedForMode({role: 'world', mode, resolver}); + + // logging for debugging... + if (worldAuthorized){ + log.debug(`${resolver} isAuthorized: role: "world" "${mode}" doc: "${ + (doc && doc._id) ? doc._id.toString() : '' + }" user: "${ + (user && user._id) ? user._id.toString() : '' + }" ===> "${worldAuthorized}"`); + + return worldAuthorized; } - // generated by @authorize(author: ..., coauthors: ..., admin: ..., world: ...) - const authResult = authorAuthorized || coauthorsAuthorized || adminAuthorized || worldAuthorized; - if (!authResult && DEBUG) { - console.log( - 'Mode:', mode, - 'Tweet:', (doc && doc._id) ? doc._id.toString() : '', - 'User:', (user && user._id) ? user._id.toString() : '', - "===>", 'Authorized:', authResult - ); - } + // logging for debugging... + log.debug(`${resolver} isAuthorized: role: "${ + (user && user._id && this.context.User.role(user)) ? this.context.User.role(user) : '' + }" "${mode}" doc: "${ + (doc && doc._id) ? doc._id.toString() : '' + }" author: "${ + (doc && doc.authorId) ? doc.authorId : '' + }" coauthors: "${ + (doc && doc.coauthorsIds && doc.coauthorsIds.length > 0) ? doc.coauthorsIds.toString() : '' + }" user: "${ + (user && user._id) ? user._id.toString() : '' + }" ===> "false"`); + + return false; + } - return authResult; + // returns document without role field + // generated by... + // role: String! @authRole("admin") @authorize(this: ["read"], admin: ["read", "update"]) + // ------- ------------------ + authorizedFields({doc, mode, user, resolver}){ + // array contains all fields, whose authorization is to be checked + // role: String! @authorize() + // ---- ------------ + const fields = []; + + // check authorization on field level now + fields.forEach(field => { + // default is: field is not authorized + let authorizedField = false; + + // ... Checking fields here... + + // otherwise remove field from doc, + // because the user and mode is not authorize to access this field + if ( !authorizedField && doc[field] ){ + log.debug(`${resolver} authorizedFields: "${field}" not authorized for user/role and mode: "${mode}", removed from document`); + delete doc[field]; + } + }); + + return doc; } - // returns only authorized documents - authorized({doc, mode, user}){ + // returns only authorized documents and fields + // generated by ... + // @authorize() + authorized({doc, mode, user, resolver}){ + // if it is an array of documents, .... if (_.isArray(doc)){ - return _.filter(doc, d => this.isAuthorized({doc: d, mode, user}) ); - } else if (_.isObject(doc) && this.isAuthorized({doc, mode, user})) { - return doc; - } else { - return null; + // then filter for the authorized documents + let authorizedDocs = _.filter(doc, d => this.isAuthorized({doc: d, mode, user, resolver}) ); + // provide only authorized fields + authorizedDocs.forEach(d => { + d = this.authorizedFields({doc: d, mode, user, resolver}); + }); + return authorizedDocs; + + // if it is a single document, check the authorization for it + } else if ( _.isObject(doc) && this.isAuthorized({doc, mode, user, resolver}) ) { + // return only authorized fields + const authorizedDoc = this.authorizedFields({doc, mode, user, resolver}); + return authorizedDoc; } + + // or return null, if no authorized document was found + log.debug(`${resolver} authorized: no authorized doc found`); + return null; } - async findOneById(id) { + async findOneById(id, _user) { const doc = await this.loader.load(id); return doc; } - async all({ lastCreatedAt = 0, limit = 10 }) { - const docs = await this.collection.find({ + async all({ lastCreatedAt = 0, limit = 10 }, _user) { + const doc = await this.collection.find({ createdAt: { $gt: lastCreatedAt }, }).sort({ createdAt: 1 }).limit(limit).toArray(); - return docs; + return doc; } - author(tweet) { - return this.context.User.findOneById(tweet.authorId); + async author(tweet, _user) { + const doc = await this.context.User.findOneById(tweet.authorId, _user); + const authorizedDoc = this.context.User.authorized({doc, mode: READONE, user: _user, resolver: 'author'}); + return authorizedDoc; } - createdBy(tweet) { - return this.context.User.findOneById(tweet.createdById); + async createdBy(tweet, _user) { + const doc = await this.context.User.findOneById(tweet.createdById, _user); + const authorizedDoc = this.context.User.authorized({doc, mode: READONE, user: _user, resolver: 'createdBy'}); + return authorizedDoc; } - updatedBy(tweet) { - return this.context.User.findOneById(tweet.updatedById); + async updatedBy(tweet, _user) { + const doc = await this.context.User.findOneById(tweet.updatedById, _user); + const authorizedDoc = this.context.User.authorized({doc, mode: READONE, user: _user, resolver: 'updatedBy'}); + return authorizedDoc; } - coauthors(tweet, { lastCreatedAt = 0, limit = 10 }) { - return this.context.User.collection.find({ + async coauthors(tweet, { lastCreatedAt = 0, limit = 10 }, _user) { + const doc = await this.context.User.collection.find({ _id: { $in: tweet.coauthorsIds }, createdAt: { $gt: lastCreatedAt }, }).sort({ createdAt: 1 }).limit(limit).toArray(); + const authorizedDoc = this.context.User.authorized({doc, mode: READMANY, user: _user, resolver: 'coauthors'}); + return authorizedDoc; } - likers(tweet, { lastCreatedAt = 0, limit = 10 }) { - return this.context.User.collection.find({ + async likers(tweet, { lastCreatedAt = 0, limit = 10 }, _user) { + const doc = await this.context.User.collection.find({ likedIds: tweet._id, createdAt: { $gt: lastCreatedAt }, }).sort({ createdAt: 1 }).limit(limit).toArray(); + const authorizedDoc = this.context.User.authorized({doc, mode: READMANY, user: _user, resolver: 'likers'}); + return authorizedDoc; } - // adding the current signed in user as a document owner - // the field of the document owner is identified - // by a field in the type definition, which contains an @authRole - addUserToDoc({doc, mode, user}){ - let enhancedDoc = Object.assign({}, doc); - - // generated by... - // author: User! @unmodifiable @belongsTo @authRole("author") - // ----- ------------------- - if (user && user._id){ - enhancedDoc = Object.assign({}, { authorId: user._id}, enhancedDoc); - } - - // generated by ... - // coauthors: [User!] @belongsTo @authRole("coauthors") - // ------- ---------------------- - // TODO: is this logically correct? - if (user && user._id){ - let coauthorsIds = enhancedDoc.coauthorsIds || []; - coauthorsIds = _.union(coauthorsIds, [user._id]); - enhancedDoc = Object.assign({}, { coauthorsIds: coauthorsIds}, enhancedDoc); - } - - // generated by... - // createdBy: User! @unmodifiable @belongsTo - // ----- ------------------- - if (mode === CREATE && user && user._id){ - enhancedDoc = Object.assign({}, { createdById: user._id}, enhancedDoc); - } - - // generated by... - // changedBy: User! @unmodifiable @belongsTo - // ----- ------------------- - if (mode === UPDATE && user && user._id){ - enhancedDoc = Object.assign({}, { updatedById: user._id}, enhancedDoc); - } - - return enhancedDoc; - } - - async insert(doc) { - const docToInsert = Object.assign({}, doc, { + async insert(doc, _user) { + // let coauthorsIds = doc.coauthorsIds || []; + // const enhancedDoc = Object.assign({ + // authorId: user._id, + // coauthorsIds: coauthorsIds, + // }); + let docToInsert = Object.assign({}, doc, { createdAt: Date.now(), updatedAt: Date.now(), + createdById: (_user && _user._id) ? _user._id : 'unknown', + updatedById: (_user && _user._id) ? _user._id : 'unknown', }); + docToInsert = this.authorizedFields({doc: docToInsert, mode: CREATE, user: _user, resolver: 'insert'}); + const authorized = this.isAuthorized({doc: docToInsert, mode: CREATE, user: _user, resolver: 'insert'}); + if (!authorized) throw new Error('Tweet: mode: create not authorized'); + const id = (await this.collection.insertOne(docToInsert)).insertedId; - this.pubsub.publish('tweetInserted', await this.findOneById(id)); + this.pubsub.publish('tweetInserted', await this.findOneById(id, _user)); return id; } - async updateById(id, doc) { + async updateById(id, doc, _user) { + const foundDoc = await this.findOneById(id); + const authorized = this.isAuthorized({doc: foundDoc, mode: UPDATE, user: _user, resolver: 'updateById'}); + if (!authorized) throw new Error('Tweet: mode: update not authorized'); + + const updatedDoc = this.authorizedFields({doc, mode: UPDATE, user: _user, resolver: 'updateById'}); const ret = await this.collection.update({ _id: id }, { - $set: Object.assign({}, doc, { + $set: Object.assign({}, updatedDoc, { updatedAt: Date.now(), + updatedById: (_user && _user._id) ? _user._id : 'unknown', }), }); this.loader.clear(id); - this.pubsub.publish('tweetUpdated', await this.findOneById(id)); + this.pubsub.publish('tweetUpdated', await this.findOneById(id, _user)); return ret; } - async removeById(id) { + async removeById(id, _user) { + const doc = await this.findOneById(id, _user); + const authorized = this.isAuthorized({doc, mode: DELETE, user: _user, resolver: 'removeById'}); + if (!authorized) throw new Error('Tweet: mode: delete not authorized'); + const ret = this.collection.remove({ _id: id }); this.loader.clear(id); this.pubsub.publish('tweetRemoved', id); diff --git a/test/output-app/model/User.js b/test/output-app/model/User.js index 7670ed6..acbecb0 100644 --- a/test/output-app/model/User.js +++ b/test/output-app/model/User.js @@ -175,7 +175,7 @@ export default class User { } } - // ... Checking other fields if there... + // ... Checking fields here... // otherwise remove field from doc, // because the user and mode is not authorize to access this field @@ -241,7 +241,8 @@ export default class User { authorId: user._id, createdAt: { $gt: lastCreatedAt }, }).sort({ createdAt: 1 }).limit(limit).toArray(); - return doc; + const authorizedDoc = this.context.Tweet.authorized({doc, mode: READMANY, user: _user, resolver: 'tweets'}); + return authorizedDoc; } async liked(user, { lastCreatedAt = 0, limit = 10 }, _user) { @@ -249,7 +250,8 @@ export default class User { _id: { $in: user.likedIds || [] }, createdAt: { $gt: lastCreatedAt }, }).sort({ createdAt: 1 }).limit(limit).toArray(); - return doc; + const authorizedDoc = this.context.Tweet.authorized({doc, mode: READMANY, user: _user, resolver: 'liked'}); + return authorizedDoc; } async following(user, { lastCreatedAt = 0, limit = 10 }, _user) { diff --git a/test/output-app/resolvers/Tweet.js b/test/output-app/resolvers/Tweet.js index 2938e39..0b62449 100644 --- a/test/output-app/resolvers/Tweet.js +++ b/test/output-app/resolvers/Tweet.js @@ -3,36 +3,43 @@ import { CREATE, READ, READONE, READMANY, UPDATE, DELETE, DEBUG } from '../model const resolvers = { Tweet: { - + id(tweet) { return tweet._id; }, - author(tweet, args, { Tweet }) { - return Tweet.author(tweet); + async author(tweet, args, { Tweet, _user }) { + const doc = await Tweet.author(tweet, _user); + return doc; }, - createdBy(tweet, args, { Tweet }) { - return Tweet.createdBy(tweet); + async createdBy(tweet, args, { Tweet, _user }) { + const doc = await Tweet.createdBy(tweet, _user); + return doc; }, - updatedBy(tweet, args, { Tweet }) { - return Tweet.updatedBy(tweet); + async updatedBy(tweet, args, { Tweet, _user }) { + const doc = await Tweet.updatedBy(tweet, _user); + return doc; }, - coauthors(tweet, { lastCreatedAt, limit }, { Tweet }) { - return Tweet.coauthors(tweet, { lastCreatedAt, limit }); + async coauthors(tweet, { lastCreatedAt, limit }, { Tweet, _user }) { + const doc = await Tweet.coauthors(tweet, { lastCreatedAt, limit }, _user); + return doc; }, - likers(tweet, { lastCreatedAt, limit }, { Tweet }) { - return Tweet.likers(tweet, { lastCreatedAt, limit }); + async likers(tweet, { lastCreatedAt, limit }, { Tweet, _user }) { + const doc = await Tweet.likers(tweet, { lastCreatedAt, limit }, _user); + return doc; }, }, Query: { async tweets(root, { lastCreatedAt, limit }, { Tweet, _user }) { try { - const doc = await Tweet.all({ lastCreatedAt, limit }); - return Tweet.authorized({doc, mode: 'readMany', user: _user}); + log.debug('---------------------'); + log.debug('Tweet resolver "tweets"'); + const doc = await Tweet.all({ lastCreatedAt, limit }, _user); + return Tweet.authorized({doc, mode: READMANY, user: _user, resolver: 'tweets'}); } catch(error) { console.log('ERROR:', error.message); } @@ -40,8 +47,10 @@ const resolvers = { async tweet(root, { id }, { Tweet, _user }) { try { - const doc = await Tweet.findOneById(id); - return Tweet.authorized({doc, mode: 'readOne', user: _user}); + log.debug('---------------------'); + log.debug('Tweet resolver "tweet"'); + const doc = await Tweet.findOneById(id, _user); + return Tweet.authorized({doc, mode: READONE, user: _user, resolver: 'tweet'}); } catch(error) { console.log('ERROR:', error.message); } @@ -50,11 +59,11 @@ const resolvers = { Mutation: { async createTweet(root, { input }, { Tweet, _user }) { try { - const doc = Tweet.addUserToDoc({doc: input, mode: 'create', user: _user}); - const authorized = Tweet.isAuthorized({doc, mode: 'create', user: _user}); - if (!authorized) throw new Error('Tweet: mode: create not authorized'); - const id = await Tweet.insert(input); - return Tweet.findOneById(id); + log.debug('---------------------------'); + log.debug('Tweet resolver "createTweet"'); + const id = await Tweet.insert(input, _user); + const doc = await Tweet.findOneById(id, _user); + return Tweet.authorized({doc, mode: READONE, user: _user, resolver: 'createTweet'}); } catch(error) { console.log('ERROR:', error.message); } @@ -62,11 +71,11 @@ const resolvers = { async updateTweet(root, { id, input }, { Tweet, _user }) { try { - const doc = await Tweet.findOneById(id); - const authorized = Tweet.isAuthorized({doc, mode: 'update', user: _user}); - if (!authorized) throw new Error('Tweet: mode: update not authorized'); - await Tweet.updateById(id, input); - return Tweet.findOneById(id); + log.debug('---------------------------'); + log.debug('Tweet resolver "updateTweet"'); + await Tweet.updateById(id, input, _user); + const doc = await Tweet.findOneById(id, _user); + return Tweet.authorized({doc, mode: READONE, user: _user, resolver: 'updateTweet'}); } catch(error) { console.log('ERROR:', error.message); } @@ -74,10 +83,10 @@ const resolvers = { async removeTweet(root, { id }, { Tweet, _user }) { try { - const doc = await Tweet.findOneById(id); - const authorized = Tweet.isAuthorized({doc, mode: 'delete', user: _user}); - if (!authorized) throw new Error('Tweet: mode: delete not authorized'); - return Tweet.removeById(id); + log.debug('---------------------------'); + log.debug('Tweet resolver "removeTweet"'); + const response = await Tweet.removeById(id, _user); + return response; } catch(error) { console.log('ERROR:', error.message); } diff --git a/test/output-app/resolvers/User.js b/test/output-app/resolvers/User.js index 9ad3f61..5ef1a0a 100644 --- a/test/output-app/resolvers/User.js +++ b/test/output-app/resolvers/User.js @@ -19,15 +19,13 @@ const resolvers = { }, async tweets(user, { minLikes, lastCreatedAt, limit }, { User, _user }) { - return User.tweets(user, { minLikes, lastCreatedAt, limit }); - // const doc = User.tweets(user, { minLikes, lastCreatedAt, limit }); - // return Tweet.authorized({doc, mode: READMANY, user}); + const doc = await User.tweets(user, { minLikes, lastCreatedAt, limit }, _user); + return doc; }, - async liked(user, { lastCreatedAt, limit }, { User, Tweet, _user }) { - return User.liked(user, { lastCreatedAt, limit }); - // const doc = User.liked(user, { lastCreatedAt, limit }); - // return Tweet.authorized({doc, mode: READMANY, user}); + async liked(user, { lastCreatedAt, limit }, { User, _user }) { + const doc = await User.liked(user, { lastCreatedAt, limit }, _user); + return doc; }, async following(user, { lastCreatedAt, limit }, { User, _user }) { From 392715dfc192ec4ed6608ec0f21902e66a71b522 Mon Sep 17 00:00:00 2001 From: Tobias Klemmer Date: Mon, 5 Jun 2017 00:39:25 +0200 Subject: [PATCH 08/69] cleanup resolvers --- test/output-app/.gitignore | 1 - test/output-app/index.js | 2 +- test/output-app/model/Tweet.js | 50 ++++++++++---------- test/output-app/model/User.js | 42 ++++++++--------- test/output-app/resolvers/Tweet.js | 66 +++++++------------------- test/output-app/resolvers/User.js | 75 ++++++++---------------------- 6 files changed, 83 insertions(+), 153 deletions(-) diff --git a/test/output-app/.gitignore b/test/output-app/.gitignore index c9d3b9d..5b29f10 100644 --- a/test/output-app/.gitignore +++ b/test/output-app/.gitignore @@ -2,4 +2,3 @@ node_modules /db /input server/logs/all-logs.log -server/logs/*.log diff --git a/test/output-app/index.js b/test/output-app/index.js index 0035126..449bd70 100644 --- a/test/output-app/index.js +++ b/test/output-app/index.js @@ -102,7 +102,7 @@ if (!MONGO_URL) { nodemon({ script: path.join('server', 'index.js'), ext: 'js graphql', - exec: 'babel-node', + exec: 'babel-node --inspect', }).on('restart', () => console.log('Restarting server due to file change\n')); diff --git a/test/output-app/model/Tweet.js b/test/output-app/model/Tweet.js index 56da25c..2ead2d1 100644 --- a/test/output-app/model/Tweet.js +++ b/test/output-app/model/Tweet.js @@ -272,34 +272,36 @@ export default class Tweet { return null; } - async findOneById(id, _user) { - const doc = await this.loader.load(id); - return doc; + async getById(id, _user, resolver){ + const doc = await this.findOneById(id); + return this.authorized({doc, mode: READONE, user: _user, resolver}); + } + + findOneById(id) { + return this.loader.load(id); } - async all({ lastCreatedAt = 0, limit = 10 }, _user) { - const doc = await this.collection.find({ + async getAll({ lastCreatedAt, limit }, _user, resolver){ + const doc = await this.all({ lastCreatedAt, limit }, _user); + return this.authorized({doc, mode: READMANY, user: _user, resolver}); + } + + all({ lastCreatedAt = 0, limit = 10 }, _user) { + return this.collection.find({ createdAt: { $gt: lastCreatedAt }, }).sort({ createdAt: 1 }).limit(limit).toArray(); - return doc; } - async author(tweet, _user) { - const doc = await this.context.User.findOneById(tweet.authorId, _user); - const authorizedDoc = this.context.User.authorized({doc, mode: READONE, user: _user, resolver: 'author'}); - return authorizedDoc; + author(tweet, _user) { + return this.context.User.getById(tweet.authorId, _user, 'author'); } - async createdBy(tweet, _user) { - const doc = await this.context.User.findOneById(tweet.createdById, _user); - const authorizedDoc = this.context.User.authorized({doc, mode: READONE, user: _user, resolver: 'createdBy'}); - return authorizedDoc; + createdBy(tweet, _user) { + return this.context.User.getById(tweet.createdById, _user, 'createdBy'); } - async updatedBy(tweet, _user) { - const doc = await this.context.User.findOneById(tweet.updatedById, _user); - const authorizedDoc = this.context.User.authorized({doc, mode: READONE, user: _user, resolver: 'updatedBy'}); - return authorizedDoc; + updatedBy(tweet, _user) { + return this.context.User.getById(tweet.updatedById, _user, 'udpatedBy'); } async coauthors(tweet, { lastCreatedAt = 0, limit = 10 }, _user) { @@ -307,8 +309,7 @@ export default class Tweet { _id: { $in: tweet.coauthorsIds }, createdAt: { $gt: lastCreatedAt }, }).sort({ createdAt: 1 }).limit(limit).toArray(); - const authorizedDoc = this.context.User.authorized({doc, mode: READMANY, user: _user, resolver: 'coauthors'}); - return authorizedDoc; + return this.context.User.authorized({doc, mode: READMANY, user: _user, resolver: 'coauthors'}); } async likers(tweet, { lastCreatedAt = 0, limit = 10 }, _user) { @@ -316,8 +317,7 @@ export default class Tweet { likedIds: tweet._id, createdAt: { $gt: lastCreatedAt }, }).sort({ createdAt: 1 }).limit(limit).toArray(); - const authorizedDoc = this.context.User.authorized({doc, mode: READMANY, user: _user, resolver: 'likers'}); - return authorizedDoc; + return this.context.User.authorized({doc, mode: READMANY, user: _user, resolver: 'likers'}); } async insert(doc, _user) { @@ -337,7 +337,7 @@ export default class Tweet { if (!authorized) throw new Error('Tweet: mode: create not authorized'); const id = (await this.collection.insertOne(docToInsert)).insertedId; - this.pubsub.publish('tweetInserted', await this.findOneById(id, _user)); + this.pubsub.publish('tweetInserted', await this.findOneById(id)); return id; } @@ -354,12 +354,12 @@ export default class Tweet { }), }); this.loader.clear(id); - this.pubsub.publish('tweetUpdated', await this.findOneById(id, _user)); + this.pubsub.publish('tweetUpdated', await this.findOneById(id)); return ret; } async removeById(id, _user) { - const doc = await this.findOneById(id, _user); + const doc = await this.findOneById(id); const authorized = this.isAuthorized({doc, mode: DELETE, user: _user, resolver: 'removeById'}); if (!authorized) throw new Error('Tweet: mode: delete not authorized'); diff --git a/test/output-app/model/User.js b/test/output-app/model/User.js index acbecb0..9bb463d 100644 --- a/test/output-app/model/User.js +++ b/test/output-app/model/User.js @@ -79,7 +79,7 @@ export default class User { } if (printLog){ log.debug(''); - log.debug(`${resolver} hasRole: "${role}" "${user.username ? user.username : ''} ${user.role ? user.role : ''} ${user._id ? user._id : ''}" ==> "${hasRole}"`); + log.debug(`${resolver} hasRole: "${role}" "${(user && user.username) ? user.username : ''} ${(user && user.role) ? user.role : ''} ${(user && user._id) ? user._id : ''}" ==> "${hasRole}"`); } return hasRole; } @@ -214,26 +214,24 @@ export default class User { return null; } - async findOneById(id, _user) { - //console.log('findOneById _user', id, JSON.stringify(_user, null, 2)); - const doc = await this.loader.load(id); - return doc; - // wanted to do the authorization here, but in the query, the user is false, in mutations and resolvers it is there, why? - // the following doesn't work, because the user is not there at this point of time for a reason I don't understand - // const authorizedDoc = this.authorized({doc: doc, mode: READONE, user: user}); - // return authorizedDoc; + async getById(id, _user, resolver){ + const doc = await this.findOneById(id); + return this.authorized({doc, mode: READONE, user: _user, resolver}); + } + + findOneById(id) { + return this.loader.load(id); } - async all({ lastCreatedAt = 0, limit = 10 }, _user) { - //console.log('findOneById _user', id, JSON.stringify(_user, null, 2)); - const doc = await this.collection.find({ + async getAll({ lastCreatedAt, limit }, _user, resolver){ + const doc = await this.all({ lastCreatedAt, limit }, _user); + return this.authorized({doc, mode: READMANY, user: _user, resolver}); + } + + all({ lastCreatedAt = 0, limit = 10 }, _user) { + return this.collection.find({ createdAt: { $gt: lastCreatedAt }, }).sort({ createdAt: 1 }).limit(limit).toArray(); - return doc; - // wanted to do the authorization here, but in the query, the user is false, in mutations and resolvers it is there, why? - // the following doesn't work, because the user is not there at this point of time for a reason I don't understand - // const authorizedDocs = this.authorized({doc, mode: READMANY, user}); - // return authorizedDocs; } async tweets(user, { minLikes, lastCreatedAt = 0, limit = 10 }, _user) { @@ -273,13 +271,13 @@ export default class User { } async createdBy(user, _user) { - const doc = await this.context.User.findOneById(user.createdById, _user); + const doc = await this.context.User.getById(user.createdById, _user, 'createdBy'); const authorizedDoc = this.authorized({doc, mode: READONE, user: _user, resolver: 'createdBy'}); return authorizedDoc; } async updatedBy(user, _user) { - const doc = await this.context.User.findOneById(user.updatedById, _user); + const doc = await this.context.User.getById(user.updatedById, _user, 'updatedBy'); const authorizedDoc = this.authorized({doc, mode: READONE, user: _user, resolver: 'updatedBy'}); return authorizedDoc; } @@ -296,7 +294,7 @@ export default class User { if (!authorized) throw new Error('User: mode: create not authorized'); const id = (await this.collection.insertOne(docToInsert)).insertedId; - this.pubsub.publish('userInserted', await this.findOneById(id, _user)); + this.pubsub.publish('userInserted', await this.findOneById(id)); return id; } @@ -313,12 +311,12 @@ export default class User { }), }); this.loader.clear(id); - this.pubsub.publish('userUpdated', await this.findOneById(id, _user)); + this.pubsub.publish('userUpdated', await this.findOneById(id)); return ret; } async removeById(id, _user) { - const doc = await this.findOneById(id, _user); + const doc = await this.findOneById(id); const authorized = this.isAuthorized({doc, mode: DELETE, user: _user, resolver: 'removeById'}); if (!authorized) throw new Error('User: mode: delete not authorized'); diff --git a/test/output-app/resolvers/Tweet.js b/test/output-app/resolvers/Tweet.js index 0b62449..2c74815 100644 --- a/test/output-app/resolvers/Tweet.js +++ b/test/output-app/resolvers/Tweet.js @@ -1,69 +1,43 @@ -import log from '../server/logger'; -import { CREATE, READ, READONE, READMANY, UPDATE, DELETE, DEBUG } from '../model/constants'; - const resolvers = { Tweet: { - id(tweet) { return tweet._id; }, - async author(tweet, args, { Tweet, _user }) { - const doc = await Tweet.author(tweet, _user); - return doc; + author(tweet, args, { Tweet, _user }) { + return Tweet.author(tweet, _user); }, - async createdBy(tweet, args, { Tweet, _user }) { - const doc = await Tweet.createdBy(tweet, _user); - return doc; + createdBy(tweet, args, { Tweet, _user }) { + return Tweet.createdBy(tweet, _user); }, - async updatedBy(tweet, args, { Tweet, _user }) { - const doc = await Tweet.updatedBy(tweet, _user); - return doc; + updatedBy(tweet, args, { Tweet, _user }) { + return Tweet.updatedBy(tweet, _user); }, - async coauthors(tweet, { lastCreatedAt, limit }, { Tweet, _user }) { - const doc = await Tweet.coauthors(tweet, { lastCreatedAt, limit }, _user); - return doc; + coauthors(tweet, { lastCreatedAt, limit }, { Tweet, _user }) { + return Tweet.coauthors(tweet, { lastCreatedAt, limit }, _user); }, - async likers(tweet, { lastCreatedAt, limit }, { Tweet, _user }) { - const doc = await Tweet.likers(tweet, { lastCreatedAt, limit }, _user); - return doc; + likers(tweet, { lastCreatedAt, limit }, { Tweet, _user }) { + return Tweet.likers(tweet, { lastCreatedAt, limit }, _user); }, }, Query: { - async tweets(root, { lastCreatedAt, limit }, { Tweet, _user }) { - try { - log.debug('---------------------'); - log.debug('Tweet resolver "tweets"'); - const doc = await Tweet.all({ lastCreatedAt, limit }, _user); - return Tweet.authorized({doc, mode: READMANY, user: _user, resolver: 'tweets'}); - } catch(error) { - console.log('ERROR:', error.message); - } + tweets(root, { lastCreatedAt, limit }, { Tweet, _user }) { + return Tweet.getAll({ lastCreatedAt, limit }, _user, 'tweets'); }, - async tweet(root, { id }, { Tweet, _user }) { - try { - log.debug('---------------------'); - log.debug('Tweet resolver "tweet"'); - const doc = await Tweet.findOneById(id, _user); - return Tweet.authorized({doc, mode: READONE, user: _user, resolver: 'tweet'}); - } catch(error) { - console.log('ERROR:', error.message); - } + tweet(root, { id }, { Tweet, _user }) { + return Tweet.getById(id, _user, 'tweet'); }, }, Mutation: { async createTweet(root, { input }, { Tweet, _user }) { try { - log.debug('---------------------------'); - log.debug('Tweet resolver "createTweet"'); const id = await Tweet.insert(input, _user); - const doc = await Tweet.findOneById(id, _user); - return Tweet.authorized({doc, mode: READONE, user: _user, resolver: 'createTweet'}); + return Tweet.getById(id, _user, 'createTweet'); } catch(error) { console.log('ERROR:', error.message); } @@ -71,11 +45,8 @@ const resolvers = { async updateTweet(root, { id, input }, { Tweet, _user }) { try { - log.debug('---------------------------'); - log.debug('Tweet resolver "updateTweet"'); await Tweet.updateById(id, input, _user); - const doc = await Tweet.findOneById(id, _user); - return Tweet.authorized({doc, mode: READONE, user: _user, resolver: 'updateTweet'}); + return Tweet.getById(id, _user, 'updateTweet'); } catch(error) { console.log('ERROR:', error.message); } @@ -83,10 +54,7 @@ const resolvers = { async removeTweet(root, { id }, { Tweet, _user }) { try { - log.debug('---------------------------'); - log.debug('Tweet resolver "removeTweet"'); - const response = await Tweet.removeById(id, _user); - return response; + return await Tweet.removeById(id, _user); } catch(error) { console.log('ERROR:', error.message); } diff --git a/test/output-app/resolvers/User.js b/test/output-app/resolvers/User.js index 5ef1a0a..8b9331e 100644 --- a/test/output-app/resolvers/User.js +++ b/test/output-app/resolvers/User.js @@ -1,76 +1,47 @@ -import log from '../server/logger'; -import { CREATE, READ, READONE, READMANY, UPDATE, DELETE, DEBUG } from '../model/constants'; - -const resolvers = { + const resolvers = { User: { - id(user) { return user._id; }, - async createdBy(user, args, { User, _user }) { - const doc = await User.createdBy(user, _user); - return doc; + createdBy(user, args, { User, _user }) { + return User.createdBy(user, _user); }, - async updatedBy(user, args, { User, _user }) { - const doc = await User.updatedBy(user, _user); - return doc; + updatedBy(user, args, { User, _user }) { + return User.updatedBy(user, _user); }, - async tweets(user, { minLikes, lastCreatedAt, limit }, { User, _user }) { - const doc = await User.tweets(user, { minLikes, lastCreatedAt, limit }, _user); - return doc; + tweets(user, { minLikes, lastCreatedAt, limit }, { User, _user }) { + return User.tweets(user, { minLikes, lastCreatedAt, limit }, _user); }, - async liked(user, { lastCreatedAt, limit }, { User, _user }) { - const doc = await User.liked(user, { lastCreatedAt, limit }, _user); - return doc; + liked(user, { lastCreatedAt, limit }, { User, _user }) { + return User.liked(user, { lastCreatedAt, limit }, _user); }, - async following(user, { lastCreatedAt, limit }, { User, _user }) { - const doc = await User.following(user, { lastCreatedAt, limit }, _user); - return doc; + following(user, { lastCreatedAt, limit }, { User, _user }) { + return User.following(user, { lastCreatedAt, limit }, _user); }, - async followers(user, { lastCreatedAt, limit }, { User, _user }) { - const doc = await User.followers(user, { lastCreatedAt, limit }, _user); - return doc; + followers(user, { lastCreatedAt, limit }, { User, _user }) { + return User.followers(user, { lastCreatedAt, limit }, _user); }, }, Query: { - async users(root, { lastCreatedAt, limit }, { User, _user }) { - try { - log.debug('---------------------'); - log.debug('User resolver "users"'); - const doc = await User.all({ lastCreatedAt, limit }, _user); - // for any reason I don't understand the authorization has to remain here in Query - return User.authorized({doc, mode: READMANY, user: _user, resolver: 'users'}); - } catch(error) { - console.log('ERROR:', error.message); - } + users(root, { lastCreatedAt, limit }, { User, _user }) { + return User.getAll({ lastCreatedAt, limit }, _user, 'users'); }, - async user(root, { id }, { User, _user }) { - try { - log.debug('--------------------'); - log.debug('User resolver "user"'); - const doc = await User.findOneById(id, _user); - // for any reason I don't understand the authorization has to remain here in Query - return User.authorized({doc, mode: READONE, user: _user, resolver: 'user'}); - } catch(error) { - console.log('ERROR:', error.message); - } + user(root, { id }, { User, _user }) { + return User.getById(id, _user, 'user'); }, }, Mutation: { async createUser(root, { input }, { User, _user }) { try { - log.debug('--------------------------'); - log.debug('User resolver "createUser"'); const id = await User.insert(input, _user); - const doc = await User.findOneById(id, _user); - return User.authorized({doc, mode: READONE, user: _user, resolver: 'createUser'}); + return User.getById(id, _user, 'createUser'); } catch(error) { console.log('ERROR:', error.message); } @@ -78,11 +49,8 @@ const resolvers = { async updateUser(root, { id, input }, { User, _user }) { try { - log.debug('--------------------------'); - log.debug('User resolver "updateUser"'); await User.updateById(id, input, _user); - const doc = await User.findOneById(id, _user); - return User.authorized({doc, mode: READONE, user: _user, resolver: 'updateUser'}); + return User.getById(id, _user, 'updateUser'); } catch(error) { console.log('ERROR:', error.message); } @@ -90,10 +58,7 @@ const resolvers = { async removeUser(root, { id }, { User, _user }) { try { - log.debug('--------------------------'); - log.debug('User resolver "removeUser"'); - const response = await User.removeById(id, _user); - return response; + return await User.removeById(id, _user); } catch(error) { console.log('ERROR:', error.message); } From 087106b26a29e6f9459d8514560f1bcf8b5e0178 Mon Sep 17 00:00:00 2001 From: Tobias Klemmer Date: Tue, 13 Jun 2017 00:22:21 +0200 Subject: [PATCH 09/69] easy auth --- test/input/Tweet.graphql | 2 +- test/output-app/authorizations/Tweet.js | 18 + test/output-app/authorizations/User.js | 18 + test/output-app/authorizations/helpers.js | 58 +++ test/output-app/authorizations/index.js | 8 + test/output-app/index.js | 3 +- test/output-app/model/Tweet-complicated.js | 371 ++++++++++++++++++ test/output-app/model/Tweet.js | 422 +++++---------------- test/output-app/model/User-complicated.js | 328 ++++++++++++++++ test/output-app/model/User.js | 342 +++++------------ test/output-app/model/constants.js | 10 - test/output-app/model/index.js | 2 + test/output-app/package.json | 1 + test/output-app/resolvers/Tweet.js | 16 +- test/output-app/resolvers/User.js | 8 +- test/output-app/schema/Tweet.graphql | 8 +- test/output-app/server/authorize.js | 104 +++++ test/output-app/server/index.js | 4 +- test/output-app/yarn.lock | 18 +- 19 files changed, 1130 insertions(+), 611 deletions(-) create mode 100644 test/output-app/authorizations/Tweet.js create mode 100644 test/output-app/authorizations/User.js create mode 100644 test/output-app/authorizations/helpers.js create mode 100644 test/output-app/authorizations/index.js create mode 100644 test/output-app/model/Tweet-complicated.js create mode 100644 test/output-app/model/User-complicated.js delete mode 100644 test/output-app/model/constants.js create mode 100644 test/output-app/server/authorize.js diff --git a/test/input/Tweet.graphql b/test/input/Tweet.graphql index 4eb42f2..6568072 100644 --- a/test/input/Tweet.graphql +++ b/test/input/Tweet.graphql @@ -9,7 +9,7 @@ type Tweet { author: User! @unmodifiable @belongsTo @authRole("author") - coauthors: [User!] @belongsTo @authRole("coauthors") + coauthors: [User] @belongsTo @authRole("coauthors") body: String! likers: [User!] @hasAndBelongsToMany(as: "liked") diff --git a/test/output-app/authorizations/Tweet.js b/test/output-app/authorizations/Tweet.js new file mode 100644 index 0000000..afdf844 --- /dev/null +++ b/test/output-app/authorizations/Tweet.js @@ -0,0 +1,18 @@ +export const Tweet = { + userRoles: { + create: ['admin'], + read: ['admin', 'world'], + readOne: ['admin', 'world'], + readMany: ['admin', 'world'], + update: ['admin'], + delete: ['admin'], + }, + docRoles: { + create: ['authorId'], + read: ['authorId', 'coauthorsIds'], + readOne: ['authorId', 'coauthorsIds'], + readMany: ['authorId', 'coauthorsIds'], + update: ['authorId', 'coauthorsIds'], + delete: ['authorId'], + } +}; diff --git a/test/output-app/authorizations/User.js b/test/output-app/authorizations/User.js new file mode 100644 index 0000000..7ea5d02 --- /dev/null +++ b/test/output-app/authorizations/User.js @@ -0,0 +1,18 @@ +export const User = { + userRoles: { + create: ['admin'], + read: ['admin'], + readOne: ['admin'], + readMany: ['admin'], + update: ['admin'], + delete: ['admin'], + }, + docRoles: { + create: [], + read: [], + readOne: ['_id'], // == 'this' + readMany: [], + update: ['_id'], + delete: ['_id'], + } +}; diff --git a/test/output-app/authorizations/helpers.js b/test/output-app/authorizations/helpers.js new file mode 100644 index 0000000..4fe4e03 --- /dev/null +++ b/test/output-app/authorizations/helpers.js @@ -0,0 +1,58 @@ +import _ from 'lodash'; +import log from '../server/logger'; + +export function findByIds(collection, ids, authQuery) { + const baseQuery = { _id: { $in: ids } }; + const finalQuery = {...baseQuery, ...authQuery}; + return collection.find(finalQuery) + .toArray() + .then((docs) => { + const idMap = {}; + docs.forEach((d) => { idMap[d._id] = d; }); + return ids.map(id => idMap[id]); + }); +} + +export function loggedIn(user) { + if(user && user._id && user._id.toString() !== '') { + return true; + } + return false; +} + +export function queryForRoles(user, userRoles = [], docRoles = [], { User }) { + // Authorized by userRoles + const role = User.authRole(user); + if (userRoles.includes(role) || userRoles.includes('world')) { + return {}; + } + // Authorized by docRoles + const query = { $or: [] }; + if (docRoles.length > 0 && user && user._id){ + docRoles.forEach(docRole => query.$or.push( { [docRole]: user._id } ) ); + return query; + } + // Not Authorized + return false; +} + +export function userAuthorizedForDoc(_user, docRoles, doc){ + const newDoc = Object.assign({}, doc); + let authorized = false; + docRoles.forEach(docRole => { + // user logged in and + // role field in doc exists and + // includes the current user + // includes works for String and Array + if ( + loggedIn(_user) && newDoc[docRole] && + ( + ( _.isArray(newDoc[docRole]) && newDoc[docRole].includes(_user._id.toString()) ) || + ( _.isObject(newDoc[docRole]) && newDoc[docRole].toString().includes(_user._id.toString()) ) + ) + ){ + authorized = true; + } + }) + return authorized; +} diff --git a/test/output-app/authorizations/index.js b/test/output-app/authorizations/index.js new file mode 100644 index 0000000..b2bba94 --- /dev/null +++ b/test/output-app/authorizations/index.js @@ -0,0 +1,8 @@ +export * from './helpers'; +export const auth = {}; + +import { User } from './User'; +auth.User = User; + +import { Tweet } from './Tweet'; +auth.Tweet = Tweet; diff --git a/test/output-app/index.js b/test/output-app/index.js index 449bd70..588f13f 100644 --- a/test/output-app/index.js +++ b/test/output-app/index.js @@ -102,7 +102,8 @@ if (!MONGO_URL) { nodemon({ script: path.join('server', 'index.js'), ext: 'js graphql', - exec: 'babel-node --inspect', + exec: 'babel-node --inspect', // with debugger + // exec: 'babel-node', // without debugger }).on('restart', () => console.log('Restarting server due to file change\n')); diff --git a/test/output-app/model/Tweet-complicated.js b/test/output-app/model/Tweet-complicated.js new file mode 100644 index 0000000..2ead2d1 --- /dev/null +++ b/test/output-app/model/Tweet-complicated.js @@ -0,0 +1,371 @@ +import _ from 'lodash'; +import log from '../server/logger'; +import DataLoader from 'dataloader'; +import findByIds from 'mongo-find-by-ids'; +import { CREATE, READ, READONE, READMANY, UPDATE, DELETE, DEBUG } from './constants'; + +export default class Tweet { + constructor(context) { + /* this is generated from ... + @authorize( + admin: ["read", "update", "delete"], + author: ["create", "read", "update", "delete"], + coauthors: ["read", "update"], + world: ["read"] + ) + */ + this.authorizations = { + admin: { + read: true, + readOne: true, + readMany: true, + update: true, + delete: true, + }, + author: { + create: true, + read: true, + readOne: true, + readMany: true, + update: true, + delete: true, + }, + coauthors: { + read: true, + readOne: true, + readMany: true, + update: true, + }, + world: { + read: true, + readOne: true, + readMany: true, + } + }; + this.context = context; + this.collection = context.db.collection('tweet'); + this.pubsub = context.pubsub; + this.loader = new DataLoader(ids => findByIds(this.collection, ids)); + } + + // returns true, if the user's role is of expected kind + // this is generated whenever @authorize appears in the type definition + hasUserRole({role, doc, user, mode, printLog = true, resolver}){ + let hasRole = false; + switch (role) { + // returns true, if signed in user has a role "admin" + // this is generated by... + // @authorize(admin: ["read", "update", "delete"]) + // ----- + // and if there is no @authRole("admin") user on any of the fields + // then it assumes a role definition + // and it checks against the role of the signed in user + case 'admin': + hasRole = ( + // valid signed in user id available + !!user && !!user._id && user._id.toString() !== '' && + // the current user has the correct role + this.context.User.role(user) === 'admin' + ); + break; + // returns true, if the signed in user is an author + // this is generated by... + // author: User! @unmodifiable @belongsTo @authRole("author") + // ----- ------------------- + case 'author': + hasRole = ( + // valid signed in user id available + !!user && !!user._id && user._id.toString() !== '' && + // valid document author available + !!doc && !!doc.authorId && doc.authorId.toString() !== '' && + // document author equals signed in user + doc.authorId.toString() === user._id.toString() + ); + break; + // returns true, if the signed in user is one of the coauthors + // this is generated by... + // coauthors: [User!] @belongsTo @authRole("coauthors") + // ------- ---------------------- + case 'coauthors': + hasRole = ( + // valid signed in user id available + !!user && !!user._id && user._id.toString() !== '' && + // document has at least one coauthors + !!doc && !!doc.coauthorsIds && _.isArray(doc.coauthorsIds) && doc.coauthorsIds.length > 0 && + // current signed in user is a coauthors + _.indexOf(doc.coauthorsIds, user._id.toString()) > -1 + ); + break; + // returns true, if user has a role "world" + // this is generated by... + // @authorize(world: ["read"]) + // ----- + // and if there is no @authRole("world") user on any of the fields + // then it assumes the special role definition "world" + // which means for every user, signed in or not signed in + case 'world': + hasRole = true; + break; + } + if (printLog){ + log.debug(''); + log.debug(`${resolver} hasRole: "${role}" "${ + user.username ? user.username : '' + } ${ + user.role ? user.role : '' + } ${ + user._id ? user._id : '' + } doc: "${ + (doc && doc._id) ? doc._id.toString() : '' + }" author: "${ + (doc && doc.authorId) ? doc.authorId : '' + }" coauthors: "${ + (doc && doc.coauthorsIds && doc.coauthorsIds.length > 0) ? doc.coauthorsIds.toString() : '' + }" ==> "${hasRole}"`); + } + return hasRole; + } + + // returns true, if the user role is authorized for the current mode + // this is generated whenever @authorize appears in the type definition + isRoleAuthorizedForMode({role, mode, resolver}){ + log.debug(`${resolver} isRoleAuthorizedForMode: "${role}" "${mode}" ==> "${this.authorizations[role][mode] ? true : false}"`); + return this.authorizations[role][mode] ? true : false; + } + + // returns true, if the current user is authorized for the current mode and document + // this is generated, whenever @authorize appears... + isAuthorized({doc, mode, user, resolver}){ + // generated by @authorize(admin: ...) + const adminAuthorized = this.hasUserRole({role: 'admin', doc, user, mode, printLog: true, resolver}) && + this.isRoleAuthorizedForMode({role: 'admin', mode, resolver}); + + // logging for debugging... + if (adminAuthorized){ + log.debug(`${resolver} isAuthorized: role: "${ + (user && user._id && this.context.User.role(user)) ? this.context.User.role(user) : '' + }" "${mode}" doc: "${ + (doc && doc._id) ? doc._id.toString() : '' + }" user: "${ + (user && user._id) ? user._id.toString() : '' + }" ===> "${adminAuthorized}"`); + + return adminAuthorized; + } + + // generated by @authorize(author: ...) + const authorAuthorized = this.hasUserRole({role: 'author', doc, user, mode, printLog: true, resolver}) && + this.isRoleAuthorizedForMode({role: 'author', mode, resolver}); + + // logging for debugging... + if (authorAuthorized){ + log.debug(`${resolver} isAuthorized: role: "author" "${mode}" doc: "${ + (doc && doc._id) ? doc._id.toString() : '' + }" author: "${ + (doc && doc.authorId) ? doc.authorId : '' + }" user: "${ + (user && user._id) ? user._id.toString() : '' + }" ===> "${authorAuthorized}"`); + + return authorAuthorized; + } + + // generated by @authorize(coauthors: ...) + const coauthorsAuthorized = this.hasUserRole({role: 'coauthors', doc, user, mode, printLog: true, resolver}) && + this.isRoleAuthorizedForMode({role: 'coauthors', mode, resolver}); + + // logging for debugging... + if (coauthorsAuthorized){ + log.debug(`${resolver} isAuthorized: role: "coauthors" "${mode}" doc: "${ + (doc && doc._id) ? doc._id.toString() : '' + }" coauthors: "${ + (doc && doc.coauthorsIds && doc.coauthorsIds.length > 0) ? doc.coauthorsIds.toString() : '' + }" user: "${ + (user && user._id) ? user._id.toString() : '' + }" ===> "${coauthorsAuthorized}"`); + + return coauthorsAuthorized; + } + + // generated by @authorize(world: ...) + const worldAuthorized = this.hasUserRole({role: 'world', doc, user, mode, printLog: true, resolver}) && + this.isRoleAuthorizedForMode({role: 'world', mode, resolver}); + + // logging for debugging... + if (worldAuthorized){ + log.debug(`${resolver} isAuthorized: role: "world" "${mode}" doc: "${ + (doc && doc._id) ? doc._id.toString() : '' + }" user: "${ + (user && user._id) ? user._id.toString() : '' + }" ===> "${worldAuthorized}"`); + + return worldAuthorized; + } + + // logging for debugging... + log.debug(`${resolver} isAuthorized: role: "${ + (user && user._id && this.context.User.role(user)) ? this.context.User.role(user) : '' + }" "${mode}" doc: "${ + (doc && doc._id) ? doc._id.toString() : '' + }" author: "${ + (doc && doc.authorId) ? doc.authorId : '' + }" coauthors: "${ + (doc && doc.coauthorsIds && doc.coauthorsIds.length > 0) ? doc.coauthorsIds.toString() : '' + }" user: "${ + (user && user._id) ? user._id.toString() : '' + }" ===> "false"`); + + return false; + } + + // returns document without role field + // generated by... + // role: String! @authRole("admin") @authorize(this: ["read"], admin: ["read", "update"]) + // ------- ------------------ + authorizedFields({doc, mode, user, resolver}){ + // array contains all fields, whose authorization is to be checked + // role: String! @authorize() + // ---- ------------ + const fields = []; + + // check authorization on field level now + fields.forEach(field => { + // default is: field is not authorized + let authorizedField = false; + + // ... Checking fields here... + + // otherwise remove field from doc, + // because the user and mode is not authorize to access this field + if ( !authorizedField && doc[field] ){ + log.debug(`${resolver} authorizedFields: "${field}" not authorized for user/role and mode: "${mode}", removed from document`); + delete doc[field]; + } + }); + + return doc; + } + + // returns only authorized documents and fields + // generated by ... + // @authorize() + authorized({doc, mode, user, resolver}){ + // if it is an array of documents, .... + if (_.isArray(doc)){ + // then filter for the authorized documents + let authorizedDocs = _.filter(doc, d => this.isAuthorized({doc: d, mode, user, resolver}) ); + // provide only authorized fields + authorizedDocs.forEach(d => { + d = this.authorizedFields({doc: d, mode, user, resolver}); + }); + return authorizedDocs; + + // if it is a single document, check the authorization for it + } else if ( _.isObject(doc) && this.isAuthorized({doc, mode, user, resolver}) ) { + // return only authorized fields + const authorizedDoc = this.authorizedFields({doc, mode, user, resolver}); + return authorizedDoc; + } + + // or return null, if no authorized document was found + log.debug(`${resolver} authorized: no authorized doc found`); + return null; + } + + async getById(id, _user, resolver){ + const doc = await this.findOneById(id); + return this.authorized({doc, mode: READONE, user: _user, resolver}); + } + + findOneById(id) { + return this.loader.load(id); + } + + async getAll({ lastCreatedAt, limit }, _user, resolver){ + const doc = await this.all({ lastCreatedAt, limit }, _user); + return this.authorized({doc, mode: READMANY, user: _user, resolver}); + } + + all({ lastCreatedAt = 0, limit = 10 }, _user) { + return this.collection.find({ + createdAt: { $gt: lastCreatedAt }, + }).sort({ createdAt: 1 }).limit(limit).toArray(); + } + + author(tweet, _user) { + return this.context.User.getById(tweet.authorId, _user, 'author'); + } + + createdBy(tweet, _user) { + return this.context.User.getById(tweet.createdById, _user, 'createdBy'); + } + + updatedBy(tweet, _user) { + return this.context.User.getById(tweet.updatedById, _user, 'udpatedBy'); + } + + async coauthors(tweet, { lastCreatedAt = 0, limit = 10 }, _user) { + const doc = await this.context.User.collection.find({ + _id: { $in: tweet.coauthorsIds }, + createdAt: { $gt: lastCreatedAt }, + }).sort({ createdAt: 1 }).limit(limit).toArray(); + return this.context.User.authorized({doc, mode: READMANY, user: _user, resolver: 'coauthors'}); + } + + async likers(tweet, { lastCreatedAt = 0, limit = 10 }, _user) { + const doc = await this.context.User.collection.find({ + likedIds: tweet._id, + createdAt: { $gt: lastCreatedAt }, + }).sort({ createdAt: 1 }).limit(limit).toArray(); + return this.context.User.authorized({doc, mode: READMANY, user: _user, resolver: 'likers'}); + } + + async insert(doc, _user) { + // let coauthorsIds = doc.coauthorsIds || []; + // const enhancedDoc = Object.assign({ + // authorId: user._id, + // coauthorsIds: coauthorsIds, + // }); + let docToInsert = Object.assign({}, doc, { + createdAt: Date.now(), + updatedAt: Date.now(), + createdById: (_user && _user._id) ? _user._id : 'unknown', + updatedById: (_user && _user._id) ? _user._id : 'unknown', + }); + docToInsert = this.authorizedFields({doc: docToInsert, mode: CREATE, user: _user, resolver: 'insert'}); + const authorized = this.isAuthorized({doc: docToInsert, mode: CREATE, user: _user, resolver: 'insert'}); + if (!authorized) throw new Error('Tweet: mode: create not authorized'); + + const id = (await this.collection.insertOne(docToInsert)).insertedId; + this.pubsub.publish('tweetInserted', await this.findOneById(id)); + return id; + } + + async updateById(id, doc, _user) { + const foundDoc = await this.findOneById(id); + const authorized = this.isAuthorized({doc: foundDoc, mode: UPDATE, user: _user, resolver: 'updateById'}); + if (!authorized) throw new Error('Tweet: mode: update not authorized'); + + const updatedDoc = this.authorizedFields({doc, mode: UPDATE, user: _user, resolver: 'updateById'}); + const ret = await this.collection.update({ _id: id }, { + $set: Object.assign({}, updatedDoc, { + updatedAt: Date.now(), + updatedById: (_user && _user._id) ? _user._id : 'unknown', + }), + }); + this.loader.clear(id); + this.pubsub.publish('tweetUpdated', await this.findOneById(id)); + return ret; + } + + async removeById(id, _user) { + const doc = await this.findOneById(id); + const authorized = this.isAuthorized({doc, mode: DELETE, user: _user, resolver: 'removeById'}); + if (!authorized) throw new Error('Tweet: mode: delete not authorized'); + + const ret = this.collection.remove({ _id: id }); + this.loader.clear(id); + this.pubsub.publish('tweetRemoved', id); + return ret; + } +} diff --git a/test/output-app/model/Tweet.js b/test/output-app/model/Tweet.js index 2ead2d1..75dbb95 100644 --- a/test/output-app/model/Tweet.js +++ b/test/output-app/model/Tweet.js @@ -1,371 +1,149 @@ import _ from 'lodash'; +import { ObjectID } from 'mongodb'; import log from '../server/logger'; import DataLoader from 'dataloader'; -import findByIds from 'mongo-find-by-ids'; -import { CREATE, READ, READONE, READMANY, UPDATE, DELETE, DEBUG } from './constants'; +import { auth, findByIds, queryForRoles, userAuthorizedForDoc } from '../authorizations'; export default class Tweet { constructor(context) { - /* this is generated from ... - @authorize( - admin: ["read", "update", "delete"], - author: ["create", "read", "update", "delete"], - coauthors: ["read", "update"], - world: ["read"] - ) - */ - this.authorizations = { - admin: { - read: true, - readOne: true, - readMany: true, - update: true, - delete: true, - }, - author: { - create: true, - read: true, - readOne: true, - readMany: true, - update: true, - delete: true, - }, - coauthors: { - read: true, - readOne: true, - readMany: true, - update: true, - }, - world: { - read: true, - readOne: true, - readMany: true, - } - }; this.context = context; this.collection = context.db.collection('tweet'); this.pubsub = context.pubsub; - this.loader = new DataLoader(ids => findByIds(this.collection, ids)); - } - - // returns true, if the user's role is of expected kind - // this is generated whenever @authorize appears in the type definition - hasUserRole({role, doc, user, mode, printLog = true, resolver}){ - let hasRole = false; - switch (role) { - // returns true, if signed in user has a role "admin" - // this is generated by... - // @authorize(admin: ["read", "update", "delete"]) - // ----- - // and if there is no @authRole("admin") user on any of the fields - // then it assumes a role definition - // and it checks against the role of the signed in user - case 'admin': - hasRole = ( - // valid signed in user id available - !!user && !!user._id && user._id.toString() !== '' && - // the current user has the correct role - this.context.User.role(user) === 'admin' - ); - break; - // returns true, if the signed in user is an author - // this is generated by... - // author: User! @unmodifiable @belongsTo @authRole("author") - // ----- ------------------- - case 'author': - hasRole = ( - // valid signed in user id available - !!user && !!user._id && user._id.toString() !== '' && - // valid document author available - !!doc && !!doc.authorId && doc.authorId.toString() !== '' && - // document author equals signed in user - doc.authorId.toString() === user._id.toString() - ); - break; - // returns true, if the signed in user is one of the coauthors - // this is generated by... - // coauthors: [User!] @belongsTo @authRole("coauthors") - // ------- ---------------------- - case 'coauthors': - hasRole = ( - // valid signed in user id available - !!user && !!user._id && user._id.toString() !== '' && - // document has at least one coauthors - !!doc && !!doc.coauthorsIds && _.isArray(doc.coauthorsIds) && doc.coauthorsIds.length > 0 && - // current signed in user is a coauthors - _.indexOf(doc.coauthorsIds, user._id.toString()) > -1 - ); - break; - // returns true, if user has a role "world" - // this is generated by... - // @authorize(world: ["read"]) - // ----- - // and if there is no @authRole("world") user on any of the fields - // then it assumes the special role definition "world" - // which means for every user, signed in or not signed in - case 'world': - hasRole = true; - break; + this.loader = new DataLoader((ids, authQuery = {}) => findByIds(this.collection, ids, authQuery)); + this.type = 'Tweet'; + this.userRoles = auth[this.type].userRoles; + this.docRoles = auth[this.type].docRoles; + } + + findOneById(id, _user = {}, resolver = '') { + const authQuery = queryForRoles(_user, this.userRoles.readOne, this.docRoles.readOne, { User: this.context.User }); + log.debug(`${resolver} findOneById readOne with user ${(_user && _user.username) ? _user.username : ''} for ${this.type} and ${id}`); + log.debug('authQuery:', JSON.stringify(authQuery, null, 2)); + if (authQuery === false) { + throw new Error(`Not authorized to readOne ${this.type} ${id}.`); } - if (printLog){ - log.debug(''); - log.debug(`${resolver} hasRole: "${role}" "${ - user.username ? user.username : '' - } ${ - user.role ? user.role : '' - } ${ - user._id ? user._id : '' - } doc: "${ - (doc && doc._id) ? doc._id.toString() : '' - }" author: "${ - (doc && doc.authorId) ? doc.authorId : '' - }" coauthors: "${ - (doc && doc.coauthorsIds && doc.coauthorsIds.length > 0) ? doc.coauthorsIds.toString() : '' - }" ==> "${hasRole}"`); - } - return hasRole; + return this.loader.load(id, authQuery); } - // returns true, if the user role is authorized for the current mode - // this is generated whenever @authorize appears in the type definition - isRoleAuthorizedForMode({role, mode, resolver}){ - log.debug(`${resolver} isRoleAuthorizedForMode: "${role}" "${mode}" ==> "${this.authorizations[role][mode] ? true : false}"`); - return this.authorizations[role][mode] ? true : false; - } - - // returns true, if the current user is authorized for the current mode and document - // this is generated, whenever @authorize appears... - isAuthorized({doc, mode, user, resolver}){ - // generated by @authorize(admin: ...) - const adminAuthorized = this.hasUserRole({role: 'admin', doc, user, mode, printLog: true, resolver}) && - this.isRoleAuthorizedForMode({role: 'admin', mode, resolver}); - - // logging for debugging... - if (adminAuthorized){ - log.debug(`${resolver} isAuthorized: role: "${ - (user && user._id && this.context.User.role(user)) ? this.context.User.role(user) : '' - }" "${mode}" doc: "${ - (doc && doc._id) ? doc._id.toString() : '' - }" user: "${ - (user && user._id) ? user._id.toString() : '' - }" ===> "${adminAuthorized}"`); - - return adminAuthorized; - } - - // generated by @authorize(author: ...) - const authorAuthorized = this.hasUserRole({role: 'author', doc, user, mode, printLog: true, resolver}) && - this.isRoleAuthorizedForMode({role: 'author', mode, resolver}); - - // logging for debugging... - if (authorAuthorized){ - log.debug(`${resolver} isAuthorized: role: "author" "${mode}" doc: "${ - (doc && doc._id) ? doc._id.toString() : '' - }" author: "${ - (doc && doc.authorId) ? doc.authorId : '' - }" user: "${ - (user && user._id) ? user._id.toString() : '' - }" ===> "${authorAuthorized}"`); - - return authorAuthorized; - } - - // generated by @authorize(coauthors: ...) - const coauthorsAuthorized = this.hasUserRole({role: 'coauthors', doc, user, mode, printLog: true, resolver}) && - this.isRoleAuthorizedForMode({role: 'coauthors', mode, resolver}); - - // logging for debugging... - if (coauthorsAuthorized){ - log.debug(`${resolver} isAuthorized: role: "coauthors" "${mode}" doc: "${ - (doc && doc._id) ? doc._id.toString() : '' - }" coauthors: "${ - (doc && doc.coauthorsIds && doc.coauthorsIds.length > 0) ? doc.coauthorsIds.toString() : '' - }" user: "${ - (user && user._id) ? user._id.toString() : '' - }" ===> "${coauthorsAuthorized}"`); - - return coauthorsAuthorized; + all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = '') { + const baseQuery = { createdAt: { $gt: lastCreatedAt } }; + const authQuery = queryForRoles(_user, this.userRoles.readMany, this.docRoles.readMany, { User: this.context.User }); + const finalQuery = {...baseQuery, ...authQuery}; + log.debug(`${resolver} all readMany with user ${(_user && _user.username) ? _user.username : ''} for ${this.type}`); + if (authQuery != {}) log.debug('authQuery:', JSON.stringify(authQuery, null, 2)); + if (authQuery === false) { + throw new Error(`Not authorized to readMany ${this.type}.`); } - - // generated by @authorize(world: ...) - const worldAuthorized = this.hasUserRole({role: 'world', doc, user, mode, printLog: true, resolver}) && - this.isRoleAuthorizedForMode({role: 'world', mode, resolver}); - - // logging for debugging... - if (worldAuthorized){ - log.debug(`${resolver} isAuthorized: role: "world" "${mode}" doc: "${ - (doc && doc._id) ? doc._id.toString() : '' - }" user: "${ - (user && user._id) ? user._id.toString() : '' - }" ===> "${worldAuthorized}"`); - - return worldAuthorized; - } - - // logging for debugging... - log.debug(`${resolver} isAuthorized: role: "${ - (user && user._id && this.context.User.role(user)) ? this.context.User.role(user) : '' - }" "${mode}" doc: "${ - (doc && doc._id) ? doc._id.toString() : '' - }" author: "${ - (doc && doc.authorId) ? doc.authorId : '' - }" coauthors: "${ - (doc && doc.coauthorsIds && doc.coauthorsIds.length > 0) ? doc.coauthorsIds.toString() : '' - }" user: "${ - (user && user._id) ? user._id.toString() : '' - }" ===> "false"`); - - return false; - } - - // returns document without role field - // generated by... - // role: String! @authRole("admin") @authorize(this: ["read"], admin: ["read", "update"]) - // ------- ------------------ - authorizedFields({doc, mode, user, resolver}){ - // array contains all fields, whose authorization is to be checked - // role: String! @authorize() - // ---- ------------ - const fields = []; - - // check authorization on field level now - fields.forEach(field => { - // default is: field is not authorized - let authorizedField = false; - - // ... Checking fields here... - - // otherwise remove field from doc, - // because the user and mode is not authorize to access this field - if ( !authorizedField && doc[field] ){ - log.debug(`${resolver} authorizedFields: "${field}" not authorized for user/role and mode: "${mode}", removed from document`); - delete doc[field]; - } - }); - - return doc; - } - - // returns only authorized documents and fields - // generated by ... - // @authorize() - authorized({doc, mode, user, resolver}){ - // if it is an array of documents, .... - if (_.isArray(doc)){ - // then filter for the authorized documents - let authorizedDocs = _.filter(doc, d => this.isAuthorized({doc: d, mode, user, resolver}) ); - // provide only authorized fields - authorizedDocs.forEach(d => { - d = this.authorizedFields({doc: d, mode, user, resolver}); - }); - return authorizedDocs; - - // if it is a single document, check the authorization for it - } else if ( _.isObject(doc) && this.isAuthorized({doc, mode, user, resolver}) ) { - // return only authorized fields - const authorizedDoc = this.authorizedFields({doc, mode, user, resolver}); - return authorizedDoc; - } - - // or return null, if no authorized document was found - log.debug(`${resolver} authorized: no authorized doc found`); - return null; - } - - async getById(id, _user, resolver){ - const doc = await this.findOneById(id); - return this.authorized({doc, mode: READONE, user: _user, resolver}); - } - - findOneById(id) { - return this.loader.load(id); - } - - async getAll({ lastCreatedAt, limit }, _user, resolver){ - const doc = await this.all({ lastCreatedAt, limit }, _user); - return this.authorized({doc, mode: READMANY, user: _user, resolver}); - } - - all({ lastCreatedAt = 0, limit = 10 }, _user) { - return this.collection.find({ - createdAt: { $gt: lastCreatedAt }, - }).sort({ createdAt: 1 }).limit(limit).toArray(); + return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } author(tweet, _user) { - return this.context.User.getById(tweet.authorId, _user, 'author'); + return this.context.User.findOneById(tweet.authorId, _user, 'author'); } createdBy(tweet, _user) { - return this.context.User.getById(tweet.createdById, _user, 'createdBy'); + return this.context.User.findOneById(tweet.createdById, _user, 'createdBy'); } updatedBy(tweet, _user) { - return this.context.User.getById(tweet.updatedById, _user, 'udpatedBy'); + return this.context.User.findOneById(tweet.updatedById, _user, 'udpatedBy'); } - async coauthors(tweet, { lastCreatedAt = 0, limit = 10 }, _user) { - const doc = await this.context.User.collection.find({ - _id: { $in: tweet.coauthorsIds }, - createdAt: { $gt: lastCreatedAt }, - }).sort({ createdAt: 1 }).limit(limit).toArray(); - return this.context.User.authorized({doc, mode: READMANY, user: _user, resolver: 'coauthors'}); + coauthors(tweet, { lastCreatedAt = 0, limit = 10 }, _user) { + const baseQuery = {_id: { $in: tweet.coauthorsIds }, createdAt: { $gt: lastCreatedAt } }; + const authQuery = queryForRoles(_user, this.userRoles.readMany, this.docRoles.readMany, { User: this.context.User }); + const finalQuery = {...baseQuery, ...authQuery}; + log.debug(`coauthors readMany with user ${(_user && _user.username) ? _user.username : ''} for ${this.type}`); + log.debug('authQuery:', JSON.stringify(authQuery, null, 2)); + if (authQuery === false) { + throw new Error(`coauthors Not authorized to readMany ${this.type} ${id}.`); + } + return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } - async likers(tweet, { lastCreatedAt = 0, limit = 10 }, _user) { - const doc = await this.context.User.collection.find({ - likedIds: tweet._id, - createdAt: { $gt: lastCreatedAt }, - }).sort({ createdAt: 1 }).limit(limit).toArray(); - return this.context.User.authorized({doc, mode: READMANY, user: _user, resolver: 'likers'}); + likers(tweet, { lastCreatedAt = 0, limit = 10 }, _user) { + const baseQuery = {likedIds: tweet._id, createdAt: { $gt: lastCreatedAt } }; + const authQuery = queryForRoles(_user, this.userRoles.readMany, this.docRoles.readMany, { User: this.context.User }); + const finalQuery = {...baseQuery, ...authQuery}; + log.debug(`likers readMany with user ${(_user && _user.username) ? _user.username : ''} for ${this.type}`); + log.debug('authQuery:', JSON.stringify(authQuery, null, 2)); + if (authQuery === false) { + throw new Error(`coauthors Not authorized to readMany ${this.type} ${id}.`); + } + return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } async insert(doc, _user) { - // let coauthorsIds = doc.coauthorsIds || []; - // const enhancedDoc = Object.assign({ - // authorId: user._id, - // coauthorsIds: coauthorsIds, - // }); let docToInsert = Object.assign({}, doc, { - createdAt: Date.now(), - updatedAt: Date.now(), - createdById: (_user && _user._id) ? _user._id : 'unknown', - updatedById: (_user && _user._id) ? _user._id : 'unknown', + createdAt: Date.now(), + updatedAt: Date.now(), + createdById: (_user && _user._id) ? _user._id : 'unknown', + updatedById: (_user && _user._id) ? _user._id : 'unknown', }); - docToInsert = this.authorizedFields({doc: docToInsert, mode: CREATE, user: _user, resolver: 'insert'}); - const authorized = this.isAuthorized({doc: docToInsert, mode: CREATE, user: _user, resolver: 'insert'}); - if (!authorized) throw new Error('Tweet: mode: create not authorized'); + const authQuery = queryForRoles(_user, this.userRoles.create, this.docRoles.create, { User: this.context.User }); + if (authQuery === false || (authQuery !== {} && !userAuthorizedForDoc(_user, this.docRoles.create, doc)) ) { + throw new Error(`Not authorized to insert ${this.type} ${id}.`); + } + const id = (await this.collection.insertOne(docToInsert)).insertedId; + + if (id){ + log.debug(`inserted ${this.type} ${id}.`); + } else { + log.debug('insert failed for docToInsert:', JSON.stringify(docToInsert, null, 2)); + throw new Error(`insert not possible for ${this.type} ${id}.`); + } + this.pubsub.publish('tweetInserted', await this.findOneById(id)); return id; } async updateById(id, doc, _user) { - const foundDoc = await this.findOneById(id); - const authorized = this.isAuthorized({doc: foundDoc, mode: UPDATE, user: _user, resolver: 'updateById'}); - if (!authorized) throw new Error('Tweet: mode: update not authorized'); + let docToUpdate = {$set: Object.assign({}, doc, { + updatedAt: Date.now(), + updatedById: (_user && _user._id) ? _user._id : 'unknown', + })}; + + const baseQuery = {_id: id}; + const authQuery = queryForRoles(_user, this.userRoles.update, this.docRoles.update, { User: this.context.User }); + if (authQuery === false) { + throw new Error(`Not authorized to update ${this.type} ${id}.`); + } + + const finalQuery = {...baseQuery, ...authQuery}; + const result = await this.collection.updateOne(finalQuery, docToUpdate); + + if (result.result.ok === 1 && result.result.n === 1){ + log.debug(`updated ${this.type} ${id}.`); + } else { + log.debug(`update failed finalQuery:`, JSON.stringify(finalQuery, null, 2)); + log.debug('update failed for docToUpdate:', JSON.stringify(docToUpdate, null, 2)); + throw new Error(`update not possible for ${this.type} ${id}.`); + } - const updatedDoc = this.authorizedFields({doc, mode: UPDATE, user: _user, resolver: 'updateById'}); - const ret = await this.collection.update({ _id: id }, { - $set: Object.assign({}, updatedDoc, { - updatedAt: Date.now(), - updatedById: (_user && _user._id) ? _user._id : 'unknown', - }), - }); this.loader.clear(id); this.pubsub.publish('tweetUpdated', await this.findOneById(id)); - return ret; + return result; } async removeById(id, _user) { - const doc = await this.findOneById(id); - const authorized = this.isAuthorized({doc, mode: DELETE, user: _user, resolver: 'removeById'}); - if (!authorized) throw new Error('Tweet: mode: delete not authorized'); + const baseQuery = {_id: id}; + const authQuery = queryForRoles(_user, this.userRoles.delete, this.docRoles.delete, { User: this.context.User }); + if (!authQuery) throw new Error(`Not authorized to remove ${this.type} ${id}.`); + + const finalQuery = {...baseQuery, ...authQuery}; + const result = await this.collection.remove(finalQuery); + + if (result.result.ok === 1 && result.result.n === 1){ + log.info(`removed ${this.type} ${id}.`); + } else { + log.debug(`remove failed for finalQuery:`, JSON.stringify(finalQuery, null, 2)); + throw new Error(`remove not possible for ${this.type} ${id}.`); + } - const ret = this.collection.remove({ _id: id }); this.loader.clear(id); this.pubsub.publish('tweetRemoved', id); - return ret; + return result; } } diff --git a/test/output-app/model/User-complicated.js b/test/output-app/model/User-complicated.js new file mode 100644 index 0000000..9bb463d --- /dev/null +++ b/test/output-app/model/User-complicated.js @@ -0,0 +1,328 @@ +import _ from 'lodash'; +import log from '../server/logger'; +import DataLoader from 'dataloader'; +import findByIds from 'mongo-find-by-ids'; +import { CREATE, READ, READONE, READMANY, UPDATE, DELETE, DEBUG } from './constants'; + +export default class User { + constructor(context) { + /* this is generated from ... + @authorize( + admin: ["create", "read", "update", "delete"] + this: ["readOne", "update", "delete"] + ) + */ + this.authorizations = { + admin: { + create: true, + read: true, + readOne: true, + readMany: true, + update: true, + delete: true, + }, + this: { + readOne: true, + update: true, + delete: true, + }, + }; + this.context = context; + this.collection = context.db.collection('user'); + this.pubsub = context.pubsub; + this.loader = new DataLoader(ids => findByIds(this.collection, ids)); + } + + // returns the role of the current user + // generated by... + // role: String! @authRole("admin") @authorize(this: ["read"], admin: ["read", "update"]) + // ------- ------------------ + // whereas the field is not of type User, it is of type String + role(user){ + return (user && user.role) ? user.role : null; + } + + // returns true, if the user's role is of expected kind + // this is generated whenever @authorize appears in the type definition + hasUserRole({role, doc, user, mode, printLog = true, resolver}){ + let hasRole = false; + switch (role) { + // returns true, if signed in user has a role "admin" + // this is generated by... + // @authorize(admin: ["create", "read", "update", "delete"]) + // ----- + // and if there is no @authRole("admin") user on any of the fields + // then it assumes a role definition + // and it checks against the role of the signed in user + case 'admin': + hasRole = ( + // valid signed in user id available + !!user && !!user._id && user._id.toString() !== '' && + // the current user has the correct role + this.context.User.role(user) === 'admin' + ); + break; + // returns true, if the signed in user is equal to the document id + // this is generated by... + // @authorize(this:) + // ----- + case 'this': + hasRole = ( + // valid signed in user id available + !!user && !!user._id && user._id.toString() !== '' && + // valid document user id available + !!doc && !!doc._id && doc._id.toString() !== '' && + // document user id equals signed in user + doc._id.toString() === user._id.toString() + ); + break; + } + if (printLog){ + log.debug(''); + log.debug(`${resolver} hasRole: "${role}" "${(user && user.username) ? user.username : ''} ${(user && user.role) ? user.role : ''} ${(user && user._id) ? user._id : ''}" ==> "${hasRole}"`); + } + return hasRole; + } + + // returns true, if the user role is authorized for the current mode + // this is generated whenever @authorize appears in the type definition + isRoleAuthorizedForMode({role, mode, resolver}){ + log.debug(`${resolver} isRoleAuthorizedForMode: "${role}" "${mode}" ==> "${this.authorizations[role][mode] ? true : false}"`); + return this.authorizations[role][mode] ? true : false; + } + + // returns true, if the current user is authorized for the current mode and document + // this is generated, whenever @authorize appears... + isAuthorized({doc, mode, user, resolver}){ + + // generated by @authorize(admin: ...) + const adminAuthorized = this.hasUserRole({role: 'admin', doc, user, mode, printLog: true, resolver}) && + this.isRoleAuthorizedForMode({role: 'admin', mode, resolver}); + + // logging for debugging... + if (adminAuthorized){ + log.debug(`${resolver} isAuthorized: role: "${ + (user && user._id && this.context.User.role(user)) ? this.context.User.role(user) : '' + }" "${mode}" doc: "${ + (doc && doc._id) ? doc._id.toString() : '' + }" user: "${ + (user && user._id) ? user._id.toString() : '' + }" ===> "${adminAuthorized}"`); + + return adminAuthorized; + } + + // generated by @authorize(this: ...) + const thisAuthorized = this.hasUserRole({role: 'this', doc, user, mode, printLog: true, resolver}) && + this.isRoleAuthorizedForMode({role: 'this', mode, resolver}); + + // logging for debugging... + if (thisAuthorized) { + log.debug(`${resolver} isAuthorized: doc: "${ + (doc && doc._id) ? doc._id.toString() : '' + }" "${mode}" user: "${ + (user && user._id) ? user._id.toString() : '' + }" ===> "${thisAuthorized}"`); + + return thisAuthorized; + } + + // logging for debugging... + log.debug(`${resolver} isAuthorized: role: "${ + (user && user._id && this.context.User.role(user)) ? this.context.User.role(user) : '' + }" "${mode}" doc: "${ + (doc && doc._id) ? doc._id.toString() : '' + }" user: "${ + (user && user._id) ? user._id.toString() : '' + }" ===> "false"`); + + return false; + } + + // returns document without role field + // generated by... + // role: String! @authRole("admin") @authorize(this: ["read"], admin: ["read", "update"]) + // ------- ------------------ + authorizedFields({doc, mode, user, resolver}){ + // array contains all fields, whose authorization is to be checked + // role: String! @authorize() + // ---- ------------ + const fields = ['role']; + + // check authorization on field level now + fields.forEach(field => { + // default is: field is not authorized + let authorizedField = false; + + // role: String! @authorize() + // ---- ------------ + if (field === 'role'){ + log.debug(''); + // role: String! @authorize(this: ["read"]) + // ----- ----- ---- + if ( this.hasUserRole({role: 'this', doc, user, mode, printLog: false, resolver}) && + (mode === READ || mode === READONE || mode === READMANY) ){ + log.debug(`${resolver} authorizedFields: "${field}" is authorized for role: "this" and mode: "${mode}"`); + authorizedField = true; + } + + // role: @authorize(admin: ["create", "read", "update"]) + // ---- ----- ------ ---- ------ + if ( this.hasUserRole({role: 'admin', doc, user, mode, printLog: false, resolver}) && + (mode === CREATE || mode === READ || mode === READONE || mode === READMANY || mode === UPDATE) ){ + log.debug(`${resolver} authorizedFields: "${field}" is authorized for role: "admin" and mode: "${mode}"`); + authorizedField = true; + } + } + + // ... Checking fields here... + + // otherwise remove field from doc, + // because the user and mode is not authorize to access this field + if ( !authorizedField && doc[field] ){ + log.debug(`${resolver} authorizedFields: "${field}" not authorized for user/role and mode: "${mode}", removed from document`); + delete doc[field]; + } + }); + + return doc; + } + + // returns only authorized documents and fields + // generated by ... + // @authorize() + authorized({doc, mode, user, resolver}){ + // if it is an array of documents, .... + if (_.isArray(doc)){ + // then filter for the authorized documents + let authorizedDocs = _.filter(doc, d => this.isAuthorized({doc: d, mode, user, resolver}) ); + // provide only authorized fields + authorizedDocs.forEach(d => { + d = this.authorizedFields({doc: d, mode, user, resolver}); + }); + return authorizedDocs; + + // if it is a single document, check the authorization for it + } else if ( _.isObject(doc) && this.isAuthorized({doc, mode, user, resolver}) ) { + // return only authorized fields + const authorizedDoc = this.authorizedFields({doc, mode, user, resolver}); + return authorizedDoc; + } + + // or return null, if no authorized document was found + log.debug(`${resolver} authorized: no authorized doc found`); + return null; + } + + async getById(id, _user, resolver){ + const doc = await this.findOneById(id); + return this.authorized({doc, mode: READONE, user: _user, resolver}); + } + + findOneById(id) { + return this.loader.load(id); + } + + async getAll({ lastCreatedAt, limit }, _user, resolver){ + const doc = await this.all({ lastCreatedAt, limit }, _user); + return this.authorized({doc, mode: READMANY, user: _user, resolver}); + } + + all({ lastCreatedAt = 0, limit = 10 }, _user) { + return this.collection.find({ + createdAt: { $gt: lastCreatedAt }, + }).sort({ createdAt: 1 }).limit(limit).toArray(); + } + + async tweets(user, { minLikes, lastCreatedAt = 0, limit = 10 }, _user) { + const doc = await this.context.Tweet.collection.find({ + authorId: user._id, + createdAt: { $gt: lastCreatedAt }, + }).sort({ createdAt: 1 }).limit(limit).toArray(); + const authorizedDoc = this.context.Tweet.authorized({doc, mode: READMANY, user: _user, resolver: 'tweets'}); + return authorizedDoc; + } + + async liked(user, { lastCreatedAt = 0, limit = 10 }, _user) { + const doc = await this.context.Tweet.collection.find({ + _id: { $in: user.likedIds || [] }, + createdAt: { $gt: lastCreatedAt }, + }).sort({ createdAt: 1 }).limit(limit).toArray(); + const authorizedDoc = this.context.Tweet.authorized({doc, mode: READMANY, user: _user, resolver: 'liked'}); + return authorizedDoc; + } + + async following(user, { lastCreatedAt = 0, limit = 10 }, _user) { + const doc = await this.context.User.collection.find({ + _id: { $in: user.followingIds || [] }, + createdAt: { $gt: lastCreatedAt }, + }).sort({ createdAt: 1 }).limit(limit).toArray(); + const authorizedDoc = this.authorized({doc, mode: READMANY, user: _user, resolver: 'following'}); + return authorizedDoc; + } + + async followers(user, { lastCreatedAt = 0, limit = 10 }, _user) { + const doc = await this.context.User.collection.find({ + followingIds: user._id, + createdAt: { $gt: lastCreatedAt }, + }).sort({ createdAt: 1 }).limit(limit).toArray(); + const authorizedDoc = this.authorized({doc, mode: READMANY, user: _user, resolver: 'followers'}); + return authorizedDoc; + } + + async createdBy(user, _user) { + const doc = await this.context.User.getById(user.createdById, _user, 'createdBy'); + const authorizedDoc = this.authorized({doc, mode: READONE, user: _user, resolver: 'createdBy'}); + return authorizedDoc; + } + + async updatedBy(user, _user) { + const doc = await this.context.User.getById(user.updatedById, _user, 'updatedBy'); + const authorizedDoc = this.authorized({doc, mode: READONE, user: _user, resolver: 'updatedBy'}); + return authorizedDoc; + } + + async insert(doc, _user) { + let docToInsert = Object.assign({}, doc, { + createdAt: Date.now(), + updatedAt: Date.now(), + createdById: (_user && _user._id) ? _user._id : 'unknown', + updatedById: (_user && _user._id) ? _user._id : 'unknown', + }); + docToInsert = this.authorizedFields({doc: docToInsert, mode: CREATE, user: _user, resolver: 'insert'}); + const authorized = this.isAuthorized({doc: docToInsert, mode: CREATE, user: _user, resolver: 'insert'}); + if (!authorized) throw new Error('User: mode: create not authorized'); + + const id = (await this.collection.insertOne(docToInsert)).insertedId; + this.pubsub.publish('userInserted', await this.findOneById(id)); + return id; + } + + async updateById(id, doc, _user) { + const foundDoc = await this.findOneById(id); + const authorized = this.isAuthorized({doc: foundDoc, mode: UPDATE, user: _user, resolver: 'updateById'}); + if (!authorized) throw new Error('User: mode: update not authorized'); + + const updatedDoc = this.authorizedFields({doc, mode: UPDATE, user: _user, resolver: 'updateById'}); + const ret = await this.collection.update({ _id: id }, { + $set: Object.assign({}, updatedDoc, { + updatedAt: Date.now(), + updatedById: (_user && _user._id) ? _user._id : 'unknown', + }), + }); + this.loader.clear(id); + this.pubsub.publish('userUpdated', await this.findOneById(id)); + return ret; + } + + async removeById(id, _user) { + const doc = await this.findOneById(id); + const authorized = this.isAuthorized({doc, mode: DELETE, user: _user, resolver: 'removeById'}); + if (!authorized) throw new Error('User: mode: delete not authorized'); + + const ret = this.collection.remove({ _id: id }); + this.loader.clear(id); + this.pubsub.publish('userRemoved', id); + return ret; + } +} diff --git a/test/output-app/model/User.js b/test/output-app/model/User.js index 9bb463d..4eb3406 100644 --- a/test/output-app/model/User.js +++ b/test/output-app/model/User.js @@ -1,285 +1,85 @@ import _ from 'lodash'; +import { ObjectID } from 'mongodb'; import log from '../server/logger'; import DataLoader from 'dataloader'; -import findByIds from 'mongo-find-by-ids'; -import { CREATE, READ, READONE, READMANY, UPDATE, DELETE, DEBUG } from './constants'; +import { auth, findByIds, queryForRoles, userAuthorizedForDoc } from '../authorizations'; export default class User { constructor(context) { - /* this is generated from ... - @authorize( - admin: ["create", "read", "update", "delete"] - this: ["readOne", "update", "delete"] - ) - */ - this.authorizations = { - admin: { - create: true, - read: true, - readOne: true, - readMany: true, - update: true, - delete: true, - }, - this: { - readOne: true, - update: true, - delete: true, - }, - }; this.context = context; this.collection = context.db.collection('user'); this.pubsub = context.pubsub; - this.loader = new DataLoader(ids => findByIds(this.collection, ids)); + this.loader = new DataLoader((ids, authQuery = {}) => findByIds(this.collection, ids, authQuery)); + this.type = 'User'; + this.userRoles = auth[this.type].userRoles; + this.docRoles = auth[this.type].docRoles; } - // returns the role of the current user + // returns the userRole of the current user // generated by... // role: String! @authRole("admin") @authorize(this: ["read"], admin: ["read", "update"]) // ------- ------------------ // whereas the field is not of type User, it is of type String - role(user){ - return (user && user.role) ? user.role : null; + authRole(user){ + return (user && user.role) ? user.role : ''; } - // returns true, if the user's role is of expected kind - // this is generated whenever @authorize appears in the type definition - hasUserRole({role, doc, user, mode, printLog = true, resolver}){ - let hasRole = false; - switch (role) { - // returns true, if signed in user has a role "admin" - // this is generated by... - // @authorize(admin: ["create", "read", "update", "delete"]) - // ----- - // and if there is no @authRole("admin") user on any of the fields - // then it assumes a role definition - // and it checks against the role of the signed in user - case 'admin': - hasRole = ( - // valid signed in user id available - !!user && !!user._id && user._id.toString() !== '' && - // the current user has the correct role - this.context.User.role(user) === 'admin' - ); - break; - // returns true, if the signed in user is equal to the document id - // this is generated by... - // @authorize(this:) - // ----- - case 'this': - hasRole = ( - // valid signed in user id available - !!user && !!user._id && user._id.toString() !== '' && - // valid document user id available - !!doc && !!doc._id && doc._id.toString() !== '' && - // document user id equals signed in user - doc._id.toString() === user._id.toString() - ); - break; + findOneById(id, _user = {}, resolver = '') { + const authQuery = queryForRoles(_user, this.userRoles.readOne, this.docRoles.readOne, { User: this.context.User }); + log.debug(`${resolver} findOneById readOne with user ${(_user && _user.username) ? _user.username : ''} for ${this.type} and ${id}`); + if (authQuery === {}) log.debug('authQuery:', JSON.stringify(authQuery, null, 2)); + if (authQuery === false) { + throw new Error(`Not authorized to readOne ${this.type} ${id}.`); } - if (printLog){ - log.debug(''); - log.debug(`${resolver} hasRole: "${role}" "${(user && user.username) ? user.username : ''} ${(user && user.role) ? user.role : ''} ${(user && user._id) ? user._id : ''}" ==> "${hasRole}"`); - } - return hasRole; - } - - // returns true, if the user role is authorized for the current mode - // this is generated whenever @authorize appears in the type definition - isRoleAuthorizedForMode({role, mode, resolver}){ - log.debug(`${resolver} isRoleAuthorizedForMode: "${role}" "${mode}" ==> "${this.authorizations[role][mode] ? true : false}"`); - return this.authorizations[role][mode] ? true : false; - } - - // returns true, if the current user is authorized for the current mode and document - // this is generated, whenever @authorize appears... - isAuthorized({doc, mode, user, resolver}){ - - // generated by @authorize(admin: ...) - const adminAuthorized = this.hasUserRole({role: 'admin', doc, user, mode, printLog: true, resolver}) && - this.isRoleAuthorizedForMode({role: 'admin', mode, resolver}); - - // logging for debugging... - if (adminAuthorized){ - log.debug(`${resolver} isAuthorized: role: "${ - (user && user._id && this.context.User.role(user)) ? this.context.User.role(user) : '' - }" "${mode}" doc: "${ - (doc && doc._id) ? doc._id.toString() : '' - }" user: "${ - (user && user._id) ? user._id.toString() : '' - }" ===> "${adminAuthorized}"`); - - return adminAuthorized; - } - - // generated by @authorize(this: ...) - const thisAuthorized = this.hasUserRole({role: 'this', doc, user, mode, printLog: true, resolver}) && - this.isRoleAuthorizedForMode({role: 'this', mode, resolver}); - - // logging for debugging... - if (thisAuthorized) { - log.debug(`${resolver} isAuthorized: doc: "${ - (doc && doc._id) ? doc._id.toString() : '' - }" "${mode}" user: "${ - (user && user._id) ? user._id.toString() : '' - }" ===> "${thisAuthorized}"`); - - return thisAuthorized; - } - - // logging for debugging... - log.debug(`${resolver} isAuthorized: role: "${ - (user && user._id && this.context.User.role(user)) ? this.context.User.role(user) : '' - }" "${mode}" doc: "${ - (doc && doc._id) ? doc._id.toString() : '' - }" user: "${ - (user && user._id) ? user._id.toString() : '' - }" ===> "false"`); - - return false; - } - - // returns document without role field - // generated by... - // role: String! @authRole("admin") @authorize(this: ["read"], admin: ["read", "update"]) - // ------- ------------------ - authorizedFields({doc, mode, user, resolver}){ - // array contains all fields, whose authorization is to be checked - // role: String! @authorize() - // ---- ------------ - const fields = ['role']; - - // check authorization on field level now - fields.forEach(field => { - // default is: field is not authorized - let authorizedField = false; - - // role: String! @authorize() - // ---- ------------ - if (field === 'role'){ - log.debug(''); - // role: String! @authorize(this: ["read"]) - // ----- ----- ---- - if ( this.hasUserRole({role: 'this', doc, user, mode, printLog: false, resolver}) && - (mode === READ || mode === READONE || mode === READMANY) ){ - log.debug(`${resolver} authorizedFields: "${field}" is authorized for role: "this" and mode: "${mode}"`); - authorizedField = true; - } - - // role: @authorize(admin: ["create", "read", "update"]) - // ---- ----- ------ ---- ------ - if ( this.hasUserRole({role: 'admin', doc, user, mode, printLog: false, resolver}) && - (mode === CREATE || mode === READ || mode === READONE || mode === READMANY || mode === UPDATE) ){ - log.debug(`${resolver} authorizedFields: "${field}" is authorized for role: "admin" and mode: "${mode}"`); - authorizedField = true; - } - } - - // ... Checking fields here... - - // otherwise remove field from doc, - // because the user and mode is not authorize to access this field - if ( !authorizedField && doc[field] ){ - log.debug(`${resolver} authorizedFields: "${field}" not authorized for user/role and mode: "${mode}", removed from document`); - delete doc[field]; - } - }); - - return doc; + return this.loader.load(id, authQuery); } - // returns only authorized documents and fields - // generated by ... - // @authorize() - authorized({doc, mode, user, resolver}){ - // if it is an array of documents, .... - if (_.isArray(doc)){ - // then filter for the authorized documents - let authorizedDocs = _.filter(doc, d => this.isAuthorized({doc: d, mode, user, resolver}) ); - // provide only authorized fields - authorizedDocs.forEach(d => { - d = this.authorizedFields({doc: d, mode, user, resolver}); - }); - return authorizedDocs; - - // if it is a single document, check the authorization for it - } else if ( _.isObject(doc) && this.isAuthorized({doc, mode, user, resolver}) ) { - // return only authorized fields - const authorizedDoc = this.authorizedFields({doc, mode, user, resolver}); - return authorizedDoc; + all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = '') { + const baseQuery = { createdAt: { $gt: lastCreatedAt } }; + const authQuery = queryForRoles(_user, this.userRoles.readMany, this.docRoles.readMany, { User: this.context.User }); + const finalQuery = {...baseQuery, ...authQuery}; + log.debug(`${resolver} all readMany with user ${(_user && _user.username) ? _user.username : ''} for ${this.type}`); + if (authQuery != {}) log.debug('authQuery:', JSON.stringify(authQuery, null, 2)); + if (authQuery === false) { + throw new Error(`Not authorized to readMany ${this.type}.`); } - - // or return null, if no authorized document was found - log.debug(`${resolver} authorized: no authorized doc found`); - return null; - } - - async getById(id, _user, resolver){ - const doc = await this.findOneById(id); - return this.authorized({doc, mode: READONE, user: _user, resolver}); - } - - findOneById(id) { - return this.loader.load(id); - } - - async getAll({ lastCreatedAt, limit }, _user, resolver){ - const doc = await this.all({ lastCreatedAt, limit }, _user); - return this.authorized({doc, mode: READMANY, user: _user, resolver}); - } - - all({ lastCreatedAt = 0, limit = 10 }, _user) { - return this.collection.find({ - createdAt: { $gt: lastCreatedAt }, - }).sort({ createdAt: 1 }).limit(limit).toArray(); + return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } - async tweets(user, { minLikes, lastCreatedAt = 0, limit = 10 }, _user) { - const doc = await this.context.Tweet.collection.find({ + tweets(user, { minLikes, lastCreatedAt = 0, limit = 10 }, _user) { + return this.context.Tweet.collection.find({ authorId: user._id, createdAt: { $gt: lastCreatedAt }, }).sort({ createdAt: 1 }).limit(limit).toArray(); - const authorizedDoc = this.context.Tweet.authorized({doc, mode: READMANY, user: _user, resolver: 'tweets'}); - return authorizedDoc; } - async liked(user, { lastCreatedAt = 0, limit = 10 }, _user) { - const doc = await this.context.Tweet.collection.find({ + liked(user, { lastCreatedAt = 0, limit = 10 }, _user) { + return this.context.Tweet.collection.find({ _id: { $in: user.likedIds || [] }, createdAt: { $gt: lastCreatedAt }, }).sort({ createdAt: 1 }).limit(limit).toArray(); - const authorizedDoc = this.context.Tweet.authorized({doc, mode: READMANY, user: _user, resolver: 'liked'}); - return authorizedDoc; } - async following(user, { lastCreatedAt = 0, limit = 10 }, _user) { - const doc = await this.context.User.collection.find({ + following(user, { lastCreatedAt = 0, limit = 10 }, _user) { + return this.context.User.collection.find({ _id: { $in: user.followingIds || [] }, createdAt: { $gt: lastCreatedAt }, }).sort({ createdAt: 1 }).limit(limit).toArray(); - const authorizedDoc = this.authorized({doc, mode: READMANY, user: _user, resolver: 'following'}); - return authorizedDoc; } - async followers(user, { lastCreatedAt = 0, limit = 10 }, _user) { - const doc = await this.context.User.collection.find({ + followers(user, { lastCreatedAt = 0, limit = 10 }, _user) { + return this.context.User.collection.find({ followingIds: user._id, createdAt: { $gt: lastCreatedAt }, }).sort({ createdAt: 1 }).limit(limit).toArray(); - const authorizedDoc = this.authorized({doc, mode: READMANY, user: _user, resolver: 'followers'}); - return authorizedDoc; } - async createdBy(user, _user) { - const doc = await this.context.User.getById(user.createdById, _user, 'createdBy'); - const authorizedDoc = this.authorized({doc, mode: READONE, user: _user, resolver: 'createdBy'}); - return authorizedDoc; + createdBy(user, _user) { + return this.context.User.findOneById(user.createdById, _user, 'createdBy'); } - async updatedBy(user, _user) { - const doc = await this.context.User.getById(user.updatedById, _user, 'updatedBy'); - const authorizedDoc = this.authorized({doc, mode: READONE, user: _user, resolver: 'updatedBy'}); - return authorizedDoc; + updatedBy(user, _user) { + return this.context.User.findOneById(user.updatedById, _user, 'updatedBy'); } async insert(doc, _user) { @@ -289,40 +89,70 @@ export default class User { createdById: (_user && _user._id) ? _user._id : 'unknown', updatedById: (_user && _user._id) ? _user._id : 'unknown', }); - docToInsert = this.authorizedFields({doc: docToInsert, mode: CREATE, user: _user, resolver: 'insert'}); - const authorized = this.isAuthorized({doc: docToInsert, mode: CREATE, user: _user, resolver: 'insert'}); - if (!authorized) throw new Error('User: mode: create not authorized'); + + const authQuery = queryForRoles(_user, this.userRoles.create, this.docRoles.create, { User: this.context.User }); + if (authQuery === false || (authQuery !== {} && !userAuthorizedForDoc(_user, this.docRoles.create, doc)) ) { + throw new Error(`Not authorized to insert ${this.type} ${id}.`); + } const id = (await this.collection.insertOne(docToInsert)).insertedId; + + if (id){ + log.debug(`inserted ${this.type} ${id}.`); + } else { + log.debug('insert failed for docToInsert:', JSON.stringify(docToInsert, null, 2)); + throw new Error(`insert not possible for ${this.type} ${id}.`); + } + this.pubsub.publish('userInserted', await this.findOneById(id)); return id; } async updateById(id, doc, _user) { - const foundDoc = await this.findOneById(id); - const authorized = this.isAuthorized({doc: foundDoc, mode: UPDATE, user: _user, resolver: 'updateById'}); - if (!authorized) throw new Error('User: mode: update not authorized'); + let docToUpdate = {$set: Object.assign({}, doc, { + updatedAt: Date.now(), + updatedById: (_user && _user._id) ? _user._id : 'unknown', + })}; + + const baseQuery = {_id: id}; + const authQuery = queryForRoles(_user, this.userRoles.update, this.docRoles.update, { User: this.context.User }); + if (authQuery === false) { + throw new Error(`Not authorized to update ${this.type} ${id}.`); + } + + const finalQuery = {...baseQuery, ...authQuery}; + const result = await this.collection.updateOne(finalQuery, docToUpdate); + + if (result.result.ok === 1 && result.result.n === 1){ + log.debug(`updated ${this.type} ${id}.`); + } else { + log.debug(`update failed finalQuery:`, JSON.stringify(finalQuery, null, 2)); + log.debug('update failed for docToUpdate:', JSON.stringify(docToUpdate, null, 2)); + throw new Error(`update not possible for ${this.type} ${id}.`); + } - const updatedDoc = this.authorizedFields({doc, mode: UPDATE, user: _user, resolver: 'updateById'}); - const ret = await this.collection.update({ _id: id }, { - $set: Object.assign({}, updatedDoc, { - updatedAt: Date.now(), - updatedById: (_user && _user._id) ? _user._id : 'unknown', - }), - }); this.loader.clear(id); this.pubsub.publish('userUpdated', await this.findOneById(id)); - return ret; + return result; } async removeById(id, _user) { - const doc = await this.findOneById(id); - const authorized = this.isAuthorized({doc, mode: DELETE, user: _user, resolver: 'removeById'}); - if (!authorized) throw new Error('User: mode: delete not authorized'); + const baseQuery = {_id: id}; + const authQuery = queryForRoles(_user, this.userRoles.delete, this.docRoles.delete, { User: this.context.User }); + if (!authQuery) throw new Error(`Not authorized to remove ${this.type} ${id}.`); + + const finalQuery = {...baseQuery, ...authQuery}; + const result = await this.collection.remove(finalQuery); + + if (result.result.ok === 1 && result.result.n === 1){ + log.info(`removed ${this.type} ${id}.`); + } else { + log.debug(`remove failed for finalQuery:`, JSON.stringify(finalQuery, null, 2)); + throw new Error(`remove not possible for ${this.type} ${id}.`); + } - const ret = this.collection.remove({ _id: id }); this.loader.clear(id); this.pubsub.publish('userRemoved', id); - return ret; + return result; } } diff --git a/test/output-app/model/constants.js b/test/output-app/model/constants.js deleted file mode 100644 index 1103426..0000000 --- a/test/output-app/model/constants.js +++ /dev/null @@ -1,10 +0,0 @@ -// constants, to avoid typing errors -export const CREATE = 'create'; -export const READ = 'read'; -export const READONE = 'readOne'; -export const READMANY = 'readMany'; -export const UPDATE = 'update'; -export const DELETE = 'delete'; - -// debug to switch on additional logs -export const DEBUG = false; diff --git a/test/output-app/model/index.js b/test/output-app/model/index.js index 99f9412..c93df9e 100644 --- a/test/output-app/model/index.js +++ b/test/output-app/model/index.js @@ -1,7 +1,9 @@ +// import Authorize from '../server/authorize'; const models = {}; export default function addModelsToContext(context) { const newContext = Object.assign({}, context); + // newContext['Authorize'] = new Authorize(newContext); Object.keys(models).forEach((key) => { newContext[key] = new models[key](newContext); }); diff --git a/test/output-app/package.json b/test/output-app/package.json index 5eb5f10..debfa7c 100644 --- a/test/output-app/package.json +++ b/test/output-app/package.json @@ -33,6 +33,7 @@ "bcrypt": "^1.0.2", "body-parser": "1.15.2", "cors": "^2.8.1", + "create-graphql-server-authorization": "^0.0.2", "dataloader": "^1.2.0", "denodeify": "^1.2.1", "dotenv": "2.0.0", diff --git a/test/output-app/resolvers/Tweet.js b/test/output-app/resolvers/Tweet.js index 2c74815..2ed9454 100644 --- a/test/output-app/resolvers/Tweet.js +++ b/test/output-app/resolvers/Tweet.js @@ -26,18 +26,26 @@ const resolvers = { }, Query: { tweets(root, { lastCreatedAt, limit }, { Tweet, _user }) { - return Tweet.getAll({ lastCreatedAt, limit }, _user, 'tweets'); + try { + return Tweet.all({ lastCreatedAt, limit }, _user, 'tweets'); + } catch(error){ + console.log('ERROR:', error.message); + } }, tweet(root, { id }, { Tweet, _user }) { - return Tweet.getById(id, _user, 'tweet'); + try { + return Tweet.findOneById(id, _user, 'tweet'); + } catch(error){ + console.log('ERROR:', error.message); + } }, }, Mutation: { async createTweet(root, { input }, { Tweet, _user }) { try { const id = await Tweet.insert(input, _user); - return Tweet.getById(id, _user, 'createTweet'); + return Tweet.findOneById(id, _user, 'createTweet'); } catch(error) { console.log('ERROR:', error.message); } @@ -46,7 +54,7 @@ const resolvers = { async updateTweet(root, { id, input }, { Tweet, _user }) { try { await Tweet.updateById(id, input, _user); - return Tweet.getById(id, _user, 'updateTweet'); + return Tweet.findOneById(id, _user, 'updateTweet'); } catch(error) { console.log('ERROR:', error.message); } diff --git a/test/output-app/resolvers/User.js b/test/output-app/resolvers/User.js index 8b9331e..fcb69d5 100644 --- a/test/output-app/resolvers/User.js +++ b/test/output-app/resolvers/User.js @@ -30,18 +30,18 @@ }, Query: { users(root, { lastCreatedAt, limit }, { User, _user }) { - return User.getAll({ lastCreatedAt, limit }, _user, 'users'); + return User.all({ lastCreatedAt, limit }, _user, 'users'); }, user(root, { id }, { User, _user }) { - return User.getById(id, _user, 'user'); + return User.findOneById(id, _user, 'user'); }, }, Mutation: { async createUser(root, { input }, { User, _user }) { try { const id = await User.insert(input, _user); - return User.getById(id, _user, 'createUser'); + return User.findOneById(id, _user, 'createUser'); } catch(error) { console.log('ERROR:', error.message); } @@ -50,7 +50,7 @@ async updateUser(root, { id, input }, { User, _user }) { try { await User.updateById(id, input, _user); - return User.getById(id, _user, 'updateUser'); + return User.findOneById(id, _user, 'updateUser'); } catch(error) { console.log('ERROR:', error.message); } diff --git a/test/output-app/schema/Tweet.graphql b/test/output-app/schema/Tweet.graphql index 2be1380..f2144c7 100644 --- a/test/output-app/schema/Tweet.graphql +++ b/test/output-app/schema/Tweet.graphql @@ -1,7 +1,7 @@ type Tweet { id: ObjID! author: User - coauthors: [User!] + coauthors: [User] body: String! likers(lastCreatedAt: Float, limit: Int): [User!] createdAt: Float! @@ -18,12 +18,12 @@ extend type Query { input CreateTweetInput { authorId: ObjID! body: String! - coauthorsIds: [ObjID!] + coauthorsIds: [ObjID] } input UpdateTweetInput { - body: String! - coauthorsIds: [ObjID!] + body: String + coauthorsIds: [ObjID] } extend type Mutation { diff --git a/test/output-app/server/authorize.js b/test/output-app/server/authorize.js new file mode 100644 index 0000000..69cbf35 --- /dev/null +++ b/test/output-app/server/authorize.js @@ -0,0 +1,104 @@ + import _ from 'lodash'; + import log from './logger'; + +/** + * @class Authorize + * adding Authorize to the context + **/ +export default class Authorize { + constructor(context){ + this.context = context; + } + + /** + * Returns an array of records, indexed by ids + * @params {object} collection + * @params {array} ids + * @params {object} authQuery + * @return {boolean} loggedIn + **/ + findByIdsWithAuth(collection, ids, authQuery) { + const baseQuery = { _id: { $in: ids } }; + const finalQuery = {...baseQuery, ...authQuery}; + return collection.find(finalQuery) + .toArray() + .then((docs) => { + const idMap = {}; + docs.forEach((d) => { idMap[d._id] = d; }); + return ids.map(id => idMap[id]); + }); + } + + /** + * Returns true, if user is loggedIn + * @params {object} user + * @return {boolean} loggedIn + **/ + loggedIn(user) { + if(user && user._id && user._id.toString() !== '') { + return true; + } + return false; + } + + // for compatibility reasons old document authorizer... + authorized({doc, mode, user, resolver}){ + log.debug(`user "${(user && user.username) ? user.username : ''}" authorized to ${mode} ${resolver} with doc "${(doc && doc._id) ? doc._id : ''}"`); + return doc; + } + + authorizedFields({doc, mode, user, resolver}){ + return doc; + } + + /** + * Returns a query object for the selection + * sets default values in the interface + * @params {object} user, the signed in or unknown user + * @params {array} userRoles, the role of the user, default '' + * @params {array} docRoles, the document owner fields of type: User + * @params {object} context, access to the User model methods + * @return {object} query-selection-object + **/ + //queryForRoles(user, userRoles, docRoles, { User }) { + queryForRoles(user, userRoles = [], docRoles = [], { User }) { + + // Authorized by userRoles + const role = User.authRole(user); + if (userRoles.includes(role)) { + return {}; + } + + // Authorized by docRoles + const query = { $or: [] }; + if (docRoles.length > 0){ + docRoles.forEach(docRole => query.$or.push( { [docRole]: user._id } )); + return query; + } + + // Not Authorized + return false; + } + + userForDoc(_user, docRoles, doc){ + const newDoc = Object.assign({}, doc); + let authorized = false; + docRoles.forEach(docRole => { + // user logged in and + // role field in doc exists and + // includes the current user + // includes works for String and Array + if ( + this.loggedIn(_user) && newDoc[docRole] && + ( + ( _.isArray(newDoc[docRole]) && newDoc[docRole].includes(_user._id.toString()) ) || + ( _.isObject(newDoc[docRole]) && newDoc[docRole].toString().includes(_user._id.toString()) ) + ) + ){ + authorized = true; + } + }) + return authorized; + } + +} diff --git a/test/output-app/server/index.js b/test/output-app/server/index.js index 2a0e52c..e8a6c61 100644 --- a/test/output-app/server/index.js +++ b/test/output-app/server/index.js @@ -50,7 +50,7 @@ async function startServer() { // Get the query, the same way express-graphql does it // https://github.com/graphql/express-graphql/blob/3fa6e68582d6d933d37fa9e841da5d2aa39261cd/src/index.js#L257 const query = req.query.query || req.body.query; - if (query && query.length > 2000) { + if (query && query.length > 4000) { // None of our app's queries are this long // Probably indicates someone trying to send an overly expensive query throw new Error('Query too large.'); @@ -59,7 +59,7 @@ async function startServer() { schema, context: Object.assign({ _user }, req.context), debug: true, - formatError(e) { console.log(e) }, + // formatError(e) { console.log(e) }, }; })(req, res, next); })(req, res, next); diff --git a/test/output-app/yarn.lock b/test/output-app/yarn.lock index 0d4ce4c..67d8e74 100644 --- a/test/output-app/yarn.lock +++ b/test/output-app/yarn.lock @@ -1188,6 +1188,10 @@ crc@3.4.0: version "3.4.0" resolved "https://registry.yarnpkg.com/crc/-/crc-3.4.0.tgz#4258e351613a74ef1153dfcb05e820c3e9715d7f" +create-graphql-server-authorization@^0.0.2: + version "0.0.2" + resolved "https://registry.yarnpkg.com/create-graphql-server-authorization/-/create-graphql-server-authorization-0.0.2.tgz#6449d9e32eeea8191bdd0e72a47dda78a696835f" + cryptiles@2.x.x: version "2.0.5" resolved "https://registry.yarnpkg.com/cryptiles/-/cryptiles-2.0.5.tgz#3bdfecdc608147c1c67202fa291e7dca59eaa3b8" @@ -1224,18 +1228,18 @@ dataloader@^1.2.0: version "1.2.0" resolved "https://registry.yarnpkg.com/dataloader/-/dataloader-1.2.0.tgz#3f73ea657c492c860c1633348adc55ca9bf2107e" -debug@2, debug@2.2.0, debug@^2.1.1, debug@^2.2.0, debug@~2.2.0: - version "2.2.0" - resolved "https://registry.yarnpkg.com/debug/-/debug-2.2.0.tgz#f87057e995b1a1f6ae6a4960664137bc56f039da" - dependencies: - ms "0.7.1" - -debug@2.6.8: +debug@2, debug@2.6.8, debug@^2.1.1, debug@^2.2.0: version "2.6.8" resolved "https://registry.yarnpkg.com/debug/-/debug-2.6.8.tgz#e731531ca2ede27d188222427da17821d68ff4fc" dependencies: ms "2.0.0" +debug@2.2.0, debug@~2.2.0: + version "2.2.0" + resolved "https://registry.yarnpkg.com/debug/-/debug-2.2.0.tgz#f87057e995b1a1f6ae6a4960664137bc56f039da" + dependencies: + ms "0.7.1" + decamelize@^1.1.1, decamelize@^1.1.2: version "1.2.0" resolved "https://registry.yarnpkg.com/decamelize/-/decamelize-1.2.0.tgz#f6534d15148269b20352e7bee26f501f9a191290" From cd760ae458878b60fb27628d065e5972e64b70ba Mon Sep 17 00:00:00 2001 From: Tobias Klemmer Date: Wed, 14 Jun 2017 12:25:57 +0200 Subject: [PATCH 10/69] before simplification --- test/output-app/authorizations/helpers.js | 20 +++++++------ test/output-app/model/Tweet.js | 34 +++++++++++++---------- test/output-app/model/User.js | 29 +++++++++++-------- test/output-app/resolvers/Tweet.js | 6 ++-- test/output-app/resolvers/User.js | 6 ++-- test/output-app/server/authenticate.js | 1 - 6 files changed, 55 insertions(+), 41 deletions(-) diff --git a/test/output-app/authorizations/helpers.js b/test/output-app/authorizations/helpers.js index 4fe4e03..d20eb5d 100644 --- a/test/output-app/authorizations/helpers.js +++ b/test/output-app/authorizations/helpers.js @@ -20,7 +20,7 @@ export function loggedIn(user) { return false; } -export function queryForRoles(user, userRoles = [], docRoles = [], { User }) { +export function queryForRoles(user = {}, userRoles = [], docRoles = [], { User }) { // Authorized by userRoles const role = User.authRole(user); if (userRoles.includes(role) || userRoles.includes('world')) { @@ -36,19 +36,23 @@ export function queryForRoles(user, userRoles = [], docRoles = [], { User }) { return false; } -export function userAuthorizedForDoc(_user, docRoles, doc){ +export function userAuthorizedForDoc(user = {}, userRoles = [], docRoles = [], { User }, doc){ const newDoc = Object.assign({}, doc); let authorized = false; + // Authorized by userRoles + const role = User.authRole(user); + if (userRoles.includes(role) || userRoles.includes('world')) { + authorized = true; + } + // Authorized by docRoles docRoles.forEach(docRole => { - // user logged in and - // role field in doc exists and + // user logged in and role field in doc exists and // includes the current user - // includes works for String and Array if ( - loggedIn(_user) && newDoc[docRole] && + loggedIn(user) && newDoc[docRole] && ( - ( _.isArray(newDoc[docRole]) && newDoc[docRole].includes(_user._id.toString()) ) || - ( _.isObject(newDoc[docRole]) && newDoc[docRole].toString().includes(_user._id.toString()) ) + ( _.isArray(newDoc[docRole]) && newDoc[docRole].includes(user._id.toString()) ) || + ( _.isObject(newDoc[docRole]) && newDoc[docRole].toString().includes(user._id.toString()) ) ) ){ authorized = true; diff --git a/test/output-app/model/Tweet.js b/test/output-app/model/Tweet.js index 75dbb95..ece266a 100644 --- a/test/output-app/model/Tweet.js +++ b/test/output-app/model/Tweet.js @@ -15,22 +15,26 @@ export default class Tweet { this.docRoles = auth[this.type].docRoles; } - findOneById(id, _user = {}, resolver = '') { + getOneById(id, _user = {}, resolver = '') { const authQuery = queryForRoles(_user, this.userRoles.readOne, this.docRoles.readOne, { User: this.context.User }); - log.debug(`${resolver} findOneById readOne with user ${(_user && _user.username) ? _user.username : ''} for ${this.type} and ${id}`); - log.debug('authQuery:', JSON.stringify(authQuery, null, 2)); + log.debug(`${resolver} getOneById readOne with user ${(_user && _user.username) ? _user.username : ''} for ${this.type} and ${id}`); + if (typeof authQuery === "object" && Object.keys(authQuery).length > 0 ) log.debug('authQuery:', JSON.stringify(authQuery, null, 2)); if (authQuery === false) { throw new Error(`Not authorized to readOne ${this.type} ${id}.`); } return this.loader.load(id, authQuery); } + findOneById(id) { + return this.loader.load(id); + } + all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = '') { const baseQuery = { createdAt: { $gt: lastCreatedAt } }; const authQuery = queryForRoles(_user, this.userRoles.readMany, this.docRoles.readMany, { User: this.context.User }); const finalQuery = {...baseQuery, ...authQuery}; log.debug(`${resolver} all readMany with user ${(_user && _user.username) ? _user.username : ''} for ${this.type}`); - if (authQuery != {}) log.debug('authQuery:', JSON.stringify(authQuery, null, 2)); + if (typeof authQuery === "object" && Object.keys(authQuery).length > 0 ) log.debug('authQuery:', JSON.stringify(authQuery, null, 2)); if (authQuery === false) { throw new Error(`Not authorized to readMany ${this.type}.`); } @@ -38,15 +42,15 @@ export default class Tweet { } author(tweet, _user) { - return this.context.User.findOneById(tweet.authorId, _user, 'author'); + return this.context.User.getOneById(tweet.authorId, _user, 'author'); } createdBy(tweet, _user) { - return this.context.User.findOneById(tweet.createdById, _user, 'createdBy'); + return this.context.User.getOneById(tweet.createdById, _user, 'createdBy'); } updatedBy(tweet, _user) { - return this.context.User.findOneById(tweet.updatedById, _user, 'udpatedBy'); + return this.context.User.getOneById(tweet.updatedById, _user, 'udpatedBy'); } coauthors(tweet, { lastCreatedAt = 0, limit = 10 }, _user) { @@ -54,7 +58,7 @@ export default class Tweet { const authQuery = queryForRoles(_user, this.userRoles.readMany, this.docRoles.readMany, { User: this.context.User }); const finalQuery = {...baseQuery, ...authQuery}; log.debug(`coauthors readMany with user ${(_user && _user.username) ? _user.username : ''} for ${this.type}`); - log.debug('authQuery:', JSON.stringify(authQuery, null, 2)); + if (typeof authQuery === "object" && Object.keys(authQuery).length > 0 ) log.debug('authQuery:', JSON.stringify(authQuery, null, 2)); if (authQuery === false) { throw new Error(`coauthors Not authorized to readMany ${this.type} ${id}.`); } @@ -66,7 +70,7 @@ export default class Tweet { const authQuery = queryForRoles(_user, this.userRoles.readMany, this.docRoles.readMany, { User: this.context.User }); const finalQuery = {...baseQuery, ...authQuery}; log.debug(`likers readMany with user ${(_user && _user.username) ? _user.username : ''} for ${this.type}`); - log.debug('authQuery:', JSON.stringify(authQuery, null, 2)); + if (typeof authQuery === "object" && Object.keys(authQuery).length > 0 ) log.debug('authQuery:', JSON.stringify(authQuery, null, 2)); if (authQuery === false) { throw new Error(`coauthors Not authorized to readMany ${this.type} ${id}.`); } @@ -82,7 +86,7 @@ export default class Tweet { }); const authQuery = queryForRoles(_user, this.userRoles.create, this.docRoles.create, { User: this.context.User }); - if (authQuery === false || (authQuery !== {} && !userAuthorizedForDoc(_user, this.docRoles.create, doc)) ) { + if (authQuery === false || (typeof authQuery === "object" && Object.keys(authQuery).length > 0 && !userAuthorizedForDoc(_user, this.userRoles.create, this.docRoles.create, { User: this.context.User }, docToInsert)) ) { throw new Error(`Not authorized to insert ${this.type} ${id}.`); } @@ -95,7 +99,7 @@ export default class Tweet { throw new Error(`insert not possible for ${this.type} ${id}.`); } - this.pubsub.publish('tweetInserted', await this.findOneById(id)); + this.pubsub.publish('tweetInserted', await this.getOneById(id, _user, 'pubsub tweetInserted')); return id; } @@ -107,7 +111,7 @@ export default class Tweet { const baseQuery = {_id: id}; const authQuery = queryForRoles(_user, this.userRoles.update, this.docRoles.update, { User: this.context.User }); - if (authQuery === false) { + if (authQuery === false || (typeof authQuery === "object" && Object.keys(authQuery).length > 0 && !userAuthorizedForDoc(_user, this.userRoles.update, this.docRoles.update, { User: this.context.User }, docToUpdate)) ) { throw new Error(`Not authorized to update ${this.type} ${id}.`); } @@ -123,14 +127,16 @@ export default class Tweet { } this.loader.clear(id); - this.pubsub.publish('tweetUpdated', await this.findOneById(id)); + this.pubsub.publish('tweetUpdated', await this.getOneById(id, _user, 'pubsub tweetUpdated')); return result; } async removeById(id, _user) { const baseQuery = {_id: id}; const authQuery = queryForRoles(_user, this.userRoles.delete, this.docRoles.delete, { User: this.context.User }); - if (!authQuery) throw new Error(`Not authorized to remove ${this.type} ${id}.`); + if (authQuery === false || (typeof authQuery === "object" && Object.keys(authQuery).length > 0 && !userAuthorizedForDoc(_user, this.userRoles.delete, this.docRoles.delete, { User: this.context.User }, {_id: id} )) ) { + throw new Error(`Not authorized to remove ${this.type} ${id}.`); + } const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.remove(finalQuery); diff --git a/test/output-app/model/User.js b/test/output-app/model/User.js index 4eb3406..10b97f7 100644 --- a/test/output-app/model/User.js +++ b/test/output-app/model/User.js @@ -24,22 +24,26 @@ export default class User { return (user && user.role) ? user.role : ''; } - findOneById(id, _user = {}, resolver = '') { + getOneById(id, _user = {}, resolver = '') { const authQuery = queryForRoles(_user, this.userRoles.readOne, this.docRoles.readOne, { User: this.context.User }); - log.debug(`${resolver} findOneById readOne with user ${(_user && _user.username) ? _user.username : ''} for ${this.type} and ${id}`); - if (authQuery === {}) log.debug('authQuery:', JSON.stringify(authQuery, null, 2)); + log.debug(`${resolver} getOneById readOne with user ${(_user && _user.username) ? _user.username : ''} for ${this.type} and ${id}`); + if (typeof authQuery === "object" && Object.keys(authQuery).length > 0 ) log.debug('authQuery:', JSON.stringify(authQuery, null, 2)); if (authQuery === false) { throw new Error(`Not authorized to readOne ${this.type} ${id}.`); } return this.loader.load(id, authQuery); } + findOneById(id) { + return this.loader.load(id); + } + all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = '') { const baseQuery = { createdAt: { $gt: lastCreatedAt } }; const authQuery = queryForRoles(_user, this.userRoles.readMany, this.docRoles.readMany, { User: this.context.User }); const finalQuery = {...baseQuery, ...authQuery}; log.debug(`${resolver} all readMany with user ${(_user && _user.username) ? _user.username : ''} for ${this.type}`); - if (authQuery != {}) log.debug('authQuery:', JSON.stringify(authQuery, null, 2)); + if (typeof authQuery === "object" && Object.keys(authQuery).length > 0 ) log.debug('authQuery:', JSON.stringify(authQuery, null, 2)); if (authQuery === false) { throw new Error(`Not authorized to readMany ${this.type}.`); } @@ -75,11 +79,11 @@ export default class User { } createdBy(user, _user) { - return this.context.User.findOneById(user.createdById, _user, 'createdBy'); + return this.context.User.getOneById(user.createdById, _user, 'createdBy'); } updatedBy(user, _user) { - return this.context.User.findOneById(user.updatedById, _user, 'updatedBy'); + return this.context.User.getOneById(user.updatedById, _user, 'updatedBy'); } async insert(doc, _user) { @@ -91,7 +95,7 @@ export default class User { }); const authQuery = queryForRoles(_user, this.userRoles.create, this.docRoles.create, { User: this.context.User }); - if (authQuery === false || (authQuery !== {} && !userAuthorizedForDoc(_user, this.docRoles.create, doc)) ) { + if (authQuery === false || !userAuthorizedForDoc(_user, this.userRoles.create, this.docRoles.create, { User: this.context.User }, docToInsert) ) { throw new Error(`Not authorized to insert ${this.type} ${id}.`); } @@ -104,7 +108,7 @@ export default class User { throw new Error(`insert not possible for ${this.type} ${id}.`); } - this.pubsub.publish('userInserted', await this.findOneById(id)); + this.pubsub.publish('userInserted', await this.getOneById(id, _user, 'pubsub userInserted')); return id; } @@ -116,7 +120,7 @@ export default class User { const baseQuery = {_id: id}; const authQuery = queryForRoles(_user, this.userRoles.update, this.docRoles.update, { User: this.context.User }); - if (authQuery === false) { + if (authQuery === false || !userAuthorizedForDoc(_user, this.userRoles.update, this.docRoles.update, { User: this.context.User }, docToUpdate) ) { throw new Error(`Not authorized to update ${this.type} ${id}.`); } @@ -132,15 +136,16 @@ export default class User { } this.loader.clear(id); - this.pubsub.publish('userUpdated', await this.findOneById(id)); + this.pubsub.publish('userUpdated', await this.getOneById(id, _user, 'pubsub userUpdated')); return result; } async removeById(id, _user) { const baseQuery = {_id: id}; const authQuery = queryForRoles(_user, this.userRoles.delete, this.docRoles.delete, { User: this.context.User }); - if (!authQuery) throw new Error(`Not authorized to remove ${this.type} ${id}.`); - + if (authQuery === false || !userAuthorizedForDoc(_user, this.userRoles.delete, this.docRoles.delete, { User: this.context.User }, {_id: id} ) ) { + throw new Error(`Not authorized to remove ${this.type} ${id}.`); + } const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.remove(finalQuery); diff --git a/test/output-app/resolvers/Tweet.js b/test/output-app/resolvers/Tweet.js index 2ed9454..e3bf212 100644 --- a/test/output-app/resolvers/Tweet.js +++ b/test/output-app/resolvers/Tweet.js @@ -35,7 +35,7 @@ const resolvers = { tweet(root, { id }, { Tweet, _user }) { try { - return Tweet.findOneById(id, _user, 'tweet'); + return Tweet.getOneById(id, _user, 'tweet'); } catch(error){ console.log('ERROR:', error.message); } @@ -45,7 +45,7 @@ const resolvers = { async createTweet(root, { input }, { Tweet, _user }) { try { const id = await Tweet.insert(input, _user); - return Tweet.findOneById(id, _user, 'createTweet'); + return Tweet.getOneById(id, _user, 'createTweet'); } catch(error) { console.log('ERROR:', error.message); } @@ -54,7 +54,7 @@ const resolvers = { async updateTweet(root, { id, input }, { Tweet, _user }) { try { await Tweet.updateById(id, input, _user); - return Tweet.findOneById(id, _user, 'updateTweet'); + return Tweet.getOneById(id, _user, 'updateTweet'); } catch(error) { console.log('ERROR:', error.message); } diff --git a/test/output-app/resolvers/User.js b/test/output-app/resolvers/User.js index fcb69d5..0aa5cc3 100644 --- a/test/output-app/resolvers/User.js +++ b/test/output-app/resolvers/User.js @@ -34,14 +34,14 @@ }, user(root, { id }, { User, _user }) { - return User.findOneById(id, _user, 'user'); + return User.getOneById(id, _user, 'user'); }, }, Mutation: { async createUser(root, { input }, { User, _user }) { try { const id = await User.insert(input, _user); - return User.findOneById(id, _user, 'createUser'); + return User.getOneById(id, _user, 'createUser'); } catch(error) { console.log('ERROR:', error.message); } @@ -50,7 +50,7 @@ async updateUser(root, { id, input }, { User, _user }) { try { await User.updateById(id, input, _user); - return User.findOneById(id, _user, 'updateUser'); + return User.getOneById(id, _user, 'updateUser'); } catch(error) { console.log('ERROR:', error.message); } diff --git a/test/output-app/server/authenticate.js b/test/output-app/server/authenticate.js index a08b286..3c37011 100644 --- a/test/output-app/server/authenticate.js +++ b/test/output-app/server/authenticate.js @@ -11,7 +11,6 @@ async function userFromPayload(request, jwtPayload) { if (!jwtPayload.userId) { throw new Error('No userId in JWT'); } - return await request.context.User.findOneById(ObjectId(jwtPayload.userId)); } From 8979a86e603e18b24b672f94c914aac9468b04f0 Mon Sep 17 00:00:00 2001 From: Tobias Klemmer Date: Thu, 15 Jun 2017 21:15:29 +0200 Subject: [PATCH 11/69] with authorization folder --- test/input/User.graphql | 2 +- .../test-3-mutations-with-user-role-admin.js | 65 ++- .../test-4-mutations-with-unknown-user.js | 17 +- .../test-5-mutations-with-user-role-user.js | 39 +- .../test-6-mutations-with-user-role-editor.js | 26 +- test/output-app/authorizations/Tweet.js | 2 +- test/output-app/authorizations/User.js | 23 +- test/output-app/authorizations/helpers.js | 160 ++++++-- test/output-app/model/Tweet-complicated.js | 371 ------------------ test/output-app/model/Tweet.js | 64 +-- test/output-app/model/User-complicated.js | 328 ---------------- test/output-app/model/User.js | 92 ++--- test/output-app/model/index.js | 2 - test/output-app/resolvers/Tweet.js | 34 +- test/output-app/resolvers/User.js | 22 +- test/output-app/server/authorize.js | 104 ----- 16 files changed, 293 insertions(+), 1058 deletions(-) delete mode 100644 test/output-app/model/Tweet-complicated.js delete mode 100644 test/output-app/model/User-complicated.js delete mode 100644 test/output-app/server/authorize.js diff --git a/test/input/User.graphql b/test/input/User.graphql index 7d6240b..042d616 100644 --- a/test/input/User.graphql +++ b/test/input/User.graphql @@ -6,7 +6,7 @@ type User ) { - role: String! @authRole("admin") @authorize(admin: ["create", "read", "update"], this: ["read"]) + role: String! @authRole("admin") @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne", "delete"]) username: String! diff --git a/test/output-app-end-to-end/test-3-mutations-with-user-role-admin.js b/test/output-app-end-to-end/test-3-mutations-with-user-role-admin.js index f5c0e60..8cd55d0 100644 --- a/test/output-app-end-to-end/test-3-mutations-with-user-role-admin.js +++ b/test/output-app-end-to-end/test-3-mutations-with-user-role-admin.js @@ -5,20 +5,28 @@ import { sendQuery, sendQueryAndExpect, roleUser, adminUser } from './sendQuery' let newUser; let otherUser; let tweetId; +let tweetId2; let tweetIdOthers; function makeUserInput(user) { - return `{ - username: "${user.username}", - bio: "${user.bio}", - role: "${user.role}" - }`; + if (user.role) + return `{ + username: "${user.username}", + bio: "${user.bio}", + role: "${user.role}" + }`; + else + return `{ + username: "${user.username}", + bio: "${user.bio}" + }`; } function makeTweetInput(tweet, userId) { if (tweet.author) { return `{ authorId: "${userId ? userId : tweet.author.id}", + coauthorsIds: ${tweet.coauthorsIds ? JSON.stringify(tweet.coauthorsIds) : JSON.stringify([])}, body: "${tweet.body}" }`; } @@ -68,7 +76,7 @@ describe('test-3: user with role "admin"', () => { assert.isNotNull(newUser); }); - it('can create new users', () => { + it('admin user created new "other" user with role "editor"', () => { const expectedUser = { username: 'zol', bio: 'Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead', @@ -88,27 +96,6 @@ describe('test-3: user with role "admin"', () => { assert.isNotNull(result.data.createUser); assert.isNotNull(result.data.createUser.id); otherUser = result.data.createUser.id; - - let expectedTweet = { - author: { id: otherUser }, - body: 'This is a test tweet of user zoltan', - }; - - sendQuery({ query: ` - mutation { - createTweet(input: ${makeTweetInput(expectedTweet, otherUser)}) { - id - } - } - `, - userId: otherUser - }) - .then((result) => { - assert.isNotNull(result.data); - assert.isNotNull(result.data.createTweet); - assert.isNotNull(result.data.createTweet.id); - tweetIdOthers = result.data.createTweet.id; - }); }); }); @@ -230,11 +217,7 @@ describe('test-3: user with role "admin"', () => { } } `, { - updateUser: { - username: 'tobkle', - bio: 'Maker of things, I guess', - role: 'editor' - } + updateUser: null }, newUser) }); @@ -276,11 +259,13 @@ describe('test-3: user with role "admin"', () => { let expectedTweet = { author: { id: newUser }, + //coauthors: [], body: 'This is a test tweet of user tobkle', }; const expectedTweetOtherAuthor = { author: { id: adminUser }, + //coauthors: [], body: 'We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:', }; @@ -316,16 +301,22 @@ describe('test-3: user with role "admin"', () => { assert.isNotNull(tweetId); }); - it('can not create tweet for other author', () => { - return sendQueryAndExpect(` + it('can create tweet for other author', () => { + sendQuery({ query: ` mutation { createTweet(input: ${makeTweetInput(expectedTweetOtherAuthor, adminUser)}) { id } } - `, - { createTweet: null }, - newUser); + `, + userId: newUser + }) + .then((result) => { + assert.isNotNull(result.data); + assert.isNotNull(result.data.createTweet); + assert.isNotNull(result.data.createTweet.id); + tweetIdOthers = result.data.createTweet.id; + }) }); it('can read own tweet', () => { diff --git a/test/output-app-end-to-end/test-4-mutations-with-unknown-user.js b/test/output-app-end-to-end/test-4-mutations-with-unknown-user.js index 18da560..b9654db 100644 --- a/test/output-app-end-to-end/test-4-mutations-with-unknown-user.js +++ b/test/output-app-end-to-end/test-4-mutations-with-unknown-user.js @@ -7,17 +7,24 @@ let tweetId; const tweetIdOthers = '583676d3618530145474e352'; function makeUserInput(user) { - return `{ - username: "${user.username}", - bio: "${user.bio}", - role: "${user.role}" - }`; + if (user.role) + return `{ + username: "${user.username}", + bio: "${user.bio}", + role: "${user.role}" + }`; + else + return `{ + username: "${user.username}", + bio: "${user.bio}" + }`; } function makeTweetInput(tweet, userId) { if (tweet.author) { return `{ authorId: "${userId ? userId : tweet.author.id}", + coauthorsIds: ${tweet.coauthorsIds ? JSON.stringify(tweet.coauthorsIds) : JSON.stringify([])}, body: "${tweet.body}" }`; } diff --git a/test/output-app-end-to-end/test-5-mutations-with-user-role-user.js b/test/output-app-end-to-end/test-5-mutations-with-user-role-user.js index 0c16c90..1f8e5d1 100644 --- a/test/output-app-end-to-end/test-5-mutations-with-user-role-user.js +++ b/test/output-app-end-to-end/test-5-mutations-with-user-role-user.js @@ -7,17 +7,24 @@ let tweetId; const tweetIdOthers = '583676d3618530145474e352'; function makeUserInput(user) { - return `{ - username: "${user.username}", - bio: "${user.bio}", - role: "${user.role}" - }`; + if (user.role) + return `{ + username: "${user.username}", + bio: "${user.bio}", + role: "${user.role}" + }`; + else + return `{ + username: "${user.username}", + bio: "${user.bio}" + }`; } function makeTweetInput(tweet, userId) { if (tweet.author) { return `{ authorId: "${userId ? userId : tweet.author.id}", + coauthorsIds: ${tweet.coauthorsIds ? JSON.stringify(tweet.coauthorsIds) : JSON.stringify([])}, body: "${tweet.body}" }`; } @@ -90,7 +97,18 @@ describe('test-5: user with role "user"', () => { newUser) }); - it('can read himself', () => { + it('can read himself without field "role"', () => { + return sendQueryAndExpect(` + { user(id: "${newUser}") { username } } + `, { + user: { + username: 'tobkle' + } + }, + newUser) + }); + + it('can read himself with field "role"', () => { return sendQueryAndExpect(` { user(id: "${newUser}") { username, role } } `, { @@ -124,21 +142,18 @@ describe('test-5: user with role "user"', () => { const modifiedUser = { username: 'tobkle', bio: 'Maker of things, I guess', - role: 'user' }; return sendQueryAndExpect(` mutation { updateUser(id: "${newUser}", input: ${makeUserInput(modifiedUser)}) { username bio - role } } `, { updateUser: { username: 'tobkle', bio: 'Maker of things, I guess', - role: 'user' } }, newUser) @@ -159,11 +174,7 @@ describe('test-5: user with role "user"', () => { } } `, { - updateUser: { - username: 'tobkle', - bio: 'Maker of things, I guess', - role: 'user' - } + updateUser: null }, newUser) }); diff --git a/test/output-app-end-to-end/test-6-mutations-with-user-role-editor.js b/test/output-app-end-to-end/test-6-mutations-with-user-role-editor.js index b0fbe5b..9419eeb 100644 --- a/test/output-app-end-to-end/test-6-mutations-with-user-role-editor.js +++ b/test/output-app-end-to-end/test-6-mutations-with-user-role-editor.js @@ -7,17 +7,24 @@ let tweetId; const tweetIdOthers = '583676d3618530145474e352'; function makeUserInput(user) { - return `{ - username: "${user.username}", - bio: "${user.bio}", - role: "${user.role}" - }`; + if (user.role) + return `{ + username: "${user.username}", + bio: "${user.bio}", + role: "${user.role}" + }`; + else + return `{ + username: "${user.username}", + bio: "${user.bio}" + }`; } function makeTweetInput(tweet, userId) { if (tweet.author) { return `{ authorId: "${userId ? userId : tweet.author.id}", + coauthorsIds: ${tweet.coauthorsIds ? JSON.stringify(tweet.coauthorsIds) : JSON.stringify([])}, body: "${tweet.body}" }`; } @@ -124,21 +131,18 @@ describe('test-6: user with role "editor"', () => { const modifiedUser = { username: 'tmeasday', bio: 'Maker of things, I guess', - role: 'editor' }; return sendQueryAndExpect(` mutation { updateUser(id: "${newUser}", input: ${makeUserInput(modifiedUser)}) { username bio - role } } `, { updateUser: { username: 'tmeasday', bio: 'Maker of things, I guess', - role: 'editor' } }, newUser) @@ -159,11 +163,7 @@ describe('test-6: user with role "editor"', () => { } } `, { - updateUser: { - username: 'tmeasday', - bio: 'Maker of things, I guess', - role: 'editor' - } + updateUser: null }, newUser) }); diff --git a/test/output-app/authorizations/Tweet.js b/test/output-app/authorizations/Tweet.js index afdf844..a25a32c 100644 --- a/test/output-app/authorizations/Tweet.js +++ b/test/output-app/authorizations/Tweet.js @@ -14,5 +14,5 @@ export const Tweet = { readMany: ['authorId', 'coauthorsIds'], update: ['authorId', 'coauthorsIds'], delete: ['authorId'], - } + }, }; diff --git a/test/output-app/authorizations/User.js b/test/output-app/authorizations/User.js index 7ea5d02..3654abf 100644 --- a/test/output-app/authorizations/User.js +++ b/test/output-app/authorizations/User.js @@ -14,5 +14,26 @@ export const User = { readMany: [], update: ['_id'], delete: ['_id'], - } + }, + fields: [ + { + name: 'role', + userRoles: { + create: ['admin'], + read: ['admin'], + readOne: ['admin'], + readMany: ['admin'], + update: ['admin'], + delete: ['admin'], + }, + docRoles: { + create: [], + read: [], + readOne: ['_id'], // == 'this' + readMany: [], + update: [], + delete: ['_id'], + }, + } + ] }; diff --git a/test/output-app/authorizations/helpers.js b/test/output-app/authorizations/helpers.js index d20eb5d..3b6cc78 100644 --- a/test/output-app/authorizations/helpers.js +++ b/test/output-app/authorizations/helpers.js @@ -1,18 +1,20 @@ import _ from 'lodash'; import log from '../server/logger'; -export function findByIds(collection, ids, authQuery) { - const baseQuery = { _id: { $in: ids } }; - const finalQuery = {...baseQuery, ...authQuery}; - return collection.find(finalQuery) - .toArray() - .then((docs) => { - const idMap = {}; - docs.forEach((d) => { idMap[d._id] = d; }); - return ids.map(id => idMap[id]); - }); +// enhanced version of tmeasday's findByIds plus authQuery handling +export function findByIds(collection, ids = [], authQuery = {}) { + const baseQuery = { _id: { $in: ids } }; + const finalQuery = {...baseQuery, ...authQuery}; + return collection.find(finalQuery) + .toArray() + .then((docs) => { + const idMap = {}; + docs.forEach((d) => { idMap[d._id] = d; }); + return ids.map(id => idMap[id]); + }); } +// returns true, if user is logged in export function loggedIn(user) { if(user && user._id && user._id.toString() !== '') { return true; @@ -20,43 +22,129 @@ export function loggedIn(user) { return false; } -export function queryForRoles(user = {}, userRoles = [], docRoles = [], { User }) { - // Authorized by userRoles - const role = User.authRole(user); - if (userRoles.includes(role) || userRoles.includes('world')) { - return {}; +// creates an authQuery object with additional query arguments, to implement authorization restrictions for mongodb access +export function queryForRoles(user = {}, auth = {}, type = '', mode = '', { User }, doc = {}, resolver = '') { + + // Build query for the case: The logged in user's role is authorized + if (roleAuthorizedForDoc(user, auth, type, mode, { User }, doc, resolver)) { + return {}; // empty authQuery means, do operation with no access restrictions } - // Authorized by docRoles + + // Build query for the case: The user is listed in any document field const query = { $or: [] }; - if (docRoles.length > 0 && user && user._id){ + if (userAuthorizedForDoc(user, auth, type, mode, { User }, doc, resolver)){ + const docRoles = auth[type].docRoles[mode] || []; docRoles.forEach(docRole => query.$or.push( { [docRole]: user._id } ) ); + log.debug('authQuery:', JSON.stringify(query, null, 2)); return query; } + // Not Authorized - return false; + throw new Error(`Authorization: Not authorized to ${mode} ${type} ${doc._id ? doc._id : ''}.`); } -export function userAuthorizedForDoc(user = {}, userRoles = [], docRoles = [], { User }, doc){ - const newDoc = Object.assign({}, doc); - let authorized = false; - // Authorized by userRoles +// returns true, if the user's role is authorized for a document +export function roleAuthorizedForDoc(user = {}, auth = {}, type = '', mode = '', { User }, doc = {}, resolver = ''){ + const userRoles = auth[type].userRoles[mode] || []; const role = User.authRole(user); - if (userRoles.includes(role) || userRoles.includes('world')) { - authorized = true; + const fields = auth[type].fields || []; + + if ( userRoles.includes('world') || role && role !== '' && role !== '' && userRoles.length > 0 && userRoles.includes(role) ) { + let fieldsAuthorized = true; + + // check all fields with @authorize directives, if any of them is not allowed for the role + fields.forEach(field => { + // if this field is in the document, + if (doc[field.name]) { + const fieldUserRoles = field.userRoles[mode] || []; + //check if the user role doesn't allow this field + if ( fieldUserRoles.length === 0 || ! ( fieldUserRoles.includes(role) || fieldUserRoles.includes('world') ) ){ + fieldsAuthorized = false; + } + } + }); + + // only if all fields of the document are allowed for the role + if (fieldsAuthorized){ + log.debug(`${resolver} ${mode} with user ${user.username ? user.username : ''} for ${type} and ${doc._id ? doc._id : ''}`); + return true; + } + } - // Authorized by docRoles + + return false; +} + +// returns true, if the user is authorized by a document role +export function userAuthorizedForDoc(user = {}, auth = {}, type = '', mode = '', { User }, doc = {}, resolver = ''){ + const docRoles = auth[type].docRoles[mode] || []; + const fields = auth[type].fields || []; + let userId; + let authorized = false; + + // document role checks work only with logged in user + if (!loggedIn(user)) return false; + userId = user._id.toString(); + + // check if any docRole leads to an authorization docRoles.forEach(docRole => { - // user logged in and role field in doc exists and - // includes the current user - if ( - loggedIn(user) && newDoc[docRole] && - ( - ( _.isArray(newDoc[docRole]) && newDoc[docRole].includes(user._id.toString()) ) || - ( _.isObject(newDoc[docRole]) && newDoc[docRole].toString().includes(user._id.toString()) ) - ) - ){ - authorized = true; + const docRoleField = doc[docRole]; + let fieldsAuthorized = true; + // check if the field for the docRole check is in the document, if not, it cannot be checked + if (docRoleField){ + // check if user is authorized for doc + if (fieldContainsUserId(docRoleField, userId)){ + + // check if user is authorized for the doc's fields + fields.forEach(field => { + const fieldDocRoles = field.docRoles[mode] || []; + // check if restricted field is in the current document, and if the current docRole is not in the docRole of the field + if (mode !== 'update' && doc[field.name] && !fieldDocRoles.includes(docRole)){ + fieldsAuthorized = false; + } + // check if doc contains a $set object, and this contains any of the fields, + // and if the current docRole is not in the docRole of the field + if (mode === 'update' && doc.$set && doc.$set[field.name] && !fieldDocRoles.includes(docRole)){ + fieldsAuthorized = false; + } + }); + + // only if the same role is authorized for the document and all fields, it is allowed + if (fieldsAuthorized){ + log.debug(`${resolver} ${mode} with user ${(user.username) ? user.username : ''} for ${type} and docRole ${docRole} for doc with id: ${doc._id ? doc._id : ''}`); + authorized = true; + return true; + } + + } } - }) + }); + return authorized; } + +// returns true, if a field of type array/object/string contains the userId +export function fieldContainsUserId(docRoleField, userId) { + let userIdFound = false; + + // handle an array of userIds + if (_.isArray(docRoleField)){ + docRoleField.forEach(field => { + if (field.toString() === userId){ + userIdFound = true; + } + }); + } + + // handle a field with one userId, must be an object, if it is an ObjectId('') + if (_.isObject(docRoleField) && docRoleField.toString() === userId){ + userIdFound = true; + } + + // handle a field with just an userId String + if (_.isString(docRoleField) && docRoleField.toString() === userId){ + userIdFound = true; + } + + return userIdFound; +} diff --git a/test/output-app/model/Tweet-complicated.js b/test/output-app/model/Tweet-complicated.js deleted file mode 100644 index 2ead2d1..0000000 --- a/test/output-app/model/Tweet-complicated.js +++ /dev/null @@ -1,371 +0,0 @@ -import _ from 'lodash'; -import log from '../server/logger'; -import DataLoader from 'dataloader'; -import findByIds from 'mongo-find-by-ids'; -import { CREATE, READ, READONE, READMANY, UPDATE, DELETE, DEBUG } from './constants'; - -export default class Tweet { - constructor(context) { - /* this is generated from ... - @authorize( - admin: ["read", "update", "delete"], - author: ["create", "read", "update", "delete"], - coauthors: ["read", "update"], - world: ["read"] - ) - */ - this.authorizations = { - admin: { - read: true, - readOne: true, - readMany: true, - update: true, - delete: true, - }, - author: { - create: true, - read: true, - readOne: true, - readMany: true, - update: true, - delete: true, - }, - coauthors: { - read: true, - readOne: true, - readMany: true, - update: true, - }, - world: { - read: true, - readOne: true, - readMany: true, - } - }; - this.context = context; - this.collection = context.db.collection('tweet'); - this.pubsub = context.pubsub; - this.loader = new DataLoader(ids => findByIds(this.collection, ids)); - } - - // returns true, if the user's role is of expected kind - // this is generated whenever @authorize appears in the type definition - hasUserRole({role, doc, user, mode, printLog = true, resolver}){ - let hasRole = false; - switch (role) { - // returns true, if signed in user has a role "admin" - // this is generated by... - // @authorize(admin: ["read", "update", "delete"]) - // ----- - // and if there is no @authRole("admin") user on any of the fields - // then it assumes a role definition - // and it checks against the role of the signed in user - case 'admin': - hasRole = ( - // valid signed in user id available - !!user && !!user._id && user._id.toString() !== '' && - // the current user has the correct role - this.context.User.role(user) === 'admin' - ); - break; - // returns true, if the signed in user is an author - // this is generated by... - // author: User! @unmodifiable @belongsTo @authRole("author") - // ----- ------------------- - case 'author': - hasRole = ( - // valid signed in user id available - !!user && !!user._id && user._id.toString() !== '' && - // valid document author available - !!doc && !!doc.authorId && doc.authorId.toString() !== '' && - // document author equals signed in user - doc.authorId.toString() === user._id.toString() - ); - break; - // returns true, if the signed in user is one of the coauthors - // this is generated by... - // coauthors: [User!] @belongsTo @authRole("coauthors") - // ------- ---------------------- - case 'coauthors': - hasRole = ( - // valid signed in user id available - !!user && !!user._id && user._id.toString() !== '' && - // document has at least one coauthors - !!doc && !!doc.coauthorsIds && _.isArray(doc.coauthorsIds) && doc.coauthorsIds.length > 0 && - // current signed in user is a coauthors - _.indexOf(doc.coauthorsIds, user._id.toString()) > -1 - ); - break; - // returns true, if user has a role "world" - // this is generated by... - // @authorize(world: ["read"]) - // ----- - // and if there is no @authRole("world") user on any of the fields - // then it assumes the special role definition "world" - // which means for every user, signed in or not signed in - case 'world': - hasRole = true; - break; - } - if (printLog){ - log.debug(''); - log.debug(`${resolver} hasRole: "${role}" "${ - user.username ? user.username : '' - } ${ - user.role ? user.role : '' - } ${ - user._id ? user._id : '' - } doc: "${ - (doc && doc._id) ? doc._id.toString() : '' - }" author: "${ - (doc && doc.authorId) ? doc.authorId : '' - }" coauthors: "${ - (doc && doc.coauthorsIds && doc.coauthorsIds.length > 0) ? doc.coauthorsIds.toString() : '' - }" ==> "${hasRole}"`); - } - return hasRole; - } - - // returns true, if the user role is authorized for the current mode - // this is generated whenever @authorize appears in the type definition - isRoleAuthorizedForMode({role, mode, resolver}){ - log.debug(`${resolver} isRoleAuthorizedForMode: "${role}" "${mode}" ==> "${this.authorizations[role][mode] ? true : false}"`); - return this.authorizations[role][mode] ? true : false; - } - - // returns true, if the current user is authorized for the current mode and document - // this is generated, whenever @authorize appears... - isAuthorized({doc, mode, user, resolver}){ - // generated by @authorize(admin: ...) - const adminAuthorized = this.hasUserRole({role: 'admin', doc, user, mode, printLog: true, resolver}) && - this.isRoleAuthorizedForMode({role: 'admin', mode, resolver}); - - // logging for debugging... - if (adminAuthorized){ - log.debug(`${resolver} isAuthorized: role: "${ - (user && user._id && this.context.User.role(user)) ? this.context.User.role(user) : '' - }" "${mode}" doc: "${ - (doc && doc._id) ? doc._id.toString() : '' - }" user: "${ - (user && user._id) ? user._id.toString() : '' - }" ===> "${adminAuthorized}"`); - - return adminAuthorized; - } - - // generated by @authorize(author: ...) - const authorAuthorized = this.hasUserRole({role: 'author', doc, user, mode, printLog: true, resolver}) && - this.isRoleAuthorizedForMode({role: 'author', mode, resolver}); - - // logging for debugging... - if (authorAuthorized){ - log.debug(`${resolver} isAuthorized: role: "author" "${mode}" doc: "${ - (doc && doc._id) ? doc._id.toString() : '' - }" author: "${ - (doc && doc.authorId) ? doc.authorId : '' - }" user: "${ - (user && user._id) ? user._id.toString() : '' - }" ===> "${authorAuthorized}"`); - - return authorAuthorized; - } - - // generated by @authorize(coauthors: ...) - const coauthorsAuthorized = this.hasUserRole({role: 'coauthors', doc, user, mode, printLog: true, resolver}) && - this.isRoleAuthorizedForMode({role: 'coauthors', mode, resolver}); - - // logging for debugging... - if (coauthorsAuthorized){ - log.debug(`${resolver} isAuthorized: role: "coauthors" "${mode}" doc: "${ - (doc && doc._id) ? doc._id.toString() : '' - }" coauthors: "${ - (doc && doc.coauthorsIds && doc.coauthorsIds.length > 0) ? doc.coauthorsIds.toString() : '' - }" user: "${ - (user && user._id) ? user._id.toString() : '' - }" ===> "${coauthorsAuthorized}"`); - - return coauthorsAuthorized; - } - - // generated by @authorize(world: ...) - const worldAuthorized = this.hasUserRole({role: 'world', doc, user, mode, printLog: true, resolver}) && - this.isRoleAuthorizedForMode({role: 'world', mode, resolver}); - - // logging for debugging... - if (worldAuthorized){ - log.debug(`${resolver} isAuthorized: role: "world" "${mode}" doc: "${ - (doc && doc._id) ? doc._id.toString() : '' - }" user: "${ - (user && user._id) ? user._id.toString() : '' - }" ===> "${worldAuthorized}"`); - - return worldAuthorized; - } - - // logging for debugging... - log.debug(`${resolver} isAuthorized: role: "${ - (user && user._id && this.context.User.role(user)) ? this.context.User.role(user) : '' - }" "${mode}" doc: "${ - (doc && doc._id) ? doc._id.toString() : '' - }" author: "${ - (doc && doc.authorId) ? doc.authorId : '' - }" coauthors: "${ - (doc && doc.coauthorsIds && doc.coauthorsIds.length > 0) ? doc.coauthorsIds.toString() : '' - }" user: "${ - (user && user._id) ? user._id.toString() : '' - }" ===> "false"`); - - return false; - } - - // returns document without role field - // generated by... - // role: String! @authRole("admin") @authorize(this: ["read"], admin: ["read", "update"]) - // ------- ------------------ - authorizedFields({doc, mode, user, resolver}){ - // array contains all fields, whose authorization is to be checked - // role: String! @authorize() - // ---- ------------ - const fields = []; - - // check authorization on field level now - fields.forEach(field => { - // default is: field is not authorized - let authorizedField = false; - - // ... Checking fields here... - - // otherwise remove field from doc, - // because the user and mode is not authorize to access this field - if ( !authorizedField && doc[field] ){ - log.debug(`${resolver} authorizedFields: "${field}" not authorized for user/role and mode: "${mode}", removed from document`); - delete doc[field]; - } - }); - - return doc; - } - - // returns only authorized documents and fields - // generated by ... - // @authorize() - authorized({doc, mode, user, resolver}){ - // if it is an array of documents, .... - if (_.isArray(doc)){ - // then filter for the authorized documents - let authorizedDocs = _.filter(doc, d => this.isAuthorized({doc: d, mode, user, resolver}) ); - // provide only authorized fields - authorizedDocs.forEach(d => { - d = this.authorizedFields({doc: d, mode, user, resolver}); - }); - return authorizedDocs; - - // if it is a single document, check the authorization for it - } else if ( _.isObject(doc) && this.isAuthorized({doc, mode, user, resolver}) ) { - // return only authorized fields - const authorizedDoc = this.authorizedFields({doc, mode, user, resolver}); - return authorizedDoc; - } - - // or return null, if no authorized document was found - log.debug(`${resolver} authorized: no authorized doc found`); - return null; - } - - async getById(id, _user, resolver){ - const doc = await this.findOneById(id); - return this.authorized({doc, mode: READONE, user: _user, resolver}); - } - - findOneById(id) { - return this.loader.load(id); - } - - async getAll({ lastCreatedAt, limit }, _user, resolver){ - const doc = await this.all({ lastCreatedAt, limit }, _user); - return this.authorized({doc, mode: READMANY, user: _user, resolver}); - } - - all({ lastCreatedAt = 0, limit = 10 }, _user) { - return this.collection.find({ - createdAt: { $gt: lastCreatedAt }, - }).sort({ createdAt: 1 }).limit(limit).toArray(); - } - - author(tweet, _user) { - return this.context.User.getById(tweet.authorId, _user, 'author'); - } - - createdBy(tweet, _user) { - return this.context.User.getById(tweet.createdById, _user, 'createdBy'); - } - - updatedBy(tweet, _user) { - return this.context.User.getById(tweet.updatedById, _user, 'udpatedBy'); - } - - async coauthors(tweet, { lastCreatedAt = 0, limit = 10 }, _user) { - const doc = await this.context.User.collection.find({ - _id: { $in: tweet.coauthorsIds }, - createdAt: { $gt: lastCreatedAt }, - }).sort({ createdAt: 1 }).limit(limit).toArray(); - return this.context.User.authorized({doc, mode: READMANY, user: _user, resolver: 'coauthors'}); - } - - async likers(tweet, { lastCreatedAt = 0, limit = 10 }, _user) { - const doc = await this.context.User.collection.find({ - likedIds: tweet._id, - createdAt: { $gt: lastCreatedAt }, - }).sort({ createdAt: 1 }).limit(limit).toArray(); - return this.context.User.authorized({doc, mode: READMANY, user: _user, resolver: 'likers'}); - } - - async insert(doc, _user) { - // let coauthorsIds = doc.coauthorsIds || []; - // const enhancedDoc = Object.assign({ - // authorId: user._id, - // coauthorsIds: coauthorsIds, - // }); - let docToInsert = Object.assign({}, doc, { - createdAt: Date.now(), - updatedAt: Date.now(), - createdById: (_user && _user._id) ? _user._id : 'unknown', - updatedById: (_user && _user._id) ? _user._id : 'unknown', - }); - docToInsert = this.authorizedFields({doc: docToInsert, mode: CREATE, user: _user, resolver: 'insert'}); - const authorized = this.isAuthorized({doc: docToInsert, mode: CREATE, user: _user, resolver: 'insert'}); - if (!authorized) throw new Error('Tweet: mode: create not authorized'); - - const id = (await this.collection.insertOne(docToInsert)).insertedId; - this.pubsub.publish('tweetInserted', await this.findOneById(id)); - return id; - } - - async updateById(id, doc, _user) { - const foundDoc = await this.findOneById(id); - const authorized = this.isAuthorized({doc: foundDoc, mode: UPDATE, user: _user, resolver: 'updateById'}); - if (!authorized) throw new Error('Tweet: mode: update not authorized'); - - const updatedDoc = this.authorizedFields({doc, mode: UPDATE, user: _user, resolver: 'updateById'}); - const ret = await this.collection.update({ _id: id }, { - $set: Object.assign({}, updatedDoc, { - updatedAt: Date.now(), - updatedById: (_user && _user._id) ? _user._id : 'unknown', - }), - }); - this.loader.clear(id); - this.pubsub.publish('tweetUpdated', await this.findOneById(id)); - return ret; - } - - async removeById(id, _user) { - const doc = await this.findOneById(id); - const authorized = this.isAuthorized({doc, mode: DELETE, user: _user, resolver: 'removeById'}); - if (!authorized) throw new Error('Tweet: mode: delete not authorized'); - - const ret = this.collection.remove({ _id: id }); - this.loader.clear(id); - this.pubsub.publish('tweetRemoved', id); - return ret; - } -} diff --git a/test/output-app/model/Tweet.js b/test/output-app/model/Tweet.js index ece266a..c2abcc2 100644 --- a/test/output-app/model/Tweet.js +++ b/test/output-app/model/Tweet.js @@ -1,8 +1,6 @@ -import _ from 'lodash'; -import { ObjectID } from 'mongodb'; import log from '../server/logger'; import DataLoader from 'dataloader'; -import { auth, findByIds, queryForRoles, userAuthorizedForDoc } from '../authorizations'; +import { auth, findByIds, queryForRoles } from '../authorizations'; export default class Tweet { constructor(context) { @@ -11,33 +9,21 @@ export default class Tweet { this.pubsub = context.pubsub; this.loader = new DataLoader((ids, authQuery = {}) => findByIds(this.collection, ids, authQuery)); this.type = 'Tweet'; - this.userRoles = auth[this.type].userRoles; - this.docRoles = auth[this.type].docRoles; - } - - getOneById(id, _user = {}, resolver = '') { - const authQuery = queryForRoles(_user, this.userRoles.readOne, this.docRoles.readOne, { User: this.context.User }); - log.debug(`${resolver} getOneById readOne with user ${(_user && _user.username) ? _user.username : ''} for ${this.type} and ${id}`); - if (typeof authQuery === "object" && Object.keys(authQuery).length > 0 ) log.debug('authQuery:', JSON.stringify(authQuery, null, 2)); - if (authQuery === false) { - throw new Error(`Not authorized to readOne ${this.type} ${id}.`); - } - return this.loader.load(id, authQuery); } findOneById(id) { return this.loader.load(id); } + getOneById(id, _user = {}, resolver = '') { + const authQuery = queryForRoles(_user, auth, this.type, 'readOne', { User: this.context.User }, {_id: id}, resolver); + return this.loader.load(id, authQuery); + } + all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = '') { const baseQuery = { createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, this.userRoles.readMany, this.docRoles.readMany, { User: this.context.User }); + const authQuery = queryForRoles(_user, auth, this.type, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); const finalQuery = {...baseQuery, ...authQuery}; - log.debug(`${resolver} all readMany with user ${(_user && _user.username) ? _user.username : ''} for ${this.type}`); - if (typeof authQuery === "object" && Object.keys(authQuery).length > 0 ) log.debug('authQuery:', JSON.stringify(authQuery, null, 2)); - if (authQuery === false) { - throw new Error(`Not authorized to readMany ${this.type}.`); - } return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } @@ -55,25 +41,15 @@ export default class Tweet { coauthors(tweet, { lastCreatedAt = 0, limit = 10 }, _user) { const baseQuery = {_id: { $in: tweet.coauthorsIds }, createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, this.userRoles.readMany, this.docRoles.readMany, { User: this.context.User }); + const authQuery = queryForRoles(_user, auth, this.type, 'readMany', { User: this.context.User }, {_id: 'all'}, 'coauthors'); const finalQuery = {...baseQuery, ...authQuery}; - log.debug(`coauthors readMany with user ${(_user && _user.username) ? _user.username : ''} for ${this.type}`); - if (typeof authQuery === "object" && Object.keys(authQuery).length > 0 ) log.debug('authQuery:', JSON.stringify(authQuery, null, 2)); - if (authQuery === false) { - throw new Error(`coauthors Not authorized to readMany ${this.type} ${id}.`); - } return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } likers(tweet, { lastCreatedAt = 0, limit = 10 }, _user) { const baseQuery = {likedIds: tweet._id, createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, this.userRoles.readMany, this.docRoles.readMany, { User: this.context.User }); + const authQuery = queryForRoles(_user, auth, this.type, 'readMany', { User: this.context.User }, {_id: 'all'}, 'likers'); const finalQuery = {...baseQuery, ...authQuery}; - log.debug(`likers readMany with user ${(_user && _user.username) ? _user.username : ''} for ${this.type}`); - if (typeof authQuery === "object" && Object.keys(authQuery).length > 0 ) log.debug('authQuery:', JSON.stringify(authQuery, null, 2)); - if (authQuery === false) { - throw new Error(`coauthors Not authorized to readMany ${this.type} ${id}.`); - } return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } @@ -85,11 +61,7 @@ export default class Tweet { updatedById: (_user && _user._id) ? _user._id : 'unknown', }); - const authQuery = queryForRoles(_user, this.userRoles.create, this.docRoles.create, { User: this.context.User }); - if (authQuery === false || (typeof authQuery === "object" && Object.keys(authQuery).length > 0 && !userAuthorizedForDoc(_user, this.userRoles.create, this.docRoles.create, { User: this.context.User }, docToInsert)) ) { - throw new Error(`Not authorized to insert ${this.type} ${id}.`); - } - + const authQuery = queryForRoles(_user, auth, this.type, 'create', { User: this.context.User }, {_id: '', ...docToInsert}, 'insert'); const id = (await this.collection.insertOne(docToInsert)).insertedId; if (id){ @@ -104,17 +76,15 @@ export default class Tweet { } async updateById(id, doc, _user) { + // must get the record first, to capture all authorization relevant fields + const docBefore = await this.getOneById(id, _user, 'getOneById in updateById for docBefore'); let docToUpdate = {$set: Object.assign({}, doc, { updatedAt: Date.now(), updatedById: (_user && _user._id) ? _user._id : 'unknown', })}; const baseQuery = {_id: id}; - const authQuery = queryForRoles(_user, this.userRoles.update, this.docRoles.update, { User: this.context.User }); - if (authQuery === false || (typeof authQuery === "object" && Object.keys(authQuery).length > 0 && !userAuthorizedForDoc(_user, this.userRoles.update, this.docRoles.update, { User: this.context.User }, docToUpdate)) ) { - throw new Error(`Not authorized to update ${this.type} ${id}.`); - } - + const authQuery = queryForRoles(_user, auth, this.type, 'update', { User: this.context.User }, {...docBefore, ...docToUpdate}, 'updateById'); const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.updateOne(finalQuery, docToUpdate); @@ -132,12 +102,10 @@ export default class Tweet { } async removeById(id, _user) { + // must get the record first, to capture all authorization relevant fields + const docBefore = await this.getOneById(id, _user, 'getOneById in removeById for docBefore'); const baseQuery = {_id: id}; - const authQuery = queryForRoles(_user, this.userRoles.delete, this.docRoles.delete, { User: this.context.User }); - if (authQuery === false || (typeof authQuery === "object" && Object.keys(authQuery).length > 0 && !userAuthorizedForDoc(_user, this.userRoles.delete, this.docRoles.delete, { User: this.context.User }, {_id: id} )) ) { - throw new Error(`Not authorized to remove ${this.type} ${id}.`); - } - + const authQuery = queryForRoles(_user, auth, this.type, 'delete', { User: this.context.User }, {...docBefore}, 'removeById'); const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.remove(finalQuery); diff --git a/test/output-app/model/User-complicated.js b/test/output-app/model/User-complicated.js deleted file mode 100644 index 9bb463d..0000000 --- a/test/output-app/model/User-complicated.js +++ /dev/null @@ -1,328 +0,0 @@ -import _ from 'lodash'; -import log from '../server/logger'; -import DataLoader from 'dataloader'; -import findByIds from 'mongo-find-by-ids'; -import { CREATE, READ, READONE, READMANY, UPDATE, DELETE, DEBUG } from './constants'; - -export default class User { - constructor(context) { - /* this is generated from ... - @authorize( - admin: ["create", "read", "update", "delete"] - this: ["readOne", "update", "delete"] - ) - */ - this.authorizations = { - admin: { - create: true, - read: true, - readOne: true, - readMany: true, - update: true, - delete: true, - }, - this: { - readOne: true, - update: true, - delete: true, - }, - }; - this.context = context; - this.collection = context.db.collection('user'); - this.pubsub = context.pubsub; - this.loader = new DataLoader(ids => findByIds(this.collection, ids)); - } - - // returns the role of the current user - // generated by... - // role: String! @authRole("admin") @authorize(this: ["read"], admin: ["read", "update"]) - // ------- ------------------ - // whereas the field is not of type User, it is of type String - role(user){ - return (user && user.role) ? user.role : null; - } - - // returns true, if the user's role is of expected kind - // this is generated whenever @authorize appears in the type definition - hasUserRole({role, doc, user, mode, printLog = true, resolver}){ - let hasRole = false; - switch (role) { - // returns true, if signed in user has a role "admin" - // this is generated by... - // @authorize(admin: ["create", "read", "update", "delete"]) - // ----- - // and if there is no @authRole("admin") user on any of the fields - // then it assumes a role definition - // and it checks against the role of the signed in user - case 'admin': - hasRole = ( - // valid signed in user id available - !!user && !!user._id && user._id.toString() !== '' && - // the current user has the correct role - this.context.User.role(user) === 'admin' - ); - break; - // returns true, if the signed in user is equal to the document id - // this is generated by... - // @authorize(this:) - // ----- - case 'this': - hasRole = ( - // valid signed in user id available - !!user && !!user._id && user._id.toString() !== '' && - // valid document user id available - !!doc && !!doc._id && doc._id.toString() !== '' && - // document user id equals signed in user - doc._id.toString() === user._id.toString() - ); - break; - } - if (printLog){ - log.debug(''); - log.debug(`${resolver} hasRole: "${role}" "${(user && user.username) ? user.username : ''} ${(user && user.role) ? user.role : ''} ${(user && user._id) ? user._id : ''}" ==> "${hasRole}"`); - } - return hasRole; - } - - // returns true, if the user role is authorized for the current mode - // this is generated whenever @authorize appears in the type definition - isRoleAuthorizedForMode({role, mode, resolver}){ - log.debug(`${resolver} isRoleAuthorizedForMode: "${role}" "${mode}" ==> "${this.authorizations[role][mode] ? true : false}"`); - return this.authorizations[role][mode] ? true : false; - } - - // returns true, if the current user is authorized for the current mode and document - // this is generated, whenever @authorize appears... - isAuthorized({doc, mode, user, resolver}){ - - // generated by @authorize(admin: ...) - const adminAuthorized = this.hasUserRole({role: 'admin', doc, user, mode, printLog: true, resolver}) && - this.isRoleAuthorizedForMode({role: 'admin', mode, resolver}); - - // logging for debugging... - if (adminAuthorized){ - log.debug(`${resolver} isAuthorized: role: "${ - (user && user._id && this.context.User.role(user)) ? this.context.User.role(user) : '' - }" "${mode}" doc: "${ - (doc && doc._id) ? doc._id.toString() : '' - }" user: "${ - (user && user._id) ? user._id.toString() : '' - }" ===> "${adminAuthorized}"`); - - return adminAuthorized; - } - - // generated by @authorize(this: ...) - const thisAuthorized = this.hasUserRole({role: 'this', doc, user, mode, printLog: true, resolver}) && - this.isRoleAuthorizedForMode({role: 'this', mode, resolver}); - - // logging for debugging... - if (thisAuthorized) { - log.debug(`${resolver} isAuthorized: doc: "${ - (doc && doc._id) ? doc._id.toString() : '' - }" "${mode}" user: "${ - (user && user._id) ? user._id.toString() : '' - }" ===> "${thisAuthorized}"`); - - return thisAuthorized; - } - - // logging for debugging... - log.debug(`${resolver} isAuthorized: role: "${ - (user && user._id && this.context.User.role(user)) ? this.context.User.role(user) : '' - }" "${mode}" doc: "${ - (doc && doc._id) ? doc._id.toString() : '' - }" user: "${ - (user && user._id) ? user._id.toString() : '' - }" ===> "false"`); - - return false; - } - - // returns document without role field - // generated by... - // role: String! @authRole("admin") @authorize(this: ["read"], admin: ["read", "update"]) - // ------- ------------------ - authorizedFields({doc, mode, user, resolver}){ - // array contains all fields, whose authorization is to be checked - // role: String! @authorize() - // ---- ------------ - const fields = ['role']; - - // check authorization on field level now - fields.forEach(field => { - // default is: field is not authorized - let authorizedField = false; - - // role: String! @authorize() - // ---- ------------ - if (field === 'role'){ - log.debug(''); - // role: String! @authorize(this: ["read"]) - // ----- ----- ---- - if ( this.hasUserRole({role: 'this', doc, user, mode, printLog: false, resolver}) && - (mode === READ || mode === READONE || mode === READMANY) ){ - log.debug(`${resolver} authorizedFields: "${field}" is authorized for role: "this" and mode: "${mode}"`); - authorizedField = true; - } - - // role: @authorize(admin: ["create", "read", "update"]) - // ---- ----- ------ ---- ------ - if ( this.hasUserRole({role: 'admin', doc, user, mode, printLog: false, resolver}) && - (mode === CREATE || mode === READ || mode === READONE || mode === READMANY || mode === UPDATE) ){ - log.debug(`${resolver} authorizedFields: "${field}" is authorized for role: "admin" and mode: "${mode}"`); - authorizedField = true; - } - } - - // ... Checking fields here... - - // otherwise remove field from doc, - // because the user and mode is not authorize to access this field - if ( !authorizedField && doc[field] ){ - log.debug(`${resolver} authorizedFields: "${field}" not authorized for user/role and mode: "${mode}", removed from document`); - delete doc[field]; - } - }); - - return doc; - } - - // returns only authorized documents and fields - // generated by ... - // @authorize() - authorized({doc, mode, user, resolver}){ - // if it is an array of documents, .... - if (_.isArray(doc)){ - // then filter for the authorized documents - let authorizedDocs = _.filter(doc, d => this.isAuthorized({doc: d, mode, user, resolver}) ); - // provide only authorized fields - authorizedDocs.forEach(d => { - d = this.authorizedFields({doc: d, mode, user, resolver}); - }); - return authorizedDocs; - - // if it is a single document, check the authorization for it - } else if ( _.isObject(doc) && this.isAuthorized({doc, mode, user, resolver}) ) { - // return only authorized fields - const authorizedDoc = this.authorizedFields({doc, mode, user, resolver}); - return authorizedDoc; - } - - // or return null, if no authorized document was found - log.debug(`${resolver} authorized: no authorized doc found`); - return null; - } - - async getById(id, _user, resolver){ - const doc = await this.findOneById(id); - return this.authorized({doc, mode: READONE, user: _user, resolver}); - } - - findOneById(id) { - return this.loader.load(id); - } - - async getAll({ lastCreatedAt, limit }, _user, resolver){ - const doc = await this.all({ lastCreatedAt, limit }, _user); - return this.authorized({doc, mode: READMANY, user: _user, resolver}); - } - - all({ lastCreatedAt = 0, limit = 10 }, _user) { - return this.collection.find({ - createdAt: { $gt: lastCreatedAt }, - }).sort({ createdAt: 1 }).limit(limit).toArray(); - } - - async tweets(user, { minLikes, lastCreatedAt = 0, limit = 10 }, _user) { - const doc = await this.context.Tweet.collection.find({ - authorId: user._id, - createdAt: { $gt: lastCreatedAt }, - }).sort({ createdAt: 1 }).limit(limit).toArray(); - const authorizedDoc = this.context.Tweet.authorized({doc, mode: READMANY, user: _user, resolver: 'tweets'}); - return authorizedDoc; - } - - async liked(user, { lastCreatedAt = 0, limit = 10 }, _user) { - const doc = await this.context.Tweet.collection.find({ - _id: { $in: user.likedIds || [] }, - createdAt: { $gt: lastCreatedAt }, - }).sort({ createdAt: 1 }).limit(limit).toArray(); - const authorizedDoc = this.context.Tweet.authorized({doc, mode: READMANY, user: _user, resolver: 'liked'}); - return authorizedDoc; - } - - async following(user, { lastCreatedAt = 0, limit = 10 }, _user) { - const doc = await this.context.User.collection.find({ - _id: { $in: user.followingIds || [] }, - createdAt: { $gt: lastCreatedAt }, - }).sort({ createdAt: 1 }).limit(limit).toArray(); - const authorizedDoc = this.authorized({doc, mode: READMANY, user: _user, resolver: 'following'}); - return authorizedDoc; - } - - async followers(user, { lastCreatedAt = 0, limit = 10 }, _user) { - const doc = await this.context.User.collection.find({ - followingIds: user._id, - createdAt: { $gt: lastCreatedAt }, - }).sort({ createdAt: 1 }).limit(limit).toArray(); - const authorizedDoc = this.authorized({doc, mode: READMANY, user: _user, resolver: 'followers'}); - return authorizedDoc; - } - - async createdBy(user, _user) { - const doc = await this.context.User.getById(user.createdById, _user, 'createdBy'); - const authorizedDoc = this.authorized({doc, mode: READONE, user: _user, resolver: 'createdBy'}); - return authorizedDoc; - } - - async updatedBy(user, _user) { - const doc = await this.context.User.getById(user.updatedById, _user, 'updatedBy'); - const authorizedDoc = this.authorized({doc, mode: READONE, user: _user, resolver: 'updatedBy'}); - return authorizedDoc; - } - - async insert(doc, _user) { - let docToInsert = Object.assign({}, doc, { - createdAt: Date.now(), - updatedAt: Date.now(), - createdById: (_user && _user._id) ? _user._id : 'unknown', - updatedById: (_user && _user._id) ? _user._id : 'unknown', - }); - docToInsert = this.authorizedFields({doc: docToInsert, mode: CREATE, user: _user, resolver: 'insert'}); - const authorized = this.isAuthorized({doc: docToInsert, mode: CREATE, user: _user, resolver: 'insert'}); - if (!authorized) throw new Error('User: mode: create not authorized'); - - const id = (await this.collection.insertOne(docToInsert)).insertedId; - this.pubsub.publish('userInserted', await this.findOneById(id)); - return id; - } - - async updateById(id, doc, _user) { - const foundDoc = await this.findOneById(id); - const authorized = this.isAuthorized({doc: foundDoc, mode: UPDATE, user: _user, resolver: 'updateById'}); - if (!authorized) throw new Error('User: mode: update not authorized'); - - const updatedDoc = this.authorizedFields({doc, mode: UPDATE, user: _user, resolver: 'updateById'}); - const ret = await this.collection.update({ _id: id }, { - $set: Object.assign({}, updatedDoc, { - updatedAt: Date.now(), - updatedById: (_user && _user._id) ? _user._id : 'unknown', - }), - }); - this.loader.clear(id); - this.pubsub.publish('userUpdated', await this.findOneById(id)); - return ret; - } - - async removeById(id, _user) { - const doc = await this.findOneById(id); - const authorized = this.isAuthorized({doc, mode: DELETE, user: _user, resolver: 'removeById'}); - if (!authorized) throw new Error('User: mode: delete not authorized'); - - const ret = this.collection.remove({ _id: id }); - this.loader.clear(id); - this.pubsub.publish('userRemoved', id); - return ret; - } -} diff --git a/test/output-app/model/User.js b/test/output-app/model/User.js index 10b97f7..04b4fb9 100644 --- a/test/output-app/model/User.js +++ b/test/output-app/model/User.js @@ -1,8 +1,6 @@ -import _ from 'lodash'; -import { ObjectID } from 'mongodb'; import log from '../server/logger'; import DataLoader from 'dataloader'; -import { auth, findByIds, queryForRoles, userAuthorizedForDoc } from '../authorizations'; +import { auth, findByIds, queryForRoles } from '../authorizations'; export default class User { constructor(context) { @@ -11,71 +9,66 @@ export default class User { this.pubsub = context.pubsub; this.loader = new DataLoader((ids, authQuery = {}) => findByIds(this.collection, ids, authQuery)); this.type = 'User'; - this.userRoles = auth[this.type].userRoles; - this.docRoles = auth[this.type].docRoles; } - // returns the userRole of the current user - // generated by... - // role: String! @authRole("admin") @authorize(this: ["read"], admin: ["read", "update"]) - // ------- ------------------ - // whereas the field is not of type User, it is of type String authRole(user){ return (user && user.role) ? user.role : ''; } - getOneById(id, _user = {}, resolver = '') { - const authQuery = queryForRoles(_user, this.userRoles.readOne, this.docRoles.readOne, { User: this.context.User }); - log.debug(`${resolver} getOneById readOne with user ${(_user && _user.username) ? _user.username : ''} for ${this.type} and ${id}`); - if (typeof authQuery === "object" && Object.keys(authQuery).length > 0 ) log.debug('authQuery:', JSON.stringify(authQuery, null, 2)); - if (authQuery === false) { - throw new Error(`Not authorized to readOne ${this.type} ${id}.`); - } - return this.loader.load(id, authQuery); - } - findOneById(id) { return this.loader.load(id); } + getOneById(id, _user = {}, resolver = '') { + const authQuery = queryForRoles(_user, auth, this.type, 'readOne', { User: this.context.User }, {_id: id}, resolver); + return this.loader.load(id, authQuery); + } + all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = '') { const baseQuery = { createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, this.userRoles.readMany, this.docRoles.readMany, { User: this.context.User }); + const authQuery = queryForRoles(_user, auth, this.type, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); const finalQuery = {...baseQuery, ...authQuery}; - log.debug(`${resolver} all readMany with user ${(_user && _user.username) ? _user.username : ''} for ${this.type}`); - if (typeof authQuery === "object" && Object.keys(authQuery).length > 0 ) log.debug('authQuery:', JSON.stringify(authQuery, null, 2)); - if (authQuery === false) { - throw new Error(`Not authorized to readMany ${this.type}.`); - } return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } - tweets(user, { minLikes, lastCreatedAt = 0, limit = 10 }, _user) { - return this.context.Tweet.collection.find({ + tweets(user, { minLikes, lastCreatedAt = 0, limit = 10 }, _user, resolver = 'tweets') { + const baseQuery = { authorId: user._id, createdAt: { $gt: lastCreatedAt }, - }).sort({ createdAt: 1 }).limit(limit).toArray(); + }; + const authQuery = queryForRoles(_user, auth, this.type, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); + const finalQuery = {...baseQuery, ...authQuery}; + return this.context.Tweet.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } - liked(user, { lastCreatedAt = 0, limit = 10 }, _user) { - return this.context.Tweet.collection.find({ - _id: { $in: user.likedIds || [] }, + liked(user, { lastCreatedAt = 0, limit = 10 }, _user, resolver = 'liked') { + const baseQuery = { + _id: { $in: user.likedIds }, createdAt: { $gt: lastCreatedAt }, - }).sort({ createdAt: 1 }).limit(limit).toArray(); + }; + const authQuery = queryForRoles(_user, auth, this.type, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); + const finalQuery = {...baseQuery, ...authQuery}; + return this.context.Tweet.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } - following(user, { lastCreatedAt = 0, limit = 10 }, _user) { - return this.context.User.collection.find({ + following(user, { lastCreatedAt = 0, limit = 10 }, _user, resolver = 'following') { + const baseQuery = { _id: { $in: user.followingIds || [] }, createdAt: { $gt: lastCreatedAt }, - }).sort({ createdAt: 1 }).limit(limit).toArray(); + }; + const authQuery = queryForRoles(_user, auth, this.context.User.type, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); + const finalQuery = {...baseQuery, ...authQuery}; + return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } - followers(user, { lastCreatedAt = 0, limit = 10 }, _user) { - return this.context.User.collection.find({ + followers(user, { lastCreatedAt = 0, limit = 10 }, _user, resolver = 'followers') { + const baseQuery = { followingIds: user._id, createdAt: { $gt: lastCreatedAt }, - }).sort({ createdAt: 1 }).limit(limit).toArray(); + }; + const authQuery = queryForRoles(_user, auth, this.context.User.type, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); + const finalQuery = {...baseQuery, ...authQuery}; + return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } createdBy(user, _user) { @@ -94,11 +87,7 @@ export default class User { updatedById: (_user && _user._id) ? _user._id : 'unknown', }); - const authQuery = queryForRoles(_user, this.userRoles.create, this.docRoles.create, { User: this.context.User }); - if (authQuery === false || !userAuthorizedForDoc(_user, this.userRoles.create, this.docRoles.create, { User: this.context.User }, docToInsert) ) { - throw new Error(`Not authorized to insert ${this.type} ${id}.`); - } - + const authQuery = queryForRoles(_user, auth, this.type, 'create', { User: this.context.User }, {_id: '', ...docToInsert}, 'insert'); const id = (await this.collection.insertOne(docToInsert)).insertedId; if (id){ @@ -113,17 +102,15 @@ export default class User { } async updateById(id, doc, _user) { + // must get the record first, to capture all authorization relevant fields + const docBefore = await this.getOneById(id, _user, 'getOneById in updateById for docBefore'); let docToUpdate = {$set: Object.assign({}, doc, { updatedAt: Date.now(), updatedById: (_user && _user._id) ? _user._id : 'unknown', })}; const baseQuery = {_id: id}; - const authQuery = queryForRoles(_user, this.userRoles.update, this.docRoles.update, { User: this.context.User }); - if (authQuery === false || !userAuthorizedForDoc(_user, this.userRoles.update, this.docRoles.update, { User: this.context.User }, docToUpdate) ) { - throw new Error(`Not authorized to update ${this.type} ${id}.`); - } - + const authQuery = queryForRoles(_user, auth, this.type, 'update', { User: this.context.User }, {...docBefore, ...docToUpdate}, 'updateById'); const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.updateOne(finalQuery, docToUpdate); @@ -141,11 +128,10 @@ export default class User { } async removeById(id, _user) { + // must get the record first, to capture all authorization relevant fields + const docBefore = await this.getOneById(id, _user, 'getOneById in removeById for docBefore'); const baseQuery = {_id: id}; - const authQuery = queryForRoles(_user, this.userRoles.delete, this.docRoles.delete, { User: this.context.User }); - if (authQuery === false || !userAuthorizedForDoc(_user, this.userRoles.delete, this.docRoles.delete, { User: this.context.User }, {_id: id} ) ) { - throw new Error(`Not authorized to remove ${this.type} ${id}.`); - } + const authQuery = queryForRoles(_user, auth, this.type, 'delete', { User: this.context.User }, {...docBefore}, 'removeById'); const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.remove(finalQuery); diff --git a/test/output-app/model/index.js b/test/output-app/model/index.js index c93df9e..99f9412 100644 --- a/test/output-app/model/index.js +++ b/test/output-app/model/index.js @@ -1,9 +1,7 @@ -// import Authorize from '../server/authorize'; const models = {}; export default function addModelsToContext(context) { const newContext = Object.assign({}, context); - // newContext['Authorize'] = new Authorize(newContext); Object.keys(models).forEach((key) => { newContext[key] = new models[key](newContext); }); diff --git a/test/output-app/resolvers/Tweet.js b/test/output-app/resolvers/Tweet.js index e3bf212..54cf71c 100644 --- a/test/output-app/resolvers/Tweet.js +++ b/test/output-app/resolvers/Tweet.js @@ -26,46 +26,26 @@ const resolvers = { }, Query: { tweets(root, { lastCreatedAt, limit }, { Tweet, _user }) { - try { - return Tweet.all({ lastCreatedAt, limit }, _user, 'tweets'); - } catch(error){ - console.log('ERROR:', error.message); - } + return Tweet.all({ lastCreatedAt, limit }, _user, 'tweets'); }, tweet(root, { id }, { Tweet, _user }) { - try { - return Tweet.getOneById(id, _user, 'tweet'); - } catch(error){ - console.log('ERROR:', error.message); - } + return Tweet.getOneById(id, _user, 'tweet'); }, }, Mutation: { async createTweet(root, { input }, { Tweet, _user }) { - try { - const id = await Tweet.insert(input, _user); - return Tweet.getOneById(id, _user, 'createTweet'); - } catch(error) { - console.log('ERROR:', error.message); - } + const id = await Tweet.insert(input, _user); + return Tweet.getOneById(id, _user, 'createTweet'); }, async updateTweet(root, { id, input }, { Tweet, _user }) { - try { - await Tweet.updateById(id, input, _user); - return Tweet.getOneById(id, _user, 'updateTweet'); - } catch(error) { - console.log('ERROR:', error.message); - } + await Tweet.updateById(id, input, _user); + return Tweet.getOneById(id, _user, 'updateTweet'); }, async removeTweet(root, { id }, { Tweet, _user }) { - try { - return await Tweet.removeById(id, _user); - } catch(error) { - console.log('ERROR:', error.message); - } + return await Tweet.removeById(id, _user); }, }, Subscription: { diff --git a/test/output-app/resolvers/User.js b/test/output-app/resolvers/User.js index 0aa5cc3..6c01969 100644 --- a/test/output-app/resolvers/User.js +++ b/test/output-app/resolvers/User.js @@ -39,29 +39,17 @@ }, Mutation: { async createUser(root, { input }, { User, _user }) { - try { - const id = await User.insert(input, _user); - return User.getOneById(id, _user, 'createUser'); - } catch(error) { - console.log('ERROR:', error.message); - } + const id = await User.insert(input, _user); + return User.getOneById(id, _user, 'createUser'); }, async updateUser(root, { id, input }, { User, _user }) { - try { - await User.updateById(id, input, _user); - return User.getOneById(id, _user, 'updateUser'); - } catch(error) { - console.log('ERROR:', error.message); - } + await User.updateById(id, input, _user); + return User.getOneById(id, _user, 'updateUser'); }, async removeUser(root, { id }, { User, _user }) { - try { - return await User.removeById(id, _user); - } catch(error) { - console.log('ERROR:', error.message); - } + return await User.removeById(id, _user); }, }, Subscription: { diff --git a/test/output-app/server/authorize.js b/test/output-app/server/authorize.js deleted file mode 100644 index 69cbf35..0000000 --- a/test/output-app/server/authorize.js +++ /dev/null @@ -1,104 +0,0 @@ - import _ from 'lodash'; - import log from './logger'; - -/** - * @class Authorize - * adding Authorize to the context - **/ -export default class Authorize { - constructor(context){ - this.context = context; - } - - /** - * Returns an array of records, indexed by ids - * @params {object} collection - * @params {array} ids - * @params {object} authQuery - * @return {boolean} loggedIn - **/ - findByIdsWithAuth(collection, ids, authQuery) { - const baseQuery = { _id: { $in: ids } }; - const finalQuery = {...baseQuery, ...authQuery}; - return collection.find(finalQuery) - .toArray() - .then((docs) => { - const idMap = {}; - docs.forEach((d) => { idMap[d._id] = d; }); - return ids.map(id => idMap[id]); - }); - } - - /** - * Returns true, if user is loggedIn - * @params {object} user - * @return {boolean} loggedIn - **/ - loggedIn(user) { - if(user && user._id && user._id.toString() !== '') { - return true; - } - return false; - } - - // for compatibility reasons old document authorizer... - authorized({doc, mode, user, resolver}){ - log.debug(`user "${(user && user.username) ? user.username : ''}" authorized to ${mode} ${resolver} with doc "${(doc && doc._id) ? doc._id : ''}"`); - return doc; - } - - authorizedFields({doc, mode, user, resolver}){ - return doc; - } - - /** - * Returns a query object for the selection - * sets default values in the interface - * @params {object} user, the signed in or unknown user - * @params {array} userRoles, the role of the user, default '' - * @params {array} docRoles, the document owner fields of type: User - * @params {object} context, access to the User model methods - * @return {object} query-selection-object - **/ - //queryForRoles(user, userRoles, docRoles, { User }) { - queryForRoles(user, userRoles = [], docRoles = [], { User }) { - - // Authorized by userRoles - const role = User.authRole(user); - if (userRoles.includes(role)) { - return {}; - } - - // Authorized by docRoles - const query = { $or: [] }; - if (docRoles.length > 0){ - docRoles.forEach(docRole => query.$or.push( { [docRole]: user._id } )); - return query; - } - - // Not Authorized - return false; - } - - userForDoc(_user, docRoles, doc){ - const newDoc = Object.assign({}, doc); - let authorized = false; - docRoles.forEach(docRole => { - // user logged in and - // role field in doc exists and - // includes the current user - // includes works for String and Array - if ( - this.loggedIn(_user) && newDoc[docRole] && - ( - ( _.isArray(newDoc[docRole]) && newDoc[docRole].includes(_user._id.toString()) ) || - ( _.isObject(newDoc[docRole]) && newDoc[docRole].toString().includes(_user._id.toString()) ) - ) - ){ - authorized = true; - } - }) - return authorized; - } - -} From 95edb6fd800baa2185163d0545509a70f5e7b24e Mon Sep 17 00:00:00 2001 From: Tobias Klemmer Date: Thu, 15 Jun 2017 21:40:13 +0200 Subject: [PATCH 12/69] with authorization folder --- test/output-app/model/Tweet.js | 36 +++++++++++++++--------------- test/output-app/model/User.js | 24 ++++++++++---------- test/output-app/resolvers/Tweet.js | 12 +++++----- test/output-app/resolvers/User.js | 14 ++++++------ 4 files changed, 43 insertions(+), 43 deletions(-) diff --git a/test/output-app/model/Tweet.js b/test/output-app/model/Tweet.js index c2abcc2..2faaad3 100644 --- a/test/output-app/model/Tweet.js +++ b/test/output-app/model/Tweet.js @@ -15,45 +15,45 @@ export default class Tweet { return this.loader.load(id); } - getOneById(id, _user = {}, resolver = '') { + getOneById(id, _user = {}, resolver = 'getOneById') { const authQuery = queryForRoles(_user, auth, this.type, 'readOne', { User: this.context.User }, {_id: id}, resolver); return this.loader.load(id, authQuery); } - all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = '') { + all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = 'all') { const baseQuery = { createdAt: { $gt: lastCreatedAt } }; const authQuery = queryForRoles(_user, auth, this.type, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); const finalQuery = {...baseQuery, ...authQuery}; return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } - author(tweet, _user) { - return this.context.User.getOneById(tweet.authorId, _user, 'author'); + author(tweet, _user, resolver = 'author') { + return this.context.User.getOneById(tweet.authorId, _user, resolver); } - createdBy(tweet, _user) { - return this.context.User.getOneById(tweet.createdById, _user, 'createdBy'); + createdBy(tweet, _user, resolver = 'createdBy') { + return this.context.User.getOneById(tweet.createdById, _user, resolver); } - updatedBy(tweet, _user) { - return this.context.User.getOneById(tweet.updatedById, _user, 'udpatedBy'); + updatedBy(tweet, _user, resolver = 'updatedBy') { + return this.context.User.getOneById(tweet.updatedById, _user, resolver); } - coauthors(tweet, { lastCreatedAt = 0, limit = 10 }, _user) { + coauthors(tweet, { lastCreatedAt = 0, limit = 10 }, _user, resolver = 'coauthors') { const baseQuery = {_id: { $in: tweet.coauthorsIds }, createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, auth, this.type, 'readMany', { User: this.context.User }, {_id: 'all'}, 'coauthors'); + const authQuery = queryForRoles(_user, auth, this.type, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); const finalQuery = {...baseQuery, ...authQuery}; return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } - likers(tweet, { lastCreatedAt = 0, limit = 10 }, _user) { + likers(tweet, { lastCreatedAt = 0, limit = 10 }, _user, resolver = 'likers') { const baseQuery = {likedIds: tweet._id, createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, auth, this.type, 'readMany', { User: this.context.User }, {_id: 'all'}, 'likers'); + const authQuery = queryForRoles(_user, auth, this.type, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); const finalQuery = {...baseQuery, ...authQuery}; return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } - async insert(doc, _user) { + async insert(doc, _user, resolver = 'insert') { let docToInsert = Object.assign({}, doc, { createdAt: Date.now(), updatedAt: Date.now(), @@ -61,7 +61,7 @@ export default class Tweet { updatedById: (_user && _user._id) ? _user._id : 'unknown', }); - const authQuery = queryForRoles(_user, auth, this.type, 'create', { User: this.context.User }, {_id: '', ...docToInsert}, 'insert'); + const authQuery = queryForRoles(_user, auth, this.type, 'create', { User: this.context.User }, {_id: '', ...docToInsert}, resolver); const id = (await this.collection.insertOne(docToInsert)).insertedId; if (id){ @@ -75,7 +75,7 @@ export default class Tweet { return id; } - async updateById(id, doc, _user) { + async updateById(id, doc, _user, resolver = 'updateById') { // must get the record first, to capture all authorization relevant fields const docBefore = await this.getOneById(id, _user, 'getOneById in updateById for docBefore'); let docToUpdate = {$set: Object.assign({}, doc, { @@ -84,7 +84,7 @@ export default class Tweet { })}; const baseQuery = {_id: id}; - const authQuery = queryForRoles(_user, auth, this.type, 'update', { User: this.context.User }, {...docBefore, ...docToUpdate}, 'updateById'); + const authQuery = queryForRoles(_user, auth, this.type, 'update', { User: this.context.User }, {...docBefore, ...docToUpdate}, resolver); const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.updateOne(finalQuery, docToUpdate); @@ -101,11 +101,11 @@ export default class Tweet { return result; } - async removeById(id, _user) { + async removeById(id, _user, resolver = 'removeById') { // must get the record first, to capture all authorization relevant fields const docBefore = await this.getOneById(id, _user, 'getOneById in removeById for docBefore'); const baseQuery = {_id: id}; - const authQuery = queryForRoles(_user, auth, this.type, 'delete', { User: this.context.User }, {...docBefore}, 'removeById'); + const authQuery = queryForRoles(_user, auth, this.type, 'delete', { User: this.context.User }, {...docBefore}, resolver); const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.remove(finalQuery); diff --git a/test/output-app/model/User.js b/test/output-app/model/User.js index 04b4fb9..f77a83c 100644 --- a/test/output-app/model/User.js +++ b/test/output-app/model/User.js @@ -19,12 +19,12 @@ export default class User { return this.loader.load(id); } - getOneById(id, _user = {}, resolver = '') { + getOneById(id, _user = {}, resolver = 'getOneById') { const authQuery = queryForRoles(_user, auth, this.type, 'readOne', { User: this.context.User }, {_id: id}, resolver); return this.loader.load(id, authQuery); } - all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = '') { + all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = 'all') { const baseQuery = { createdAt: { $gt: lastCreatedAt } }; const authQuery = queryForRoles(_user, auth, this.type, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); const finalQuery = {...baseQuery, ...authQuery}; @@ -71,15 +71,15 @@ export default class User { return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } - createdBy(user, _user) { - return this.context.User.getOneById(user.createdById, _user, 'createdBy'); + createdBy(user, _user, resolver = 'createdBy') { + return this.context.User.getOneById(user.createdById, _user, resolver); } - updatedBy(user, _user) { - return this.context.User.getOneById(user.updatedById, _user, 'updatedBy'); + updatedBy(user, _user, resolver = 'updatedBy') { + return this.context.User.getOneById(user.updatedById, _user, resolver); } - async insert(doc, _user) { + async insert(doc, _user, resolver = 'insert') { let docToInsert = Object.assign({}, doc, { createdAt: Date.now(), updatedAt: Date.now(), @@ -87,7 +87,7 @@ export default class User { updatedById: (_user && _user._id) ? _user._id : 'unknown', }); - const authQuery = queryForRoles(_user, auth, this.type, 'create', { User: this.context.User }, {_id: '', ...docToInsert}, 'insert'); + const authQuery = queryForRoles(_user, auth, this.type, 'create', { User: this.context.User }, {_id: '', ...docToInsert}, resolver); const id = (await this.collection.insertOne(docToInsert)).insertedId; if (id){ @@ -101,7 +101,7 @@ export default class User { return id; } - async updateById(id, doc, _user) { + async updateById(id, doc, _user, resolver = 'updateById') { // must get the record first, to capture all authorization relevant fields const docBefore = await this.getOneById(id, _user, 'getOneById in updateById for docBefore'); let docToUpdate = {$set: Object.assign({}, doc, { @@ -110,7 +110,7 @@ export default class User { })}; const baseQuery = {_id: id}; - const authQuery = queryForRoles(_user, auth, this.type, 'update', { User: this.context.User }, {...docBefore, ...docToUpdate}, 'updateById'); + const authQuery = queryForRoles(_user, auth, this.type, 'update', { User: this.context.User }, {...docBefore, ...docToUpdate}, resolver); const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.updateOne(finalQuery, docToUpdate); @@ -127,11 +127,11 @@ export default class User { return result; } - async removeById(id, _user) { + async removeById(id, _user, resolver = 'removeById') { // must get the record first, to capture all authorization relevant fields const docBefore = await this.getOneById(id, _user, 'getOneById in removeById for docBefore'); const baseQuery = {_id: id}; - const authQuery = queryForRoles(_user, auth, this.type, 'delete', { User: this.context.User }, {...docBefore}, 'removeById'); + const authQuery = queryForRoles(_user, auth, this.type, 'delete', { User: this.context.User }, {...docBefore}, resolver); const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.remove(finalQuery); diff --git a/test/output-app/resolvers/Tweet.js b/test/output-app/resolvers/Tweet.js index 54cf71c..187b61e 100644 --- a/test/output-app/resolvers/Tweet.js +++ b/test/output-app/resolvers/Tweet.js @@ -5,23 +5,23 @@ const resolvers = { }, author(tweet, args, { Tweet, _user }) { - return Tweet.author(tweet, _user); + return Tweet.author(tweet, _user, 'author'); }, createdBy(tweet, args, { Tweet, _user }) { - return Tweet.createdBy(tweet, _user); + return Tweet.createdBy(tweet, _user, 'createdBy'); }, updatedBy(tweet, args, { Tweet, _user }) { - return Tweet.updatedBy(tweet, _user); + return Tweet.updatedBy(tweet, _user, 'updatedBy'); }, coauthors(tweet, { lastCreatedAt, limit }, { Tweet, _user }) { - return Tweet.coauthors(tweet, { lastCreatedAt, limit }, _user); + return Tweet.coauthors(tweet, { lastCreatedAt, limit }, _user, 'coauthors'); }, likers(tweet, { lastCreatedAt, limit }, { Tweet, _user }) { - return Tweet.likers(tweet, { lastCreatedAt, limit }, _user); + return Tweet.likers(tweet, { lastCreatedAt, limit }, _user, 'likers'); }, }, Query: { @@ -45,7 +45,7 @@ const resolvers = { }, async removeTweet(root, { id }, { Tweet, _user }) { - return await Tweet.removeById(id, _user); + return await Tweet.removeById(id, _user, 'removeTweet'); }, }, Subscription: { diff --git a/test/output-app/resolvers/User.js b/test/output-app/resolvers/User.js index 6c01969..fd2c431 100644 --- a/test/output-app/resolvers/User.js +++ b/test/output-app/resolvers/User.js @@ -5,27 +5,27 @@ }, createdBy(user, args, { User, _user }) { - return User.createdBy(user, _user); + return User.createdBy(user, _user, 'createdBy'); }, updatedBy(user, args, { User, _user }) { - return User.updatedBy(user, _user); + return User.updatedBy(user, _user, 'updatedBy'); }, tweets(user, { minLikes, lastCreatedAt, limit }, { User, _user }) { - return User.tweets(user, { minLikes, lastCreatedAt, limit }, _user); + return User.tweets(user, { minLikes, lastCreatedAt, limit }, _user, 'tweets'); }, liked(user, { lastCreatedAt, limit }, { User, _user }) { - return User.liked(user, { lastCreatedAt, limit }, _user); + return User.liked(user, { lastCreatedAt, limit }, _user, 'liked'); }, following(user, { lastCreatedAt, limit }, { User, _user }) { - return User.following(user, { lastCreatedAt, limit }, _user); + return User.following(user, { lastCreatedAt, limit }, _user, 'following'); }, followers(user, { lastCreatedAt, limit }, { User, _user }) { - return User.followers(user, { lastCreatedAt, limit }, _user); + return User.followers(user, { lastCreatedAt, limit }, _user, 'followers'); }, }, Query: { @@ -49,7 +49,7 @@ }, async removeUser(root, { id }, { User, _user }) { - return await User.removeById(id, _user); + return await User.removeById(id, _user, 'removeUser'); }, }, Subscription: { From 125617c66480cb09a607551eac9d5bc6f55a2a21 Mon Sep 17 00:00:00 2001 From: Tobias Klemmer Date: Fri, 16 Jun 2017 00:24:53 +0200 Subject: [PATCH 13/69] removed authorization folder --- package.json | 3 +- test/output-app/README.md | 525 ++++++++++++++++++ test/output-app/authorizations/Tweet.js | 18 - test/output-app/authorizations/User.js | 39 -- test/output-app/authorizations/index.js | 8 - test/output-app/model/Tweet.js | 36 +- test/output-app/model/User.js | 61 +- .../helpers.js => server/authorize.js} | 26 +- yarn.lock | 456 +++++++++------ 9 files changed, 897 insertions(+), 275 deletions(-) create mode 100644 test/output-app/README.md delete mode 100644 test/output-app/authorizations/Tweet.js delete mode 100644 test/output-app/authorizations/User.js delete mode 100644 test/output-app/authorizations/index.js rename test/output-app/{authorizations/helpers.js => server/authorize.js} (81%) diff --git a/package.json b/package.json index eea5dbe..1dc3327 100644 --- a/package.json +++ b/package.json @@ -34,7 +34,7 @@ "babel-register": "6.16.3", "chai": "^3.5.0", "chai-diff": "^1.0.1", - "eslint": "3.8.1", + "eslint": "^4.0.0", "eslint-config-airbnb": "12.0.0", "eslint-plugin-babel": "3.3.0", "eslint-plugin-import": "1.16.0", @@ -49,6 +49,7 @@ "cpr": "^2.0.0", "denodeify": "^1.2.1", "escape-string-regexp": "^1.0.5", + "global": "^4.3.2", "graphql": "0.7.2", "lodash.clonedeep": "^4.5.0", "lodash.includes": "^4.3.0", diff --git a/test/output-app/README.md b/test/output-app/README.md new file mode 100644 index 0000000..1421631 --- /dev/null +++ b/test/output-app/README.md @@ -0,0 +1,525 @@ +# create-graphql-server + +This is a generated create-graphql-server app. + +## Implementing Authorizations +Use the @authorize directive in a \.graphql input file, to define which authorizations should be generated by create-graphql-server. You can define user-roles and document-roles to control authorizations. + +* user-roles: e.g. User.role = "admin", all admins are allowed to do create, read, update, delete,... +* document-roles: e.g. Tweet.authorId = User._id, only authors are allowed to create, update, delete a document + +On field level you can control access also by the @authorize directive +e.g. updating the User with set role = "admin", shouldn't be allowed by for all users. So we need a way to restrict the create, read, update, delete operations also on field level if required. + +Use the following syntax for the Tweet.graphql input file:: +```javascript +type Tweet + +@authorize( + admin: ["create", "read", "update", "delete"], + author: ["create", "read", "update", "delete"], + coauthors: ["read", "update"], + world: ["read"] +) + +{ + author: User! @unmodifiable @belongsTo @authRole("author") + coauthors: [User] @belongsTo @authRole("coauthors") + body: String! + + likers: [User!] @hasAndBelongsToMany(as: "liked") +} +``` +This has the following meaning: +* user-roles: "admin", "world" are created (user roles don't have own fields of type User or [User] in the document) + This will check, if the logged in user has a role "admin". Or if there is a special role "world", which just means every known or unknown user, for "world" you don't have to be logged in. + So each "admin" user will be able to create, read, update or delete the Tweet document. + Everyone ("world") will be allowed to read all Tweets. +* document-roles: "author", "coauthors" are created (document roles have fields in the document) + Look for the fields with the directive @authRole("...") + Only the author of a Tweet is allowed to create, read, update, delete its single Tweet. + Only a coauthor of a Tweet is allowed to read and update a Tweet, but he is not allowed to create a Tweet for a different author, and also not to delete a tweet of a different user. + + +and for the User.graphql input file: +```javascript +type User + +@authorize( + admin: ["create", "read", "update", "delete"] + this: ["readOne", "update", "delete"] +) + +{ + role: String! @authRole("admin") @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne", "delete"]) + + username: String! + + bio: String + notify: Boolean + + tweets(minLikes: Int): [Tweet!] @hasMany(as: "author") + liked: [Tweet!] @belongsToMany + + following: [User!] @belongsToMany + followers: [User!] @hasAndBelongsToMany(as: "following") +} +``` +This has the following meaning: +* user-role: "admin", is created (user roles don't have own fields of type User or [User] in the document) + It is a String field with: **role: String! @authRole("admin")** + This will check, if the logged in user has a role "admin". + So each "admin" user will be able to create, read, update or delete any User document. +* document-role: "this", is created (document roles have own fields in the document, but this is a special case for the field _id, which is not shown in the input type, but will be generated in the later schema file.) + Only the user id of "this" meaning _id is allowed to readOne, update, delete its single User document. + +Here we use also the @authorize directive on field level for the field role: +```javascript +... +role: String! @authRole("admin") @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne", "delete"]) +... +``` +This adds additional authorization checks on the field level just for this field "role". +Every time this field "role" appears in any document, it will be checked, if the user is authorized to do the operation on this document containing this field. If the field is not in the document, it skips the field check. + +In this case it checks: +* if the user-role "admin" is the authorized user, then it allows him to create, read, update, delete operations also on the document, if it contains the field "role" +* if the document-role "this" (=owner of the document user._id_ = doc._id_) to do the operations "readOne" and "delete" on the User document, but it doesn't allow him to upgrade/update his own User.role. + +Use create-graphql-server cli to generate the according schema, resolver, model files with the create-graphql-server command line interface. After its generation, you will find the generated files in the sub folders: schema, resolvers, model folders. The generated model files will use the following functions to implement the authorization logic. + +### model.js + +```javascript +import DataLoader from 'dataloader'; +import { queryForRoles, findByIds } from '../server/authorize'; + +export default class { + constructor(context){ + ... + this.loader = new DataLoader((ids, authQuery = {}) => findByIds(this.collection, ids, authQuery)); + ... + } +... +getOneById(id, _user = {}, resolver = 'getOneById') { + const authQuery = queryForRoles(_user, this.auth, 'readOne', { User: this.context.User }, {_id: id}, resolver); + return this.loader.load(id, authQuery); +} + +all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = 'all') { + const baseQuery = { createdAt: { $gt: lastCreatedAt } }; + const authQuery = queryForRoles(_user, this.auth, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); + const finalQuery = {...baseQuery, ...authQuery}; + return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); +} +... +} +``` + +### ./model/Tweet.js +generated model file for the above input type Tweet.graphql: +this.auth is generated by the @authorize directive. You can see, the directive argument "read" is used to express "readOne" and "readMany" at the same time. Instead you can use "readOne" and "readMany" for fine grained control on read operations, to allow access to just one record or many records. +```javascript +import log from '../server/logger'; +import DataLoader from 'dataloader'; +import { findByIds, queryForRoles } from '../server/authorize'; + +export default class Tweet { + constructor(context) { + this.context = context; + this.collection = context.db.collection('tweet'); + this.pubsub = context.pubsub; + this.loader = new DataLoader((ids, authQuery = {}) => findByIds(this.collection, ids, authQuery)); + this.auth = { + type: 'Tweet', + userRoles: { + create: ['admin'], + read: ['admin', 'world'], + readOne: ['admin', 'world'], + readMany: ['admin', 'world'], + update: ['admin'], + delete: ['admin'], + }, + docRoles: { + create: ['authorId'], + read: ['authorId', 'coauthorsIds'], + readOne: ['authorId', 'coauthorsIds'], + readMany: ['authorId', 'coauthorsIds'], + update: ['authorId', 'coauthorsIds'], + delete: ['authorId'], + }, + } + } + + findOneById(id) { + return this.loader.load(id); + } + + getOneById(id, _user = {}, resolver = 'getOneById') { + const authQuery = queryForRoles(_user, this.auth, 'readOne', { User: this.context.User }, {_id: id}, resolver); + return this.loader.load(id, authQuery); + } + + all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = 'all') { + const baseQuery = { createdAt: { $gt: lastCreatedAt } }; + const authQuery = queryForRoles(_user, this.auth, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); + const finalQuery = {...baseQuery, ...authQuery}; + return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + } + ... +} +``` + +### ./model/User.js +generated model file for the above input type User.graphql: +this.auth is generated by the @authorize directive. Here also with field authorizations. +```javascript +import log from '../server/logger'; +import DataLoader from 'dataloader'; +import { findByIds, queryForRoles } from '../server/authorize'; + +export default class User { + constructor(context) { + this.context = context; + this.collection = context.db.collection('user'); + this.pubsub = context.pubsub; + this.loader = new DataLoader((ids, authQuery = {}) => findByIds(this.collection, ids, authQuery)); + this.auth = { + type: 'User', + userRoles: { + create: ['admin'], + read: ['admin'], + readOne: ['admin'], + readMany: ['admin'], + update: ['admin'], + delete: ['admin'], + }, + docRoles: { + create: [], + read: [], + readOne: ['_id'], // == 'this' + readMany: [], + update: ['_id'], + delete: ['_id'], + }, + fields: [ + { + name: 'role', + userRoles: { + create: ['admin'], + read: ['admin'], + readOne: ['admin'], + readMany: ['admin'], + update: ['admin'], + delete: ['admin'], + }, + docRoles: { + create: [], + read: [], + readOne: ['_id'], // == 'this' + readMany: [], + update: [], + delete: ['_id'], + }, + } + ] + } + } + + authRole(user){ + return (user && user.role) ? user.role : ''; + } + + findOneById(id) { + return this.loader.load(id); + } + + getOneById(id, _user = {}, resolver = 'getOneById') { + const authQuery = queryForRoles(_user, this.auth, 'readOne', { User: this.context.User }, {_id: id}, resolver); + return this.loader.load(id, authQuery); + } + + all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = 'all') { + const baseQuery = { createdAt: { $gt: lastCreatedAt } }; + const authQuery = queryForRoles(_user, this.auth, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); + const finalQuery = {...baseQuery, ...authQuery}; + return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + } + ... +} +``` + + +### function findByIds +This is an extended version of [mongo-find-by-ids](https://github.com/tmeasday/mongo-find-by-ids). +The enhancement is only to provide an additional authQuery object, to extend the query to meet additional authorizations. +```javascript +// enhanced version of tmeasday's findByIds plus authQuery handling +export function findByIds(collection, ids = [], authQuery = {}) { + const baseQuery = { _id: { $in: ids } }; + const finalQuery = {...baseQuery, ...authQuery}; + return collection.find(finalQuery) + .toArray() + .then((docs) => { + const idMap = {}; + docs.forEach((d) => { idMap[d._id] = d; }); + return ids.map(id => idMap[id]); + }); +} +``` + +### function queryForRoles +Use function queryForRoles to generate an authQuery object. + +It expects the following arguments: +```javascript +// creates an authQuery object with additional query arguments, +// to implement authorization restrictions for mongodb access +export function queryForRoles(user = {}, auth = {}, mode = '', { User }, doc = {}, resolver = '') { + + // Build query for the case: The logged in user's role is authorized + if (roleAuthorizedForDoc(user, auth, mode, { User }, doc, resolver)) { + return {}; // empty authQuery means, do operation with no access restrictions + } + + // Build query for the case: The user is listed in any document field + const query = { $or: [] }; + if (userAuthorizedForDoc(user, auth, mode, { User }, doc, resolver)){ + const docRoles = auth.docRoles[mode] || []; + docRoles.forEach(docRole => query.$or.push( { [docRole]: user._id } ) ); + log.debug('authQuery:', JSON.stringify(query, null, 2)); + return query; + } + + // Not Authorized + throw new Error(`Authorization: Not authorized to ${mode} ${auth.type} ${doc._id ? doc._id : ''}.`); +} +``` + +It expects the following arguments with the meanings: +* **user:** this is the logged in user object out of the resolver's context +* **auth:** this is the auth object in the model, which was generated by the @authorize directives in the .graphql file +* **mode:** this is the current mode of operation: + * **create:** insert a record to the database + * **read:** read a record or many records from the database + * **readOne:** read only a single record from the database + * **readMany:** read many records from the the database + * **update:** update a record in the database + * **delete:** remove a record from the database +* **doc:** the current document to be checked for authorizations +* **resolver:** this is a string with the resolver's name, optional, only for easier debugging + +### function roleAuthorizedForDoc +This helper function is used by queryForRoles, and decides, if a user gains the authorization by its role. +For example: If a user has a field "role" in his user document and it contains the value "admin". So it checks if a user's role is admin, and allows all operations for admins. +```javascript +// returns true, if the user's role is authorized for a document +export function roleAuthorizedForDoc(user = {}, auth = {}, mode = '', { User }, doc = {}, resolver = ''){ + const userRoles = auth.userRoles[mode] || []; + const role = User.authRole(user); + const fields = auth.fields || []; + + if ( userRoles.includes('world') || role && role !== '' && role !== '' && userRoles.length > 0 && userRoles.includes(role) ) { + let fieldsAuthorized = true; + + // check all fields with @authorize directives, if any of them is not allowed for the role + fields.forEach(field => { + // if this field is in the document, + if (doc[field.name]) { + const fieldUserRoles = field.userRoles[mode] || []; + //check if the user role doesn't allow this field + if ( fieldUserRoles.length === 0 || ! ( fieldUserRoles.includes(role) || fieldUserRoles.includes('world') ) ){ + fieldsAuthorized = false; + } + } + }); + + // only if all fields of the document are allowed for the role + if (fieldsAuthorized){ + log.debug(`${resolver} ${mode} with user ${user.username ? user.username : ''} for ${auth.type} and ${doc._id ? doc._id : ''}`); + return true; + } + + } + + return false; +} +``` + +### function userAuthorizedForDoc +This helper function is used by queryForRoles, and decides, if a user gains the authorization by its userId in the document role fields. For example if a document of type "Tweet" contains a field named "authorId", it checks if the logged in user's id is included in the field "authorId", if so, he gains control over all operations, which are allowed for the document role "author". It can be also more complicated, if you have an array field "coauthorsIds", which includes all userIds of all coauthors, then it checks, if the user is among the the coauthors, if so, it gains control over all coauthors operations. +```javascript +// returns true, if the user is authorized by a document role +export function userAuthorizedForDoc(user = {}, auth = {}, mode = '', { User }, doc = {}, resolver = ''){ + const docRoles = auth.docRoles[mode] || []; + const fields = auth.fields || []; + let userId; + let authorized = false; + + // document role checks work only with logged in user + if (!loggedIn(user)) return false; + userId = user._id.toString(); + + // check if any docRole leads to an authorization + docRoles.forEach(docRole => { + const docRoleField = doc[docRole]; + let fieldsAuthorized = true; + // check if the field for the docRole check is in the document, if not, it cannot be checked + if (docRoleField){ + // check if user is authorized for doc + if (fieldContainsUserId(docRoleField, userId)){ + + // check if user is authorized for the doc's fields + fields.forEach(field => { + const fieldDocRoles = field.docRoles[mode] || []; + // check if restricted field is in the current document, and if the current docRole is not in the docRole of the field + if (mode !== 'update' && doc[field.name] && !fieldDocRoles.includes(docRole)){ + fieldsAuthorized = false; + } + // check if doc contains a $set object, and this contains any of the fields, + // and if the current docRole is not in the docRole of the field + if (mode === 'update' && doc.$set && doc.$set[field.name] && !fieldDocRoles.includes(docRole)){ + fieldsAuthorized = false; + } + }); + + // only if the same role is authorized for the document and all fields, it is allowed + if (fieldsAuthorized){ + log.debug(`${resolver} ${mode} with user ${(user.username) ? user.username : ''} for ${auth.type} and docRole ${docRole} for doc with id: ${doc._id ? doc._id : ''}`); + authorized = true; + return true; + } + + } + } + }); + + return authorized; +} +``` + +### function fieldContainsUserId +This helper function is used by queryForRoles and checks, if the provided field of types: array, object or string contains the userId. +```javascript +// returns true, if a field of type array/object/string contains the userId +export function fieldContainsUserId(docRoleField, userId) { + let userIdFound = false; + + // handle an array of userIds + if (_.isArray(docRoleField)){ + docRoleField.forEach(field => { + if (field.toString() === userId){ + userIdFound = true; + } + }); + } + + // handle a field with one userId, must be an object, if it is an ObjectId('') + if (_.isObject(docRoleField) && docRoleField.toString() === userId){ + userIdFound = true; + } + + // handle a field with just an userId String + if (_.isString(docRoleField) && docRoleField.toString() === userId){ + userIdFound = true; + } + + return userIdFound; +} +``` + +### ./resolver/User.js +In the resolver interfaces, there are different objects: +* the root object "tweet", contains the document fields +* the args object "args", contains arguments from the graphql query/mutation +* the context object "Tweet", contains the access to the database model of the Tweet collection +* the context object "_user", contains the current logged in user -if logged in-, which is provided from the server's passport implementation +* the last argument in the resolver function is the resolver's name, which is optional and only to enhance the logging in debugging mode by additional information. If you have to analyze authorization outcomes, this helps a lot to figure out, which resolvers authorization rule fired. +```javascript +const resolvers = { + Tweet: { + id(tweet) { + return tweet._id; + }, + + author(tweet, args, { Tweet, _user }) { + return Tweet.author(tweet, _user, 'author'); + }, + + createdBy(tweet, args, { Tweet, _user }) { + return Tweet.createdBy(tweet, _user, 'createdBy'); + }, + + updatedBy(tweet, args, { Tweet, _user }) { + return Tweet.updatedBy(tweet, _user, 'updatedBy'); + }, + + coauthors(tweet, { lastCreatedAt, limit }, { Tweet, _user }) { + return Tweet.coauthors(tweet, { lastCreatedAt, limit }, _user, 'coauthors'); + }, + + likers(tweet, { lastCreatedAt, limit }, { Tweet, _user }) { + return Tweet.likers(tweet, { lastCreatedAt, limit }, _user, 'likers'); + }, + }, + Query: { + tweets(root, { lastCreatedAt, limit }, { Tweet, _user }) { + return Tweet.all({ lastCreatedAt, limit }, _user, 'tweets'); + }, + + tweet(root, { id }, { Tweet, _user }) { + return Tweet.getOneById(id, _user, 'tweet'); + }, + }, + Mutation: { + async createTweet(root, { input }, { Tweet, _user }) { + const id = await Tweet.insert(input, _user); + return Tweet.getOneById(id, _user, 'createTweet'); + }, + + async updateTweet(root, { id, input }, { Tweet, _user }) { + await Tweet.updateById(id, input, _user); + return Tweet.getOneById(id, _user, 'updateTweet'); + }, + + async removeTweet(root, { id }, { Tweet, _user }) { + return await Tweet.removeById(id, _user, 'removeTweet'); + }, + }, + Subscription: { + tweetCreated: tweet => tweet, + tweetUpdated: tweet => tweet, + tweetRemoved: id => id, + }, +}; + +export default resolvers; +``` + +### Testing +If you run within the project root at least one time, it generates the database and adds the seed tweet and user documents once during each run. +```bash +yarn end-to-end-test +``` +It executes many pre-defined tests with different user-roles and document-roles. May be you want to add additional tests to enhance the security of the logic. + +If you want to test with the http://localhost:3000/graphiql frontend, best download the following app: +```bash +brew cask install graphiql +``` +...and generate a JWT token for your test user by running: +```bash +babel-node ./test/output-app-end-to-end/scripts/generateJWT.js +``` +This generates JWT tokens for the different test users from the ./test/seeds/User.json. Copy the wanted JWT token of the different users, and start the GraphiQL app with the following entries: + +* GraphQL endpoint: ```http://localhost:3000/graphql``` +* Method: ```POST``` +* Edit HTTP headers: + * Header name: ```authorization``` + * Header value: ```JWT the-copied-token``` + +...and write and execute your queries/mutations in the GraphiQL window. + +If you use different user's JWT tokens, you can simulate the different user roles such as "admin", "editor" and "user" manually. + diff --git a/test/output-app/authorizations/Tweet.js b/test/output-app/authorizations/Tweet.js deleted file mode 100644 index a25a32c..0000000 --- a/test/output-app/authorizations/Tweet.js +++ /dev/null @@ -1,18 +0,0 @@ -export const Tweet = { - userRoles: { - create: ['admin'], - read: ['admin', 'world'], - readOne: ['admin', 'world'], - readMany: ['admin', 'world'], - update: ['admin'], - delete: ['admin'], - }, - docRoles: { - create: ['authorId'], - read: ['authorId', 'coauthorsIds'], - readOne: ['authorId', 'coauthorsIds'], - readMany: ['authorId', 'coauthorsIds'], - update: ['authorId', 'coauthorsIds'], - delete: ['authorId'], - }, -}; diff --git a/test/output-app/authorizations/User.js b/test/output-app/authorizations/User.js deleted file mode 100644 index 3654abf..0000000 --- a/test/output-app/authorizations/User.js +++ /dev/null @@ -1,39 +0,0 @@ -export const User = { - userRoles: { - create: ['admin'], - read: ['admin'], - readOne: ['admin'], - readMany: ['admin'], - update: ['admin'], - delete: ['admin'], - }, - docRoles: { - create: [], - read: [], - readOne: ['_id'], // == 'this' - readMany: [], - update: ['_id'], - delete: ['_id'], - }, - fields: [ - { - name: 'role', - userRoles: { - create: ['admin'], - read: ['admin'], - readOne: ['admin'], - readMany: ['admin'], - update: ['admin'], - delete: ['admin'], - }, - docRoles: { - create: [], - read: [], - readOne: ['_id'], // == 'this' - readMany: [], - update: [], - delete: ['_id'], - }, - } - ] -}; diff --git a/test/output-app/authorizations/index.js b/test/output-app/authorizations/index.js deleted file mode 100644 index b2bba94..0000000 --- a/test/output-app/authorizations/index.js +++ /dev/null @@ -1,8 +0,0 @@ -export * from './helpers'; -export const auth = {}; - -import { User } from './User'; -auth.User = User; - -import { Tweet } from './Tweet'; -auth.Tweet = Tweet; diff --git a/test/output-app/model/Tweet.js b/test/output-app/model/Tweet.js index 2faaad3..4a3b166 100644 --- a/test/output-app/model/Tweet.js +++ b/test/output-app/model/Tweet.js @@ -1,6 +1,6 @@ import log from '../server/logger'; import DataLoader from 'dataloader'; -import { auth, findByIds, queryForRoles } from '../authorizations'; +import { findByIds, queryForRoles } from '../server/authorize'; export default class Tweet { constructor(context) { @@ -8,7 +8,25 @@ export default class Tweet { this.collection = context.db.collection('tweet'); this.pubsub = context.pubsub; this.loader = new DataLoader((ids, authQuery = {}) => findByIds(this.collection, ids, authQuery)); - this.type = 'Tweet'; + this.auth = { + type: 'Tweet', + userRoles: { + create: ['admin'], + read: ['admin', 'world'], + readOne: ['admin', 'world'], + readMany: ['admin', 'world'], + update: ['admin'], + delete: ['admin'], + }, + docRoles: { + create: ['authorId'], + read: ['authorId', 'coauthorsIds'], + readOne: ['authorId', 'coauthorsIds'], + readMany: ['authorId', 'coauthorsIds'], + update: ['authorId', 'coauthorsIds'], + delete: ['authorId'], + }, + } } findOneById(id) { @@ -16,13 +34,13 @@ export default class Tweet { } getOneById(id, _user = {}, resolver = 'getOneById') { - const authQuery = queryForRoles(_user, auth, this.type, 'readOne', { User: this.context.User }, {_id: id}, resolver); + const authQuery = queryForRoles(_user, this.auth, 'readOne', { User: this.context.User }, {_id: id}, resolver); return this.loader.load(id, authQuery); } all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = 'all') { const baseQuery = { createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, auth, this.type, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); + const authQuery = queryForRoles(_user, this.auth, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); const finalQuery = {...baseQuery, ...authQuery}; return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } @@ -41,14 +59,14 @@ export default class Tweet { coauthors(tweet, { lastCreatedAt = 0, limit = 10 }, _user, resolver = 'coauthors') { const baseQuery = {_id: { $in: tweet.coauthorsIds }, createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, auth, this.type, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); + const authQuery = queryForRoles(_user, this.context.User.auth, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); const finalQuery = {...baseQuery, ...authQuery}; return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } likers(tweet, { lastCreatedAt = 0, limit = 10 }, _user, resolver = 'likers') { const baseQuery = {likedIds: tweet._id, createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, auth, this.type, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); + const authQuery = queryForRoles(_user, this.context.User.auth, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); const finalQuery = {...baseQuery, ...authQuery}; return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } @@ -61,7 +79,7 @@ export default class Tweet { updatedById: (_user && _user._id) ? _user._id : 'unknown', }); - const authQuery = queryForRoles(_user, auth, this.type, 'create', { User: this.context.User }, {_id: '', ...docToInsert}, resolver); + const authQuery = queryForRoles(_user, this.auth, 'create', { User: this.context.User }, {_id: '', ...docToInsert}, resolver); const id = (await this.collection.insertOne(docToInsert)).insertedId; if (id){ @@ -84,7 +102,7 @@ export default class Tweet { })}; const baseQuery = {_id: id}; - const authQuery = queryForRoles(_user, auth, this.type, 'update', { User: this.context.User }, {...docBefore, ...docToUpdate}, resolver); + const authQuery = queryForRoles(_user, this.auth, 'update', { User: this.context.User }, {...docBefore, ...docToUpdate}, resolver); const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.updateOne(finalQuery, docToUpdate); @@ -105,7 +123,7 @@ export default class Tweet { // must get the record first, to capture all authorization relevant fields const docBefore = await this.getOneById(id, _user, 'getOneById in removeById for docBefore'); const baseQuery = {_id: id}; - const authQuery = queryForRoles(_user, auth, this.type, 'delete', { User: this.context.User }, {...docBefore}, resolver); + const authQuery = queryForRoles(_user, this.auth, 'delete', { User: this.context.User }, {...docBefore}, resolver); const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.remove(finalQuery); diff --git a/test/output-app/model/User.js b/test/output-app/model/User.js index f77a83c..55a6ccc 100644 --- a/test/output-app/model/User.js +++ b/test/output-app/model/User.js @@ -1,6 +1,6 @@ import log from '../server/logger'; import DataLoader from 'dataloader'; -import { auth, findByIds, queryForRoles } from '../authorizations'; +import { findByIds, queryForRoles } from '../server/authorize'; export default class User { constructor(context) { @@ -8,7 +8,46 @@ export default class User { this.collection = context.db.collection('user'); this.pubsub = context.pubsub; this.loader = new DataLoader((ids, authQuery = {}) => findByIds(this.collection, ids, authQuery)); - this.type = 'User'; + this.auth = { + type: 'User', + userRoles: { + create: ['admin'], + read: ['admin'], + readOne: ['admin'], + readMany: ['admin'], + update: ['admin'], + delete: ['admin'], + }, + docRoles: { + create: [], + read: [], + readOne: ['_id'], // == 'this' + readMany: [], + update: ['_id'], + delete: ['_id'], + }, + fields: [ + { + name: 'role', + userRoles: { + create: ['admin'], + read: ['admin'], + readOne: ['admin'], + readMany: ['admin'], + update: ['admin'], + delete: ['admin'], + }, + docRoles: { + create: [], + read: [], + readOne: ['_id'], // == 'this' + readMany: [], + update: [], + delete: ['_id'], + }, + } + ] + } } authRole(user){ @@ -20,13 +59,13 @@ export default class User { } getOneById(id, _user = {}, resolver = 'getOneById') { - const authQuery = queryForRoles(_user, auth, this.type, 'readOne', { User: this.context.User }, {_id: id}, resolver); + const authQuery = queryForRoles(_user, this.auth, 'readOne', { User: this.context.User }, {_id: id}, resolver); return this.loader.load(id, authQuery); } all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = 'all') { const baseQuery = { createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, auth, this.type, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); + const authQuery = queryForRoles(_user, this.auth, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); const finalQuery = {...baseQuery, ...authQuery}; return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } @@ -36,7 +75,7 @@ export default class User { authorId: user._id, createdAt: { $gt: lastCreatedAt }, }; - const authQuery = queryForRoles(_user, auth, this.type, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); + const authQuery = queryForRoles(_user, this.context.Tweet.auth, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); const finalQuery = {...baseQuery, ...authQuery}; return this.context.Tweet.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } @@ -46,7 +85,7 @@ export default class User { _id: { $in: user.likedIds }, createdAt: { $gt: lastCreatedAt }, }; - const authQuery = queryForRoles(_user, auth, this.type, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); + const authQuery = queryForRoles(_user, this.context.Tweet.auth, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); const finalQuery = {...baseQuery, ...authQuery}; return this.context.Tweet.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } @@ -56,7 +95,7 @@ export default class User { _id: { $in: user.followingIds || [] }, createdAt: { $gt: lastCreatedAt }, }; - const authQuery = queryForRoles(_user, auth, this.context.User.type, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); + const authQuery = queryForRoles(_user, this.auth, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); const finalQuery = {...baseQuery, ...authQuery}; return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } @@ -66,7 +105,7 @@ export default class User { followingIds: user._id, createdAt: { $gt: lastCreatedAt }, }; - const authQuery = queryForRoles(_user, auth, this.context.User.type, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); + const authQuery = queryForRoles(_user, this.auth, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); const finalQuery = {...baseQuery, ...authQuery}; return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } @@ -87,7 +126,7 @@ export default class User { updatedById: (_user && _user._id) ? _user._id : 'unknown', }); - const authQuery = queryForRoles(_user, auth, this.type, 'create', { User: this.context.User }, {_id: '', ...docToInsert}, resolver); + const authQuery = queryForRoles(_user, this.auth, 'create', { User: this.context.User }, {_id: '', ...docToInsert}, resolver); const id = (await this.collection.insertOne(docToInsert)).insertedId; if (id){ @@ -110,7 +149,7 @@ export default class User { })}; const baseQuery = {_id: id}; - const authQuery = queryForRoles(_user, auth, this.type, 'update', { User: this.context.User }, {...docBefore, ...docToUpdate}, resolver); + const authQuery = queryForRoles(_user, this.auth, 'update', { User: this.context.User }, {...docBefore, ...docToUpdate}, resolver); const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.updateOne(finalQuery, docToUpdate); @@ -131,7 +170,7 @@ export default class User { // must get the record first, to capture all authorization relevant fields const docBefore = await this.getOneById(id, _user, 'getOneById in removeById for docBefore'); const baseQuery = {_id: id}; - const authQuery = queryForRoles(_user, auth, this.type, 'delete', { User: this.context.User }, {...docBefore}, resolver); + const authQuery = queryForRoles(_user, this.auth, 'delete', { User: this.context.User }, {...docBefore}, resolver); const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.remove(finalQuery); diff --git a/test/output-app/authorizations/helpers.js b/test/output-app/server/authorize.js similarity index 81% rename from test/output-app/authorizations/helpers.js rename to test/output-app/server/authorize.js index 3b6cc78..a1f5d44 100644 --- a/test/output-app/authorizations/helpers.js +++ b/test/output-app/server/authorize.js @@ -23,31 +23,31 @@ export function loggedIn(user) { } // creates an authQuery object with additional query arguments, to implement authorization restrictions for mongodb access -export function queryForRoles(user = {}, auth = {}, type = '', mode = '', { User }, doc = {}, resolver = '') { +export function queryForRoles(user = {}, auth = {}, mode = '', { User }, doc = {}, resolver = '') { // Build query for the case: The logged in user's role is authorized - if (roleAuthorizedForDoc(user, auth, type, mode, { User }, doc, resolver)) { + if (roleAuthorizedForDoc(user, auth, mode, { User }, doc, resolver)) { return {}; // empty authQuery means, do operation with no access restrictions } // Build query for the case: The user is listed in any document field const query = { $or: [] }; - if (userAuthorizedForDoc(user, auth, type, mode, { User }, doc, resolver)){ - const docRoles = auth[type].docRoles[mode] || []; + if (userAuthorizedForDoc(user, auth, mode, { User }, doc, resolver)){ + const docRoles = auth.docRoles[mode] || []; docRoles.forEach(docRole => query.$or.push( { [docRole]: user._id } ) ); log.debug('authQuery:', JSON.stringify(query, null, 2)); return query; } // Not Authorized - throw new Error(`Authorization: Not authorized to ${mode} ${type} ${doc._id ? doc._id : ''}.`); + throw new Error(`Authorization: Not authorized to ${mode} ${auth.type} ${doc._id ? doc._id : ''}.`); } // returns true, if the user's role is authorized for a document -export function roleAuthorizedForDoc(user = {}, auth = {}, type = '', mode = '', { User }, doc = {}, resolver = ''){ - const userRoles = auth[type].userRoles[mode] || []; +export function roleAuthorizedForDoc(user = {}, auth = {}, mode = '', { User }, doc = {}, resolver = ''){ + const userRoles = auth.userRoles[mode] || []; const role = User.authRole(user); - const fields = auth[type].fields || []; + const fields = auth.fields || []; if ( userRoles.includes('world') || role && role !== '' && role !== '' && userRoles.length > 0 && userRoles.includes(role) ) { let fieldsAuthorized = true; @@ -66,7 +66,7 @@ export function roleAuthorizedForDoc(user = {}, auth = {}, type = '', mode = '', // only if all fields of the document are allowed for the role if (fieldsAuthorized){ - log.debug(`${resolver} ${mode} with user ${user.username ? user.username : ''} for ${type} and ${doc._id ? doc._id : ''}`); + log.debug(`${resolver} ${mode} with user ${user.username ? user.username : ''} for ${auth.type} and ${doc._id ? doc._id : ''}`); return true; } @@ -76,9 +76,9 @@ export function roleAuthorizedForDoc(user = {}, auth = {}, type = '', mode = '', } // returns true, if the user is authorized by a document role -export function userAuthorizedForDoc(user = {}, auth = {}, type = '', mode = '', { User }, doc = {}, resolver = ''){ - const docRoles = auth[type].docRoles[mode] || []; - const fields = auth[type].fields || []; +export function userAuthorizedForDoc(user = {}, auth = {}, mode = '', { User }, doc = {}, resolver = ''){ + const docRoles = auth.docRoles[mode] || []; + const fields = auth.fields || []; let userId; let authorized = false; @@ -111,7 +111,7 @@ export function userAuthorizedForDoc(user = {}, auth = {}, type = '', mode = '', // only if the same role is authorized for the document and all fields, it is allowed if (fieldsAuthorized){ - log.debug(`${resolver} ${mode} with user ${(user.username) ? user.username : ''} for ${type} and docRole ${docRole} for doc with id: ${doc._id ? doc._id : ''}`); + log.debug(`${resolver} ${mode} with user ${(user.username) ? user.username : ''} for ${auth.type} and docRole ${docRole} for doc with id: ${doc._id ? doc._id : ''}`); authorized = true; return true; } diff --git a/yarn.lock b/yarn.lock index e3480bb..830cd5d 100644 --- a/yarn.lock +++ b/yarn.lock @@ -16,9 +16,9 @@ acorn@^3.0.4: version "3.3.0" resolved "https://registry.yarnpkg.com/acorn/-/acorn-3.3.0.tgz#45e37fb39e8da3f25baee3ff5369e2bb5f22017a" -acorn@^4.0.1: - version "4.0.3" - resolved "https://registry.yarnpkg.com/acorn/-/acorn-4.0.3.tgz#1a3e850b428e73ba6b09d1cc527f5aaad4d03ef1" +acorn@^5.0.1: + version "5.0.3" + resolved "https://registry.yarnpkg.com/acorn/-/acorn-5.0.3.tgz#c460df08491463f028ccb82eab3730bf01087b3d" ajv-keywords@^1.0.0: version "1.1.1" @@ -31,9 +31,9 @@ ajv@^4.7.0: co "^4.6.0" json-stable-stringify "^1.0.1" -ansi-escapes@^1.1.0: - version "1.4.0" - resolved "https://registry.yarnpkg.com/ansi-escapes/-/ansi-escapes-1.4.0.tgz#d3a8a83b319aa67793662b13e761c7911422306e" +ansi-escapes@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/ansi-escapes/-/ansi-escapes-2.0.0.tgz#5bae52be424878dd9783e8910e3fc2922e83c81b" ansi-regex@^2.0.0: version "2.0.0" @@ -778,7 +778,7 @@ babel-template@^6.14.0, babel-template@^6.15.0, babel-template@^6.16.0, babel-te babylon "^6.11.0" lodash "^4.2.0" -babel-traverse@^6.16.0, babel-traverse@^6.18.0: +babel-traverse@^6.16.0: version "6.18.0" resolved "https://registry.yarnpkg.com/babel-traverse/-/babel-traverse-6.18.0.tgz#5aeaa980baed2a07c8c47329cd90c3b90c80f05e" dependencies: @@ -792,7 +792,7 @@ babel-traverse@^6.16.0, babel-traverse@^6.18.0: invariant "^2.2.0" lodash "^4.2.0" -babel-traverse@^6.23.1: +babel-traverse@^6.18.0, babel-traverse@^6.23.1: version "6.24.1" resolved "https://registry.yarnpkg.com/babel-traverse/-/babel-traverse-6.24.1.tgz#ab36673fd356f9a0948659e7b338d5feadb31695" dependencies: @@ -806,20 +806,20 @@ babel-traverse@^6.23.1: invariant "^2.2.0" lodash "^4.2.0" -babel-types@^6.13.0, babel-types@^6.16.0, babel-types@^6.18.0, babel-types@^6.8.0, babel-types@^6.9.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-types/-/babel-types-6.18.0.tgz#1f7d5a73474c59eb9151b2417bbff4e4fce7c3f8" +babel-types@^6.13.0, babel-types@^6.18.0, babel-types@^6.23.0, babel-types@^6.24.1, babel-types@^6.8.0, babel-types@^6.9.0: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-types/-/babel-types-6.24.1.tgz#a136879dc15b3606bda0d90c1fc74304c2ff0975" dependencies: - babel-runtime "^6.9.1" + babel-runtime "^6.22.0" esutils "^2.0.2" lodash "^4.2.0" to-fast-properties "^1.0.1" -babel-types@^6.23.0, babel-types@^6.24.1: - version "6.24.1" - resolved "https://registry.yarnpkg.com/babel-types/-/babel-types-6.24.1.tgz#a136879dc15b3606bda0d90c1fc74304c2ff0975" +babel-types@^6.16.0: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-types/-/babel-types-6.18.0.tgz#1f7d5a73474c59eb9151b2417bbff4e4fce7c3f8" dependencies: - babel-runtime "^6.22.0" + babel-runtime "^6.9.1" esutils "^2.0.2" lodash "^4.2.0" to-fast-properties "^1.0.1" @@ -836,6 +836,10 @@ balanced-match@^0.4.1: version "0.4.2" resolved "https://registry.yarnpkg.com/balanced-match/-/balanced-match-0.4.2.tgz#cb3f3e3c732dc0f01ee70b403f302e61d7709838" +balanced-match@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/balanced-match/-/balanced-match-1.0.0.tgz#89b4d199ab2bee49de164ea02b89ce462d71b767" + bcrypt-pbkdf@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.0.tgz#3ca76b85241c7170bf7d9703e7b9aa74630040d4" @@ -880,6 +884,13 @@ brace-expansion@^1.0.0: balanced-match "^0.4.1" concat-map "0.0.1" +brace-expansion@^1.1.7: + version "1.1.8" + resolved "https://registry.yarnpkg.com/brace-expansion/-/brace-expansion-1.1.8.tgz#c07b211c7c952ec1f8efd51a77ef0d1d3990a292" + dependencies: + balanced-match "^1.0.0" + concat-map "0.0.1" + braces@^1.8.2: version "1.8.5" resolved "https://registry.yarnpkg.com/braces/-/braces-1.8.5.tgz#ba77962e12dff969d6b76711e914b737857bf6a7" @@ -982,11 +993,11 @@ circular-json@^0.3.0: version "0.3.1" resolved "https://registry.yarnpkg.com/circular-json/-/circular-json-0.3.1.tgz#be8b36aefccde8b3ca7aa2d6afc07a37242c0d2d" -cli-cursor@^1.0.1: - version "1.0.2" - resolved "https://registry.yarnpkg.com/cli-cursor/-/cli-cursor-1.0.2.tgz#64da3f7d56a54412e59794bd62dc35295e8f2987" +cli-cursor@^2.1.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/cli-cursor/-/cli-cursor-2.1.0.tgz#b35dac376479facc3e94747d41d0d0f5238ffcb5" dependencies: - restore-cursor "^1.0.1" + restore-cursor "^2.0.0" cli-width@^2.0.0: version "2.1.0" @@ -1016,13 +1027,13 @@ concat-map@0.0.1: version "0.0.1" resolved "https://registry.yarnpkg.com/concat-map/-/concat-map-0.0.1.tgz#d8a96bd77fd68df7793a73036a3ba0d5405d477b" -concat-stream@^1.4.6: - version "1.5.2" - resolved "https://registry.yarnpkg.com/concat-stream/-/concat-stream-1.5.2.tgz#708978624d856af41a5a741defdd261da752c266" +concat-stream@^1.6.0: + version "1.6.0" + resolved "https://registry.yarnpkg.com/concat-stream/-/concat-stream-1.6.0.tgz#0aac662fd52be78964d5532f694784e70110acf7" dependencies: - inherits "~2.0.1" - readable-stream "~2.0.0" - typedarray "~0.0.5" + inherits "^2.0.3" + readable-stream "^2.2.2" + typedarray "^0.0.6" console-control-strings@^1.0.0, console-control-strings@~1.1.0: version "1.1.0" @@ -1097,6 +1108,12 @@ debug@^2.1.1, debug@^2.2.0: dependencies: ms "0.7.2" +debug@^2.6.8: + version "2.6.8" + resolved "https://registry.yarnpkg.com/debug/-/debug-2.6.8.tgz#e731531ca2ede27d188222427da17821d68ff4fc" + dependencies: + ms "2.0.0" + decamelize@^1.1.2: version "1.2.0" resolved "https://registry.yarnpkg.com/decamelize/-/decamelize-1.2.0.tgz#f6534d15148269b20352e7bee26f501f9a191290" @@ -1153,20 +1170,24 @@ diff@^2.2.1: version "2.2.3" resolved "https://registry.yarnpkg.com/diff/-/diff-2.2.3.tgz#60eafd0d28ee906e4e8ff0a52c1229521033bf99" -doctrine@1.3.x: +doctrine@1.3.x, doctrine@^1.2.2: version "1.3.0" resolved "https://registry.yarnpkg.com/doctrine/-/doctrine-1.3.0.tgz#13e75682b55518424276f7c173783456ef913d26" dependencies: esutils "^2.0.2" isarray "^1.0.0" -doctrine@^1.2.2: - version "1.5.0" - resolved "https://registry.yarnpkg.com/doctrine/-/doctrine-1.5.0.tgz#379dce730f6166f76cefa4e6707a159b02c5a6fa" +doctrine@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/doctrine/-/doctrine-2.0.0.tgz#c73d8d2909d22291e1a007a395804da8b665fe63" dependencies: esutils "^2.0.2" isarray "^1.0.0" +dom-walk@^0.1.0: + version "0.1.1" + resolved "https://registry.yarnpkg.com/dom-walk/-/dom-walk-0.1.1.tgz#672226dc74c8f799ad35307df936aba11acd6018" + ecc-jsbn@~0.1.1: version "0.1.1" resolved "https://registry.yarnpkg.com/ecc-jsbn/-/ecc-jsbn-0.1.1.tgz#0fc73a9ed5f0d53c38193398523ef7e543777505" @@ -1185,7 +1206,7 @@ error-ex@^1.2.0: dependencies: is-arrayish "^0.2.1" -es5-ext@^0.10.7, es5-ext@^0.10.8, es5-ext@~0.10.11, es5-ext@~0.10.2, es5-ext@~0.10.7: +es5-ext@^0.10.7, es5-ext@~0.10.11, es5-ext@~0.10.2, es5-ext@~0.10.7: version "0.10.12" resolved "https://registry.yarnpkg.com/es5-ext/-/es5-ext-0.10.12.tgz#aa84641d4db76b62abba5e45fd805ecbab140047" dependencies: @@ -1228,28 +1249,10 @@ es6-symbol@3, es6-symbol@~3.1, es6-symbol@~3.1.0: d "~0.1.1" es5-ext "~0.10.11" -es6-weak-map@^2.0.1: - version "2.0.1" - resolved "https://registry.yarnpkg.com/es6-weak-map/-/es6-weak-map-2.0.1.tgz#0d2bbd8827eb5fb4ba8f97fbfea50d43db21ea81" - dependencies: - d "^0.1.1" - es5-ext "^0.10.8" - es6-iterator "2" - es6-symbol "3" - escape-string-regexp@1.0.5, escape-string-regexp@^1.0.2, escape-string-regexp@^1.0.5: version "1.0.5" resolved "https://registry.yarnpkg.com/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz#1b61c0562190a8dff6ae3bb2cf0200ca130b86d4" -escope@^3.6.0: - version "3.6.0" - resolved "https://registry.yarnpkg.com/escope/-/escope-3.6.0.tgz#e01975e812781a163a6dadfdd80398dc64c889c3" - dependencies: - es6-map "^0.1.3" - es6-weak-map "^2.0.1" - esrecurse "^4.1.0" - estraverse "^4.1.1" - eslint-config-airbnb-base@^8.0.0: version "8.0.0" resolved "https://registry.yarnpkg.com/eslint-config-airbnb-base/-/eslint-config-airbnb-base-8.0.0.tgz#c5e958a469ab8af76aff068b43d784e5afe74ca7" @@ -1308,59 +1311,67 @@ eslint-plugin-react@6.4.1: doctrine "^1.2.2" jsx-ast-utils "^1.3.1" -eslint@3.8.1: - version "3.8.1" - resolved "https://registry.yarnpkg.com/eslint/-/eslint-3.8.1.tgz#7d02db44cd5aaf4fa7aa489e1f083baa454342ba" +eslint-scope@^3.7.1: + version "3.7.1" + resolved "https://registry.yarnpkg.com/eslint-scope/-/eslint-scope-3.7.1.tgz#3d63c3edfda02e06e01a452ad88caacc7cdcb6e8" + dependencies: + esrecurse "^4.1.0" + estraverse "^4.1.1" + +eslint@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/eslint/-/eslint-4.0.0.tgz#7277c01437fdf41dccd168d5aa0e49b75ca1f260" dependencies: + babel-code-frame "^6.22.0" chalk "^1.1.3" - concat-stream "^1.4.6" - debug "^2.1.1" - doctrine "^1.2.2" - escope "^3.6.0" - espree "^3.3.1" + concat-stream "^1.6.0" + debug "^2.6.8" + doctrine "^2.0.0" + eslint-scope "^3.7.1" + espree "^3.4.3" + esquery "^1.0.0" estraverse "^4.2.0" esutils "^2.0.2" file-entry-cache "^2.0.0" - glob "^7.0.3" - globals "^9.2.0" - ignore "^3.1.5" + glob "^7.1.2" + globals "^9.17.0" + ignore "^3.3.3" imurmurhash "^0.1.4" - inquirer "^0.12.0" - is-my-json-valid "^2.10.0" + inquirer "^3.0.6" + is-my-json-valid "^2.16.0" is-resolvable "^1.0.0" - js-yaml "^3.5.1" - json-stable-stringify "^1.0.0" + js-yaml "^3.8.4" + json-stable-stringify "^1.0.1" levn "^0.3.0" - lodash "^4.0.0" - mkdirp "^0.5.0" + lodash "^4.17.4" + mkdirp "^0.5.1" natural-compare "^1.4.0" optionator "^0.8.2" - path-is-inside "^1.0.1" - pluralize "^1.2.1" - progress "^1.1.8" - require-uncached "^1.0.2" - shelljs "^0.6.0" - strip-bom "^3.0.0" - strip-json-comments "~1.0.1" - table "^3.7.8" + path-is-inside "^1.0.2" + pluralize "^4.0.0" + progress "^2.0.0" + require-uncached "^1.0.3" + strip-json-comments "~2.0.1" + table "^4.0.1" text-table "~0.2.0" - user-home "^2.0.0" -espree@^3.3.1: - version "3.3.2" - resolved "https://registry.yarnpkg.com/espree/-/espree-3.3.2.tgz#dbf3fadeb4ecb4d4778303e50103b3d36c88b89c" +espree@^3.4.3: + version "3.4.3" + resolved "https://registry.yarnpkg.com/espree/-/espree-3.4.3.tgz#2910b5ccd49ce893c2ffffaab4fd8b3a31b82374" dependencies: - acorn "^4.0.1" + acorn "^5.0.1" acorn-jsx "^3.0.0" -esprima@^2.6.0: - version "2.7.3" - resolved "https://registry.yarnpkg.com/esprima/-/esprima-2.7.3.tgz#96e3b70d5779f6ad49cd032673d1c312767ba581" - -esprima@~3.1.0: +esprima@^3.1.1, esprima@~3.1.0: version "3.1.2" resolved "https://registry.yarnpkg.com/esprima/-/esprima-3.1.2.tgz#954b5d19321ca436092fa90f06d6798531fe8184" +esquery@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/esquery/-/esquery-1.0.0.tgz#cfba8b57d7fba93f17298a8a006a04cda13d80fa" + dependencies: + estraverse "^4.0.0" + esrecurse@^4.1.0: version "4.1.0" resolved "https://registry.yarnpkg.com/esrecurse/-/esrecurse-4.1.0.tgz#4713b6536adf7f2ac4f327d559e7756bff648220" @@ -1368,7 +1379,7 @@ esrecurse@^4.1.0: estraverse "~4.1.0" object-assign "^4.0.1" -estraverse@^4.1.1, estraverse@^4.2.0: +estraverse@^4.0.0, estraverse@^4.1.1, estraverse@^4.2.0: version "4.2.0" resolved "https://registry.yarnpkg.com/estraverse/-/estraverse-4.2.0.tgz#0dee3fed31fcd469618ce7342099fc1afa0bdb13" @@ -1387,10 +1398,6 @@ event-emitter@~0.3.4: d "~0.1.1" es5-ext "~0.10.7" -exit-hook@^1.0.0: - version "1.1.1" - resolved "https://registry.yarnpkg.com/exit-hook/-/exit-hook-1.1.1.tgz#f05ca233b48c05d54fff07765df8507e95c02ff8" - expand-brackets@^0.1.4: version "0.1.5" resolved "https://registry.yarnpkg.com/expand-brackets/-/expand-brackets-0.1.5.tgz#df07284e342a807cd733ac5af72411e581d1177b" @@ -1407,6 +1414,14 @@ extend@~3.0.0: version "3.0.0" resolved "https://registry.yarnpkg.com/extend/-/extend-3.0.0.tgz#5a474353b9f3353ddd8176dfd37b91c83a46f1d4" +external-editor@^2.0.4: + version "2.0.4" + resolved "https://registry.yarnpkg.com/external-editor/-/external-editor-2.0.4.tgz#1ed9199da9cbfe2ef2f7a31b2fde8b0d12368972" + dependencies: + iconv-lite "^0.4.17" + jschardet "^1.4.2" + tmp "^0.0.31" + extglob@^0.3.1: version "0.3.2" resolved "https://registry.yarnpkg.com/extglob/-/extglob-0.3.2.tgz#2e18ff3d2f49ab2765cec9023f011daa8d8349a1" @@ -1421,12 +1436,11 @@ fast-levenshtein@~2.0.4: version "2.0.5" resolved "https://registry.yarnpkg.com/fast-levenshtein/-/fast-levenshtein-2.0.5.tgz#bd33145744519ab1c36c3ee9f31f08e9079b67f2" -figures@^1.3.5: - version "1.7.0" - resolved "https://registry.yarnpkg.com/figures/-/figures-1.7.0.tgz#cbe1e3affcf1cd44b80cadfed28dc793a9701d2e" +figures@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/figures/-/figures-2.0.0.tgz#3ab1a2d2a62c8bfb431a0c94cb797a2fce27c962" dependencies: escape-string-regexp "^1.0.5" - object-assign "^4.1.0" file-entry-cache@^2.0.0: version "2.0.0" @@ -1611,10 +1625,32 @@ glob@^7.0.3, glob@^7.0.5: once "^1.3.0" path-is-absolute "^1.0.0" -globals@^9.0.0, globals@^9.2.0: +glob@^7.1.2: + version "7.1.2" + resolved "https://registry.yarnpkg.com/glob/-/glob-7.1.2.tgz#c19c9df9a028702d678612384a6552404c636d15" + dependencies: + fs.realpath "^1.0.0" + inflight "^1.0.4" + inherits "2" + minimatch "^3.0.4" + once "^1.3.0" + path-is-absolute "^1.0.0" + +global@^4.3.2: + version "4.3.2" + resolved "https://registry.yarnpkg.com/global/-/global-4.3.2.tgz#e76989268a6c74c38908b1305b10fc0e394e9d0f" + dependencies: + min-document "^2.19.0" + process "~0.5.1" + +globals@^9.0.0: version "9.13.0" resolved "https://registry.yarnpkg.com/globals/-/globals-9.13.0.tgz#d97706b61600d8dbe94708c367d3fdcf48470b8f" +globals@^9.17.0: + version "9.18.0" + resolved "https://registry.yarnpkg.com/globals/-/globals-9.18.0.tgz#aa3896b3e69b487f17e31ed2143d69a8e30c2d8a" + globby@^5.0.0: version "5.0.0" resolved "https://registry.yarnpkg.com/globby/-/globby-5.0.0.tgz#ebd84667ca0dbb330b99bcfc68eac2bc54370e0d" @@ -1709,13 +1745,17 @@ http-signature@~1.1.0: jsprim "^1.2.2" sshpk "^1.7.0" +iconv-lite@^0.4.17: + version "0.4.18" + resolved "https://registry.yarnpkg.com/iconv-lite/-/iconv-lite-0.4.18.tgz#23d8656b16aae6742ac29732ea8f0336a4789cf2" + iconv-lite@~0.4.13: version "0.4.15" resolved "https://registry.yarnpkg.com/iconv-lite/-/iconv-lite-0.4.15.tgz#fe265a218ac6a57cfe854927e9d04c19825eddeb" -ignore@^3.1.5: - version "3.2.0" - resolved "https://registry.yarnpkg.com/ignore/-/ignore-3.2.0.tgz#8d88f03c3002a0ac52114db25d2c673b0bf1e435" +ignore@^3.3.3: + version "3.3.3" + resolved "https://registry.yarnpkg.com/ignore/-/ignore-3.3.3.tgz#432352e57accd87ab3110e82d3fea0e47812156d" imurmurhash@^0.1.4: version "0.1.4" @@ -1734,7 +1774,7 @@ inflight@^1.0.4: once "^1.3.0" wrappy "1" -inherits@2, inherits@^2.0.1, inherits@~2.0.0, inherits@~2.0.1: +inherits@2, inherits@^2.0.1, inherits@^2.0.3, inherits@~2.0.0, inherits@~2.0.1: version "2.0.3" resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.3.tgz#633c2c83e3da42a502f52466022480f4208261de" @@ -1742,21 +1782,22 @@ ini@~1.3.0: version "1.3.4" resolved "https://registry.yarnpkg.com/ini/-/ini-1.3.4.tgz#0537cb79daf59b59a1a517dff706c86ec039162e" -inquirer@^0.12.0: - version "0.12.0" - resolved "https://registry.yarnpkg.com/inquirer/-/inquirer-0.12.0.tgz#1ef2bfd63504df0bc75785fff8c2c41df12f077e" +inquirer@^3.0.6: + version "3.1.0" + resolved "https://registry.yarnpkg.com/inquirer/-/inquirer-3.1.0.tgz#e05400d48b94937c2d3caa7038663ba9189aab01" dependencies: - ansi-escapes "^1.1.0" - ansi-regex "^2.0.0" + ansi-escapes "^2.0.0" chalk "^1.0.0" - cli-cursor "^1.0.1" + cli-cursor "^2.1.0" cli-width "^2.0.0" - figures "^1.3.5" + external-editor "^2.0.4" + figures "^2.0.0" lodash "^4.3.0" - readline2 "^1.0.1" - run-async "^0.1.0" - rx-lite "^3.1.2" - string-width "^1.0.1" + mute-stream "0.0.7" + run-async "^2.2.0" + rx-lite "^4.0.8" + rx-lite-aggregates "^4.0.8" + string-width "^2.0.0" strip-ansi "^3.0.0" through "^2.3.6" @@ -1826,7 +1867,7 @@ is-glob@^2.0.0, is-glob@^2.0.1: dependencies: is-extglob "^1.0.0" -is-my-json-valid@^2.10.0, is-my-json-valid@^2.12.4: +is-my-json-valid@^2.12.4: version "2.15.0" resolved "https://registry.yarnpkg.com/is-my-json-valid/-/is-my-json-valid-2.15.0.tgz#936edda3ca3c211fd98f3b2d3e08da43f7b2915b" dependencies: @@ -1835,6 +1876,15 @@ is-my-json-valid@^2.10.0, is-my-json-valid@^2.12.4: jsonpointer "^4.0.0" xtend "^4.0.0" +is-my-json-valid@^2.16.0: + version "2.16.0" + resolved "https://registry.yarnpkg.com/is-my-json-valid/-/is-my-json-valid-2.16.0.tgz#f079dd9bfdae65ee2038aae8acbc86ab109e3693" + dependencies: + generate-function "^2.0.0" + generate-object-property "^1.1.0" + jsonpointer "^4.0.0" + xtend "^4.0.0" + is-number@^2.0.2, is-number@^2.1.0: version "2.1.0" resolved "https://registry.yarnpkg.com/is-number/-/is-number-2.1.0.tgz#01fcbbb393463a548f2f466cce16dece49db908f" @@ -1865,6 +1915,10 @@ is-primitive@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/is-primitive/-/is-primitive-2.0.0.tgz#207bab91638499c07b2adf240a41a87210034575" +is-promise@^2.1.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/is-promise/-/is-promise-2.1.0.tgz#79a2a9ece7f096e80f36d2b2f3bc16c1ff4bf3fa" + is-property@^1.0.0: version "1.0.2" resolved "https://registry.yarnpkg.com/is-property/-/is-property-1.0.2.tgz#57fe1c4e48474edd65b09911f26b1cd4095dda84" @@ -1919,17 +1973,21 @@ js-tokens@^3.0.0: version "3.0.1" resolved "https://registry.yarnpkg.com/js-tokens/-/js-tokens-3.0.1.tgz#08e9f132484a2c45a30907e9dc4d5567b7f114d7" -js-yaml@^3.5.1: - version "3.7.0" - resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-3.7.0.tgz#5c967ddd837a9bfdca5f2de84253abe8a1c03b80" +js-yaml@^3.8.4: + version "3.8.4" + resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-3.8.4.tgz#520b4564f86573ba96662af85a8cafa7b4b5a6f6" dependencies: argparse "^1.0.7" - esprima "^2.6.0" + esprima "^3.1.1" jsbn@~0.1.0: version "0.1.0" resolved "https://registry.yarnpkg.com/jsbn/-/jsbn-0.1.0.tgz#650987da0dd74f4ebf5a11377a2aa2d273e97dfd" +jschardet@^1.4.2: + version "1.4.2" + resolved "https://registry.yarnpkg.com/jschardet/-/jschardet-1.4.2.tgz#2aa107f142af4121d145659d44f50830961e699a" + jsesc@^1.3.0: version "1.3.0" resolved "https://registry.yarnpkg.com/jsesc/-/jsesc-1.3.0.tgz#46c3fec8c1892b12b0833db9bc7622176dbab34b" @@ -1942,7 +2000,7 @@ json-schema@0.2.3: version "0.2.3" resolved "https://registry.yarnpkg.com/json-schema/-/json-schema-0.2.3.tgz#b480c892e59a2f05954ce727bd3f2a4e882f9e13" -json-stable-stringify@^1.0.0, json-stable-stringify@^1.0.1: +json-stable-stringify@^1.0.1: version "1.0.1" resolved "https://registry.yarnpkg.com/json-stable-stringify/-/json-stable-stringify-1.0.1.tgz#9a759d39c5f2ff503fd5300646ed445f88c4f9af" dependencies: @@ -2081,7 +2139,11 @@ lodash.merge@^4.6.0: version "4.6.0" resolved "https://registry.yarnpkg.com/lodash.merge/-/lodash.merge-4.6.0.tgz#69884ba144ac33fe699737a6086deffadd0f89c5" -lodash@^4.0.0, lodash@^4.2.0, lodash@^4.3.0: +lodash@^4.0.0, lodash@^4.17.4: + version "4.17.4" + resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.4.tgz#78203a4d1c328ae1d86dca6460e369b57f4055ae" + +lodash@^4.2.0, lodash@^4.3.0: version "4.16.6" resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.16.6.tgz#d22c9ac660288f3843e16ba7d2b5d06cca27d777" @@ -2159,12 +2221,28 @@ mime-types@^2.1.12, mime-types@~2.1.7: dependencies: mime-db "~1.24.0" +mimic-fn@^1.0.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/mimic-fn/-/mimic-fn-1.1.0.tgz#e667783d92e89dbd342818b5230b9d62a672ad18" + +min-document@^2.19.0: + version "2.19.0" + resolved "https://registry.yarnpkg.com/min-document/-/min-document-2.19.0.tgz#7bd282e3f5842ed295bb748cdd9f1ffa2c824685" + dependencies: + dom-walk "^0.1.0" + "minimatch@2 || 3", minimatch@^3.0.0, minimatch@^3.0.2, minimatch@^3.0.3: version "3.0.3" resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-3.0.3.tgz#2a4e4090b96b2db06a9d7df01055a62a77c9b774" dependencies: brace-expansion "^1.0.0" +minimatch@^3.0.4: + version "3.0.4" + resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-3.0.4.tgz#5166e286457f03306064be5497e8dbb0c3d32083" + dependencies: + brace-expansion "^1.1.7" + minimist, minimist@^1.1.0, minimist@^1.1.3, minimist@^1.2.0: version "1.2.0" resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.0.tgz#a35008b20f41383eec1fb914f4cd5df79a264284" @@ -2173,7 +2251,7 @@ minimist@0.0.8: version "0.0.8" resolved "https://registry.yarnpkg.com/minimist/-/minimist-0.0.8.tgz#857fcabfc3397d2625b8228262e86aa7a011b05d" -mkdirp, mkdirp@0.5.1, "mkdirp@>=0.5 0", mkdirp@^0.5.0, mkdirp@^0.5.1, mkdirp@~0.5.1: +mkdirp, mkdirp@0.5.1, "mkdirp@>=0.5 0", mkdirp@^0.5.1, mkdirp@~0.5.1: version "0.5.1" resolved "https://registry.yarnpkg.com/mkdirp/-/mkdirp-0.5.1.tgz#30057438eac6cf7f8c4767f38648d6697d75c903" dependencies: @@ -2203,9 +2281,13 @@ ms@0.7.2: version "0.7.2" resolved "https://registry.yarnpkg.com/ms/-/ms-0.7.2.tgz#ae25cf2512b3885a1d95d7f037868d8431124765" -mute-stream@0.0.5: - version "0.0.5" - resolved "https://registry.yarnpkg.com/mute-stream/-/mute-stream-0.0.5.tgz#8fbfabb0a98a253d3184331f9e8deb7372fac6c0" +ms@2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/ms/-/ms-2.0.0.tgz#5608aeadfc00be6c2901df5f9861788de0d597c8" + +mute-stream@0.0.7: + version "0.0.7" + resolved "https://registry.yarnpkg.com/mute-stream/-/mute-stream-0.0.7.tgz#3075ce93bc21b8fab43e1bc4da7e8115ed1e7bab" nan@^2.3.0: version "2.4.0" @@ -2299,9 +2381,11 @@ once@~1.3.3: dependencies: wrappy "1" -onetime@^1.0.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/onetime/-/onetime-1.1.0.tgz#a1f7838f8314c516f05ecefcbc4ccfe04b4ed789" +onetime@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/onetime/-/onetime-2.0.1.tgz#067428230fd67443b2794b22bba528b6867962d4" + dependencies: + mimic-fn "^1.0.0" optionator@^0.8.2: version "0.8.2" @@ -2314,11 +2398,7 @@ optionator@^0.8.2: type-check "~0.3.2" wordwrap "~1.0.0" -os-homedir@^1.0.0: - version "1.0.2" - resolved "https://registry.yarnpkg.com/os-homedir/-/os-homedir-1.0.2.tgz#ffbc4988336e0e833de0c168c7ef152121aa7fb3" - -os-tmpdir@^1.0.1: +os-tmpdir@^1.0.1, os-tmpdir@~1.0.1: version "1.0.2" resolved "https://registry.yarnpkg.com/os-tmpdir/-/os-tmpdir-1.0.2.tgz#bbe67406c79aa85c5cfec766fe5734555dfa1274" @@ -2359,7 +2439,7 @@ path-is-absolute@^1.0.0: version "1.0.1" resolved "https://registry.yarnpkg.com/path-is-absolute/-/path-is-absolute-1.0.1.tgz#174b9268735534ffbc7ace6bf53a5a9e1b5c5f5f" -path-is-inside@^1.0.1: +path-is-inside@^1.0.1, path-is-inside@^1.0.2: version "1.0.2" resolved "https://registry.yarnpkg.com/path-is-inside/-/path-is-inside-1.0.2.tgz#365417dede44430d1c11af61027facf074bdfc53" @@ -2397,9 +2477,9 @@ pkg-up@^1.0.0: dependencies: find-up "^1.0.0" -pluralize@^1.2.1: - version "1.2.1" - resolved "https://registry.yarnpkg.com/pluralize/-/pluralize-1.2.1.tgz#d1a21483fd22bb41e58a12fa3421823140897c45" +pluralize@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/pluralize/-/pluralize-4.0.0.tgz#59b708c1c0190a2f692f1c7618c446b052fd1762" prelude-ls@~1.1.2: version "1.1.2" @@ -2417,9 +2497,13 @@ process-nextick-args@~1.0.6: version "1.0.7" resolved "https://registry.yarnpkg.com/process-nextick-args/-/process-nextick-args-1.0.7.tgz#150e20b756590ad3f91093f25a4f2ad8bff30ba3" -progress@^1.1.8: - version "1.1.8" - resolved "https://registry.yarnpkg.com/progress/-/progress-1.1.8.tgz#e260c78f6161cdd9b0e56cc3e0a85de17c7a57be" +process@~0.5.1: + version "0.5.2" + resolved "https://registry.yarnpkg.com/process/-/process-0.5.2.tgz#1638d8a8e34c2f440a91db95ab9aeb677fc185cf" + +progress@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/progress/-/progress-2.0.0.tgz#8a1be366bf8fc23db2bd23f10c6fe920b4389d1f" punycode@^1.4.1: version "1.4.1" @@ -2472,7 +2556,7 @@ read-pkg@^1.0.0: string_decoder "~0.10.x" util-deprecate "~1.0.1" -readable-stream@^2.0.2, readable-stream@~2.0.0: +readable-stream@^2.0.2: version "2.0.6" resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.0.6.tgz#8f90341e68a53ccc928788dacfcd11b36eb9b78e" dependencies: @@ -2483,6 +2567,18 @@ readable-stream@^2.0.2, readable-stream@~2.0.0: string_decoder "~0.10.x" util-deprecate "~1.0.1" +readable-stream@^2.2.2: + version "2.2.11" + resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.2.11.tgz#0796b31f8d7688007ff0b93a8088d34aa17c0f72" + dependencies: + core-util-is "~1.0.0" + inherits "~2.0.1" + isarray "~1.0.0" + process-nextick-args "~1.0.6" + safe-buffer "~5.0.1" + string_decoder "~1.0.0" + util-deprecate "~1.0.1" + readdirp@^2.0.0: version "2.1.0" resolved "https://registry.yarnpkg.com/readdirp/-/readdirp-2.1.0.tgz#4ed0ad060df3073300c48440373f72d1cc642d78" @@ -2492,14 +2588,6 @@ readdirp@^2.0.0: readable-stream "^2.0.2" set-immediate-shim "^1.0.1" -readline2@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/readline2/-/readline2-1.0.1.tgz#41059608ffc154757b715d9989d199ffbf372e35" - dependencies: - code-point-at "^1.0.0" - is-fullwidth-code-point "^1.0.0" - mute-stream "0.0.5" - recast: version "0.11.18" resolved "https://registry.yarnpkg.com/recast/-/recast-0.11.18.tgz#07af6257ca769868815209401d4d60eef1b5b947" @@ -2592,7 +2680,7 @@ request@^2.65.0, request@^2.75.0: tough-cookie "~2.3.0" tunnel-agent "~0.4.1" -require-uncached@^1.0.2: +require-uncached@^1.0.3: version "1.0.3" resolved "https://registry.yarnpkg.com/require-uncached/-/require-uncached-1.0.3.tgz#4e0d56d6c9662fd31e43011c4b95aa49955421d3" dependencies: @@ -2607,12 +2695,12 @@ resolve@^1.1.6: version "1.1.7" resolved "https://registry.yarnpkg.com/resolve/-/resolve-1.1.7.tgz#203114d82ad2c5ed9e8e0411b3932875e889e97b" -restore-cursor@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/restore-cursor/-/restore-cursor-1.0.1.tgz#34661f46886327fed2991479152252df92daa541" +restore-cursor@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/restore-cursor/-/restore-cursor-2.0.0.tgz#9f7ee287f82fd326d4fd162923d62129eee0dfaf" dependencies: - exit-hook "^1.0.0" - onetime "^1.0.0" + onetime "^2.0.0" + signal-exit "^3.0.2" rimraf, rimraf@2, rimraf@^2.2.8, rimraf@^2.5.4, rimraf@~2.5.1, rimraf@~2.5.4: version "2.5.4" @@ -2620,15 +2708,25 @@ rimraf, rimraf@2, rimraf@^2.2.8, rimraf@^2.5.4, rimraf@~2.5.1, rimraf@~2.5.4: dependencies: glob "^7.0.5" -run-async@^0.1.0: - version "0.1.0" - resolved "https://registry.yarnpkg.com/run-async/-/run-async-0.1.0.tgz#c8ad4a5e110661e402a7d21b530e009f25f8e389" +run-async@^2.2.0: + version "2.3.0" + resolved "https://registry.yarnpkg.com/run-async/-/run-async-2.3.0.tgz#0371ab4ae0bdd720d4166d7dfda64ff7a445a6c0" dependencies: - once "^1.3.0" + is-promise "^2.1.0" -rx-lite@^3.1.2: - version "3.1.2" - resolved "https://registry.yarnpkg.com/rx-lite/-/rx-lite-3.1.2.tgz#19ce502ca572665f3b647b10939f97fd1615f102" +rx-lite-aggregates@^4.0.8: + version "4.0.8" + resolved "https://registry.yarnpkg.com/rx-lite-aggregates/-/rx-lite-aggregates-4.0.8.tgz#753b87a89a11c95467c4ac1626c4efc4e05c67be" + dependencies: + rx-lite "*" + +rx-lite@*, rx-lite@^4.0.8: + version "4.0.8" + resolved "https://registry.yarnpkg.com/rx-lite/-/rx-lite-4.0.8.tgz#0b1e11af8bc44836f04a6407e92da42467b79444" + +safe-buffer@~5.0.1: + version "5.0.1" + resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.0.1.tgz#d263ca54696cd8a306b5ca6551e92de57918fbe7" semver-regex@^1.0.0: version "1.0.0" @@ -2660,14 +2758,14 @@ shebang-regex@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/shebang-regex/-/shebang-regex-1.0.0.tgz#da42f49740c0b42db2ca9728571cb190c98efea3" -shelljs@^0.6.0: - version "0.6.1" - resolved "https://registry.yarnpkg.com/shelljs/-/shelljs-0.6.1.tgz#ec6211bed1920442088fe0f70b2837232ed2c8a8" - signal-exit@^3.0.0: version "3.0.1" resolved "https://registry.yarnpkg.com/signal-exit/-/signal-exit-3.0.1.tgz#5a4c884992b63a7acd9badb7894c3ee9cfccad81" +signal-exit@^3.0.2: + version "3.0.2" + resolved "https://registry.yarnpkg.com/signal-exit/-/signal-exit-3.0.2.tgz#b5fdc08f1287ea1178628e415e25132b73646c6d" + slash@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/slash/-/slash-1.0.0.tgz#c41f2f6c39fc16d1cd17ad4b5d896114ae470d55" @@ -2744,6 +2842,12 @@ string_decoder@~0.10.x: version "0.10.31" resolved "https://registry.yarnpkg.com/string_decoder/-/string_decoder-0.10.31.tgz#62e203bc41766c6c28c9fc84301dab1c5310fa94" +string_decoder@~1.0.0: + version "1.0.2" + resolved "https://registry.yarnpkg.com/string_decoder/-/string_decoder-1.0.2.tgz#b29e1f4e1125fa97a10382b8a533737b7491e179" + dependencies: + safe-buffer "~5.0.1" + stringstream@~0.0.4: version "0.0.5" resolved "https://registry.yarnpkg.com/stringstream/-/stringstream-0.0.5.tgz#4e484cd4de5a0bbbee18e46307710a8a81621878" @@ -2760,20 +2864,20 @@ strip-bom@^2.0.0: dependencies: is-utf8 "^0.2.0" -strip-bom@^3.0.0: - version "3.0.0" - resolved "https://registry.yarnpkg.com/strip-bom/-/strip-bom-3.0.0.tgz#2334c18e9c759f7bdd56fdef7e9ae3d588e68ed3" - strip-indent@^1.0.1: version "1.0.1" resolved "https://registry.yarnpkg.com/strip-indent/-/strip-indent-1.0.1.tgz#0c7962a6adefa7bbd4ac366460a638552ae1a0a2" dependencies: get-stdin "^4.0.1" -strip-json-comments@~1.0.1, strip-json-comments@~1.0.4: +strip-json-comments@~1.0.4: version "1.0.4" resolved "https://registry.yarnpkg.com/strip-json-comments/-/strip-json-comments-1.0.4.tgz#1e15fbcac97d3ee99bf2d73b4c656b082bbafb91" +strip-json-comments@~2.0.1: + version "2.0.1" + resolved "https://registry.yarnpkg.com/strip-json-comments/-/strip-json-comments-2.0.1.tgz#3c531942e908c2697c0ec344858c286c7ca0a60a" + supports-color@3.1.2: version "3.1.2" resolved "https://registry.yarnpkg.com/supports-color/-/supports-color-3.1.2.tgz#72a262894d9d408b956ca05ff37b2ed8a6e2a2d5" @@ -2784,9 +2888,9 @@ supports-color@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/supports-color/-/supports-color-2.0.0.tgz#535d045ce6b6363fa40117084629995e9df324c7" -table@^3.7.8: - version "3.8.3" - resolved "https://registry.yarnpkg.com/table/-/table-3.8.3.tgz#2bbc542f0fda9861a755d3947fefd8b3f513855f" +table@^4.0.1: + version "4.0.1" + resolved "https://registry.yarnpkg.com/table/-/table-4.0.1.tgz#a8116c133fac2c61f4a420ab6cdf5c4d61f0e435" dependencies: ajv "^4.7.0" ajv-keywords "^1.0.0" @@ -2824,6 +2928,12 @@ through@^2.3.6: version "2.3.8" resolved "https://registry.yarnpkg.com/through/-/through-2.3.8.tgz#0dd4c9ffaabc357960b1b724115d7e0e86a2e1f5" +tmp@^0.0.31: + version "0.0.31" + resolved "https://registry.yarnpkg.com/tmp/-/tmp-0.0.31.tgz#8f38ab9438e17315e5dbd8b3657e8bfb277ae4a7" + dependencies: + os-tmpdir "~1.0.1" + to-fast-properties@^1.0.1: version "1.0.2" resolved "https://registry.yarnpkg.com/to-fast-properties/-/to-fast-properties-1.0.2.tgz#f3f5c0c3ba7299a7ef99427e44633257ade43320" @@ -2864,7 +2974,7 @@ type-detect@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/type-detect/-/type-detect-1.0.0.tgz#762217cc06db258ec48908a1298e8b95121e8ea2" -typedarray@~0.0.5: +typedarray@^0.0.6: version "0.0.6" resolved "https://registry.yarnpkg.com/typedarray/-/typedarray-0.0.6.tgz#867ac74e3864187b1d3d47d996a78ec5c8830777" @@ -2876,12 +2986,6 @@ user-home@^1.1.1: version "1.1.1" resolved "https://registry.yarnpkg.com/user-home/-/user-home-1.1.1.tgz#2b5be23a32b63a7c9deb8d0f28d485724a3df190" -user-home@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/user-home/-/user-home-2.0.0.tgz#9c70bfd8169bc1dcbf48604e0f04b8b49cde9e9f" - dependencies: - os-homedir "^1.0.0" - util-deprecate@~1.0.1: version "1.0.2" resolved "https://registry.yarnpkg.com/util-deprecate/-/util-deprecate-1.0.2.tgz#450d4dc9fa70de732762fbd2d4a28981419a0ccf" From bd45a2cb269a0fd81ab4ab45ecf64a480f08e829 Mon Sep 17 00:00:00 2001 From: Tobias Klemmer Date: Sun, 9 Jul 2017 21:07:31 +0200 Subject: [PATCH 14/69] easier authorization --- test/get-jwt-tokens-for-tests.sh | 4 + test/input/User.graphql | 2 +- .../scripts/run-end-to-end-tests.sh | 12 + test/output-app/README.md | 435 +- test/output-app/model/Tweet.js | 231 +- test/output-app/model/User.js | 320 +- test/output-app/resolvers/Tweet.js | 6 +- test/output-app/resolvers/User.js | 6 +- test/output-app/server/authenticate.js | 1 + test/output-app/server/authorize.js | 165 +- test/output-app/server/index.js | 6 + test/output-app/server/logger.js | 40 +- .../server/logs/all-logs-readable.log | 16273 ++++++++++++++++ 13 files changed, 16897 insertions(+), 604 deletions(-) create mode 100755 test/get-jwt-tokens-for-tests.sh create mode 100644 test/output-app/server/logs/all-logs-readable.log diff --git a/test/get-jwt-tokens-for-tests.sh b/test/get-jwt-tokens-for-tests.sh new file mode 100755 index 0000000..7ebc09b --- /dev/null +++ b/test/get-jwt-tokens-for-tests.sh @@ -0,0 +1,4 @@ +#!/bin/bash +cd output-app-end-to-end/scripts +babel-node generateJWT.js +cd ../.. diff --git a/test/input/User.graphql b/test/input/User.graphql index 042d616..8b6259a 100644 --- a/test/input/User.graphql +++ b/test/input/User.graphql @@ -6,7 +6,7 @@ type User ) { - role: String! @authRole("admin") @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne", "delete"]) + role: String! @authRole("admin") @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) username: String! diff --git a/test/output-app-end-to-end/scripts/run-end-to-end-tests.sh b/test/output-app-end-to-end/scripts/run-end-to-end-tests.sh index 75abf03..5d2d677 100755 --- a/test/output-app-end-to-end/scripts/run-end-to-end-tests.sh +++ b/test/output-app-end-to-end/scripts/run-end-to-end-tests.sh @@ -7,6 +7,7 @@ echo "checking for server connection" TEST_DIR=$(dirname $(dirname "$0")) SEED_DIR=$(dirname $TEST_DIR)/seeds +LOG_FILE=$(dirname $TEST_DIR)/output-app/server/logs/all-logs-readable.log $MOCHA "$TEST_DIR/index.js" > /dev/null 2> /dev/null if [[ $? -ne 0 ]]; then @@ -27,3 +28,14 @@ mongoimport --drop --host 127.0.0.1:3002 --db database --collection tweet "$SEED echo "running tests" $MOCHA "$TEST_DIR" + +echo "Please consider the log file for debugging $LOG_FILE" +echo "" + +# Test only specific test files... +# $MOCHA "$TEST_DIR/test-1-roles.js" +# $MOCHA "$TEST_DIR/test-2-queries-with-user-role-admin.js" +# $MOCHA "$TEST_DIR/test-3-mutations-with-user-role-admin.js" +# $MOCHA "$TEST_DIR/test-4-mutations-with-unknown-user.js" +# $MOCHA "$TEST_DIR/test-5-mutations-with-user-role-user.js" +# $MOCHA "$TEST_DIR/test-6-mutations-with-user-role-editor.js" diff --git a/test/output-app/README.md b/test/output-app/README.md index 1421631..ee5c74e 100644 --- a/test/output-app/README.md +++ b/test/output-app/README.md @@ -51,7 +51,7 @@ type User ) { - role: String! @authRole("admin") @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne", "delete"]) + role: String! @authRole("admin") @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) username: String! @@ -65,6 +65,7 @@ type User followers: [User!] @hasAndBelongsToMany(as: "following") } ``` + This has the following meaning: * user-role: "admin", is created (user roles don't have own fields of type User or [User] in the document) It is a String field with: **role: String! @authRole("admin")** @@ -76,7 +77,7 @@ This has the following meaning: Here we use also the @authorize directive on field level for the field role: ```javascript ... -role: String! @authRole("admin") @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne", "delete"]) +role: String! @authRole("admin") @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) ... ``` This adds additional authorization checks on the field level just for this field "role". @@ -84,7 +85,7 @@ Every time this field "role" appears in any document, it will be checked, if the In this case it checks: * if the user-role "admin" is the authorized user, then it allows him to create, read, update, delete operations also on the document, if it contains the field "role" -* if the document-role "this" (=owner of the document user._id_ = doc._id_) to do the operations "readOne" and "delete" on the User document, but it doesn't allow him to upgrade/update his own User.role. +* if the document-role "this" (=owner of the document user._id_ = doc._id_) to do the operations "readOne" on the User document, but it doesn't allow him to upgrade/update his own User.role. Use create-graphql-server cli to generate the according schema, resolver, model files with the create-graphql-server command line interface. After its generation, you will find the generated files in the sub folders: schema, resolvers, model folders. The generated model files will use the following functions to implement the authorization logic. @@ -97,20 +98,32 @@ import { queryForRoles, findByIds } from '../server/authorize'; export default class { constructor(context){ ... - this.loader = new DataLoader((ids, authQuery = {}) => findByIds(this.collection, ids, authQuery)); + this.loaders = (_user = {}, resolver = '') => ({ + readOne: new DataLoader(ids => new Promise( async (resolve, reject) => { + try { + const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readOne', { User: this.context.User }, resolver); + const result = await findByIds(this.collection, ids, authQuery); + resolve(result); + } catch (err) { reject(err); } + })), + }); ... } ... -getOneById(id, _user = {}, resolver = 'getOneById') { - const authQuery = queryForRoles(_user, this.auth, 'readOne', { User: this.context.User }, {_id: id}, resolver); - return this.loader.load(id, authQuery); +async getOneById(id, _user = {}, resolver = 'tweet getOneById') { + try { + const result = await this.loaders(_user, resolver).readOne.load(id); + return result; + } catch (err) { log.error(err.message); } } -all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = 'all') { - const baseQuery = { createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, this.auth, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); - const finalQuery = {...baseQuery, ...authQuery}; - return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); +all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = 'tweet all') { + try { + const baseQuery = { createdAt: { $gt: lastCreatedAt } }; + const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readMany', { User: this.context.User }, resolver); + const finalQuery = {...baseQuery, ...authQuery}; + return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + } catch (err){ log.error(err.message); } } ... } @@ -122,49 +135,49 @@ this.auth is generated by the @authorize directive. You can see, the directive a ```javascript import log from '../server/logger'; import DataLoader from 'dataloader'; -import { findByIds, queryForRoles } from '../server/authorize'; +import { findByIds, queryForRoles, fieldContainsUserId } from '../server/authorize'; export default class Tweet { constructor(context) { this.context = context; this.collection = context.db.collection('tweet'); this.pubsub = context.pubsub; - this.loader = new DataLoader((ids, authQuery = {}) => findByIds(this.collection, ids, authQuery)); - this.auth = { - type: 'Tweet', - userRoles: { - create: ['admin'], - read: ['admin', 'world'], - readOne: ['admin', 'world'], - readMany: ['admin', 'world'], - update: ['admin'], - delete: ['admin'], - }, - docRoles: { - create: ['authorId'], - read: ['authorId', 'coauthorsIds'], - readOne: ['authorId', 'coauthorsIds'], - readMany: ['authorId', 'coauthorsIds'], - update: ['authorId', 'coauthorsIds'], - delete: ['authorId'], - }, - } + this.loaders = (_user = {}, resolver = '') => ({ + readOne: new DataLoader(ids => new Promise( async (resolve, reject) => { + try { + const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readOne', { User: this.context.User }, resolver); + const result = await findByIds(this.collection, ids, authQuery); + resolve(result); + } catch (err) { reject(err); } + })), + // readMany: new DataLoader(ids => new Promise( async (resolve, reject) => { + // try { + // const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readMany', { User: this.context.User }, resolver); + // const result = await findByIds(this.collection, ids, authQuery); + // resolve(result); + // } catch (err) { reject(err); } + // })), + }); } - findOneById(id) { - return this.loader.load(id); + async getOneById(id, _user = {}, resolver = 'tweet getOneById') { + try { + const result = await this.loaders(_user, resolver).readOne.load(id); + return result; + } catch (err) { log.error(err.message); } } - getOneById(id, _user = {}, resolver = 'getOneById') { - const authQuery = queryForRoles(_user, this.auth, 'readOne', { User: this.context.User }, {_id: id}, resolver); - return this.loader.load(id, authQuery); + all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = 'tweet all') { + try { + const baseQuery = { createdAt: { $gt: lastCreatedAt } }; + const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readMany', { User: this.context.User }, resolver); + const finalQuery = {...baseQuery, ...authQuery}; + return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + } catch (err){ log.error(err.message); } } - all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = 'all') { - const baseQuery = { createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, this.auth, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); - const finalQuery = {...baseQuery, ...authQuery}; - return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + author(tweet, _user, resolver = 'tweet author') { + return this.context.User.getOneById(tweet.authorId, _user, resolver); } ... } @@ -176,75 +189,68 @@ this.auth is generated by the @authorize directive. Here also with field authori ```javascript import log from '../server/logger'; import DataLoader from 'dataloader'; -import { findByIds, queryForRoles } from '../server/authorize'; +import { findByIds, queryForRoles, fieldContainsUserId } from '../server/authorize'; export default class User { constructor(context) { this.context = context; this.collection = context.db.collection('user'); this.pubsub = context.pubsub; - this.loader = new DataLoader((ids, authQuery = {}) => findByIds(this.collection, ids, authQuery)); - this.auth = { - type: 'User', - userRoles: { - create: ['admin'], - read: ['admin'], - readOne: ['admin'], - readMany: ['admin'], - update: ['admin'], - delete: ['admin'], - }, - docRoles: { - create: [], - read: [], - readOne: ['_id'], // == 'this' - readMany: [], - update: ['_id'], - delete: ['_id'], - }, - fields: [ - { - name: 'role', - userRoles: { - create: ['admin'], - read: ['admin'], - readOne: ['admin'], - readMany: ['admin'], - update: ['admin'], - delete: ['admin'], - }, - docRoles: { - create: [], - read: [], - readOne: ['_id'], // == 'this' - readMany: [], - update: [], - delete: ['_id'], - }, - } - ] - } + this._user = {}; + this.loaders = (_user = {}, resolver = '') => ({ + readOneWithoutAuth: new DataLoader(ids => new Promise( async (resolve, reject) => { + try { + const result = await findByIds(this.collection, ids, {}); + resolve(result); + } catch (err) { reject(err); } + })), + readOne: new DataLoader(ids => new Promise( async (resolve, reject) => { + try { + const authQuery = queryForRoles(_user, ['admin'], ['_id'], 'readOne', { User: this.context.User }, resolver); + const result = await findByIds(this.collection, ids, authQuery); + resolve(result); + } catch (err) { reject(err); } + })), + // readMany: new DataLoader(ids => new Promise( async (resolve, reject) => { + // try { + // const authQuery = queryForRoles(_user, ['admin'], [], 'readMany', { User: this.context.User }, resolver); + // const result = await findByIds(this.collection, ids, authQuery); + // resolve(result); + // } catch (err) { reject(err); } + // })), + }); } authRole(user){ return (user && user.role) ? user.role : ''; } - findOneById(id) { - return this.loader.load(id); + // used from server calls, without authorization checks, NOT for use in resolvers + async findOneById(id, _user = {}, resolver = 'user findOneById') { + try { + const result = await this.loaders(_user, resolver).readOneWithoutAuth.load(id); + return result; + } catch (err) { log.error(err.message); } } - getOneById(id, _user = {}, resolver = 'getOneById') { - const authQuery = queryForRoles(_user, this.auth, 'readOne', { User: this.context.User }, {_id: id}, resolver); - return this.loader.load(id, authQuery); + // used for api calls, with authorization checks, for use in resolvers + async getOneById(id, _user = {}, resolver = 'user getOneById') { + try { + const result = await this.loaders(_user, resolver).readOne.load(id); + return result; + } catch (err) { log.error(err.message); } } - all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = 'all') { - const baseQuery = { createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, this.auth, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); - const finalQuery = {...baseQuery, ...authQuery}; - return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = 'user all') { + try { + const baseQuery = { createdAt: { $gt: lastCreatedAt } }; + const authQuery = queryForRoles(_user, ['admin'], [], 'readMany', { User: this.context.User }, resolver); + const restrictedFields = (Object.keys(authQuery).length === 0) ? {} : { role: 0 }; + const finalQuery = {...baseQuery, ...authQuery}; + return this.collection.find(finalQuery).sort({ createdAt: 1 }).project(restrictedFields).limit(limit).toArray(); + } catch (err) { log.error(err.message); } } + ... } ``` @@ -255,16 +261,14 @@ This is an extended version of [mongo-find-by-ids](https://github.com/tmeasday/m The enhancement is only to provide an additional authQuery object, to extend the query to meet additional authorizations. ```javascript // enhanced version of tmeasday's findByIds plus authQuery handling -export function findByIds(collection, ids = [], authQuery = {}) { +export function findByIds(collection, ids = [], authQuery) { const baseQuery = { _id: { $in: ids } }; const finalQuery = {...baseQuery, ...authQuery}; - return collection.find(finalQuery) - .toArray() - .then((docs) => { - const idMap = {}; - docs.forEach((d) => { idMap[d._id] = d; }); - return ids.map(id => idMap[id]); - }); + return collection.find(finalQuery).toArray().then(docs => { + const idMap = {}; + docs.forEach(d => { idMap[d._id] = d; }); + return ids.map(id => idMap[id]); + }); } ``` @@ -273,32 +277,31 @@ Use function queryForRoles to generate an authQuery object. It expects the following arguments: ```javascript -// creates an authQuery object with additional query arguments, -// to implement authorization restrictions for mongodb access -export function queryForRoles(user = {}, auth = {}, mode = '', { User }, doc = {}, resolver = '') { +// creates an authQuery object with additional query arguments, to implement authorization restrictions for mongodb access +export function queryForRoles(user = {}, userRoles = [], docRoles = [], mode = '', { User }, resolver = '') { // Build query for the case: The logged in user's role is authorized - if (roleAuthorizedForDoc(user, auth, mode, { User }, doc, resolver)) { + if (roleAuthorizedForDoc(user, userRoles, docRoles, mode, { User }, resolver)) { return {}; // empty authQuery means, do operation with no access restrictions } // Build query for the case: The user is listed in any document field const query = { $or: [] }; - if (userAuthorizedForDoc(user, auth, mode, { User }, doc, resolver)){ - const docRoles = auth.docRoles[mode] || []; + if (loggedIn(user)){ docRoles.forEach(docRole => query.$or.push( { [docRole]: user._id } ) ); log.debug('authQuery:', JSON.stringify(query, null, 2)); - return query; + if (query.$or.length > 0) return query; } // Not Authorized - throw new Error(`Authorization: Not authorized to ${mode} ${auth.type} ${doc._id ? doc._id : ''}.`); + throw new Error(`Authorization: Not authorized to ${mode} in ${resolver}.`); } ``` It expects the following arguments with the meanings: * **user:** this is the logged in user object out of the resolver's context -* **auth:** this is the auth object in the model, which was generated by the @authorize directives in the .graphql file +* **userRoles:** an array with userRoles, which was generated by the @authorize directives in the .graphql file +* **docRoles:** an array with docRoles, which was generated by the @authorize directives in the .graphql file * **mode:** this is the current mode of operation: * **create:** insert a record to the database * **read:** read a record or many records from the database @@ -306,7 +309,7 @@ It expects the following arguments with the meanings: * **readMany:** read many records from the the database * **update:** update a record in the database * **delete:** remove a record from the database -* **doc:** the current document to be checked for authorizations +* **User:** User context to access the User model * **resolver:** this is a string with the resolver's name, optional, only for easier debugging ### function roleAuthorizedForDoc @@ -314,117 +317,80 @@ This helper function is used by queryForRoles, and decides, if a user gains the For example: If a user has a field "role" in his user document and it contains the value "admin". So it checks if a user's role is admin, and allows all operations for admins. ```javascript // returns true, if the user's role is authorized for a document -export function roleAuthorizedForDoc(user = {}, auth = {}, mode = '', { User }, doc = {}, resolver = ''){ - const userRoles = auth.userRoles[mode] || []; +export function roleAuthorizedForDoc(user = {}, userRoles = [], docRoles = [], mode = '', { User }, resolver = ''){ const role = User.authRole(user); - const fields = auth.fields || []; if ( userRoles.includes('world') || role && role !== '' && role !== '' && userRoles.length > 0 && userRoles.includes(role) ) { - let fieldsAuthorized = true; - - // check all fields with @authorize directives, if any of them is not allowed for the role - fields.forEach(field => { - // if this field is in the document, - if (doc[field.name]) { - const fieldUserRoles = field.userRoles[mode] || []; - //check if the user role doesn't allow this field - if ( fieldUserRoles.length === 0 || ! ( fieldUserRoles.includes(role) || fieldUserRoles.includes('world') ) ){ - fieldsAuthorized = false; - } - } - }); - - // only if all fields of the document are allowed for the role - if (fieldsAuthorized){ - log.debug(`${resolver} ${mode} with user ${user.username ? user.username : ''} for ${auth.type} and ${doc._id ? doc._id : ''}`); - return true; - } - + log.debug(`${resolver} ${mode} with user ${user.username ? user.username : ''} is authorized`); + return true; } return false; } ``` -### function userAuthorizedForDoc -This helper function is used by queryForRoles, and decides, if a user gains the authorization by its userId in the document role fields. For example if a document of type "Tweet" contains a field named "authorId", it checks if the logged in user's id is included in the field "authorId", if so, he gains control over all operations, which are allowed for the document role "author". It can be also more complicated, if you have an array field "coauthorsIds", which includes all userIds of all coauthors, then it checks, if the user is among the the coauthors, if so, it gains control over all coauthors operations. -```javascript -// returns true, if the user is authorized by a document role -export function userAuthorizedForDoc(user = {}, auth = {}, mode = '', { User }, doc = {}, resolver = ''){ - const docRoles = auth.docRoles[mode] || []; - const fields = auth.fields || []; - let userId; - let authorized = false; - - // document role checks work only with logged in user - if (!loggedIn(user)) return false; - userId = user._id.toString(); - - // check if any docRole leads to an authorization - docRoles.forEach(docRole => { - const docRoleField = doc[docRole]; - let fieldsAuthorized = true; - // check if the field for the docRole check is in the document, if not, it cannot be checked - if (docRoleField){ - // check if user is authorized for doc - if (fieldContainsUserId(docRoleField, userId)){ - - // check if user is authorized for the doc's fields - fields.forEach(field => { - const fieldDocRoles = field.docRoles[mode] || []; - // check if restricted field is in the current document, and if the current docRole is not in the docRole of the field - if (mode !== 'update' && doc[field.name] && !fieldDocRoles.includes(docRole)){ - fieldsAuthorized = false; - } - // check if doc contains a $set object, and this contains any of the fields, - // and if the current docRole is not in the docRole of the field - if (mode === 'update' && doc.$set && doc.$set[field.name] && !fieldDocRoles.includes(docRole)){ - fieldsAuthorized = false; - } - }); - - // only if the same role is authorized for the document and all fields, it is allowed - if (fieldsAuthorized){ - log.debug(`${resolver} ${mode} with user ${(user.username) ? user.username : ''} for ${auth.type} and docRole ${docRole} for doc with id: ${doc._id ? doc._id : ''}`); - authorized = true; - return true; - } - - } - } - }); - - return authorized; -} -``` - ### function fieldContainsUserId -This helper function is used by queryForRoles and checks, if the provided field of types: array, object or string contains the userId. +This helper function is used in the models and checks, if the provided field of types: array, object or string contains the userId. ```javascript // returns true, if a field of type array/object/string contains the userId export function fieldContainsUserId(docRoleField, userId) { - let userIdFound = false; + let found = false; + + // empty userId is not a valid userId + if (userId.toString() === '') return false; + + // handle a simple id field + if (docRoleField.toString() === userId.toString()){ + return true; + } - // handle an array of userIds + // handle an array if (_.isArray(docRoleField)){ - docRoleField.forEach(field => { - if (field.toString() === userId){ - userIdFound = true; - } + docRoleField.every(field => { + if (fieldContainsUserId(field, userId)) { + found = true; + return true; + } }); + if (found) return true; } - // handle a field with one userId, must be an object, if it is an ObjectId('') - if (_.isObject(docRoleField) && docRoleField.toString() === userId){ - userIdFound = true; - } + // handle an object + if (_.isObject(docRoleField)){ + Object.keys(docRoleField).every(field => { - // handle a field with just an userId String - if (_.isString(docRoleField) && docRoleField.toString() === userId){ - userIdFound = true; - } + // handle a field + if (docRoleField[field] && docRoleField[field].toString() === userId.toString()){ + found = true; + return true; + } - return userIdFound; + // handle an array + if (_.isArray(docRoleField[field])){ + docRoleField[field].every(innerField => { + if (fieldContainsUserId(innerField, userId)) { + found = true; + return true; + } + }) + if (found) return true; + } + + // handle an object + if (_.isObject(docRoleField[field])){ + Object.keys(docRoleField[field]).every(innerField => { + if (fieldContainsUserId(docRoleField[field][innerField], userId)) { + found = true; + return true; + } + }); + if (found) return true; + } + + }); + + } + return found; } ``` @@ -436,64 +402,67 @@ In the resolver interfaces, there are different objects: * the context object "_user", contains the current logged in user -if logged in-, which is provided from the server's passport implementation * the last argument in the resolver function is the resolver's name, which is optional and only to enhance the logging in debugging mode by additional information. If you have to analyze authorization outcomes, this helps a lot to figure out, which resolvers authorization rule fired. ```javascript -const resolvers = { - Tweet: { - id(tweet) { - return tweet._id; + const resolvers = { + User: { + id(user) { + return user._id; }, - author(tweet, args, { Tweet, _user }) { - return Tweet.author(tweet, _user, 'author'); + createdBy(user, args, { User, _user }) { + return User.createdBy(user, _user, 'createdBy'); }, - createdBy(tweet, args, { Tweet, _user }) { - return Tweet.createdBy(tweet, _user, 'createdBy'); + updatedBy(user, args, { User, _user }) { + return User.updatedBy(user, _user, 'updatedBy'); }, - updatedBy(tweet, args, { Tweet, _user }) { - return Tweet.updatedBy(tweet, _user, 'updatedBy'); + tweets(user, { minLikes, lastCreatedAt, limit }, { User, _user }) { + return User.tweets(user, { minLikes, lastCreatedAt, limit }, _user, 'tweets'); }, - coauthors(tweet, { lastCreatedAt, limit }, { Tweet, _user }) { - return Tweet.coauthors(tweet, { lastCreatedAt, limit }, _user, 'coauthors'); + liked(user, { lastCreatedAt, limit }, { User, _user }) { + return User.liked(user, { lastCreatedAt, limit }, _user, 'liked'); }, - likers(tweet, { lastCreatedAt, limit }, { Tweet, _user }) { - return Tweet.likers(tweet, { lastCreatedAt, limit }, _user, 'likers'); + following(user, { lastCreatedAt, limit }, { User, _user }) { + return User.following(user, { lastCreatedAt, limit }, _user, 'following'); + }, + + followers(user, { lastCreatedAt, limit }, { User, _user }) { + return User.followers(user, { lastCreatedAt, limit }, _user, 'followers'); }, }, Query: { - tweets(root, { lastCreatedAt, limit }, { Tweet, _user }) { - return Tweet.all({ lastCreatedAt, limit }, _user, 'tweets'); + users(root, { lastCreatedAt, limit }, { User, _user }) { + return User.all({ lastCreatedAt, limit }, _user, 'users'); }, - tweet(root, { id }, { Tweet, _user }) { - return Tweet.getOneById(id, _user, 'tweet'); + user(root, { id }, { User, _user }) { + return User.getOneById(id, _user, 'user'); }, }, Mutation: { - async createTweet(root, { input }, { Tweet, _user }) { - const id = await Tweet.insert(input, _user); - return Tweet.getOneById(id, _user, 'createTweet'); + async createUser(root, { input }, { User, _user }) { + return await User.insert(input, _user); }, - async updateTweet(root, { id, input }, { Tweet, _user }) { - await Tweet.updateById(id, input, _user); - return Tweet.getOneById(id, _user, 'updateTweet'); + async updateUser(root, { id, input }, { User, _user }) { + return await User.updateById(id, input, _user); }, - async removeTweet(root, { id }, { Tweet, _user }) { - return await Tweet.removeById(id, _user, 'removeTweet'); + async removeUser(root, { id }, { User, _user }) { + return await User.removeById(id, _user, 'removeUser'); }, }, Subscription: { - tweetCreated: tweet => tweet, - tweetUpdated: tweet => tweet, - tweetRemoved: id => id, + userCreated: user => user, + userUpdated: user => user, + userRemoved: id => id, }, }; export default resolvers; + ``` ### Testing diff --git a/test/output-app/model/Tweet.js b/test/output-app/model/Tweet.js index 4a3b166..2e936eb 100644 --- a/test/output-app/model/Tweet.js +++ b/test/output-app/model/Tweet.js @@ -1,141 +1,158 @@ import log from '../server/logger'; import DataLoader from 'dataloader'; -import { findByIds, queryForRoles } from '../server/authorize'; +import { findByIds, queryForRoles, fieldContainsUserId } from '../server/authorize'; export default class Tweet { constructor(context) { this.context = context; this.collection = context.db.collection('tweet'); this.pubsub = context.pubsub; - this.loader = new DataLoader((ids, authQuery = {}) => findByIds(this.collection, ids, authQuery)); - this.auth = { - type: 'Tweet', - userRoles: { - create: ['admin'], - read: ['admin', 'world'], - readOne: ['admin', 'world'], - readMany: ['admin', 'world'], - update: ['admin'], - delete: ['admin'], - }, - docRoles: { - create: ['authorId'], - read: ['authorId', 'coauthorsIds'], - readOne: ['authorId', 'coauthorsIds'], - readMany: ['authorId', 'coauthorsIds'], - update: ['authorId', 'coauthorsIds'], - delete: ['authorId'], - }, - } - } - - findOneById(id) { - return this.loader.load(id); + this.loaders = (_user = {}, resolver = '') => ({ + readOne: new DataLoader(ids => new Promise( async (resolve, reject) => { + try { + const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readOne', { User: this.context.User }, resolver); + const result = await findByIds(this.collection, ids, authQuery); + resolve(result); + } catch (err) { reject(err); } + })), + // readMany: new DataLoader(ids => new Promise( async (resolve, reject) => { + // try { + // const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readMany', { User: this.context.User }, resolver); + // const result = await findByIds(this.collection, ids, authQuery); + // resolve(result); + // } catch (err) { reject(err); } + // })), + }); } - getOneById(id, _user = {}, resolver = 'getOneById') { - const authQuery = queryForRoles(_user, this.auth, 'readOne', { User: this.context.User }, {_id: id}, resolver); - return this.loader.load(id, authQuery); + async getOneById(id, _user = {}, resolver = 'tweet getOneById') { + try { + const result = await this.loaders(_user, resolver).readOne.load(id); + return result; + } catch (err) { log.error(err.message); } } - all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = 'all') { - const baseQuery = { createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, this.auth, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); - const finalQuery = {...baseQuery, ...authQuery}; - return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = 'tweet all') { + try { + const baseQuery = { createdAt: { $gt: lastCreatedAt } }; + const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readMany', { User: this.context.User }, resolver); + const finalQuery = {...baseQuery, ...authQuery}; + return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + } catch (err){ log.error(err.message); } } - author(tweet, _user, resolver = 'author') { + author(tweet, _user, resolver = 'tweet author') { return this.context.User.getOneById(tweet.authorId, _user, resolver); } - createdBy(tweet, _user, resolver = 'createdBy') { + createdBy(tweet, _user, resolver = 'tweet createdBy') { return this.context.User.getOneById(tweet.createdById, _user, resolver); } - updatedBy(tweet, _user, resolver = 'updatedBy') { + updatedBy(tweet, _user, resolver = 'tweet updatedBy') { return this.context.User.getOneById(tweet.updatedById, _user, resolver); } - coauthors(tweet, { lastCreatedAt = 0, limit = 10 }, _user, resolver = 'coauthors') { - const baseQuery = {_id: { $in: tweet.coauthorsIds }, createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, this.context.User.auth, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); - const finalQuery = {...baseQuery, ...authQuery}; - return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + coauthors(tweet, { lastCreatedAt = 0, limit = 10 }, _user, resolver = 'tweet coauthors') { + try { + const baseQuery = {_id: { $in: tweet.coauthorsIds }, createdAt: { $gt: lastCreatedAt } }; + const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readMany', { User: this.context.User }, resolver); + const finalQuery = {...baseQuery, ...authQuery}; + return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + } catch (err){ log.error(err.message); } } - likers(tweet, { lastCreatedAt = 0, limit = 10 }, _user, resolver = 'likers') { - const baseQuery = {likedIds: tweet._id, createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, this.context.User.auth, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); - const finalQuery = {...baseQuery, ...authQuery}; - return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + likers(tweet, { lastCreatedAt = 0, limit = 10 }, _user, resolver = 'tweet likers') { + try { + const baseQuery = {likedIds: tweet._id, createdAt: { $gt: lastCreatedAt } }; + const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readMany', { User: this.context.User }, resolver); + const finalQuery = {...baseQuery, ...authQuery}; + return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + } catch (err){ log.error(err.message); } } - async insert(doc, _user, resolver = 'insert') { - let docToInsert = Object.assign({}, doc, { - createdAt: Date.now(), - updatedAt: Date.now(), - createdById: (_user && _user._id) ? _user._id : 'unknown', - updatedById: (_user && _user._id) ? _user._id : 'unknown', - }); + async insert(doc, _user, resolver = 'insert tweet') { + try { + let insertedDoc = null; + let docToInsert = Object.assign({}, doc, { + createdAt: Date.now(), + updatedAt: Date.now(), + createdById: (_user && _user._id) ? _user._id : 'unknown', + updatedById: (_user && _user._id) ? _user._id : 'unknown', + }); + + const authQuery = queryForRoles(_user, ['admin'], ['authorId'], 'create', { User: this.context.User }, resolver); + + const docRoleFields = ['authorId'].map(key => ({ [key]: docToInsert[key] }) ); + if (Object.keys(authQuery).length > 0 && !fieldContainsUserId(docRoleFields, _user._id)) { + throw new Error('Not authorized to insert tweet'); + } - const authQuery = queryForRoles(_user, this.auth, 'create', { User: this.context.User }, {_id: '', ...docToInsert}, resolver); - const id = (await this.collection.insertOne(docToInsert)).insertedId; - - if (id){ - log.debug(`inserted ${this.type} ${id}.`); - } else { - log.debug('insert failed for docToInsert:', JSON.stringify(docToInsert, null, 2)); - throw new Error(`insert not possible for ${this.type} ${id}.`); - } - - this.pubsub.publish('tweetInserted', await this.getOneById(id, _user, 'pubsub tweetInserted')); - return id; + const id = (await this.collection.insertOne(docToInsert)).insertedId; + if (!id) { + log.error('insert tweet failed for docToInsert:', JSON.stringify(docToInsert, null, 2)); + throw new Error(`insert tweet not possible for ${id}.`); + } + + log.debug(`inserted tweet ${id}.`); + insertedDoc = this.getOneById(id, _user, 'pubsub tweetInserted'); + this.pubsub.publish('tweetInserted', insertedDoc); + return insertedDoc; + + } catch (err){ log.error(err.message); } } - async updateById(id, doc, _user, resolver = 'updateById') { - // must get the record first, to capture all authorization relevant fields - const docBefore = await this.getOneById(id, _user, 'getOneById in updateById for docBefore'); - let docToUpdate = {$set: Object.assign({}, doc, { - updatedAt: Date.now(), - updatedById: (_user && _user._id) ? _user._id : 'unknown', - })}; - - const baseQuery = {_id: id}; - const authQuery = queryForRoles(_user, this.auth, 'update', { User: this.context.User }, {...docBefore, ...docToUpdate}, resolver); - const finalQuery = {...baseQuery, ...authQuery}; - const result = await this.collection.updateOne(finalQuery, docToUpdate); - - if (result.result.ok === 1 && result.result.n === 1){ - log.debug(`updated ${this.type} ${id}.`); - } else { - log.debug(`update failed finalQuery:`, JSON.stringify(finalQuery, null, 2)); - log.debug('update failed for docToUpdate:', JSON.stringify(docToUpdate, null, 2)); - throw new Error(`update not possible for ${this.type} ${id}.`); - } - - this.loader.clear(id); - this.pubsub.publish('tweetUpdated', await this.getOneById(id, _user, 'pubsub tweetUpdated')); - return result; + async updateById(id, doc, _user, resolver = 'update tweet') { + try { + let updatedDoc = null; + const docBefore = await this.getOneById(id, _user, 'tweet getOneById in updateById for docBefore'); + let docToUpdate = {$set: Object.assign({}, doc, { + updatedAt: Date.now(), + updatedById: (_user && _user._id) ? _user._id : 'unknown', + })}; + + const baseQuery = {_id: id}; + const authQuery = queryForRoles(_user, ['admin'], ['authorId', 'coauthorsIds'], 'update', { User: this.context.User }, resolver); + + const finalQuery = {...baseQuery, ...authQuery}; + const result = await this.collection.updateOne(finalQuery, docToUpdate); + if (result.result.ok !== 1 || result.result.n !== 1){ + log.error(`update tweet failed finalQuery:`, JSON.stringify(finalQuery, null, 2)); + log.error('update tweet failed for docToUpdate:', JSON.stringify(docToUpdate, null, 2)); + throw new Error(`update tweet not possible for ${id}.`); + } + + log.debug(`updated tweet ${id}.`); + this.loaders().readOne.clear(id); + // this.loaders().readMany.clear(id); + + updatedDoc = this.getOneById(id, _user, 'pubsub tweetUpdated'); + this.pubsub.publish('tweetUpdated', updatedDoc); + return updatedDoc; + + } catch (err){ log.error(err.message); } } - async removeById(id, _user, resolver = 'removeById') { - // must get the record first, to capture all authorization relevant fields - const docBefore = await this.getOneById(id, _user, 'getOneById in removeById for docBefore'); - const baseQuery = {_id: id}; - const authQuery = queryForRoles(_user, this.auth, 'delete', { User: this.context.User }, {...docBefore}, resolver); - const finalQuery = {...baseQuery, ...authQuery}; - const result = await this.collection.remove(finalQuery); - - if (result.result.ok === 1 && result.result.n === 1){ - log.info(`removed ${this.type} ${id}.`); - } else { - log.debug(`remove failed for finalQuery:`, JSON.stringify(finalQuery, null, 2)); - throw new Error(`remove not possible for ${this.type} ${id}.`); - } - - this.loader.clear(id); - this.pubsub.publish('tweetRemoved', id); - return result; + async removeById(id, _user, resolver = 'remove tweet') { + try { + const docBefore = this.getOneById(id, _user, 'tweet getOneById in removeById for docBefore'); + const baseQuery = {_id: id}; + const authQuery = queryForRoles(_user, ['admin'], ['authorId'], 'delete', { User: this.context.User }, resolver); + const finalQuery = {...baseQuery, ...authQuery}; + const result = await this.collection.remove(finalQuery); + + if (result.result.ok !== 1 || result.result.n !== 1){ + log.error(`remove tweet failed for finalQuery:`, JSON.stringify(finalQuery, null, 2)); + throw new Error(`remove tweet not possible for ${id}.`); + } + + log.debug(`removed tweet ${id}.`); + this.loaders().readOne.clear(id); + // this.loaders().readMany.clear(id); + + this.pubsub.publish('tweetRemoved', id); + return result; + + } catch (err){ log.error(err.message); } } } diff --git a/test/output-app/model/User.js b/test/output-app/model/User.js index 55a6ccc..4e8392f 100644 --- a/test/output-app/model/User.js +++ b/test/output-app/model/User.js @@ -1,188 +1,212 @@ import log from '../server/logger'; import DataLoader from 'dataloader'; -import { findByIds, queryForRoles } from '../server/authorize'; +import { findByIds, queryForRoles, fieldContainsUserId } from '../server/authorize'; export default class User { constructor(context) { this.context = context; this.collection = context.db.collection('user'); this.pubsub = context.pubsub; - this.loader = new DataLoader((ids, authQuery = {}) => findByIds(this.collection, ids, authQuery)); - this.auth = { - type: 'User', - userRoles: { - create: ['admin'], - read: ['admin'], - readOne: ['admin'], - readMany: ['admin'], - update: ['admin'], - delete: ['admin'], - }, - docRoles: { - create: [], - read: [], - readOne: ['_id'], // == 'this' - readMany: [], - update: ['_id'], - delete: ['_id'], - }, - fields: [ - { - name: 'role', - userRoles: { - create: ['admin'], - read: ['admin'], - readOne: ['admin'], - readMany: ['admin'], - update: ['admin'], - delete: ['admin'], - }, - docRoles: { - create: [], - read: [], - readOne: ['_id'], // == 'this' - readMany: [], - update: [], - delete: ['_id'], - }, - } - ] - } + this._user = {}; + this.loaders = (_user = {}, resolver = '') => ({ + readOneWithoutAuth: new DataLoader(ids => new Promise( async (resolve, reject) => { + try { + const result = await findByIds(this.collection, ids, {}); + resolve(result); + } catch (err) { reject(err); } + })), + readOne: new DataLoader(ids => new Promise( async (resolve, reject) => { + try { + const authQuery = queryForRoles(_user, ['admin'], ['_id'], 'readOne', { User: this.context.User }, resolver); + const result = await findByIds(this.collection, ids, authQuery); + resolve(result); + } catch (err) { reject(err); } + })), + // readMany: new DataLoader(ids => new Promise( async (resolve, reject) => { + // try { + // const authQuery = queryForRoles(_user, ['admin'], [], 'readMany', { User: this.context.User }, resolver); + // const result = await findByIds(this.collection, ids, authQuery); + // resolve(result); + // } catch (err) { reject(err); } + // })), + }); } authRole(user){ return (user && user.role) ? user.role : ''; } - findOneById(id) { - return this.loader.load(id); + // used from server calls, without authorization checks, NOT for use in resolvers + async findOneById(id, _user = {}, resolver = 'user findOneById') { + try { + const result = await this.loaders(_user, resolver).readOneWithoutAuth.load(id); + return result; + } catch (err) { log.error(err.message); } } - getOneById(id, _user = {}, resolver = 'getOneById') { - const authQuery = queryForRoles(_user, this.auth, 'readOne', { User: this.context.User }, {_id: id}, resolver); - return this.loader.load(id, authQuery); + // used for api calls, with authorization checks, for use in resolvers + async getOneById(id, _user = {}, resolver = 'user getOneById') { + try { + const result = await this.loaders(_user, resolver).readOne.load(id); + return result; + } catch (err) { log.error(err.message); } } - all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = 'all') { - const baseQuery = { createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, this.auth, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); - const finalQuery = {...baseQuery, ...authQuery}; - return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = 'user all') { + try { + const baseQuery = { createdAt: { $gt: lastCreatedAt } }; + const authQuery = queryForRoles(_user, ['admin'], [], 'readMany', { User: this.context.User }, resolver); + const restrictedFields = (Object.keys(authQuery).length === 0) ? {} : { role: 0 }; + const finalQuery = {...baseQuery, ...authQuery}; + return this.collection.find(finalQuery).sort({ createdAt: 1 }).project(restrictedFields).limit(limit).toArray(); + } catch (err) { log.error(err.message); } } - tweets(user, { minLikes, lastCreatedAt = 0, limit = 10 }, _user, resolver = 'tweets') { - const baseQuery = { - authorId: user._id, - createdAt: { $gt: lastCreatedAt }, - }; - const authQuery = queryForRoles(_user, this.context.Tweet.auth, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); - const finalQuery = {...baseQuery, ...authQuery}; - return this.context.Tweet.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + tweets(user, { minLikes, lastCreatedAt = 0, limit = 10 }, _user, resolver = 'user tweets') { + try { + const baseQuery = { + authorId: user._id, + createdAt: { $gt: lastCreatedAt }, + }; + const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readMany', { User: this.context.User }, resolver); + const finalQuery = {...baseQuery, ...authQuery}; + return this.context.Tweet.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + } catch (err) { log.error(err.message); } } - liked(user, { lastCreatedAt = 0, limit = 10 }, _user, resolver = 'liked') { - const baseQuery = { - _id: { $in: user.likedIds }, - createdAt: { $gt: lastCreatedAt }, - }; - const authQuery = queryForRoles(_user, this.context.Tweet.auth, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); - const finalQuery = {...baseQuery, ...authQuery}; - return this.context.Tweet.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + liked(user, { lastCreatedAt = 0, limit = 10 }, _user, resolver = 'user liked') { + try { + const baseQuery = { + _id: { $in: user.likedIds }, + createdAt: { $gt: lastCreatedAt }, + }; + const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readMany', { User: this.context.User }, resolver); + const finalQuery = {...baseQuery, ...authQuery}; + return this.context.Tweet.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + } catch (err) { log.error(err.message); } } - following(user, { lastCreatedAt = 0, limit = 10 }, _user, resolver = 'following') { - const baseQuery = { - _id: { $in: user.followingIds || [] }, - createdAt: { $gt: lastCreatedAt }, - }; - const authQuery = queryForRoles(_user, this.auth, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); - const finalQuery = {...baseQuery, ...authQuery}; - return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + following(user, { lastCreatedAt = 0, limit = 10 }, _user, resolver = 'user following') { + try { + const baseQuery = { + _id: { $in: user.followingIds || [] }, + createdAt: { $gt: lastCreatedAt }, + }; + const authQuery = queryForRoles(_user, ['admin'], [], 'readMany', { User: this.context.User }, resolver); + const restrictedFields = (Object.keys(authQuery).length === 0) ? {} : { role: 0 }; + const finalQuery = {...baseQuery, ...authQuery}; + return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).project(restrictedFields).limit(limit).toArray(); + } catch (err) { log.error(err.message); } } - followers(user, { lastCreatedAt = 0, limit = 10 }, _user, resolver = 'followers') { - const baseQuery = { - followingIds: user._id, - createdAt: { $gt: lastCreatedAt }, - }; - const authQuery = queryForRoles(_user, this.auth, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); - const finalQuery = {...baseQuery, ...authQuery}; - return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + followers(user, { lastCreatedAt = 0, limit = 10 }, _user, resolver = 'user followers') { + try { + const baseQuery = { + followingIds: user._id, + createdAt: { $gt: lastCreatedAt }, + }; + const authQuery = queryForRoles(_user, ['admin'], [], 'readMany', { User: this.context.User }, resolver); + const restrictedFields = (Object.keys(authQuery).length === 0) ? {} : { role: 0 }; + const finalQuery = {...baseQuery, ...authQuery}; + return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).project(restrictedFields).limit(limit).toArray(); + } catch (err) { log.error(err.message); } } - createdBy(user, _user, resolver = 'createdBy') { + createdBy(user, _user, resolver = 'user createdBy') { return this.context.User.getOneById(user.createdById, _user, resolver); } - updatedBy(user, _user, resolver = 'updatedBy') { + updatedBy(user, _user, resolver = 'user updatedBy') { return this.context.User.getOneById(user.updatedById, _user, resolver); } - async insert(doc, _user, resolver = 'insert') { - let docToInsert = Object.assign({}, doc, { - createdAt: Date.now(), - updatedAt: Date.now(), - createdById: (_user && _user._id) ? _user._id : 'unknown', - updatedById: (_user && _user._id) ? _user._id : 'unknown', - }); - - const authQuery = queryForRoles(_user, this.auth, 'create', { User: this.context.User }, {_id: '', ...docToInsert}, resolver); - const id = (await this.collection.insertOne(docToInsert)).insertedId; - - if (id){ - log.debug(`inserted ${this.type} ${id}.`); - } else { - log.debug('insert failed for docToInsert:', JSON.stringify(docToInsert, null, 2)); - throw new Error(`insert not possible for ${this.type} ${id}.`); - } - - this.pubsub.publish('userInserted', await this.getOneById(id, _user, 'pubsub userInserted')); - return id; + async insert(doc, _user, resolver = 'insert user') { + try { + let insertedDoc = null; + let docToInsert = Object.assign({}, doc, { + createdAt: Date.now(), + updatedAt: Date.now(), + createdById: (_user && _user._id) ? _user._id : 'unknown', + updatedById: (_user && _user._id) ? _user._id : 'unknown', + }); + + const authQuery = queryForRoles(_user, ['admin'], [], 'create', { User: this.context.User }, resolver); + + const docRoleFields = [].map(key => ({ [key]: docToInsert[key] }) ); + if (Object.keys(authQuery).length > 0 && !fieldContainsUserId(docRoleFields, _user._id)) { + throw new Error('Not authorized to insert user'); + } + + const id = (await this.collection.insertOne(docToInsert)).insertedId; + if (!id) { + log.error('insert user failed for:', JSON.stringify(docToInsert, null, 2)); + throw new Error(`insert user not possible for user ${id}.`); + } + + log.debug(`inserted user ${id}.`); + insertedDoc = this.getOneById(id, _user, 'pubsub userInserted'); + this.pubsub.publish('userInserted', insertedDoc); + return insertedDoc; + + } catch (err) { log.error(err.message); } } - async updateById(id, doc, _user, resolver = 'updateById') { - // must get the record first, to capture all authorization relevant fields - const docBefore = await this.getOneById(id, _user, 'getOneById in updateById for docBefore'); - let docToUpdate = {$set: Object.assign({}, doc, { - updatedAt: Date.now(), - updatedById: (_user && _user._id) ? _user._id : 'unknown', - })}; - - const baseQuery = {_id: id}; - const authQuery = queryForRoles(_user, this.auth, 'update', { User: this.context.User }, {...docBefore, ...docToUpdate}, resolver); - const finalQuery = {...baseQuery, ...authQuery}; - const result = await this.collection.updateOne(finalQuery, docToUpdate); - - if (result.result.ok === 1 && result.result.n === 1){ - log.debug(`updated ${this.type} ${id}.`); - } else { - log.debug(`update failed finalQuery:`, JSON.stringify(finalQuery, null, 2)); - log.debug('update failed for docToUpdate:', JSON.stringify(docToUpdate, null, 2)); - throw new Error(`update not possible for ${this.type} ${id}.`); - } - - this.loader.clear(id); - this.pubsub.publish('userUpdated', await this.getOneById(id, _user, 'pubsub userUpdated')); - return result; + async updateById(id, doc, _user, resolver = 'update user') { + try { + let updatedDoc = null; + const docBefore = await this.findOneById(id, _user, 'user findOneById in updateById for docBefore'); + let docToUpdate = {$set: Object.assign({}, doc, { + updatedAt: Date.now(), + updatedById: (_user && _user._id) ? _user._id : 'unknown', + })}; + + const baseQuery = {_id: id}; + const authQuery = queryForRoles(_user, ['admin'], ['_id'], 'update', { User: this.context.User }, resolver); + + if (doc['role'] && Object.keys(authQuery).length > 0) { + throw new Error('Not authorized to update field "role"'); + } + + const finalQuery = {...baseQuery, ...authQuery}; + const result = await this.collection.updateOne(finalQuery, docToUpdate); + if (result.result.ok !== 1){ + log.error(`update user failed finalQuery:`, JSON.stringify(finalQuery, null, 2)); + log.error('update user failed for docToUpdate:', JSON.stringify(docToUpdate, null, 2)); + throw new Error(`update user not possible for ${id}.`); + } + + log.debug(`updated user ${id}.`); + this.loaders().readOneWithoutAuth.clear(id); + this.loaders().readOne.clear(id); + // this.loaders().readMany.clear(id); + + updatedDoc = this.getOneById(id, _user, 'pubsub userUpdated') + this.pubsub.publish('userUpdated', updatedDoc); + return updatedDoc; + + } catch (err) { log.error(err.message); } } - async removeById(id, _user, resolver = 'removeById') { - // must get the record first, to capture all authorization relevant fields - const docBefore = await this.getOneById(id, _user, 'getOneById in removeById for docBefore'); - const baseQuery = {_id: id}; - const authQuery = queryForRoles(_user, this.auth, 'delete', { User: this.context.User }, {...docBefore}, resolver); - const finalQuery = {...baseQuery, ...authQuery}; - const result = await this.collection.remove(finalQuery); - - if (result.result.ok === 1 && result.result.n === 1){ - log.info(`removed ${this.type} ${id}.`); - } else { - log.debug(`remove failed for finalQuery:`, JSON.stringify(finalQuery, null, 2)); - throw new Error(`remove not possible for ${this.type} ${id}.`); - } - - this.loader.clear(id); - this.pubsub.publish('userRemoved', id); - return result; + async removeById(id, _user, resolver = 'remove user') { + try { + const docBefore = await this.findOneById(id, _user, 'user findOneById in removeById for docBefore'); + const baseQuery = {_id: id}; + const authQuery = queryForRoles(_user, ['admin'], ['_id'], 'delete', { User: this.context.User }, resolver); + const finalQuery = {...baseQuery, ...authQuery}; + const result = await this.collection.remove(finalQuery); + if (result.result.ok !== 1 || result.result.n !== 1){ + log.error(`remove user failed for finalQuery:`, JSON.stringify(finalQuery, null, 2)); + throw new Error(`remove user not possible for ${id}.`); + } + + log.debug(`removed user ${id}.`); + this.loaders().readOneWithoutAuth.clear(id); + this.loaders().readOne.clear(id); + // this.loaders().readMany.clear(id); + + this.pubsub.publish('userRemoved', id); + return result; + + } catch (err) { log.error(err.message); } } } diff --git a/test/output-app/resolvers/Tweet.js b/test/output-app/resolvers/Tweet.js index 187b61e..a8fb88c 100644 --- a/test/output-app/resolvers/Tweet.js +++ b/test/output-app/resolvers/Tweet.js @@ -35,13 +35,11 @@ const resolvers = { }, Mutation: { async createTweet(root, { input }, { Tweet, _user }) { - const id = await Tweet.insert(input, _user); - return Tweet.getOneById(id, _user, 'createTweet'); + return await Tweet.insert(input, _user); }, async updateTweet(root, { id, input }, { Tweet, _user }) { - await Tweet.updateById(id, input, _user); - return Tweet.getOneById(id, _user, 'updateTweet'); + return await Tweet.updateById(id, input, _user); }, async removeTweet(root, { id }, { Tweet, _user }) { diff --git a/test/output-app/resolvers/User.js b/test/output-app/resolvers/User.js index fd2c431..fa33f84 100644 --- a/test/output-app/resolvers/User.js +++ b/test/output-app/resolvers/User.js @@ -39,13 +39,11 @@ }, Mutation: { async createUser(root, { input }, { User, _user }) { - const id = await User.insert(input, _user); - return User.getOneById(id, _user, 'createUser'); + return await User.insert(input, _user); }, async updateUser(root, { id, input }, { User, _user }) { - await User.updateById(id, input, _user); - return User.getOneById(id, _user, 'updateUser'); + return await User.updateById(id, input, _user); }, async removeUser(root, { id }, { User, _user }) { diff --git a/test/output-app/server/authenticate.js b/test/output-app/server/authenticate.js index 3c37011..c09fdf6 100644 --- a/test/output-app/server/authenticate.js +++ b/test/output-app/server/authenticate.js @@ -4,6 +4,7 @@ import jwt from 'jwt-simple'; import { ObjectId } from 'mongodb'; import nodeify from 'nodeify'; import bcrypt from 'bcrypt'; +import log from '../server/logger'; const KEY = 'test-key'; diff --git a/test/output-app/server/authorize.js b/test/output-app/server/authorize.js index a1f5d44..32444e5 100644 --- a/test/output-app/server/authorize.js +++ b/test/output-app/server/authorize.js @@ -1,17 +1,14 @@ import _ from 'lodash'; import log from '../server/logger'; -// enhanced version of tmeasday's findByIds plus authQuery handling -export function findByIds(collection, ids = [], authQuery = {}) { +export function findByIds(collection, ids = [], authQuery) { const baseQuery = { _id: { $in: ids } }; const finalQuery = {...baseQuery, ...authQuery}; - return collection.find(finalQuery) - .toArray() - .then((docs) => { - const idMap = {}; - docs.forEach((d) => { idMap[d._id] = d; }); - return ids.map(id => idMap[id]); - }); + return collection.find(finalQuery).toArray().then(docs => { + const idMap = {}; + docs.forEach(d => { idMap[d._id] = d; }); + return ids.map(id => idMap[id]); + }); } // returns true, if user is logged in @@ -23,128 +20,94 @@ export function loggedIn(user) { } // creates an authQuery object with additional query arguments, to implement authorization restrictions for mongodb access -export function queryForRoles(user = {}, auth = {}, mode = '', { User }, doc = {}, resolver = '') { +export function queryForRoles(user = {}, userRoles = [], docRoles = [], mode = '', { User }, resolver = '') { // Build query for the case: The logged in user's role is authorized - if (roleAuthorizedForDoc(user, auth, mode, { User }, doc, resolver)) { + if (roleAuthorizedForDoc(user, userRoles, docRoles, mode, { User }, resolver)) { return {}; // empty authQuery means, do operation with no access restrictions } // Build query for the case: The user is listed in any document field const query = { $or: [] }; - if (userAuthorizedForDoc(user, auth, mode, { User }, doc, resolver)){ - const docRoles = auth.docRoles[mode] || []; + if (loggedIn(user)){ docRoles.forEach(docRole => query.$or.push( { [docRole]: user._id } ) ); log.debug('authQuery:', JSON.stringify(query, null, 2)); - return query; + if (query.$or.length > 0) return query; } // Not Authorized - throw new Error(`Authorization: Not authorized to ${mode} ${auth.type} ${doc._id ? doc._id : ''}.`); + throw new Error(`Authorization: Not authorized to ${mode} in ${resolver}.`); } // returns true, if the user's role is authorized for a document -export function roleAuthorizedForDoc(user = {}, auth = {}, mode = '', { User }, doc = {}, resolver = ''){ - const userRoles = auth.userRoles[mode] || []; +export function roleAuthorizedForDoc(user = {}, userRoles = [], docRoles = [], mode = '', { User }, resolver = ''){ const role = User.authRole(user); - const fields = auth.fields || []; if ( userRoles.includes('world') || role && role !== '' && role !== '' && userRoles.length > 0 && userRoles.includes(role) ) { - let fieldsAuthorized = true; - - // check all fields with @authorize directives, if any of them is not allowed for the role - fields.forEach(field => { - // if this field is in the document, - if (doc[field.name]) { - const fieldUserRoles = field.userRoles[mode] || []; - //check if the user role doesn't allow this field - if ( fieldUserRoles.length === 0 || ! ( fieldUserRoles.includes(role) || fieldUserRoles.includes('world') ) ){ - fieldsAuthorized = false; - } - } - }); - - // only if all fields of the document are allowed for the role - if (fieldsAuthorized){ - log.debug(`${resolver} ${mode} with user ${user.username ? user.username : ''} for ${auth.type} and ${doc._id ? doc._id : ''}`); - return true; - } - + log.debug(`${resolver} ${mode} with user ${user.username ? user.username : ''} is authorized`); + return true; } return false; } -// returns true, if the user is authorized by a document role -export function userAuthorizedForDoc(user = {}, auth = {}, mode = '', { User }, doc = {}, resolver = ''){ - const docRoles = auth.docRoles[mode] || []; - const fields = auth.fields || []; - let userId; - let authorized = false; - - // document role checks work only with logged in user - if (!loggedIn(user)) return false; - userId = user._id.toString(); - - // check if any docRole leads to an authorization - docRoles.forEach(docRole => { - const docRoleField = doc[docRole]; - let fieldsAuthorized = true; - // check if the field for the docRole check is in the document, if not, it cannot be checked - if (docRoleField){ - // check if user is authorized for doc - if (fieldContainsUserId(docRoleField, userId)){ - - // check if user is authorized for the doc's fields - fields.forEach(field => { - const fieldDocRoles = field.docRoles[mode] || []; - // check if restricted field is in the current document, and if the current docRole is not in the docRole of the field - if (mode !== 'update' && doc[field.name] && !fieldDocRoles.includes(docRole)){ - fieldsAuthorized = false; - } - // check if doc contains a $set object, and this contains any of the fields, - // and if the current docRole is not in the docRole of the field - if (mode === 'update' && doc.$set && doc.$set[field.name] && !fieldDocRoles.includes(docRole)){ - fieldsAuthorized = false; - } - }); - - // only if the same role is authorized for the document and all fields, it is allowed - if (fieldsAuthorized){ - log.debug(`${resolver} ${mode} with user ${(user.username) ? user.username : ''} for ${auth.type} and docRole ${docRole} for doc with id: ${doc._id ? doc._id : ''}`); - authorized = true; - return true; - } - - } - } - }); - - return authorized; -} - // returns true, if a field of type array/object/string contains the userId export function fieldContainsUserId(docRoleField, userId) { - let userIdFound = false; + let found = false; + + // empty userId is not a valid userId + if (userId.toString() === '') return false; + + // handle a simple id field + if (docRoleField.toString() === userId.toString()){ + return true; + } - // handle an array of userIds + // handle an array if (_.isArray(docRoleField)){ - docRoleField.forEach(field => { - if (field.toString() === userId){ - userIdFound = true; - } + docRoleField.every(field => { + if (fieldContainsUserId(field, userId)) { + found = true; + return true; + } }); + if (found) return true; } - // handle a field with one userId, must be an object, if it is an ObjectId('') - if (_.isObject(docRoleField) && docRoleField.toString() === userId){ - userIdFound = true; - } + // handle an object + if (_.isObject(docRoleField)){ + Object.keys(docRoleField).every(field => { - // handle a field with just an userId String - if (_.isString(docRoleField) && docRoleField.toString() === userId){ - userIdFound = true; - } + // handle a field + if (docRoleField[field] && docRoleField[field].toString() === userId.toString()){ + found = true; + return true; + } + + // handle an array + if (_.isArray(docRoleField[field])){ + docRoleField[field].every(innerField => { + if (fieldContainsUserId(innerField, userId)) { + found = true; + return true; + } + }) + if (found) return true; + } - return userIdFound; + // handle an object + if (_.isObject(docRoleField[field])){ + Object.keys(docRoleField[field]).every(innerField => { + if (fieldContainsUserId(docRoleField[field][innerField], userId)) { + found = true; + return true; + } + }); + if (found) return true; + } + + }); + + } + return found; } diff --git a/test/output-app/server/index.js b/test/output-app/server/index.js index e8a6c61..c9d452b 100644 --- a/test/output-app/server/index.js +++ b/test/output-app/server/index.js @@ -14,6 +14,7 @@ import typeDefs from '../schema'; import resolvers from '../resolvers'; import addModelsToContext from '../model'; import authenticate from './authenticate'; +import { parse, print } from 'graphql'; import { pubsub, subscriptionManager } from './subscriptions'; @@ -49,10 +50,15 @@ async function startServer() { graphqlExpress(() => { // Get the query, the same way express-graphql does it // https://github.com/graphql/express-graphql/blob/3fa6e68582d6d933d37fa9e841da5d2aa39261cd/src/index.js#L257 + const {variables, operationName} = req.body; + const {_id, username, role} = _user; const query = req.query.query || req.body.query; + log.debug('-'.repeat(80)); + log.debug(`Request:\nUser: "${(username) ? username: ''}", role: "${(role) ? role : ''}", id: "${(_id) ? _id : ''}",\nOperation: "${operationName ? operationName : ''}", variables: "${variables ? JSON.stringify(variables) : ''}",\nQuery:\n${print(parse(query))}`); if (query && query.length > 4000) { // None of our app's queries are this long // Probably indicates someone trying to send an overly expensive query + log.error('Query too large.'); throw new Error('Query too large.'); } return { diff --git a/test/output-app/server/logger.js b/test/output-app/server/logger.js index 5c9ced8..c29154a 100644 --- a/test/output-app/server/logger.js +++ b/test/output-app/server/logger.js @@ -2,24 +2,52 @@ import winston from 'winston'; winston.emitErrs = true; +const timestamp = function() { + return new Date(Date.now()).toLocaleString(); +}; + +const formatter = function(options) { + return options.timestamp() + + ' ' + + (options.level === 'error' ? ' ' + options.level.toUpperCase() : '' ) + + ' ' + + (options.message ? options.message : '') + + (options.meta && Object.keys(options.meta).length ? '\n\t'+ JSON.stringify(options.meta) : '' ) + ; +} + const logger = new winston.Logger({ transports: [ + // new winston.transports.File({ + // level: 'debug', + // filename: './server/logs/all-logs.log', + // handleExceptions: true, + // json: true, + // maxsize: 5242880, //5MB + // maxFiles: 5, + // colorize: false + // }), + new winston.transports.File({ - level: 'info', - filename: './server/logs/all-logs.log', + level: 'debug', + filename: './server/logs/all-logs-readable.log', handleExceptions: true, - json: true, + json: false, maxsize: 5242880, //5MB maxFiles: 5, - colorize: false + colorize: false, + timestamp: timestamp, + formatter: formatter }), new winston.transports.Console({ level: 'debug', handleExceptions: true, json: false, - colorize: true + colorize: true, + timestamp: timestamp, + formatter: formatter }) ], @@ -32,6 +60,6 @@ export default logger; export const stream = { write: function(message, encoding) { - logger.info(message); + // logger.debug(message); } }; diff --git a/test/output-app/server/logs/all-logs-readable.log b/test/output-app/server/logs/all-logs-readable.log new file mode 100644 index 0000000..08c8992 --- /dev/null +++ b/test/output-app/server/logs/all-logs-readable.log @@ -0,0 +1,16273 @@ +2017-07-09 19:45:44 -------------------------------------------------------------------------------- +2017-07-09 19:45:44 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + role + username + } +} + +2017-07-09 19:45:55 user readOne with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + role + username + } +} + +2017-07-09 19:45:55 user readOne with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca2") { + role + username + } +} + +2017-07-09 19:45:55 user readOne with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + id + username + bio + } +} + +2017-07-09 19:45:55 user readOne with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users { + username + createdAt + } +} + +2017-07-09 19:45:55 users readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(limit: 1) { + username + createdAt + } +} + +2017-07-09 19:45:55 users readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993) { + username + createdAt + } +} + +2017-07-09 19:45:55 users readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } +} + +2017-07-09 19:45:55 users readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers { + username + createdAt + } + } +} + +2017-07-09 19:45:55 user readOne with user stubailo is authorized +2017-07-09 19:45:55 followers readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 19:45:55 user readOne with user stubailo is authorized +2017-07-09 19:45:55 followers readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-07-09 19:45:55 user readOne with user stubailo is authorized +2017-07-09 19:45:55 followers readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 19:45:55 user readOne with user stubailo is authorized +2017-07-09 19:45:55 followers readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following { + username + createdAt + } + } +} + +2017-07-09 19:45:55 user readOne with user stubailo is authorized +2017-07-09 19:45:55 following readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 19:45:55 user readOne with user stubailo is authorized +2017-07-09 19:45:55 following readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-07-09 19:45:55 user readOne with user stubailo is authorized +2017-07-09 19:45:55 following readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 19:45:55 user readOne with user stubailo is authorized +2017-07-09 19:45:55 following readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets { + id + createdAt + } + } +} + +2017-07-09 19:45:55 user readOne with user stubailo is authorized +2017-07-09 19:45:55 tweets readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(limit: 1) { + id + createdAt + } + } +} + +2017-07-09 19:45:55 user readOne with user stubailo is authorized +2017-07-09 19:45:55 tweets readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } + } +} + +2017-07-09 19:45:55 user readOne with user stubailo is authorized +2017-07-09 19:45:55 tweets readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } + } +} + +2017-07-09 19:45:55 user readOne with user stubailo is authorized +2017-07-09 19:45:55 tweets readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked { + id + createdAt + } + } +} + +2017-07-09 19:45:55 user readOne with user stubailo is authorized +2017-07-09 19:45:55 liked readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(limit: 1) { + id + createdAt + } + } +} + +2017-07-09 19:45:55 user readOne with user stubailo is authorized +2017-07-09 19:45:55 liked readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334) { + id + createdAt + } + } +} + +2017-07-09 19:45:55 user readOne with user stubailo is authorized +2017-07-09 19:45:55 liked readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334, limit: 1) { + id + createdAt + } + } +} + +2017-07-09 19:45:55 user readOne with user stubailo is authorized +2017-07-09 19:45:55 liked readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + id + body + } +} + +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + author { + username + } + } +} + +2017-07-09 19:45:55 tweet readOne with user stubailo is authorized +2017-07-09 19:45:55 tweet readOne with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets { + id + createdAt + } +} + +2017-07-09 19:45:55 tweets readMany with user stubailo is authorized +2017-07-09 19:45:55 author readOne with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(limit: 1) { + id + createdAt + } +} + +2017-07-09 19:45:55 tweets readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } +} + +2017-07-09 19:45:55 tweets readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } +} + +2017-07-09 19:45:55 tweets readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers { + username + createdAt + } + } +} + +2017-07-09 19:45:55 tweet readOne with user stubailo is authorized +2017-07-09 19:45:55 likers readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 19:45:55 tweet readOne with user stubailo is authorized +2017-07-09 19:45:55 likers readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993) { + username + createdAt + } + } +} + +2017-07-09 19:45:55 tweet readOne with user stubailo is authorized +2017-07-09 19:45:55 likers readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 19:45:55 tweet readOne with user stubailo is authorized +2017-07-09 19:45:55 likers readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { + id + role + } +} + +2017-07-09 19:45:55 insert user create with user stubailo is authorized +2017-07-09 19:45:55 inserted user 59626bd3381b9493f5a80a90. +2017-07-09 19:45:55 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-07-09 19:45:55 insert user create with user tobkle is authorized +2017-07-09 19:45:55 inserted user 59626bd3381b9493f5a80a91. +2017-07-09 19:45:55 pubsub userInserted readOne with user tobkle is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", +Operation: "", variables: "", +Query: +{ + user(id: "59626bd3381b9493f5a80a91") { + username + bio + role + } +} + +2017-07-09 19:45:55 user readOne with user tobkle is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", +Operation: "", variables: "", +Query: +{ + user(id: "59626bd3381b9493f5a80a90") { + username + role + } +} + +2017-07-09 19:45:55 user readOne with user tobkle is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59626bd3381b9493f5a80a91", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-07-09 19:45:55 update user update with user tobkle is authorized +2017-07-09 19:45:55 updated user 59626bd3381b9493f5a80a91. +2017-07-09 19:45:55 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59626bd3381b9493f5a80a90", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 19:45:55 update user update with user tobkle is authorized +2017-07-09 19:45:55 updated user 59626bd3381b9493f5a80a90. +2017-07-09 19:45:55 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59626bd3381b9493f5a80a91", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 19:45:55 update user update with user tobkle is authorized +2017-07-09 19:45:55 updated user 59626bd3381b9493f5a80a91. +2017-07-09 19:45:55 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59626bd3381b9493f5a80a90", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-07-09 19:45:55 update user update with user tobkle is authorized +2017-07-09 19:45:55 updated user 59626bd3381b9493f5a80a90. +2017-07-09 19:45:55 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "tobkle", role: "editor", id: "59626bd3381b9493f5a80a90", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59626bd3381b9493f5a80a90", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 19:45:55 authQuery: { + "$or": [ + { + "_id": "59626bd3381b9493f5a80a90" + } + ] +} +2017-07-09 19:45:55 ERROR Not authorized to update field "role" +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "zoltan", role: "admin", id: "59626bd3381b9493f5a80a91", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59626bd3381b9493f5a80a90", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 19:45:55 update user update with user zoltan is authorized +2017-07-09 19:45:55 updated user 59626bd3381b9493f5a80a90. +2017-07-09 19:45:55 pubsub userUpdated readOne with user zoltan is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59626bd3381b9493f5a80a91") +} + +2017-07-09 19:45:55 removeUser delete with user tobkle is authorized +2017-07-09 19:45:55 removed user 59626bd3381b9493f5a80a91. +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59626bd3381b9493f5a80a90", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 19:45:55 insert tweet create with user tobkle is authorized +2017-07-09 19:45:55 inserted tweet 59626bd3381b9493f5a80a92. +2017-07-09 19:45:55 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", +Operation: "", variables: "", +Query: +{ + tweet(id: "59626bd3381b9493f5a80a92") { + author { + id + } + body + } +} + +2017-07-09 19:45:55 tweet readOne with user tobkle is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 19:45:55 insert tweet create with user tobkle is authorized +2017-07-09 19:45:55 author readOne with user tobkle is authorized +2017-07-09 19:45:55 inserted tweet 59626bd3381b9493f5a80a93. +2017-07-09 19:45:55 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 19:45:55 tweet readOne with user tobkle is authorized +2017-07-09 19:45:55 author readOne with user tobkle is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59626bd3381b9493f5a80a92", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 19:45:55 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 19:45:55 update tweet update with user tobkle is authorized +2017-07-09 19:45:55 updated tweet 59626bd3381b9493f5a80a92. +2017-07-09 19:45:55 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59626bd3381b9493f5a80a93", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 19:45:55 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 19:45:55 update tweet update with user tobkle is authorized +2017-07-09 19:45:55 updated tweet 59626bd3381b9493f5a80a93. +2017-07-09 19:45:55 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", +Operation: "", variables: "", +Query: +{ + tweet(id: "59626bd3381b9493f5a80a92") { + body + } +} + +2017-07-09 19:45:55 tweet readOne with user tobkle is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59626bd3381b9493f5a80a92") +} + +2017-07-09 19:45:55 removeTweet delete with user tobkle is authorized +2017-07-09 19:45:55 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 19:45:55 removed tweet 59626bd3381b9493f5a80a92. +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59626bd3381b9493f5a80a93") +} + +2017-07-09 19:45:55 removeTweet delete with user tobkle is authorized +2017-07-09 19:45:55 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 19:45:55 removed tweet 59626bd3381b9493f5a80a93. +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", +Operation: "", variables: "", +Query: +{ + tweet(id: "59626bd3381b9493f5a80a92") { + body + } +} + +2017-07-09 19:45:55 tweet readOne with user tobkle is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59626bd3381b9493f5a80a90") +} + +2017-07-09 19:45:55 removeUser delete with user tobkle is authorized +2017-07-09 19:45:55 removed user 59626bd3381b9493f5a80a90. +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59626bd3381b9493f5a80a90") { + username + bio + role + } +} + +2017-07-09 19:45:55 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-07-09 19:45:55 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 19:45:55 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 19:45:55 ERROR Authorization: Not authorized to update in update user. +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 19:45:55 ERROR Authorization: Not authorized to delete in removeUser. +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 19:45:55 ERROR Authorization: Not authorized to create in insert tweet. +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 19:45:55 tweet readOne with user is authorized +2017-07-09 19:45:55 ERROR Authorization: Not authorized to readOne in author. +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 19:45:55 tweet getOneById in updateById for docBefore readOne with user is authorized +2017-07-09 19:45:55 ERROR Authorization: Not authorized to update in update tweet. +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 19:45:55 tweet getOneById in updateById for docBefore readOne with user is authorized +2017-07-09 19:45:55 ERROR Authorization: Not authorized to update in update tweet. +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 19:45:55 ERROR Authorization: Not authorized to delete in removeTweet. +2017-07-09 19:45:55 tweet getOneById in removeById for docBefore readOne with user is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { + id + role + } +} + +2017-07-09 19:45:55 insert user create with user stubailo is authorized +2017-07-09 19:45:55 inserted user 59626bd3381b9493f5a80a94. +2017-07-09 19:45:55 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-07-09 19:45:55 authQuery: { + "$or": [] +} +2017-07-09 19:45:55 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 19:45:55 authQuery: { + "$or": [ + { + "_id": "59626bd3381b9493f5a80a94" + } + ] +} +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", +Operation: "", variables: "", +Query: +{ + user(id: "59626bd3381b9493f5a80a94") { + username + } +} + +2017-07-09 19:45:55 authQuery: { + "$or": [ + { + "_id": "59626bd3381b9493f5a80a94" + } + ] +} +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", +Operation: "", variables: "", +Query: +{ + user(id: "59626bd3381b9493f5a80a94") { + username + role + } +} + +2017-07-09 19:45:55 authQuery: { + "$or": [ + { + "_id": "59626bd3381b9493f5a80a94" + } + ] +} +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 19:45:55 authQuery: { + "$or": [ + { + "_id": "59626bd3381b9493f5a80a94" + } + ] +} +2017-07-09 19:45:55 ERROR Not authorized to update user +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59626bd3381b9493f5a80a94", input: {username: "tobkle", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "_id": "59626bd3381b9493f5a80a94" + } + ] +} +2017-07-09 19:45:56 updated user 59626bd3381b9493f5a80a94. +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "_id": "59626bd3381b9493f5a80a94" + } + ] +} +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59626bd3381b9493f5a80a94", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "_id": "59626bd3381b9493f5a80a94" + } + ] +} +2017-07-09 19:45:56 ERROR Not authorized to update field "role" +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "_id": "59626bd3381b9493f5a80a94" + } + ] +} +2017-07-09 19:45:56 ERROR remove user failed for finalQuery: { + "_id": "583291a1638566b3c5a92ca1", + "$or": [ + { + "_id": "59626bd3381b9493f5a80a94" + } + ] +} +2017-07-09 19:45:56 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59626bd3381b9493f5a80a94", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "authorId": "59626bd3381b9493f5a80a94" + } + ] +} +2017-07-09 19:45:56 inserted tweet 59626bd4381b9493f5a80a95. +2017-07-09 19:45:56 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "authorId": "59626bd3381b9493f5a80a94" + } + ] +} +2017-07-09 19:45:56 ERROR Not authorized to insert tweet +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", +Operation: "", variables: "", +Query: +{ + tweet(id: "59626bd4381b9493f5a80a95") { + author { + id + } + body + } +} + +2017-07-09 19:45:56 tweet readOne with user tobkle is authorized +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "_id": "59626bd3381b9493f5a80a94" + } + ] +} +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 19:45:56 tweet readOne with user tobkle is authorized +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "_id": "59626bd3381b9493f5a80a94" + } + ] +} +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59626bd4381b9493f5a80a95", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 19:45:56 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "authorId": "59626bd3381b9493f5a80a94" + }, + { + "coauthorsIds": "59626bd3381b9493f5a80a94" + } + ] +} +2017-07-09 19:45:56 updated tweet 59626bd4381b9493f5a80a95. +2017-07-09 19:45:56 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 19:45:56 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "authorId": "59626bd3381b9493f5a80a94" + }, + { + "coauthorsIds": "59626bd3381b9493f5a80a94" + } + ] +} +2017-07-09 19:45:56 ERROR Not authorized to update tweet +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", +Operation: "", variables: "", +Query: +{ + tweet(id: "59626bd4381b9493f5a80a95") { + body + } +} + +2017-07-09 19:45:56 tweet readOne with user tobkle is authorized +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59626bd4381b9493f5a80a95") +} + +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "authorId": "59626bd3381b9493f5a80a94" + } + ] +} +2017-07-09 19:45:56 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 19:45:56 removed tweet 59626bd4381b9493f5a80a95. +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "authorId": "59626bd3381b9493f5a80a94" + } + ] +} +2017-07-09 19:45:56 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 19:45:56 ERROR remove tweet failed for finalQuery: { + "_id": "583676d3618530145474e352", + "$or": [ + { + "authorId": "59626bd3381b9493f5a80a94" + } + ] +} +2017-07-09 19:45:56 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", +Operation: "", variables: "", +Query: +{ + tweet(id: "59626bd4381b9493f5a80a95") { + body + } +} + +2017-07-09 19:45:56 tweet readOne with user tobkle is authorized +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59626bd3381b9493f5a80a94") +} + +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "_id": "59626bd3381b9493f5a80a94" + } + ] +} +2017-07-09 19:45:56 removed user 59626bd3381b9493f5a80a94. +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59626bd3381b9493f5a80a94") { + username + bio + role + } +} + +2017-07-09 19:45:56 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { + id + role + } +} + +2017-07-09 19:45:56 insert user create with user stubailo is authorized +2017-07-09 19:45:56 inserted user 59626bd4381b9493f5a80a96. +2017-07-09 19:45:56 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tobkle", role: "editor", id: "59626bd4381b9493f5a80a96", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-07-09 19:45:56 authQuery: { + "$or": [] +} +2017-07-09 19:45:56 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tobkle", role: "editor", id: "59626bd4381b9493f5a80a96", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "_id": "59626bd4381b9493f5a80a96" + } + ] +} +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tobkle", role: "editor", id: "59626bd4381b9493f5a80a96", +Operation: "", variables: "", +Query: +{ + user(id: "59626bd4381b9493f5a80a96") { + username + role + } +} + +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "_id": "59626bd4381b9493f5a80a96" + } + ] +} +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tobkle", role: "editor", id: "59626bd4381b9493f5a80a96", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "_id": "59626bd4381b9493f5a80a96" + } + ] +} +2017-07-09 19:45:56 ERROR Not authorized to update user +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tobkle", role: "editor", id: "59626bd4381b9493f5a80a96", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59626bd4381b9493f5a80a96", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "_id": "59626bd4381b9493f5a80a96" + } + ] +} +2017-07-09 19:45:56 updated user 59626bd4381b9493f5a80a96. +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "_id": "59626bd4381b9493f5a80a96" + } + ] +} +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tmeasday", role: "editor", id: "59626bd4381b9493f5a80a96", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59626bd4381b9493f5a80a96", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "_id": "59626bd4381b9493f5a80a96" + } + ] +} +2017-07-09 19:45:56 ERROR Not authorized to update field "role" +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tmeasday", role: "editor", id: "59626bd4381b9493f5a80a96", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "_id": "59626bd4381b9493f5a80a96" + } + ] +} +2017-07-09 19:45:56 ERROR remove user failed for finalQuery: { + "_id": "583291a1638566b3c5a92ca1", + "$or": [ + { + "_id": "59626bd4381b9493f5a80a96" + } + ] +} +2017-07-09 19:45:56 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tmeasday", role: "editor", id: "59626bd4381b9493f5a80a96", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59626bd4381b9493f5a80a96", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "authorId": "59626bd4381b9493f5a80a96" + } + ] +} +2017-07-09 19:45:56 inserted tweet 59626bd4381b9493f5a80a97. +2017-07-09 19:45:56 pubsub tweetInserted readOne with user tmeasday is authorized +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tmeasday", role: "editor", id: "59626bd4381b9493f5a80a96", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "authorId": "59626bd4381b9493f5a80a96" + } + ] +} +2017-07-09 19:45:56 ERROR Not authorized to insert tweet +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tmeasday", role: "editor", id: "59626bd4381b9493f5a80a96", +Operation: "", variables: "", +Query: +{ + tweet(id: "59626bd4381b9493f5a80a97") { + author { + id + } + body + } +} + +2017-07-09 19:45:56 tweet readOne with user tmeasday is authorized +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "_id": "59626bd4381b9493f5a80a96" + } + ] +} +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tmeasday", role: "editor", id: "59626bd4381b9493f5a80a96", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 19:45:56 tweet readOne with user tmeasday is authorized +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "_id": "59626bd4381b9493f5a80a96" + } + ] +} +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tmeasday", role: "editor", id: "59626bd4381b9493f5a80a96", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59626bd4381b9493f5a80a97", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 19:45:56 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "authorId": "59626bd4381b9493f5a80a96" + }, + { + "coauthorsIds": "59626bd4381b9493f5a80a96" + } + ] +} +2017-07-09 19:45:56 updated tweet 59626bd4381b9493f5a80a97. +2017-07-09 19:45:56 pubsub tweetUpdated readOne with user tmeasday is authorized +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tmeasday", role: "editor", id: "59626bd4381b9493f5a80a96", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 19:45:56 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "authorId": "59626bd4381b9493f5a80a96" + }, + { + "coauthorsIds": "59626bd4381b9493f5a80a96" + } + ] +} +2017-07-09 19:45:56 ERROR Not authorized to update tweet +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tmeasday", role: "editor", id: "59626bd4381b9493f5a80a96", +Operation: "", variables: "", +Query: +{ + tweet(id: "59626bd4381b9493f5a80a97") { + body + } +} + +2017-07-09 19:45:56 tweet readOne with user tmeasday is authorized +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tmeasday", role: "editor", id: "59626bd4381b9493f5a80a96", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59626bd4381b9493f5a80a97") +} + +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "authorId": "59626bd4381b9493f5a80a96" + } + ] +} +2017-07-09 19:45:56 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized +2017-07-09 19:45:56 removed tweet 59626bd4381b9493f5a80a97. +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tmeasday", role: "editor", id: "59626bd4381b9493f5a80a96", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "authorId": "59626bd4381b9493f5a80a96" + } + ] +} +2017-07-09 19:45:56 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized +2017-07-09 19:45:56 ERROR remove tweet failed for finalQuery: { + "_id": "583676d3618530145474e352", + "$or": [ + { + "authorId": "59626bd4381b9493f5a80a96" + } + ] +} +2017-07-09 19:45:56 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tmeasday", role: "editor", id: "59626bd4381b9493f5a80a96", +Operation: "", variables: "", +Query: +{ + tweet(id: "59626bd4381b9493f5a80a97") { + body + } +} + +2017-07-09 19:45:56 tweet readOne with user tmeasday is authorized +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tmeasday", role: "editor", id: "59626bd4381b9493f5a80a96", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59626bd4381b9493f5a80a96") +} + +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "_id": "59626bd4381b9493f5a80a96" + } + ] +} +2017-07-09 19:45:56 removed user 59626bd4381b9493f5a80a96. +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59626bd4381b9493f5a80a96") { + username + bio + role + } +} + +2017-07-09 19:45:56 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 19:54:26 Logger started +2017-07-09 19:57:26 Logger started +2017-07-09 19:57:54 -------------------------------------------------------------------------------- +2017-07-09 19:57:54 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-07-09 19:58:04 -------------------------------------------------------------------------------- +2017-07-09 19:58:04 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-07-09 19:58:04 -------------------------------------------------------------------------------- +2017-07-09 19:58:04 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + role + username + } +} + +2017-07-09 19:58:04 user readOne with user stubailo is authorized +2017-07-09 19:58:04 -------------------------------------------------------------------------------- +2017-07-09 19:58:04 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + role + username + } +} + +2017-07-09 19:58:04 user readOne with user stubailo is authorized +2017-07-09 19:58:04 -------------------------------------------------------------------------------- +2017-07-09 19:58:04 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca2") { + role + username + } +} + +2017-07-09 19:58:04 user readOne with user stubailo is authorized +2017-07-09 19:58:04 -------------------------------------------------------------------------------- +2017-07-09 19:58:04 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + id + username + bio + } +} + +2017-07-09 19:58:04 user readOne with user stubailo is authorized +2017-07-09 19:58:04 -------------------------------------------------------------------------------- +2017-07-09 19:58:04 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users { + username + createdAt + } +} + +2017-07-09 19:58:04 users readMany with user stubailo is authorized +2017-07-09 19:58:04 -------------------------------------------------------------------------------- +2017-07-09 19:58:04 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(limit: 1) { + username + createdAt + } +} + +2017-07-09 19:58:04 users readMany with user stubailo is authorized +2017-07-09 19:58:04 -------------------------------------------------------------------------------- +2017-07-09 19:58:04 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993) { + username + createdAt + } +} + +2017-07-09 19:58:04 users readMany with user stubailo is authorized +2017-07-09 19:58:04 -------------------------------------------------------------------------------- +2017-07-09 19:58:04 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } +} + +2017-07-09 19:58:04 users readMany with user stubailo is authorized +2017-07-09 19:58:04 -------------------------------------------------------------------------------- +2017-07-09 19:58:04 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers { + username + createdAt + } + } +} + +2017-07-09 19:58:04 user readOne with user stubailo is authorized +2017-07-09 19:58:04 followers readMany with user stubailo is authorized +2017-07-09 19:58:04 -------------------------------------------------------------------------------- +2017-07-09 19:58:04 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 19:58:04 user readOne with user stubailo is authorized +2017-07-09 19:58:04 followers readMany with user stubailo is authorized +2017-07-09 19:58:04 -------------------------------------------------------------------------------- +2017-07-09 19:58:04 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-07-09 19:58:04 user readOne with user stubailo is authorized +2017-07-09 19:58:04 followers readMany with user stubailo is authorized +2017-07-09 19:58:04 -------------------------------------------------------------------------------- +2017-07-09 19:58:04 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 19:58:04 user readOne with user stubailo is authorized +2017-07-09 19:58:04 followers readMany with user stubailo is authorized +2017-07-09 19:58:04 -------------------------------------------------------------------------------- +2017-07-09 19:58:04 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following { + username + createdAt + } + } +} + +2017-07-09 19:58:04 user readOne with user stubailo is authorized +2017-07-09 19:58:04 following readMany with user stubailo is authorized +2017-07-09 19:58:04 -------------------------------------------------------------------------------- +2017-07-09 19:58:04 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 19:58:04 user readOne with user stubailo is authorized +2017-07-09 19:58:04 following readMany with user stubailo is authorized +2017-07-09 19:58:04 -------------------------------------------------------------------------------- +2017-07-09 19:58:04 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-07-09 19:58:04 user readOne with user stubailo is authorized +2017-07-09 19:58:04 following readMany with user stubailo is authorized +2017-07-09 19:58:04 -------------------------------------------------------------------------------- +2017-07-09 19:58:04 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 19:58:04 user readOne with user stubailo is authorized +2017-07-09 19:58:04 following readMany with user stubailo is authorized +2017-07-09 19:58:04 -------------------------------------------------------------------------------- +2017-07-09 19:58:04 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets { + id + createdAt + } + } +} + +2017-07-09 19:58:04 user readOne with user stubailo is authorized +2017-07-09 19:58:04 tweets readMany with user stubailo is authorized +2017-07-09 19:58:04 -------------------------------------------------------------------------------- +2017-07-09 19:58:04 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(limit: 1) { + id + createdAt + } + } +} + +2017-07-09 19:58:04 user readOne with user stubailo is authorized +2017-07-09 19:58:04 tweets readMany with user stubailo is authorized +2017-07-09 19:58:04 -------------------------------------------------------------------------------- +2017-07-09 19:58:04 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } + } +} + +2017-07-09 19:58:04 user readOne with user stubailo is authorized +2017-07-09 19:58:04 tweets readMany with user stubailo is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } + } +} + +2017-07-09 19:58:05 user readOne with user stubailo is authorized +2017-07-09 19:58:05 tweets readMany with user stubailo is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked { + id + createdAt + } + } +} + +2017-07-09 19:58:05 user readOne with user stubailo is authorized +2017-07-09 19:58:05 liked readMany with user stubailo is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(limit: 1) { + id + createdAt + } + } +} + +2017-07-09 19:58:05 user readOne with user stubailo is authorized +2017-07-09 19:58:05 liked readMany with user stubailo is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334) { + id + createdAt + } + } +} + +2017-07-09 19:58:05 user readOne with user stubailo is authorized +2017-07-09 19:58:05 liked readMany with user stubailo is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334, limit: 1) { + id + createdAt + } + } +} + +2017-07-09 19:58:05 user readOne with user stubailo is authorized +2017-07-09 19:58:05 liked readMany with user stubailo is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + id + body + } +} + +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + author { + username + } + } +} + +2017-07-09 19:58:05 tweet readOne with user stubailo is authorized +2017-07-09 19:58:05 tweet readOne with user stubailo is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets { + id + createdAt + } +} + +2017-07-09 19:58:05 tweets readMany with user stubailo is authorized +2017-07-09 19:58:05 author readOne with user stubailo is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(limit: 1) { + id + createdAt + } +} + +2017-07-09 19:58:05 tweets readMany with user stubailo is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } +} + +2017-07-09 19:58:05 tweets readMany with user stubailo is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } +} + +2017-07-09 19:58:05 tweets readMany with user stubailo is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers { + username + createdAt + } + } +} + +2017-07-09 19:58:05 tweet readOne with user stubailo is authorized +2017-07-09 19:58:05 likers readMany with user stubailo is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 19:58:05 tweet readOne with user stubailo is authorized +2017-07-09 19:58:05 likers readMany with user stubailo is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993) { + username + createdAt + } + } +} + +2017-07-09 19:58:05 tweet readOne with user stubailo is authorized +2017-07-09 19:58:05 likers readMany with user stubailo is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 19:58:05 tweet readOne with user stubailo is authorized +2017-07-09 19:58:05 likers readMany with user stubailo is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { + id + role + } +} + +2017-07-09 19:58:05 insert user create with user stubailo is authorized +2017-07-09 19:58:05 inserted user 59626ead9506339804845128. +2017-07-09 19:58:05 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "admin", id: "59626ead9506339804845128", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-07-09 19:58:05 insert user create with user tobkle is authorized +2017-07-09 19:58:05 inserted user 59626ead9506339804845129. +2017-07-09 19:58:05 pubsub userInserted readOne with user tobkle is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "admin", id: "59626ead9506339804845128", +Operation: "", variables: "", +Query: +{ + user(id: "59626ead9506339804845129") { + username + bio + role + } +} + +2017-07-09 19:58:05 user readOne with user tobkle is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "admin", id: "59626ead9506339804845128", +Operation: "", variables: "", +Query: +{ + user(id: "59626ead9506339804845128") { + username + role + } +} + +2017-07-09 19:58:05 user readOne with user tobkle is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "admin", id: "59626ead9506339804845128", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59626ead9506339804845129", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-07-09 19:58:05 update user update with user tobkle is authorized +2017-07-09 19:58:05 updated user 59626ead9506339804845129. +2017-07-09 19:58:05 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "admin", id: "59626ead9506339804845128", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59626ead9506339804845128", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 19:58:05 update user update with user tobkle is authorized +2017-07-09 19:58:05 updated user 59626ead9506339804845128. +2017-07-09 19:58:05 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "admin", id: "59626ead9506339804845128", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59626ead9506339804845129", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 19:58:05 update user update with user tobkle is authorized +2017-07-09 19:58:05 updated user 59626ead9506339804845129. +2017-07-09 19:58:05 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "admin", id: "59626ead9506339804845128", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59626ead9506339804845128", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-07-09 19:58:05 update user update with user tobkle is authorized +2017-07-09 19:58:05 updated user 59626ead9506339804845128. +2017-07-09 19:58:05 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "editor", id: "59626ead9506339804845128", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59626ead9506339804845128", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "_id": "59626ead9506339804845128" + } + ] +} +2017-07-09 19:58:05 ERROR Not authorized to update field "role" +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "zoltan", role: "admin", id: "59626ead9506339804845129", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59626ead9506339804845128", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 19:58:05 update user update with user zoltan is authorized +2017-07-09 19:58:05 updated user 59626ead9506339804845128. +2017-07-09 19:58:05 pubsub userUpdated readOne with user zoltan is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "admin", id: "59626ead9506339804845128", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59626ead9506339804845129") +} + +2017-07-09 19:58:05 removeUser delete with user tobkle is authorized +2017-07-09 19:58:05 removed user 59626ead9506339804845129. +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "admin", id: "59626ead9506339804845128", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59626ead9506339804845128", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 19:58:05 insert tweet create with user tobkle is authorized +2017-07-09 19:58:05 inserted tweet 59626ead950633980484512a. +2017-07-09 19:58:05 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "admin", id: "59626ead9506339804845128", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 19:58:05 insert tweet create with user tobkle is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "admin", id: "59626ead9506339804845128", +Operation: "", variables: "", +Query: +{ + tweet(id: "59626ead950633980484512a") { + author { + id + } + body + } +} + +2017-07-09 19:58:05 tweet readOne with user tobkle is authorized +2017-07-09 19:58:05 inserted tweet 59626ead950633980484512b. +2017-07-09 19:58:05 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 19:58:05 author readOne with user tobkle is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "admin", id: "59626ead9506339804845128", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 19:58:05 tweet readOne with user tobkle is authorized +2017-07-09 19:58:05 author readOne with user tobkle is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "admin", id: "59626ead9506339804845128", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59626ead950633980484512a", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 19:58:05 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 19:58:05 update tweet update with user tobkle is authorized +2017-07-09 19:58:05 updated tweet 59626ead950633980484512a. +2017-07-09 19:58:05 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "admin", id: "59626ead9506339804845128", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59626ead950633980484512b", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 19:58:05 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 19:58:05 update tweet update with user tobkle is authorized +2017-07-09 19:58:05 updated tweet 59626ead950633980484512b. +2017-07-09 19:58:05 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "admin", id: "59626ead9506339804845128", +Operation: "", variables: "", +Query: +{ + tweet(id: "59626ead950633980484512a") { + body + } +} + +2017-07-09 19:58:05 tweet readOne with user tobkle is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "admin", id: "59626ead9506339804845128", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59626ead950633980484512a") +} + +2017-07-09 19:58:05 removeTweet delete with user tobkle is authorized +2017-07-09 19:58:05 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 19:58:05 removed tweet 59626ead950633980484512a. +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "admin", id: "59626ead9506339804845128", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59626ead950633980484512b") +} + +2017-07-09 19:58:05 removeTweet delete with user tobkle is authorized +2017-07-09 19:58:05 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 19:58:05 removed tweet 59626ead950633980484512b. +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "admin", id: "59626ead9506339804845128", +Operation: "", variables: "", +Query: +{ + tweet(id: "59626ead950633980484512a") { + body + } +} + +2017-07-09 19:58:05 tweet readOne with user tobkle is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "admin", id: "59626ead9506339804845128", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59626ead9506339804845128") +} + +2017-07-09 19:58:05 removeUser delete with user tobkle is authorized +2017-07-09 19:58:05 removed user 59626ead9506339804845128. +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59626ead9506339804845128") { + username + bio + role + } +} + +2017-07-09 19:58:05 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-07-09 19:58:05 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 19:58:05 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 19:58:05 ERROR Authorization: Not authorized to update in update user. +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 19:58:05 ERROR Authorization: Not authorized to delete in removeUser. +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 19:58:05 ERROR Authorization: Not authorized to create in insert tweet. +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 19:58:05 tweet readOne with user is authorized +2017-07-09 19:58:05 ERROR Authorization: Not authorized to readOne in author. +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 19:58:05 tweet getOneById in updateById for docBefore readOne with user is authorized +2017-07-09 19:58:05 ERROR Authorization: Not authorized to update in update tweet. +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 19:58:05 tweet getOneById in updateById for docBefore readOne with user is authorized +2017-07-09 19:58:05 ERROR Authorization: Not authorized to update in update tweet. +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 19:58:05 ERROR Authorization: Not authorized to delete in removeTweet. +2017-07-09 19:58:05 tweet getOneById in removeById for docBefore readOne with user is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { + id + role + } +} + +2017-07-09 19:58:05 insert user create with user stubailo is authorized +2017-07-09 19:58:05 inserted user 59626ead950633980484512c. +2017-07-09 19:58:05 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "user", id: "59626ead950633980484512c", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-07-09 19:58:05 authQuery: { + "$or": [] +} +2017-07-09 19:58:05 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "user", id: "59626ead950633980484512c", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "_id": "59626ead950633980484512c" + } + ] +} +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "user", id: "59626ead950633980484512c", +Operation: "", variables: "", +Query: +{ + user(id: "59626ead950633980484512c") { + username + } +} + +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "_id": "59626ead950633980484512c" + } + ] +} +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "user", id: "59626ead950633980484512c", +Operation: "", variables: "", +Query: +{ + user(id: "59626ead950633980484512c") { + username + role + } +} + +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "_id": "59626ead950633980484512c" + } + ] +} +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "user", id: "59626ead950633980484512c", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "_id": "59626ead950633980484512c" + } + ] +} +2017-07-09 19:58:05 ERROR Not authorized to update user +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "user", id: "59626ead950633980484512c", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59626ead950633980484512c", input: {username: "tobkle", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "_id": "59626ead950633980484512c" + } + ] +} +2017-07-09 19:58:05 updated user 59626ead950633980484512c. +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "_id": "59626ead950633980484512c" + } + ] +} +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "user", id: "59626ead950633980484512c", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59626ead950633980484512c", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "_id": "59626ead950633980484512c" + } + ] +} +2017-07-09 19:58:05 ERROR Not authorized to update field "role" +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "user", id: "59626ead950633980484512c", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "_id": "59626ead950633980484512c" + } + ] +} +2017-07-09 19:58:05 ERROR remove user failed for finalQuery: { + "_id": "583291a1638566b3c5a92ca1", + "$or": [ + { + "_id": "59626ead950633980484512c" + } + ] +} +2017-07-09 19:58:05 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "user", id: "59626ead950633980484512c", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59626ead950633980484512c", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "authorId": "59626ead950633980484512c" + } + ] +} +2017-07-09 19:58:05 inserted tweet 59626ead950633980484512d. +2017-07-09 19:58:05 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "user", id: "59626ead950633980484512c", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "authorId": "59626ead950633980484512c" + } + ] +} +2017-07-09 19:58:05 ERROR Not authorized to insert tweet +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "user", id: "59626ead950633980484512c", +Operation: "", variables: "", +Query: +{ + tweet(id: "59626ead950633980484512d") { + author { + id + } + body + } +} + +2017-07-09 19:58:05 tweet readOne with user tobkle is authorized +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "_id": "59626ead950633980484512c" + } + ] +} +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "user", id: "59626ead950633980484512c", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 19:58:05 tweet readOne with user tobkle is authorized +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "_id": "59626ead950633980484512c" + } + ] +} +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "user", id: "59626ead950633980484512c", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59626ead950633980484512d", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 19:58:05 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "authorId": "59626ead950633980484512c" + }, + { + "coauthorsIds": "59626ead950633980484512c" + } + ] +} +2017-07-09 19:58:05 updated tweet 59626ead950633980484512d. +2017-07-09 19:58:05 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "user", id: "59626ead950633980484512c", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 19:58:05 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "authorId": "59626ead950633980484512c" + }, + { + "coauthorsIds": "59626ead950633980484512c" + } + ] +} +2017-07-09 19:58:05 ERROR Not authorized to update tweet +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "user", id: "59626ead950633980484512c", +Operation: "", variables: "", +Query: +{ + tweet(id: "59626ead950633980484512d") { + body + } +} + +2017-07-09 19:58:05 tweet readOne with user tobkle is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "user", id: "59626ead950633980484512c", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59626ead950633980484512d") +} + +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "authorId": "59626ead950633980484512c" + } + ] +} +2017-07-09 19:58:05 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 19:58:05 removed tweet 59626ead950633980484512d. +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "user", id: "59626ead950633980484512c", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "authorId": "59626ead950633980484512c" + } + ] +} +2017-07-09 19:58:05 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 19:58:05 ERROR remove tweet failed for finalQuery: { + "_id": "583676d3618530145474e352", + "$or": [ + { + "authorId": "59626ead950633980484512c" + } + ] +} +2017-07-09 19:58:05 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "user", id: "59626ead950633980484512c", +Operation: "", variables: "", +Query: +{ + tweet(id: "59626ead950633980484512d") { + body + } +} + +2017-07-09 19:58:05 tweet readOne with user tobkle is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "user", id: "59626ead950633980484512c", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59626ead950633980484512c") +} + +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "_id": "59626ead950633980484512c" + } + ] +} +2017-07-09 19:58:05 removed user 59626ead950633980484512c. +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59626ead950633980484512c") { + username + bio + role + } +} + +2017-07-09 19:58:05 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { + id + role + } +} + +2017-07-09 19:58:05 insert user create with user stubailo is authorized +2017-07-09 19:58:05 inserted user 59626ead950633980484512e. +2017-07-09 19:58:05 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "editor", id: "59626ead950633980484512e", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-07-09 19:58:05 authQuery: { + "$or": [] +} +2017-07-09 19:58:05 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "editor", id: "59626ead950633980484512e", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "_id": "59626ead950633980484512e" + } + ] +} +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "editor", id: "59626ead950633980484512e", +Operation: "", variables: "", +Query: +{ + user(id: "59626ead950633980484512e") { + username + role + } +} + +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "_id": "59626ead950633980484512e" + } + ] +} +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "editor", id: "59626ead950633980484512e", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "_id": "59626ead950633980484512e" + } + ] +} +2017-07-09 19:58:05 ERROR Not authorized to update user +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "editor", id: "59626ead950633980484512e", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59626ead950633980484512e", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "_id": "59626ead950633980484512e" + } + ] +} +2017-07-09 19:58:05 updated user 59626ead950633980484512e. +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "_id": "59626ead950633980484512e" + } + ] +} +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tmeasday", role: "editor", id: "59626ead950633980484512e", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59626ead950633980484512e", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "_id": "59626ead950633980484512e" + } + ] +} +2017-07-09 19:58:05 ERROR Not authorized to update field "role" +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tmeasday", role: "editor", id: "59626ead950633980484512e", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "_id": "59626ead950633980484512e" + } + ] +} +2017-07-09 19:58:05 ERROR remove user failed for finalQuery: { + "_id": "583291a1638566b3c5a92ca1", + "$or": [ + { + "_id": "59626ead950633980484512e" + } + ] +} +2017-07-09 19:58:05 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tmeasday", role: "editor", id: "59626ead950633980484512e", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59626ead950633980484512e", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "authorId": "59626ead950633980484512e" + } + ] +} +2017-07-09 19:58:05 inserted tweet 59626ead950633980484512f. +2017-07-09 19:58:05 pubsub tweetInserted readOne with user tmeasday is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tmeasday", role: "editor", id: "59626ead950633980484512e", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "authorId": "59626ead950633980484512e" + } + ] +} +2017-07-09 19:58:05 ERROR Not authorized to insert tweet +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tmeasday", role: "editor", id: "59626ead950633980484512e", +Operation: "", variables: "", +Query: +{ + tweet(id: "59626ead950633980484512f") { + author { + id + } + body + } +} + +2017-07-09 19:58:05 tweet readOne with user tmeasday is authorized +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "_id": "59626ead950633980484512e" + } + ] +} +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tmeasday", role: "editor", id: "59626ead950633980484512e", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 19:58:05 tweet readOne with user tmeasday is authorized +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "_id": "59626ead950633980484512e" + } + ] +} +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tmeasday", role: "editor", id: "59626ead950633980484512e", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59626ead950633980484512f", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 19:58:05 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "authorId": "59626ead950633980484512e" + }, + { + "coauthorsIds": "59626ead950633980484512e" + } + ] +} +2017-07-09 19:58:05 updated tweet 59626ead950633980484512f. +2017-07-09 19:58:05 pubsub tweetUpdated readOne with user tmeasday is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tmeasday", role: "editor", id: "59626ead950633980484512e", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 19:58:05 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "authorId": "59626ead950633980484512e" + }, + { + "coauthorsIds": "59626ead950633980484512e" + } + ] +} +2017-07-09 19:58:05 ERROR Not authorized to update tweet +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tmeasday", role: "editor", id: "59626ead950633980484512e", +Operation: "", variables: "", +Query: +{ + tweet(id: "59626ead950633980484512f") { + body + } +} + +2017-07-09 19:58:05 tweet readOne with user tmeasday is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tmeasday", role: "editor", id: "59626ead950633980484512e", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59626ead950633980484512f") +} + +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "authorId": "59626ead950633980484512e" + } + ] +} +2017-07-09 19:58:05 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized +2017-07-09 19:58:05 removed tweet 59626ead950633980484512f. +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tmeasday", role: "editor", id: "59626ead950633980484512e", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "authorId": "59626ead950633980484512e" + } + ] +} +2017-07-09 19:58:05 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized +2017-07-09 19:58:05 ERROR remove tweet failed for finalQuery: { + "_id": "583676d3618530145474e352", + "$or": [ + { + "authorId": "59626ead950633980484512e" + } + ] +} +2017-07-09 19:58:05 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tmeasday", role: "editor", id: "59626ead950633980484512e", +Operation: "", variables: "", +Query: +{ + tweet(id: "59626ead950633980484512f") { + body + } +} + +2017-07-09 19:58:05 tweet readOne with user tmeasday is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tmeasday", role: "editor", id: "59626ead950633980484512e", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59626ead950633980484512e") +} + +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "_id": "59626ead950633980484512e" + } + ] +} +2017-07-09 19:58:05 removed user 59626ead950633980484512e. +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59626ead950633980484512e") { + username + bio + role + } +} + +2017-07-09 19:58:05 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 19:59:58 Logger started +2017-07-09 20:01:09 Logger started +2017-07-09 20:03:22 Logger started +2017-07-09 20:04:03 -------------------------------------------------------------------------------- +2017-07-09 20:04:03 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + role + username + } +} + +2017-07-09 20:04:15 user readOne with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + role + username + } +} + +2017-07-09 20:04:15 user readOne with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca2") { + role + username + } +} + +2017-07-09 20:04:15 user readOne with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + id + username + bio + } +} + +2017-07-09 20:04:15 user readOne with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users { + username + createdAt + } +} + +2017-07-09 20:04:15 users readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(limit: 1) { + username + createdAt + } +} + +2017-07-09 20:04:15 users readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993) { + username + createdAt + } +} + +2017-07-09 20:04:15 users readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } +} + +2017-07-09 20:04:15 users readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers { + username + createdAt + } + } +} + +2017-07-09 20:04:15 user readOne with user stubailo is authorized +2017-07-09 20:04:15 followers readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:04:15 user readOne with user stubailo is authorized +2017-07-09 20:04:15 followers readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-07-09 20:04:15 user readOne with user stubailo is authorized +2017-07-09 20:04:15 followers readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:04:15 user readOne with user stubailo is authorized +2017-07-09 20:04:15 followers readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following { + username + createdAt + } + } +} + +2017-07-09 20:04:15 user readOne with user stubailo is authorized +2017-07-09 20:04:15 following readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:04:15 user readOne with user stubailo is authorized +2017-07-09 20:04:15 following readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-07-09 20:04:15 user readOne with user stubailo is authorized +2017-07-09 20:04:15 following readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:04:15 user readOne with user stubailo is authorized +2017-07-09 20:04:15 following readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets { + id + createdAt + } + } +} + +2017-07-09 20:04:15 user readOne with user stubailo is authorized +2017-07-09 20:04:15 tweets readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(limit: 1) { + id + createdAt + } + } +} + +2017-07-09 20:04:15 user readOne with user stubailo is authorized +2017-07-09 20:04:15 tweets readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } + } +} + +2017-07-09 20:04:15 user readOne with user stubailo is authorized +2017-07-09 20:04:15 tweets readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } + } +} + +2017-07-09 20:04:15 user readOne with user stubailo is authorized +2017-07-09 20:04:15 tweets readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked { + id + createdAt + } + } +} + +2017-07-09 20:04:15 user readOne with user stubailo is authorized +2017-07-09 20:04:15 liked readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(limit: 1) { + id + createdAt + } + } +} + +2017-07-09 20:04:15 user readOne with user stubailo is authorized +2017-07-09 20:04:15 liked readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334) { + id + createdAt + } + } +} + +2017-07-09 20:04:15 user readOne with user stubailo is authorized +2017-07-09 20:04:15 liked readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334, limit: 1) { + id + createdAt + } + } +} + +2017-07-09 20:04:15 user readOne with user stubailo is authorized +2017-07-09 20:04:15 liked readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + author { + username + } + } +} + +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + id + body + } +} + +2017-07-09 20:04:15 tweet readOne with user stubailo is authorized +2017-07-09 20:04:15 tweet readOne with user stubailo is authorized +2017-07-09 20:04:15 author readOne with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets { + id + createdAt + } +} + +2017-07-09 20:04:15 tweets readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(limit: 1) { + id + createdAt + } +} + +2017-07-09 20:04:15 tweets readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } +} + +2017-07-09 20:04:15 tweets readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } +} + +2017-07-09 20:04:15 tweets readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers { + username + createdAt + } + } +} + +2017-07-09 20:04:15 tweet readOne with user stubailo is authorized +2017-07-09 20:04:15 likers readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:04:15 tweet readOne with user stubailo is authorized +2017-07-09 20:04:15 likers readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993) { + username + createdAt + } + } +} + +2017-07-09 20:04:15 tweet readOne with user stubailo is authorized +2017-07-09 20:04:15 likers readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:04:15 tweet readOne with user stubailo is authorized +2017-07-09 20:04:15 likers readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { + id + role + } +} + +2017-07-09 20:04:15 insert user create with user stubailo is authorized +2017-07-09 20:04:15 inserted user 5962701fbd5b289911a30965. +2017-07-09 20:04:15 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-07-09 20:04:15 insert user create with user tobkle is authorized +2017-07-09 20:04:15 inserted user 5962701fbd5b289911a30966. +2017-07-09 20:04:15 pubsub userInserted readOne with user tobkle is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", +Operation: "", variables: "", +Query: +{ + user(id: "5962701fbd5b289911a30966") { + username + bio + role + } +} + +2017-07-09 20:04:15 user readOne with user tobkle is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", +Operation: "", variables: "", +Query: +{ + user(id: "5962701fbd5b289911a30965") { + username + role + } +} + +2017-07-09 20:04:15 user readOne with user tobkle is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "5962701fbd5b289911a30966", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-07-09 20:04:15 update user update with user tobkle is authorized +2017-07-09 20:04:15 updated user 5962701fbd5b289911a30966. +2017-07-09 20:04:15 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "5962701fbd5b289911a30965", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:04:15 update user update with user tobkle is authorized +2017-07-09 20:04:15 updated user 5962701fbd5b289911a30965. +2017-07-09 20:04:15 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "5962701fbd5b289911a30966", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:04:15 update user update with user tobkle is authorized +2017-07-09 20:04:15 updated user 5962701fbd5b289911a30966. +2017-07-09 20:04:15 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "5962701fbd5b289911a30965", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-07-09 20:04:15 update user update with user tobkle is authorized +2017-07-09 20:04:15 updated user 5962701fbd5b289911a30965. +2017-07-09 20:04:15 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "editor", id: "5962701fbd5b289911a30965", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "5962701fbd5b289911a30965", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:04:15 authQuery: { + "$or": [ + { + "_id": "5962701fbd5b289911a30965" + } + ] +} +2017-07-09 20:04:15 ERROR Not authorized to update field "role" +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "zoltan", role: "admin", id: "5962701fbd5b289911a30966", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "5962701fbd5b289911a30965", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:04:15 update user update with user zoltan is authorized +2017-07-09 20:04:15 updated user 5962701fbd5b289911a30965. +2017-07-09 20:04:15 pubsub userUpdated readOne with user zoltan is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "5962701fbd5b289911a30966") +} + +2017-07-09 20:04:15 removeUser delete with user tobkle is authorized +2017-07-09 20:04:15 removed user 5962701fbd5b289911a30966. +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "5962701fbd5b289911a30965", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 20:04:15 insert tweet create with user tobkle is authorized +2017-07-09 20:04:15 inserted tweet 5962701fbd5b289911a30967. +2017-07-09 20:04:15 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", +Operation: "", variables: "", +Query: +{ + tweet(id: "5962701fbd5b289911a30967") { + author { + id + } + body + } +} + +2017-07-09 20:04:15 tweet readOne with user tobkle is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 20:04:15 insert tweet create with user tobkle is authorized +2017-07-09 20:04:15 author readOne with user tobkle is authorized +2017-07-09 20:04:15 inserted tweet 5962701fbd5b289911a30968. +2017-07-09 20:04:15 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 20:04:15 tweet readOne with user tobkle is authorized +2017-07-09 20:04:15 author readOne with user tobkle is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "5962701fbd5b289911a30967", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:04:15 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 20:04:15 update tweet update with user tobkle is authorized +2017-07-09 20:04:15 updated tweet 5962701fbd5b289911a30967. +2017-07-09 20:04:15 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "5962701fbd5b289911a30968", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:04:15 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 20:04:15 update tweet update with user tobkle is authorized +2017-07-09 20:04:15 updated tweet 5962701fbd5b289911a30968. +2017-07-09 20:04:15 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", +Operation: "", variables: "", +Query: +{ + tweet(id: "5962701fbd5b289911a30967") { + body + } +} + +2017-07-09 20:04:15 tweet readOne with user tobkle is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "5962701fbd5b289911a30967") +} + +2017-07-09 20:04:15 removeTweet delete with user tobkle is authorized +2017-07-09 20:04:15 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 20:04:15 removed tweet 5962701fbd5b289911a30967. +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "5962701fbd5b289911a30968") +} + +2017-07-09 20:04:15 removeTweet delete with user tobkle is authorized +2017-07-09 20:04:15 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 20:04:15 removed tweet 5962701fbd5b289911a30968. +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", +Operation: "", variables: "", +Query: +{ + tweet(id: "5962701fbd5b289911a30967") { + body + } +} + +2017-07-09 20:04:15 tweet readOne with user tobkle is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "5962701fbd5b289911a30965") +} + +2017-07-09 20:04:15 removeUser delete with user tobkle is authorized +2017-07-09 20:04:15 removed user 5962701fbd5b289911a30965. +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "5962701fbd5b289911a30965") { + username + bio + role + } +} + +2017-07-09 20:04:15 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-07-09 20:04:15 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 20:04:15 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:04:15 ERROR Authorization: Not authorized to update in update user. +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 20:04:15 ERROR Authorization: Not authorized to delete in removeUser. +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 20:04:15 ERROR Authorization: Not authorized to create in insert tweet. +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 20:04:15 tweet readOne with user is authorized +2017-07-09 20:04:15 ERROR Authorization: Not authorized to readOne in author. +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:04:15 tweet getOneById in updateById for docBefore readOne with user is authorized +2017-07-09 20:04:15 ERROR Authorization: Not authorized to update in update tweet. +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:04:15 tweet getOneById in updateById for docBefore readOne with user is authorized +2017-07-09 20:04:15 ERROR Authorization: Not authorized to update in update tweet. +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 20:04:15 ERROR Authorization: Not authorized to delete in removeTweet. +2017-07-09 20:04:15 tweet getOneById in removeById for docBefore readOne with user is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { + id + role + } +} + +2017-07-09 20:04:15 insert user create with user stubailo is authorized +2017-07-09 20:04:15 inserted user 5962701fbd5b289911a30969. +2017-07-09 20:04:15 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-07-09 20:04:15 authQuery: { + "$or": [] +} +2017-07-09 20:04:15 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 20:04:15 authQuery: { + "$or": [ + { + "_id": "5962701fbd5b289911a30969" + } + ] +} +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", +Operation: "", variables: "", +Query: +{ + user(id: "5962701fbd5b289911a30969") { + username + } +} + +2017-07-09 20:04:15 authQuery: { + "$or": [ + { + "_id": "5962701fbd5b289911a30969" + } + ] +} +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", +Operation: "", variables: "", +Query: +{ + user(id: "5962701fbd5b289911a30969") { + username + role + } +} + +2017-07-09 20:04:15 authQuery: { + "$or": [ + { + "_id": "5962701fbd5b289911a30969" + } + ] +} +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:04:15 authQuery: { + "$or": [ + { + "_id": "5962701fbd5b289911a30969" + } + ] +} +2017-07-09 20:04:15 ERROR Not authorized to update user +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "5962701fbd5b289911a30969", input: {username: "tobkle", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-07-09 20:04:15 authQuery: { + "$or": [ + { + "_id": "5962701fbd5b289911a30969" + } + ] +} +2017-07-09 20:04:15 updated user 5962701fbd5b289911a30969. +2017-07-09 20:04:15 authQuery: { + "$or": [ + { + "_id": "5962701fbd5b289911a30969" + } + ] +} +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "5962701fbd5b289911a30969", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:04:15 authQuery: { + "$or": [ + { + "_id": "5962701fbd5b289911a30969" + } + ] +} +2017-07-09 20:04:15 ERROR Not authorized to update field "role" +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 20:04:16 authQuery: { + "$or": [ + { + "_id": "5962701fbd5b289911a30969" + } + ] +} +2017-07-09 20:04:16 ERROR remove user failed for finalQuery: { + "_id": "583291a1638566b3c5a92ca1", + "$or": [ + { + "_id": "5962701fbd5b289911a30969" + } + ] +} +2017-07-09 20:04:16 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "5962701fbd5b289911a30969", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 20:04:16 authQuery: { + "$or": [ + { + "authorId": "5962701fbd5b289911a30969" + } + ] +} +2017-07-09 20:04:16 inserted tweet 59627020bd5b289911a3096a. +2017-07-09 20:04:16 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 20:04:16 authQuery: { + "$or": [ + { + "authorId": "5962701fbd5b289911a30969" + } + ] +} +2017-07-09 20:04:16 ERROR Not authorized to insert tweet +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", +Operation: "", variables: "", +Query: +{ + tweet(id: "59627020bd5b289911a3096a") { + author { + id + } + body + } +} + +2017-07-09 20:04:16 tweet readOne with user tobkle is authorized +2017-07-09 20:04:16 authQuery: { + "$or": [ + { + "_id": "5962701fbd5b289911a30969" + } + ] +} +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 20:04:16 tweet readOne with user tobkle is authorized +2017-07-09 20:04:16 authQuery: { + "$or": [ + { + "_id": "5962701fbd5b289911a30969" + } + ] +} +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59627020bd5b289911a3096a", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:04:16 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 20:04:16 authQuery: { + "$or": [ + { + "authorId": "5962701fbd5b289911a30969" + }, + { + "coauthorsIds": "5962701fbd5b289911a30969" + } + ] +} +2017-07-09 20:04:16 updated tweet 59627020bd5b289911a3096a. +2017-07-09 20:04:16 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:04:16 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 20:04:16 authQuery: { + "$or": [ + { + "authorId": "5962701fbd5b289911a30969" + }, + { + "coauthorsIds": "5962701fbd5b289911a30969" + } + ] +} +2017-07-09 20:04:16 ERROR Not authorized to update tweet +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", +Operation: "", variables: "", +Query: +{ + tweet(id: "59627020bd5b289911a3096a") { + body + } +} + +2017-07-09 20:04:16 tweet readOne with user tobkle is authorized +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59627020bd5b289911a3096a") +} + +2017-07-09 20:04:16 authQuery: { + "$or": [ + { + "authorId": "5962701fbd5b289911a30969" + } + ] +} +2017-07-09 20:04:16 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 20:04:16 removed tweet 59627020bd5b289911a3096a. +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 20:04:16 authQuery: { + "$or": [ + { + "authorId": "5962701fbd5b289911a30969" + } + ] +} +2017-07-09 20:04:16 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 20:04:16 ERROR remove tweet failed for finalQuery: { + "_id": "583676d3618530145474e352", + "$or": [ + { + "authorId": "5962701fbd5b289911a30969" + } + ] +} +2017-07-09 20:04:16 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", +Operation: "", variables: "", +Query: +{ + tweet(id: "59627020bd5b289911a3096a") { + body + } +} + +2017-07-09 20:04:16 tweet readOne with user tobkle is authorized +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "5962701fbd5b289911a30969") +} + +2017-07-09 20:04:16 authQuery: { + "$or": [ + { + "_id": "5962701fbd5b289911a30969" + } + ] +} +2017-07-09 20:04:16 removed user 5962701fbd5b289911a30969. +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "5962701fbd5b289911a30969") { + username + bio + role + } +} + +2017-07-09 20:04:16 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { + id + role + } +} + +2017-07-09 20:04:16 insert user create with user stubailo is authorized +2017-07-09 20:04:16 inserted user 59627020bd5b289911a3096b. +2017-07-09 20:04:16 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tobkle", role: "editor", id: "59627020bd5b289911a3096b", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-07-09 20:04:16 authQuery: { + "$or": [] +} +2017-07-09 20:04:16 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tobkle", role: "editor", id: "59627020bd5b289911a3096b", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 20:04:16 authQuery: { + "$or": [ + { + "_id": "59627020bd5b289911a3096b" + } + ] +} +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tobkle", role: "editor", id: "59627020bd5b289911a3096b", +Operation: "", variables: "", +Query: +{ + user(id: "59627020bd5b289911a3096b") { + username + role + } +} + +2017-07-09 20:04:16 authQuery: { + "$or": [ + { + "_id": "59627020bd5b289911a3096b" + } + ] +} +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tobkle", role: "editor", id: "59627020bd5b289911a3096b", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:04:16 authQuery: { + "$or": [ + { + "_id": "59627020bd5b289911a3096b" + } + ] +} +2017-07-09 20:04:16 ERROR Not authorized to update user +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tobkle", role: "editor", id: "59627020bd5b289911a3096b", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59627020bd5b289911a3096b", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-07-09 20:04:16 authQuery: { + "$or": [ + { + "_id": "59627020bd5b289911a3096b" + } + ] +} +2017-07-09 20:04:16 updated user 59627020bd5b289911a3096b. +2017-07-09 20:04:16 authQuery: { + "$or": [ + { + "_id": "59627020bd5b289911a3096b" + } + ] +} +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tmeasday", role: "editor", id: "59627020bd5b289911a3096b", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59627020bd5b289911a3096b", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:04:16 authQuery: { + "$or": [ + { + "_id": "59627020bd5b289911a3096b" + } + ] +} +2017-07-09 20:04:16 ERROR Not authorized to update field "role" +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tmeasday", role: "editor", id: "59627020bd5b289911a3096b", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 20:04:16 authQuery: { + "$or": [ + { + "_id": "59627020bd5b289911a3096b" + } + ] +} +2017-07-09 20:04:16 ERROR remove user failed for finalQuery: { + "_id": "583291a1638566b3c5a92ca1", + "$or": [ + { + "_id": "59627020bd5b289911a3096b" + } + ] +} +2017-07-09 20:04:16 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tmeasday", role: "editor", id: "59627020bd5b289911a3096b", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59627020bd5b289911a3096b", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 20:04:16 authQuery: { + "$or": [ + { + "authorId": "59627020bd5b289911a3096b" + } + ] +} +2017-07-09 20:04:16 inserted tweet 59627020bd5b289911a3096c. +2017-07-09 20:04:16 pubsub tweetInserted readOne with user tmeasday is authorized +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tmeasday", role: "editor", id: "59627020bd5b289911a3096b", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 20:04:16 authQuery: { + "$or": [ + { + "authorId": "59627020bd5b289911a3096b" + } + ] +} +2017-07-09 20:04:16 ERROR Not authorized to insert tweet +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tmeasday", role: "editor", id: "59627020bd5b289911a3096b", +Operation: "", variables: "", +Query: +{ + tweet(id: "59627020bd5b289911a3096c") { + author { + id + } + body + } +} + +2017-07-09 20:04:16 tweet readOne with user tmeasday is authorized +2017-07-09 20:04:16 authQuery: { + "$or": [ + { + "_id": "59627020bd5b289911a3096b" + } + ] +} +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tmeasday", role: "editor", id: "59627020bd5b289911a3096b", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 20:04:16 tweet readOne with user tmeasday is authorized +2017-07-09 20:04:16 authQuery: { + "$or": [ + { + "_id": "59627020bd5b289911a3096b" + } + ] +} +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tmeasday", role: "editor", id: "59627020bd5b289911a3096b", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59627020bd5b289911a3096c", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:04:16 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized +2017-07-09 20:04:16 authQuery: { + "$or": [ + { + "authorId": "59627020bd5b289911a3096b" + }, + { + "coauthorsIds": "59627020bd5b289911a3096b" + } + ] +} +2017-07-09 20:04:16 updated tweet 59627020bd5b289911a3096c. +2017-07-09 20:04:16 pubsub tweetUpdated readOne with user tmeasday is authorized +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tmeasday", role: "editor", id: "59627020bd5b289911a3096b", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:04:16 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized +2017-07-09 20:04:16 authQuery: { + "$or": [ + { + "authorId": "59627020bd5b289911a3096b" + }, + { + "coauthorsIds": "59627020bd5b289911a3096b" + } + ] +} +2017-07-09 20:04:16 ERROR Not authorized to update tweet +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tmeasday", role: "editor", id: "59627020bd5b289911a3096b", +Operation: "", variables: "", +Query: +{ + tweet(id: "59627020bd5b289911a3096c") { + body + } +} + +2017-07-09 20:04:16 tweet readOne with user tmeasday is authorized +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tmeasday", role: "editor", id: "59627020bd5b289911a3096b", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59627020bd5b289911a3096c") +} + +2017-07-09 20:04:16 authQuery: { + "$or": [ + { + "authorId": "59627020bd5b289911a3096b" + } + ] +} +2017-07-09 20:04:16 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized +2017-07-09 20:04:16 removed tweet 59627020bd5b289911a3096c. +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tmeasday", role: "editor", id: "59627020bd5b289911a3096b", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 20:04:16 authQuery: { + "$or": [ + { + "authorId": "59627020bd5b289911a3096b" + } + ] +} +2017-07-09 20:04:16 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized +2017-07-09 20:04:16 ERROR remove tweet failed for finalQuery: { + "_id": "583676d3618530145474e352", + "$or": [ + { + "authorId": "59627020bd5b289911a3096b" + } + ] +} +2017-07-09 20:04:16 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tmeasday", role: "editor", id: "59627020bd5b289911a3096b", +Operation: "", variables: "", +Query: +{ + tweet(id: "59627020bd5b289911a3096c") { + body + } +} + +2017-07-09 20:04:16 tweet readOne with user tmeasday is authorized +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tmeasday", role: "editor", id: "59627020bd5b289911a3096b", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59627020bd5b289911a3096b") +} + +2017-07-09 20:04:16 authQuery: { + "$or": [ + { + "_id": "59627020bd5b289911a3096b" + } + ] +} +2017-07-09 20:04:16 removed user 59627020bd5b289911a3096b. +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59627020bd5b289911a3096b") { + username + bio + role + } +} + +2017-07-09 20:04:16 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 20:05:52 Logger started +2017-07-09 20:28:15 Logger started +2017-07-09 20:29:12 Logger started +2017-07-09 20:30:13 Logger started +2017-07-09 20:30:34 -------------------------------------------------------------------------------- +2017-07-09 20:30:34 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + role + username + } +} + +2017-07-09 20:30:45 user readOne with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + role + username + } +} + +2017-07-09 20:30:45 user readOne with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca2") { + role + username + } +} + +2017-07-09 20:30:45 user readOne with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + id + username + bio + } +} + +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users { + username + createdAt + } +} + +2017-07-09 20:30:45 users readMany with user stubailo is authorized +2017-07-09 20:30:45 user readOne with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(limit: 1) { + username + createdAt + } +} + +2017-07-09 20:30:45 users readMany with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993) { + username + createdAt + } +} + +2017-07-09 20:30:45 users readMany with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } +} + +2017-07-09 20:30:45 users readMany with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers { + username + createdAt + } + } +} + +2017-07-09 20:30:45 user readOne with user stubailo is authorized +2017-07-09 20:30:45 followers readMany with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:30:45 user readOne with user stubailo is authorized +2017-07-09 20:30:45 followers readMany with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-07-09 20:30:45 user readOne with user stubailo is authorized +2017-07-09 20:30:45 followers readMany with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:30:45 user readOne with user stubailo is authorized +2017-07-09 20:30:45 followers readMany with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following { + username + createdAt + } + } +} + +2017-07-09 20:30:45 user readOne with user stubailo is authorized +2017-07-09 20:30:45 following readMany with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:30:45 user readOne with user stubailo is authorized +2017-07-09 20:30:45 following readMany with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-07-09 20:30:45 user readOne with user stubailo is authorized +2017-07-09 20:30:45 following readMany with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:30:45 user readOne with user stubailo is authorized +2017-07-09 20:30:45 following readMany with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets { + id + createdAt + } + } +} + +2017-07-09 20:30:45 user readOne with user stubailo is authorized +2017-07-09 20:30:45 tweets readMany with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(limit: 1) { + id + createdAt + } + } +} + +2017-07-09 20:30:45 user readOne with user stubailo is authorized +2017-07-09 20:30:45 tweets readMany with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } + } +} + +2017-07-09 20:30:45 user readOne with user stubailo is authorized +2017-07-09 20:30:45 tweets readMany with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } + } +} + +2017-07-09 20:30:45 user readOne with user stubailo is authorized +2017-07-09 20:30:45 tweets readMany with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked { + id + createdAt + } + } +} + +2017-07-09 20:30:45 user readOne with user stubailo is authorized +2017-07-09 20:30:45 liked readMany with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(limit: 1) { + id + createdAt + } + } +} + +2017-07-09 20:30:45 user readOne with user stubailo is authorized +2017-07-09 20:30:45 liked readMany with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334) { + id + createdAt + } + } +} + +2017-07-09 20:30:45 user readOne with user stubailo is authorized +2017-07-09 20:30:45 liked readMany with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334, limit: 1) { + id + createdAt + } + } +} + +2017-07-09 20:30:45 user readOne with user stubailo is authorized +2017-07-09 20:30:45 liked readMany with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + id + body + } +} + +2017-07-09 20:30:45 tweet readOne with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + author { + username + } + } +} + +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets { + id + createdAt + } +} + +2017-07-09 20:30:45 tweets readMany with user stubailo is authorized +2017-07-09 20:30:45 tweet readOne with user stubailo is authorized +2017-07-09 20:30:45 author readOne with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(limit: 1) { + id + createdAt + } +} + +2017-07-09 20:30:45 tweets readMany with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } +} + +2017-07-09 20:30:45 tweets readMany with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } +} + +2017-07-09 20:30:45 tweets readMany with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers { + username + createdAt + } + } +} + +2017-07-09 20:30:45 tweet readOne with user stubailo is authorized +2017-07-09 20:30:45 likers readMany with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:30:45 tweet readOne with user stubailo is authorized +2017-07-09 20:30:45 likers readMany with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993) { + username + createdAt + } + } +} + +2017-07-09 20:30:45 tweet readOne with user stubailo is authorized +2017-07-09 20:30:45 likers readMany with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:30:45 tweet readOne with user stubailo is authorized +2017-07-09 20:30:45 likers readMany with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { + id + role + } +} + +2017-07-09 20:30:45 insert user create with user stubailo is authorized +2017-07-09 20:30:45 inserted user 59627655ba519d9b0eb890f9. +2017-07-09 20:30:45 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-07-09 20:30:45 insert user create with user tobkle is authorized +2017-07-09 20:30:45 inserted user 59627655ba519d9b0eb890fa. +2017-07-09 20:30:45 pubsub userInserted readOne with user tobkle is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", +Operation: "", variables: "", +Query: +{ + user(id: "59627655ba519d9b0eb890fa") { + username + bio + role + } +} + +2017-07-09 20:30:45 user readOne with user tobkle is authorized +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", +Operation: "", variables: "", +Query: +{ + user(id: "59627655ba519d9b0eb890f9") { + username + role + } +} + +2017-07-09 20:30:46 user readOne with user tobkle is authorized +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59627655ba519d9b0eb890fa", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-07-09 20:30:46 update user update with user tobkle is authorized +2017-07-09 20:30:46 updated user 59627655ba519d9b0eb890fa. +2017-07-09 20:30:46 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59627655ba519d9b0eb890f9", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:30:46 update user update with user tobkle is authorized +2017-07-09 20:30:46 updated user 59627655ba519d9b0eb890f9. +2017-07-09 20:30:46 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59627655ba519d9b0eb890fa", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:30:46 update user update with user tobkle is authorized +2017-07-09 20:30:46 updated user 59627655ba519d9b0eb890fa. +2017-07-09 20:30:46 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59627655ba519d9b0eb890f9", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-07-09 20:30:46 update user update with user tobkle is authorized +2017-07-09 20:30:46 updated user 59627655ba519d9b0eb890f9. +2017-07-09 20:30:46 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "editor", id: "59627655ba519d9b0eb890f9", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59627655ba519d9b0eb890f9", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "_id": "59627655ba519d9b0eb890f9" + } + ] +} +2017-07-09 20:30:46 ERROR Not authorized to update field "role" +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "zoltan", role: "admin", id: "59627655ba519d9b0eb890fa", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59627655ba519d9b0eb890f9", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:30:46 update user update with user zoltan is authorized +2017-07-09 20:30:46 updated user 59627655ba519d9b0eb890f9. +2017-07-09 20:30:46 pubsub userUpdated readOne with user zoltan is authorized +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59627655ba519d9b0eb890fa") +} + +2017-07-09 20:30:46 removeUser delete with user tobkle is authorized +2017-07-09 20:30:46 removed user 59627655ba519d9b0eb890fa. +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59627655ba519d9b0eb890f9", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 20:30:46 insert tweet create with user tobkle is authorized +2017-07-09 20:30:46 inserted tweet 59627656ba519d9b0eb890fb. +2017-07-09 20:30:46 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 20:30:46 insert tweet create with user tobkle is authorized +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", +Operation: "", variables: "", +Query: +{ + tweet(id: "59627656ba519d9b0eb890fb") { + author { + id + } + body + } +} + +2017-07-09 20:30:46 tweet readOne with user tobkle is authorized +2017-07-09 20:30:46 inserted tweet 59627656ba519d9b0eb890fc. +2017-07-09 20:30:46 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 20:30:46 author readOne with user tobkle is authorized +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 20:30:46 tweet readOne with user tobkle is authorized +2017-07-09 20:30:46 author readOne with user tobkle is authorized +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59627656ba519d9b0eb890fb", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:30:46 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 20:30:46 update tweet update with user tobkle is authorized +2017-07-09 20:30:46 updated tweet 59627656ba519d9b0eb890fb. +2017-07-09 20:30:46 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59627656ba519d9b0eb890fc", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:30:46 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 20:30:46 update tweet update with user tobkle is authorized +2017-07-09 20:30:46 updated tweet 59627656ba519d9b0eb890fc. +2017-07-09 20:30:46 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", +Operation: "", variables: "", +Query: +{ + tweet(id: "59627656ba519d9b0eb890fb") { + body + } +} + +2017-07-09 20:30:46 tweet readOne with user tobkle is authorized +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59627656ba519d9b0eb890fb") +} + +2017-07-09 20:30:46 removeTweet delete with user tobkle is authorized +2017-07-09 20:30:46 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 20:30:46 removed tweet 59627656ba519d9b0eb890fb. +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59627656ba519d9b0eb890fc") +} + +2017-07-09 20:30:46 removeTweet delete with user tobkle is authorized +2017-07-09 20:30:46 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 20:30:46 removed tweet 59627656ba519d9b0eb890fc. +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", +Operation: "", variables: "", +Query: +{ + tweet(id: "59627656ba519d9b0eb890fb") { + body + } +} + +2017-07-09 20:30:46 tweet readOne with user tobkle is authorized +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59627655ba519d9b0eb890f9") +} + +2017-07-09 20:30:46 removeUser delete with user tobkle is authorized +2017-07-09 20:30:46 removed user 59627655ba519d9b0eb890f9. +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59627655ba519d9b0eb890f9") { + username + bio + role + } +} + +2017-07-09 20:30:46 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-07-09 20:30:46 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 20:30:46 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:30:46 ERROR Authorization: Not authorized to update in update user. +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 20:30:46 ERROR Authorization: Not authorized to delete in removeUser. +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 20:30:46 ERROR Authorization: Not authorized to create in insert tweet. +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 20:30:46 tweet readOne with user is authorized +2017-07-09 20:30:46 ERROR Authorization: Not authorized to readOne in author. +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:30:46 tweet getOneById in updateById for docBefore readOne with user is authorized +2017-07-09 20:30:46 ERROR Authorization: Not authorized to update in update tweet. +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:30:46 tweet getOneById in updateById for docBefore readOne with user is authorized +2017-07-09 20:30:46 ERROR Authorization: Not authorized to update in update tweet. +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 20:30:46 ERROR Authorization: Not authorized to delete in removeTweet. +2017-07-09 20:30:46 tweet getOneById in removeById for docBefore readOne with user is authorized +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { + id + role + } +} + +2017-07-09 20:30:46 insert user create with user stubailo is authorized +2017-07-09 20:30:46 inserted user 59627656ba519d9b0eb890fd. +2017-07-09 20:30:46 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-07-09 20:30:46 authQuery: { + "$or": [] +} +2017-07-09 20:30:46 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "_id": "59627656ba519d9b0eb890fd" + } + ] +} +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", +Operation: "", variables: "", +Query: +{ + user(id: "59627656ba519d9b0eb890fd") { + username + } +} + +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "_id": "59627656ba519d9b0eb890fd" + } + ] +} +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", +Operation: "", variables: "", +Query: +{ + user(id: "59627656ba519d9b0eb890fd") { + username + role + } +} + +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "_id": "59627656ba519d9b0eb890fd" + } + ] +} +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "_id": "59627656ba519d9b0eb890fd" + } + ] +} +2017-07-09 20:30:46 ERROR Not authorized to update user +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59627656ba519d9b0eb890fd", input: {username: "tobkle", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "_id": "59627656ba519d9b0eb890fd" + } + ] +} +2017-07-09 20:30:46 updated user 59627656ba519d9b0eb890fd. +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "_id": "59627656ba519d9b0eb890fd" + } + ] +} +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59627656ba519d9b0eb890fd", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "_id": "59627656ba519d9b0eb890fd" + } + ] +} +2017-07-09 20:30:46 ERROR Not authorized to update field "role" +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "_id": "59627656ba519d9b0eb890fd" + } + ] +} +2017-07-09 20:30:46 ERROR remove user failed for finalQuery: { + "_id": "583291a1638566b3c5a92ca1", + "$or": [ + { + "_id": "59627656ba519d9b0eb890fd" + } + ] +} +2017-07-09 20:30:46 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59627656ba519d9b0eb890fd", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "authorId": "59627656ba519d9b0eb890fd" + } + ] +} +2017-07-09 20:30:46 inserted tweet 59627656ba519d9b0eb890fe. +2017-07-09 20:30:46 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "authorId": "59627656ba519d9b0eb890fd" + } + ] +} +2017-07-09 20:30:46 ERROR Not authorized to insert tweet +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", +Operation: "", variables: "", +Query: +{ + tweet(id: "59627656ba519d9b0eb890fe") { + author { + id + } + body + } +} + +2017-07-09 20:30:46 tweet readOne with user tobkle is authorized +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "_id": "59627656ba519d9b0eb890fd" + } + ] +} +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 20:30:46 tweet readOne with user tobkle is authorized +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "_id": "59627656ba519d9b0eb890fd" + } + ] +} +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59627656ba519d9b0eb890fe", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:30:46 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "authorId": "59627656ba519d9b0eb890fd" + }, + { + "coauthorsIds": "59627656ba519d9b0eb890fd" + } + ] +} +2017-07-09 20:30:46 updated tweet 59627656ba519d9b0eb890fe. +2017-07-09 20:30:46 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:30:46 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "authorId": "59627656ba519d9b0eb890fd" + }, + { + "coauthorsIds": "59627656ba519d9b0eb890fd" + } + ] +} +2017-07-09 20:30:46 ERROR Not authorized to update tweet +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", +Operation: "", variables: "", +Query: +{ + tweet(id: "59627656ba519d9b0eb890fe") { + body + } +} + +2017-07-09 20:30:46 tweet readOne with user tobkle is authorized +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59627656ba519d9b0eb890fe") +} + +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "authorId": "59627656ba519d9b0eb890fd" + } + ] +} +2017-07-09 20:30:46 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 20:30:46 removed tweet 59627656ba519d9b0eb890fe. +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "authorId": "59627656ba519d9b0eb890fd" + } + ] +} +2017-07-09 20:30:46 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 20:30:46 ERROR remove tweet failed for finalQuery: { + "_id": "583676d3618530145474e352", + "$or": [ + { + "authorId": "59627656ba519d9b0eb890fd" + } + ] +} +2017-07-09 20:30:46 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", +Operation: "", variables: "", +Query: +{ + tweet(id: "59627656ba519d9b0eb890fe") { + body + } +} + +2017-07-09 20:30:46 tweet readOne with user tobkle is authorized +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59627656ba519d9b0eb890fd") +} + +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "_id": "59627656ba519d9b0eb890fd" + } + ] +} +2017-07-09 20:30:46 removed user 59627656ba519d9b0eb890fd. +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59627656ba519d9b0eb890fd") { + username + bio + role + } +} + +2017-07-09 20:30:46 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { + id + role + } +} + +2017-07-09 20:30:46 insert user create with user stubailo is authorized +2017-07-09 20:30:46 inserted user 59627656ba519d9b0eb890ff. +2017-07-09 20:30:46 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "editor", id: "59627656ba519d9b0eb890ff", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-07-09 20:30:46 authQuery: { + "$or": [] +} +2017-07-09 20:30:46 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "editor", id: "59627656ba519d9b0eb890ff", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "_id": "59627656ba519d9b0eb890ff" + } + ] +} +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "editor", id: "59627656ba519d9b0eb890ff", +Operation: "", variables: "", +Query: +{ + user(id: "59627656ba519d9b0eb890ff") { + username + role + } +} + +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "_id": "59627656ba519d9b0eb890ff" + } + ] +} +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "editor", id: "59627656ba519d9b0eb890ff", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "_id": "59627656ba519d9b0eb890ff" + } + ] +} +2017-07-09 20:30:46 ERROR Not authorized to update user +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "editor", id: "59627656ba519d9b0eb890ff", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59627656ba519d9b0eb890ff", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "_id": "59627656ba519d9b0eb890ff" + } + ] +} +2017-07-09 20:30:46 updated user 59627656ba519d9b0eb890ff. +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "_id": "59627656ba519d9b0eb890ff" + } + ] +} +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tmeasday", role: "editor", id: "59627656ba519d9b0eb890ff", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59627656ba519d9b0eb890ff", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "_id": "59627656ba519d9b0eb890ff" + } + ] +} +2017-07-09 20:30:46 ERROR Not authorized to update field "role" +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tmeasday", role: "editor", id: "59627656ba519d9b0eb890ff", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "_id": "59627656ba519d9b0eb890ff" + } + ] +} +2017-07-09 20:30:46 ERROR remove user failed for finalQuery: { + "_id": "583291a1638566b3c5a92ca1", + "$or": [ + { + "_id": "59627656ba519d9b0eb890ff" + } + ] +} +2017-07-09 20:30:46 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tmeasday", role: "editor", id: "59627656ba519d9b0eb890ff", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59627656ba519d9b0eb890ff", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "authorId": "59627656ba519d9b0eb890ff" + } + ] +} +2017-07-09 20:30:46 inserted tweet 59627656ba519d9b0eb89100. +2017-07-09 20:30:46 pubsub tweetInserted readOne with user tmeasday is authorized +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tmeasday", role: "editor", id: "59627656ba519d9b0eb890ff", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "authorId": "59627656ba519d9b0eb890ff" + } + ] +} +2017-07-09 20:30:46 ERROR Not authorized to insert tweet +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tmeasday", role: "editor", id: "59627656ba519d9b0eb890ff", +Operation: "", variables: "", +Query: +{ + tweet(id: "59627656ba519d9b0eb89100") { + author { + id + } + body + } +} + +2017-07-09 20:30:46 tweet readOne with user tmeasday is authorized +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "_id": "59627656ba519d9b0eb890ff" + } + ] +} +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tmeasday", role: "editor", id: "59627656ba519d9b0eb890ff", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 20:30:46 tweet readOne with user tmeasday is authorized +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "_id": "59627656ba519d9b0eb890ff" + } + ] +} +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tmeasday", role: "editor", id: "59627656ba519d9b0eb890ff", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59627656ba519d9b0eb89100", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:30:46 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "authorId": "59627656ba519d9b0eb890ff" + }, + { + "coauthorsIds": "59627656ba519d9b0eb890ff" + } + ] +} +2017-07-09 20:30:46 updated tweet 59627656ba519d9b0eb89100. +2017-07-09 20:30:46 pubsub tweetUpdated readOne with user tmeasday is authorized +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tmeasday", role: "editor", id: "59627656ba519d9b0eb890ff", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:30:46 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "authorId": "59627656ba519d9b0eb890ff" + }, + { + "coauthorsIds": "59627656ba519d9b0eb890ff" + } + ] +} +2017-07-09 20:30:46 ERROR Not authorized to update tweet +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tmeasday", role: "editor", id: "59627656ba519d9b0eb890ff", +Operation: "", variables: "", +Query: +{ + tweet(id: "59627656ba519d9b0eb89100") { + body + } +} + +2017-07-09 20:30:46 tweet readOne with user tmeasday is authorized +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tmeasday", role: "editor", id: "59627656ba519d9b0eb890ff", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59627656ba519d9b0eb89100") +} + +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "authorId": "59627656ba519d9b0eb890ff" + } + ] +} +2017-07-09 20:30:46 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized +2017-07-09 20:30:46 removed tweet 59627656ba519d9b0eb89100. +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tmeasday", role: "editor", id: "59627656ba519d9b0eb890ff", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "authorId": "59627656ba519d9b0eb890ff" + } + ] +} +2017-07-09 20:30:46 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized +2017-07-09 20:30:46 ERROR remove tweet failed for finalQuery: { + "_id": "583676d3618530145474e352", + "$or": [ + { + "authorId": "59627656ba519d9b0eb890ff" + } + ] +} +2017-07-09 20:30:46 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tmeasday", role: "editor", id: "59627656ba519d9b0eb890ff", +Operation: "", variables: "", +Query: +{ + tweet(id: "59627656ba519d9b0eb89100") { + body + } +} + +2017-07-09 20:30:46 tweet readOne with user tmeasday is authorized +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tmeasday", role: "editor", id: "59627656ba519d9b0eb890ff", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59627656ba519d9b0eb890ff") +} + +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "_id": "59627656ba519d9b0eb890ff" + } + ] +} +2017-07-09 20:30:46 removed user 59627656ba519d9b0eb890ff. +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59627656ba519d9b0eb890ff") { + username + bio + role + } +} + +2017-07-09 20:30:46 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 20:32:30 Logger started +2017-07-09 20:33:01 Logger started +2017-07-09 20:33:14 -------------------------------------------------------------------------------- +2017-07-09 20:33:14 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + role + username + } +} + +2017-07-09 20:33:25 user readOne with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + role + username + } +} + +2017-07-09 20:33:25 user readOne with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca2") { + role + username + } +} + +2017-07-09 20:33:25 user readOne with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + id + username + bio + } +} + +2017-07-09 20:33:25 user readOne with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users { + username + createdAt + } +} + +2017-07-09 20:33:25 users readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(limit: 1) { + username + createdAt + } +} + +2017-07-09 20:33:25 users readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993) { + username + createdAt + } +} + +2017-07-09 20:33:25 users readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } +} + +2017-07-09 20:33:25 users readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers { + username + createdAt + } + } +} + +2017-07-09 20:33:25 user readOne with user stubailo is authorized +2017-07-09 20:33:25 followers readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:33:25 user readOne with user stubailo is authorized +2017-07-09 20:33:25 followers readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-07-09 20:33:25 user readOne with user stubailo is authorized +2017-07-09 20:33:25 followers readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:33:25 user readOne with user stubailo is authorized +2017-07-09 20:33:25 followers readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following { + username + createdAt + } + } +} + +2017-07-09 20:33:25 user readOne with user stubailo is authorized +2017-07-09 20:33:25 following readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:33:25 user readOne with user stubailo is authorized +2017-07-09 20:33:25 following readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-07-09 20:33:25 user readOne with user stubailo is authorized +2017-07-09 20:33:25 following readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:33:25 user readOne with user stubailo is authorized +2017-07-09 20:33:25 following readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets { + id + createdAt + } + } +} + +2017-07-09 20:33:25 user readOne with user stubailo is authorized +2017-07-09 20:33:25 tweets readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(limit: 1) { + id + createdAt + } + } +} + +2017-07-09 20:33:25 user readOne with user stubailo is authorized +2017-07-09 20:33:25 tweets readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } + } +} + +2017-07-09 20:33:25 user readOne with user stubailo is authorized +2017-07-09 20:33:25 tweets readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } + } +} + +2017-07-09 20:33:25 user readOne with user stubailo is authorized +2017-07-09 20:33:25 tweets readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked { + id + createdAt + } + } +} + +2017-07-09 20:33:25 user readOne with user stubailo is authorized +2017-07-09 20:33:25 liked readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(limit: 1) { + id + createdAt + } + } +} + +2017-07-09 20:33:25 user readOne with user stubailo is authorized +2017-07-09 20:33:25 liked readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334) { + id + createdAt + } + } +} + +2017-07-09 20:33:25 user readOne with user stubailo is authorized +2017-07-09 20:33:25 liked readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334, limit: 1) { + id + createdAt + } + } +} + +2017-07-09 20:33:25 user readOne with user stubailo is authorized +2017-07-09 20:33:25 liked readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + author { + username + } + } +} + +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + id + body + } +} + +2017-07-09 20:33:25 tweet readOne with user stubailo is authorized +2017-07-09 20:33:25 tweet readOne with user stubailo is authorized +2017-07-09 20:33:25 author readOne with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets { + id + createdAt + } +} + +2017-07-09 20:33:25 tweets readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(limit: 1) { + id + createdAt + } +} + +2017-07-09 20:33:25 tweets readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } +} + +2017-07-09 20:33:25 tweets readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } +} + +2017-07-09 20:33:25 tweets readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers { + username + createdAt + } + } +} + +2017-07-09 20:33:25 tweet readOne with user stubailo is authorized +2017-07-09 20:33:25 likers readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:33:25 tweet readOne with user stubailo is authorized +2017-07-09 20:33:25 likers readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993) { + username + createdAt + } + } +} + +2017-07-09 20:33:25 tweet readOne with user stubailo is authorized +2017-07-09 20:33:25 likers readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:33:25 tweet readOne with user stubailo is authorized +2017-07-09 20:33:25 likers readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { + id + role + } +} + +2017-07-09 20:33:25 insert user create with user stubailo is authorized +2017-07-09 20:33:25 inserted user 596276f59bce489b8e6d4df3. +2017-07-09 20:33:25 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-07-09 20:33:25 insert user create with user tobkle is authorized +2017-07-09 20:33:25 inserted user 596276f59bce489b8e6d4df4. +2017-07-09 20:33:25 pubsub userInserted readOne with user tobkle is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", +Operation: "", variables: "", +Query: +{ + user(id: "596276f59bce489b8e6d4df4") { + username + bio + role + } +} + +2017-07-09 20:33:25 user readOne with user tobkle is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", +Operation: "", variables: "", +Query: +{ + user(id: "596276f59bce489b8e6d4df3") { + username + role + } +} + +2017-07-09 20:33:25 user readOne with user tobkle is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596276f59bce489b8e6d4df4", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-07-09 20:33:25 update user update with user tobkle is authorized +2017-07-09 20:33:25 updated user 596276f59bce489b8e6d4df4. +2017-07-09 20:33:25 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596276f59bce489b8e6d4df3", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:33:25 update user update with user tobkle is authorized +2017-07-09 20:33:25 updated user 596276f59bce489b8e6d4df3. +2017-07-09 20:33:25 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596276f59bce489b8e6d4df4", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:33:25 update user update with user tobkle is authorized +2017-07-09 20:33:25 updated user 596276f59bce489b8e6d4df4. +2017-07-09 20:33:25 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596276f59bce489b8e6d4df3", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-07-09 20:33:25 update user update with user tobkle is authorized +2017-07-09 20:33:25 updated user 596276f59bce489b8e6d4df3. +2017-07-09 20:33:25 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "tobkle", role: "editor", id: "596276f59bce489b8e6d4df3", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596276f59bce489b8e6d4df3", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:33:25 authQuery: { + "$or": [ + { + "_id": "596276f59bce489b8e6d4df3" + } + ] +} +2017-07-09 20:33:25 ERROR Not authorized to update field "role" +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "zoltan", role: "admin", id: "596276f59bce489b8e6d4df4", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596276f59bce489b8e6d4df3", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:33:25 update user update with user zoltan is authorized +2017-07-09 20:33:25 updated user 596276f59bce489b8e6d4df3. +2017-07-09 20:33:25 pubsub userUpdated readOne with user zoltan is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "596276f59bce489b8e6d4df4") +} + +2017-07-09 20:33:25 removeUser delete with user tobkle is authorized +2017-07-09 20:33:25 removed user 596276f59bce489b8e6d4df4. +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "596276f59bce489b8e6d4df3", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 20:33:25 insert tweet create with user tobkle is authorized +2017-07-09 20:33:25 inserted tweet 596276f59bce489b8e6d4df5. +2017-07-09 20:33:25 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 20:33:25 insert tweet create with user tobkle is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", +Operation: "", variables: "", +Query: +{ + tweet(id: "596276f59bce489b8e6d4df5") { + author { + id + } + body + } +} + +2017-07-09 20:33:25 tweet readOne with user tobkle is authorized +2017-07-09 20:33:25 inserted tweet 596276f59bce489b8e6d4df6. +2017-07-09 20:33:25 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 20:33:25 author readOne with user tobkle is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 20:33:25 tweet readOne with user tobkle is authorized +2017-07-09 20:33:25 author readOne with user tobkle is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "596276f59bce489b8e6d4df5", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:33:25 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 20:33:25 update tweet update with user tobkle is authorized +2017-07-09 20:33:25 updated tweet 596276f59bce489b8e6d4df5. +2017-07-09 20:33:25 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "596276f59bce489b8e6d4df6", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:33:25 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 20:33:25 update tweet update with user tobkle is authorized +2017-07-09 20:33:25 updated tweet 596276f59bce489b8e6d4df6. +2017-07-09 20:33:25 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", +Operation: "", variables: "", +Query: +{ + tweet(id: "596276f59bce489b8e6d4df5") { + body + } +} + +2017-07-09 20:33:25 tweet readOne with user tobkle is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "596276f59bce489b8e6d4df5") +} + +2017-07-09 20:33:25 removeTweet delete with user tobkle is authorized +2017-07-09 20:33:25 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 20:33:25 removed tweet 596276f59bce489b8e6d4df5. +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "596276f59bce489b8e6d4df6") +} + +2017-07-09 20:33:25 removeTweet delete with user tobkle is authorized +2017-07-09 20:33:25 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 20:33:25 removed tweet 596276f59bce489b8e6d4df6. +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", +Operation: "", variables: "", +Query: +{ + tweet(id: "596276f59bce489b8e6d4df5") { + body + } +} + +2017-07-09 20:33:25 tweet readOne with user tobkle is authorized +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "596276f59bce489b8e6d4df3") +} + +2017-07-09 20:33:26 removeUser delete with user tobkle is authorized +2017-07-09 20:33:26 removed user 596276f59bce489b8e6d4df3. +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "596276f59bce489b8e6d4df3") { + username + bio + role + } +} + +2017-07-09 20:33:26 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-07-09 20:33:26 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 20:33:26 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:33:26 ERROR Authorization: Not authorized to update in update user. +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 20:33:26 ERROR Authorization: Not authorized to delete in removeUser. +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 20:33:26 ERROR Authorization: Not authorized to create in insert tweet. +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 20:33:26 tweet readOne with user is authorized +2017-07-09 20:33:26 ERROR Authorization: Not authorized to readOne in author. +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:33:26 tweet getOneById in updateById for docBefore readOne with user is authorized +2017-07-09 20:33:26 ERROR Authorization: Not authorized to update in update tweet. +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:33:26 tweet getOneById in updateById for docBefore readOne with user is authorized +2017-07-09 20:33:26 ERROR Authorization: Not authorized to update in update tweet. +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 20:33:26 ERROR Authorization: Not authorized to delete in removeTweet. +2017-07-09 20:33:26 tweet getOneById in removeById for docBefore readOne with user is authorized +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { + id + role + } +} + +2017-07-09 20:33:26 insert user create with user stubailo is authorized +2017-07-09 20:33:26 inserted user 596276f69bce489b8e6d4df7. +2017-07-09 20:33:26 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-07-09 20:33:26 authQuery: { + "$or": [] +} +2017-07-09 20:33:26 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "_id": "596276f69bce489b8e6d4df7" + } + ] +} +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", +Operation: "", variables: "", +Query: +{ + user(id: "596276f69bce489b8e6d4df7") { + username + } +} + +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "_id": "596276f69bce489b8e6d4df7" + } + ] +} +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", +Operation: "", variables: "", +Query: +{ + user(id: "596276f69bce489b8e6d4df7") { + username + role + } +} + +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "_id": "596276f69bce489b8e6d4df7" + } + ] +} +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "_id": "596276f69bce489b8e6d4df7" + } + ] +} +2017-07-09 20:33:26 ERROR Not authorized to update field "role" +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596276f69bce489b8e6d4df7", input: {username: "tobkle", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "_id": "596276f69bce489b8e6d4df7" + } + ] +} +2017-07-09 20:33:26 updated user 596276f69bce489b8e6d4df7. +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "_id": "596276f69bce489b8e6d4df7" + } + ] +} +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596276f69bce489b8e6d4df7", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "_id": "596276f69bce489b8e6d4df7" + } + ] +} +2017-07-09 20:33:26 ERROR Not authorized to update field "role" +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "_id": "596276f69bce489b8e6d4df7" + } + ] +} +2017-07-09 20:33:26 ERROR remove user failed for finalQuery: { + "_id": "583291a1638566b3c5a92ca1", + "$or": [ + { + "_id": "596276f69bce489b8e6d4df7" + } + ] +} +2017-07-09 20:33:26 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "596276f69bce489b8e6d4df7", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "authorId": "596276f69bce489b8e6d4df7" + } + ] +} +2017-07-09 20:33:26 inserted tweet 596276f69bce489b8e6d4df8. +2017-07-09 20:33:26 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "authorId": "596276f69bce489b8e6d4df7" + } + ] +} +2017-07-09 20:33:26 ERROR Not authorized to insert tweet +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", +Operation: "", variables: "", +Query: +{ + tweet(id: "596276f69bce489b8e6d4df8") { + author { + id + } + body + } +} + +2017-07-09 20:33:26 tweet readOne with user tobkle is authorized +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "_id": "596276f69bce489b8e6d4df7" + } + ] +} +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 20:33:26 tweet readOne with user tobkle is authorized +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "_id": "596276f69bce489b8e6d4df7" + } + ] +} +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "596276f69bce489b8e6d4df8", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:33:26 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "authorId": "596276f69bce489b8e6d4df7" + }, + { + "coauthorsIds": "596276f69bce489b8e6d4df7" + } + ] +} +2017-07-09 20:33:26 updated tweet 596276f69bce489b8e6d4df8. +2017-07-09 20:33:26 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:33:26 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "authorId": "596276f69bce489b8e6d4df7" + }, + { + "coauthorsIds": "596276f69bce489b8e6d4df7" + } + ] +} +2017-07-09 20:33:26 ERROR Not authorized to update tweet +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", +Operation: "", variables: "", +Query: +{ + tweet(id: "596276f69bce489b8e6d4df8") { + body + } +} + +2017-07-09 20:33:26 tweet readOne with user tobkle is authorized +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "596276f69bce489b8e6d4df8") +} + +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "authorId": "596276f69bce489b8e6d4df7" + } + ] +} +2017-07-09 20:33:26 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 20:33:26 removed tweet 596276f69bce489b8e6d4df8. +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "authorId": "596276f69bce489b8e6d4df7" + } + ] +} +2017-07-09 20:33:26 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 20:33:26 ERROR remove tweet failed for finalQuery: { + "_id": "583676d3618530145474e352", + "$or": [ + { + "authorId": "596276f69bce489b8e6d4df7" + } + ] +} +2017-07-09 20:33:26 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", +Operation: "", variables: "", +Query: +{ + tweet(id: "596276f69bce489b8e6d4df8") { + body + } +} + +2017-07-09 20:33:26 tweet readOne with user tobkle is authorized +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "596276f69bce489b8e6d4df7") +} + +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "_id": "596276f69bce489b8e6d4df7" + } + ] +} +2017-07-09 20:33:26 removed user 596276f69bce489b8e6d4df7. +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "596276f69bce489b8e6d4df7") { + username + bio + role + } +} + +2017-07-09 20:33:26 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { + id + role + } +} + +2017-07-09 20:33:26 insert user create with user stubailo is authorized +2017-07-09 20:33:26 inserted user 596276f69bce489b8e6d4df9. +2017-07-09 20:33:26 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tobkle", role: "editor", id: "596276f69bce489b8e6d4df9", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-07-09 20:33:26 authQuery: { + "$or": [] +} +2017-07-09 20:33:26 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tobkle", role: "editor", id: "596276f69bce489b8e6d4df9", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "_id": "596276f69bce489b8e6d4df9" + } + ] +} +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tobkle", role: "editor", id: "596276f69bce489b8e6d4df9", +Operation: "", variables: "", +Query: +{ + user(id: "596276f69bce489b8e6d4df9") { + username + role + } +} + +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "_id": "596276f69bce489b8e6d4df9" + } + ] +} +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tobkle", role: "editor", id: "596276f69bce489b8e6d4df9", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "_id": "596276f69bce489b8e6d4df9" + } + ] +} +2017-07-09 20:33:26 ERROR Not authorized to update field "role" +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tobkle", role: "editor", id: "596276f69bce489b8e6d4df9", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596276f69bce489b8e6d4df9", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "_id": "596276f69bce489b8e6d4df9" + } + ] +} +2017-07-09 20:33:26 updated user 596276f69bce489b8e6d4df9. +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "_id": "596276f69bce489b8e6d4df9" + } + ] +} +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tmeasday", role: "editor", id: "596276f69bce489b8e6d4df9", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596276f69bce489b8e6d4df9", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "_id": "596276f69bce489b8e6d4df9" + } + ] +} +2017-07-09 20:33:26 ERROR Not authorized to update field "role" +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tmeasday", role: "editor", id: "596276f69bce489b8e6d4df9", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "_id": "596276f69bce489b8e6d4df9" + } + ] +} +2017-07-09 20:33:26 ERROR remove user failed for finalQuery: { + "_id": "583291a1638566b3c5a92ca1", + "$or": [ + { + "_id": "596276f69bce489b8e6d4df9" + } + ] +} +2017-07-09 20:33:26 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tmeasday", role: "editor", id: "596276f69bce489b8e6d4df9", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "596276f69bce489b8e6d4df9", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "authorId": "596276f69bce489b8e6d4df9" + } + ] +} +2017-07-09 20:33:26 inserted tweet 596276f69bce489b8e6d4dfa. +2017-07-09 20:33:26 pubsub tweetInserted readOne with user tmeasday is authorized +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tmeasday", role: "editor", id: "596276f69bce489b8e6d4df9", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "authorId": "596276f69bce489b8e6d4df9" + } + ] +} +2017-07-09 20:33:26 ERROR Not authorized to insert tweet +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tmeasday", role: "editor", id: "596276f69bce489b8e6d4df9", +Operation: "", variables: "", +Query: +{ + tweet(id: "596276f69bce489b8e6d4dfa") { + author { + id + } + body + } +} + +2017-07-09 20:33:26 tweet readOne with user tmeasday is authorized +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "_id": "596276f69bce489b8e6d4df9" + } + ] +} +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tmeasday", role: "editor", id: "596276f69bce489b8e6d4df9", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 20:33:26 tweet readOne with user tmeasday is authorized +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "_id": "596276f69bce489b8e6d4df9" + } + ] +} +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tmeasday", role: "editor", id: "596276f69bce489b8e6d4df9", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "596276f69bce489b8e6d4dfa", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:33:26 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "authorId": "596276f69bce489b8e6d4df9" + }, + { + "coauthorsIds": "596276f69bce489b8e6d4df9" + } + ] +} +2017-07-09 20:33:26 updated tweet 596276f69bce489b8e6d4dfa. +2017-07-09 20:33:26 pubsub tweetUpdated readOne with user tmeasday is authorized +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tmeasday", role: "editor", id: "596276f69bce489b8e6d4df9", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:33:26 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "authorId": "596276f69bce489b8e6d4df9" + }, + { + "coauthorsIds": "596276f69bce489b8e6d4df9" + } + ] +} +2017-07-09 20:33:26 ERROR Not authorized to update tweet +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tmeasday", role: "editor", id: "596276f69bce489b8e6d4df9", +Operation: "", variables: "", +Query: +{ + tweet(id: "596276f69bce489b8e6d4dfa") { + body + } +} + +2017-07-09 20:33:26 tweet readOne with user tmeasday is authorized +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tmeasday", role: "editor", id: "596276f69bce489b8e6d4df9", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "596276f69bce489b8e6d4dfa") +} + +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "authorId": "596276f69bce489b8e6d4df9" + } + ] +} +2017-07-09 20:33:26 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized +2017-07-09 20:33:26 removed tweet 596276f69bce489b8e6d4dfa. +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tmeasday", role: "editor", id: "596276f69bce489b8e6d4df9", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "authorId": "596276f69bce489b8e6d4df9" + } + ] +} +2017-07-09 20:33:26 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized +2017-07-09 20:33:26 ERROR remove tweet failed for finalQuery: { + "_id": "583676d3618530145474e352", + "$or": [ + { + "authorId": "596276f69bce489b8e6d4df9" + } + ] +} +2017-07-09 20:33:26 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tmeasday", role: "editor", id: "596276f69bce489b8e6d4df9", +Operation: "", variables: "", +Query: +{ + tweet(id: "596276f69bce489b8e6d4dfa") { + body + } +} + +2017-07-09 20:33:26 tweet readOne with user tmeasday is authorized +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tmeasday", role: "editor", id: "596276f69bce489b8e6d4df9", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "596276f69bce489b8e6d4df9") +} + +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "_id": "596276f69bce489b8e6d4df9" + } + ] +} +2017-07-09 20:33:26 removed user 596276f69bce489b8e6d4df9. +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "596276f69bce489b8e6d4df9") { + username + bio + role + } +} + +2017-07-09 20:33:26 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 20:34:32 Logger started +2017-07-09 20:35:00 Logger started +2017-07-09 20:35:21 Logger started +2017-07-09 20:35:45 -------------------------------------------------------------------------------- +2017-07-09 20:35:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + role + username + } +} + +2017-07-09 20:35:56 user readOne with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + role + username + } +} + +2017-07-09 20:35:56 user readOne with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca2") { + role + username + } +} + +2017-07-09 20:35:56 user readOne with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + id + username + bio + } +} + +2017-07-09 20:35:56 user readOne with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users { + username + createdAt + } +} + +2017-07-09 20:35:56 users readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(limit: 1) { + username + createdAt + } +} + +2017-07-09 20:35:56 users readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993) { + username + createdAt + } +} + +2017-07-09 20:35:56 users readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } +} + +2017-07-09 20:35:56 users readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers { + username + createdAt + } + } +} + +2017-07-09 20:35:56 user readOne with user stubailo is authorized +2017-07-09 20:35:56 followers readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:35:56 user readOne with user stubailo is authorized +2017-07-09 20:35:56 followers readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-07-09 20:35:56 user readOne with user stubailo is authorized +2017-07-09 20:35:56 followers readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:35:56 user readOne with user stubailo is authorized +2017-07-09 20:35:56 followers readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following { + username + createdAt + } + } +} + +2017-07-09 20:35:56 user readOne with user stubailo is authorized +2017-07-09 20:35:56 following readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:35:56 user readOne with user stubailo is authorized +2017-07-09 20:35:56 following readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-07-09 20:35:56 user readOne with user stubailo is authorized +2017-07-09 20:35:56 following readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:35:56 user readOne with user stubailo is authorized +2017-07-09 20:35:56 following readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets { + id + createdAt + } + } +} + +2017-07-09 20:35:56 user readOne with user stubailo is authorized +2017-07-09 20:35:56 tweets readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(limit: 1) { + id + createdAt + } + } +} + +2017-07-09 20:35:56 user readOne with user stubailo is authorized +2017-07-09 20:35:56 tweets readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } + } +} + +2017-07-09 20:35:56 user readOne with user stubailo is authorized +2017-07-09 20:35:56 tweets readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } + } +} + +2017-07-09 20:35:56 user readOne with user stubailo is authorized +2017-07-09 20:35:56 tweets readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked { + id + createdAt + } + } +} + +2017-07-09 20:35:56 user readOne with user stubailo is authorized +2017-07-09 20:35:56 liked readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(limit: 1) { + id + createdAt + } + } +} + +2017-07-09 20:35:56 user readOne with user stubailo is authorized +2017-07-09 20:35:56 liked readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334) { + id + createdAt + } + } +} + +2017-07-09 20:35:56 user readOne with user stubailo is authorized +2017-07-09 20:35:56 liked readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334, limit: 1) { + id + createdAt + } + } +} + +2017-07-09 20:35:56 user readOne with user stubailo is authorized +2017-07-09 20:35:56 liked readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + author { + username + } + } +} + +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + id + body + } +} + +2017-07-09 20:35:56 tweet readOne with user stubailo is authorized +2017-07-09 20:35:56 tweet readOne with user stubailo is authorized +2017-07-09 20:35:56 author readOne with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets { + id + createdAt + } +} + +2017-07-09 20:35:56 tweets readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(limit: 1) { + id + createdAt + } +} + +2017-07-09 20:35:56 tweets readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } +} + +2017-07-09 20:35:56 tweets readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } +} + +2017-07-09 20:35:56 tweets readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers { + username + createdAt + } + } +} + +2017-07-09 20:35:56 tweet readOne with user stubailo is authorized +2017-07-09 20:35:56 likers readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:35:56 tweet readOne with user stubailo is authorized +2017-07-09 20:35:56 likers readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993) { + username + createdAt + } + } +} + +2017-07-09 20:35:56 tweet readOne with user stubailo is authorized +2017-07-09 20:35:56 likers readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:35:56 tweet readOne with user stubailo is authorized +2017-07-09 20:35:56 likers readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { + id + role + } +} + +2017-07-09 20:35:56 insert user create with user stubailo is authorized +2017-07-09 20:35:56 inserted user 5962778c08de6c9c11df0d23. +2017-07-09 20:35:56 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-07-09 20:35:56 insert user create with user tobkle is authorized +2017-07-09 20:35:56 inserted user 5962778c08de6c9c11df0d24. +2017-07-09 20:35:56 pubsub userInserted readOne with user tobkle is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", +Operation: "", variables: "", +Query: +{ + user(id: "5962778c08de6c9c11df0d24") { + username + bio + role + } +} + +2017-07-09 20:35:56 user readOne with user tobkle is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", +Operation: "", variables: "", +Query: +{ + user(id: "5962778c08de6c9c11df0d23") { + username + role + } +} + +2017-07-09 20:35:56 user readOne with user tobkle is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "5962778c08de6c9c11df0d24", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-07-09 20:35:56 update user update with user tobkle is authorized +2017-07-09 20:35:56 updated user 5962778c08de6c9c11df0d24. +2017-07-09 20:35:56 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "5962778c08de6c9c11df0d23", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:35:56 update user update with user tobkle is authorized +2017-07-09 20:35:56 updated user 5962778c08de6c9c11df0d23. +2017-07-09 20:35:56 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "5962778c08de6c9c11df0d24", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:35:56 update user update with user tobkle is authorized +2017-07-09 20:35:56 updated user 5962778c08de6c9c11df0d24. +2017-07-09 20:35:56 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "5962778c08de6c9c11df0d23", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-07-09 20:35:56 update user update with user tobkle is authorized +2017-07-09 20:35:56 updated user 5962778c08de6c9c11df0d23. +2017-07-09 20:35:56 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "tobkle", role: "editor", id: "5962778c08de6c9c11df0d23", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "5962778c08de6c9c11df0d23", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:35:56 authQuery: { + "$or": [ + { + "_id": "5962778c08de6c9c11df0d23" + } + ] +} +2017-07-09 20:35:56 ERROR Not authorized to update field "role" +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "zoltan", role: "admin", id: "5962778c08de6c9c11df0d24", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "5962778c08de6c9c11df0d23", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:35:56 update user update with user zoltan is authorized +2017-07-09 20:35:56 updated user 5962778c08de6c9c11df0d23. +2017-07-09 20:35:56 pubsub userUpdated readOne with user zoltan is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "5962778c08de6c9c11df0d24") +} + +2017-07-09 20:35:56 removeUser delete with user tobkle is authorized +2017-07-09 20:35:56 removed user 5962778c08de6c9c11df0d24. +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "5962778c08de6c9c11df0d23", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 20:35:57 insert tweet create with user tobkle is authorized +2017-07-09 20:35:57 inserted tweet 5962778d08de6c9c11df0d25. +2017-07-09 20:35:57 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 20:35:57 insert tweet create with user tobkle is authorized +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", +Operation: "", variables: "", +Query: +{ + tweet(id: "5962778d08de6c9c11df0d25") { + author { + id + } + body + } +} + +2017-07-09 20:35:57 tweet readOne with user tobkle is authorized +2017-07-09 20:35:57 inserted tweet 5962778d08de6c9c11df0d26. +2017-07-09 20:35:57 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 20:35:57 author readOne with user tobkle is authorized +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 20:35:57 tweet readOne with user tobkle is authorized +2017-07-09 20:35:57 author readOne with user tobkle is authorized +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "5962778d08de6c9c11df0d25", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:35:57 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 20:35:57 update tweet update with user tobkle is authorized +2017-07-09 20:35:57 updated tweet 5962778d08de6c9c11df0d25. +2017-07-09 20:35:57 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "5962778d08de6c9c11df0d26", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:35:57 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 20:35:57 update tweet update with user tobkle is authorized +2017-07-09 20:35:57 updated tweet 5962778d08de6c9c11df0d26. +2017-07-09 20:35:57 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", +Operation: "", variables: "", +Query: +{ + tweet(id: "5962778d08de6c9c11df0d25") { + body + } +} + +2017-07-09 20:35:57 tweet readOne with user tobkle is authorized +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "5962778d08de6c9c11df0d25") +} + +2017-07-09 20:35:57 removeTweet delete with user tobkle is authorized +2017-07-09 20:35:57 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 20:35:57 removed tweet 5962778d08de6c9c11df0d25. +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "5962778d08de6c9c11df0d26") +} + +2017-07-09 20:35:57 removeTweet delete with user tobkle is authorized +2017-07-09 20:35:57 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 20:35:57 removed tweet 5962778d08de6c9c11df0d26. +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", +Operation: "", variables: "", +Query: +{ + tweet(id: "5962778d08de6c9c11df0d25") { + body + } +} + +2017-07-09 20:35:57 tweet readOne with user tobkle is authorized +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "5962778c08de6c9c11df0d23") +} + +2017-07-09 20:35:57 removeUser delete with user tobkle is authorized +2017-07-09 20:35:57 removed user 5962778c08de6c9c11df0d23. +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "5962778c08de6c9c11df0d23") { + username + bio + role + } +} + +2017-07-09 20:35:57 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-07-09 20:35:57 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 20:35:57 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:35:57 ERROR Authorization: Not authorized to update in update user. +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 20:35:57 ERROR Authorization: Not authorized to delete in removeUser. +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 20:35:57 ERROR Authorization: Not authorized to create in insert tweet. +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 20:35:57 tweet readOne with user is authorized +2017-07-09 20:35:57 ERROR Authorization: Not authorized to readOne in author. +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:35:57 tweet getOneById in updateById for docBefore readOne with user is authorized +2017-07-09 20:35:57 ERROR Authorization: Not authorized to update in update tweet. +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:35:57 tweet getOneById in updateById for docBefore readOne with user is authorized +2017-07-09 20:35:57 ERROR Authorization: Not authorized to update in update tweet. +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 20:35:57 ERROR Authorization: Not authorized to delete in removeTweet. +2017-07-09 20:35:57 tweet getOneById in removeById for docBefore readOne with user is authorized +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { + id + role + } +} + +2017-07-09 20:35:57 insert user create with user stubailo is authorized +2017-07-09 20:35:57 inserted user 5962778d08de6c9c11df0d27. +2017-07-09 20:35:57 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-07-09 20:35:57 authQuery: { + "$or": [] +} +2017-07-09 20:35:57 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "_id": "5962778d08de6c9c11df0d27" + } + ] +} +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", +Operation: "", variables: "", +Query: +{ + user(id: "5962778d08de6c9c11df0d27") { + username + } +} + +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "_id": "5962778d08de6c9c11df0d27" + } + ] +} +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", +Operation: "", variables: "", +Query: +{ + user(id: "5962778d08de6c9c11df0d27") { + username + role + } +} + +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "_id": "5962778d08de6c9c11df0d27" + } + ] +} +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "_id": "5962778d08de6c9c11df0d27" + } + ] +} +2017-07-09 20:35:57 ERROR Not authorized to update field "role" +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "5962778d08de6c9c11df0d27", input: {username: "tobkle", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "_id": "5962778d08de6c9c11df0d27" + } + ] +} +2017-07-09 20:35:57 updated user 5962778d08de6c9c11df0d27. +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "_id": "5962778d08de6c9c11df0d27" + } + ] +} +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "5962778d08de6c9c11df0d27", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "_id": "5962778d08de6c9c11df0d27" + } + ] +} +2017-07-09 20:35:57 ERROR Not authorized to update field "role" +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "_id": "5962778d08de6c9c11df0d27" + } + ] +} +2017-07-09 20:35:57 ERROR remove user failed for finalQuery: { + "_id": "583291a1638566b3c5a92ca1", + "$or": [ + { + "_id": "5962778d08de6c9c11df0d27" + } + ] +} +2017-07-09 20:35:57 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "5962778d08de6c9c11df0d27", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "authorId": "5962778d08de6c9c11df0d27" + } + ] +} +2017-07-09 20:35:57 inserted tweet 5962778d08de6c9c11df0d28. +2017-07-09 20:35:57 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "authorId": "5962778d08de6c9c11df0d27" + } + ] +} +2017-07-09 20:35:57 ERROR Not authorized to insert tweet +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", +Operation: "", variables: "", +Query: +{ + tweet(id: "5962778d08de6c9c11df0d28") { + author { + id + } + body + } +} + +2017-07-09 20:35:57 tweet readOne with user tobkle is authorized +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "_id": "5962778d08de6c9c11df0d27" + } + ] +} +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 20:35:57 tweet readOne with user tobkle is authorized +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "_id": "5962778d08de6c9c11df0d27" + } + ] +} +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "5962778d08de6c9c11df0d28", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:35:57 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "authorId": "5962778d08de6c9c11df0d27" + }, + { + "coauthorsIds": "5962778d08de6c9c11df0d27" + } + ] +} +2017-07-09 20:35:57 updated tweet 5962778d08de6c9c11df0d28. +2017-07-09 20:35:57 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:35:57 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "authorId": "5962778d08de6c9c11df0d27" + }, + { + "coauthorsIds": "5962778d08de6c9c11df0d27" + } + ] +} +2017-07-09 20:35:57 ERROR update tweet failed finalQuery: { + "_id": "583676d3618530145474e352", + "$or": [ + { + "authorId": "5962778d08de6c9c11df0d27" + }, + { + "coauthorsIds": "5962778d08de6c9c11df0d27" + } + ] +} +2017-07-09 20:35:57 ERROR update tweet failed for docToUpdate: { + "$set": { + "body": "This is a modified test tweet", + "updatedAt": 1499625357426, + "updatedById": "5962778d08de6c9c11df0d27" + } +} +2017-07-09 20:35:57 ERROR update tweet not possible for 583676d3618530145474e352. +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", +Operation: "", variables: "", +Query: +{ + tweet(id: "5962778d08de6c9c11df0d28") { + body + } +} + +2017-07-09 20:35:57 tweet readOne with user tobkle is authorized +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "5962778d08de6c9c11df0d28") +} + +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "authorId": "5962778d08de6c9c11df0d27" + } + ] +} +2017-07-09 20:35:57 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 20:35:57 removed tweet 5962778d08de6c9c11df0d28. +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "authorId": "5962778d08de6c9c11df0d27" + } + ] +} +2017-07-09 20:35:57 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 20:35:57 ERROR remove tweet failed for finalQuery: { + "_id": "583676d3618530145474e352", + "$or": [ + { + "authorId": "5962778d08de6c9c11df0d27" + } + ] +} +2017-07-09 20:35:57 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", +Operation: "", variables: "", +Query: +{ + tweet(id: "5962778d08de6c9c11df0d28") { + body + } +} + +2017-07-09 20:35:57 tweet readOne with user tobkle is authorized +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "5962778d08de6c9c11df0d27") +} + +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "_id": "5962778d08de6c9c11df0d27" + } + ] +} +2017-07-09 20:35:57 removed user 5962778d08de6c9c11df0d27. +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "5962778d08de6c9c11df0d27") { + username + bio + role + } +} + +2017-07-09 20:35:57 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { + id + role + } +} + +2017-07-09 20:35:57 insert user create with user stubailo is authorized +2017-07-09 20:35:57 inserted user 5962778d08de6c9c11df0d29. +2017-07-09 20:35:57 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "editor", id: "5962778d08de6c9c11df0d29", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-07-09 20:35:57 authQuery: { + "$or": [] +} +2017-07-09 20:35:57 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "editor", id: "5962778d08de6c9c11df0d29", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "_id": "5962778d08de6c9c11df0d29" + } + ] +} +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "editor", id: "5962778d08de6c9c11df0d29", +Operation: "", variables: "", +Query: +{ + user(id: "5962778d08de6c9c11df0d29") { + username + role + } +} + +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "_id": "5962778d08de6c9c11df0d29" + } + ] +} +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "editor", id: "5962778d08de6c9c11df0d29", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "_id": "5962778d08de6c9c11df0d29" + } + ] +} +2017-07-09 20:35:57 ERROR Not authorized to update field "role" +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "editor", id: "5962778d08de6c9c11df0d29", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "5962778d08de6c9c11df0d29", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "_id": "5962778d08de6c9c11df0d29" + } + ] +} +2017-07-09 20:35:57 updated user 5962778d08de6c9c11df0d29. +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "_id": "5962778d08de6c9c11df0d29" + } + ] +} +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tmeasday", role: "editor", id: "5962778d08de6c9c11df0d29", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "5962778d08de6c9c11df0d29", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "_id": "5962778d08de6c9c11df0d29" + } + ] +} +2017-07-09 20:35:57 ERROR Not authorized to update field "role" +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tmeasday", role: "editor", id: "5962778d08de6c9c11df0d29", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "_id": "5962778d08de6c9c11df0d29" + } + ] +} +2017-07-09 20:35:57 ERROR remove user failed for finalQuery: { + "_id": "583291a1638566b3c5a92ca1", + "$or": [ + { + "_id": "5962778d08de6c9c11df0d29" + } + ] +} +2017-07-09 20:35:57 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tmeasday", role: "editor", id: "5962778d08de6c9c11df0d29", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "5962778d08de6c9c11df0d29", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "authorId": "5962778d08de6c9c11df0d29" + } + ] +} +2017-07-09 20:35:57 inserted tweet 5962778d08de6c9c11df0d2a. +2017-07-09 20:35:57 pubsub tweetInserted readOne with user tmeasday is authorized +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tmeasday", role: "editor", id: "5962778d08de6c9c11df0d29", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "authorId": "5962778d08de6c9c11df0d29" + } + ] +} +2017-07-09 20:35:57 ERROR Not authorized to insert tweet +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tmeasday", role: "editor", id: "5962778d08de6c9c11df0d29", +Operation: "", variables: "", +Query: +{ + tweet(id: "5962778d08de6c9c11df0d2a") { + author { + id + } + body + } +} + +2017-07-09 20:35:57 tweet readOne with user tmeasday is authorized +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "_id": "5962778d08de6c9c11df0d29" + } + ] +} +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tmeasday", role: "editor", id: "5962778d08de6c9c11df0d29", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 20:35:57 tweet readOne with user tmeasday is authorized +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "_id": "5962778d08de6c9c11df0d29" + } + ] +} +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tmeasday", role: "editor", id: "5962778d08de6c9c11df0d29", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "5962778d08de6c9c11df0d2a", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:35:57 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "authorId": "5962778d08de6c9c11df0d29" + }, + { + "coauthorsIds": "5962778d08de6c9c11df0d29" + } + ] +} +2017-07-09 20:35:57 updated tweet 5962778d08de6c9c11df0d2a. +2017-07-09 20:35:57 pubsub tweetUpdated readOne with user tmeasday is authorized +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tmeasday", role: "editor", id: "5962778d08de6c9c11df0d29", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:35:57 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "authorId": "5962778d08de6c9c11df0d29" + }, + { + "coauthorsIds": "5962778d08de6c9c11df0d29" + } + ] +} +2017-07-09 20:35:57 ERROR update tweet failed finalQuery: { + "_id": "583676d3618530145474e352", + "$or": [ + { + "authorId": "5962778d08de6c9c11df0d29" + }, + { + "coauthorsIds": "5962778d08de6c9c11df0d29" + } + ] +} +2017-07-09 20:35:57 ERROR update tweet failed for docToUpdate: { + "$set": { + "body": "This is a modified test tweet", + "updatedAt": 1499625357646, + "updatedById": "5962778d08de6c9c11df0d29" + } +} +2017-07-09 20:35:57 ERROR update tweet not possible for 583676d3618530145474e352. +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tmeasday", role: "editor", id: "5962778d08de6c9c11df0d29", +Operation: "", variables: "", +Query: +{ + tweet(id: "5962778d08de6c9c11df0d2a") { + body + } +} + +2017-07-09 20:35:57 tweet readOne with user tmeasday is authorized +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tmeasday", role: "editor", id: "5962778d08de6c9c11df0d29", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "5962778d08de6c9c11df0d2a") +} + +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "authorId": "5962778d08de6c9c11df0d29" + } + ] +} +2017-07-09 20:35:57 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized +2017-07-09 20:35:57 removed tweet 5962778d08de6c9c11df0d2a. +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tmeasday", role: "editor", id: "5962778d08de6c9c11df0d29", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "authorId": "5962778d08de6c9c11df0d29" + } + ] +} +2017-07-09 20:35:57 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized +2017-07-09 20:35:57 ERROR remove tweet failed for finalQuery: { + "_id": "583676d3618530145474e352", + "$or": [ + { + "authorId": "5962778d08de6c9c11df0d29" + } + ] +} +2017-07-09 20:35:57 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tmeasday", role: "editor", id: "5962778d08de6c9c11df0d29", +Operation: "", variables: "", +Query: +{ + tweet(id: "5962778d08de6c9c11df0d2a") { + body + } +} + +2017-07-09 20:35:57 tweet readOne with user tmeasday is authorized +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tmeasday", role: "editor", id: "5962778d08de6c9c11df0d29", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "5962778d08de6c9c11df0d29") +} + +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "_id": "5962778d08de6c9c11df0d29" + } + ] +} +2017-07-09 20:35:57 removed user 5962778d08de6c9c11df0d29. +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "5962778d08de6c9c11df0d29") { + username + bio + role + } +} + +2017-07-09 20:35:57 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 20:36:20 Logger started +2017-07-09 20:36:33 Logger started +2017-07-09 20:37:37 Logger started +2017-07-09 20:38:24 Logger started +2017-07-09 20:39:07 -------------------------------------------------------------------------------- +2017-07-09 20:39:07 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + role + username + } +} + +2017-07-09 20:39:18 user readOne with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + role + username + } +} + +2017-07-09 20:39:18 user readOne with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca2") { + role + username + } +} + +2017-07-09 20:39:18 user readOne with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + id + username + bio + } +} + +2017-07-09 20:39:18 user readOne with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users { + username + createdAt + } +} + +2017-07-09 20:39:18 users readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(limit: 1) { + username + createdAt + } +} + +2017-07-09 20:39:18 users readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993) { + username + createdAt + } +} + +2017-07-09 20:39:18 users readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } +} + +2017-07-09 20:39:18 users readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers { + username + createdAt + } + } +} + +2017-07-09 20:39:18 user readOne with user stubailo is authorized +2017-07-09 20:39:18 followers readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:39:18 user readOne with user stubailo is authorized +2017-07-09 20:39:18 followers readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-07-09 20:39:18 user readOne with user stubailo is authorized +2017-07-09 20:39:18 followers readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:39:18 user readOne with user stubailo is authorized +2017-07-09 20:39:18 followers readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following { + username + createdAt + } + } +} + +2017-07-09 20:39:18 user readOne with user stubailo is authorized +2017-07-09 20:39:18 following readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:39:18 user readOne with user stubailo is authorized +2017-07-09 20:39:18 following readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-07-09 20:39:18 user readOne with user stubailo is authorized +2017-07-09 20:39:18 following readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:39:18 user readOne with user stubailo is authorized +2017-07-09 20:39:18 following readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets { + id + createdAt + } + } +} + +2017-07-09 20:39:18 user readOne with user stubailo is authorized +2017-07-09 20:39:18 tweets readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(limit: 1) { + id + createdAt + } + } +} + +2017-07-09 20:39:18 user readOne with user stubailo is authorized +2017-07-09 20:39:18 tweets readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } + } +} + +2017-07-09 20:39:18 user readOne with user stubailo is authorized +2017-07-09 20:39:18 tweets readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } + } +} + +2017-07-09 20:39:18 user readOne with user stubailo is authorized +2017-07-09 20:39:18 tweets readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked { + id + createdAt + } + } +} + +2017-07-09 20:39:18 user readOne with user stubailo is authorized +2017-07-09 20:39:18 liked readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(limit: 1) { + id + createdAt + } + } +} + +2017-07-09 20:39:18 user readOne with user stubailo is authorized +2017-07-09 20:39:18 liked readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334) { + id + createdAt + } + } +} + +2017-07-09 20:39:18 user readOne with user stubailo is authorized +2017-07-09 20:39:18 liked readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334, limit: 1) { + id + createdAt + } + } +} + +2017-07-09 20:39:18 user readOne with user stubailo is authorized +2017-07-09 20:39:18 liked readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets { + id + createdAt + } +} + +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + author { + username + } + } +} + +2017-07-09 20:39:18 tweets readMany with user stubailo is authorized +2017-07-09 20:39:18 tweet readOne with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + id + body + } +} + +2017-07-09 20:39:18 tweet readOne with user stubailo is authorized +2017-07-09 20:39:18 author readOne with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(limit: 1) { + id + createdAt + } +} + +2017-07-09 20:39:18 tweets readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } +} + +2017-07-09 20:39:18 tweets readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } +} + +2017-07-09 20:39:18 tweets readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers { + username + createdAt + } + } +} + +2017-07-09 20:39:18 tweet readOne with user stubailo is authorized +2017-07-09 20:39:18 likers readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:39:18 tweet readOne with user stubailo is authorized +2017-07-09 20:39:18 likers readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993) { + username + createdAt + } + } +} + +2017-07-09 20:39:18 tweet readOne with user stubailo is authorized +2017-07-09 20:39:18 likers readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:39:18 tweet readOne with user stubailo is authorized +2017-07-09 20:39:18 likers readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { + id + role + } +} + +2017-07-09 20:39:18 insert user create with user stubailo is authorized +2017-07-09 20:39:18 inserted user 596278564c57819cb42922c4. +2017-07-09 20:39:18 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-07-09 20:39:18 insert user create with user tobkle is authorized +2017-07-09 20:39:18 inserted user 596278564c57819cb42922c5. +2017-07-09 20:39:18 pubsub userInserted readOne with user tobkle is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", +Operation: "", variables: "", +Query: +{ + user(id: "596278564c57819cb42922c5") { + username + bio + role + } +} + +2017-07-09 20:39:18 user readOne with user tobkle is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", +Operation: "", variables: "", +Query: +{ + user(id: "596278564c57819cb42922c4") { + username + role + } +} + +2017-07-09 20:39:18 user readOne with user tobkle is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596278564c57819cb42922c5", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-07-09 20:39:18 update user update with user tobkle is authorized +2017-07-09 20:39:18 updated user 596278564c57819cb42922c5. +2017-07-09 20:39:18 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596278564c57819cb42922c4", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:39:18 update user update with user tobkle is authorized +2017-07-09 20:39:18 updated user 596278564c57819cb42922c4. +2017-07-09 20:39:18 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596278564c57819cb42922c5", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:39:18 update user update with user tobkle is authorized +2017-07-09 20:39:18 updated user 596278564c57819cb42922c5. +2017-07-09 20:39:18 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596278564c57819cb42922c4", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-07-09 20:39:18 update user update with user tobkle is authorized +2017-07-09 20:39:18 updated user 596278564c57819cb42922c4. +2017-07-09 20:39:18 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "tobkle", role: "editor", id: "596278564c57819cb42922c4", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596278564c57819cb42922c4", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:39:18 authQuery: { + "$or": [ + { + "_id": "596278564c57819cb42922c4" + } + ] +} +2017-07-09 20:39:18 ERROR Not authorized to update field "role" +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "zoltan", role: "admin", id: "596278564c57819cb42922c5", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596278564c57819cb42922c4", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:39:19 update user update with user zoltan is authorized +2017-07-09 20:39:19 updated user 596278564c57819cb42922c4. +2017-07-09 20:39:19 pubsub userUpdated readOne with user zoltan is authorized +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "596278564c57819cb42922c5") +} + +2017-07-09 20:39:19 removeUser delete with user tobkle is authorized +2017-07-09 20:39:19 removed user 596278564c57819cb42922c5. +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "596278564c57819cb42922c4", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 20:39:19 insert tweet create with user tobkle is authorized +2017-07-09 20:39:19 inserted tweet 596278574c57819cb42922c6. +2017-07-09 20:39:19 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 20:39:19 insert tweet create with user tobkle is authorized +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", +Operation: "", variables: "", +Query: +{ + tweet(id: "596278574c57819cb42922c6") { + author { + id + } + body + } +} + +2017-07-09 20:39:19 tweet readOne with user tobkle is authorized +2017-07-09 20:39:19 inserted tweet 596278574c57819cb42922c7. +2017-07-09 20:39:19 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 20:39:19 author readOne with user tobkle is authorized +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 20:39:19 tweet readOne with user tobkle is authorized +2017-07-09 20:39:19 author readOne with user tobkle is authorized +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "596278574c57819cb42922c6", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:39:19 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 20:39:19 update tweet update with user tobkle is authorized +2017-07-09 20:39:19 updated tweet 596278574c57819cb42922c6. +2017-07-09 20:39:19 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "596278574c57819cb42922c7", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:39:19 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 20:39:19 update tweet update with user tobkle is authorized +2017-07-09 20:39:19 updated tweet 596278574c57819cb42922c7. +2017-07-09 20:39:19 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", +Operation: "", variables: "", +Query: +{ + tweet(id: "596278574c57819cb42922c6") { + body + } +} + +2017-07-09 20:39:19 tweet readOne with user tobkle is authorized +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "596278574c57819cb42922c6") +} + +2017-07-09 20:39:19 removeTweet delete with user tobkle is authorized +2017-07-09 20:39:19 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 20:39:19 removed tweet 596278574c57819cb42922c6. +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "596278574c57819cb42922c7") +} + +2017-07-09 20:39:19 removeTweet delete with user tobkle is authorized +2017-07-09 20:39:19 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 20:39:19 removed tweet 596278574c57819cb42922c7. +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", +Operation: "", variables: "", +Query: +{ + tweet(id: "596278574c57819cb42922c6") { + body + } +} + +2017-07-09 20:39:19 tweet readOne with user tobkle is authorized +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "596278564c57819cb42922c4") +} + +2017-07-09 20:39:19 removeUser delete with user tobkle is authorized +2017-07-09 20:39:19 removed user 596278564c57819cb42922c4. +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "596278564c57819cb42922c4") { + username + bio + role + } +} + +2017-07-09 20:39:19 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-07-09 20:39:19 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 20:39:19 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:39:19 ERROR Authorization: Not authorized to update in update user. +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 20:39:19 ERROR Authorization: Not authorized to delete in removeUser. +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 20:39:19 ERROR Authorization: Not authorized to create in insert tweet. +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 20:39:19 tweet readOne with user is authorized +2017-07-09 20:39:19 ERROR Authorization: Not authorized to readOne in author. +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:39:19 tweet getOneById in updateById for docBefore readOne with user is authorized +2017-07-09 20:39:19 ERROR Authorization: Not authorized to update in update tweet. +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:39:19 tweet getOneById in updateById for docBefore readOne with user is authorized +2017-07-09 20:39:19 ERROR Authorization: Not authorized to update in update tweet. +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 20:39:19 ERROR Authorization: Not authorized to delete in removeTweet. +2017-07-09 20:39:19 tweet getOneById in removeById for docBefore readOne with user is authorized +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { + id + role + } +} + +2017-07-09 20:39:19 insert user create with user stubailo is authorized +2017-07-09 20:39:19 inserted user 596278574c57819cb42922c8. +2017-07-09 20:39:19 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "user", id: "596278574c57819cb42922c8", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-07-09 20:39:19 authQuery: { + "$or": [] +} +2017-07-09 20:39:19 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "user", id: "596278574c57819cb42922c8", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "_id": "596278574c57819cb42922c8" + } + ] +} +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "user", id: "596278574c57819cb42922c8", +Operation: "", variables: "", +Query: +{ + user(id: "596278574c57819cb42922c8") { + username + } +} + +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "_id": "596278574c57819cb42922c8" + } + ] +} +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "user", id: "596278574c57819cb42922c8", +Operation: "", variables: "", +Query: +{ + user(id: "596278574c57819cb42922c8") { + username + role + } +} + +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "_id": "596278574c57819cb42922c8" + } + ] +} +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "user", id: "596278574c57819cb42922c8", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "_id": "596278574c57819cb42922c8" + } + ] +} +2017-07-09 20:39:19 ERROR Not authorized to update field "role" +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "user", id: "596278574c57819cb42922c8", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596278574c57819cb42922c8", input: {username: "tobkle", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "_id": "596278574c57819cb42922c8" + } + ] +} +2017-07-09 20:39:19 updated user 596278574c57819cb42922c8. +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "_id": "596278574c57819cb42922c8" + } + ] +} +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "user", id: "596278574c57819cb42922c8", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596278574c57819cb42922c8", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "_id": "596278574c57819cb42922c8" + } + ] +} +2017-07-09 20:39:19 ERROR Not authorized to update field "role" +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "user", id: "596278574c57819cb42922c8", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "_id": "596278574c57819cb42922c8" + } + ] +} +2017-07-09 20:39:19 ERROR remove user failed for finalQuery: { + "_id": "583291a1638566b3c5a92ca1", + "$or": [ + { + "_id": "596278574c57819cb42922c8" + } + ] +} +2017-07-09 20:39:19 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "user", id: "596278574c57819cb42922c8", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "596278574c57819cb42922c8", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "authorId": "596278574c57819cb42922c8" + } + ] +} +2017-07-09 20:39:19 inserted tweet 596278574c57819cb42922c9. +2017-07-09 20:39:19 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "user", id: "596278574c57819cb42922c8", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "authorId": "596278574c57819cb42922c8" + } + ] +} +2017-07-09 20:39:19 ERROR Not authorized to insert tweet +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "user", id: "596278574c57819cb42922c8", +Operation: "", variables: "", +Query: +{ + tweet(id: "596278574c57819cb42922c9") { + author { + id + } + body + } +} + +2017-07-09 20:39:19 tweet readOne with user tobkle is authorized +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "_id": "596278574c57819cb42922c8" + } + ] +} +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "user", id: "596278574c57819cb42922c8", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 20:39:19 tweet readOne with user tobkle is authorized +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "_id": "596278574c57819cb42922c8" + } + ] +} +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "user", id: "596278574c57819cb42922c8", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "596278574c57819cb42922c9", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:39:19 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "authorId": "596278574c57819cb42922c8" + }, + { + "coauthorsIds": "596278574c57819cb42922c8" + } + ] +} +2017-07-09 20:39:19 updated tweet 596278574c57819cb42922c9. +2017-07-09 20:39:19 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "user", id: "596278574c57819cb42922c8", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:39:19 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "authorId": "596278574c57819cb42922c8" + }, + { + "coauthorsIds": "596278574c57819cb42922c8" + } + ] +} +2017-07-09 20:39:19 ERROR update tweet failed finalQuery: { + "_id": "583676d3618530145474e352", + "$or": [ + { + "authorId": "596278574c57819cb42922c8" + }, + { + "coauthorsIds": "596278574c57819cb42922c8" + } + ] +} +2017-07-09 20:39:19 ERROR update tweet failed for docToUpdate: { + "$set": { + "body": "This is a modified test tweet", + "updatedAt": 1499625559454, + "updatedById": "596278574c57819cb42922c8" + } +} +2017-07-09 20:39:19 ERROR update tweet not possible for 583676d3618530145474e352. +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "user", id: "596278574c57819cb42922c8", +Operation: "", variables: "", +Query: +{ + tweet(id: "596278574c57819cb42922c9") { + body + } +} + +2017-07-09 20:39:19 tweet readOne with user tobkle is authorized +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "user", id: "596278574c57819cb42922c8", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "596278574c57819cb42922c9") +} + +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "authorId": "596278574c57819cb42922c8" + } + ] +} +2017-07-09 20:39:19 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 20:39:19 removed tweet 596278574c57819cb42922c9. +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "user", id: "596278574c57819cb42922c8", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "authorId": "596278574c57819cb42922c8" + } + ] +} +2017-07-09 20:39:19 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 20:39:19 ERROR remove tweet failed for finalQuery: { + "_id": "583676d3618530145474e352", + "$or": [ + { + "authorId": "596278574c57819cb42922c8" + } + ] +} +2017-07-09 20:39:19 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "user", id: "596278574c57819cb42922c8", +Operation: "", variables: "", +Query: +{ + tweet(id: "596278574c57819cb42922c9") { + body + } +} + +2017-07-09 20:39:19 tweet readOne with user tobkle is authorized +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "user", id: "596278574c57819cb42922c8", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "596278574c57819cb42922c8") +} + +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "_id": "596278574c57819cb42922c8" + } + ] +} +2017-07-09 20:39:19 removed user 596278574c57819cb42922c8. +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "596278574c57819cb42922c8") { + username + bio + role + } +} + +2017-07-09 20:39:19 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { + id + role + } +} + +2017-07-09 20:39:19 insert user create with user stubailo is authorized +2017-07-09 20:39:19 inserted user 596278574c57819cb42922ca. +2017-07-09 20:39:19 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "editor", id: "596278574c57819cb42922ca", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-07-09 20:39:19 authQuery: { + "$or": [] +} +2017-07-09 20:39:19 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "editor", id: "596278574c57819cb42922ca", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "_id": "596278574c57819cb42922ca" + } + ] +} +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "editor", id: "596278574c57819cb42922ca", +Operation: "", variables: "", +Query: +{ + user(id: "596278574c57819cb42922ca") { + username + role + } +} + +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "_id": "596278574c57819cb42922ca" + } + ] +} +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "editor", id: "596278574c57819cb42922ca", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "_id": "596278574c57819cb42922ca" + } + ] +} +2017-07-09 20:39:19 ERROR Not authorized to update field "role" +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "editor", id: "596278574c57819cb42922ca", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596278574c57819cb42922ca", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "_id": "596278574c57819cb42922ca" + } + ] +} +2017-07-09 20:39:19 updated user 596278574c57819cb42922ca. +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "_id": "596278574c57819cb42922ca" + } + ] +} +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tmeasday", role: "editor", id: "596278574c57819cb42922ca", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596278574c57819cb42922ca", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "_id": "596278574c57819cb42922ca" + } + ] +} +2017-07-09 20:39:19 ERROR Not authorized to update field "role" +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tmeasday", role: "editor", id: "596278574c57819cb42922ca", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "_id": "596278574c57819cb42922ca" + } + ] +} +2017-07-09 20:39:19 ERROR remove user failed for finalQuery: { + "_id": "583291a1638566b3c5a92ca1", + "$or": [ + { + "_id": "596278574c57819cb42922ca" + } + ] +} +2017-07-09 20:39:19 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tmeasday", role: "editor", id: "596278574c57819cb42922ca", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "596278574c57819cb42922ca", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "authorId": "596278574c57819cb42922ca" + } + ] +} +2017-07-09 20:39:19 inserted tweet 596278574c57819cb42922cb. +2017-07-09 20:39:19 pubsub tweetInserted readOne with user tmeasday is authorized +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tmeasday", role: "editor", id: "596278574c57819cb42922ca", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "authorId": "596278574c57819cb42922ca" + } + ] +} +2017-07-09 20:39:19 ERROR Not authorized to insert tweet +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tmeasday", role: "editor", id: "596278574c57819cb42922ca", +Operation: "", variables: "", +Query: +{ + tweet(id: "596278574c57819cb42922cb") { + author { + id + } + body + } +} + +2017-07-09 20:39:19 tweet readOne with user tmeasday is authorized +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "_id": "596278574c57819cb42922ca" + } + ] +} +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tmeasday", role: "editor", id: "596278574c57819cb42922ca", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 20:39:19 tweet readOne with user tmeasday is authorized +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "_id": "596278574c57819cb42922ca" + } + ] +} +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tmeasday", role: "editor", id: "596278574c57819cb42922ca", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "596278574c57819cb42922cb", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:39:19 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "authorId": "596278574c57819cb42922ca" + }, + { + "coauthorsIds": "596278574c57819cb42922ca" + } + ] +} +2017-07-09 20:39:19 updated tweet 596278574c57819cb42922cb. +2017-07-09 20:39:19 pubsub tweetUpdated readOne with user tmeasday is authorized +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tmeasday", role: "editor", id: "596278574c57819cb42922ca", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:39:19 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "authorId": "596278574c57819cb42922ca" + }, + { + "coauthorsIds": "596278574c57819cb42922ca" + } + ] +} +2017-07-09 20:39:19 ERROR update tweet failed finalQuery: { + "_id": "583676d3618530145474e352", + "$or": [ + { + "authorId": "596278574c57819cb42922ca" + }, + { + "coauthorsIds": "596278574c57819cb42922ca" + } + ] +} +2017-07-09 20:39:19 ERROR update tweet failed for docToUpdate: { + "$set": { + "body": "This is a modified test tweet", + "updatedAt": 1499625559652, + "updatedById": "596278574c57819cb42922ca" + } +} +2017-07-09 20:39:19 ERROR update tweet not possible for 583676d3618530145474e352. +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tmeasday", role: "editor", id: "596278574c57819cb42922ca", +Operation: "", variables: "", +Query: +{ + tweet(id: "596278574c57819cb42922cb") { + body + } +} + +2017-07-09 20:39:19 tweet readOne with user tmeasday is authorized +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tmeasday", role: "editor", id: "596278574c57819cb42922ca", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "596278574c57819cb42922cb") +} + +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "authorId": "596278574c57819cb42922ca" + } + ] +} +2017-07-09 20:39:19 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized +2017-07-09 20:39:19 removed tweet 596278574c57819cb42922cb. +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tmeasday", role: "editor", id: "596278574c57819cb42922ca", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "authorId": "596278574c57819cb42922ca" + } + ] +} +2017-07-09 20:39:19 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized +2017-07-09 20:39:19 ERROR remove tweet failed for finalQuery: { + "_id": "583676d3618530145474e352", + "$or": [ + { + "authorId": "596278574c57819cb42922ca" + } + ] +} +2017-07-09 20:39:19 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tmeasday", role: "editor", id: "596278574c57819cb42922ca", +Operation: "", variables: "", +Query: +{ + tweet(id: "596278574c57819cb42922cb") { + body + } +} + +2017-07-09 20:39:19 tweet readOne with user tmeasday is authorized +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tmeasday", role: "editor", id: "596278574c57819cb42922ca", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "596278574c57819cb42922ca") +} + +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "_id": "596278574c57819cb42922ca" + } + ] +} +2017-07-09 20:39:19 removed user 596278574c57819cb42922ca. +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "596278574c57819cb42922ca") { + username + bio + role + } +} + +2017-07-09 20:39:19 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 20:42:33 -------------------------------------------------------------------------------- +2017-07-09 20:42:33 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-07-09 20:42:44 -------------------------------------------------------------------------------- +2017-07-09 20:42:44 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-07-09 20:42:44 -------------------------------------------------------------------------------- +2017-07-09 20:42:44 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + role + username + } +} + +2017-07-09 20:42:44 user readOne with user stubailo is authorized +2017-07-09 20:42:44 -------------------------------------------------------------------------------- +2017-07-09 20:42:44 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + role + username + } +} + +2017-07-09 20:42:44 user readOne with user stubailo is authorized +2017-07-09 20:42:44 -------------------------------------------------------------------------------- +2017-07-09 20:42:44 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca2") { + role + username + } +} + +2017-07-09 20:42:44 user readOne with user stubailo is authorized +2017-07-09 20:42:44 -------------------------------------------------------------------------------- +2017-07-09 20:42:44 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + id + username + bio + } +} + +2017-07-09 20:42:44 user readOne with user stubailo is authorized +2017-07-09 20:42:44 -------------------------------------------------------------------------------- +2017-07-09 20:42:44 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users { + username + createdAt + } +} + +2017-07-09 20:42:44 users readMany with user stubailo is authorized +2017-07-09 20:42:44 -------------------------------------------------------------------------------- +2017-07-09 20:42:44 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(limit: 1) { + username + createdAt + } +} + +2017-07-09 20:42:44 users readMany with user stubailo is authorized +2017-07-09 20:42:44 -------------------------------------------------------------------------------- +2017-07-09 20:42:44 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993) { + username + createdAt + } +} + +2017-07-09 20:42:44 users readMany with user stubailo is authorized +2017-07-09 20:42:44 -------------------------------------------------------------------------------- +2017-07-09 20:42:44 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } +} + +2017-07-09 20:42:44 users readMany with user stubailo is authorized +2017-07-09 20:42:44 -------------------------------------------------------------------------------- +2017-07-09 20:42:44 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers { + username + createdAt + } + } +} + +2017-07-09 20:42:44 user readOne with user stubailo is authorized +2017-07-09 20:42:44 followers readMany with user stubailo is authorized +2017-07-09 20:42:44 -------------------------------------------------------------------------------- +2017-07-09 20:42:44 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:42:44 user readOne with user stubailo is authorized +2017-07-09 20:42:44 followers readMany with user stubailo is authorized +2017-07-09 20:42:44 -------------------------------------------------------------------------------- +2017-07-09 20:42:44 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-07-09 20:42:44 user readOne with user stubailo is authorized +2017-07-09 20:42:44 followers readMany with user stubailo is authorized +2017-07-09 20:42:44 -------------------------------------------------------------------------------- +2017-07-09 20:42:44 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:42:44 user readOne with user stubailo is authorized +2017-07-09 20:42:44 followers readMany with user stubailo is authorized +2017-07-09 20:42:44 -------------------------------------------------------------------------------- +2017-07-09 20:42:44 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following { + username + createdAt + } + } +} + +2017-07-09 20:42:44 user readOne with user stubailo is authorized +2017-07-09 20:42:44 following readMany with user stubailo is authorized +2017-07-09 20:42:44 -------------------------------------------------------------------------------- +2017-07-09 20:42:44 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:42:44 user readOne with user stubailo is authorized +2017-07-09 20:42:44 following readMany with user stubailo is authorized +2017-07-09 20:42:44 -------------------------------------------------------------------------------- +2017-07-09 20:42:44 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-07-09 20:42:44 user readOne with user stubailo is authorized +2017-07-09 20:42:44 following readMany with user stubailo is authorized +2017-07-09 20:42:44 -------------------------------------------------------------------------------- +2017-07-09 20:42:44 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:42:44 user readOne with user stubailo is authorized +2017-07-09 20:42:44 following readMany with user stubailo is authorized +2017-07-09 20:42:44 -------------------------------------------------------------------------------- +2017-07-09 20:42:44 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets { + id + createdAt + } + } +} + +2017-07-09 20:42:44 user readOne with user stubailo is authorized +2017-07-09 20:42:44 tweets readMany with user stubailo is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(limit: 1) { + id + createdAt + } + } +} + +2017-07-09 20:42:45 user readOne with user stubailo is authorized +2017-07-09 20:42:45 tweets readMany with user stubailo is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } + } +} + +2017-07-09 20:42:45 user readOne with user stubailo is authorized +2017-07-09 20:42:45 tweets readMany with user stubailo is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } + } +} + +2017-07-09 20:42:45 user readOne with user stubailo is authorized +2017-07-09 20:42:45 tweets readMany with user stubailo is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked { + id + createdAt + } + } +} + +2017-07-09 20:42:45 user readOne with user stubailo is authorized +2017-07-09 20:42:45 liked readMany with user stubailo is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(limit: 1) { + id + createdAt + } + } +} + +2017-07-09 20:42:45 user readOne with user stubailo is authorized +2017-07-09 20:42:45 liked readMany with user stubailo is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334) { + id + createdAt + } + } +} + +2017-07-09 20:42:45 user readOne with user stubailo is authorized +2017-07-09 20:42:45 liked readMany with user stubailo is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334, limit: 1) { + id + createdAt + } + } +} + +2017-07-09 20:42:45 user readOne with user stubailo is authorized +2017-07-09 20:42:45 liked readMany with user stubailo is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + id + body + } +} + +2017-07-09 20:42:45 tweet readOne with user stubailo is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + author { + username + } + } +} + +2017-07-09 20:42:45 tweet readOne with user stubailo is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets { + id + createdAt + } +} + +2017-07-09 20:42:45 tweets readMany with user stubailo is authorized +2017-07-09 20:42:45 author readOne with user stubailo is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(limit: 1) { + id + createdAt + } +} + +2017-07-09 20:42:45 tweets readMany with user stubailo is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } +} + +2017-07-09 20:42:45 tweets readMany with user stubailo is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } +} + +2017-07-09 20:42:45 tweets readMany with user stubailo is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers { + username + createdAt + } + } +} + +2017-07-09 20:42:45 tweet readOne with user stubailo is authorized +2017-07-09 20:42:45 likers readMany with user stubailo is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:42:45 tweet readOne with user stubailo is authorized +2017-07-09 20:42:45 likers readMany with user stubailo is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993) { + username + createdAt + } + } +} + +2017-07-09 20:42:45 tweet readOne with user stubailo is authorized +2017-07-09 20:42:45 likers readMany with user stubailo is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:42:45 tweet readOne with user stubailo is authorized +2017-07-09 20:42:45 likers readMany with user stubailo is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { + id + role + } +} + +2017-07-09 20:42:45 insert user create with user stubailo is authorized +2017-07-09 20:42:45 inserted user 596279254c57819cb42922cc. +2017-07-09 20:42:45 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-07-09 20:42:45 insert user create with user tobkle is authorized +2017-07-09 20:42:45 inserted user 596279254c57819cb42922cd. +2017-07-09 20:42:45 pubsub userInserted readOne with user tobkle is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", +Operation: "", variables: "", +Query: +{ + user(id: "596279254c57819cb42922cd") { + username + bio + role + } +} + +2017-07-09 20:42:45 user readOne with user tobkle is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", +Operation: "", variables: "", +Query: +{ + user(id: "596279254c57819cb42922cc") { + username + role + } +} + +2017-07-09 20:42:45 user readOne with user tobkle is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596279254c57819cb42922cd", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-07-09 20:42:45 update user update with user tobkle is authorized +2017-07-09 20:42:45 updated user 596279254c57819cb42922cd. +2017-07-09 20:42:45 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596279254c57819cb42922cc", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:42:45 update user update with user tobkle is authorized +2017-07-09 20:42:45 updated user 596279254c57819cb42922cc. +2017-07-09 20:42:45 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596279254c57819cb42922cd", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:42:45 update user update with user tobkle is authorized +2017-07-09 20:42:45 updated user 596279254c57819cb42922cd. +2017-07-09 20:42:45 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596279254c57819cb42922cc", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-07-09 20:42:45 update user update with user tobkle is authorized +2017-07-09 20:42:45 updated user 596279254c57819cb42922cc. +2017-07-09 20:42:45 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "editor", id: "596279254c57819cb42922cc", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596279254c57819cb42922cc", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "_id": "596279254c57819cb42922cc" + } + ] +} +2017-07-09 20:42:45 ERROR Not authorized to update field "role" +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "zoltan", role: "admin", id: "596279254c57819cb42922cd", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596279254c57819cb42922cc", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:42:45 update user update with user zoltan is authorized +2017-07-09 20:42:45 updated user 596279254c57819cb42922cc. +2017-07-09 20:42:45 pubsub userUpdated readOne with user zoltan is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "596279254c57819cb42922cd") +} + +2017-07-09 20:42:45 removeUser delete with user tobkle is authorized +2017-07-09 20:42:45 removed user 596279254c57819cb42922cd. +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "596279254c57819cb42922cc", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 20:42:45 insert tweet create with user tobkle is authorized +2017-07-09 20:42:45 inserted tweet 596279254c57819cb42922ce. +2017-07-09 20:42:45 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 20:42:45 insert tweet create with user tobkle is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", +Operation: "", variables: "", +Query: +{ + tweet(id: "596279254c57819cb42922ce") { + author { + id + } + body + } +} + +2017-07-09 20:42:45 tweet readOne with user tobkle is authorized +2017-07-09 20:42:45 inserted tweet 596279254c57819cb42922cf. +2017-07-09 20:42:45 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 20:42:45 author readOne with user tobkle is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 20:42:45 tweet readOne with user tobkle is authorized +2017-07-09 20:42:45 author readOne with user tobkle is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "596279254c57819cb42922ce", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:42:45 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 20:42:45 update tweet update with user tobkle is authorized +2017-07-09 20:42:45 updated tweet 596279254c57819cb42922ce. +2017-07-09 20:42:45 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "596279254c57819cb42922cf", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:42:45 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 20:42:45 update tweet update with user tobkle is authorized +2017-07-09 20:42:45 updated tweet 596279254c57819cb42922cf. +2017-07-09 20:42:45 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", +Operation: "", variables: "", +Query: +{ + tweet(id: "596279254c57819cb42922ce") { + body + } +} + +2017-07-09 20:42:45 tweet readOne with user tobkle is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "596279254c57819cb42922ce") +} + +2017-07-09 20:42:45 removeTweet delete with user tobkle is authorized +2017-07-09 20:42:45 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 20:42:45 removed tweet 596279254c57819cb42922ce. +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "596279254c57819cb42922cf") +} + +2017-07-09 20:42:45 removeTweet delete with user tobkle is authorized +2017-07-09 20:42:45 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 20:42:45 removed tweet 596279254c57819cb42922cf. +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", +Operation: "", variables: "", +Query: +{ + tweet(id: "596279254c57819cb42922ce") { + body + } +} + +2017-07-09 20:42:45 tweet readOne with user tobkle is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "596279254c57819cb42922cc") +} + +2017-07-09 20:42:45 removeUser delete with user tobkle is authorized +2017-07-09 20:42:45 removed user 596279254c57819cb42922cc. +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "596279254c57819cb42922cc") { + username + bio + role + } +} + +2017-07-09 20:42:45 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-07-09 20:42:45 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 20:42:45 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:42:45 ERROR Authorization: Not authorized to update in update user. +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 20:42:45 ERROR Authorization: Not authorized to delete in removeUser. +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 20:42:45 ERROR Authorization: Not authorized to create in insert tweet. +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 20:42:45 tweet readOne with user is authorized +2017-07-09 20:42:45 ERROR Authorization: Not authorized to readOne in author. +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:42:45 tweet getOneById in updateById for docBefore readOne with user is authorized +2017-07-09 20:42:45 ERROR Authorization: Not authorized to update in update tweet. +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:42:45 tweet getOneById in updateById for docBefore readOne with user is authorized +2017-07-09 20:42:45 ERROR Authorization: Not authorized to update in update tweet. +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 20:42:45 ERROR Authorization: Not authorized to delete in removeTweet. +2017-07-09 20:42:45 tweet getOneById in removeById for docBefore readOne with user is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { + id + role + } +} + +2017-07-09 20:42:45 insert user create with user stubailo is authorized +2017-07-09 20:42:45 inserted user 596279254c57819cb42922d0. +2017-07-09 20:42:45 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "user", id: "596279254c57819cb42922d0", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-07-09 20:42:45 authQuery: { + "$or": [] +} +2017-07-09 20:42:45 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "user", id: "596279254c57819cb42922d0", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "_id": "596279254c57819cb42922d0" + } + ] +} +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "user", id: "596279254c57819cb42922d0", +Operation: "", variables: "", +Query: +{ + user(id: "596279254c57819cb42922d0") { + username + } +} + +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "_id": "596279254c57819cb42922d0" + } + ] +} +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "user", id: "596279254c57819cb42922d0", +Operation: "", variables: "", +Query: +{ + user(id: "596279254c57819cb42922d0") { + username + role + } +} + +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "_id": "596279254c57819cb42922d0" + } + ] +} +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "user", id: "596279254c57819cb42922d0", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "_id": "596279254c57819cb42922d0" + } + ] +} +2017-07-09 20:42:45 ERROR Not authorized to update field "role" +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "user", id: "596279254c57819cb42922d0", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596279254c57819cb42922d0", input: {username: "tobkle", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "_id": "596279254c57819cb42922d0" + } + ] +} +2017-07-09 20:42:45 updated user 596279254c57819cb42922d0. +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "_id": "596279254c57819cb42922d0" + } + ] +} +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "user", id: "596279254c57819cb42922d0", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596279254c57819cb42922d0", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "_id": "596279254c57819cb42922d0" + } + ] +} +2017-07-09 20:42:45 ERROR Not authorized to update field "role" +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "user", id: "596279254c57819cb42922d0", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "_id": "596279254c57819cb42922d0" + } + ] +} +2017-07-09 20:42:45 ERROR remove user failed for finalQuery: { + "_id": "583291a1638566b3c5a92ca1", + "$or": [ + { + "_id": "596279254c57819cb42922d0" + } + ] +} +2017-07-09 20:42:45 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "user", id: "596279254c57819cb42922d0", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "596279254c57819cb42922d0", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "authorId": "596279254c57819cb42922d0" + } + ] +} +2017-07-09 20:42:45 inserted tweet 596279254c57819cb42922d1. +2017-07-09 20:42:45 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "user", id: "596279254c57819cb42922d0", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "authorId": "596279254c57819cb42922d0" + } + ] +} +2017-07-09 20:42:45 ERROR Not authorized to insert tweet +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "user", id: "596279254c57819cb42922d0", +Operation: "", variables: "", +Query: +{ + tweet(id: "596279254c57819cb42922d1") { + author { + id + } + body + } +} + +2017-07-09 20:42:45 tweet readOne with user tobkle is authorized +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "_id": "596279254c57819cb42922d0" + } + ] +} +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "user", id: "596279254c57819cb42922d0", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 20:42:45 tweet readOne with user tobkle is authorized +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "_id": "596279254c57819cb42922d0" + } + ] +} +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "user", id: "596279254c57819cb42922d0", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "596279254c57819cb42922d1", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:42:45 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "authorId": "596279254c57819cb42922d0" + }, + { + "coauthorsIds": "596279254c57819cb42922d0" + } + ] +} +2017-07-09 20:42:45 updated tweet 596279254c57819cb42922d1. +2017-07-09 20:42:45 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "user", id: "596279254c57819cb42922d0", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:42:45 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "authorId": "596279254c57819cb42922d0" + }, + { + "coauthorsIds": "596279254c57819cb42922d0" + } + ] +} +2017-07-09 20:42:45 ERROR update tweet failed finalQuery: { + "_id": "583676d3618530145474e352", + "$or": [ + { + "authorId": "596279254c57819cb42922d0" + }, + { + "coauthorsIds": "596279254c57819cb42922d0" + } + ] +} +2017-07-09 20:42:45 ERROR update tweet failed for docToUpdate: { + "$set": { + "body": "This is a modified test tweet", + "updatedAt": 1499625765665, + "updatedById": "596279254c57819cb42922d0" + } +} +2017-07-09 20:42:45 ERROR update tweet not possible for 583676d3618530145474e352. +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "user", id: "596279254c57819cb42922d0", +Operation: "", variables: "", +Query: +{ + tweet(id: "596279254c57819cb42922d1") { + body + } +} + +2017-07-09 20:42:45 tweet readOne with user tobkle is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "user", id: "596279254c57819cb42922d0", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "596279254c57819cb42922d1") +} + +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "authorId": "596279254c57819cb42922d0" + } + ] +} +2017-07-09 20:42:45 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 20:42:45 removed tweet 596279254c57819cb42922d1. +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "user", id: "596279254c57819cb42922d0", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "authorId": "596279254c57819cb42922d0" + } + ] +} +2017-07-09 20:42:45 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 20:42:45 ERROR remove tweet failed for finalQuery: { + "_id": "583676d3618530145474e352", + "$or": [ + { + "authorId": "596279254c57819cb42922d0" + } + ] +} +2017-07-09 20:42:45 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "user", id: "596279254c57819cb42922d0", +Operation: "", variables: "", +Query: +{ + tweet(id: "596279254c57819cb42922d1") { + body + } +} + +2017-07-09 20:42:45 tweet readOne with user tobkle is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "user", id: "596279254c57819cb42922d0", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "596279254c57819cb42922d0") +} + +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "_id": "596279254c57819cb42922d0" + } + ] +} +2017-07-09 20:42:45 removed user 596279254c57819cb42922d0. +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "596279254c57819cb42922d0") { + username + bio + role + } +} + +2017-07-09 20:42:45 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { + id + role + } +} + +2017-07-09 20:42:45 insert user create with user stubailo is authorized +2017-07-09 20:42:45 inserted user 596279254c57819cb42922d2. +2017-07-09 20:42:45 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "editor", id: "596279254c57819cb42922d2", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-07-09 20:42:45 authQuery: { + "$or": [] +} +2017-07-09 20:42:45 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "editor", id: "596279254c57819cb42922d2", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "_id": "596279254c57819cb42922d2" + } + ] +} +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "editor", id: "596279254c57819cb42922d2", +Operation: "", variables: "", +Query: +{ + user(id: "596279254c57819cb42922d2") { + username + role + } +} + +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "_id": "596279254c57819cb42922d2" + } + ] +} +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "editor", id: "596279254c57819cb42922d2", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "_id": "596279254c57819cb42922d2" + } + ] +} +2017-07-09 20:42:45 ERROR Not authorized to update field "role" +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "editor", id: "596279254c57819cb42922d2", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596279254c57819cb42922d2", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "_id": "596279254c57819cb42922d2" + } + ] +} +2017-07-09 20:42:45 updated user 596279254c57819cb42922d2. +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "_id": "596279254c57819cb42922d2" + } + ] +} +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tmeasday", role: "editor", id: "596279254c57819cb42922d2", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596279254c57819cb42922d2", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "_id": "596279254c57819cb42922d2" + } + ] +} +2017-07-09 20:42:45 ERROR Not authorized to update field "role" +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tmeasday", role: "editor", id: "596279254c57819cb42922d2", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "_id": "596279254c57819cb42922d2" + } + ] +} +2017-07-09 20:42:45 ERROR remove user failed for finalQuery: { + "_id": "583291a1638566b3c5a92ca1", + "$or": [ + { + "_id": "596279254c57819cb42922d2" + } + ] +} +2017-07-09 20:42:45 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tmeasday", role: "editor", id: "596279254c57819cb42922d2", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "596279254c57819cb42922d2", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "authorId": "596279254c57819cb42922d2" + } + ] +} +2017-07-09 20:42:45 inserted tweet 596279254c57819cb42922d3. +2017-07-09 20:42:45 pubsub tweetInserted readOne with user tmeasday is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tmeasday", role: "editor", id: "596279254c57819cb42922d2", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "authorId": "596279254c57819cb42922d2" + } + ] +} +2017-07-09 20:42:45 ERROR Not authorized to insert tweet +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tmeasday", role: "editor", id: "596279254c57819cb42922d2", +Operation: "", variables: "", +Query: +{ + tweet(id: "596279254c57819cb42922d3") { + author { + id + } + body + } +} + +2017-07-09 20:42:45 tweet readOne with user tmeasday is authorized +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "_id": "596279254c57819cb42922d2" + } + ] +} +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tmeasday", role: "editor", id: "596279254c57819cb42922d2", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 20:42:45 tweet readOne with user tmeasday is authorized +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "_id": "596279254c57819cb42922d2" + } + ] +} +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tmeasday", role: "editor", id: "596279254c57819cb42922d2", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "596279254c57819cb42922d3", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:42:45 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "authorId": "596279254c57819cb42922d2" + }, + { + "coauthorsIds": "596279254c57819cb42922d2" + } + ] +} +2017-07-09 20:42:45 updated tweet 596279254c57819cb42922d3. +2017-07-09 20:42:45 pubsub tweetUpdated readOne with user tmeasday is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tmeasday", role: "editor", id: "596279254c57819cb42922d2", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:42:45 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "authorId": "596279254c57819cb42922d2" + }, + { + "coauthorsIds": "596279254c57819cb42922d2" + } + ] +} +2017-07-09 20:42:45 ERROR update tweet failed finalQuery: { + "_id": "583676d3618530145474e352", + "$or": [ + { + "authorId": "596279254c57819cb42922d2" + }, + { + "coauthorsIds": "596279254c57819cb42922d2" + } + ] +} +2017-07-09 20:42:45 ERROR update tweet failed for docToUpdate: { + "$set": { + "body": "This is a modified test tweet", + "updatedAt": 1499625765847, + "updatedById": "596279254c57819cb42922d2" + } +} +2017-07-09 20:42:45 ERROR update tweet not possible for 583676d3618530145474e352. +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tmeasday", role: "editor", id: "596279254c57819cb42922d2", +Operation: "", variables: "", +Query: +{ + tweet(id: "596279254c57819cb42922d3") { + body + } +} + +2017-07-09 20:42:45 tweet readOne with user tmeasday is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tmeasday", role: "editor", id: "596279254c57819cb42922d2", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "596279254c57819cb42922d3") +} + +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "authorId": "596279254c57819cb42922d2" + } + ] +} +2017-07-09 20:42:45 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized +2017-07-09 20:42:45 removed tweet 596279254c57819cb42922d3. +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tmeasday", role: "editor", id: "596279254c57819cb42922d2", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "authorId": "596279254c57819cb42922d2" + } + ] +} +2017-07-09 20:42:45 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized +2017-07-09 20:42:45 ERROR remove tweet failed for finalQuery: { + "_id": "583676d3618530145474e352", + "$or": [ + { + "authorId": "596279254c57819cb42922d2" + } + ] +} +2017-07-09 20:42:45 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tmeasday", role: "editor", id: "596279254c57819cb42922d2", +Operation: "", variables: "", +Query: +{ + tweet(id: "596279254c57819cb42922d3") { + body + } +} + +2017-07-09 20:42:45 tweet readOne with user tmeasday is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tmeasday", role: "editor", id: "596279254c57819cb42922d2", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "596279254c57819cb42922d2") +} + +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "_id": "596279254c57819cb42922d2" + } + ] +} +2017-07-09 20:42:45 removed user 596279254c57819cb42922d2. +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "596279254c57819cb42922d2") { + username + bio + role + } +} + +2017-07-09 20:42:45 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 20:46:10 Logger started +2017-07-09 21:06:09 -------------------------------------------------------------------------------- +2017-07-09 21:06:09 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + role + username + } +} + +2017-07-09 21:06:19 user readOne with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + role + username + } +} + +2017-07-09 21:06:19 user readOne with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca2") { + role + username + } +} + +2017-07-09 21:06:19 user readOne with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + id + username + bio + } +} + +2017-07-09 21:06:19 user readOne with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users { + username + createdAt + } +} + +2017-07-09 21:06:19 users readMany with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(limit: 1) { + username + createdAt + } +} + +2017-07-09 21:06:19 users readMany with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993) { + username + createdAt + } +} + +2017-07-09 21:06:19 users readMany with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } +} + +2017-07-09 21:06:19 users readMany with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers { + username + createdAt + } + } +} + +2017-07-09 21:06:19 user readOne with user stubailo is authorized +2017-07-09 21:06:19 followers readMany with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 21:06:19 user readOne with user stubailo is authorized +2017-07-09 21:06:19 followers readMany with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-07-09 21:06:19 user readOne with user stubailo is authorized +2017-07-09 21:06:19 followers readMany with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 21:06:19 user readOne with user stubailo is authorized +2017-07-09 21:06:19 followers readMany with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following { + username + createdAt + } + } +} + +2017-07-09 21:06:19 user readOne with user stubailo is authorized +2017-07-09 21:06:19 following readMany with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 21:06:19 user readOne with user stubailo is authorized +2017-07-09 21:06:19 following readMany with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-07-09 21:06:19 user readOne with user stubailo is authorized +2017-07-09 21:06:19 following readMany with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 21:06:19 user readOne with user stubailo is authorized +2017-07-09 21:06:19 following readMany with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets { + id + createdAt + } + } +} + +2017-07-09 21:06:19 user readOne with user stubailo is authorized +2017-07-09 21:06:19 tweets readMany with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(limit: 1) { + id + createdAt + } + } +} + +2017-07-09 21:06:19 user readOne with user stubailo is authorized +2017-07-09 21:06:19 tweets readMany with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } + } +} + +2017-07-09 21:06:19 user readOne with user stubailo is authorized +2017-07-09 21:06:19 tweets readMany with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } + } +} + +2017-07-09 21:06:19 user readOne with user stubailo is authorized +2017-07-09 21:06:19 tweets readMany with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked { + id + createdAt + } + } +} + +2017-07-09 21:06:19 user readOne with user stubailo is authorized +2017-07-09 21:06:19 liked readMany with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(limit: 1) { + id + createdAt + } + } +} + +2017-07-09 21:06:19 user readOne with user stubailo is authorized +2017-07-09 21:06:19 liked readMany with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334) { + id + createdAt + } + } +} + +2017-07-09 21:06:19 user readOne with user stubailo is authorized +2017-07-09 21:06:19 liked readMany with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334, limit: 1) { + id + createdAt + } + } +} + +2017-07-09 21:06:19 user readOne with user stubailo is authorized +2017-07-09 21:06:19 liked readMany with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + id + body + } +} + +2017-07-09 21:06:19 tweet readOne with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + author { + username + } + } +} + +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets { + id + createdAt + } +} + +2017-07-09 21:06:19 tweets readMany with user stubailo is authorized +2017-07-09 21:06:19 tweet readOne with user stubailo is authorized +2017-07-09 21:06:19 author readOne with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(limit: 1) { + id + createdAt + } +} + +2017-07-09 21:06:19 tweets readMany with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } +} + +2017-07-09 21:06:19 tweets readMany with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } +} + +2017-07-09 21:06:19 tweets readMany with user stubailo is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers { + username + createdAt + } + } +} + +2017-07-09 21:06:20 tweet readOne with user stubailo is authorized +2017-07-09 21:06:20 likers readMany with user stubailo is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 21:06:20 tweet readOne with user stubailo is authorized +2017-07-09 21:06:20 likers readMany with user stubailo is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993) { + username + createdAt + } + } +} + +2017-07-09 21:06:20 tweet readOne with user stubailo is authorized +2017-07-09 21:06:20 likers readMany with user stubailo is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 21:06:20 tweet readOne with user stubailo is authorized +2017-07-09 21:06:20 likers readMany with user stubailo is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { + id + role + } +} + +2017-07-09 21:06:20 insert user create with user stubailo is authorized +2017-07-09 21:06:20 inserted user 59627eac2157d09ddf9d728c. +2017-07-09 21:06:20 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-07-09 21:06:20 insert user create with user tobkle is authorized +2017-07-09 21:06:20 inserted user 59627eac2157d09ddf9d728d. +2017-07-09 21:06:20 pubsub userInserted readOne with user tobkle is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +Operation: "", variables: "", +Query: +{ + user(id: "59627eac2157d09ddf9d728d") { + username + bio + role + } +} + +2017-07-09 21:06:20 user readOne with user tobkle is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +Operation: "", variables: "", +Query: +{ + user(id: "59627eac2157d09ddf9d728c") { + username + role + } +} + +2017-07-09 21:06:20 user readOne with user tobkle is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59627eac2157d09ddf9d728d", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-07-09 21:06:20 update user update with user tobkle is authorized +2017-07-09 21:06:20 updated user 59627eac2157d09ddf9d728d. +2017-07-09 21:06:20 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59627eac2157d09ddf9d728c", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 21:06:20 update user update with user tobkle is authorized +2017-07-09 21:06:20 updated user 59627eac2157d09ddf9d728c. +2017-07-09 21:06:20 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59627eac2157d09ddf9d728d", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 21:06:20 update user update with user tobkle is authorized +2017-07-09 21:06:20 updated user 59627eac2157d09ddf9d728d. +2017-07-09 21:06:20 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59627eac2157d09ddf9d728c", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-07-09 21:06:20 update user update with user tobkle is authorized +2017-07-09 21:06:20 updated user 59627eac2157d09ddf9d728c. +2017-07-09 21:06:20 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "editor", id: "59627eac2157d09ddf9d728c", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59627eac2157d09ddf9d728c", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "_id": "59627eac2157d09ddf9d728c" + } + ] +} +2017-07-09 21:06:20 ERROR Not authorized to update field "role" +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "zoltan", role: "admin", id: "59627eac2157d09ddf9d728d", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59627eac2157d09ddf9d728c", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 21:06:20 update user update with user zoltan is authorized +2017-07-09 21:06:20 updated user 59627eac2157d09ddf9d728c. +2017-07-09 21:06:20 pubsub userUpdated readOne with user zoltan is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59627eac2157d09ddf9d728d") +} + +2017-07-09 21:06:20 removeUser delete with user tobkle is authorized +2017-07-09 21:06:20 removed user 59627eac2157d09ddf9d728d. +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59627eac2157d09ddf9d728c", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 21:06:20 insert tweet create with user tobkle is authorized +2017-07-09 21:06:20 inserted tweet 59627eac2157d09ddf9d728e. +2017-07-09 21:06:20 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 21:06:20 insert tweet create with user tobkle is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +Operation: "", variables: "", +Query: +{ + tweet(id: "59627eac2157d09ddf9d728e") { + author { + id + } + body + } +} + +2017-07-09 21:06:20 tweet readOne with user tobkle is authorized +2017-07-09 21:06:20 inserted tweet 59627eac2157d09ddf9d728f. +2017-07-09 21:06:20 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 21:06:20 author readOne with user tobkle is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 21:06:20 tweet readOne with user tobkle is authorized +2017-07-09 21:06:20 author readOne with user tobkle is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59627eac2157d09ddf9d728e", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 21:06:20 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 21:06:20 update tweet update with user tobkle is authorized +2017-07-09 21:06:20 updated tweet 59627eac2157d09ddf9d728e. +2017-07-09 21:06:20 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59627eac2157d09ddf9d728f", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 21:06:20 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 21:06:20 update tweet update with user tobkle is authorized +2017-07-09 21:06:20 updated tweet 59627eac2157d09ddf9d728f. +2017-07-09 21:06:20 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +Operation: "", variables: "", +Query: +{ + tweet(id: "59627eac2157d09ddf9d728e") { + body + } +} + +2017-07-09 21:06:20 tweet readOne with user tobkle is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59627eac2157d09ddf9d728e") +} + +2017-07-09 21:06:20 removeTweet delete with user tobkle is authorized +2017-07-09 21:06:20 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 21:06:20 removed tweet 59627eac2157d09ddf9d728e. +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59627eac2157d09ddf9d728f") +} + +2017-07-09 21:06:20 removeTweet delete with user tobkle is authorized +2017-07-09 21:06:20 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 21:06:20 removed tweet 59627eac2157d09ddf9d728f. +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +Operation: "", variables: "", +Query: +{ + tweet(id: "59627eac2157d09ddf9d728e") { + body + } +} + +2017-07-09 21:06:20 tweet readOne with user tobkle is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59627eac2157d09ddf9d728c") +} + +2017-07-09 21:06:20 removeUser delete with user tobkle is authorized +2017-07-09 21:06:20 removed user 59627eac2157d09ddf9d728c. +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59627eac2157d09ddf9d728c") { + username + bio + role + } +} + +2017-07-09 21:06:20 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-07-09 21:06:20 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 21:06:20 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 21:06:20 ERROR Authorization: Not authorized to update in update user. +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 21:06:20 ERROR Authorization: Not authorized to delete in removeUser. +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 21:06:20 ERROR Authorization: Not authorized to create in insert tweet. +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 21:06:20 tweet readOne with user is authorized +2017-07-09 21:06:20 ERROR Authorization: Not authorized to readOne in author. +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 21:06:20 tweet getOneById in updateById for docBefore readOne with user is authorized +2017-07-09 21:06:20 ERROR Authorization: Not authorized to update in update tweet. +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 21:06:20 tweet getOneById in updateById for docBefore readOne with user is authorized +2017-07-09 21:06:20 ERROR Authorization: Not authorized to update in update tweet. +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 21:06:20 ERROR Authorization: Not authorized to delete in removeTweet. +2017-07-09 21:06:20 tweet getOneById in removeById for docBefore readOne with user is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { + id + role + } +} + +2017-07-09 21:06:20 insert user create with user stubailo is authorized +2017-07-09 21:06:20 inserted user 59627eac2157d09ddf9d7290. +2017-07-09 21:06:20 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-07-09 21:06:20 authQuery: { + "$or": [] +} +2017-07-09 21:06:20 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "_id": "59627eac2157d09ddf9d7290" + } + ] +} +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +Operation: "", variables: "", +Query: +{ + user(id: "59627eac2157d09ddf9d7290") { + username + } +} + +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "_id": "59627eac2157d09ddf9d7290" + } + ] +} +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +Operation: "", variables: "", +Query: +{ + user(id: "59627eac2157d09ddf9d7290") { + username + role + } +} + +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "_id": "59627eac2157d09ddf9d7290" + } + ] +} +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "_id": "59627eac2157d09ddf9d7290" + } + ] +} +2017-07-09 21:06:20 ERROR Not authorized to update field "role" +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59627eac2157d09ddf9d7290", input: {username: "tobkle", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "_id": "59627eac2157d09ddf9d7290" + } + ] +} +2017-07-09 21:06:20 updated user 59627eac2157d09ddf9d7290. +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "_id": "59627eac2157d09ddf9d7290" + } + ] +} +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59627eac2157d09ddf9d7290", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "_id": "59627eac2157d09ddf9d7290" + } + ] +} +2017-07-09 21:06:20 ERROR Not authorized to update field "role" +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "_id": "59627eac2157d09ddf9d7290" + } + ] +} +2017-07-09 21:06:20 ERROR remove user failed for finalQuery: { + "_id": "583291a1638566b3c5a92ca1", + "$or": [ + { + "_id": "59627eac2157d09ddf9d7290" + } + ] +} +2017-07-09 21:06:20 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59627eac2157d09ddf9d7290", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "authorId": "59627eac2157d09ddf9d7290" + } + ] +} +2017-07-09 21:06:20 inserted tweet 59627eac2157d09ddf9d7291. +2017-07-09 21:06:20 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "authorId": "59627eac2157d09ddf9d7290" + } + ] +} +2017-07-09 21:06:20 ERROR Not authorized to insert tweet +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +Operation: "", variables: "", +Query: +{ + tweet(id: "59627eac2157d09ddf9d7291") { + author { + id + } + body + } +} + +2017-07-09 21:06:20 tweet readOne with user tobkle is authorized +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "_id": "59627eac2157d09ddf9d7290" + } + ] +} +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 21:06:20 tweet readOne with user tobkle is authorized +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "_id": "59627eac2157d09ddf9d7290" + } + ] +} +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59627eac2157d09ddf9d7291", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 21:06:20 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "authorId": "59627eac2157d09ddf9d7290" + }, + { + "coauthorsIds": "59627eac2157d09ddf9d7290" + } + ] +} +2017-07-09 21:06:20 updated tweet 59627eac2157d09ddf9d7291. +2017-07-09 21:06:20 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 21:06:20 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "authorId": "59627eac2157d09ddf9d7290" + }, + { + "coauthorsIds": "59627eac2157d09ddf9d7290" + } + ] +} +2017-07-09 21:06:20 ERROR update tweet failed finalQuery: { + "_id": "583676d3618530145474e352", + "$or": [ + { + "authorId": "59627eac2157d09ddf9d7290" + }, + { + "coauthorsIds": "59627eac2157d09ddf9d7290" + } + ] +} +2017-07-09 21:06:20 ERROR update tweet failed for docToUpdate: { + "$set": { + "body": "This is a modified test tweet", + "updatedAt": 1499627180595, + "updatedById": "59627eac2157d09ddf9d7290" + } +} +2017-07-09 21:06:20 ERROR update tweet not possible for 583676d3618530145474e352. +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +Operation: "", variables: "", +Query: +{ + tweet(id: "59627eac2157d09ddf9d7291") { + body + } +} + +2017-07-09 21:06:20 tweet readOne with user tobkle is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59627eac2157d09ddf9d7291") +} + +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "authorId": "59627eac2157d09ddf9d7290" + } + ] +} +2017-07-09 21:06:20 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 21:06:20 removed tweet 59627eac2157d09ddf9d7291. +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "authorId": "59627eac2157d09ddf9d7290" + } + ] +} +2017-07-09 21:06:20 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 21:06:20 ERROR remove tweet failed for finalQuery: { + "_id": "583676d3618530145474e352", + "$or": [ + { + "authorId": "59627eac2157d09ddf9d7290" + } + ] +} +2017-07-09 21:06:20 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +Operation: "", variables: "", +Query: +{ + tweet(id: "59627eac2157d09ddf9d7291") { + body + } +} + +2017-07-09 21:06:20 tweet readOne with user tobkle is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59627eac2157d09ddf9d7290") +} + +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "_id": "59627eac2157d09ddf9d7290" + } + ] +} +2017-07-09 21:06:20 removed user 59627eac2157d09ddf9d7290. +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59627eac2157d09ddf9d7290") { + username + bio + role + } +} + +2017-07-09 21:06:20 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { + id + role + } +} + +2017-07-09 21:06:20 insert user create with user stubailo is authorized +2017-07-09 21:06:20 inserted user 59627eac2157d09ddf9d7292. +2017-07-09 21:06:20 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "editor", id: "59627eac2157d09ddf9d7292", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-07-09 21:06:20 authQuery: { + "$or": [] +} +2017-07-09 21:06:20 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "editor", id: "59627eac2157d09ddf9d7292", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "_id": "59627eac2157d09ddf9d7292" + } + ] +} +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "editor", id: "59627eac2157d09ddf9d7292", +Operation: "", variables: "", +Query: +{ + user(id: "59627eac2157d09ddf9d7292") { + username + role + } +} + +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "_id": "59627eac2157d09ddf9d7292" + } + ] +} +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "editor", id: "59627eac2157d09ddf9d7292", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "_id": "59627eac2157d09ddf9d7292" + } + ] +} +2017-07-09 21:06:20 ERROR Not authorized to update field "role" +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "editor", id: "59627eac2157d09ddf9d7292", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59627eac2157d09ddf9d7292", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "_id": "59627eac2157d09ddf9d7292" + } + ] +} +2017-07-09 21:06:20 updated user 59627eac2157d09ddf9d7292. +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "_id": "59627eac2157d09ddf9d7292" + } + ] +} +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tmeasday", role: "editor", id: "59627eac2157d09ddf9d7292", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59627eac2157d09ddf9d7292", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "_id": "59627eac2157d09ddf9d7292" + } + ] +} +2017-07-09 21:06:20 ERROR Not authorized to update field "role" +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tmeasday", role: "editor", id: "59627eac2157d09ddf9d7292", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "_id": "59627eac2157d09ddf9d7292" + } + ] +} +2017-07-09 21:06:20 ERROR remove user failed for finalQuery: { + "_id": "583291a1638566b3c5a92ca1", + "$or": [ + { + "_id": "59627eac2157d09ddf9d7292" + } + ] +} +2017-07-09 21:06:20 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tmeasday", role: "editor", id: "59627eac2157d09ddf9d7292", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59627eac2157d09ddf9d7292", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "authorId": "59627eac2157d09ddf9d7292" + } + ] +} +2017-07-09 21:06:20 inserted tweet 59627eac2157d09ddf9d7293. +2017-07-09 21:06:20 pubsub tweetInserted readOne with user tmeasday is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tmeasday", role: "editor", id: "59627eac2157d09ddf9d7292", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "authorId": "59627eac2157d09ddf9d7292" + } + ] +} +2017-07-09 21:06:20 ERROR Not authorized to insert tweet +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tmeasday", role: "editor", id: "59627eac2157d09ddf9d7292", +Operation: "", variables: "", +Query: +{ + tweet(id: "59627eac2157d09ddf9d7293") { + author { + id + } + body + } +} + +2017-07-09 21:06:20 tweet readOne with user tmeasday is authorized +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "_id": "59627eac2157d09ddf9d7292" + } + ] +} +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tmeasday", role: "editor", id: "59627eac2157d09ddf9d7292", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 21:06:20 tweet readOne with user tmeasday is authorized +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "_id": "59627eac2157d09ddf9d7292" + } + ] +} +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tmeasday", role: "editor", id: "59627eac2157d09ddf9d7292", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59627eac2157d09ddf9d7293", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 21:06:20 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "authorId": "59627eac2157d09ddf9d7292" + }, + { + "coauthorsIds": "59627eac2157d09ddf9d7292" + } + ] +} +2017-07-09 21:06:20 updated tweet 59627eac2157d09ddf9d7293. +2017-07-09 21:06:20 pubsub tweetUpdated readOne with user tmeasday is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tmeasday", role: "editor", id: "59627eac2157d09ddf9d7292", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 21:06:20 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "authorId": "59627eac2157d09ddf9d7292" + }, + { + "coauthorsIds": "59627eac2157d09ddf9d7292" + } + ] +} +2017-07-09 21:06:20 ERROR update tweet failed finalQuery: { + "_id": "583676d3618530145474e352", + "$or": [ + { + "authorId": "59627eac2157d09ddf9d7292" + }, + { + "coauthorsIds": "59627eac2157d09ddf9d7292" + } + ] +} +2017-07-09 21:06:20 ERROR update tweet failed for docToUpdate: { + "$set": { + "body": "This is a modified test tweet", + "updatedAt": 1499627180803, + "updatedById": "59627eac2157d09ddf9d7292" + } +} +2017-07-09 21:06:20 ERROR update tweet not possible for 583676d3618530145474e352. +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tmeasday", role: "editor", id: "59627eac2157d09ddf9d7292", +Operation: "", variables: "", +Query: +{ + tweet(id: "59627eac2157d09ddf9d7293") { + body + } +} + +2017-07-09 21:06:20 tweet readOne with user tmeasday is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tmeasday", role: "editor", id: "59627eac2157d09ddf9d7292", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59627eac2157d09ddf9d7293") +} + +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "authorId": "59627eac2157d09ddf9d7292" + } + ] +} +2017-07-09 21:06:20 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized +2017-07-09 21:06:20 removed tweet 59627eac2157d09ddf9d7293. +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tmeasday", role: "editor", id: "59627eac2157d09ddf9d7292", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "authorId": "59627eac2157d09ddf9d7292" + } + ] +} +2017-07-09 21:06:20 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized +2017-07-09 21:06:20 ERROR remove tweet failed for finalQuery: { + "_id": "583676d3618530145474e352", + "$or": [ + { + "authorId": "59627eac2157d09ddf9d7292" + } + ] +} +2017-07-09 21:06:20 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tmeasday", role: "editor", id: "59627eac2157d09ddf9d7292", +Operation: "", variables: "", +Query: +{ + tweet(id: "59627eac2157d09ddf9d7293") { + body + } +} + +2017-07-09 21:06:20 tweet readOne with user tmeasday is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tmeasday", role: "editor", id: "59627eac2157d09ddf9d7292", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59627eac2157d09ddf9d7292") +} + +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "_id": "59627eac2157d09ddf9d7292" + } + ] +} +2017-07-09 21:06:20 removed user 59627eac2157d09ddf9d7292. +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59627eac2157d09ddf9d7292") { + username + bio + role + } +} + +2017-07-09 21:06:20 ERROR Authorization: Not authorized to readOne in user. From 884a8c5caa0d0209a52c56efbe99f56c2f1668ad Mon Sep 17 00:00:00 2001 From: Tobias Klemmer Date: Sun, 9 Jul 2017 21:13:08 +0200 Subject: [PATCH 15/69] logfile with end-to-end-test --- .../server/logs/all-logs-readable.log | 15627 +--------------- 1 file changed, 590 insertions(+), 15037 deletions(-) diff --git a/test/output-app/server/logs/all-logs-readable.log b/test/output-app/server/logs/all-logs-readable.log index 08c8992..d9f355c 100644 --- a/test/output-app/server/logs/all-logs-readable.log +++ b/test/output-app/server/logs/all-logs-readable.log @@ -1,5 +1,5 @@ -2017-07-09 19:45:44 -------------------------------------------------------------------------------- -2017-07-09 19:45:44 Request: +2017-07-09 21:12:22 -------------------------------------------------------------------------------- +2017-07-09 21:12:22 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -11,8 +11,8 @@ Query: } } -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -24,8 +24,8 @@ Query: } } -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -36,9 +36,9 @@ Query: } } -2017-07-09 19:45:55 user readOne with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: +2017-07-09 21:12:33 user readOne with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -49,9 +49,9 @@ Query: } } -2017-07-09 19:45:55 user readOne with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: +2017-07-09 21:12:33 user readOne with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -62,9 +62,9 @@ Query: } } -2017-07-09 19:45:55 user readOne with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: +2017-07-09 21:12:33 user readOne with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -76,9 +76,9 @@ Query: } } -2017-07-09 19:45:55 user readOne with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: +2017-07-09 21:12:33 user readOne with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -89,9 +89,9 @@ Query: } } -2017-07-09 19:45:55 users readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: +2017-07-09 21:12:33 users readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -102,9 +102,9 @@ Query: } } -2017-07-09 19:45:55 users readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: +2017-07-09 21:12:33 users readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -115,9 +115,9 @@ Query: } } -2017-07-09 19:45:55 users readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: +2017-07-09 21:12:33 users readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -128,9 +128,9 @@ Query: } } -2017-07-09 19:45:55 users readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: +2017-07-09 21:12:33 users readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -143,10 +143,10 @@ Query: } } -2017-07-09 19:45:55 user readOne with user stubailo is authorized -2017-07-09 19:45:55 followers readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: +2017-07-09 21:12:33 user readOne with user stubailo is authorized +2017-07-09 21:12:33 followers readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -159,10 +159,10 @@ Query: } } -2017-07-09 19:45:55 user readOne with user stubailo is authorized -2017-07-09 19:45:55 followers readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: +2017-07-09 21:12:33 user readOne with user stubailo is authorized +2017-07-09 21:12:33 followers readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -175,10 +175,10 @@ Query: } } -2017-07-09 19:45:55 user readOne with user stubailo is authorized -2017-07-09 19:45:55 followers readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: +2017-07-09 21:12:33 user readOne with user stubailo is authorized +2017-07-09 21:12:33 followers readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -191,10 +191,10 @@ Query: } } -2017-07-09 19:45:55 user readOne with user stubailo is authorized -2017-07-09 19:45:55 followers readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: +2017-07-09 21:12:33 user readOne with user stubailo is authorized +2017-07-09 21:12:33 followers readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -207,10 +207,10 @@ Query: } } -2017-07-09 19:45:55 user readOne with user stubailo is authorized -2017-07-09 19:45:55 following readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: +2017-07-09 21:12:33 user readOne with user stubailo is authorized +2017-07-09 21:12:33 following readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -223,10 +223,10 @@ Query: } } -2017-07-09 19:45:55 user readOne with user stubailo is authorized -2017-07-09 19:45:55 following readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: +2017-07-09 21:12:33 user readOne with user stubailo is authorized +2017-07-09 21:12:33 following readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -239,10 +239,10 @@ Query: } } -2017-07-09 19:45:55 user readOne with user stubailo is authorized -2017-07-09 19:45:55 following readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: +2017-07-09 21:12:33 user readOne with user stubailo is authorized +2017-07-09 21:12:33 following readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -255,10 +255,10 @@ Query: } } -2017-07-09 19:45:55 user readOne with user stubailo is authorized -2017-07-09 19:45:55 following readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: +2017-07-09 21:12:33 user readOne with user stubailo is authorized +2017-07-09 21:12:33 following readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -271,10 +271,10 @@ Query: } } -2017-07-09 19:45:55 user readOne with user stubailo is authorized -2017-07-09 19:45:55 tweets readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: +2017-07-09 21:12:33 user readOne with user stubailo is authorized +2017-07-09 21:12:33 tweets readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -287,10 +287,10 @@ Query: } } -2017-07-09 19:45:55 user readOne with user stubailo is authorized -2017-07-09 19:45:55 tweets readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: +2017-07-09 21:12:33 user readOne with user stubailo is authorized +2017-07-09 21:12:33 tweets readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -303,10 +303,10 @@ Query: } } -2017-07-09 19:45:55 user readOne with user stubailo is authorized -2017-07-09 19:45:55 tweets readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: +2017-07-09 21:12:33 user readOne with user stubailo is authorized +2017-07-09 21:12:33 tweets readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -319,10 +319,10 @@ Query: } } -2017-07-09 19:45:55 user readOne with user stubailo is authorized -2017-07-09 19:45:55 tweets readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: +2017-07-09 21:12:33 user readOne with user stubailo is authorized +2017-07-09 21:12:33 tweets readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -335,10 +335,10 @@ Query: } } -2017-07-09 19:45:55 user readOne with user stubailo is authorized -2017-07-09 19:45:55 liked readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: +2017-07-09 21:12:33 user readOne with user stubailo is authorized +2017-07-09 21:12:33 liked readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -351,10 +351,10 @@ Query: } } -2017-07-09 19:45:55 user readOne with user stubailo is authorized -2017-07-09 19:45:55 liked readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: +2017-07-09 21:12:33 user readOne with user stubailo is authorized +2017-07-09 21:12:33 liked readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -367,10 +367,10 @@ Query: } } -2017-07-09 19:45:55 user readOne with user stubailo is authorized -2017-07-09 19:45:55 liked readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: +2017-07-09 21:12:33 user readOne with user stubailo is authorized +2017-07-09 21:12:33 liked readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -383,14457 +383,23 @@ Query: } } -2017-07-09 19:45:55 user readOne with user stubailo is authorized -2017-07-09 19:45:55 liked readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: +2017-07-09 21:12:33 user readOne with user stubailo is authorized +2017-07-09 21:12:33 liked readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: { tweet(id: "583676d3618530145474e351") { - id - body - } -} - -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - author { - username - } - } -} - -2017-07-09 19:45:55 tweet readOne with user stubailo is authorized -2017-07-09 19:45:55 tweet readOne with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets { - id - createdAt - } -} - -2017-07-09 19:45:55 tweets readMany with user stubailo is authorized -2017-07-09 19:45:55 author readOne with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(limit: 1) { - id - createdAt - } -} - -2017-07-09 19:45:55 tweets readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } -} - -2017-07-09 19:45:55 tweets readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } -} - -2017-07-09 19:45:55 tweets readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers { - username - createdAt - } - } -} - -2017-07-09 19:45:55 tweet readOne with user stubailo is authorized -2017-07-09 19:45:55 likers readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(limit: 1) { - username - createdAt - } - } -} - -2017-07-09 19:45:55 tweet readOne with user stubailo is authorized -2017-07-09 19:45:55 likers readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993) { - username - createdAt - } - } -} - -2017-07-09 19:45:55 tweet readOne with user stubailo is authorized -2017-07-09 19:45:55 likers readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } - } -} - -2017-07-09 19:45:55 tweet readOne with user stubailo is authorized -2017-07-09 19:45:55 likers readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { - id - role - } -} - -2017-07-09 19:45:55 insert user create with user stubailo is authorized -2017-07-09 19:45:55 inserted user 59626bd3381b9493f5a80a90. -2017-07-09 19:45:55 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-07-09 19:45:55 insert user create with user tobkle is authorized -2017-07-09 19:45:55 inserted user 59626bd3381b9493f5a80a91. -2017-07-09 19:45:55 pubsub userInserted readOne with user tobkle is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", -Operation: "", variables: "", -Query: -{ - user(id: "59626bd3381b9493f5a80a91") { - username - bio - role - } -} - -2017-07-09 19:45:55 user readOne with user tobkle is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", -Operation: "", variables: "", -Query: -{ - user(id: "59626bd3381b9493f5a80a90") { - username - role - } -} - -2017-07-09 19:45:55 user readOne with user tobkle is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59626bd3381b9493f5a80a91", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-07-09 19:45:55 update user update with user tobkle is authorized -2017-07-09 19:45:55 updated user 59626bd3381b9493f5a80a91. -2017-07-09 19:45:55 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59626bd3381b9493f5a80a90", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 19:45:55 update user update with user tobkle is authorized -2017-07-09 19:45:55 updated user 59626bd3381b9493f5a80a90. -2017-07-09 19:45:55 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59626bd3381b9493f5a80a91", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 19:45:55 update user update with user tobkle is authorized -2017-07-09 19:45:55 updated user 59626bd3381b9493f5a80a91. -2017-07-09 19:45:55 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59626bd3381b9493f5a80a90", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-07-09 19:45:55 update user update with user tobkle is authorized -2017-07-09 19:45:55 updated user 59626bd3381b9493f5a80a90. -2017-07-09 19:45:55 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "tobkle", role: "editor", id: "59626bd3381b9493f5a80a90", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59626bd3381b9493f5a80a90", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 19:45:55 authQuery: { - "$or": [ - { - "_id": "59626bd3381b9493f5a80a90" - } - ] -} -2017-07-09 19:45:55 ERROR Not authorized to update field "role" -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "zoltan", role: "admin", id: "59626bd3381b9493f5a80a91", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59626bd3381b9493f5a80a90", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 19:45:55 update user update with user zoltan is authorized -2017-07-09 19:45:55 updated user 59626bd3381b9493f5a80a90. -2017-07-09 19:45:55 pubsub userUpdated readOne with user zoltan is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59626bd3381b9493f5a80a91") -} - -2017-07-09 19:45:55 removeUser delete with user tobkle is authorized -2017-07-09 19:45:55 removed user 59626bd3381b9493f5a80a91. -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59626bd3381b9493f5a80a90", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 19:45:55 insert tweet create with user tobkle is authorized -2017-07-09 19:45:55 inserted tweet 59626bd3381b9493f5a80a92. -2017-07-09 19:45:55 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", -Operation: "", variables: "", -Query: -{ - tweet(id: "59626bd3381b9493f5a80a92") { - author { - id - } - body - } -} - -2017-07-09 19:45:55 tweet readOne with user tobkle is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 19:45:55 insert tweet create with user tobkle is authorized -2017-07-09 19:45:55 author readOne with user tobkle is authorized -2017-07-09 19:45:55 inserted tweet 59626bd3381b9493f5a80a93. -2017-07-09 19:45:55 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 19:45:55 tweet readOne with user tobkle is authorized -2017-07-09 19:45:55 author readOne with user tobkle is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59626bd3381b9493f5a80a92", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 19:45:55 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 19:45:55 update tweet update with user tobkle is authorized -2017-07-09 19:45:55 updated tweet 59626bd3381b9493f5a80a92. -2017-07-09 19:45:55 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59626bd3381b9493f5a80a93", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 19:45:55 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 19:45:55 update tweet update with user tobkle is authorized -2017-07-09 19:45:55 updated tweet 59626bd3381b9493f5a80a93. -2017-07-09 19:45:55 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", -Operation: "", variables: "", -Query: -{ - tweet(id: "59626bd3381b9493f5a80a92") { - body - } -} - -2017-07-09 19:45:55 tweet readOne with user tobkle is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59626bd3381b9493f5a80a92") -} - -2017-07-09 19:45:55 removeTweet delete with user tobkle is authorized -2017-07-09 19:45:55 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 19:45:55 removed tweet 59626bd3381b9493f5a80a92. -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59626bd3381b9493f5a80a93") -} - -2017-07-09 19:45:55 removeTweet delete with user tobkle is authorized -2017-07-09 19:45:55 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 19:45:55 removed tweet 59626bd3381b9493f5a80a93. -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", -Operation: "", variables: "", -Query: -{ - tweet(id: "59626bd3381b9493f5a80a92") { - body - } -} - -2017-07-09 19:45:55 tweet readOne with user tobkle is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59626bd3381b9493f5a80a90") -} - -2017-07-09 19:45:55 removeUser delete with user tobkle is authorized -2017-07-09 19:45:55 removed user 59626bd3381b9493f5a80a90. -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59626bd3381b9493f5a80a90") { - username - bio - role - } -} - -2017-07-09 19:45:55 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-07-09 19:45:55 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-07-09 19:45:55 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 19:45:55 ERROR Authorization: Not authorized to update in update user. -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-07-09 19:45:55 ERROR Authorization: Not authorized to delete in removeUser. -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 19:45:55 ERROR Authorization: Not authorized to create in insert tweet. -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 19:45:55 tweet readOne with user is authorized -2017-07-09 19:45:55 ERROR Authorization: Not authorized to readOne in author. -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 19:45:55 tweet getOneById in updateById for docBefore readOne with user is authorized -2017-07-09 19:45:55 ERROR Authorization: Not authorized to update in update tweet. -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 19:45:55 tweet getOneById in updateById for docBefore readOne with user is authorized -2017-07-09 19:45:55 ERROR Authorization: Not authorized to update in update tweet. -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-07-09 19:45:55 ERROR Authorization: Not authorized to delete in removeTweet. -2017-07-09 19:45:55 tweet getOneById in removeById for docBefore readOne with user is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { - id - role - } -} - -2017-07-09 19:45:55 insert user create with user stubailo is authorized -2017-07-09 19:45:55 inserted user 59626bd3381b9493f5a80a94. -2017-07-09 19:45:55 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-07-09 19:45:55 authQuery: { - "$or": [] -} -2017-07-09 19:45:55 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-07-09 19:45:55 authQuery: { - "$or": [ - { - "_id": "59626bd3381b9493f5a80a94" - } - ] -} -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", -Operation: "", variables: "", -Query: -{ - user(id: "59626bd3381b9493f5a80a94") { - username - } -} - -2017-07-09 19:45:55 authQuery: { - "$or": [ - { - "_id": "59626bd3381b9493f5a80a94" - } - ] -} -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", -Operation: "", variables: "", -Query: -{ - user(id: "59626bd3381b9493f5a80a94") { - username - role - } -} - -2017-07-09 19:45:55 authQuery: { - "$or": [ - { - "_id": "59626bd3381b9493f5a80a94" - } - ] -} -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 19:45:55 authQuery: { - "$or": [ - { - "_id": "59626bd3381b9493f5a80a94" - } - ] -} -2017-07-09 19:45:55 ERROR Not authorized to update user -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59626bd3381b9493f5a80a94", input: {username: "tobkle", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "_id": "59626bd3381b9493f5a80a94" - } - ] -} -2017-07-09 19:45:56 updated user 59626bd3381b9493f5a80a94. -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "_id": "59626bd3381b9493f5a80a94" - } - ] -} -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59626bd3381b9493f5a80a94", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "_id": "59626bd3381b9493f5a80a94" - } - ] -} -2017-07-09 19:45:56 ERROR Not authorized to update field "role" -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "_id": "59626bd3381b9493f5a80a94" - } - ] -} -2017-07-09 19:45:56 ERROR remove user failed for finalQuery: { - "_id": "583291a1638566b3c5a92ca1", - "$or": [ - { - "_id": "59626bd3381b9493f5a80a94" - } - ] -} -2017-07-09 19:45:56 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59626bd3381b9493f5a80a94", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "authorId": "59626bd3381b9493f5a80a94" - } - ] -} -2017-07-09 19:45:56 inserted tweet 59626bd4381b9493f5a80a95. -2017-07-09 19:45:56 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "authorId": "59626bd3381b9493f5a80a94" - } - ] -} -2017-07-09 19:45:56 ERROR Not authorized to insert tweet -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", -Operation: "", variables: "", -Query: -{ - tweet(id: "59626bd4381b9493f5a80a95") { - author { - id - } - body - } -} - -2017-07-09 19:45:56 tweet readOne with user tobkle is authorized -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "_id": "59626bd3381b9493f5a80a94" - } - ] -} -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 19:45:56 tweet readOne with user tobkle is authorized -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "_id": "59626bd3381b9493f5a80a94" - } - ] -} -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59626bd4381b9493f5a80a95", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 19:45:56 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "authorId": "59626bd3381b9493f5a80a94" - }, - { - "coauthorsIds": "59626bd3381b9493f5a80a94" - } - ] -} -2017-07-09 19:45:56 updated tweet 59626bd4381b9493f5a80a95. -2017-07-09 19:45:56 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 19:45:56 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "authorId": "59626bd3381b9493f5a80a94" - }, - { - "coauthorsIds": "59626bd3381b9493f5a80a94" - } - ] -} -2017-07-09 19:45:56 ERROR Not authorized to update tweet -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", -Operation: "", variables: "", -Query: -{ - tweet(id: "59626bd4381b9493f5a80a95") { - body - } -} - -2017-07-09 19:45:56 tweet readOne with user tobkle is authorized -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59626bd4381b9493f5a80a95") -} - -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "authorId": "59626bd3381b9493f5a80a94" - } - ] -} -2017-07-09 19:45:56 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 19:45:56 removed tweet 59626bd4381b9493f5a80a95. -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "authorId": "59626bd3381b9493f5a80a94" - } - ] -} -2017-07-09 19:45:56 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 19:45:56 ERROR remove tweet failed for finalQuery: { - "_id": "583676d3618530145474e352", - "$or": [ - { - "authorId": "59626bd3381b9493f5a80a94" - } - ] -} -2017-07-09 19:45:56 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", -Operation: "", variables: "", -Query: -{ - tweet(id: "59626bd4381b9493f5a80a95") { - body - } -} - -2017-07-09 19:45:56 tweet readOne with user tobkle is authorized -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59626bd3381b9493f5a80a94") -} - -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "_id": "59626bd3381b9493f5a80a94" - } - ] -} -2017-07-09 19:45:56 removed user 59626bd3381b9493f5a80a94. -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59626bd3381b9493f5a80a94") { - username - bio - role - } -} - -2017-07-09 19:45:56 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { - id - role - } -} - -2017-07-09 19:45:56 insert user create with user stubailo is authorized -2017-07-09 19:45:56 inserted user 59626bd4381b9493f5a80a96. -2017-07-09 19:45:56 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tobkle", role: "editor", id: "59626bd4381b9493f5a80a96", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-07-09 19:45:56 authQuery: { - "$or": [] -} -2017-07-09 19:45:56 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tobkle", role: "editor", id: "59626bd4381b9493f5a80a96", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "_id": "59626bd4381b9493f5a80a96" - } - ] -} -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tobkle", role: "editor", id: "59626bd4381b9493f5a80a96", -Operation: "", variables: "", -Query: -{ - user(id: "59626bd4381b9493f5a80a96") { - username - role - } -} - -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "_id": "59626bd4381b9493f5a80a96" - } - ] -} -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tobkle", role: "editor", id: "59626bd4381b9493f5a80a96", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "_id": "59626bd4381b9493f5a80a96" - } - ] -} -2017-07-09 19:45:56 ERROR Not authorized to update user -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tobkle", role: "editor", id: "59626bd4381b9493f5a80a96", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59626bd4381b9493f5a80a96", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "_id": "59626bd4381b9493f5a80a96" - } - ] -} -2017-07-09 19:45:56 updated user 59626bd4381b9493f5a80a96. -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "_id": "59626bd4381b9493f5a80a96" - } - ] -} -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tmeasday", role: "editor", id: "59626bd4381b9493f5a80a96", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59626bd4381b9493f5a80a96", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "_id": "59626bd4381b9493f5a80a96" - } - ] -} -2017-07-09 19:45:56 ERROR Not authorized to update field "role" -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tmeasday", role: "editor", id: "59626bd4381b9493f5a80a96", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "_id": "59626bd4381b9493f5a80a96" - } - ] -} -2017-07-09 19:45:56 ERROR remove user failed for finalQuery: { - "_id": "583291a1638566b3c5a92ca1", - "$or": [ - { - "_id": "59626bd4381b9493f5a80a96" - } - ] -} -2017-07-09 19:45:56 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tmeasday", role: "editor", id: "59626bd4381b9493f5a80a96", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59626bd4381b9493f5a80a96", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "authorId": "59626bd4381b9493f5a80a96" - } - ] -} -2017-07-09 19:45:56 inserted tweet 59626bd4381b9493f5a80a97. -2017-07-09 19:45:56 pubsub tweetInserted readOne with user tmeasday is authorized -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tmeasday", role: "editor", id: "59626bd4381b9493f5a80a96", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "authorId": "59626bd4381b9493f5a80a96" - } - ] -} -2017-07-09 19:45:56 ERROR Not authorized to insert tweet -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tmeasday", role: "editor", id: "59626bd4381b9493f5a80a96", -Operation: "", variables: "", -Query: -{ - tweet(id: "59626bd4381b9493f5a80a97") { - author { - id - } - body - } -} - -2017-07-09 19:45:56 tweet readOne with user tmeasday is authorized -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "_id": "59626bd4381b9493f5a80a96" - } - ] -} -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tmeasday", role: "editor", id: "59626bd4381b9493f5a80a96", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 19:45:56 tweet readOne with user tmeasday is authorized -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "_id": "59626bd4381b9493f5a80a96" - } - ] -} -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tmeasday", role: "editor", id: "59626bd4381b9493f5a80a96", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59626bd4381b9493f5a80a97", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 19:45:56 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "authorId": "59626bd4381b9493f5a80a96" - }, - { - "coauthorsIds": "59626bd4381b9493f5a80a96" - } - ] -} -2017-07-09 19:45:56 updated tweet 59626bd4381b9493f5a80a97. -2017-07-09 19:45:56 pubsub tweetUpdated readOne with user tmeasday is authorized -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tmeasday", role: "editor", id: "59626bd4381b9493f5a80a96", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 19:45:56 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "authorId": "59626bd4381b9493f5a80a96" - }, - { - "coauthorsIds": "59626bd4381b9493f5a80a96" - } - ] -} -2017-07-09 19:45:56 ERROR Not authorized to update tweet -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tmeasday", role: "editor", id: "59626bd4381b9493f5a80a96", -Operation: "", variables: "", -Query: -{ - tweet(id: "59626bd4381b9493f5a80a97") { - body - } -} - -2017-07-09 19:45:56 tweet readOne with user tmeasday is authorized -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tmeasday", role: "editor", id: "59626bd4381b9493f5a80a96", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59626bd4381b9493f5a80a97") -} - -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "authorId": "59626bd4381b9493f5a80a96" - } - ] -} -2017-07-09 19:45:56 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized -2017-07-09 19:45:56 removed tweet 59626bd4381b9493f5a80a97. -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tmeasday", role: "editor", id: "59626bd4381b9493f5a80a96", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "authorId": "59626bd4381b9493f5a80a96" - } - ] -} -2017-07-09 19:45:56 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized -2017-07-09 19:45:56 ERROR remove tweet failed for finalQuery: { - "_id": "583676d3618530145474e352", - "$or": [ - { - "authorId": "59626bd4381b9493f5a80a96" - } - ] -} -2017-07-09 19:45:56 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tmeasday", role: "editor", id: "59626bd4381b9493f5a80a96", -Operation: "", variables: "", -Query: -{ - tweet(id: "59626bd4381b9493f5a80a97") { - body - } -} - -2017-07-09 19:45:56 tweet readOne with user tmeasday is authorized -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tmeasday", role: "editor", id: "59626bd4381b9493f5a80a96", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59626bd4381b9493f5a80a96") -} - -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "_id": "59626bd4381b9493f5a80a96" - } - ] -} -2017-07-09 19:45:56 removed user 59626bd4381b9493f5a80a96. -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59626bd4381b9493f5a80a96") { - username - bio - role - } -} - -2017-07-09 19:45:56 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 19:54:26 Logger started -2017-07-09 19:57:26 Logger started -2017-07-09 19:57:54 -------------------------------------------------------------------------------- -2017-07-09 19:57:54 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-07-09 19:58:04 -------------------------------------------------------------------------------- -2017-07-09 19:58:04 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-07-09 19:58:04 -------------------------------------------------------------------------------- -2017-07-09 19:58:04 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - role - username - } -} - -2017-07-09 19:58:04 user readOne with user stubailo is authorized -2017-07-09 19:58:04 -------------------------------------------------------------------------------- -2017-07-09 19:58:04 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - role - username - } -} - -2017-07-09 19:58:04 user readOne with user stubailo is authorized -2017-07-09 19:58:04 -------------------------------------------------------------------------------- -2017-07-09 19:58:04 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca2") { - role - username - } -} - -2017-07-09 19:58:04 user readOne with user stubailo is authorized -2017-07-09 19:58:04 -------------------------------------------------------------------------------- -2017-07-09 19:58:04 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - id - username - bio - } -} - -2017-07-09 19:58:04 user readOne with user stubailo is authorized -2017-07-09 19:58:04 -------------------------------------------------------------------------------- -2017-07-09 19:58:04 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users { - username - createdAt - } -} - -2017-07-09 19:58:04 users readMany with user stubailo is authorized -2017-07-09 19:58:04 -------------------------------------------------------------------------------- -2017-07-09 19:58:04 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(limit: 1) { - username - createdAt - } -} - -2017-07-09 19:58:04 users readMany with user stubailo is authorized -2017-07-09 19:58:04 -------------------------------------------------------------------------------- -2017-07-09 19:58:04 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993) { - username - createdAt - } -} - -2017-07-09 19:58:04 users readMany with user stubailo is authorized -2017-07-09 19:58:04 -------------------------------------------------------------------------------- -2017-07-09 19:58:04 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } -} - -2017-07-09 19:58:04 users readMany with user stubailo is authorized -2017-07-09 19:58:04 -------------------------------------------------------------------------------- -2017-07-09 19:58:04 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers { - username - createdAt - } - } -} - -2017-07-09 19:58:04 user readOne with user stubailo is authorized -2017-07-09 19:58:04 followers readMany with user stubailo is authorized -2017-07-09 19:58:04 -------------------------------------------------------------------------------- -2017-07-09 19:58:04 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(limit: 1) { - username - createdAt - } - } -} - -2017-07-09 19:58:04 user readOne with user stubailo is authorized -2017-07-09 19:58:04 followers readMany with user stubailo is authorized -2017-07-09 19:58:04 -------------------------------------------------------------------------------- -2017-07-09 19:58:04 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-07-09 19:58:04 user readOne with user stubailo is authorized -2017-07-09 19:58:04 followers readMany with user stubailo is authorized -2017-07-09 19:58:04 -------------------------------------------------------------------------------- -2017-07-09 19:58:04 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-07-09 19:58:04 user readOne with user stubailo is authorized -2017-07-09 19:58:04 followers readMany with user stubailo is authorized -2017-07-09 19:58:04 -------------------------------------------------------------------------------- -2017-07-09 19:58:04 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following { - username - createdAt - } - } -} - -2017-07-09 19:58:04 user readOne with user stubailo is authorized -2017-07-09 19:58:04 following readMany with user stubailo is authorized -2017-07-09 19:58:04 -------------------------------------------------------------------------------- -2017-07-09 19:58:04 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(limit: 1) { - username - createdAt - } - } -} - -2017-07-09 19:58:04 user readOne with user stubailo is authorized -2017-07-09 19:58:04 following readMany with user stubailo is authorized -2017-07-09 19:58:04 -------------------------------------------------------------------------------- -2017-07-09 19:58:04 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-07-09 19:58:04 user readOne with user stubailo is authorized -2017-07-09 19:58:04 following readMany with user stubailo is authorized -2017-07-09 19:58:04 -------------------------------------------------------------------------------- -2017-07-09 19:58:04 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-07-09 19:58:04 user readOne with user stubailo is authorized -2017-07-09 19:58:04 following readMany with user stubailo is authorized -2017-07-09 19:58:04 -------------------------------------------------------------------------------- -2017-07-09 19:58:04 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets { - id - createdAt - } - } -} - -2017-07-09 19:58:04 user readOne with user stubailo is authorized -2017-07-09 19:58:04 tweets readMany with user stubailo is authorized -2017-07-09 19:58:04 -------------------------------------------------------------------------------- -2017-07-09 19:58:04 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(limit: 1) { - id - createdAt - } - } -} - -2017-07-09 19:58:04 user readOne with user stubailo is authorized -2017-07-09 19:58:04 tweets readMany with user stubailo is authorized -2017-07-09 19:58:04 -------------------------------------------------------------------------------- -2017-07-09 19:58:04 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } - } -} - -2017-07-09 19:58:04 user readOne with user stubailo is authorized -2017-07-09 19:58:04 tweets readMany with user stubailo is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } - } -} - -2017-07-09 19:58:05 user readOne with user stubailo is authorized -2017-07-09 19:58:05 tweets readMany with user stubailo is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked { - id - createdAt - } - } -} - -2017-07-09 19:58:05 user readOne with user stubailo is authorized -2017-07-09 19:58:05 liked readMany with user stubailo is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(limit: 1) { - id - createdAt - } - } -} - -2017-07-09 19:58:05 user readOne with user stubailo is authorized -2017-07-09 19:58:05 liked readMany with user stubailo is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334) { - id - createdAt - } - } -} - -2017-07-09 19:58:05 user readOne with user stubailo is authorized -2017-07-09 19:58:05 liked readMany with user stubailo is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334, limit: 1) { - id - createdAt - } - } -} - -2017-07-09 19:58:05 user readOne with user stubailo is authorized -2017-07-09 19:58:05 liked readMany with user stubailo is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - id - body - } -} - -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - author { - username - } - } -} - -2017-07-09 19:58:05 tweet readOne with user stubailo is authorized -2017-07-09 19:58:05 tweet readOne with user stubailo is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets { - id - createdAt - } -} - -2017-07-09 19:58:05 tweets readMany with user stubailo is authorized -2017-07-09 19:58:05 author readOne with user stubailo is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(limit: 1) { - id - createdAt - } -} - -2017-07-09 19:58:05 tweets readMany with user stubailo is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } -} - -2017-07-09 19:58:05 tweets readMany with user stubailo is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } -} - -2017-07-09 19:58:05 tweets readMany with user stubailo is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers { - username - createdAt - } - } -} - -2017-07-09 19:58:05 tweet readOne with user stubailo is authorized -2017-07-09 19:58:05 likers readMany with user stubailo is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(limit: 1) { - username - createdAt - } - } -} - -2017-07-09 19:58:05 tweet readOne with user stubailo is authorized -2017-07-09 19:58:05 likers readMany with user stubailo is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993) { - username - createdAt - } - } -} - -2017-07-09 19:58:05 tweet readOne with user stubailo is authorized -2017-07-09 19:58:05 likers readMany with user stubailo is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } - } -} - -2017-07-09 19:58:05 tweet readOne with user stubailo is authorized -2017-07-09 19:58:05 likers readMany with user stubailo is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { - id - role - } -} - -2017-07-09 19:58:05 insert user create with user stubailo is authorized -2017-07-09 19:58:05 inserted user 59626ead9506339804845128. -2017-07-09 19:58:05 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "admin", id: "59626ead9506339804845128", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-07-09 19:58:05 insert user create with user tobkle is authorized -2017-07-09 19:58:05 inserted user 59626ead9506339804845129. -2017-07-09 19:58:05 pubsub userInserted readOne with user tobkle is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "admin", id: "59626ead9506339804845128", -Operation: "", variables: "", -Query: -{ - user(id: "59626ead9506339804845129") { - username - bio - role - } -} - -2017-07-09 19:58:05 user readOne with user tobkle is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "admin", id: "59626ead9506339804845128", -Operation: "", variables: "", -Query: -{ - user(id: "59626ead9506339804845128") { - username - role - } -} - -2017-07-09 19:58:05 user readOne with user tobkle is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "admin", id: "59626ead9506339804845128", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59626ead9506339804845129", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-07-09 19:58:05 update user update with user tobkle is authorized -2017-07-09 19:58:05 updated user 59626ead9506339804845129. -2017-07-09 19:58:05 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "admin", id: "59626ead9506339804845128", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59626ead9506339804845128", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 19:58:05 update user update with user tobkle is authorized -2017-07-09 19:58:05 updated user 59626ead9506339804845128. -2017-07-09 19:58:05 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "admin", id: "59626ead9506339804845128", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59626ead9506339804845129", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 19:58:05 update user update with user tobkle is authorized -2017-07-09 19:58:05 updated user 59626ead9506339804845129. -2017-07-09 19:58:05 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "admin", id: "59626ead9506339804845128", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59626ead9506339804845128", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-07-09 19:58:05 update user update with user tobkle is authorized -2017-07-09 19:58:05 updated user 59626ead9506339804845128. -2017-07-09 19:58:05 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "editor", id: "59626ead9506339804845128", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59626ead9506339804845128", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "_id": "59626ead9506339804845128" - } - ] -} -2017-07-09 19:58:05 ERROR Not authorized to update field "role" -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "zoltan", role: "admin", id: "59626ead9506339804845129", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59626ead9506339804845128", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 19:58:05 update user update with user zoltan is authorized -2017-07-09 19:58:05 updated user 59626ead9506339804845128. -2017-07-09 19:58:05 pubsub userUpdated readOne with user zoltan is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "admin", id: "59626ead9506339804845128", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59626ead9506339804845129") -} - -2017-07-09 19:58:05 removeUser delete with user tobkle is authorized -2017-07-09 19:58:05 removed user 59626ead9506339804845129. -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "admin", id: "59626ead9506339804845128", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59626ead9506339804845128", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 19:58:05 insert tweet create with user tobkle is authorized -2017-07-09 19:58:05 inserted tweet 59626ead950633980484512a. -2017-07-09 19:58:05 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "admin", id: "59626ead9506339804845128", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 19:58:05 insert tweet create with user tobkle is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "admin", id: "59626ead9506339804845128", -Operation: "", variables: "", -Query: -{ - tweet(id: "59626ead950633980484512a") { - author { - id - } - body - } -} - -2017-07-09 19:58:05 tweet readOne with user tobkle is authorized -2017-07-09 19:58:05 inserted tweet 59626ead950633980484512b. -2017-07-09 19:58:05 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 19:58:05 author readOne with user tobkle is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "admin", id: "59626ead9506339804845128", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 19:58:05 tweet readOne with user tobkle is authorized -2017-07-09 19:58:05 author readOne with user tobkle is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "admin", id: "59626ead9506339804845128", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59626ead950633980484512a", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 19:58:05 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 19:58:05 update tweet update with user tobkle is authorized -2017-07-09 19:58:05 updated tweet 59626ead950633980484512a. -2017-07-09 19:58:05 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "admin", id: "59626ead9506339804845128", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59626ead950633980484512b", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 19:58:05 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 19:58:05 update tweet update with user tobkle is authorized -2017-07-09 19:58:05 updated tweet 59626ead950633980484512b. -2017-07-09 19:58:05 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "admin", id: "59626ead9506339804845128", -Operation: "", variables: "", -Query: -{ - tweet(id: "59626ead950633980484512a") { - body - } -} - -2017-07-09 19:58:05 tweet readOne with user tobkle is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "admin", id: "59626ead9506339804845128", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59626ead950633980484512a") -} - -2017-07-09 19:58:05 removeTweet delete with user tobkle is authorized -2017-07-09 19:58:05 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 19:58:05 removed tweet 59626ead950633980484512a. -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "admin", id: "59626ead9506339804845128", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59626ead950633980484512b") -} - -2017-07-09 19:58:05 removeTweet delete with user tobkle is authorized -2017-07-09 19:58:05 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 19:58:05 removed tweet 59626ead950633980484512b. -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "admin", id: "59626ead9506339804845128", -Operation: "", variables: "", -Query: -{ - tweet(id: "59626ead950633980484512a") { - body - } -} - -2017-07-09 19:58:05 tweet readOne with user tobkle is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "admin", id: "59626ead9506339804845128", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59626ead9506339804845128") -} - -2017-07-09 19:58:05 removeUser delete with user tobkle is authorized -2017-07-09 19:58:05 removed user 59626ead9506339804845128. -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59626ead9506339804845128") { - username - bio - role - } -} - -2017-07-09 19:58:05 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-07-09 19:58:05 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-07-09 19:58:05 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 19:58:05 ERROR Authorization: Not authorized to update in update user. -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-07-09 19:58:05 ERROR Authorization: Not authorized to delete in removeUser. -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 19:58:05 ERROR Authorization: Not authorized to create in insert tweet. -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 19:58:05 tweet readOne with user is authorized -2017-07-09 19:58:05 ERROR Authorization: Not authorized to readOne in author. -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 19:58:05 tweet getOneById in updateById for docBefore readOne with user is authorized -2017-07-09 19:58:05 ERROR Authorization: Not authorized to update in update tweet. -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 19:58:05 tweet getOneById in updateById for docBefore readOne with user is authorized -2017-07-09 19:58:05 ERROR Authorization: Not authorized to update in update tweet. -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-07-09 19:58:05 ERROR Authorization: Not authorized to delete in removeTweet. -2017-07-09 19:58:05 tweet getOneById in removeById for docBefore readOne with user is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { - id - role - } -} - -2017-07-09 19:58:05 insert user create with user stubailo is authorized -2017-07-09 19:58:05 inserted user 59626ead950633980484512c. -2017-07-09 19:58:05 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "user", id: "59626ead950633980484512c", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-07-09 19:58:05 authQuery: { - "$or": [] -} -2017-07-09 19:58:05 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "user", id: "59626ead950633980484512c", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "_id": "59626ead950633980484512c" - } - ] -} -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "user", id: "59626ead950633980484512c", -Operation: "", variables: "", -Query: -{ - user(id: "59626ead950633980484512c") { - username - } -} - -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "_id": "59626ead950633980484512c" - } - ] -} -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "user", id: "59626ead950633980484512c", -Operation: "", variables: "", -Query: -{ - user(id: "59626ead950633980484512c") { - username - role - } -} - -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "_id": "59626ead950633980484512c" - } - ] -} -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "user", id: "59626ead950633980484512c", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "_id": "59626ead950633980484512c" - } - ] -} -2017-07-09 19:58:05 ERROR Not authorized to update user -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "user", id: "59626ead950633980484512c", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59626ead950633980484512c", input: {username: "tobkle", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "_id": "59626ead950633980484512c" - } - ] -} -2017-07-09 19:58:05 updated user 59626ead950633980484512c. -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "_id": "59626ead950633980484512c" - } - ] -} -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "user", id: "59626ead950633980484512c", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59626ead950633980484512c", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "_id": "59626ead950633980484512c" - } - ] -} -2017-07-09 19:58:05 ERROR Not authorized to update field "role" -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "user", id: "59626ead950633980484512c", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "_id": "59626ead950633980484512c" - } - ] -} -2017-07-09 19:58:05 ERROR remove user failed for finalQuery: { - "_id": "583291a1638566b3c5a92ca1", - "$or": [ - { - "_id": "59626ead950633980484512c" - } - ] -} -2017-07-09 19:58:05 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "user", id: "59626ead950633980484512c", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59626ead950633980484512c", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "authorId": "59626ead950633980484512c" - } - ] -} -2017-07-09 19:58:05 inserted tweet 59626ead950633980484512d. -2017-07-09 19:58:05 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "user", id: "59626ead950633980484512c", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "authorId": "59626ead950633980484512c" - } - ] -} -2017-07-09 19:58:05 ERROR Not authorized to insert tweet -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "user", id: "59626ead950633980484512c", -Operation: "", variables: "", -Query: -{ - tweet(id: "59626ead950633980484512d") { - author { - id - } - body - } -} - -2017-07-09 19:58:05 tweet readOne with user tobkle is authorized -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "_id": "59626ead950633980484512c" - } - ] -} -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "user", id: "59626ead950633980484512c", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 19:58:05 tweet readOne with user tobkle is authorized -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "_id": "59626ead950633980484512c" - } - ] -} -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "user", id: "59626ead950633980484512c", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59626ead950633980484512d", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 19:58:05 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "authorId": "59626ead950633980484512c" - }, - { - "coauthorsIds": "59626ead950633980484512c" - } - ] -} -2017-07-09 19:58:05 updated tweet 59626ead950633980484512d. -2017-07-09 19:58:05 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "user", id: "59626ead950633980484512c", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 19:58:05 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "authorId": "59626ead950633980484512c" - }, - { - "coauthorsIds": "59626ead950633980484512c" - } - ] -} -2017-07-09 19:58:05 ERROR Not authorized to update tweet -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "user", id: "59626ead950633980484512c", -Operation: "", variables: "", -Query: -{ - tweet(id: "59626ead950633980484512d") { - body - } -} - -2017-07-09 19:58:05 tweet readOne with user tobkle is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "user", id: "59626ead950633980484512c", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59626ead950633980484512d") -} - -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "authorId": "59626ead950633980484512c" - } - ] -} -2017-07-09 19:58:05 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 19:58:05 removed tweet 59626ead950633980484512d. -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "user", id: "59626ead950633980484512c", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "authorId": "59626ead950633980484512c" - } - ] -} -2017-07-09 19:58:05 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 19:58:05 ERROR remove tweet failed for finalQuery: { - "_id": "583676d3618530145474e352", - "$or": [ - { - "authorId": "59626ead950633980484512c" - } - ] -} -2017-07-09 19:58:05 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "user", id: "59626ead950633980484512c", -Operation: "", variables: "", -Query: -{ - tweet(id: "59626ead950633980484512d") { - body - } -} - -2017-07-09 19:58:05 tweet readOne with user tobkle is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "user", id: "59626ead950633980484512c", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59626ead950633980484512c") -} - -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "_id": "59626ead950633980484512c" - } - ] -} -2017-07-09 19:58:05 removed user 59626ead950633980484512c. -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59626ead950633980484512c") { - username - bio - role - } -} - -2017-07-09 19:58:05 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { - id - role - } -} - -2017-07-09 19:58:05 insert user create with user stubailo is authorized -2017-07-09 19:58:05 inserted user 59626ead950633980484512e. -2017-07-09 19:58:05 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "editor", id: "59626ead950633980484512e", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-07-09 19:58:05 authQuery: { - "$or": [] -} -2017-07-09 19:58:05 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "editor", id: "59626ead950633980484512e", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "_id": "59626ead950633980484512e" - } - ] -} -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "editor", id: "59626ead950633980484512e", -Operation: "", variables: "", -Query: -{ - user(id: "59626ead950633980484512e") { - username - role - } -} - -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "_id": "59626ead950633980484512e" - } - ] -} -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "editor", id: "59626ead950633980484512e", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "_id": "59626ead950633980484512e" - } - ] -} -2017-07-09 19:58:05 ERROR Not authorized to update user -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "editor", id: "59626ead950633980484512e", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59626ead950633980484512e", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "_id": "59626ead950633980484512e" - } - ] -} -2017-07-09 19:58:05 updated user 59626ead950633980484512e. -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "_id": "59626ead950633980484512e" - } - ] -} -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tmeasday", role: "editor", id: "59626ead950633980484512e", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59626ead950633980484512e", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "_id": "59626ead950633980484512e" - } - ] -} -2017-07-09 19:58:05 ERROR Not authorized to update field "role" -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tmeasday", role: "editor", id: "59626ead950633980484512e", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "_id": "59626ead950633980484512e" - } - ] -} -2017-07-09 19:58:05 ERROR remove user failed for finalQuery: { - "_id": "583291a1638566b3c5a92ca1", - "$or": [ - { - "_id": "59626ead950633980484512e" - } - ] -} -2017-07-09 19:58:05 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tmeasday", role: "editor", id: "59626ead950633980484512e", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59626ead950633980484512e", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "authorId": "59626ead950633980484512e" - } - ] -} -2017-07-09 19:58:05 inserted tweet 59626ead950633980484512f. -2017-07-09 19:58:05 pubsub tweetInserted readOne with user tmeasday is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tmeasday", role: "editor", id: "59626ead950633980484512e", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "authorId": "59626ead950633980484512e" - } - ] -} -2017-07-09 19:58:05 ERROR Not authorized to insert tweet -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tmeasday", role: "editor", id: "59626ead950633980484512e", -Operation: "", variables: "", -Query: -{ - tweet(id: "59626ead950633980484512f") { - author { - id - } - body - } -} - -2017-07-09 19:58:05 tweet readOne with user tmeasday is authorized -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "_id": "59626ead950633980484512e" - } - ] -} -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tmeasday", role: "editor", id: "59626ead950633980484512e", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 19:58:05 tweet readOne with user tmeasday is authorized -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "_id": "59626ead950633980484512e" - } - ] -} -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tmeasday", role: "editor", id: "59626ead950633980484512e", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59626ead950633980484512f", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 19:58:05 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "authorId": "59626ead950633980484512e" - }, - { - "coauthorsIds": "59626ead950633980484512e" - } - ] -} -2017-07-09 19:58:05 updated tweet 59626ead950633980484512f. -2017-07-09 19:58:05 pubsub tweetUpdated readOne with user tmeasday is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tmeasday", role: "editor", id: "59626ead950633980484512e", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 19:58:05 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "authorId": "59626ead950633980484512e" - }, - { - "coauthorsIds": "59626ead950633980484512e" - } - ] -} -2017-07-09 19:58:05 ERROR Not authorized to update tweet -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tmeasday", role: "editor", id: "59626ead950633980484512e", -Operation: "", variables: "", -Query: -{ - tweet(id: "59626ead950633980484512f") { - body - } -} - -2017-07-09 19:58:05 tweet readOne with user tmeasday is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tmeasday", role: "editor", id: "59626ead950633980484512e", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59626ead950633980484512f") -} - -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "authorId": "59626ead950633980484512e" - } - ] -} -2017-07-09 19:58:05 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized -2017-07-09 19:58:05 removed tweet 59626ead950633980484512f. -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tmeasday", role: "editor", id: "59626ead950633980484512e", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "authorId": "59626ead950633980484512e" - } - ] -} -2017-07-09 19:58:05 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized -2017-07-09 19:58:05 ERROR remove tweet failed for finalQuery: { - "_id": "583676d3618530145474e352", - "$or": [ - { - "authorId": "59626ead950633980484512e" - } - ] -} -2017-07-09 19:58:05 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tmeasday", role: "editor", id: "59626ead950633980484512e", -Operation: "", variables: "", -Query: -{ - tweet(id: "59626ead950633980484512f") { - body - } -} - -2017-07-09 19:58:05 tweet readOne with user tmeasday is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tmeasday", role: "editor", id: "59626ead950633980484512e", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59626ead950633980484512e") -} - -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "_id": "59626ead950633980484512e" - } - ] -} -2017-07-09 19:58:05 removed user 59626ead950633980484512e. -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59626ead950633980484512e") { - username - bio - role - } -} - -2017-07-09 19:58:05 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 19:59:58 Logger started -2017-07-09 20:01:09 Logger started -2017-07-09 20:03:22 Logger started -2017-07-09 20:04:03 -------------------------------------------------------------------------------- -2017-07-09 20:04:03 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - role - username - } -} - -2017-07-09 20:04:15 user readOne with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - role - username - } -} - -2017-07-09 20:04:15 user readOne with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca2") { - role - username - } -} - -2017-07-09 20:04:15 user readOne with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - id - username - bio - } -} - -2017-07-09 20:04:15 user readOne with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users { - username - createdAt - } -} - -2017-07-09 20:04:15 users readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(limit: 1) { - username - createdAt - } -} - -2017-07-09 20:04:15 users readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993) { - username - createdAt - } -} - -2017-07-09 20:04:15 users readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } -} - -2017-07-09 20:04:15 users readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers { - username - createdAt - } - } -} - -2017-07-09 20:04:15 user readOne with user stubailo is authorized -2017-07-09 20:04:15 followers readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:04:15 user readOne with user stubailo is authorized -2017-07-09 20:04:15 followers readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-07-09 20:04:15 user readOne with user stubailo is authorized -2017-07-09 20:04:15 followers readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:04:15 user readOne with user stubailo is authorized -2017-07-09 20:04:15 followers readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following { - username - createdAt - } - } -} - -2017-07-09 20:04:15 user readOne with user stubailo is authorized -2017-07-09 20:04:15 following readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:04:15 user readOne with user stubailo is authorized -2017-07-09 20:04:15 following readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-07-09 20:04:15 user readOne with user stubailo is authorized -2017-07-09 20:04:15 following readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:04:15 user readOne with user stubailo is authorized -2017-07-09 20:04:15 following readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets { - id - createdAt - } - } -} - -2017-07-09 20:04:15 user readOne with user stubailo is authorized -2017-07-09 20:04:15 tweets readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(limit: 1) { - id - createdAt - } - } -} - -2017-07-09 20:04:15 user readOne with user stubailo is authorized -2017-07-09 20:04:15 tweets readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } - } -} - -2017-07-09 20:04:15 user readOne with user stubailo is authorized -2017-07-09 20:04:15 tweets readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } - } -} - -2017-07-09 20:04:15 user readOne with user stubailo is authorized -2017-07-09 20:04:15 tweets readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked { - id - createdAt - } - } -} - -2017-07-09 20:04:15 user readOne with user stubailo is authorized -2017-07-09 20:04:15 liked readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(limit: 1) { - id - createdAt - } - } -} - -2017-07-09 20:04:15 user readOne with user stubailo is authorized -2017-07-09 20:04:15 liked readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334) { - id - createdAt - } - } -} - -2017-07-09 20:04:15 user readOne with user stubailo is authorized -2017-07-09 20:04:15 liked readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334, limit: 1) { - id - createdAt - } - } -} - -2017-07-09 20:04:15 user readOne with user stubailo is authorized -2017-07-09 20:04:15 liked readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - author { - username - } - } -} - -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - id - body - } -} - -2017-07-09 20:04:15 tweet readOne with user stubailo is authorized -2017-07-09 20:04:15 tweet readOne with user stubailo is authorized -2017-07-09 20:04:15 author readOne with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets { - id - createdAt - } -} - -2017-07-09 20:04:15 tweets readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(limit: 1) { - id - createdAt - } -} - -2017-07-09 20:04:15 tweets readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } -} - -2017-07-09 20:04:15 tweets readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } -} - -2017-07-09 20:04:15 tweets readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers { - username - createdAt - } - } -} - -2017-07-09 20:04:15 tweet readOne with user stubailo is authorized -2017-07-09 20:04:15 likers readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:04:15 tweet readOne with user stubailo is authorized -2017-07-09 20:04:15 likers readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993) { - username - createdAt - } - } -} - -2017-07-09 20:04:15 tweet readOne with user stubailo is authorized -2017-07-09 20:04:15 likers readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:04:15 tweet readOne with user stubailo is authorized -2017-07-09 20:04:15 likers readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { - id - role - } -} - -2017-07-09 20:04:15 insert user create with user stubailo is authorized -2017-07-09 20:04:15 inserted user 5962701fbd5b289911a30965. -2017-07-09 20:04:15 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-07-09 20:04:15 insert user create with user tobkle is authorized -2017-07-09 20:04:15 inserted user 5962701fbd5b289911a30966. -2017-07-09 20:04:15 pubsub userInserted readOne with user tobkle is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", -Operation: "", variables: "", -Query: -{ - user(id: "5962701fbd5b289911a30966") { - username - bio - role - } -} - -2017-07-09 20:04:15 user readOne with user tobkle is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", -Operation: "", variables: "", -Query: -{ - user(id: "5962701fbd5b289911a30965") { - username - role - } -} - -2017-07-09 20:04:15 user readOne with user tobkle is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "5962701fbd5b289911a30966", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-07-09 20:04:15 update user update with user tobkle is authorized -2017-07-09 20:04:15 updated user 5962701fbd5b289911a30966. -2017-07-09 20:04:15 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "5962701fbd5b289911a30965", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:04:15 update user update with user tobkle is authorized -2017-07-09 20:04:15 updated user 5962701fbd5b289911a30965. -2017-07-09 20:04:15 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "5962701fbd5b289911a30966", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:04:15 update user update with user tobkle is authorized -2017-07-09 20:04:15 updated user 5962701fbd5b289911a30966. -2017-07-09 20:04:15 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "5962701fbd5b289911a30965", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-07-09 20:04:15 update user update with user tobkle is authorized -2017-07-09 20:04:15 updated user 5962701fbd5b289911a30965. -2017-07-09 20:04:15 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "editor", id: "5962701fbd5b289911a30965", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "5962701fbd5b289911a30965", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:04:15 authQuery: { - "$or": [ - { - "_id": "5962701fbd5b289911a30965" - } - ] -} -2017-07-09 20:04:15 ERROR Not authorized to update field "role" -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "zoltan", role: "admin", id: "5962701fbd5b289911a30966", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "5962701fbd5b289911a30965", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:04:15 update user update with user zoltan is authorized -2017-07-09 20:04:15 updated user 5962701fbd5b289911a30965. -2017-07-09 20:04:15 pubsub userUpdated readOne with user zoltan is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "5962701fbd5b289911a30966") -} - -2017-07-09 20:04:15 removeUser delete with user tobkle is authorized -2017-07-09 20:04:15 removed user 5962701fbd5b289911a30966. -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "5962701fbd5b289911a30965", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 20:04:15 insert tweet create with user tobkle is authorized -2017-07-09 20:04:15 inserted tweet 5962701fbd5b289911a30967. -2017-07-09 20:04:15 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", -Operation: "", variables: "", -Query: -{ - tweet(id: "5962701fbd5b289911a30967") { - author { - id - } - body - } -} - -2017-07-09 20:04:15 tweet readOne with user tobkle is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 20:04:15 insert tweet create with user tobkle is authorized -2017-07-09 20:04:15 author readOne with user tobkle is authorized -2017-07-09 20:04:15 inserted tweet 5962701fbd5b289911a30968. -2017-07-09 20:04:15 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 20:04:15 tweet readOne with user tobkle is authorized -2017-07-09 20:04:15 author readOne with user tobkle is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "5962701fbd5b289911a30967", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:04:15 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 20:04:15 update tweet update with user tobkle is authorized -2017-07-09 20:04:15 updated tweet 5962701fbd5b289911a30967. -2017-07-09 20:04:15 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "5962701fbd5b289911a30968", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:04:15 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 20:04:15 update tweet update with user tobkle is authorized -2017-07-09 20:04:15 updated tweet 5962701fbd5b289911a30968. -2017-07-09 20:04:15 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", -Operation: "", variables: "", -Query: -{ - tweet(id: "5962701fbd5b289911a30967") { - body - } -} - -2017-07-09 20:04:15 tweet readOne with user tobkle is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "5962701fbd5b289911a30967") -} - -2017-07-09 20:04:15 removeTweet delete with user tobkle is authorized -2017-07-09 20:04:15 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 20:04:15 removed tweet 5962701fbd5b289911a30967. -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "5962701fbd5b289911a30968") -} - -2017-07-09 20:04:15 removeTweet delete with user tobkle is authorized -2017-07-09 20:04:15 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 20:04:15 removed tweet 5962701fbd5b289911a30968. -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", -Operation: "", variables: "", -Query: -{ - tweet(id: "5962701fbd5b289911a30967") { - body - } -} - -2017-07-09 20:04:15 tweet readOne with user tobkle is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "5962701fbd5b289911a30965") -} - -2017-07-09 20:04:15 removeUser delete with user tobkle is authorized -2017-07-09 20:04:15 removed user 5962701fbd5b289911a30965. -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "5962701fbd5b289911a30965") { - username - bio - role - } -} - -2017-07-09 20:04:15 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-07-09 20:04:15 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-07-09 20:04:15 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:04:15 ERROR Authorization: Not authorized to update in update user. -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-07-09 20:04:15 ERROR Authorization: Not authorized to delete in removeUser. -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 20:04:15 ERROR Authorization: Not authorized to create in insert tweet. -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 20:04:15 tweet readOne with user is authorized -2017-07-09 20:04:15 ERROR Authorization: Not authorized to readOne in author. -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:04:15 tweet getOneById in updateById for docBefore readOne with user is authorized -2017-07-09 20:04:15 ERROR Authorization: Not authorized to update in update tweet. -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:04:15 tweet getOneById in updateById for docBefore readOne with user is authorized -2017-07-09 20:04:15 ERROR Authorization: Not authorized to update in update tweet. -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-07-09 20:04:15 ERROR Authorization: Not authorized to delete in removeTweet. -2017-07-09 20:04:15 tweet getOneById in removeById for docBefore readOne with user is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { - id - role - } -} - -2017-07-09 20:04:15 insert user create with user stubailo is authorized -2017-07-09 20:04:15 inserted user 5962701fbd5b289911a30969. -2017-07-09 20:04:15 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-07-09 20:04:15 authQuery: { - "$or": [] -} -2017-07-09 20:04:15 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-07-09 20:04:15 authQuery: { - "$or": [ - { - "_id": "5962701fbd5b289911a30969" - } - ] -} -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", -Operation: "", variables: "", -Query: -{ - user(id: "5962701fbd5b289911a30969") { - username - } -} - -2017-07-09 20:04:15 authQuery: { - "$or": [ - { - "_id": "5962701fbd5b289911a30969" - } - ] -} -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", -Operation: "", variables: "", -Query: -{ - user(id: "5962701fbd5b289911a30969") { - username - role - } -} - -2017-07-09 20:04:15 authQuery: { - "$or": [ - { - "_id": "5962701fbd5b289911a30969" - } - ] -} -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:04:15 authQuery: { - "$or": [ - { - "_id": "5962701fbd5b289911a30969" - } - ] -} -2017-07-09 20:04:15 ERROR Not authorized to update user -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "5962701fbd5b289911a30969", input: {username: "tobkle", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-07-09 20:04:15 authQuery: { - "$or": [ - { - "_id": "5962701fbd5b289911a30969" - } - ] -} -2017-07-09 20:04:15 updated user 5962701fbd5b289911a30969. -2017-07-09 20:04:15 authQuery: { - "$or": [ - { - "_id": "5962701fbd5b289911a30969" - } - ] -} -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "5962701fbd5b289911a30969", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:04:15 authQuery: { - "$or": [ - { - "_id": "5962701fbd5b289911a30969" - } - ] -} -2017-07-09 20:04:15 ERROR Not authorized to update field "role" -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-07-09 20:04:16 authQuery: { - "$or": [ - { - "_id": "5962701fbd5b289911a30969" - } - ] -} -2017-07-09 20:04:16 ERROR remove user failed for finalQuery: { - "_id": "583291a1638566b3c5a92ca1", - "$or": [ - { - "_id": "5962701fbd5b289911a30969" - } - ] -} -2017-07-09 20:04:16 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "5962701fbd5b289911a30969", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 20:04:16 authQuery: { - "$or": [ - { - "authorId": "5962701fbd5b289911a30969" - } - ] -} -2017-07-09 20:04:16 inserted tweet 59627020bd5b289911a3096a. -2017-07-09 20:04:16 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 20:04:16 authQuery: { - "$or": [ - { - "authorId": "5962701fbd5b289911a30969" - } - ] -} -2017-07-09 20:04:16 ERROR Not authorized to insert tweet -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", -Operation: "", variables: "", -Query: -{ - tweet(id: "59627020bd5b289911a3096a") { - author { - id - } - body - } -} - -2017-07-09 20:04:16 tweet readOne with user tobkle is authorized -2017-07-09 20:04:16 authQuery: { - "$or": [ - { - "_id": "5962701fbd5b289911a30969" - } - ] -} -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 20:04:16 tweet readOne with user tobkle is authorized -2017-07-09 20:04:16 authQuery: { - "$or": [ - { - "_id": "5962701fbd5b289911a30969" - } - ] -} -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59627020bd5b289911a3096a", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:04:16 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 20:04:16 authQuery: { - "$or": [ - { - "authorId": "5962701fbd5b289911a30969" - }, - { - "coauthorsIds": "5962701fbd5b289911a30969" - } - ] -} -2017-07-09 20:04:16 updated tweet 59627020bd5b289911a3096a. -2017-07-09 20:04:16 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:04:16 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 20:04:16 authQuery: { - "$or": [ - { - "authorId": "5962701fbd5b289911a30969" - }, - { - "coauthorsIds": "5962701fbd5b289911a30969" - } - ] -} -2017-07-09 20:04:16 ERROR Not authorized to update tweet -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", -Operation: "", variables: "", -Query: -{ - tweet(id: "59627020bd5b289911a3096a") { - body - } -} - -2017-07-09 20:04:16 tweet readOne with user tobkle is authorized -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59627020bd5b289911a3096a") -} - -2017-07-09 20:04:16 authQuery: { - "$or": [ - { - "authorId": "5962701fbd5b289911a30969" - } - ] -} -2017-07-09 20:04:16 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 20:04:16 removed tweet 59627020bd5b289911a3096a. -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-07-09 20:04:16 authQuery: { - "$or": [ - { - "authorId": "5962701fbd5b289911a30969" - } - ] -} -2017-07-09 20:04:16 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 20:04:16 ERROR remove tweet failed for finalQuery: { - "_id": "583676d3618530145474e352", - "$or": [ - { - "authorId": "5962701fbd5b289911a30969" - } - ] -} -2017-07-09 20:04:16 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", -Operation: "", variables: "", -Query: -{ - tweet(id: "59627020bd5b289911a3096a") { - body - } -} - -2017-07-09 20:04:16 tweet readOne with user tobkle is authorized -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "5962701fbd5b289911a30969") -} - -2017-07-09 20:04:16 authQuery: { - "$or": [ - { - "_id": "5962701fbd5b289911a30969" - } - ] -} -2017-07-09 20:04:16 removed user 5962701fbd5b289911a30969. -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "5962701fbd5b289911a30969") { - username - bio - role - } -} - -2017-07-09 20:04:16 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { - id - role - } -} - -2017-07-09 20:04:16 insert user create with user stubailo is authorized -2017-07-09 20:04:16 inserted user 59627020bd5b289911a3096b. -2017-07-09 20:04:16 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tobkle", role: "editor", id: "59627020bd5b289911a3096b", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-07-09 20:04:16 authQuery: { - "$or": [] -} -2017-07-09 20:04:16 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tobkle", role: "editor", id: "59627020bd5b289911a3096b", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-07-09 20:04:16 authQuery: { - "$or": [ - { - "_id": "59627020bd5b289911a3096b" - } - ] -} -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tobkle", role: "editor", id: "59627020bd5b289911a3096b", -Operation: "", variables: "", -Query: -{ - user(id: "59627020bd5b289911a3096b") { - username - role - } -} - -2017-07-09 20:04:16 authQuery: { - "$or": [ - { - "_id": "59627020bd5b289911a3096b" - } - ] -} -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tobkle", role: "editor", id: "59627020bd5b289911a3096b", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:04:16 authQuery: { - "$or": [ - { - "_id": "59627020bd5b289911a3096b" - } - ] -} -2017-07-09 20:04:16 ERROR Not authorized to update user -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tobkle", role: "editor", id: "59627020bd5b289911a3096b", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59627020bd5b289911a3096b", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-07-09 20:04:16 authQuery: { - "$or": [ - { - "_id": "59627020bd5b289911a3096b" - } - ] -} -2017-07-09 20:04:16 updated user 59627020bd5b289911a3096b. -2017-07-09 20:04:16 authQuery: { - "$or": [ - { - "_id": "59627020bd5b289911a3096b" - } - ] -} -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tmeasday", role: "editor", id: "59627020bd5b289911a3096b", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59627020bd5b289911a3096b", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:04:16 authQuery: { - "$or": [ - { - "_id": "59627020bd5b289911a3096b" - } - ] -} -2017-07-09 20:04:16 ERROR Not authorized to update field "role" -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tmeasday", role: "editor", id: "59627020bd5b289911a3096b", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-07-09 20:04:16 authQuery: { - "$or": [ - { - "_id": "59627020bd5b289911a3096b" - } - ] -} -2017-07-09 20:04:16 ERROR remove user failed for finalQuery: { - "_id": "583291a1638566b3c5a92ca1", - "$or": [ - { - "_id": "59627020bd5b289911a3096b" - } - ] -} -2017-07-09 20:04:16 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tmeasday", role: "editor", id: "59627020bd5b289911a3096b", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59627020bd5b289911a3096b", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 20:04:16 authQuery: { - "$or": [ - { - "authorId": "59627020bd5b289911a3096b" - } - ] -} -2017-07-09 20:04:16 inserted tweet 59627020bd5b289911a3096c. -2017-07-09 20:04:16 pubsub tweetInserted readOne with user tmeasday is authorized -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tmeasday", role: "editor", id: "59627020bd5b289911a3096b", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 20:04:16 authQuery: { - "$or": [ - { - "authorId": "59627020bd5b289911a3096b" - } - ] -} -2017-07-09 20:04:16 ERROR Not authorized to insert tweet -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tmeasday", role: "editor", id: "59627020bd5b289911a3096b", -Operation: "", variables: "", -Query: -{ - tweet(id: "59627020bd5b289911a3096c") { - author { - id - } - body - } -} - -2017-07-09 20:04:16 tweet readOne with user tmeasday is authorized -2017-07-09 20:04:16 authQuery: { - "$or": [ - { - "_id": "59627020bd5b289911a3096b" - } - ] -} -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tmeasday", role: "editor", id: "59627020bd5b289911a3096b", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 20:04:16 tweet readOne with user tmeasday is authorized -2017-07-09 20:04:16 authQuery: { - "$or": [ - { - "_id": "59627020bd5b289911a3096b" - } - ] -} -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tmeasday", role: "editor", id: "59627020bd5b289911a3096b", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59627020bd5b289911a3096c", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:04:16 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized -2017-07-09 20:04:16 authQuery: { - "$or": [ - { - "authorId": "59627020bd5b289911a3096b" - }, - { - "coauthorsIds": "59627020bd5b289911a3096b" - } - ] -} -2017-07-09 20:04:16 updated tweet 59627020bd5b289911a3096c. -2017-07-09 20:04:16 pubsub tweetUpdated readOne with user tmeasday is authorized -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tmeasday", role: "editor", id: "59627020bd5b289911a3096b", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:04:16 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized -2017-07-09 20:04:16 authQuery: { - "$or": [ - { - "authorId": "59627020bd5b289911a3096b" - }, - { - "coauthorsIds": "59627020bd5b289911a3096b" - } - ] -} -2017-07-09 20:04:16 ERROR Not authorized to update tweet -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tmeasday", role: "editor", id: "59627020bd5b289911a3096b", -Operation: "", variables: "", -Query: -{ - tweet(id: "59627020bd5b289911a3096c") { - body - } -} - -2017-07-09 20:04:16 tweet readOne with user tmeasday is authorized -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tmeasday", role: "editor", id: "59627020bd5b289911a3096b", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59627020bd5b289911a3096c") -} - -2017-07-09 20:04:16 authQuery: { - "$or": [ - { - "authorId": "59627020bd5b289911a3096b" - } - ] -} -2017-07-09 20:04:16 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized -2017-07-09 20:04:16 removed tweet 59627020bd5b289911a3096c. -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tmeasday", role: "editor", id: "59627020bd5b289911a3096b", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-07-09 20:04:16 authQuery: { - "$or": [ - { - "authorId": "59627020bd5b289911a3096b" - } - ] -} -2017-07-09 20:04:16 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized -2017-07-09 20:04:16 ERROR remove tweet failed for finalQuery: { - "_id": "583676d3618530145474e352", - "$or": [ - { - "authorId": "59627020bd5b289911a3096b" - } - ] -} -2017-07-09 20:04:16 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tmeasday", role: "editor", id: "59627020bd5b289911a3096b", -Operation: "", variables: "", -Query: -{ - tweet(id: "59627020bd5b289911a3096c") { - body - } -} - -2017-07-09 20:04:16 tweet readOne with user tmeasday is authorized -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tmeasday", role: "editor", id: "59627020bd5b289911a3096b", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59627020bd5b289911a3096b") -} - -2017-07-09 20:04:16 authQuery: { - "$or": [ - { - "_id": "59627020bd5b289911a3096b" - } - ] -} -2017-07-09 20:04:16 removed user 59627020bd5b289911a3096b. -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59627020bd5b289911a3096b") { - username - bio - role - } -} - -2017-07-09 20:04:16 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 20:05:52 Logger started -2017-07-09 20:28:15 Logger started -2017-07-09 20:29:12 Logger started -2017-07-09 20:30:13 Logger started -2017-07-09 20:30:34 -------------------------------------------------------------------------------- -2017-07-09 20:30:34 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - role - username - } -} - -2017-07-09 20:30:45 user readOne with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - role - username - } -} - -2017-07-09 20:30:45 user readOne with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca2") { - role - username - } -} - -2017-07-09 20:30:45 user readOne with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - id - username - bio - } -} - -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users { - username - createdAt - } -} - -2017-07-09 20:30:45 users readMany with user stubailo is authorized -2017-07-09 20:30:45 user readOne with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(limit: 1) { - username - createdAt - } -} - -2017-07-09 20:30:45 users readMany with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993) { - username - createdAt - } -} - -2017-07-09 20:30:45 users readMany with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } -} - -2017-07-09 20:30:45 users readMany with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers { - username - createdAt - } - } -} - -2017-07-09 20:30:45 user readOne with user stubailo is authorized -2017-07-09 20:30:45 followers readMany with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:30:45 user readOne with user stubailo is authorized -2017-07-09 20:30:45 followers readMany with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-07-09 20:30:45 user readOne with user stubailo is authorized -2017-07-09 20:30:45 followers readMany with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:30:45 user readOne with user stubailo is authorized -2017-07-09 20:30:45 followers readMany with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following { - username - createdAt - } - } -} - -2017-07-09 20:30:45 user readOne with user stubailo is authorized -2017-07-09 20:30:45 following readMany with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:30:45 user readOne with user stubailo is authorized -2017-07-09 20:30:45 following readMany with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-07-09 20:30:45 user readOne with user stubailo is authorized -2017-07-09 20:30:45 following readMany with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:30:45 user readOne with user stubailo is authorized -2017-07-09 20:30:45 following readMany with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets { - id - createdAt - } - } -} - -2017-07-09 20:30:45 user readOne with user stubailo is authorized -2017-07-09 20:30:45 tweets readMany with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(limit: 1) { - id - createdAt - } - } -} - -2017-07-09 20:30:45 user readOne with user stubailo is authorized -2017-07-09 20:30:45 tweets readMany with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } - } -} - -2017-07-09 20:30:45 user readOne with user stubailo is authorized -2017-07-09 20:30:45 tweets readMany with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } - } -} - -2017-07-09 20:30:45 user readOne with user stubailo is authorized -2017-07-09 20:30:45 tweets readMany with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked { - id - createdAt - } - } -} - -2017-07-09 20:30:45 user readOne with user stubailo is authorized -2017-07-09 20:30:45 liked readMany with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(limit: 1) { - id - createdAt - } - } -} - -2017-07-09 20:30:45 user readOne with user stubailo is authorized -2017-07-09 20:30:45 liked readMany with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334) { - id - createdAt - } - } -} - -2017-07-09 20:30:45 user readOne with user stubailo is authorized -2017-07-09 20:30:45 liked readMany with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334, limit: 1) { - id - createdAt - } - } -} - -2017-07-09 20:30:45 user readOne with user stubailo is authorized -2017-07-09 20:30:45 liked readMany with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - id - body - } -} - -2017-07-09 20:30:45 tweet readOne with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - author { - username - } - } -} - -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets { - id - createdAt - } -} - -2017-07-09 20:30:45 tweets readMany with user stubailo is authorized -2017-07-09 20:30:45 tweet readOne with user stubailo is authorized -2017-07-09 20:30:45 author readOne with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(limit: 1) { - id - createdAt - } -} - -2017-07-09 20:30:45 tweets readMany with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } -} - -2017-07-09 20:30:45 tweets readMany with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } -} - -2017-07-09 20:30:45 tweets readMany with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers { - username - createdAt - } - } -} - -2017-07-09 20:30:45 tweet readOne with user stubailo is authorized -2017-07-09 20:30:45 likers readMany with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:30:45 tweet readOne with user stubailo is authorized -2017-07-09 20:30:45 likers readMany with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993) { - username - createdAt - } - } -} - -2017-07-09 20:30:45 tweet readOne with user stubailo is authorized -2017-07-09 20:30:45 likers readMany with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:30:45 tweet readOne with user stubailo is authorized -2017-07-09 20:30:45 likers readMany with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { - id - role - } -} - -2017-07-09 20:30:45 insert user create with user stubailo is authorized -2017-07-09 20:30:45 inserted user 59627655ba519d9b0eb890f9. -2017-07-09 20:30:45 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-07-09 20:30:45 insert user create with user tobkle is authorized -2017-07-09 20:30:45 inserted user 59627655ba519d9b0eb890fa. -2017-07-09 20:30:45 pubsub userInserted readOne with user tobkle is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", -Operation: "", variables: "", -Query: -{ - user(id: "59627655ba519d9b0eb890fa") { - username - bio - role - } -} - -2017-07-09 20:30:45 user readOne with user tobkle is authorized -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", -Operation: "", variables: "", -Query: -{ - user(id: "59627655ba519d9b0eb890f9") { - username - role - } -} - -2017-07-09 20:30:46 user readOne with user tobkle is authorized -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59627655ba519d9b0eb890fa", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-07-09 20:30:46 update user update with user tobkle is authorized -2017-07-09 20:30:46 updated user 59627655ba519d9b0eb890fa. -2017-07-09 20:30:46 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59627655ba519d9b0eb890f9", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:30:46 update user update with user tobkle is authorized -2017-07-09 20:30:46 updated user 59627655ba519d9b0eb890f9. -2017-07-09 20:30:46 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59627655ba519d9b0eb890fa", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:30:46 update user update with user tobkle is authorized -2017-07-09 20:30:46 updated user 59627655ba519d9b0eb890fa. -2017-07-09 20:30:46 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59627655ba519d9b0eb890f9", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-07-09 20:30:46 update user update with user tobkle is authorized -2017-07-09 20:30:46 updated user 59627655ba519d9b0eb890f9. -2017-07-09 20:30:46 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "editor", id: "59627655ba519d9b0eb890f9", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59627655ba519d9b0eb890f9", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "_id": "59627655ba519d9b0eb890f9" - } - ] -} -2017-07-09 20:30:46 ERROR Not authorized to update field "role" -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "zoltan", role: "admin", id: "59627655ba519d9b0eb890fa", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59627655ba519d9b0eb890f9", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:30:46 update user update with user zoltan is authorized -2017-07-09 20:30:46 updated user 59627655ba519d9b0eb890f9. -2017-07-09 20:30:46 pubsub userUpdated readOne with user zoltan is authorized -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59627655ba519d9b0eb890fa") -} - -2017-07-09 20:30:46 removeUser delete with user tobkle is authorized -2017-07-09 20:30:46 removed user 59627655ba519d9b0eb890fa. -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59627655ba519d9b0eb890f9", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 20:30:46 insert tweet create with user tobkle is authorized -2017-07-09 20:30:46 inserted tweet 59627656ba519d9b0eb890fb. -2017-07-09 20:30:46 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 20:30:46 insert tweet create with user tobkle is authorized -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", -Operation: "", variables: "", -Query: -{ - tweet(id: "59627656ba519d9b0eb890fb") { - author { - id - } - body - } -} - -2017-07-09 20:30:46 tweet readOne with user tobkle is authorized -2017-07-09 20:30:46 inserted tweet 59627656ba519d9b0eb890fc. -2017-07-09 20:30:46 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 20:30:46 author readOne with user tobkle is authorized -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 20:30:46 tweet readOne with user tobkle is authorized -2017-07-09 20:30:46 author readOne with user tobkle is authorized -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59627656ba519d9b0eb890fb", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:30:46 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 20:30:46 update tweet update with user tobkle is authorized -2017-07-09 20:30:46 updated tweet 59627656ba519d9b0eb890fb. -2017-07-09 20:30:46 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59627656ba519d9b0eb890fc", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:30:46 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 20:30:46 update tweet update with user tobkle is authorized -2017-07-09 20:30:46 updated tweet 59627656ba519d9b0eb890fc. -2017-07-09 20:30:46 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", -Operation: "", variables: "", -Query: -{ - tweet(id: "59627656ba519d9b0eb890fb") { - body - } -} - -2017-07-09 20:30:46 tweet readOne with user tobkle is authorized -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59627656ba519d9b0eb890fb") -} - -2017-07-09 20:30:46 removeTweet delete with user tobkle is authorized -2017-07-09 20:30:46 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 20:30:46 removed tweet 59627656ba519d9b0eb890fb. -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59627656ba519d9b0eb890fc") -} - -2017-07-09 20:30:46 removeTweet delete with user tobkle is authorized -2017-07-09 20:30:46 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 20:30:46 removed tweet 59627656ba519d9b0eb890fc. -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", -Operation: "", variables: "", -Query: -{ - tweet(id: "59627656ba519d9b0eb890fb") { - body - } -} - -2017-07-09 20:30:46 tweet readOne with user tobkle is authorized -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59627655ba519d9b0eb890f9") -} - -2017-07-09 20:30:46 removeUser delete with user tobkle is authorized -2017-07-09 20:30:46 removed user 59627655ba519d9b0eb890f9. -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59627655ba519d9b0eb890f9") { - username - bio - role - } -} - -2017-07-09 20:30:46 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-07-09 20:30:46 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-07-09 20:30:46 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:30:46 ERROR Authorization: Not authorized to update in update user. -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-07-09 20:30:46 ERROR Authorization: Not authorized to delete in removeUser. -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 20:30:46 ERROR Authorization: Not authorized to create in insert tweet. -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 20:30:46 tweet readOne with user is authorized -2017-07-09 20:30:46 ERROR Authorization: Not authorized to readOne in author. -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:30:46 tweet getOneById in updateById for docBefore readOne with user is authorized -2017-07-09 20:30:46 ERROR Authorization: Not authorized to update in update tweet. -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:30:46 tweet getOneById in updateById for docBefore readOne with user is authorized -2017-07-09 20:30:46 ERROR Authorization: Not authorized to update in update tweet. -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-07-09 20:30:46 ERROR Authorization: Not authorized to delete in removeTweet. -2017-07-09 20:30:46 tweet getOneById in removeById for docBefore readOne with user is authorized -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { - id - role - } -} - -2017-07-09 20:30:46 insert user create with user stubailo is authorized -2017-07-09 20:30:46 inserted user 59627656ba519d9b0eb890fd. -2017-07-09 20:30:46 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-07-09 20:30:46 authQuery: { - "$or": [] -} -2017-07-09 20:30:46 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "_id": "59627656ba519d9b0eb890fd" - } - ] -} -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", -Operation: "", variables: "", -Query: -{ - user(id: "59627656ba519d9b0eb890fd") { - username - } -} - -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "_id": "59627656ba519d9b0eb890fd" - } - ] -} -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", -Operation: "", variables: "", -Query: -{ - user(id: "59627656ba519d9b0eb890fd") { - username - role - } -} - -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "_id": "59627656ba519d9b0eb890fd" - } - ] -} -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "_id": "59627656ba519d9b0eb890fd" - } - ] -} -2017-07-09 20:30:46 ERROR Not authorized to update user -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59627656ba519d9b0eb890fd", input: {username: "tobkle", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "_id": "59627656ba519d9b0eb890fd" - } - ] -} -2017-07-09 20:30:46 updated user 59627656ba519d9b0eb890fd. -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "_id": "59627656ba519d9b0eb890fd" - } - ] -} -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59627656ba519d9b0eb890fd", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "_id": "59627656ba519d9b0eb890fd" - } - ] -} -2017-07-09 20:30:46 ERROR Not authorized to update field "role" -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "_id": "59627656ba519d9b0eb890fd" - } - ] -} -2017-07-09 20:30:46 ERROR remove user failed for finalQuery: { - "_id": "583291a1638566b3c5a92ca1", - "$or": [ - { - "_id": "59627656ba519d9b0eb890fd" - } - ] -} -2017-07-09 20:30:46 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59627656ba519d9b0eb890fd", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "authorId": "59627656ba519d9b0eb890fd" - } - ] -} -2017-07-09 20:30:46 inserted tweet 59627656ba519d9b0eb890fe. -2017-07-09 20:30:46 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "authorId": "59627656ba519d9b0eb890fd" - } - ] -} -2017-07-09 20:30:46 ERROR Not authorized to insert tweet -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", -Operation: "", variables: "", -Query: -{ - tweet(id: "59627656ba519d9b0eb890fe") { - author { - id - } - body - } -} - -2017-07-09 20:30:46 tweet readOne with user tobkle is authorized -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "_id": "59627656ba519d9b0eb890fd" - } - ] -} -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 20:30:46 tweet readOne with user tobkle is authorized -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "_id": "59627656ba519d9b0eb890fd" - } - ] -} -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59627656ba519d9b0eb890fe", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:30:46 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "authorId": "59627656ba519d9b0eb890fd" - }, - { - "coauthorsIds": "59627656ba519d9b0eb890fd" - } - ] -} -2017-07-09 20:30:46 updated tweet 59627656ba519d9b0eb890fe. -2017-07-09 20:30:46 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:30:46 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "authorId": "59627656ba519d9b0eb890fd" - }, - { - "coauthorsIds": "59627656ba519d9b0eb890fd" - } - ] -} -2017-07-09 20:30:46 ERROR Not authorized to update tweet -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", -Operation: "", variables: "", -Query: -{ - tweet(id: "59627656ba519d9b0eb890fe") { - body - } -} - -2017-07-09 20:30:46 tweet readOne with user tobkle is authorized -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59627656ba519d9b0eb890fe") -} - -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "authorId": "59627656ba519d9b0eb890fd" - } - ] -} -2017-07-09 20:30:46 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 20:30:46 removed tweet 59627656ba519d9b0eb890fe. -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "authorId": "59627656ba519d9b0eb890fd" - } - ] -} -2017-07-09 20:30:46 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 20:30:46 ERROR remove tweet failed for finalQuery: { - "_id": "583676d3618530145474e352", - "$or": [ - { - "authorId": "59627656ba519d9b0eb890fd" - } - ] -} -2017-07-09 20:30:46 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", -Operation: "", variables: "", -Query: -{ - tweet(id: "59627656ba519d9b0eb890fe") { - body - } -} - -2017-07-09 20:30:46 tweet readOne with user tobkle is authorized -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59627656ba519d9b0eb890fd") -} - -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "_id": "59627656ba519d9b0eb890fd" - } - ] -} -2017-07-09 20:30:46 removed user 59627656ba519d9b0eb890fd. -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59627656ba519d9b0eb890fd") { - username - bio - role - } -} - -2017-07-09 20:30:46 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { - id - role - } -} - -2017-07-09 20:30:46 insert user create with user stubailo is authorized -2017-07-09 20:30:46 inserted user 59627656ba519d9b0eb890ff. -2017-07-09 20:30:46 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "editor", id: "59627656ba519d9b0eb890ff", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-07-09 20:30:46 authQuery: { - "$or": [] -} -2017-07-09 20:30:46 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "editor", id: "59627656ba519d9b0eb890ff", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "_id": "59627656ba519d9b0eb890ff" - } - ] -} -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "editor", id: "59627656ba519d9b0eb890ff", -Operation: "", variables: "", -Query: -{ - user(id: "59627656ba519d9b0eb890ff") { - username - role - } -} - -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "_id": "59627656ba519d9b0eb890ff" - } - ] -} -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "editor", id: "59627656ba519d9b0eb890ff", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "_id": "59627656ba519d9b0eb890ff" - } - ] -} -2017-07-09 20:30:46 ERROR Not authorized to update user -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "editor", id: "59627656ba519d9b0eb890ff", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59627656ba519d9b0eb890ff", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "_id": "59627656ba519d9b0eb890ff" - } - ] -} -2017-07-09 20:30:46 updated user 59627656ba519d9b0eb890ff. -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "_id": "59627656ba519d9b0eb890ff" - } - ] -} -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tmeasday", role: "editor", id: "59627656ba519d9b0eb890ff", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59627656ba519d9b0eb890ff", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "_id": "59627656ba519d9b0eb890ff" - } - ] -} -2017-07-09 20:30:46 ERROR Not authorized to update field "role" -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tmeasday", role: "editor", id: "59627656ba519d9b0eb890ff", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "_id": "59627656ba519d9b0eb890ff" - } - ] -} -2017-07-09 20:30:46 ERROR remove user failed for finalQuery: { - "_id": "583291a1638566b3c5a92ca1", - "$or": [ - { - "_id": "59627656ba519d9b0eb890ff" - } - ] -} -2017-07-09 20:30:46 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tmeasday", role: "editor", id: "59627656ba519d9b0eb890ff", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59627656ba519d9b0eb890ff", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "authorId": "59627656ba519d9b0eb890ff" - } - ] -} -2017-07-09 20:30:46 inserted tweet 59627656ba519d9b0eb89100. -2017-07-09 20:30:46 pubsub tweetInserted readOne with user tmeasday is authorized -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tmeasday", role: "editor", id: "59627656ba519d9b0eb890ff", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "authorId": "59627656ba519d9b0eb890ff" - } - ] -} -2017-07-09 20:30:46 ERROR Not authorized to insert tweet -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tmeasday", role: "editor", id: "59627656ba519d9b0eb890ff", -Operation: "", variables: "", -Query: -{ - tweet(id: "59627656ba519d9b0eb89100") { - author { - id - } - body - } -} - -2017-07-09 20:30:46 tweet readOne with user tmeasday is authorized -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "_id": "59627656ba519d9b0eb890ff" - } - ] -} -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tmeasday", role: "editor", id: "59627656ba519d9b0eb890ff", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 20:30:46 tweet readOne with user tmeasday is authorized -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "_id": "59627656ba519d9b0eb890ff" - } - ] -} -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tmeasday", role: "editor", id: "59627656ba519d9b0eb890ff", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59627656ba519d9b0eb89100", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:30:46 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "authorId": "59627656ba519d9b0eb890ff" - }, - { - "coauthorsIds": "59627656ba519d9b0eb890ff" - } - ] -} -2017-07-09 20:30:46 updated tweet 59627656ba519d9b0eb89100. -2017-07-09 20:30:46 pubsub tweetUpdated readOne with user tmeasday is authorized -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tmeasday", role: "editor", id: "59627656ba519d9b0eb890ff", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:30:46 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "authorId": "59627656ba519d9b0eb890ff" - }, - { - "coauthorsIds": "59627656ba519d9b0eb890ff" - } - ] -} -2017-07-09 20:30:46 ERROR Not authorized to update tweet -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tmeasday", role: "editor", id: "59627656ba519d9b0eb890ff", -Operation: "", variables: "", -Query: -{ - tweet(id: "59627656ba519d9b0eb89100") { - body - } -} - -2017-07-09 20:30:46 tweet readOne with user tmeasday is authorized -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tmeasday", role: "editor", id: "59627656ba519d9b0eb890ff", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59627656ba519d9b0eb89100") -} - -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "authorId": "59627656ba519d9b0eb890ff" - } - ] -} -2017-07-09 20:30:46 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized -2017-07-09 20:30:46 removed tweet 59627656ba519d9b0eb89100. -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tmeasday", role: "editor", id: "59627656ba519d9b0eb890ff", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "authorId": "59627656ba519d9b0eb890ff" - } - ] -} -2017-07-09 20:30:46 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized -2017-07-09 20:30:46 ERROR remove tweet failed for finalQuery: { - "_id": "583676d3618530145474e352", - "$or": [ - { - "authorId": "59627656ba519d9b0eb890ff" - } - ] -} -2017-07-09 20:30:46 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tmeasday", role: "editor", id: "59627656ba519d9b0eb890ff", -Operation: "", variables: "", -Query: -{ - tweet(id: "59627656ba519d9b0eb89100") { - body - } -} - -2017-07-09 20:30:46 tweet readOne with user tmeasday is authorized -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tmeasday", role: "editor", id: "59627656ba519d9b0eb890ff", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59627656ba519d9b0eb890ff") -} - -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "_id": "59627656ba519d9b0eb890ff" - } - ] -} -2017-07-09 20:30:46 removed user 59627656ba519d9b0eb890ff. -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59627656ba519d9b0eb890ff") { - username - bio - role - } -} - -2017-07-09 20:30:46 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 20:32:30 Logger started -2017-07-09 20:33:01 Logger started -2017-07-09 20:33:14 -------------------------------------------------------------------------------- -2017-07-09 20:33:14 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - role - username - } -} - -2017-07-09 20:33:25 user readOne with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - role - username - } -} - -2017-07-09 20:33:25 user readOne with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca2") { - role - username - } -} - -2017-07-09 20:33:25 user readOne with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - id - username - bio - } -} - -2017-07-09 20:33:25 user readOne with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users { - username - createdAt - } -} - -2017-07-09 20:33:25 users readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(limit: 1) { - username - createdAt - } -} - -2017-07-09 20:33:25 users readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993) { - username - createdAt - } -} - -2017-07-09 20:33:25 users readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } -} - -2017-07-09 20:33:25 users readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers { - username - createdAt - } - } -} - -2017-07-09 20:33:25 user readOne with user stubailo is authorized -2017-07-09 20:33:25 followers readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:33:25 user readOne with user stubailo is authorized -2017-07-09 20:33:25 followers readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-07-09 20:33:25 user readOne with user stubailo is authorized -2017-07-09 20:33:25 followers readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:33:25 user readOne with user stubailo is authorized -2017-07-09 20:33:25 followers readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following { - username - createdAt - } - } -} - -2017-07-09 20:33:25 user readOne with user stubailo is authorized -2017-07-09 20:33:25 following readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:33:25 user readOne with user stubailo is authorized -2017-07-09 20:33:25 following readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-07-09 20:33:25 user readOne with user stubailo is authorized -2017-07-09 20:33:25 following readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:33:25 user readOne with user stubailo is authorized -2017-07-09 20:33:25 following readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets { - id - createdAt - } - } -} - -2017-07-09 20:33:25 user readOne with user stubailo is authorized -2017-07-09 20:33:25 tweets readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(limit: 1) { - id - createdAt - } - } -} - -2017-07-09 20:33:25 user readOne with user stubailo is authorized -2017-07-09 20:33:25 tweets readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } - } -} - -2017-07-09 20:33:25 user readOne with user stubailo is authorized -2017-07-09 20:33:25 tweets readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } - } -} - -2017-07-09 20:33:25 user readOne with user stubailo is authorized -2017-07-09 20:33:25 tweets readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked { - id - createdAt - } - } -} - -2017-07-09 20:33:25 user readOne with user stubailo is authorized -2017-07-09 20:33:25 liked readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(limit: 1) { - id - createdAt - } - } -} - -2017-07-09 20:33:25 user readOne with user stubailo is authorized -2017-07-09 20:33:25 liked readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334) { - id - createdAt - } - } -} - -2017-07-09 20:33:25 user readOne with user stubailo is authorized -2017-07-09 20:33:25 liked readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334, limit: 1) { - id - createdAt - } - } -} - -2017-07-09 20:33:25 user readOne with user stubailo is authorized -2017-07-09 20:33:25 liked readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - author { - username - } - } -} - -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - id - body - } -} - -2017-07-09 20:33:25 tweet readOne with user stubailo is authorized -2017-07-09 20:33:25 tweet readOne with user stubailo is authorized -2017-07-09 20:33:25 author readOne with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets { - id - createdAt - } -} - -2017-07-09 20:33:25 tweets readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(limit: 1) { - id - createdAt - } -} - -2017-07-09 20:33:25 tweets readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } -} - -2017-07-09 20:33:25 tweets readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } -} - -2017-07-09 20:33:25 tweets readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers { - username - createdAt - } - } -} - -2017-07-09 20:33:25 tweet readOne with user stubailo is authorized -2017-07-09 20:33:25 likers readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:33:25 tweet readOne with user stubailo is authorized -2017-07-09 20:33:25 likers readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993) { - username - createdAt - } - } -} - -2017-07-09 20:33:25 tweet readOne with user stubailo is authorized -2017-07-09 20:33:25 likers readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:33:25 tweet readOne with user stubailo is authorized -2017-07-09 20:33:25 likers readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { - id - role - } -} - -2017-07-09 20:33:25 insert user create with user stubailo is authorized -2017-07-09 20:33:25 inserted user 596276f59bce489b8e6d4df3. -2017-07-09 20:33:25 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-07-09 20:33:25 insert user create with user tobkle is authorized -2017-07-09 20:33:25 inserted user 596276f59bce489b8e6d4df4. -2017-07-09 20:33:25 pubsub userInserted readOne with user tobkle is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", -Operation: "", variables: "", -Query: -{ - user(id: "596276f59bce489b8e6d4df4") { - username - bio - role - } -} - -2017-07-09 20:33:25 user readOne with user tobkle is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", -Operation: "", variables: "", -Query: -{ - user(id: "596276f59bce489b8e6d4df3") { - username - role - } -} - -2017-07-09 20:33:25 user readOne with user tobkle is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596276f59bce489b8e6d4df4", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-07-09 20:33:25 update user update with user tobkle is authorized -2017-07-09 20:33:25 updated user 596276f59bce489b8e6d4df4. -2017-07-09 20:33:25 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596276f59bce489b8e6d4df3", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:33:25 update user update with user tobkle is authorized -2017-07-09 20:33:25 updated user 596276f59bce489b8e6d4df3. -2017-07-09 20:33:25 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596276f59bce489b8e6d4df4", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:33:25 update user update with user tobkle is authorized -2017-07-09 20:33:25 updated user 596276f59bce489b8e6d4df4. -2017-07-09 20:33:25 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596276f59bce489b8e6d4df3", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-07-09 20:33:25 update user update with user tobkle is authorized -2017-07-09 20:33:25 updated user 596276f59bce489b8e6d4df3. -2017-07-09 20:33:25 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "tobkle", role: "editor", id: "596276f59bce489b8e6d4df3", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596276f59bce489b8e6d4df3", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:33:25 authQuery: { - "$or": [ - { - "_id": "596276f59bce489b8e6d4df3" - } - ] -} -2017-07-09 20:33:25 ERROR Not authorized to update field "role" -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "zoltan", role: "admin", id: "596276f59bce489b8e6d4df4", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596276f59bce489b8e6d4df3", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:33:25 update user update with user zoltan is authorized -2017-07-09 20:33:25 updated user 596276f59bce489b8e6d4df3. -2017-07-09 20:33:25 pubsub userUpdated readOne with user zoltan is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "596276f59bce489b8e6d4df4") -} - -2017-07-09 20:33:25 removeUser delete with user tobkle is authorized -2017-07-09 20:33:25 removed user 596276f59bce489b8e6d4df4. -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "596276f59bce489b8e6d4df3", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 20:33:25 insert tweet create with user tobkle is authorized -2017-07-09 20:33:25 inserted tweet 596276f59bce489b8e6d4df5. -2017-07-09 20:33:25 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 20:33:25 insert tweet create with user tobkle is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", -Operation: "", variables: "", -Query: -{ - tweet(id: "596276f59bce489b8e6d4df5") { - author { - id - } - body - } -} - -2017-07-09 20:33:25 tweet readOne with user tobkle is authorized -2017-07-09 20:33:25 inserted tweet 596276f59bce489b8e6d4df6. -2017-07-09 20:33:25 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 20:33:25 author readOne with user tobkle is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 20:33:25 tweet readOne with user tobkle is authorized -2017-07-09 20:33:25 author readOne with user tobkle is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "596276f59bce489b8e6d4df5", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:33:25 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 20:33:25 update tweet update with user tobkle is authorized -2017-07-09 20:33:25 updated tweet 596276f59bce489b8e6d4df5. -2017-07-09 20:33:25 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "596276f59bce489b8e6d4df6", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:33:25 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 20:33:25 update tweet update with user tobkle is authorized -2017-07-09 20:33:25 updated tweet 596276f59bce489b8e6d4df6. -2017-07-09 20:33:25 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", -Operation: "", variables: "", -Query: -{ - tweet(id: "596276f59bce489b8e6d4df5") { - body - } -} - -2017-07-09 20:33:25 tweet readOne with user tobkle is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "596276f59bce489b8e6d4df5") -} - -2017-07-09 20:33:25 removeTweet delete with user tobkle is authorized -2017-07-09 20:33:25 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 20:33:25 removed tweet 596276f59bce489b8e6d4df5. -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "596276f59bce489b8e6d4df6") -} - -2017-07-09 20:33:25 removeTweet delete with user tobkle is authorized -2017-07-09 20:33:25 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 20:33:25 removed tweet 596276f59bce489b8e6d4df6. -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", -Operation: "", variables: "", -Query: -{ - tweet(id: "596276f59bce489b8e6d4df5") { - body - } -} - -2017-07-09 20:33:25 tweet readOne with user tobkle is authorized -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "596276f59bce489b8e6d4df3") -} - -2017-07-09 20:33:26 removeUser delete with user tobkle is authorized -2017-07-09 20:33:26 removed user 596276f59bce489b8e6d4df3. -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "596276f59bce489b8e6d4df3") { - username - bio - role - } -} - -2017-07-09 20:33:26 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-07-09 20:33:26 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-07-09 20:33:26 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:33:26 ERROR Authorization: Not authorized to update in update user. -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-07-09 20:33:26 ERROR Authorization: Not authorized to delete in removeUser. -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 20:33:26 ERROR Authorization: Not authorized to create in insert tweet. -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 20:33:26 tweet readOne with user is authorized -2017-07-09 20:33:26 ERROR Authorization: Not authorized to readOne in author. -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:33:26 tweet getOneById in updateById for docBefore readOne with user is authorized -2017-07-09 20:33:26 ERROR Authorization: Not authorized to update in update tweet. -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:33:26 tweet getOneById in updateById for docBefore readOne with user is authorized -2017-07-09 20:33:26 ERROR Authorization: Not authorized to update in update tweet. -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-07-09 20:33:26 ERROR Authorization: Not authorized to delete in removeTweet. -2017-07-09 20:33:26 tweet getOneById in removeById for docBefore readOne with user is authorized -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { - id - role - } -} - -2017-07-09 20:33:26 insert user create with user stubailo is authorized -2017-07-09 20:33:26 inserted user 596276f69bce489b8e6d4df7. -2017-07-09 20:33:26 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-07-09 20:33:26 authQuery: { - "$or": [] -} -2017-07-09 20:33:26 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "_id": "596276f69bce489b8e6d4df7" - } - ] -} -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", -Operation: "", variables: "", -Query: -{ - user(id: "596276f69bce489b8e6d4df7") { - username - } -} - -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "_id": "596276f69bce489b8e6d4df7" - } - ] -} -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", -Operation: "", variables: "", -Query: -{ - user(id: "596276f69bce489b8e6d4df7") { - username - role - } -} - -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "_id": "596276f69bce489b8e6d4df7" - } - ] -} -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "_id": "596276f69bce489b8e6d4df7" - } - ] -} -2017-07-09 20:33:26 ERROR Not authorized to update field "role" -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596276f69bce489b8e6d4df7", input: {username: "tobkle", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "_id": "596276f69bce489b8e6d4df7" - } - ] -} -2017-07-09 20:33:26 updated user 596276f69bce489b8e6d4df7. -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "_id": "596276f69bce489b8e6d4df7" - } - ] -} -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596276f69bce489b8e6d4df7", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "_id": "596276f69bce489b8e6d4df7" - } - ] -} -2017-07-09 20:33:26 ERROR Not authorized to update field "role" -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "_id": "596276f69bce489b8e6d4df7" - } - ] -} -2017-07-09 20:33:26 ERROR remove user failed for finalQuery: { - "_id": "583291a1638566b3c5a92ca1", - "$or": [ - { - "_id": "596276f69bce489b8e6d4df7" - } - ] -} -2017-07-09 20:33:26 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "596276f69bce489b8e6d4df7", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "authorId": "596276f69bce489b8e6d4df7" - } - ] -} -2017-07-09 20:33:26 inserted tweet 596276f69bce489b8e6d4df8. -2017-07-09 20:33:26 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "authorId": "596276f69bce489b8e6d4df7" - } - ] -} -2017-07-09 20:33:26 ERROR Not authorized to insert tweet -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", -Operation: "", variables: "", -Query: -{ - tweet(id: "596276f69bce489b8e6d4df8") { - author { - id - } - body - } -} - -2017-07-09 20:33:26 tweet readOne with user tobkle is authorized -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "_id": "596276f69bce489b8e6d4df7" - } - ] -} -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 20:33:26 tweet readOne with user tobkle is authorized -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "_id": "596276f69bce489b8e6d4df7" - } - ] -} -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "596276f69bce489b8e6d4df8", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:33:26 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "authorId": "596276f69bce489b8e6d4df7" - }, - { - "coauthorsIds": "596276f69bce489b8e6d4df7" - } - ] -} -2017-07-09 20:33:26 updated tweet 596276f69bce489b8e6d4df8. -2017-07-09 20:33:26 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:33:26 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "authorId": "596276f69bce489b8e6d4df7" - }, - { - "coauthorsIds": "596276f69bce489b8e6d4df7" - } - ] -} -2017-07-09 20:33:26 ERROR Not authorized to update tweet -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", -Operation: "", variables: "", -Query: -{ - tweet(id: "596276f69bce489b8e6d4df8") { - body - } -} - -2017-07-09 20:33:26 tweet readOne with user tobkle is authorized -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "596276f69bce489b8e6d4df8") -} - -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "authorId": "596276f69bce489b8e6d4df7" - } - ] -} -2017-07-09 20:33:26 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 20:33:26 removed tweet 596276f69bce489b8e6d4df8. -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "authorId": "596276f69bce489b8e6d4df7" - } - ] -} -2017-07-09 20:33:26 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 20:33:26 ERROR remove tweet failed for finalQuery: { - "_id": "583676d3618530145474e352", - "$or": [ - { - "authorId": "596276f69bce489b8e6d4df7" - } - ] -} -2017-07-09 20:33:26 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", -Operation: "", variables: "", -Query: -{ - tweet(id: "596276f69bce489b8e6d4df8") { - body - } -} - -2017-07-09 20:33:26 tweet readOne with user tobkle is authorized -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "596276f69bce489b8e6d4df7") -} - -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "_id": "596276f69bce489b8e6d4df7" - } - ] -} -2017-07-09 20:33:26 removed user 596276f69bce489b8e6d4df7. -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "596276f69bce489b8e6d4df7") { - username - bio - role - } -} - -2017-07-09 20:33:26 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { - id - role - } -} - -2017-07-09 20:33:26 insert user create with user stubailo is authorized -2017-07-09 20:33:26 inserted user 596276f69bce489b8e6d4df9. -2017-07-09 20:33:26 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tobkle", role: "editor", id: "596276f69bce489b8e6d4df9", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-07-09 20:33:26 authQuery: { - "$or": [] -} -2017-07-09 20:33:26 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tobkle", role: "editor", id: "596276f69bce489b8e6d4df9", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "_id": "596276f69bce489b8e6d4df9" - } - ] -} -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tobkle", role: "editor", id: "596276f69bce489b8e6d4df9", -Operation: "", variables: "", -Query: -{ - user(id: "596276f69bce489b8e6d4df9") { - username - role - } -} - -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "_id": "596276f69bce489b8e6d4df9" - } - ] -} -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tobkle", role: "editor", id: "596276f69bce489b8e6d4df9", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "_id": "596276f69bce489b8e6d4df9" - } - ] -} -2017-07-09 20:33:26 ERROR Not authorized to update field "role" -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tobkle", role: "editor", id: "596276f69bce489b8e6d4df9", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596276f69bce489b8e6d4df9", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "_id": "596276f69bce489b8e6d4df9" - } - ] -} -2017-07-09 20:33:26 updated user 596276f69bce489b8e6d4df9. -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "_id": "596276f69bce489b8e6d4df9" - } - ] -} -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tmeasday", role: "editor", id: "596276f69bce489b8e6d4df9", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596276f69bce489b8e6d4df9", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "_id": "596276f69bce489b8e6d4df9" - } - ] -} -2017-07-09 20:33:26 ERROR Not authorized to update field "role" -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tmeasday", role: "editor", id: "596276f69bce489b8e6d4df9", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "_id": "596276f69bce489b8e6d4df9" - } - ] -} -2017-07-09 20:33:26 ERROR remove user failed for finalQuery: { - "_id": "583291a1638566b3c5a92ca1", - "$or": [ - { - "_id": "596276f69bce489b8e6d4df9" - } - ] -} -2017-07-09 20:33:26 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tmeasday", role: "editor", id: "596276f69bce489b8e6d4df9", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "596276f69bce489b8e6d4df9", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "authorId": "596276f69bce489b8e6d4df9" - } - ] -} -2017-07-09 20:33:26 inserted tweet 596276f69bce489b8e6d4dfa. -2017-07-09 20:33:26 pubsub tweetInserted readOne with user tmeasday is authorized -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tmeasday", role: "editor", id: "596276f69bce489b8e6d4df9", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "authorId": "596276f69bce489b8e6d4df9" - } - ] -} -2017-07-09 20:33:26 ERROR Not authorized to insert tweet -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tmeasday", role: "editor", id: "596276f69bce489b8e6d4df9", -Operation: "", variables: "", -Query: -{ - tweet(id: "596276f69bce489b8e6d4dfa") { - author { - id - } - body - } -} - -2017-07-09 20:33:26 tweet readOne with user tmeasday is authorized -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "_id": "596276f69bce489b8e6d4df9" - } - ] -} -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tmeasday", role: "editor", id: "596276f69bce489b8e6d4df9", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 20:33:26 tweet readOne with user tmeasday is authorized -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "_id": "596276f69bce489b8e6d4df9" - } - ] -} -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tmeasday", role: "editor", id: "596276f69bce489b8e6d4df9", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "596276f69bce489b8e6d4dfa", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:33:26 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "authorId": "596276f69bce489b8e6d4df9" - }, - { - "coauthorsIds": "596276f69bce489b8e6d4df9" - } - ] -} -2017-07-09 20:33:26 updated tweet 596276f69bce489b8e6d4dfa. -2017-07-09 20:33:26 pubsub tweetUpdated readOne with user tmeasday is authorized -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tmeasday", role: "editor", id: "596276f69bce489b8e6d4df9", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:33:26 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "authorId": "596276f69bce489b8e6d4df9" - }, - { - "coauthorsIds": "596276f69bce489b8e6d4df9" - } - ] -} -2017-07-09 20:33:26 ERROR Not authorized to update tweet -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tmeasday", role: "editor", id: "596276f69bce489b8e6d4df9", -Operation: "", variables: "", -Query: -{ - tweet(id: "596276f69bce489b8e6d4dfa") { - body - } -} - -2017-07-09 20:33:26 tweet readOne with user tmeasday is authorized -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tmeasday", role: "editor", id: "596276f69bce489b8e6d4df9", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "596276f69bce489b8e6d4dfa") -} - -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "authorId": "596276f69bce489b8e6d4df9" - } - ] -} -2017-07-09 20:33:26 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized -2017-07-09 20:33:26 removed tweet 596276f69bce489b8e6d4dfa. -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tmeasday", role: "editor", id: "596276f69bce489b8e6d4df9", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "authorId": "596276f69bce489b8e6d4df9" - } - ] -} -2017-07-09 20:33:26 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized -2017-07-09 20:33:26 ERROR remove tweet failed for finalQuery: { - "_id": "583676d3618530145474e352", - "$or": [ - { - "authorId": "596276f69bce489b8e6d4df9" - } - ] -} -2017-07-09 20:33:26 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tmeasday", role: "editor", id: "596276f69bce489b8e6d4df9", -Operation: "", variables: "", -Query: -{ - tweet(id: "596276f69bce489b8e6d4dfa") { - body - } -} - -2017-07-09 20:33:26 tweet readOne with user tmeasday is authorized -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tmeasday", role: "editor", id: "596276f69bce489b8e6d4df9", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "596276f69bce489b8e6d4df9") -} - -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "_id": "596276f69bce489b8e6d4df9" - } - ] -} -2017-07-09 20:33:26 removed user 596276f69bce489b8e6d4df9. -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "596276f69bce489b8e6d4df9") { - username - bio - role - } -} - -2017-07-09 20:33:26 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 20:34:32 Logger started -2017-07-09 20:35:00 Logger started -2017-07-09 20:35:21 Logger started -2017-07-09 20:35:45 -------------------------------------------------------------------------------- -2017-07-09 20:35:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - role - username - } -} - -2017-07-09 20:35:56 user readOne with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - role - username - } -} - -2017-07-09 20:35:56 user readOne with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca2") { - role - username - } -} - -2017-07-09 20:35:56 user readOne with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - id - username - bio - } -} - -2017-07-09 20:35:56 user readOne with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users { - username - createdAt - } -} - -2017-07-09 20:35:56 users readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(limit: 1) { - username - createdAt - } -} - -2017-07-09 20:35:56 users readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993) { - username - createdAt - } -} - -2017-07-09 20:35:56 users readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } -} - -2017-07-09 20:35:56 users readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers { - username - createdAt - } - } -} - -2017-07-09 20:35:56 user readOne with user stubailo is authorized -2017-07-09 20:35:56 followers readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:35:56 user readOne with user stubailo is authorized -2017-07-09 20:35:56 followers readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-07-09 20:35:56 user readOne with user stubailo is authorized -2017-07-09 20:35:56 followers readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:35:56 user readOne with user stubailo is authorized -2017-07-09 20:35:56 followers readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following { - username - createdAt - } - } -} - -2017-07-09 20:35:56 user readOne with user stubailo is authorized -2017-07-09 20:35:56 following readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:35:56 user readOne with user stubailo is authorized -2017-07-09 20:35:56 following readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-07-09 20:35:56 user readOne with user stubailo is authorized -2017-07-09 20:35:56 following readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:35:56 user readOne with user stubailo is authorized -2017-07-09 20:35:56 following readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets { - id - createdAt - } - } -} - -2017-07-09 20:35:56 user readOne with user stubailo is authorized -2017-07-09 20:35:56 tweets readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(limit: 1) { - id - createdAt - } - } -} - -2017-07-09 20:35:56 user readOne with user stubailo is authorized -2017-07-09 20:35:56 tweets readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } - } -} - -2017-07-09 20:35:56 user readOne with user stubailo is authorized -2017-07-09 20:35:56 tweets readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } - } -} - -2017-07-09 20:35:56 user readOne with user stubailo is authorized -2017-07-09 20:35:56 tweets readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked { - id - createdAt - } - } -} - -2017-07-09 20:35:56 user readOne with user stubailo is authorized -2017-07-09 20:35:56 liked readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(limit: 1) { - id - createdAt - } - } -} - -2017-07-09 20:35:56 user readOne with user stubailo is authorized -2017-07-09 20:35:56 liked readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334) { - id - createdAt - } - } -} - -2017-07-09 20:35:56 user readOne with user stubailo is authorized -2017-07-09 20:35:56 liked readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334, limit: 1) { - id - createdAt - } - } -} - -2017-07-09 20:35:56 user readOne with user stubailo is authorized -2017-07-09 20:35:56 liked readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - author { - username - } - } -} - -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - id - body - } -} - -2017-07-09 20:35:56 tweet readOne with user stubailo is authorized -2017-07-09 20:35:56 tweet readOne with user stubailo is authorized -2017-07-09 20:35:56 author readOne with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets { - id - createdAt - } -} - -2017-07-09 20:35:56 tweets readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(limit: 1) { - id - createdAt - } -} - -2017-07-09 20:35:56 tweets readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } -} - -2017-07-09 20:35:56 tweets readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } -} - -2017-07-09 20:35:56 tweets readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers { - username - createdAt - } - } -} - -2017-07-09 20:35:56 tweet readOne with user stubailo is authorized -2017-07-09 20:35:56 likers readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:35:56 tweet readOne with user stubailo is authorized -2017-07-09 20:35:56 likers readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993) { - username - createdAt - } - } -} - -2017-07-09 20:35:56 tweet readOne with user stubailo is authorized -2017-07-09 20:35:56 likers readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:35:56 tweet readOne with user stubailo is authorized -2017-07-09 20:35:56 likers readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { - id - role - } -} - -2017-07-09 20:35:56 insert user create with user stubailo is authorized -2017-07-09 20:35:56 inserted user 5962778c08de6c9c11df0d23. -2017-07-09 20:35:56 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-07-09 20:35:56 insert user create with user tobkle is authorized -2017-07-09 20:35:56 inserted user 5962778c08de6c9c11df0d24. -2017-07-09 20:35:56 pubsub userInserted readOne with user tobkle is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", -Operation: "", variables: "", -Query: -{ - user(id: "5962778c08de6c9c11df0d24") { - username - bio - role - } -} - -2017-07-09 20:35:56 user readOne with user tobkle is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", -Operation: "", variables: "", -Query: -{ - user(id: "5962778c08de6c9c11df0d23") { - username - role - } -} - -2017-07-09 20:35:56 user readOne with user tobkle is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "5962778c08de6c9c11df0d24", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-07-09 20:35:56 update user update with user tobkle is authorized -2017-07-09 20:35:56 updated user 5962778c08de6c9c11df0d24. -2017-07-09 20:35:56 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "5962778c08de6c9c11df0d23", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:35:56 update user update with user tobkle is authorized -2017-07-09 20:35:56 updated user 5962778c08de6c9c11df0d23. -2017-07-09 20:35:56 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "5962778c08de6c9c11df0d24", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:35:56 update user update with user tobkle is authorized -2017-07-09 20:35:56 updated user 5962778c08de6c9c11df0d24. -2017-07-09 20:35:56 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "5962778c08de6c9c11df0d23", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-07-09 20:35:56 update user update with user tobkle is authorized -2017-07-09 20:35:56 updated user 5962778c08de6c9c11df0d23. -2017-07-09 20:35:56 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "tobkle", role: "editor", id: "5962778c08de6c9c11df0d23", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "5962778c08de6c9c11df0d23", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:35:56 authQuery: { - "$or": [ - { - "_id": "5962778c08de6c9c11df0d23" - } - ] -} -2017-07-09 20:35:56 ERROR Not authorized to update field "role" -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "zoltan", role: "admin", id: "5962778c08de6c9c11df0d24", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "5962778c08de6c9c11df0d23", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:35:56 update user update with user zoltan is authorized -2017-07-09 20:35:56 updated user 5962778c08de6c9c11df0d23. -2017-07-09 20:35:56 pubsub userUpdated readOne with user zoltan is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "5962778c08de6c9c11df0d24") -} - -2017-07-09 20:35:56 removeUser delete with user tobkle is authorized -2017-07-09 20:35:56 removed user 5962778c08de6c9c11df0d24. -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "5962778c08de6c9c11df0d23", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 20:35:57 insert tweet create with user tobkle is authorized -2017-07-09 20:35:57 inserted tweet 5962778d08de6c9c11df0d25. -2017-07-09 20:35:57 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 20:35:57 insert tweet create with user tobkle is authorized -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", -Operation: "", variables: "", -Query: -{ - tweet(id: "5962778d08de6c9c11df0d25") { - author { - id - } - body - } -} - -2017-07-09 20:35:57 tweet readOne with user tobkle is authorized -2017-07-09 20:35:57 inserted tweet 5962778d08de6c9c11df0d26. -2017-07-09 20:35:57 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 20:35:57 author readOne with user tobkle is authorized -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 20:35:57 tweet readOne with user tobkle is authorized -2017-07-09 20:35:57 author readOne with user tobkle is authorized -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "5962778d08de6c9c11df0d25", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:35:57 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 20:35:57 update tweet update with user tobkle is authorized -2017-07-09 20:35:57 updated tweet 5962778d08de6c9c11df0d25. -2017-07-09 20:35:57 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "5962778d08de6c9c11df0d26", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:35:57 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 20:35:57 update tweet update with user tobkle is authorized -2017-07-09 20:35:57 updated tweet 5962778d08de6c9c11df0d26. -2017-07-09 20:35:57 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", -Operation: "", variables: "", -Query: -{ - tweet(id: "5962778d08de6c9c11df0d25") { - body - } -} - -2017-07-09 20:35:57 tweet readOne with user tobkle is authorized -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "5962778d08de6c9c11df0d25") -} - -2017-07-09 20:35:57 removeTweet delete with user tobkle is authorized -2017-07-09 20:35:57 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 20:35:57 removed tweet 5962778d08de6c9c11df0d25. -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "5962778d08de6c9c11df0d26") -} - -2017-07-09 20:35:57 removeTweet delete with user tobkle is authorized -2017-07-09 20:35:57 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 20:35:57 removed tweet 5962778d08de6c9c11df0d26. -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", -Operation: "", variables: "", -Query: -{ - tweet(id: "5962778d08de6c9c11df0d25") { - body - } -} - -2017-07-09 20:35:57 tweet readOne with user tobkle is authorized -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "5962778c08de6c9c11df0d23") -} - -2017-07-09 20:35:57 removeUser delete with user tobkle is authorized -2017-07-09 20:35:57 removed user 5962778c08de6c9c11df0d23. -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "5962778c08de6c9c11df0d23") { - username - bio - role - } -} - -2017-07-09 20:35:57 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-07-09 20:35:57 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-07-09 20:35:57 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:35:57 ERROR Authorization: Not authorized to update in update user. -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-07-09 20:35:57 ERROR Authorization: Not authorized to delete in removeUser. -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 20:35:57 ERROR Authorization: Not authorized to create in insert tweet. -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 20:35:57 tweet readOne with user is authorized -2017-07-09 20:35:57 ERROR Authorization: Not authorized to readOne in author. -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:35:57 tweet getOneById in updateById for docBefore readOne with user is authorized -2017-07-09 20:35:57 ERROR Authorization: Not authorized to update in update tweet. -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:35:57 tweet getOneById in updateById for docBefore readOne with user is authorized -2017-07-09 20:35:57 ERROR Authorization: Not authorized to update in update tweet. -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-07-09 20:35:57 ERROR Authorization: Not authorized to delete in removeTweet. -2017-07-09 20:35:57 tweet getOneById in removeById for docBefore readOne with user is authorized -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { - id - role - } -} - -2017-07-09 20:35:57 insert user create with user stubailo is authorized -2017-07-09 20:35:57 inserted user 5962778d08de6c9c11df0d27. -2017-07-09 20:35:57 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-07-09 20:35:57 authQuery: { - "$or": [] -} -2017-07-09 20:35:57 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "_id": "5962778d08de6c9c11df0d27" - } - ] -} -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", -Operation: "", variables: "", -Query: -{ - user(id: "5962778d08de6c9c11df0d27") { - username - } -} - -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "_id": "5962778d08de6c9c11df0d27" - } - ] -} -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", -Operation: "", variables: "", -Query: -{ - user(id: "5962778d08de6c9c11df0d27") { - username - role - } -} - -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "_id": "5962778d08de6c9c11df0d27" - } - ] -} -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "_id": "5962778d08de6c9c11df0d27" - } - ] -} -2017-07-09 20:35:57 ERROR Not authorized to update field "role" -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "5962778d08de6c9c11df0d27", input: {username: "tobkle", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "_id": "5962778d08de6c9c11df0d27" - } - ] -} -2017-07-09 20:35:57 updated user 5962778d08de6c9c11df0d27. -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "_id": "5962778d08de6c9c11df0d27" - } - ] -} -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "5962778d08de6c9c11df0d27", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "_id": "5962778d08de6c9c11df0d27" - } - ] -} -2017-07-09 20:35:57 ERROR Not authorized to update field "role" -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "_id": "5962778d08de6c9c11df0d27" - } - ] -} -2017-07-09 20:35:57 ERROR remove user failed for finalQuery: { - "_id": "583291a1638566b3c5a92ca1", - "$or": [ - { - "_id": "5962778d08de6c9c11df0d27" - } - ] -} -2017-07-09 20:35:57 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "5962778d08de6c9c11df0d27", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "authorId": "5962778d08de6c9c11df0d27" - } - ] -} -2017-07-09 20:35:57 inserted tweet 5962778d08de6c9c11df0d28. -2017-07-09 20:35:57 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "authorId": "5962778d08de6c9c11df0d27" - } - ] -} -2017-07-09 20:35:57 ERROR Not authorized to insert tweet -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", -Operation: "", variables: "", -Query: -{ - tweet(id: "5962778d08de6c9c11df0d28") { - author { - id - } - body - } -} - -2017-07-09 20:35:57 tweet readOne with user tobkle is authorized -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "_id": "5962778d08de6c9c11df0d27" - } - ] -} -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 20:35:57 tweet readOne with user tobkle is authorized -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "_id": "5962778d08de6c9c11df0d27" - } - ] -} -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "5962778d08de6c9c11df0d28", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:35:57 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "authorId": "5962778d08de6c9c11df0d27" - }, - { - "coauthorsIds": "5962778d08de6c9c11df0d27" - } - ] -} -2017-07-09 20:35:57 updated tweet 5962778d08de6c9c11df0d28. -2017-07-09 20:35:57 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:35:57 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "authorId": "5962778d08de6c9c11df0d27" - }, - { - "coauthorsIds": "5962778d08de6c9c11df0d27" - } - ] -} -2017-07-09 20:35:57 ERROR update tweet failed finalQuery: { - "_id": "583676d3618530145474e352", - "$or": [ - { - "authorId": "5962778d08de6c9c11df0d27" - }, - { - "coauthorsIds": "5962778d08de6c9c11df0d27" - } - ] -} -2017-07-09 20:35:57 ERROR update tweet failed for docToUpdate: { - "$set": { - "body": "This is a modified test tweet", - "updatedAt": 1499625357426, - "updatedById": "5962778d08de6c9c11df0d27" - } -} -2017-07-09 20:35:57 ERROR update tweet not possible for 583676d3618530145474e352. -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", -Operation: "", variables: "", -Query: -{ - tweet(id: "5962778d08de6c9c11df0d28") { - body - } -} - -2017-07-09 20:35:57 tweet readOne with user tobkle is authorized -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "5962778d08de6c9c11df0d28") -} - -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "authorId": "5962778d08de6c9c11df0d27" - } - ] -} -2017-07-09 20:35:57 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 20:35:57 removed tweet 5962778d08de6c9c11df0d28. -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "authorId": "5962778d08de6c9c11df0d27" - } - ] -} -2017-07-09 20:35:57 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 20:35:57 ERROR remove tweet failed for finalQuery: { - "_id": "583676d3618530145474e352", - "$or": [ - { - "authorId": "5962778d08de6c9c11df0d27" - } - ] -} -2017-07-09 20:35:57 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", -Operation: "", variables: "", -Query: -{ - tweet(id: "5962778d08de6c9c11df0d28") { - body - } -} - -2017-07-09 20:35:57 tweet readOne with user tobkle is authorized -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "5962778d08de6c9c11df0d27") -} - -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "_id": "5962778d08de6c9c11df0d27" - } - ] -} -2017-07-09 20:35:57 removed user 5962778d08de6c9c11df0d27. -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "5962778d08de6c9c11df0d27") { - username - bio - role - } -} - -2017-07-09 20:35:57 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { - id - role - } -} - -2017-07-09 20:35:57 insert user create with user stubailo is authorized -2017-07-09 20:35:57 inserted user 5962778d08de6c9c11df0d29. -2017-07-09 20:35:57 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "editor", id: "5962778d08de6c9c11df0d29", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-07-09 20:35:57 authQuery: { - "$or": [] -} -2017-07-09 20:35:57 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "editor", id: "5962778d08de6c9c11df0d29", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "_id": "5962778d08de6c9c11df0d29" - } - ] -} -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "editor", id: "5962778d08de6c9c11df0d29", -Operation: "", variables: "", -Query: -{ - user(id: "5962778d08de6c9c11df0d29") { - username - role - } -} - -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "_id": "5962778d08de6c9c11df0d29" - } - ] -} -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "editor", id: "5962778d08de6c9c11df0d29", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "_id": "5962778d08de6c9c11df0d29" - } - ] -} -2017-07-09 20:35:57 ERROR Not authorized to update field "role" -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "editor", id: "5962778d08de6c9c11df0d29", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "5962778d08de6c9c11df0d29", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "_id": "5962778d08de6c9c11df0d29" - } - ] -} -2017-07-09 20:35:57 updated user 5962778d08de6c9c11df0d29. -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "_id": "5962778d08de6c9c11df0d29" - } - ] -} -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tmeasday", role: "editor", id: "5962778d08de6c9c11df0d29", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "5962778d08de6c9c11df0d29", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "_id": "5962778d08de6c9c11df0d29" - } - ] -} -2017-07-09 20:35:57 ERROR Not authorized to update field "role" -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tmeasday", role: "editor", id: "5962778d08de6c9c11df0d29", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "_id": "5962778d08de6c9c11df0d29" - } - ] -} -2017-07-09 20:35:57 ERROR remove user failed for finalQuery: { - "_id": "583291a1638566b3c5a92ca1", - "$or": [ - { - "_id": "5962778d08de6c9c11df0d29" - } - ] -} -2017-07-09 20:35:57 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tmeasday", role: "editor", id: "5962778d08de6c9c11df0d29", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "5962778d08de6c9c11df0d29", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "authorId": "5962778d08de6c9c11df0d29" - } - ] -} -2017-07-09 20:35:57 inserted tweet 5962778d08de6c9c11df0d2a. -2017-07-09 20:35:57 pubsub tweetInserted readOne with user tmeasday is authorized -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tmeasday", role: "editor", id: "5962778d08de6c9c11df0d29", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "authorId": "5962778d08de6c9c11df0d29" - } - ] -} -2017-07-09 20:35:57 ERROR Not authorized to insert tweet -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tmeasday", role: "editor", id: "5962778d08de6c9c11df0d29", -Operation: "", variables: "", -Query: -{ - tweet(id: "5962778d08de6c9c11df0d2a") { - author { - id - } - body - } -} - -2017-07-09 20:35:57 tweet readOne with user tmeasday is authorized -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "_id": "5962778d08de6c9c11df0d29" - } - ] -} -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tmeasday", role: "editor", id: "5962778d08de6c9c11df0d29", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 20:35:57 tweet readOne with user tmeasday is authorized -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "_id": "5962778d08de6c9c11df0d29" - } - ] -} -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tmeasday", role: "editor", id: "5962778d08de6c9c11df0d29", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "5962778d08de6c9c11df0d2a", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:35:57 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "authorId": "5962778d08de6c9c11df0d29" - }, - { - "coauthorsIds": "5962778d08de6c9c11df0d29" - } - ] -} -2017-07-09 20:35:57 updated tweet 5962778d08de6c9c11df0d2a. -2017-07-09 20:35:57 pubsub tweetUpdated readOne with user tmeasday is authorized -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tmeasday", role: "editor", id: "5962778d08de6c9c11df0d29", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:35:57 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "authorId": "5962778d08de6c9c11df0d29" - }, - { - "coauthorsIds": "5962778d08de6c9c11df0d29" - } - ] -} -2017-07-09 20:35:57 ERROR update tweet failed finalQuery: { - "_id": "583676d3618530145474e352", - "$or": [ - { - "authorId": "5962778d08de6c9c11df0d29" - }, - { - "coauthorsIds": "5962778d08de6c9c11df0d29" - } - ] -} -2017-07-09 20:35:57 ERROR update tweet failed for docToUpdate: { - "$set": { - "body": "This is a modified test tweet", - "updatedAt": 1499625357646, - "updatedById": "5962778d08de6c9c11df0d29" - } -} -2017-07-09 20:35:57 ERROR update tweet not possible for 583676d3618530145474e352. -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tmeasday", role: "editor", id: "5962778d08de6c9c11df0d29", -Operation: "", variables: "", -Query: -{ - tweet(id: "5962778d08de6c9c11df0d2a") { - body - } -} - -2017-07-09 20:35:57 tweet readOne with user tmeasday is authorized -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tmeasday", role: "editor", id: "5962778d08de6c9c11df0d29", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "5962778d08de6c9c11df0d2a") -} - -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "authorId": "5962778d08de6c9c11df0d29" - } - ] -} -2017-07-09 20:35:57 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized -2017-07-09 20:35:57 removed tweet 5962778d08de6c9c11df0d2a. -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tmeasday", role: "editor", id: "5962778d08de6c9c11df0d29", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "authorId": "5962778d08de6c9c11df0d29" - } - ] -} -2017-07-09 20:35:57 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized -2017-07-09 20:35:57 ERROR remove tweet failed for finalQuery: { - "_id": "583676d3618530145474e352", - "$or": [ - { - "authorId": "5962778d08de6c9c11df0d29" - } - ] -} -2017-07-09 20:35:57 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tmeasday", role: "editor", id: "5962778d08de6c9c11df0d29", -Operation: "", variables: "", -Query: -{ - tweet(id: "5962778d08de6c9c11df0d2a") { - body - } -} - -2017-07-09 20:35:57 tweet readOne with user tmeasday is authorized -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tmeasday", role: "editor", id: "5962778d08de6c9c11df0d29", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "5962778d08de6c9c11df0d29") -} - -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "_id": "5962778d08de6c9c11df0d29" - } - ] -} -2017-07-09 20:35:57 removed user 5962778d08de6c9c11df0d29. -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "5962778d08de6c9c11df0d29") { - username - bio - role - } -} - -2017-07-09 20:35:57 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 20:36:20 Logger started -2017-07-09 20:36:33 Logger started -2017-07-09 20:37:37 Logger started -2017-07-09 20:38:24 Logger started -2017-07-09 20:39:07 -------------------------------------------------------------------------------- -2017-07-09 20:39:07 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - role - username - } -} - -2017-07-09 20:39:18 user readOne with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - role - username - } -} - -2017-07-09 20:39:18 user readOne with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca2") { - role - username - } -} - -2017-07-09 20:39:18 user readOne with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - id - username - bio - } -} - -2017-07-09 20:39:18 user readOne with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users { - username - createdAt - } -} - -2017-07-09 20:39:18 users readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(limit: 1) { - username - createdAt - } -} - -2017-07-09 20:39:18 users readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993) { - username - createdAt - } -} - -2017-07-09 20:39:18 users readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } -} - -2017-07-09 20:39:18 users readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers { - username - createdAt - } - } -} - -2017-07-09 20:39:18 user readOne with user stubailo is authorized -2017-07-09 20:39:18 followers readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:39:18 user readOne with user stubailo is authorized -2017-07-09 20:39:18 followers readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-07-09 20:39:18 user readOne with user stubailo is authorized -2017-07-09 20:39:18 followers readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:39:18 user readOne with user stubailo is authorized -2017-07-09 20:39:18 followers readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following { - username - createdAt - } - } -} - -2017-07-09 20:39:18 user readOne with user stubailo is authorized -2017-07-09 20:39:18 following readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:39:18 user readOne with user stubailo is authorized -2017-07-09 20:39:18 following readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-07-09 20:39:18 user readOne with user stubailo is authorized -2017-07-09 20:39:18 following readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:39:18 user readOne with user stubailo is authorized -2017-07-09 20:39:18 following readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets { - id - createdAt - } - } -} - -2017-07-09 20:39:18 user readOne with user stubailo is authorized -2017-07-09 20:39:18 tweets readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(limit: 1) { - id - createdAt - } - } -} - -2017-07-09 20:39:18 user readOne with user stubailo is authorized -2017-07-09 20:39:18 tweets readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } - } -} - -2017-07-09 20:39:18 user readOne with user stubailo is authorized -2017-07-09 20:39:18 tweets readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } - } -} - -2017-07-09 20:39:18 user readOne with user stubailo is authorized -2017-07-09 20:39:18 tweets readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked { - id - createdAt - } - } -} - -2017-07-09 20:39:18 user readOne with user stubailo is authorized -2017-07-09 20:39:18 liked readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(limit: 1) { - id - createdAt - } - } -} - -2017-07-09 20:39:18 user readOne with user stubailo is authorized -2017-07-09 20:39:18 liked readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334) { - id - createdAt - } - } -} - -2017-07-09 20:39:18 user readOne with user stubailo is authorized -2017-07-09 20:39:18 liked readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334, limit: 1) { - id - createdAt - } - } -} - -2017-07-09 20:39:18 user readOne with user stubailo is authorized -2017-07-09 20:39:18 liked readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets { - id - createdAt - } -} - -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - author { - username - } - } -} - -2017-07-09 20:39:18 tweets readMany with user stubailo is authorized -2017-07-09 20:39:18 tweet readOne with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - id - body - } -} - -2017-07-09 20:39:18 tweet readOne with user stubailo is authorized -2017-07-09 20:39:18 author readOne with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(limit: 1) { - id - createdAt - } -} - -2017-07-09 20:39:18 tweets readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } -} - -2017-07-09 20:39:18 tweets readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } -} - -2017-07-09 20:39:18 tweets readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers { - username - createdAt - } - } -} - -2017-07-09 20:39:18 tweet readOne with user stubailo is authorized -2017-07-09 20:39:18 likers readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:39:18 tweet readOne with user stubailo is authorized -2017-07-09 20:39:18 likers readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993) { - username - createdAt - } - } -} - -2017-07-09 20:39:18 tweet readOne with user stubailo is authorized -2017-07-09 20:39:18 likers readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:39:18 tweet readOne with user stubailo is authorized -2017-07-09 20:39:18 likers readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { - id - role - } -} - -2017-07-09 20:39:18 insert user create with user stubailo is authorized -2017-07-09 20:39:18 inserted user 596278564c57819cb42922c4. -2017-07-09 20:39:18 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-07-09 20:39:18 insert user create with user tobkle is authorized -2017-07-09 20:39:18 inserted user 596278564c57819cb42922c5. -2017-07-09 20:39:18 pubsub userInserted readOne with user tobkle is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", -Operation: "", variables: "", -Query: -{ - user(id: "596278564c57819cb42922c5") { - username - bio - role - } -} - -2017-07-09 20:39:18 user readOne with user tobkle is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", -Operation: "", variables: "", -Query: -{ - user(id: "596278564c57819cb42922c4") { - username - role - } -} - -2017-07-09 20:39:18 user readOne with user tobkle is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596278564c57819cb42922c5", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-07-09 20:39:18 update user update with user tobkle is authorized -2017-07-09 20:39:18 updated user 596278564c57819cb42922c5. -2017-07-09 20:39:18 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596278564c57819cb42922c4", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:39:18 update user update with user tobkle is authorized -2017-07-09 20:39:18 updated user 596278564c57819cb42922c4. -2017-07-09 20:39:18 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596278564c57819cb42922c5", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:39:18 update user update with user tobkle is authorized -2017-07-09 20:39:18 updated user 596278564c57819cb42922c5. -2017-07-09 20:39:18 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596278564c57819cb42922c4", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-07-09 20:39:18 update user update with user tobkle is authorized -2017-07-09 20:39:18 updated user 596278564c57819cb42922c4. -2017-07-09 20:39:18 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "tobkle", role: "editor", id: "596278564c57819cb42922c4", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596278564c57819cb42922c4", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:39:18 authQuery: { - "$or": [ - { - "_id": "596278564c57819cb42922c4" - } - ] -} -2017-07-09 20:39:18 ERROR Not authorized to update field "role" -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "zoltan", role: "admin", id: "596278564c57819cb42922c5", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596278564c57819cb42922c4", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:39:19 update user update with user zoltan is authorized -2017-07-09 20:39:19 updated user 596278564c57819cb42922c4. -2017-07-09 20:39:19 pubsub userUpdated readOne with user zoltan is authorized -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "596278564c57819cb42922c5") -} - -2017-07-09 20:39:19 removeUser delete with user tobkle is authorized -2017-07-09 20:39:19 removed user 596278564c57819cb42922c5. -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "596278564c57819cb42922c4", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 20:39:19 insert tweet create with user tobkle is authorized -2017-07-09 20:39:19 inserted tweet 596278574c57819cb42922c6. -2017-07-09 20:39:19 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 20:39:19 insert tweet create with user tobkle is authorized -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", -Operation: "", variables: "", -Query: -{ - tweet(id: "596278574c57819cb42922c6") { - author { - id - } - body - } -} - -2017-07-09 20:39:19 tweet readOne with user tobkle is authorized -2017-07-09 20:39:19 inserted tweet 596278574c57819cb42922c7. -2017-07-09 20:39:19 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 20:39:19 author readOne with user tobkle is authorized -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 20:39:19 tweet readOne with user tobkle is authorized -2017-07-09 20:39:19 author readOne with user tobkle is authorized -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "596278574c57819cb42922c6", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:39:19 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 20:39:19 update tweet update with user tobkle is authorized -2017-07-09 20:39:19 updated tweet 596278574c57819cb42922c6. -2017-07-09 20:39:19 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "596278574c57819cb42922c7", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:39:19 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 20:39:19 update tweet update with user tobkle is authorized -2017-07-09 20:39:19 updated tweet 596278574c57819cb42922c7. -2017-07-09 20:39:19 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", -Operation: "", variables: "", -Query: -{ - tweet(id: "596278574c57819cb42922c6") { - body - } -} - -2017-07-09 20:39:19 tweet readOne with user tobkle is authorized -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "596278574c57819cb42922c6") -} - -2017-07-09 20:39:19 removeTweet delete with user tobkle is authorized -2017-07-09 20:39:19 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 20:39:19 removed tweet 596278574c57819cb42922c6. -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "596278574c57819cb42922c7") -} - -2017-07-09 20:39:19 removeTweet delete with user tobkle is authorized -2017-07-09 20:39:19 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 20:39:19 removed tweet 596278574c57819cb42922c7. -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", -Operation: "", variables: "", -Query: -{ - tweet(id: "596278574c57819cb42922c6") { - body - } -} - -2017-07-09 20:39:19 tweet readOne with user tobkle is authorized -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "596278564c57819cb42922c4") -} - -2017-07-09 20:39:19 removeUser delete with user tobkle is authorized -2017-07-09 20:39:19 removed user 596278564c57819cb42922c4. -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "596278564c57819cb42922c4") { - username - bio - role - } -} - -2017-07-09 20:39:19 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-07-09 20:39:19 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-07-09 20:39:19 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:39:19 ERROR Authorization: Not authorized to update in update user. -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-07-09 20:39:19 ERROR Authorization: Not authorized to delete in removeUser. -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 20:39:19 ERROR Authorization: Not authorized to create in insert tweet. -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 20:39:19 tweet readOne with user is authorized -2017-07-09 20:39:19 ERROR Authorization: Not authorized to readOne in author. -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:39:19 tweet getOneById in updateById for docBefore readOne with user is authorized -2017-07-09 20:39:19 ERROR Authorization: Not authorized to update in update tweet. -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:39:19 tweet getOneById in updateById for docBefore readOne with user is authorized -2017-07-09 20:39:19 ERROR Authorization: Not authorized to update in update tweet. -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-07-09 20:39:19 ERROR Authorization: Not authorized to delete in removeTweet. -2017-07-09 20:39:19 tweet getOneById in removeById for docBefore readOne with user is authorized -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { - id - role - } -} - -2017-07-09 20:39:19 insert user create with user stubailo is authorized -2017-07-09 20:39:19 inserted user 596278574c57819cb42922c8. -2017-07-09 20:39:19 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "user", id: "596278574c57819cb42922c8", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-07-09 20:39:19 authQuery: { - "$or": [] -} -2017-07-09 20:39:19 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "user", id: "596278574c57819cb42922c8", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "_id": "596278574c57819cb42922c8" - } - ] -} -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "user", id: "596278574c57819cb42922c8", -Operation: "", variables: "", -Query: -{ - user(id: "596278574c57819cb42922c8") { - username - } -} - -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "_id": "596278574c57819cb42922c8" - } - ] -} -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "user", id: "596278574c57819cb42922c8", -Operation: "", variables: "", -Query: -{ - user(id: "596278574c57819cb42922c8") { - username - role - } -} - -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "_id": "596278574c57819cb42922c8" - } - ] -} -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "user", id: "596278574c57819cb42922c8", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "_id": "596278574c57819cb42922c8" - } - ] -} -2017-07-09 20:39:19 ERROR Not authorized to update field "role" -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "user", id: "596278574c57819cb42922c8", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596278574c57819cb42922c8", input: {username: "tobkle", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "_id": "596278574c57819cb42922c8" - } - ] -} -2017-07-09 20:39:19 updated user 596278574c57819cb42922c8. -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "_id": "596278574c57819cb42922c8" - } - ] -} -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "user", id: "596278574c57819cb42922c8", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596278574c57819cb42922c8", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "_id": "596278574c57819cb42922c8" - } - ] -} -2017-07-09 20:39:19 ERROR Not authorized to update field "role" -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "user", id: "596278574c57819cb42922c8", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "_id": "596278574c57819cb42922c8" - } - ] -} -2017-07-09 20:39:19 ERROR remove user failed for finalQuery: { - "_id": "583291a1638566b3c5a92ca1", - "$or": [ - { - "_id": "596278574c57819cb42922c8" - } - ] -} -2017-07-09 20:39:19 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "user", id: "596278574c57819cb42922c8", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "596278574c57819cb42922c8", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "authorId": "596278574c57819cb42922c8" - } - ] -} -2017-07-09 20:39:19 inserted tweet 596278574c57819cb42922c9. -2017-07-09 20:39:19 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "user", id: "596278574c57819cb42922c8", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "authorId": "596278574c57819cb42922c8" - } - ] -} -2017-07-09 20:39:19 ERROR Not authorized to insert tweet -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "user", id: "596278574c57819cb42922c8", -Operation: "", variables: "", -Query: -{ - tweet(id: "596278574c57819cb42922c9") { - author { - id - } - body - } -} - -2017-07-09 20:39:19 tweet readOne with user tobkle is authorized -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "_id": "596278574c57819cb42922c8" - } - ] -} -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "user", id: "596278574c57819cb42922c8", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 20:39:19 tweet readOne with user tobkle is authorized -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "_id": "596278574c57819cb42922c8" - } - ] -} -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "user", id: "596278574c57819cb42922c8", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "596278574c57819cb42922c9", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:39:19 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "authorId": "596278574c57819cb42922c8" - }, - { - "coauthorsIds": "596278574c57819cb42922c8" - } - ] -} -2017-07-09 20:39:19 updated tweet 596278574c57819cb42922c9. -2017-07-09 20:39:19 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "user", id: "596278574c57819cb42922c8", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:39:19 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "authorId": "596278574c57819cb42922c8" - }, - { - "coauthorsIds": "596278574c57819cb42922c8" - } - ] -} -2017-07-09 20:39:19 ERROR update tweet failed finalQuery: { - "_id": "583676d3618530145474e352", - "$or": [ - { - "authorId": "596278574c57819cb42922c8" - }, - { - "coauthorsIds": "596278574c57819cb42922c8" - } - ] -} -2017-07-09 20:39:19 ERROR update tweet failed for docToUpdate: { - "$set": { - "body": "This is a modified test tweet", - "updatedAt": 1499625559454, - "updatedById": "596278574c57819cb42922c8" - } -} -2017-07-09 20:39:19 ERROR update tweet not possible for 583676d3618530145474e352. -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "user", id: "596278574c57819cb42922c8", -Operation: "", variables: "", -Query: -{ - tweet(id: "596278574c57819cb42922c9") { - body - } -} - -2017-07-09 20:39:19 tweet readOne with user tobkle is authorized -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "user", id: "596278574c57819cb42922c8", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "596278574c57819cb42922c9") -} - -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "authorId": "596278574c57819cb42922c8" - } - ] -} -2017-07-09 20:39:19 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 20:39:19 removed tweet 596278574c57819cb42922c9. -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "user", id: "596278574c57819cb42922c8", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "authorId": "596278574c57819cb42922c8" - } - ] -} -2017-07-09 20:39:19 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 20:39:19 ERROR remove tweet failed for finalQuery: { - "_id": "583676d3618530145474e352", - "$or": [ - { - "authorId": "596278574c57819cb42922c8" - } - ] -} -2017-07-09 20:39:19 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "user", id: "596278574c57819cb42922c8", -Operation: "", variables: "", -Query: -{ - tweet(id: "596278574c57819cb42922c9") { - body - } -} - -2017-07-09 20:39:19 tweet readOne with user tobkle is authorized -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "user", id: "596278574c57819cb42922c8", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "596278574c57819cb42922c8") -} - -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "_id": "596278574c57819cb42922c8" - } - ] -} -2017-07-09 20:39:19 removed user 596278574c57819cb42922c8. -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "596278574c57819cb42922c8") { - username - bio - role - } -} - -2017-07-09 20:39:19 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { - id - role - } -} - -2017-07-09 20:39:19 insert user create with user stubailo is authorized -2017-07-09 20:39:19 inserted user 596278574c57819cb42922ca. -2017-07-09 20:39:19 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "editor", id: "596278574c57819cb42922ca", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-07-09 20:39:19 authQuery: { - "$or": [] -} -2017-07-09 20:39:19 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "editor", id: "596278574c57819cb42922ca", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "_id": "596278574c57819cb42922ca" - } - ] -} -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "editor", id: "596278574c57819cb42922ca", -Operation: "", variables: "", -Query: -{ - user(id: "596278574c57819cb42922ca") { - username - role - } -} - -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "_id": "596278574c57819cb42922ca" - } - ] -} -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "editor", id: "596278574c57819cb42922ca", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "_id": "596278574c57819cb42922ca" - } - ] -} -2017-07-09 20:39:19 ERROR Not authorized to update field "role" -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "editor", id: "596278574c57819cb42922ca", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596278574c57819cb42922ca", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "_id": "596278574c57819cb42922ca" - } - ] -} -2017-07-09 20:39:19 updated user 596278574c57819cb42922ca. -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "_id": "596278574c57819cb42922ca" - } - ] -} -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tmeasday", role: "editor", id: "596278574c57819cb42922ca", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596278574c57819cb42922ca", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "_id": "596278574c57819cb42922ca" - } - ] -} -2017-07-09 20:39:19 ERROR Not authorized to update field "role" -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tmeasday", role: "editor", id: "596278574c57819cb42922ca", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "_id": "596278574c57819cb42922ca" - } - ] -} -2017-07-09 20:39:19 ERROR remove user failed for finalQuery: { - "_id": "583291a1638566b3c5a92ca1", - "$or": [ - { - "_id": "596278574c57819cb42922ca" - } - ] -} -2017-07-09 20:39:19 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tmeasday", role: "editor", id: "596278574c57819cb42922ca", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "596278574c57819cb42922ca", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "authorId": "596278574c57819cb42922ca" - } - ] -} -2017-07-09 20:39:19 inserted tweet 596278574c57819cb42922cb. -2017-07-09 20:39:19 pubsub tweetInserted readOne with user tmeasday is authorized -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tmeasday", role: "editor", id: "596278574c57819cb42922ca", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "authorId": "596278574c57819cb42922ca" - } - ] -} -2017-07-09 20:39:19 ERROR Not authorized to insert tweet -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tmeasday", role: "editor", id: "596278574c57819cb42922ca", -Operation: "", variables: "", -Query: -{ - tweet(id: "596278574c57819cb42922cb") { - author { - id - } - body - } -} - -2017-07-09 20:39:19 tweet readOne with user tmeasday is authorized -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "_id": "596278574c57819cb42922ca" - } - ] -} -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tmeasday", role: "editor", id: "596278574c57819cb42922ca", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 20:39:19 tweet readOne with user tmeasday is authorized -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "_id": "596278574c57819cb42922ca" - } - ] -} -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tmeasday", role: "editor", id: "596278574c57819cb42922ca", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "596278574c57819cb42922cb", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:39:19 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "authorId": "596278574c57819cb42922ca" - }, - { - "coauthorsIds": "596278574c57819cb42922ca" - } - ] -} -2017-07-09 20:39:19 updated tweet 596278574c57819cb42922cb. -2017-07-09 20:39:19 pubsub tweetUpdated readOne with user tmeasday is authorized -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tmeasday", role: "editor", id: "596278574c57819cb42922ca", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:39:19 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "authorId": "596278574c57819cb42922ca" - }, - { - "coauthorsIds": "596278574c57819cb42922ca" - } - ] -} -2017-07-09 20:39:19 ERROR update tweet failed finalQuery: { - "_id": "583676d3618530145474e352", - "$or": [ - { - "authorId": "596278574c57819cb42922ca" - }, - { - "coauthorsIds": "596278574c57819cb42922ca" - } - ] -} -2017-07-09 20:39:19 ERROR update tweet failed for docToUpdate: { - "$set": { - "body": "This is a modified test tweet", - "updatedAt": 1499625559652, - "updatedById": "596278574c57819cb42922ca" - } -} -2017-07-09 20:39:19 ERROR update tweet not possible for 583676d3618530145474e352. -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tmeasday", role: "editor", id: "596278574c57819cb42922ca", -Operation: "", variables: "", -Query: -{ - tweet(id: "596278574c57819cb42922cb") { - body - } -} - -2017-07-09 20:39:19 tweet readOne with user tmeasday is authorized -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tmeasday", role: "editor", id: "596278574c57819cb42922ca", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "596278574c57819cb42922cb") -} - -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "authorId": "596278574c57819cb42922ca" - } - ] -} -2017-07-09 20:39:19 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized -2017-07-09 20:39:19 removed tweet 596278574c57819cb42922cb. -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tmeasday", role: "editor", id: "596278574c57819cb42922ca", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "authorId": "596278574c57819cb42922ca" - } - ] -} -2017-07-09 20:39:19 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized -2017-07-09 20:39:19 ERROR remove tweet failed for finalQuery: { - "_id": "583676d3618530145474e352", - "$or": [ - { - "authorId": "596278574c57819cb42922ca" - } - ] -} -2017-07-09 20:39:19 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tmeasday", role: "editor", id: "596278574c57819cb42922ca", -Operation: "", variables: "", -Query: -{ - tweet(id: "596278574c57819cb42922cb") { - body - } -} - -2017-07-09 20:39:19 tweet readOne with user tmeasday is authorized -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tmeasday", role: "editor", id: "596278574c57819cb42922ca", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "596278574c57819cb42922ca") -} - -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "_id": "596278574c57819cb42922ca" - } - ] -} -2017-07-09 20:39:19 removed user 596278574c57819cb42922ca. -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "596278574c57819cb42922ca") { - username - bio - role - } -} - -2017-07-09 20:39:19 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 20:42:33 -------------------------------------------------------------------------------- -2017-07-09 20:42:33 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-07-09 20:42:44 -------------------------------------------------------------------------------- -2017-07-09 20:42:44 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-07-09 20:42:44 -------------------------------------------------------------------------------- -2017-07-09 20:42:44 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - role - username - } -} - -2017-07-09 20:42:44 user readOne with user stubailo is authorized -2017-07-09 20:42:44 -------------------------------------------------------------------------------- -2017-07-09 20:42:44 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - role - username - } -} - -2017-07-09 20:42:44 user readOne with user stubailo is authorized -2017-07-09 20:42:44 -------------------------------------------------------------------------------- -2017-07-09 20:42:44 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca2") { - role - username - } -} - -2017-07-09 20:42:44 user readOne with user stubailo is authorized -2017-07-09 20:42:44 -------------------------------------------------------------------------------- -2017-07-09 20:42:44 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - id - username - bio - } -} - -2017-07-09 20:42:44 user readOne with user stubailo is authorized -2017-07-09 20:42:44 -------------------------------------------------------------------------------- -2017-07-09 20:42:44 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users { - username - createdAt - } -} - -2017-07-09 20:42:44 users readMany with user stubailo is authorized -2017-07-09 20:42:44 -------------------------------------------------------------------------------- -2017-07-09 20:42:44 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(limit: 1) { - username - createdAt - } -} - -2017-07-09 20:42:44 users readMany with user stubailo is authorized -2017-07-09 20:42:44 -------------------------------------------------------------------------------- -2017-07-09 20:42:44 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993) { - username - createdAt - } -} - -2017-07-09 20:42:44 users readMany with user stubailo is authorized -2017-07-09 20:42:44 -------------------------------------------------------------------------------- -2017-07-09 20:42:44 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } -} - -2017-07-09 20:42:44 users readMany with user stubailo is authorized -2017-07-09 20:42:44 -------------------------------------------------------------------------------- -2017-07-09 20:42:44 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers { - username - createdAt - } - } -} - -2017-07-09 20:42:44 user readOne with user stubailo is authorized -2017-07-09 20:42:44 followers readMany with user stubailo is authorized -2017-07-09 20:42:44 -------------------------------------------------------------------------------- -2017-07-09 20:42:44 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:42:44 user readOne with user stubailo is authorized -2017-07-09 20:42:44 followers readMany with user stubailo is authorized -2017-07-09 20:42:44 -------------------------------------------------------------------------------- -2017-07-09 20:42:44 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-07-09 20:42:44 user readOne with user stubailo is authorized -2017-07-09 20:42:44 followers readMany with user stubailo is authorized -2017-07-09 20:42:44 -------------------------------------------------------------------------------- -2017-07-09 20:42:44 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:42:44 user readOne with user stubailo is authorized -2017-07-09 20:42:44 followers readMany with user stubailo is authorized -2017-07-09 20:42:44 -------------------------------------------------------------------------------- -2017-07-09 20:42:44 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following { - username - createdAt - } - } -} - -2017-07-09 20:42:44 user readOne with user stubailo is authorized -2017-07-09 20:42:44 following readMany with user stubailo is authorized -2017-07-09 20:42:44 -------------------------------------------------------------------------------- -2017-07-09 20:42:44 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:42:44 user readOne with user stubailo is authorized -2017-07-09 20:42:44 following readMany with user stubailo is authorized -2017-07-09 20:42:44 -------------------------------------------------------------------------------- -2017-07-09 20:42:44 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-07-09 20:42:44 user readOne with user stubailo is authorized -2017-07-09 20:42:44 following readMany with user stubailo is authorized -2017-07-09 20:42:44 -------------------------------------------------------------------------------- -2017-07-09 20:42:44 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:42:44 user readOne with user stubailo is authorized -2017-07-09 20:42:44 following readMany with user stubailo is authorized -2017-07-09 20:42:44 -------------------------------------------------------------------------------- -2017-07-09 20:42:44 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets { - id - createdAt - } - } -} - -2017-07-09 20:42:44 user readOne with user stubailo is authorized -2017-07-09 20:42:44 tweets readMany with user stubailo is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(limit: 1) { - id - createdAt - } - } -} - -2017-07-09 20:42:45 user readOne with user stubailo is authorized -2017-07-09 20:42:45 tweets readMany with user stubailo is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } - } -} - -2017-07-09 20:42:45 user readOne with user stubailo is authorized -2017-07-09 20:42:45 tweets readMany with user stubailo is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } - } -} - -2017-07-09 20:42:45 user readOne with user stubailo is authorized -2017-07-09 20:42:45 tweets readMany with user stubailo is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked { - id - createdAt - } - } -} - -2017-07-09 20:42:45 user readOne with user stubailo is authorized -2017-07-09 20:42:45 liked readMany with user stubailo is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(limit: 1) { - id - createdAt - } - } -} - -2017-07-09 20:42:45 user readOne with user stubailo is authorized -2017-07-09 20:42:45 liked readMany with user stubailo is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334) { - id - createdAt - } - } -} - -2017-07-09 20:42:45 user readOne with user stubailo is authorized -2017-07-09 20:42:45 liked readMany with user stubailo is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334, limit: 1) { - id - createdAt - } - } -} - -2017-07-09 20:42:45 user readOne with user stubailo is authorized -2017-07-09 20:42:45 liked readMany with user stubailo is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - id - body - } -} - -2017-07-09 20:42:45 tweet readOne with user stubailo is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - author { - username - } - } -} - -2017-07-09 20:42:45 tweet readOne with user stubailo is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets { - id - createdAt - } -} - -2017-07-09 20:42:45 tweets readMany with user stubailo is authorized -2017-07-09 20:42:45 author readOne with user stubailo is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(limit: 1) { - id - createdAt - } -} - -2017-07-09 20:42:45 tweets readMany with user stubailo is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } -} - -2017-07-09 20:42:45 tweets readMany with user stubailo is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } -} - -2017-07-09 20:42:45 tweets readMany with user stubailo is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers { - username - createdAt - } - } -} - -2017-07-09 20:42:45 tweet readOne with user stubailo is authorized -2017-07-09 20:42:45 likers readMany with user stubailo is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:42:45 tweet readOne with user stubailo is authorized -2017-07-09 20:42:45 likers readMany with user stubailo is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993) { - username - createdAt - } - } -} - -2017-07-09 20:42:45 tweet readOne with user stubailo is authorized -2017-07-09 20:42:45 likers readMany with user stubailo is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:42:45 tweet readOne with user stubailo is authorized -2017-07-09 20:42:45 likers readMany with user stubailo is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { - id - role - } -} - -2017-07-09 20:42:45 insert user create with user stubailo is authorized -2017-07-09 20:42:45 inserted user 596279254c57819cb42922cc. -2017-07-09 20:42:45 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-07-09 20:42:45 insert user create with user tobkle is authorized -2017-07-09 20:42:45 inserted user 596279254c57819cb42922cd. -2017-07-09 20:42:45 pubsub userInserted readOne with user tobkle is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", -Operation: "", variables: "", -Query: -{ - user(id: "596279254c57819cb42922cd") { - username - bio - role - } -} - -2017-07-09 20:42:45 user readOne with user tobkle is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", -Operation: "", variables: "", -Query: -{ - user(id: "596279254c57819cb42922cc") { - username - role - } -} - -2017-07-09 20:42:45 user readOne with user tobkle is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596279254c57819cb42922cd", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-07-09 20:42:45 update user update with user tobkle is authorized -2017-07-09 20:42:45 updated user 596279254c57819cb42922cd. -2017-07-09 20:42:45 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596279254c57819cb42922cc", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:42:45 update user update with user tobkle is authorized -2017-07-09 20:42:45 updated user 596279254c57819cb42922cc. -2017-07-09 20:42:45 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596279254c57819cb42922cd", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:42:45 update user update with user tobkle is authorized -2017-07-09 20:42:45 updated user 596279254c57819cb42922cd. -2017-07-09 20:42:45 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596279254c57819cb42922cc", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-07-09 20:42:45 update user update with user tobkle is authorized -2017-07-09 20:42:45 updated user 596279254c57819cb42922cc. -2017-07-09 20:42:45 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "editor", id: "596279254c57819cb42922cc", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596279254c57819cb42922cc", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "_id": "596279254c57819cb42922cc" - } - ] -} -2017-07-09 20:42:45 ERROR Not authorized to update field "role" -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "zoltan", role: "admin", id: "596279254c57819cb42922cd", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596279254c57819cb42922cc", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:42:45 update user update with user zoltan is authorized -2017-07-09 20:42:45 updated user 596279254c57819cb42922cc. -2017-07-09 20:42:45 pubsub userUpdated readOne with user zoltan is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "596279254c57819cb42922cd") -} - -2017-07-09 20:42:45 removeUser delete with user tobkle is authorized -2017-07-09 20:42:45 removed user 596279254c57819cb42922cd. -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "596279254c57819cb42922cc", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 20:42:45 insert tweet create with user tobkle is authorized -2017-07-09 20:42:45 inserted tweet 596279254c57819cb42922ce. -2017-07-09 20:42:45 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 20:42:45 insert tweet create with user tobkle is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", -Operation: "", variables: "", -Query: -{ - tweet(id: "596279254c57819cb42922ce") { - author { - id - } - body - } -} - -2017-07-09 20:42:45 tweet readOne with user tobkle is authorized -2017-07-09 20:42:45 inserted tweet 596279254c57819cb42922cf. -2017-07-09 20:42:45 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 20:42:45 author readOne with user tobkle is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 20:42:45 tweet readOne with user tobkle is authorized -2017-07-09 20:42:45 author readOne with user tobkle is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "596279254c57819cb42922ce", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:42:45 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 20:42:45 update tweet update with user tobkle is authorized -2017-07-09 20:42:45 updated tweet 596279254c57819cb42922ce. -2017-07-09 20:42:45 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "596279254c57819cb42922cf", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:42:45 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 20:42:45 update tweet update with user tobkle is authorized -2017-07-09 20:42:45 updated tweet 596279254c57819cb42922cf. -2017-07-09 20:42:45 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", -Operation: "", variables: "", -Query: -{ - tweet(id: "596279254c57819cb42922ce") { - body - } -} - -2017-07-09 20:42:45 tweet readOne with user tobkle is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "596279254c57819cb42922ce") -} - -2017-07-09 20:42:45 removeTweet delete with user tobkle is authorized -2017-07-09 20:42:45 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 20:42:45 removed tweet 596279254c57819cb42922ce. -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "596279254c57819cb42922cf") -} - -2017-07-09 20:42:45 removeTweet delete with user tobkle is authorized -2017-07-09 20:42:45 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 20:42:45 removed tweet 596279254c57819cb42922cf. -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", -Operation: "", variables: "", -Query: -{ - tweet(id: "596279254c57819cb42922ce") { - body - } -} - -2017-07-09 20:42:45 tweet readOne with user tobkle is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "596279254c57819cb42922cc") -} - -2017-07-09 20:42:45 removeUser delete with user tobkle is authorized -2017-07-09 20:42:45 removed user 596279254c57819cb42922cc. -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "596279254c57819cb42922cc") { - username - bio - role - } -} - -2017-07-09 20:42:45 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-07-09 20:42:45 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-07-09 20:42:45 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:42:45 ERROR Authorization: Not authorized to update in update user. -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-07-09 20:42:45 ERROR Authorization: Not authorized to delete in removeUser. -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 20:42:45 ERROR Authorization: Not authorized to create in insert tweet. -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 20:42:45 tweet readOne with user is authorized -2017-07-09 20:42:45 ERROR Authorization: Not authorized to readOne in author. -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:42:45 tweet getOneById in updateById for docBefore readOne with user is authorized -2017-07-09 20:42:45 ERROR Authorization: Not authorized to update in update tweet. -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:42:45 tweet getOneById in updateById for docBefore readOne with user is authorized -2017-07-09 20:42:45 ERROR Authorization: Not authorized to update in update tweet. -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-07-09 20:42:45 ERROR Authorization: Not authorized to delete in removeTweet. -2017-07-09 20:42:45 tweet getOneById in removeById for docBefore readOne with user is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { - id - role - } -} - -2017-07-09 20:42:45 insert user create with user stubailo is authorized -2017-07-09 20:42:45 inserted user 596279254c57819cb42922d0. -2017-07-09 20:42:45 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "user", id: "596279254c57819cb42922d0", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-07-09 20:42:45 authQuery: { - "$or": [] -} -2017-07-09 20:42:45 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "user", id: "596279254c57819cb42922d0", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "_id": "596279254c57819cb42922d0" - } - ] -} -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "user", id: "596279254c57819cb42922d0", -Operation: "", variables: "", -Query: -{ - user(id: "596279254c57819cb42922d0") { - username - } -} - -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "_id": "596279254c57819cb42922d0" - } - ] -} -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "user", id: "596279254c57819cb42922d0", -Operation: "", variables: "", -Query: -{ - user(id: "596279254c57819cb42922d0") { - username - role - } -} - -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "_id": "596279254c57819cb42922d0" - } - ] -} -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "user", id: "596279254c57819cb42922d0", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "_id": "596279254c57819cb42922d0" - } - ] -} -2017-07-09 20:42:45 ERROR Not authorized to update field "role" -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "user", id: "596279254c57819cb42922d0", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596279254c57819cb42922d0", input: {username: "tobkle", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "_id": "596279254c57819cb42922d0" - } - ] -} -2017-07-09 20:42:45 updated user 596279254c57819cb42922d0. -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "_id": "596279254c57819cb42922d0" - } - ] -} -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "user", id: "596279254c57819cb42922d0", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596279254c57819cb42922d0", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "_id": "596279254c57819cb42922d0" - } - ] -} -2017-07-09 20:42:45 ERROR Not authorized to update field "role" -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "user", id: "596279254c57819cb42922d0", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "_id": "596279254c57819cb42922d0" - } - ] -} -2017-07-09 20:42:45 ERROR remove user failed for finalQuery: { - "_id": "583291a1638566b3c5a92ca1", - "$or": [ - { - "_id": "596279254c57819cb42922d0" - } - ] -} -2017-07-09 20:42:45 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "user", id: "596279254c57819cb42922d0", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "596279254c57819cb42922d0", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "authorId": "596279254c57819cb42922d0" - } - ] -} -2017-07-09 20:42:45 inserted tweet 596279254c57819cb42922d1. -2017-07-09 20:42:45 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "user", id: "596279254c57819cb42922d0", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "authorId": "596279254c57819cb42922d0" - } - ] -} -2017-07-09 20:42:45 ERROR Not authorized to insert tweet -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "user", id: "596279254c57819cb42922d0", -Operation: "", variables: "", -Query: -{ - tweet(id: "596279254c57819cb42922d1") { - author { - id - } - body - } -} - -2017-07-09 20:42:45 tweet readOne with user tobkle is authorized -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "_id": "596279254c57819cb42922d0" - } - ] -} -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "user", id: "596279254c57819cb42922d0", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 20:42:45 tweet readOne with user tobkle is authorized -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "_id": "596279254c57819cb42922d0" - } - ] -} -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "user", id: "596279254c57819cb42922d0", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "596279254c57819cb42922d1", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:42:45 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "authorId": "596279254c57819cb42922d0" - }, - { - "coauthorsIds": "596279254c57819cb42922d0" - } - ] -} -2017-07-09 20:42:45 updated tweet 596279254c57819cb42922d1. -2017-07-09 20:42:45 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "user", id: "596279254c57819cb42922d0", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:42:45 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "authorId": "596279254c57819cb42922d0" - }, - { - "coauthorsIds": "596279254c57819cb42922d0" - } - ] -} -2017-07-09 20:42:45 ERROR update tweet failed finalQuery: { - "_id": "583676d3618530145474e352", - "$or": [ - { - "authorId": "596279254c57819cb42922d0" - }, - { - "coauthorsIds": "596279254c57819cb42922d0" - } - ] -} -2017-07-09 20:42:45 ERROR update tweet failed for docToUpdate: { - "$set": { - "body": "This is a modified test tweet", - "updatedAt": 1499625765665, - "updatedById": "596279254c57819cb42922d0" - } -} -2017-07-09 20:42:45 ERROR update tweet not possible for 583676d3618530145474e352. -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "user", id: "596279254c57819cb42922d0", -Operation: "", variables: "", -Query: -{ - tweet(id: "596279254c57819cb42922d1") { - body - } -} - -2017-07-09 20:42:45 tweet readOne with user tobkle is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "user", id: "596279254c57819cb42922d0", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "596279254c57819cb42922d1") -} - -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "authorId": "596279254c57819cb42922d0" - } - ] -} -2017-07-09 20:42:45 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 20:42:45 removed tweet 596279254c57819cb42922d1. -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "user", id: "596279254c57819cb42922d0", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "authorId": "596279254c57819cb42922d0" - } - ] -} -2017-07-09 20:42:45 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 20:42:45 ERROR remove tweet failed for finalQuery: { - "_id": "583676d3618530145474e352", - "$or": [ - { - "authorId": "596279254c57819cb42922d0" - } - ] -} -2017-07-09 20:42:45 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "user", id: "596279254c57819cb42922d0", -Operation: "", variables: "", -Query: -{ - tweet(id: "596279254c57819cb42922d1") { - body - } -} - -2017-07-09 20:42:45 tweet readOne with user tobkle is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "user", id: "596279254c57819cb42922d0", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "596279254c57819cb42922d0") -} - -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "_id": "596279254c57819cb42922d0" - } - ] -} -2017-07-09 20:42:45 removed user 596279254c57819cb42922d0. -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "596279254c57819cb42922d0") { - username - bio - role - } -} - -2017-07-09 20:42:45 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { - id - role - } -} - -2017-07-09 20:42:45 insert user create with user stubailo is authorized -2017-07-09 20:42:45 inserted user 596279254c57819cb42922d2. -2017-07-09 20:42:45 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "editor", id: "596279254c57819cb42922d2", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-07-09 20:42:45 authQuery: { - "$or": [] -} -2017-07-09 20:42:45 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "editor", id: "596279254c57819cb42922d2", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "_id": "596279254c57819cb42922d2" - } - ] -} -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "editor", id: "596279254c57819cb42922d2", -Operation: "", variables: "", -Query: -{ - user(id: "596279254c57819cb42922d2") { - username - role - } -} - -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "_id": "596279254c57819cb42922d2" - } - ] -} -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "editor", id: "596279254c57819cb42922d2", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "_id": "596279254c57819cb42922d2" - } - ] -} -2017-07-09 20:42:45 ERROR Not authorized to update field "role" -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "editor", id: "596279254c57819cb42922d2", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596279254c57819cb42922d2", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "_id": "596279254c57819cb42922d2" - } - ] -} -2017-07-09 20:42:45 updated user 596279254c57819cb42922d2. -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "_id": "596279254c57819cb42922d2" - } - ] -} -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tmeasday", role: "editor", id: "596279254c57819cb42922d2", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596279254c57819cb42922d2", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "_id": "596279254c57819cb42922d2" - } - ] -} -2017-07-09 20:42:45 ERROR Not authorized to update field "role" -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tmeasday", role: "editor", id: "596279254c57819cb42922d2", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "_id": "596279254c57819cb42922d2" - } - ] -} -2017-07-09 20:42:45 ERROR remove user failed for finalQuery: { - "_id": "583291a1638566b3c5a92ca1", - "$or": [ - { - "_id": "596279254c57819cb42922d2" - } - ] -} -2017-07-09 20:42:45 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tmeasday", role: "editor", id: "596279254c57819cb42922d2", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "596279254c57819cb42922d2", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "authorId": "596279254c57819cb42922d2" - } - ] -} -2017-07-09 20:42:45 inserted tweet 596279254c57819cb42922d3. -2017-07-09 20:42:45 pubsub tweetInserted readOne with user tmeasday is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tmeasday", role: "editor", id: "596279254c57819cb42922d2", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "authorId": "596279254c57819cb42922d2" - } - ] -} -2017-07-09 20:42:45 ERROR Not authorized to insert tweet -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tmeasday", role: "editor", id: "596279254c57819cb42922d2", -Operation: "", variables: "", -Query: -{ - tweet(id: "596279254c57819cb42922d3") { - author { - id - } - body - } -} - -2017-07-09 20:42:45 tweet readOne with user tmeasday is authorized -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "_id": "596279254c57819cb42922d2" - } - ] -} -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tmeasday", role: "editor", id: "596279254c57819cb42922d2", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 20:42:45 tweet readOne with user tmeasday is authorized -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "_id": "596279254c57819cb42922d2" - } - ] -} -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tmeasday", role: "editor", id: "596279254c57819cb42922d2", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "596279254c57819cb42922d3", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:42:45 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "authorId": "596279254c57819cb42922d2" - }, - { - "coauthorsIds": "596279254c57819cb42922d2" - } - ] -} -2017-07-09 20:42:45 updated tweet 596279254c57819cb42922d3. -2017-07-09 20:42:45 pubsub tweetUpdated readOne with user tmeasday is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tmeasday", role: "editor", id: "596279254c57819cb42922d2", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:42:45 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "authorId": "596279254c57819cb42922d2" - }, - { - "coauthorsIds": "596279254c57819cb42922d2" - } - ] -} -2017-07-09 20:42:45 ERROR update tweet failed finalQuery: { - "_id": "583676d3618530145474e352", - "$or": [ - { - "authorId": "596279254c57819cb42922d2" - }, - { - "coauthorsIds": "596279254c57819cb42922d2" - } - ] -} -2017-07-09 20:42:45 ERROR update tweet failed for docToUpdate: { - "$set": { - "body": "This is a modified test tweet", - "updatedAt": 1499625765847, - "updatedById": "596279254c57819cb42922d2" - } -} -2017-07-09 20:42:45 ERROR update tweet not possible for 583676d3618530145474e352. -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tmeasday", role: "editor", id: "596279254c57819cb42922d2", -Operation: "", variables: "", -Query: -{ - tweet(id: "596279254c57819cb42922d3") { - body - } -} - -2017-07-09 20:42:45 tweet readOne with user tmeasday is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tmeasday", role: "editor", id: "596279254c57819cb42922d2", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "596279254c57819cb42922d3") -} - -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "authorId": "596279254c57819cb42922d2" - } - ] -} -2017-07-09 20:42:45 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized -2017-07-09 20:42:45 removed tweet 596279254c57819cb42922d3. -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tmeasday", role: "editor", id: "596279254c57819cb42922d2", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "authorId": "596279254c57819cb42922d2" - } - ] -} -2017-07-09 20:42:45 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized -2017-07-09 20:42:45 ERROR remove tweet failed for finalQuery: { - "_id": "583676d3618530145474e352", - "$or": [ - { - "authorId": "596279254c57819cb42922d2" - } - ] -} -2017-07-09 20:42:45 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tmeasday", role: "editor", id: "596279254c57819cb42922d2", -Operation: "", variables: "", -Query: -{ - tweet(id: "596279254c57819cb42922d3") { - body - } -} - -2017-07-09 20:42:45 tweet readOne with user tmeasday is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tmeasday", role: "editor", id: "596279254c57819cb42922d2", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "596279254c57819cb42922d2") -} - -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "_id": "596279254c57819cb42922d2" - } - ] -} -2017-07-09 20:42:45 removed user 596279254c57819cb42922d2. -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "596279254c57819cb42922d2") { - username - bio - role - } -} - -2017-07-09 20:42:45 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 20:46:10 Logger started -2017-07-09 21:06:09 -------------------------------------------------------------------------------- -2017-07-09 21:06:09 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - role - username - } -} - -2017-07-09 21:06:19 user readOne with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - role - username - } -} - -2017-07-09 21:06:19 user readOne with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca2") { - role - username - } -} - -2017-07-09 21:06:19 user readOne with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - id - username - bio - } -} - -2017-07-09 21:06:19 user readOne with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users { - username - createdAt - } -} - -2017-07-09 21:06:19 users readMany with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(limit: 1) { - username - createdAt - } -} - -2017-07-09 21:06:19 users readMany with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993) { - username - createdAt - } -} - -2017-07-09 21:06:19 users readMany with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } -} - -2017-07-09 21:06:19 users readMany with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers { - username - createdAt - } - } -} - -2017-07-09 21:06:19 user readOne with user stubailo is authorized -2017-07-09 21:06:19 followers readMany with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(limit: 1) { - username - createdAt - } - } -} - -2017-07-09 21:06:19 user readOne with user stubailo is authorized -2017-07-09 21:06:19 followers readMany with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-07-09 21:06:19 user readOne with user stubailo is authorized -2017-07-09 21:06:19 followers readMany with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-07-09 21:06:19 user readOne with user stubailo is authorized -2017-07-09 21:06:19 followers readMany with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following { - username - createdAt - } - } -} - -2017-07-09 21:06:19 user readOne with user stubailo is authorized -2017-07-09 21:06:19 following readMany with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(limit: 1) { - username - createdAt - } - } -} - -2017-07-09 21:06:19 user readOne with user stubailo is authorized -2017-07-09 21:06:19 following readMany with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-07-09 21:06:19 user readOne with user stubailo is authorized -2017-07-09 21:06:19 following readMany with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993, limit: 1) { + author { username - createdAt - } - } -} - -2017-07-09 21:06:19 user readOne with user stubailo is authorized -2017-07-09 21:06:19 following readMany with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets { - id - createdAt - } - } -} - -2017-07-09 21:06:19 user readOne with user stubailo is authorized -2017-07-09 21:06:19 tweets readMany with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(limit: 1) { - id - createdAt - } - } -} - -2017-07-09 21:06:19 user readOne with user stubailo is authorized -2017-07-09 21:06:19 tweets readMany with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } - } -} - -2017-07-09 21:06:19 user readOne with user stubailo is authorized -2017-07-09 21:06:19 tweets readMany with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } - } -} - -2017-07-09 21:06:19 user readOne with user stubailo is authorized -2017-07-09 21:06:19 tweets readMany with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked { - id - createdAt - } - } -} - -2017-07-09 21:06:19 user readOne with user stubailo is authorized -2017-07-09 21:06:19 liked readMany with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(limit: 1) { - id - createdAt - } - } -} - -2017-07-09 21:06:19 user readOne with user stubailo is authorized -2017-07-09 21:06:19 liked readMany with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334) { - id - createdAt - } - } -} - -2017-07-09 21:06:19 user readOne with user stubailo is authorized -2017-07-09 21:06:19 liked readMany with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334, limit: 1) { - id - createdAt } } } -2017-07-09 21:06:19 user readOne with user stubailo is authorized -2017-07-09 21:06:19 liked readMany with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -14844,22 +410,11 @@ Query: } } -2017-07-09 21:06:19 tweet readOne with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - author { - username - } - } -} - -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: +2017-07-09 21:12:33 tweet readOne with user stubailo is authorized +2017-07-09 21:12:33 tweet readOne with user stubailo is authorized +2017-07-09 21:12:33 author readOne with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -14870,11 +425,9 @@ Query: } } -2017-07-09 21:06:19 tweets readMany with user stubailo is authorized -2017-07-09 21:06:19 tweet readOne with user stubailo is authorized -2017-07-09 21:06:19 author readOne with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: +2017-07-09 21:12:33 tweets readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -14885,9 +438,9 @@ Query: } } -2017-07-09 21:06:19 tweets readMany with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: +2017-07-09 21:12:33 tweets readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -14898,9 +451,9 @@ Query: } } -2017-07-09 21:06:19 tweets readMany with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: +2017-07-09 21:12:33 tweets readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -14911,9 +464,9 @@ Query: } } -2017-07-09 21:06:19 tweets readMany with user stubailo is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: +2017-07-09 21:12:33 tweets readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -14926,10 +479,10 @@ Query: } } -2017-07-09 21:06:20 tweet readOne with user stubailo is authorized -2017-07-09 21:06:20 likers readMany with user stubailo is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: +2017-07-09 21:12:33 tweet readOne with user stubailo is authorized +2017-07-09 21:12:33 likers readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -14942,10 +495,10 @@ Query: } } -2017-07-09 21:06:20 tweet readOne with user stubailo is authorized -2017-07-09 21:06:20 likers readMany with user stubailo is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: +2017-07-09 21:12:33 tweet readOne with user stubailo is authorized +2017-07-09 21:12:33 likers readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -14958,10 +511,10 @@ Query: } } -2017-07-09 21:06:20 tweet readOne with user stubailo is authorized -2017-07-09 21:06:20 likers readMany with user stubailo is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: +2017-07-09 21:12:33 tweet readOne with user stubailo is authorized +2017-07-09 21:12:33 likers readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -14974,10 +527,10 @@ Query: } } -2017-07-09 21:06:20 tweet readOne with user stubailo is authorized -2017-07-09 21:06:20 likers readMany with user stubailo is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: +2017-07-09 21:12:33 tweet readOne with user stubailo is authorized +2017-07-09 21:12:33 likers readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -14988,12 +541,12 @@ mutation { } } -2017-07-09 21:06:20 insert user create with user stubailo is authorized -2017-07-09 21:06:20 inserted user 59627eac2157d09ddf9d728c. -2017-07-09 21:06:20 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +2017-07-09 21:12:33 insert user create with user stubailo is authorized +2017-07-09 21:12:33 inserted user 596280212157d09ddf9d7294. +2017-07-09 21:12:33 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: +User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", Operation: "", variables: "", Query: mutation { @@ -15002,165 +555,165 @@ mutation { } } -2017-07-09 21:06:20 insert user create with user tobkle is authorized -2017-07-09 21:06:20 inserted user 59627eac2157d09ddf9d728d. -2017-07-09 21:06:20 pubsub userInserted readOne with user tobkle is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +2017-07-09 21:12:33 insert user create with user tobkle is authorized +2017-07-09 21:12:33 inserted user 596280212157d09ddf9d7295. +2017-07-09 21:12:33 pubsub userInserted readOne with user tobkle is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: +User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", Operation: "", variables: "", Query: { - user(id: "59627eac2157d09ddf9d728d") { + user(id: "596280212157d09ddf9d7295") { username bio role } } -2017-07-09 21:06:20 user readOne with user tobkle is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +2017-07-09 21:12:33 user readOne with user tobkle is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: +User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", Operation: "", variables: "", Query: { - user(id: "59627eac2157d09ddf9d728c") { + user(id: "596280212157d09ddf9d7294") { username role } } -2017-07-09 21:06:20 user readOne with user tobkle is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +2017-07-09 21:12:33 user readOne with user tobkle is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: +User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", Operation: "", variables: "", Query: mutation { - updateUser(id: "59627eac2157d09ddf9d728d", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + updateUser(id: "596280212157d09ddf9d7295", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { username bio role } } -2017-07-09 21:06:20 update user update with user tobkle is authorized -2017-07-09 21:06:20 updated user 59627eac2157d09ddf9d728d. -2017-07-09 21:06:20 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +2017-07-09 21:12:33 update user update with user tobkle is authorized +2017-07-09 21:12:33 updated user 596280212157d09ddf9d7295. +2017-07-09 21:12:33 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: +User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", Operation: "", variables: "", Query: mutation { - updateUser(id: "59627eac2157d09ddf9d728c", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + updateUser(id: "596280212157d09ddf9d7294", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { username bio role } } -2017-07-09 21:06:20 update user update with user tobkle is authorized -2017-07-09 21:06:20 updated user 59627eac2157d09ddf9d728c. -2017-07-09 21:06:20 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +2017-07-09 21:12:33 update user update with user tobkle is authorized +2017-07-09 21:12:33 updated user 596280212157d09ddf9d7294. +2017-07-09 21:12:33 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: +User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", Operation: "", variables: "", Query: mutation { - updateUser(id: "59627eac2157d09ddf9d728d", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + updateUser(id: "596280212157d09ddf9d7295", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { username bio role } } -2017-07-09 21:06:20 update user update with user tobkle is authorized -2017-07-09 21:06:20 updated user 59627eac2157d09ddf9d728d. -2017-07-09 21:06:20 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +2017-07-09 21:12:33 update user update with user tobkle is authorized +2017-07-09 21:12:33 updated user 596280212157d09ddf9d7295. +2017-07-09 21:12:33 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: +User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", Operation: "", variables: "", Query: mutation { - updateUser(id: "59627eac2157d09ddf9d728c", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + updateUser(id: "596280212157d09ddf9d7294", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { username bio role } } -2017-07-09 21:06:20 update user update with user tobkle is authorized -2017-07-09 21:06:20 updated user 59627eac2157d09ddf9d728c. -2017-07-09 21:06:20 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "editor", id: "59627eac2157d09ddf9d728c", +2017-07-09 21:12:33 update user update with user tobkle is authorized +2017-07-09 21:12:33 updated user 596280212157d09ddf9d7294. +2017-07-09 21:12:33 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: +User: "tobkle", role: "editor", id: "596280212157d09ddf9d7294", Operation: "", variables: "", Query: mutation { - updateUser(id: "59627eac2157d09ddf9d728c", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + updateUser(id: "596280212157d09ddf9d7294", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { username bio role } } -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:33 authQuery: { "$or": [ { - "_id": "59627eac2157d09ddf9d728c" + "_id": "596280212157d09ddf9d7294" } ] } -2017-07-09 21:06:20 ERROR Not authorized to update field "role" -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "zoltan", role: "admin", id: "59627eac2157d09ddf9d728d", +2017-07-09 21:12:33 ERROR Not authorized to update field "role" +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: +User: "zoltan", role: "admin", id: "596280212157d09ddf9d7295", Operation: "", variables: "", Query: mutation { - updateUser(id: "59627eac2157d09ddf9d728c", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + updateUser(id: "596280212157d09ddf9d7294", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { username bio role } } -2017-07-09 21:06:20 update user update with user zoltan is authorized -2017-07-09 21:06:20 updated user 59627eac2157d09ddf9d728c. -2017-07-09 21:06:20 pubsub userUpdated readOne with user zoltan is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +2017-07-09 21:12:33 update user update with user zoltan is authorized +2017-07-09 21:12:33 updated user 596280212157d09ddf9d7294. +2017-07-09 21:12:33 pubsub userUpdated readOne with user zoltan is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: +User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", Operation: "", variables: "", Query: mutation { - removeUser(id: "59627eac2157d09ddf9d728d") + removeUser(id: "596280212157d09ddf9d7295") } -2017-07-09 21:06:20 removeUser delete with user tobkle is authorized -2017-07-09 21:06:20 removed user 59627eac2157d09ddf9d728d. -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +2017-07-09 21:12:33 removeUser delete with user tobkle is authorized +2017-07-09 21:12:33 removed user 596280212157d09ddf9d7295. +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: +User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", Operation: "", variables: "", Query: mutation { - createTweet(input: {authorId: "59627eac2157d09ddf9d728c", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + createTweet(input: {authorId: "596280212157d09ddf9d7294", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { id } } -2017-07-09 21:06:20 insert tweet create with user tobkle is authorized -2017-07-09 21:06:20 inserted tweet 59627eac2157d09ddf9d728e. -2017-07-09 21:06:20 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +2017-07-09 21:12:33 insert tweet create with user tobkle is authorized +2017-07-09 21:12:33 inserted tweet 596280212157d09ddf9d7296. +2017-07-09 21:12:33 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: +User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", Operation: "", variables: "", Query: mutation { @@ -15169,14 +722,14 @@ mutation { } } -2017-07-09 21:06:20 insert tweet create with user tobkle is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +2017-07-09 21:12:33 insert tweet create with user tobkle is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: +User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", Operation: "", variables: "", Query: { - tweet(id: "59627eac2157d09ddf9d728e") { + tweet(id: "596280212157d09ddf9d7296") { author { id } @@ -15184,13 +737,13 @@ Query: } } -2017-07-09 21:06:20 tweet readOne with user tobkle is authorized -2017-07-09 21:06:20 inserted tweet 59627eac2157d09ddf9d728f. -2017-07-09 21:06:20 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 21:06:20 author readOne with user tobkle is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +2017-07-09 21:12:33 tweet readOne with user tobkle is authorized +2017-07-09 21:12:33 inserted tweet 596280212157d09ddf9d7297. +2017-07-09 21:12:33 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 21:12:33 author readOne with user tobkle is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: +User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", Operation: "", variables: "", Query: { @@ -15202,113 +755,113 @@ Query: } } -2017-07-09 21:06:20 tweet readOne with user tobkle is authorized -2017-07-09 21:06:20 author readOne with user tobkle is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +2017-07-09 21:12:33 tweet readOne with user tobkle is authorized +2017-07-09 21:12:33 author readOne with user tobkle is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: +User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", Operation: "", variables: "", Query: mutation { - updateTweet(id: "59627eac2157d09ddf9d728e", input: {body: "This is a modified test tweet"}) { + updateTweet(id: "596280212157d09ddf9d7296", input: {body: "This is a modified test tweet"}) { body } } -2017-07-09 21:06:20 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 21:06:20 update tweet update with user tobkle is authorized -2017-07-09 21:06:20 updated tweet 59627eac2157d09ddf9d728e. -2017-07-09 21:06:20 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +2017-07-09 21:12:33 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 21:12:33 update tweet update with user tobkle is authorized +2017-07-09 21:12:33 updated tweet 596280212157d09ddf9d7296. +2017-07-09 21:12:33 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", Operation: "", variables: "", Query: mutation { - updateTweet(id: "59627eac2157d09ddf9d728f", input: {body: "This is a modified test tweet"}) { + updateTweet(id: "596280212157d09ddf9d7297", input: {body: "This is a modified test tweet"}) { body } } -2017-07-09 21:06:20 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 21:06:20 update tweet update with user tobkle is authorized -2017-07-09 21:06:20 updated tweet 59627eac2157d09ddf9d728f. -2017-07-09 21:06:20 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +2017-07-09 21:12:34 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 21:12:34 update tweet update with user tobkle is authorized +2017-07-09 21:12:34 updated tweet 596280212157d09ddf9d7297. +2017-07-09 21:12:34 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", Operation: "", variables: "", Query: { - tweet(id: "59627eac2157d09ddf9d728e") { + tweet(id: "596280212157d09ddf9d7296") { body } } -2017-07-09 21:06:20 tweet readOne with user tobkle is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +2017-07-09 21:12:34 tweet readOne with user tobkle is authorized +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", Operation: "", variables: "", Query: mutation { - removeTweet(id: "59627eac2157d09ddf9d728e") + removeTweet(id: "596280212157d09ddf9d7296") } -2017-07-09 21:06:20 removeTweet delete with user tobkle is authorized -2017-07-09 21:06:20 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 21:06:20 removed tweet 59627eac2157d09ddf9d728e. -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +2017-07-09 21:12:34 removeTweet delete with user tobkle is authorized +2017-07-09 21:12:34 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 21:12:34 removed tweet 596280212157d09ddf9d7296. +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", Operation: "", variables: "", Query: mutation { - removeTweet(id: "59627eac2157d09ddf9d728f") + removeTweet(id: "596280212157d09ddf9d7297") } -2017-07-09 21:06:20 removeTweet delete with user tobkle is authorized -2017-07-09 21:06:20 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 21:06:20 removed tweet 59627eac2157d09ddf9d728f. -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +2017-07-09 21:12:34 removeTweet delete with user tobkle is authorized +2017-07-09 21:12:34 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 21:12:34 removed tweet 596280212157d09ddf9d7297. +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", Operation: "", variables: "", Query: { - tweet(id: "59627eac2157d09ddf9d728e") { + tweet(id: "596280212157d09ddf9d7296") { body } } -2017-07-09 21:06:20 tweet readOne with user tobkle is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +2017-07-09 21:12:34 tweet readOne with user tobkle is authorized +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", Operation: "", variables: "", Query: mutation { - removeUser(id: "59627eac2157d09ddf9d728c") + removeUser(id: "596280212157d09ddf9d7294") } -2017-07-09 21:06:20 removeUser delete with user tobkle is authorized -2017-07-09 21:06:20 removed user 59627eac2157d09ddf9d728c. -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: +2017-07-09 21:12:34 removeUser delete with user tobkle is authorized +2017-07-09 21:12:34 removed user 596280212157d09ddf9d7294. +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: { - user(id: "59627eac2157d09ddf9d728c") { + user(id: "596280212157d09ddf9d7294") { username bio role } } -2017-07-09 21:06:20 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: +2017-07-09 21:12:34 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -15318,9 +871,9 @@ mutation { } } -2017-07-09 21:06:20 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: +2017-07-09 21:12:34 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -15332,9 +885,9 @@ Query: } } -2017-07-09 21:06:20 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: +2017-07-09 21:12:34 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -15346,9 +899,9 @@ mutation { } } -2017-07-09 21:06:20 ERROR Authorization: Not authorized to update in update user. -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: +2017-07-09 21:12:34 ERROR Authorization: Not authorized to update in update user. +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -15356,9 +909,9 @@ mutation { removeUser(id: "583291a1638566b3c5a92ca1") } -2017-07-09 21:06:20 ERROR Authorization: Not authorized to delete in removeUser. -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: +2017-07-09 21:12:34 ERROR Authorization: Not authorized to delete in removeUser. +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -15368,8 +921,8 @@ mutation { } } -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -15379,9 +932,9 @@ mutation { } } -2017-07-09 21:06:20 ERROR Authorization: Not authorized to create in insert tweet. -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: +2017-07-09 21:12:34 ERROR Authorization: Not authorized to create in insert tweet. +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -15394,10 +947,10 @@ Query: } } -2017-07-09 21:06:20 tweet readOne with user is authorized -2017-07-09 21:06:20 ERROR Authorization: Not authorized to readOne in author. -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: +2017-07-09 21:12:34 tweet readOne with user is authorized +2017-07-09 21:12:34 ERROR Authorization: Not authorized to readOne in author. +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -15407,10 +960,10 @@ mutation { } } -2017-07-09 21:06:20 tweet getOneById in updateById for docBefore readOne with user is authorized -2017-07-09 21:06:20 ERROR Authorization: Not authorized to update in update tweet. -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: +2017-07-09 21:12:34 tweet getOneById in updateById for docBefore readOne with user is authorized +2017-07-09 21:12:34 ERROR Authorization: Not authorized to update in update tweet. +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -15420,10 +973,10 @@ mutation { } } -2017-07-09 21:06:20 tweet getOneById in updateById for docBefore readOne with user is authorized -2017-07-09 21:06:20 ERROR Authorization: Not authorized to update in update tweet. -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: +2017-07-09 21:12:34 tweet getOneById in updateById for docBefore readOne with user is authorized +2017-07-09 21:12:34 ERROR Authorization: Not authorized to update in update tweet. +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -15431,10 +984,10 @@ mutation { removeTweet(id: "583676d3618530145474e352") } -2017-07-09 21:06:20 ERROR Authorization: Not authorized to delete in removeTweet. -2017-07-09 21:06:20 tweet getOneById in removeById for docBefore readOne with user is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: +2017-07-09 21:12:34 ERROR Authorization: Not authorized to delete in removeTweet. +2017-07-09 21:12:34 tweet getOneById in removeById for docBefore readOne with user is authorized +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -15445,12 +998,12 @@ mutation { } } -2017-07-09 21:06:20 insert user create with user stubailo is authorized -2017-07-09 21:06:20 inserted user 59627eac2157d09ddf9d7290. -2017-07-09 21:06:20 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +2017-07-09 21:12:34 insert user create with user stubailo is authorized +2017-07-09 21:12:34 inserted user 596280222157d09ddf9d7298. +2017-07-09 21:12:34 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", Operation: "", variables: "", Query: mutation { @@ -15459,13 +1012,13 @@ mutation { } } -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 authQuery: { "$or": [] } -2017-07-09 21:06:20 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +2017-07-09 21:12:34 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", Operation: "", variables: "", Query: { @@ -15476,53 +1029,53 @@ Query: } } -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 authQuery: { "$or": [ { - "_id": "59627eac2157d09ddf9d7290" + "_id": "596280222157d09ddf9d7298" } ] } -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", Operation: "", variables: "", Query: { - user(id: "59627eac2157d09ddf9d7290") { + user(id: "596280222157d09ddf9d7298") { username } } -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 authQuery: { "$or": [ { - "_id": "59627eac2157d09ddf9d7290" + "_id": "596280222157d09ddf9d7298" } ] } -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", Operation: "", variables: "", Query: { - user(id: "59627eac2157d09ddf9d7290") { + user(id: "596280222157d09ddf9d7298") { username role } } -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 authQuery: { "$or": [ { - "_id": "59627eac2157d09ddf9d7290" + "_id": "596280222157d09ddf9d7298" } ] } -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", Operation: "", variables: "", Query: mutation { @@ -15533,110 +1086,110 @@ mutation { } } -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 authQuery: { "$or": [ { - "_id": "59627eac2157d09ddf9d7290" + "_id": "596280222157d09ddf9d7298" } ] } -2017-07-09 21:06:20 ERROR Not authorized to update field "role" -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +2017-07-09 21:12:34 ERROR Not authorized to update field "role" +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", Operation: "", variables: "", Query: mutation { - updateUser(id: "59627eac2157d09ddf9d7290", input: {username: "tobkle", bio: "Maker of things, I guess"}) { + updateUser(id: "596280222157d09ddf9d7298", input: {username: "tobkle", bio: "Maker of things, I guess"}) { username bio } } -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 authQuery: { "$or": [ { - "_id": "59627eac2157d09ddf9d7290" + "_id": "596280222157d09ddf9d7298" } ] } -2017-07-09 21:06:20 updated user 59627eac2157d09ddf9d7290. -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 updated user 596280222157d09ddf9d7298. +2017-07-09 21:12:34 authQuery: { "$or": [ { - "_id": "59627eac2157d09ddf9d7290" + "_id": "596280222157d09ddf9d7298" } ] } -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", Operation: "", variables: "", Query: mutation { - updateUser(id: "59627eac2157d09ddf9d7290", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + updateUser(id: "596280222157d09ddf9d7298", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { username bio role } } -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 authQuery: { "$or": [ { - "_id": "59627eac2157d09ddf9d7290" + "_id": "596280222157d09ddf9d7298" } ] } -2017-07-09 21:06:20 ERROR Not authorized to update field "role" -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +2017-07-09 21:12:34 ERROR Not authorized to update field "role" +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", Operation: "", variables: "", Query: mutation { removeUser(id: "583291a1638566b3c5a92ca1") } -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 authQuery: { "$or": [ { - "_id": "59627eac2157d09ddf9d7290" + "_id": "596280222157d09ddf9d7298" } ] } -2017-07-09 21:06:20 ERROR remove user failed for finalQuery: { +2017-07-09 21:12:34 ERROR remove user failed for finalQuery: { "_id": "583291a1638566b3c5a92ca1", "$or": [ { - "_id": "59627eac2157d09ddf9d7290" + "_id": "596280222157d09ddf9d7298" } ] } -2017-07-09 21:06:20 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +2017-07-09 21:12:34 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", Operation: "", variables: "", Query: mutation { - createTweet(input: {authorId: "59627eac2157d09ddf9d7290", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + createTweet(input: {authorId: "596280222157d09ddf9d7298", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { id } } -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 authQuery: { "$or": [ { - "authorId": "59627eac2157d09ddf9d7290" + "authorId": "596280222157d09ddf9d7298" } ] } -2017-07-09 21:06:20 inserted tweet 59627eac2157d09ddf9d7291. -2017-07-09 21:06:20 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +2017-07-09 21:12:34 inserted tweet 596280222157d09ddf9d7299. +2017-07-09 21:12:34 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", Operation: "", variables: "", Query: mutation { @@ -15645,21 +1198,21 @@ mutation { } } -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 authQuery: { "$or": [ { - "authorId": "59627eac2157d09ddf9d7290" + "authorId": "596280222157d09ddf9d7298" } ] } -2017-07-09 21:06:20 ERROR Not authorized to insert tweet -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +2017-07-09 21:12:34 ERROR Not authorized to insert tweet +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", Operation: "", variables: "", Query: { - tweet(id: "59627eac2157d09ddf9d7291") { + tweet(id: "596280222157d09ddf9d7299") { author { id } @@ -15667,17 +1220,17 @@ Query: } } -2017-07-09 21:06:20 tweet readOne with user tobkle is authorized -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 tweet readOne with user tobkle is authorized +2017-07-09 21:12:34 authQuery: { "$or": [ { - "_id": "59627eac2157d09ddf9d7290" + "_id": "596280222157d09ddf9d7298" } ] } -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", Operation: "", variables: "", Query: { @@ -15689,41 +1242,41 @@ Query: } } -2017-07-09 21:06:20 tweet readOne with user tobkle is authorized -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 tweet readOne with user tobkle is authorized +2017-07-09 21:12:34 authQuery: { "$or": [ { - "_id": "59627eac2157d09ddf9d7290" + "_id": "596280222157d09ddf9d7298" } ] } -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", Operation: "", variables: "", Query: mutation { - updateTweet(id: "59627eac2157d09ddf9d7291", input: {body: "This is a modified test tweet"}) { + updateTweet(id: "596280222157d09ddf9d7299", input: {body: "This is a modified test tweet"}) { body } } -2017-07-09 21:06:20 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 21:12:34 authQuery: { "$or": [ { - "authorId": "59627eac2157d09ddf9d7290" + "authorId": "596280222157d09ddf9d7298" }, { - "coauthorsIds": "59627eac2157d09ddf9d7290" + "coauthorsIds": "596280222157d09ddf9d7298" } ] } -2017-07-09 21:06:20 updated tweet 59627eac2157d09ddf9d7291. -2017-07-09 21:06:20 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +2017-07-09 21:12:34 updated tweet 596280222157d09ddf9d7299. +2017-07-09 21:12:34 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", Operation: "", variables: "", Query: mutation { @@ -15732,137 +1285,137 @@ mutation { } } -2017-07-09 21:06:20 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 21:12:34 authQuery: { "$or": [ { - "authorId": "59627eac2157d09ddf9d7290" + "authorId": "596280222157d09ddf9d7298" }, { - "coauthorsIds": "59627eac2157d09ddf9d7290" + "coauthorsIds": "596280222157d09ddf9d7298" } ] } -2017-07-09 21:06:20 ERROR update tweet failed finalQuery: { +2017-07-09 21:12:34 ERROR update tweet failed finalQuery: { "_id": "583676d3618530145474e352", "$or": [ { - "authorId": "59627eac2157d09ddf9d7290" + "authorId": "596280222157d09ddf9d7298" }, { - "coauthorsIds": "59627eac2157d09ddf9d7290" + "coauthorsIds": "596280222157d09ddf9d7298" } ] } -2017-07-09 21:06:20 ERROR update tweet failed for docToUpdate: { +2017-07-09 21:12:34 ERROR update tweet failed for docToUpdate: { "$set": { "body": "This is a modified test tweet", - "updatedAt": 1499627180595, - "updatedById": "59627eac2157d09ddf9d7290" + "updatedAt": 1499627554277, + "updatedById": "596280222157d09ddf9d7298" } } -2017-07-09 21:06:20 ERROR update tweet not possible for 583676d3618530145474e352. -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +2017-07-09 21:12:34 ERROR update tweet not possible for 583676d3618530145474e352. +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", Operation: "", variables: "", Query: { - tweet(id: "59627eac2157d09ddf9d7291") { + tweet(id: "596280222157d09ddf9d7299") { body } } -2017-07-09 21:06:20 tweet readOne with user tobkle is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +2017-07-09 21:12:34 tweet readOne with user tobkle is authorized +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", Operation: "", variables: "", Query: mutation { - removeTweet(id: "59627eac2157d09ddf9d7291") + removeTweet(id: "596280222157d09ddf9d7299") } -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 authQuery: { "$or": [ { - "authorId": "59627eac2157d09ddf9d7290" + "authorId": "596280222157d09ddf9d7298" } ] } -2017-07-09 21:06:20 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 21:06:20 removed tweet 59627eac2157d09ddf9d7291. -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +2017-07-09 21:12:34 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 21:12:34 removed tweet 596280222157d09ddf9d7299. +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", Operation: "", variables: "", Query: mutation { removeTweet(id: "583676d3618530145474e352") } -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 authQuery: { "$or": [ { - "authorId": "59627eac2157d09ddf9d7290" + "authorId": "596280222157d09ddf9d7298" } ] } -2017-07-09 21:06:20 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 21:06:20 ERROR remove tweet failed for finalQuery: { +2017-07-09 21:12:34 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 21:12:34 ERROR remove tweet failed for finalQuery: { "_id": "583676d3618530145474e352", "$or": [ { - "authorId": "59627eac2157d09ddf9d7290" + "authorId": "596280222157d09ddf9d7298" } ] } -2017-07-09 21:06:20 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +2017-07-09 21:12:34 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", Operation: "", variables: "", Query: { - tweet(id: "59627eac2157d09ddf9d7291") { + tweet(id: "596280222157d09ddf9d7299") { body } } -2017-07-09 21:06:20 tweet readOne with user tobkle is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +2017-07-09 21:12:34 tweet readOne with user tobkle is authorized +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", Operation: "", variables: "", Query: mutation { - removeUser(id: "59627eac2157d09ddf9d7290") + removeUser(id: "596280222157d09ddf9d7298") } -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 authQuery: { "$or": [ { - "_id": "59627eac2157d09ddf9d7290" + "_id": "596280222157d09ddf9d7298" } ] } -2017-07-09 21:06:20 removed user 59627eac2157d09ddf9d7290. -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: +2017-07-09 21:12:34 removed user 596280222157d09ddf9d7298. +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: { - user(id: "59627eac2157d09ddf9d7290") { + user(id: "596280222157d09ddf9d7298") { username bio role } } -2017-07-09 21:06:20 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: +2017-07-09 21:12:34 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -15873,12 +1426,12 @@ mutation { } } -2017-07-09 21:06:20 insert user create with user stubailo is authorized -2017-07-09 21:06:20 inserted user 59627eac2157d09ddf9d7292. -2017-07-09 21:06:20 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "editor", id: "59627eac2157d09ddf9d7292", +2017-07-09 21:12:34 insert user create with user stubailo is authorized +2017-07-09 21:12:34 inserted user 596280222157d09ddf9d729a. +2017-07-09 21:12:34 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "editor", id: "596280222157d09ddf9d729a", Operation: "", variables: "", Query: mutation { @@ -15887,13 +1440,13 @@ mutation { } } -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 authQuery: { "$or": [] } -2017-07-09 21:06:20 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "editor", id: "59627eac2157d09ddf9d7292", +2017-07-09 21:12:34 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "editor", id: "596280222157d09ddf9d729a", Operation: "", variables: "", Query: { @@ -15904,35 +1457,35 @@ Query: } } -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 authQuery: { "$or": [ { - "_id": "59627eac2157d09ddf9d7292" + "_id": "596280222157d09ddf9d729a" } ] } -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "editor", id: "59627eac2157d09ddf9d7292", +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "editor", id: "596280222157d09ddf9d729a", Operation: "", variables: "", Query: { - user(id: "59627eac2157d09ddf9d7292") { + user(id: "596280222157d09ddf9d729a") { username role } } -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 authQuery: { "$or": [ { - "_id": "59627eac2157d09ddf9d7292" + "_id": "596280222157d09ddf9d729a" } ] } -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "editor", id: "59627eac2157d09ddf9d7292", +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "editor", id: "596280222157d09ddf9d729a", Operation: "", variables: "", Query: mutation { @@ -15943,110 +1496,110 @@ mutation { } } -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 authQuery: { "$or": [ { - "_id": "59627eac2157d09ddf9d7292" + "_id": "596280222157d09ddf9d729a" } ] } -2017-07-09 21:06:20 ERROR Not authorized to update field "role" -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "editor", id: "59627eac2157d09ddf9d7292", +2017-07-09 21:12:34 ERROR Not authorized to update field "role" +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "editor", id: "596280222157d09ddf9d729a", Operation: "", variables: "", Query: mutation { - updateUser(id: "59627eac2157d09ddf9d7292", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { + updateUser(id: "596280222157d09ddf9d729a", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { username bio } } -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 authQuery: { "$or": [ { - "_id": "59627eac2157d09ddf9d7292" + "_id": "596280222157d09ddf9d729a" } ] } -2017-07-09 21:06:20 updated user 59627eac2157d09ddf9d7292. -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 updated user 596280222157d09ddf9d729a. +2017-07-09 21:12:34 authQuery: { "$or": [ { - "_id": "59627eac2157d09ddf9d7292" + "_id": "596280222157d09ddf9d729a" } ] } -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tmeasday", role: "editor", id: "59627eac2157d09ddf9d7292", +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tmeasday", role: "editor", id: "596280222157d09ddf9d729a", Operation: "", variables: "", Query: mutation { - updateUser(id: "59627eac2157d09ddf9d7292", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { + updateUser(id: "596280222157d09ddf9d729a", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { username bio role } } -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 authQuery: { "$or": [ { - "_id": "59627eac2157d09ddf9d7292" + "_id": "596280222157d09ddf9d729a" } ] } -2017-07-09 21:06:20 ERROR Not authorized to update field "role" -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tmeasday", role: "editor", id: "59627eac2157d09ddf9d7292", +2017-07-09 21:12:34 ERROR Not authorized to update field "role" +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tmeasday", role: "editor", id: "596280222157d09ddf9d729a", Operation: "", variables: "", Query: mutation { removeUser(id: "583291a1638566b3c5a92ca1") } -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 authQuery: { "$or": [ { - "_id": "59627eac2157d09ddf9d7292" + "_id": "596280222157d09ddf9d729a" } ] } -2017-07-09 21:06:20 ERROR remove user failed for finalQuery: { +2017-07-09 21:12:34 ERROR remove user failed for finalQuery: { "_id": "583291a1638566b3c5a92ca1", "$or": [ { - "_id": "59627eac2157d09ddf9d7292" + "_id": "596280222157d09ddf9d729a" } ] } -2017-07-09 21:06:20 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tmeasday", role: "editor", id: "59627eac2157d09ddf9d7292", +2017-07-09 21:12:34 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tmeasday", role: "editor", id: "596280222157d09ddf9d729a", Operation: "", variables: "", Query: mutation { - createTweet(input: {authorId: "59627eac2157d09ddf9d7292", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + createTweet(input: {authorId: "596280222157d09ddf9d729a", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { id } } -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 authQuery: { "$or": [ { - "authorId": "59627eac2157d09ddf9d7292" + "authorId": "596280222157d09ddf9d729a" } ] } -2017-07-09 21:06:20 inserted tweet 59627eac2157d09ddf9d7293. -2017-07-09 21:06:20 pubsub tweetInserted readOne with user tmeasday is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tmeasday", role: "editor", id: "59627eac2157d09ddf9d7292", +2017-07-09 21:12:34 inserted tweet 596280222157d09ddf9d729b. +2017-07-09 21:12:34 pubsub tweetInserted readOne with user tmeasday is authorized +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tmeasday", role: "editor", id: "596280222157d09ddf9d729a", Operation: "", variables: "", Query: mutation { @@ -16055,21 +1608,21 @@ mutation { } } -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 authQuery: { "$or": [ { - "authorId": "59627eac2157d09ddf9d7292" + "authorId": "596280222157d09ddf9d729a" } ] } -2017-07-09 21:06:20 ERROR Not authorized to insert tweet -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tmeasday", role: "editor", id: "59627eac2157d09ddf9d7292", +2017-07-09 21:12:34 ERROR Not authorized to insert tweet +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tmeasday", role: "editor", id: "596280222157d09ddf9d729a", Operation: "", variables: "", Query: { - tweet(id: "59627eac2157d09ddf9d7293") { + tweet(id: "596280222157d09ddf9d729b") { author { id } @@ -16077,17 +1630,17 @@ Query: } } -2017-07-09 21:06:20 tweet readOne with user tmeasday is authorized -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 tweet readOne with user tmeasday is authorized +2017-07-09 21:12:34 authQuery: { "$or": [ { - "_id": "59627eac2157d09ddf9d7292" + "_id": "596280222157d09ddf9d729a" } ] } -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tmeasday", role: "editor", id: "59627eac2157d09ddf9d7292", +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tmeasday", role: "editor", id: "596280222157d09ddf9d729a", Operation: "", variables: "", Query: { @@ -16099,41 +1652,41 @@ Query: } } -2017-07-09 21:06:20 tweet readOne with user tmeasday is authorized -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 tweet readOne with user tmeasday is authorized +2017-07-09 21:12:34 authQuery: { "$or": [ { - "_id": "59627eac2157d09ddf9d7292" + "_id": "596280222157d09ddf9d729a" } ] } -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tmeasday", role: "editor", id: "59627eac2157d09ddf9d7292", +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tmeasday", role: "editor", id: "596280222157d09ddf9d729a", Operation: "", variables: "", Query: mutation { - updateTweet(id: "59627eac2157d09ddf9d7293", input: {body: "This is a modified test tweet"}) { + updateTweet(id: "596280222157d09ddf9d729b", input: {body: "This is a modified test tweet"}) { body } } -2017-07-09 21:06:20 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized +2017-07-09 21:12:34 authQuery: { "$or": [ { - "authorId": "59627eac2157d09ddf9d7292" + "authorId": "596280222157d09ddf9d729a" }, { - "coauthorsIds": "59627eac2157d09ddf9d7292" + "coauthorsIds": "596280222157d09ddf9d729a" } ] } -2017-07-09 21:06:20 updated tweet 59627eac2157d09ddf9d7293. -2017-07-09 21:06:20 pubsub tweetUpdated readOne with user tmeasday is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tmeasday", role: "editor", id: "59627eac2157d09ddf9d7292", +2017-07-09 21:12:34 updated tweet 596280222157d09ddf9d729b. +2017-07-09 21:12:34 pubsub tweetUpdated readOne with user tmeasday is authorized +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tmeasday", role: "editor", id: "596280222157d09ddf9d729a", Operation: "", variables: "", Query: mutation { @@ -16142,132 +1695,132 @@ mutation { } } -2017-07-09 21:06:20 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized +2017-07-09 21:12:34 authQuery: { "$or": [ { - "authorId": "59627eac2157d09ddf9d7292" + "authorId": "596280222157d09ddf9d729a" }, { - "coauthorsIds": "59627eac2157d09ddf9d7292" + "coauthorsIds": "596280222157d09ddf9d729a" } ] } -2017-07-09 21:06:20 ERROR update tweet failed finalQuery: { +2017-07-09 21:12:34 ERROR update tweet failed finalQuery: { "_id": "583676d3618530145474e352", "$or": [ { - "authorId": "59627eac2157d09ddf9d7292" + "authorId": "596280222157d09ddf9d729a" }, { - "coauthorsIds": "59627eac2157d09ddf9d7292" + "coauthorsIds": "596280222157d09ddf9d729a" } ] } -2017-07-09 21:06:20 ERROR update tweet failed for docToUpdate: { +2017-07-09 21:12:34 ERROR update tweet failed for docToUpdate: { "$set": { "body": "This is a modified test tweet", - "updatedAt": 1499627180803, - "updatedById": "59627eac2157d09ddf9d7292" + "updatedAt": 1499627554467, + "updatedById": "596280222157d09ddf9d729a" } } -2017-07-09 21:06:20 ERROR update tweet not possible for 583676d3618530145474e352. -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tmeasday", role: "editor", id: "59627eac2157d09ddf9d7292", +2017-07-09 21:12:34 ERROR update tweet not possible for 583676d3618530145474e352. +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tmeasday", role: "editor", id: "596280222157d09ddf9d729a", Operation: "", variables: "", Query: { - tweet(id: "59627eac2157d09ddf9d7293") { + tweet(id: "596280222157d09ddf9d729b") { body } } -2017-07-09 21:06:20 tweet readOne with user tmeasday is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tmeasday", role: "editor", id: "59627eac2157d09ddf9d7292", +2017-07-09 21:12:34 tweet readOne with user tmeasday is authorized +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tmeasday", role: "editor", id: "596280222157d09ddf9d729a", Operation: "", variables: "", Query: mutation { - removeTweet(id: "59627eac2157d09ddf9d7293") + removeTweet(id: "596280222157d09ddf9d729b") } -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 authQuery: { "$or": [ { - "authorId": "59627eac2157d09ddf9d7292" + "authorId": "596280222157d09ddf9d729a" } ] } -2017-07-09 21:06:20 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized -2017-07-09 21:06:20 removed tweet 59627eac2157d09ddf9d7293. -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tmeasday", role: "editor", id: "59627eac2157d09ddf9d7292", +2017-07-09 21:12:34 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized +2017-07-09 21:12:34 removed tweet 596280222157d09ddf9d729b. +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tmeasday", role: "editor", id: "596280222157d09ddf9d729a", Operation: "", variables: "", Query: mutation { removeTweet(id: "583676d3618530145474e352") } -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 authQuery: { "$or": [ { - "authorId": "59627eac2157d09ddf9d7292" + "authorId": "596280222157d09ddf9d729a" } ] } -2017-07-09 21:06:20 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized -2017-07-09 21:06:20 ERROR remove tweet failed for finalQuery: { +2017-07-09 21:12:34 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized +2017-07-09 21:12:34 ERROR remove tweet failed for finalQuery: { "_id": "583676d3618530145474e352", "$or": [ { - "authorId": "59627eac2157d09ddf9d7292" + "authorId": "596280222157d09ddf9d729a" } ] } -2017-07-09 21:06:20 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tmeasday", role: "editor", id: "59627eac2157d09ddf9d7292", +2017-07-09 21:12:34 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tmeasday", role: "editor", id: "596280222157d09ddf9d729a", Operation: "", variables: "", Query: { - tweet(id: "59627eac2157d09ddf9d7293") { + tweet(id: "596280222157d09ddf9d729b") { body } } -2017-07-09 21:06:20 tweet readOne with user tmeasday is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tmeasday", role: "editor", id: "59627eac2157d09ddf9d7292", +2017-07-09 21:12:34 tweet readOne with user tmeasday is authorized +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tmeasday", role: "editor", id: "596280222157d09ddf9d729a", Operation: "", variables: "", Query: mutation { - removeUser(id: "59627eac2157d09ddf9d7292") + removeUser(id: "596280222157d09ddf9d729a") } -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 authQuery: { "$or": [ { - "_id": "59627eac2157d09ddf9d7292" + "_id": "596280222157d09ddf9d729a" } ] } -2017-07-09 21:06:20 removed user 59627eac2157d09ddf9d7292. -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: +2017-07-09 21:12:34 removed user 596280222157d09ddf9d729a. +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: { - user(id: "59627eac2157d09ddf9d7292") { + user(id: "596280222157d09ddf9d729a") { username bio role } } -2017-07-09 21:06:20 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 21:12:34 ERROR Authorization: Not authorized to readOne in user. From e98a4128e595d238a6cbfe82472174fdcfc62a1f Mon Sep 17 00:00:00 2001 From: Tom Coleman Date: Thu, 13 Jul 2017 14:47:00 +1000 Subject: [PATCH 16/69] Pass the logger rather than all the bits it needs --- test/output-app/README.md | 42 ++++++++++++++++++++++++++------------- 1 file changed, 28 insertions(+), 14 deletions(-) diff --git a/test/output-app/README.md b/test/output-app/README.md index ee5c74e..f5278d7 100644 --- a/test/output-app/README.md +++ b/test/output-app/README.md @@ -101,7 +101,7 @@ export default class { this.loaders = (_user = {}, resolver = '') => ({ readOne: new DataLoader(ids => new Promise( async (resolve, reject) => { try { - const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readOne', { User: this.context.User }, resolver); + const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readOne', _user)); const result = await findByIds(this.collection, ids, authQuery); resolve(result); } catch (err) { reject(err); } @@ -120,7 +120,7 @@ async getOneById(id, _user = {}, resolver = 'tweet getOneById') { all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = 'tweet all') { try { const baseQuery = { createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readMany', { User: this.context.User }, resolver); + const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', _user)); const finalQuery = {...baseQuery, ...authQuery}; return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } catch (err){ log.error(err.message); } @@ -145,14 +145,14 @@ export default class Tweet { this.loaders = (_user = {}, resolver = '') => ({ readOne: new DataLoader(ids => new Promise( async (resolve, reject) => { try { - const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readOne', { User: this.context.User }, resolver); + const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readOne', _user)); const result = await findByIds(this.collection, ids, authQuery); resolve(result); } catch (err) { reject(err); } })), // readMany: new DataLoader(ids => new Promise( async (resolve, reject) => { // try { - // const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readMany', { User: this.context.User }, resolver); + // const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', _user)); // const result = await findByIds(this.collection, ids, authQuery); // resolve(result); // } catch (err) { reject(err); } @@ -170,7 +170,7 @@ export default class Tweet { all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = 'tweet all') { try { const baseQuery = { createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readMany', { User: this.context.User }, resolver); + const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', _user)); const finalQuery = {...baseQuery, ...authQuery}; return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } catch (err){ log.error(err.message); } @@ -206,14 +206,14 @@ export default class User { })), readOne: new DataLoader(ids => new Promise( async (resolve, reject) => { try { - const authQuery = queryForRoles(_user, ['admin'], ['_id'], 'readOne', { User: this.context.User }, resolver); + const authQuery = queryForRoles(_user, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'readOne', _user)); const result = await findByIds(this.collection, ids, authQuery); resolve(result); } catch (err) { reject(err); } })), // readMany: new DataLoader(ids => new Promise( async (resolve, reject) => { // try { - // const authQuery = queryForRoles(_user, ['admin'], [], 'readMany', { User: this.context.User }, resolver); + // const authQuery = queryForRoles(_user, ['admin'], [], { User: this.context.User }, authlog(resolver, 'readMany', _user)); // const result = await findByIds(this.collection, ids, authQuery); // resolve(result); // } catch (err) { reject(err); } @@ -244,7 +244,7 @@ export default class User { all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = 'user all') { try { const baseQuery = { createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, ['admin'], [], 'readMany', { User: this.context.User }, resolver); + const authQuery = queryForRoles(_user, ['admin'], [], { User: this.context.User }, authlog(resolver, 'readMany', _user)); const restrictedFields = (Object.keys(authQuery).length === 0) ? {} : { role: 0 }; const finalQuery = {...baseQuery, ...authQuery}; return this.collection.find(finalQuery).sort({ createdAt: 1 }).project(restrictedFields).limit(limit).toArray(); @@ -278,10 +278,10 @@ Use function queryForRoles to generate an authQuery object. It expects the following arguments: ```javascript // creates an authQuery object with additional query arguments, to implement authorization restrictions for mongodb access -export function queryForRoles(user = {}, userRoles = [], docRoles = [], mode = '', { User }, resolver = '') { +export function queryForRoles(user = {}, userRoles = [], docRoles = [], { User }, logger) { // Build query for the case: The logged in user's role is authorized - if (roleAuthorizedForDoc(user, userRoles, docRoles, mode, { User }, resolver)) { + if (roleAuthorizedForDoc(user, userRoles, docRoles, { User }, logger)) { return {}; // empty authQuery means, do operation with no access restrictions } @@ -289,12 +289,12 @@ export function queryForRoles(user = {}, userRoles = [], docRoles = [], mode = ' const query = { $or: [] }; if (loggedIn(user)){ docRoles.forEach(docRole => query.$or.push( { [docRole]: user._id } ) ); - log.debug('authQuery:', JSON.stringify(query, null, 2)); + logger.debug(user, `authQuery: ${JSON.stringify(query, null, 2)}`); if (query.$or.length > 0) return query; } // Not Authorized - throw new Error(`Authorization: Not authorized to ${mode} in ${resolver}.`); + logger.error(user, 'Not authorized'); } ``` @@ -317,11 +317,11 @@ This helper function is used by queryForRoles, and decides, if a user gains the For example: If a user has a field "role" in his user document and it contains the value "admin". So it checks if a user's role is admin, and allows all operations for admins. ```javascript // returns true, if the user's role is authorized for a document -export function roleAuthorizedForDoc(user = {}, userRoles = [], docRoles = [], mode = '', { User }, resolver = ''){ +export function roleAuthorizedForDoc(user = {}, userRoles = [], docRoles = [], { User }, logger){ const role = User.authRole(user); if ( userRoles.includes('world') || role && role !== '' && role !== '' && userRoles.length > 0 && userRoles.includes(role) ) { - log.debug(`${resolver} ${mode} with user ${user.username ? user.username : ''} is authorized`); + logger.debug(user, 'is authorized'); return true; } @@ -394,6 +394,20 @@ export function fieldContainsUserId(docRoleField, userId) { } ``` +### function authlog + +A logging function that understands "resolvers", "modes" and "users". Simple wrapper around whatever logging function we use + +```js +export function authlog(resolver, mode, user) { + const makeMessage = (message) => `${resolver} ${mode} with user ${user.username ? user.username : ''} ${message}`; + return { + debug: (message) => logger.debug(makeMessage(message)), + error: (message) => throw new Error(makeMessage(message)) + }; +} +``` + ### ./resolver/User.js In the resolver interfaces, there are different objects: * the root object "tweet", contains the document fields From f6218041011ba18558412566386dddf619a5d6ef Mon Sep 17 00:00:00 2001 From: Tom Coleman Date: Thu, 13 Jul 2017 14:56:28 +1000 Subject: [PATCH 17/69] Simplify authorized loader. Thoughts here: 1. We only need one authorized loader (for the `readOne` case). 2. We can determine the `authQuery` at initialization time, assuming that a single user will be used for all queries (this is the case). 3. We can have the user at initialization time, although this will require refactoring the way the context is initialized here: https://github.com/tobkle/create-graphql-server/blob/master/skel/server/index.js i. We need to add the models to the context *after* the authentication, i.e. here: https://github.com/tobkle/create-graphql-server/blob/master/skel/server/index.js#L44 ii. This will mean that we need a different reference to the mongo collection in the `passport.authenticate` call. But we can make that work I think, it doesn't really need the proper user collection. --- test/output-app/README.md | 16 ++++++---------- 1 file changed, 6 insertions(+), 10 deletions(-) diff --git a/test/output-app/README.md b/test/output-app/README.md index ee5c74e..4e39e5a 100644 --- a/test/output-app/README.md +++ b/test/output-app/README.md @@ -98,16 +98,12 @@ import { queryForRoles, findByIds } from '../server/authorize'; export default class { constructor(context){ ... - this.loaders = (_user = {}, resolver = '') => ({ - readOne: new DataLoader(ids => new Promise( async (resolve, reject) => { - try { - const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readOne', { User: this.context.User }, resolver); - const result = await findByIds(this.collection, ids, authQuery); - resolve(result); - } catch (err) { reject(err); } - })), - }); - ... + + this.unauthorizedLoader = new DataLoader(ids => findByIds(this.collection, ids)); + + const { user: me, User } = context; + const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readOne', { User }, 'findOneLoader'); + this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); } ... async getOneById(id, _user = {}, resolver = 'tweet getOneById') { From 0e4affa2f4650114be88c08fa4ac45ee1f895671 Mon Sep 17 00:00:00 2001 From: Tobias Klemmer Date: Sun, 16 Jul 2017 11:44:55 +0200 Subject: [PATCH 18/69] handle conflicts --- test/output-app/README.md | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) diff --git a/test/output-app/README.md b/test/output-app/README.md index f5278d7..09a6355 100644 --- a/test/output-app/README.md +++ b/test/output-app/README.md @@ -98,15 +98,12 @@ import { queryForRoles, findByIds } from '../server/authorize'; export default class { constructor(context){ ... - this.loaders = (_user = {}, resolver = '') => ({ - readOne: new DataLoader(ids => new Promise( async (resolve, reject) => { - try { - const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readOne', _user)); - const result = await findByIds(this.collection, ids, authQuery); - resolve(result); - } catch (err) { reject(err); } - })), - }); + + this.unauthorizedLoader = new DataLoader(ids => findByIds(this.collection, ids)); + + const { user: me, User } = context; + const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readOne', { User }, 'findOneLoader'); + this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); ... } ... From e0e6ea90bd409adf301004550dfcd71e2a26159a Mon Sep 17 00:00:00 2001 From: Tobias Klemmer Date: Sun, 16 Jul 2017 12:01:44 +0200 Subject: [PATCH 19/69] applied changes --- test/output-app/README.md | 16 ---------------- 1 file changed, 16 deletions(-) diff --git a/test/output-app/README.md b/test/output-app/README.md index 09a6355..a69f839 100644 --- a/test/output-app/README.md +++ b/test/output-app/README.md @@ -98,9 +98,7 @@ import { queryForRoles, findByIds } from '../server/authorize'; export default class { constructor(context){ ... - this.unauthorizedLoader = new DataLoader(ids => findByIds(this.collection, ids)); - const { user: me, User } = context; const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readOne', { User }, 'findOneLoader'); this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); @@ -147,13 +145,6 @@ export default class Tweet { resolve(result); } catch (err) { reject(err); } })), - // readMany: new DataLoader(ids => new Promise( async (resolve, reject) => { - // try { - // const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', _user)); - // const result = await findByIds(this.collection, ids, authQuery); - // resolve(result); - // } catch (err) { reject(err); } - // })), }); } @@ -208,13 +199,6 @@ export default class User { resolve(result); } catch (err) { reject(err); } })), - // readMany: new DataLoader(ids => new Promise( async (resolve, reject) => { - // try { - // const authQuery = queryForRoles(_user, ['admin'], [], { User: this.context.User }, authlog(resolver, 'readMany', _user)); - // const result = await findByIds(this.collection, ids, authQuery); - // resolve(result); - // } catch (err) { reject(err); } - // })), }); } From 9dcdc22b64663ce16135d6927f5f70974c21b067 Mon Sep 17 00:00:00 2001 From: Tobias Klemmer Date: Mon, 17 Jul 2017 00:30:14 +0200 Subject: [PATCH 20/69] new authorization version from 2017-07-17 --- test/input/User.graphql | 2 +- test/output-app-end-to-end/scripts/JWTs.txt | 49 + .../scripts/generateJWT.js | 3 +- .../test-3-mutations-with-user-role-admin.js | 6 +- .../test-5-mutations-with-user-role-user.js | 6 +- .../test-6-mutations-with-user-role-editor.js | 6 +- test/output-app/README.md | 935 ++++++++-- test/output-app/model/Tweet.js | 100 +- test/output-app/model/User.js | 154 +- test/output-app/model/index.js | 8 +- test/output-app/resolvers/Tweet.js | 40 +- test/output-app/resolvers/User.js | 44 +- test/output-app/schema/User.graphql | 2 +- test/output-app/server/authenticate.js | 12 +- test/output-app/server/authorize.js | 131 +- test/output-app/server/index.js | 15 +- .../server/logs/all-logs-readable.log | 1619 +++++++++++------ 17 files changed, 2180 insertions(+), 952 deletions(-) create mode 100644 test/output-app-end-to-end/scripts/JWTs.txt diff --git a/test/input/User.graphql b/test/input/User.graphql index 8b6259a..fb57e40 100644 --- a/test/input/User.graphql +++ b/test/input/User.graphql @@ -6,7 +6,7 @@ type User ) { - role: String! @authRole("admin") @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) + role: String @authRole("admin") @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) username: String! diff --git a/test/output-app-end-to-end/scripts/JWTs.txt b/test/output-app-end-to-end/scripts/JWTs.txt new file mode 100644 index 0000000..e8f7f53 --- /dev/null +++ b/test/output-app-end-to-end/scripts/JWTs.txt @@ -0,0 +1,49 @@ +{ _id: { '$oid': '583291a1638566b3c5a92ca1' }, + bio: 'tech lead @meteorjs @apollographql', + createdAt: 1479776905993, + followingIds: [ { '$oid': '583291a1638566b3c5a92ca0' } ], + likedIds: + [ { '$oid': '583676d3618530145474e350' }, + { '$oid': '583676d3618530145474e351' } ], + updatedAt: 1479776905993, + username: 'stubailo', + role: 'admin', + createdById: { '$oid': '583291a1638566b3c5a92ca1' }, + updatedById: { '$oid': '583291a1638566b3c5a92ca1' } } +Generated JWT Token for tests: +JWT eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VySWQiOiI1ODMyOTFhMTYzODU2NmIzYzVhOTJjYTEifQ.QaJYP81K7kgB8FVw6bOK7XSZYI6_gn9GCOlDToQcu0Q +###################################### +{ _id: { '$oid': '583291a1638566b3c5a92ca0' }, + bio: 'I build things with @percolatestudio. Author of @discovermeteor. Exploring how to improve user experience through technology, design and performance.', + createdAt: 1479776904993, + followingIds: + [ { '$oid': '583291a1638566b3c5a92ca1' }, + { '$oid': '583291a1638566b3c5a92ca2' } ], + likedIds: + [ { '$oid': '583676d3618530145474e352' }, + { '$oid': '583676d3618530145474e353' }, + { '$oid': '583676d3618530145474e354' } ], + updatedAt: 1479776904993, + username: 'tmeasday', + role: 'editor', + hash: '$2a$10$SeepHv0X3GZfSzl0uqlXmucLsP2VjdI.nuA0UJnmOtEecLSx.RiWe', + createdById: { '$oid': '583291a1638566b3c5a92ca1' }, + updatedById: { '$oid': '583291a1638566b3c5a92ca1' } } +Generated JWT Token for tests: +JWT eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VySWQiOiI1ODMyOTFhMTYzODU2NmIzYzVhOTJjYTAifQ.9Vv99jJ1EyJyp7Q8G09vs7qdjtBicq0UlU4GeNKZ5Dc +###################################### +{ _id: { '$oid': '583291a1638566b3c5a92ca2' }, + bio: 'Co-founder of Parse, now at Facebook. Ex Google search quality, game developer & math contester.', + createdAt: 1479776906993, + followingIds: [ { '$oid': '583291a1638566b3c5a92ca1' } ], + likedIds: + [ { '$oid': '583676d3618530145474e350' }, + { '$oid': '583676d3618530145474e353' } ], + updatedAt: 1479776906993, + username: 'lacker', + role: 'user', + createdById: { '$oid': '583291a1638566b3c5a92ca1' }, + updatedById: { '$oid': '583291a1638566b3c5a92ca1' } } +Generated JWT Token for tests: +JWT eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VySWQiOiI1ODMyOTFhMTYzODU2NmIzYzVhOTJjYTIifQ.qfw1KGMp2tZ28csjYwkkv44SMMh4V0-VSLP3c5iC49Y +###################################### diff --git a/test/output-app-end-to-end/scripts/generateJWT.js b/test/output-app-end-to-end/scripts/generateJWT.js index bfe46ae..5282cb0 100755 --- a/test/output-app-end-to-end/scripts/generateJWT.js +++ b/test/output-app-end-to-end/scripts/generateJWT.js @@ -10,13 +10,12 @@ let arr; while ((arr = re.exec(userFile)) !== null) { let user = JSON.parse(arr[0]); console.log(user); - console.log('------------------------------------'); console.log('Generated JWT Token for tests:'); const payload = { userId: user._id.$oid.toString(), }; const token = jwt.encode(payload, KEY); - console.log(token); + console.log('JWT', token); console.log('######################################'); } diff --git a/test/output-app-end-to-end/test-3-mutations-with-user-role-admin.js b/test/output-app-end-to-end/test-3-mutations-with-user-role-admin.js index 8cd55d0..7724602 100644 --- a/test/output-app-end-to-end/test-3-mutations-with-user-role-admin.js +++ b/test/output-app-end-to-end/test-3-mutations-with-user-role-admin.js @@ -217,7 +217,11 @@ describe('test-3: user with role "admin"', () => { } } `, { - updateUser: null + updateUser: { + bio: 'Maker of things, I guess', + role: 'editor', + username: 'tobkle', + } }, newUser) }); diff --git a/test/output-app-end-to-end/test-5-mutations-with-user-role-user.js b/test/output-app-end-to-end/test-5-mutations-with-user-role-user.js index 1f8e5d1..0e994fb 100644 --- a/test/output-app-end-to-end/test-5-mutations-with-user-role-user.js +++ b/test/output-app-end-to-end/test-5-mutations-with-user-role-user.js @@ -174,7 +174,11 @@ describe('test-5: user with role "user"', () => { } } `, { - updateUser: null + updateUser: { + bio: 'Maker of things, I guess', + role: 'user', + username: 'tobkle', + } }, newUser) }); diff --git a/test/output-app-end-to-end/test-6-mutations-with-user-role-editor.js b/test/output-app-end-to-end/test-6-mutations-with-user-role-editor.js index 9419eeb..cf3b7e5 100644 --- a/test/output-app-end-to-end/test-6-mutations-with-user-role-editor.js +++ b/test/output-app-end-to-end/test-6-mutations-with-user-role-editor.js @@ -163,7 +163,11 @@ describe('test-6: user with role "editor"', () => { } } `, { - updateUser: null + updateUser: { + bio: 'Maker of things, I guess', + role: 'editor', + username: 'tmeasday', + } }, newUser) }); diff --git a/test/output-app/README.md b/test/output-app/README.md index a69f839..6d8b377 100644 --- a/test/output-app/README.md +++ b/test/output-app/README.md @@ -1,7 +1,158 @@ # create-graphql-server - This is a generated create-graphql-server app. +* Authentication: Identifies an user +* Authorization: Defines all actions a user is allowed to perform + +## Implementing Authentication +The authentication is performed in those locations: +* ./server/index.js +* ./model/index.js +* ./server/authenticate.js + +### ./server/index.js +In the server, the database is started, and the UserCollection is defined. That's who the server accesses the user documents in the database. + +In ```js authenticate(app, UserCollection)``` the authentication is prepared and processed. Later if a user sends a 'graphql' request, the user is determined with ```js passport.authenticate(...)```. After that, the user is whether an anonymous user or an authenticated user. You find the identified user in the object "me". Then the type models have to be initialized with the user "me" authorizations: ```js req.context = addModelsToContext({... me ...})```. + +```javascript +... +async function startServer() { + log.info('Logger started'); + + const db = await MongoClient.connect(MONGO_URL); + const UserCollection = db.collection('user'); + + const app = express().use('*', cors()); + app.use(bodyParser.urlencoded({ extended: true })); + app.use(bodyParser.json()); + app.use(morgan("dev", { "stream": stream })); + + authenticate(app, UserCollection); + + app.use('/graphql', (req, res, next) => { + passport.authenticate('jwt', { session: false }, (err, me) => { + req.context = addModelsToContext({ db, pubsub, me, UserCollection }); + graphqlExpress(() => { + // Get the query, the same way express-graphql does it + // https://github.com/graphql/express-graphql/blob/3fa6e68582d6d933d37fa9e841da5d2aa39261cd/src/index.js#L257 + const {variables, operationName} = req.body; + const {_id, username, role} = me; + const query = req.query.query || req.body.query; + log.debug('-'.repeat(80)); + log.debug(`Request:\nUser: "${(username) ? username: ''}", role: "${(role) ? role : ''}", id: "${(_id) ? _id : ''}",\nOperation: "${operationName ? operationName : ''}", variables: "${variables ? JSON.stringify(variables) : ''}",\nQuery:\n${print(parse(query))}`); + if (query && query.length > 4000) { + // None of our app's queries are this long + // Probably indicates someone trying to send an overly expensive query + log.error('Query too large.'); + throw new Error('Query too large.'); + } + return { + schema, + context: Object.assign({ me }, req.context), + debug: true, + // formatError(e) { console.log(e) }, + }; + })(req, res, next); + })(req, res, next); + }); + ... +} +``` + +### ./model/index.js +If there is a User model generated, then we load it as the first model. It defines the model, which will be used in the other models as well, to perform the authorization checks. + +```javascript +const models = {}; + +export default function addModelsToContext(context) { + const newContext = Object.assign({}, context); + + // User model has to be first, to initialize the other models with correct authorizations + if (models['User']){ + newContext['User'] = new models['User'](newContext); + } + + Object.keys(models).forEach((key) => { + if (key !== 'User') newContext[key] = new models[key](newContext); + }); + return newContext; +} + +import Tweet from './Tweet'; +models.Tweet = Tweet; + +import User from './User'; +models.User = User; +``` + +### ./server/authenticate.js +Here the real identification of an user is performed. After a user requested a '/login' with user and password. The user's email is searched in the database. If it is there, it checks if the user's encrypted hash is equal to the encrypted password, if so, a user is identified and a JWT token is generated and transfered back to the requesting user. With all the next requests of that user, he sends an header like... +```javacript +authorization JWT calculated.JWT.token +``` +This JWT token is decrypted with an internal secret KEY to get the user id. This user is then read from the cache/database within userFromPayload and returned to the request as the user object "me", which is then used in all "/graphql" calls. + +```javascript +import passport from 'passport'; +import { Strategy, ExtractJwt } from 'passport-jwt'; +import jwt from 'jwt-simple'; +import { ObjectId } from 'mongodb'; +import nodeify from 'nodeify'; +import bcrypt from 'bcrypt'; +import DataLoader from 'dataloader'; +import { findByIds } from './authorize'; + +const KEY = 'test-key'; +let Loader; + +async function userFromPayload(request, jwtPayload) { + if (!jwtPayload.userId) { + throw new Error('No userId in JWT'); + } + return await Loader.load(ObjectId(jwtPayload.userId)); +} + +passport.use(new Strategy({ + jwtFromRequest: ExtractJwt.fromAuthHeader(), + secretOrKey: KEY, + passReqToCallback: true, +}, (request, jwtPayload, done) => { + nodeify(userFromPayload(request, jwtPayload), done); +})); + +export default function addPassport(app, User) { + Loader = new DataLoader(ids => findByIds(User, ids)); + + app.use(passport.initialize()); + + app.post('/login', async (req, res, next) => { + try { + const { email, password } = req.body; + + if (!email || !password) { + throw new Error('Username or password not set on request'); + } + + const user = await User.findOne({ email }); + if (!user || !(await bcrypt.compare(password, user.hash))) { + throw new Error('User not found matching email/password combination'); + } + + const payload = { + userId: user._id.toString(), + }; + + const token = jwt.encode(payload, KEY); + res.json({ token }); + } catch (e) { + next(e); + } + }); +} +``` + ## Implementing Authorizations Use the @authorize directive in a \.graphql input file, to define which authorizations should be generated by create-graphql-server. You can define user-roles and document-roles to control authorizations. @@ -51,7 +202,7 @@ type User ) { - role: String! @authRole("admin") @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) + role: String @authRole("admin") @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) username: String! @@ -77,7 +228,7 @@ This has the following meaning: Here we use also the @authorize directive on field level for the field role: ```javascript ... -role: String! @authRole("admin") @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) +role: String @authRole("admin") @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) ... ``` This adds additional authorization checks on the field level just for this field "role". @@ -90,6 +241,7 @@ In this case it checks: Use create-graphql-server cli to generate the according schema, resolver, model files with the create-graphql-server command line interface. After its generation, you will find the generated files in the sub folders: schema, resolvers, model folders. The generated model files will use the following functions to implement the authorization logic. ### model.js +This is an example of a database model of type . ```javascript import DataLoader from 'dataloader'; @@ -97,25 +249,39 @@ import { queryForRoles, findByIds } from '../server/authorize'; export default class { constructor(context){ - ... - this.unauthorizedLoader = new DataLoader(ids => findByIds(this.collection, ids)); - const { user: me, User } = context; - const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readOne', { User }, 'findOneLoader'); - this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); - ... + ... + const { me, User } = context; + let authQuery; + try { + authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User }, authlog('tweet findOneLoader', 'readOne', me)); + } catch (err) { + log.error(err.message); + authQuery = {_id: false}; + } + this.unauthorizedLoader = new DataLoader(ids => findByIds(this.collection, ids)); + this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); + ... } ... -async getOneById(id, _user = {}, resolver = 'tweet getOneById') { +// used from server calls, without authorization checks, NOT for use in resolvers +async findOneById(id, me = {}, resolver = 'tweet findOneById') { + try { + return await this.unauthorizedLoader.load(id); + } catch (err) { log.error(err.message); } +} + +// used for api calls, with authorization checks, for use in resolvers +async getOneById(id, me = {}, resolver = 'tweet getOneById') { try { - const result = await this.loaders(_user, resolver).readOne.load(id); + const result = await this.authorizedLoader.load(id); return result; } catch (err) { log.error(err.message); } } -all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = 'tweet all') { +all({ lastCreatedAt = 0, limit = 10 }, me, resolver = 'tweet all') { try { const baseQuery = { createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', _user)); + const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); const finalQuery = {...baseQuery, ...authQuery}; return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } catch (err){ log.error(err.message); } @@ -128,120 +294,401 @@ all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = 'tweet all') { generated model file for the above input type Tweet.graphql: this.auth is generated by the @authorize directive. You can see, the directive argument "read" is used to express "readOne" and "readMany" at the same time. Instead you can use "readOne" and "readMany" for fine grained control on read operations, to allow access to just one record or many records. ```javascript -import log from '../server/logger'; +iimport log from '../server/logger'; import DataLoader from 'dataloader'; -import { findByIds, queryForRoles, fieldContainsUserId } from '../server/authorize'; +import { findByIds, queryForRoles, fieldForRoles, fieldContainsUserId, authorizedFields, authlog } from '../server/authorize'; export default class Tweet { constructor(context) { this.context = context; this.collection = context.db.collection('tweet'); this.pubsub = context.pubsub; - this.loaders = (_user = {}, resolver = '') => ({ - readOne: new DataLoader(ids => new Promise( async (resolve, reject) => { - try { - const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readOne', _user)); - const result = await findByIds(this.collection, ids, authQuery); - resolve(result); - } catch (err) { reject(err); } - })), - }); + const { me, User } = context; + let authQuery; + try { + authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User }, authlog('tweet findOneLoader', 'readOne', me)); + } catch (err) { + log.error(err.message); + authQuery = {_id: false}; + } + this.unauthorizedLoader = new DataLoader(ids => findByIds(this.collection, ids)); + this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); } - async getOneById(id, _user = {}, resolver = 'tweet getOneById') { + // used from server calls, without authorization checks, NOT for use in resolvers + async findOneById(id, me = {}, resolver = 'tweet findOneById') { try { - const result = await this.loaders(_user, resolver).readOne.load(id); + return await this.unauthorizedLoader.load(id); + } catch (err) { log.error(err.message); } + } + + // used for api calls, with authorization checks, for use in resolvers + async getOneById(id, me = {}, resolver = 'tweet getOneById') { + try { + const result = await this.authorizedLoader.load(id); return result; } catch (err) { log.error(err.message); } } - all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = 'tweet all') { + all({ lastCreatedAt = 0, limit = 10 }, me, resolver = 'tweet all') { try { const baseQuery = { createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', _user)); + const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); const finalQuery = {...baseQuery, ...authQuery}; return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } catch (err){ log.error(err.message); } } - author(tweet, _user, resolver = 'tweet author') { - return this.context.User.getOneById(tweet.authorId, _user, resolver); + author(tweet, me, resolver = 'tweet author') { + return this.context.User.getOneById(tweet.authorId, me, resolver); + } + + createdBy(tweet, me, resolver = 'tweet createdBy') { + return this.context.User.getOneById(tweet.createdById, me, resolver); + } + + updatedBy(tweet, me, resolver = 'tweet updatedBy') { + return this.context.User.getOneById(tweet.updatedById, me, resolver); + } + + coauthors(tweet, { lastCreatedAt = 0, limit = 10 }, me, resolver = 'tweet coauthors') { + try { + const baseQuery = {_id: { $in: tweet.coauthorsIds }, createdAt: { $gt: lastCreatedAt } }; + const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); + const finalQuery = {...baseQuery, ...authQuery}; + return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + } catch (err){ log.error(err.message); } + } + + likers(tweet, { lastCreatedAt = 0, limit = 10 }, me, resolver = 'tweet likers') { + try { + const baseQuery = {likedIds: tweet._id, createdAt: { $gt: lastCreatedAt } }; + const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); + const finalQuery = {...baseQuery, ...authQuery}; + return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + } catch (err){ log.error(err.message); } + } + + async insert(doc, me, resolver = 'insert tweet') { + try { + let insertedDoc = null; + let docToInsert = Object.assign({}, doc, { + createdAt: Date.now(), + updatedAt: Date.now(), + createdById: (me && me._id) ? me._id : 'unknown', + updatedById: (me && me._id) ? me._id : 'unknown', + }); + + const authQuery = queryForRoles(me, ['admin'], ['authorId'], { User: this.context.User }, authlog(resolver, 'create', me)); + + const docRoleFields = ['authorId'].map(key => ({ [key]: docToInsert[key] }) ); + if (Object.keys(authQuery).length > 0 && !fieldContainsUserId(docRoleFields, me._id)) { + throw new Error('Not authorized to insert tweet'); + } + + const id = (await this.collection.insertOne(docToInsert)).insertedId; + if (!id) { + log.error('insert tweet failed for docToInsert:', JSON.stringify(docToInsert, null, 2)); + throw new Error(`insert tweet not possible for ${id}.`); + } + + log.debug(`inserted tweet ${id}.`); + insertedDoc = this.getOneById(id, me, 'pubsub tweetInserted'); + this.pubsub.publish('tweetInserted', insertedDoc); + return insertedDoc; + + } catch (err){ log.error(err.message); } + } + + async updateById(id, doc, me, resolver = 'update tweet') { + try { + let updatedDoc = null; + const docBefore = await this.getOneById(id, me, 'tweet getOneById in updateById for docBefore'); + let docToUpdate = {$set: Object.assign({}, doc, { + updatedAt: Date.now(), + updatedById: (me && me._id) ? me._id : 'unknown', + })}; + + const baseQuery = {_id: id}; + const authQuery = queryForRoles(me, ['admin'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'update', me)); + + const finalQuery = {...baseQuery, ...authQuery}; + const result = await this.collection.updateOne(finalQuery, docToUpdate); + if (result.result.ok !== 1 || result.result.n !== 1){ + log.error(`update tweet failed finalQuery:`, JSON.stringify(finalQuery, null, 2)); + log.error('update tweet failed for docToUpdate:', JSON.stringify(docToUpdate, null, 2)); + throw new Error(`update tweet not possible for ${id}.`); + } + + log.debug(`updated tweet ${id}.`); + this.unauthorizedLoader.clear(id); + this.authorizedLoader.clear(id); + + updatedDoc = this.getOneById(id, me, 'pubsub tweetUpdated'); + this.pubsub.publish('tweetUpdated', updatedDoc); + return updatedDoc; + + } catch (err){ log.error(err.message); } + } + + async removeById(id, me, resolver = 'remove tweet') { + try { + const docBefore = this.getOneById(id, me, 'tweet getOneById in removeById for docBefore'); + const baseQuery = {_id: id}; + const authQuery = queryForRoles(me, ['admin'], ['authorId'], { User: this.context.User }, authlog(resolver, 'delete', me)); + const finalQuery = {...baseQuery, ...authQuery}; + const result = await this.collection.remove(finalQuery); + + if (result.result.ok !== 1 || result.result.n !== 1){ + log.error(`remove tweet failed for finalQuery:`, JSON.stringify(finalQuery, null, 2)); + throw new Error(`remove tweet not possible for ${id}.`); + } + + log.debug(`removed tweet ${id}.`); + this.unauthorizedLoader.clear(id); + this.authorizedLoader.clear(id); + + this.pubsub.publish('tweetRemoved', id); + return result; + + } catch (err){ log.error(err.message); } } - ... } ``` ### ./model/User.js generated model file for the above input type User.graphql: this.auth is generated by the @authorize directive. Here also with field authorizations. + ```javascript import log from '../server/logger'; import DataLoader from 'dataloader'; -import { findByIds, queryForRoles, fieldContainsUserId } from '../server/authorize'; +import { findByIds, queryForRoles, fieldForRoles, fieldContainsUserId, authorizedFields, authlog } from '../server/authorize'; export default class User { constructor(context) { this.context = context; this.collection = context.db.collection('user'); this.pubsub = context.pubsub; - this._user = {}; - this.loaders = (_user = {}, resolver = '') => ({ - readOneWithoutAuth: new DataLoader(ids => new Promise( async (resolve, reject) => { - try { - const result = await findByIds(this.collection, ids, {}); - resolve(result); - } catch (err) { reject(err); } - })), - readOne: new DataLoader(ids => new Promise( async (resolve, reject) => { - try { - const authQuery = queryForRoles(_user, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'readOne', _user)); - const result = await findByIds(this.collection, ids, authQuery); - resolve(result); - } catch (err) { reject(err); } - })), - }); + const { me } = context; + this.authRole = User.authRole; // otherwise not accessible in queryForRoles + let authQuery; + try { + authQuery = queryForRoles(me, ['admin'], ['_id'], { User }, authlog('user findOneLoader', 'readOne', me)); + } catch (err) { + log.error(err.message); + authQuery = {_id: false}; + } + this.unauthorizedLoader = new DataLoader(ids => findByIds(this.collection, ids)); + this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); } - authRole(user){ - return (user && user.role) ? user.role : ''; + // returns the role of the user + static authRole(user){ + return (user && user.role) ? user.role : null; } // used from server calls, without authorization checks, NOT for use in resolvers - async findOneById(id, _user = {}, resolver = 'user findOneById') { + async findOneById(id, me = {}, resolver = 'user findOneById') { try { - const result = await this.loaders(_user, resolver).readOneWithoutAuth.load(id); - return result; + return await this.unauthorizedLoader.load(id); } catch (err) { log.error(err.message); } } // used for api calls, with authorization checks, for use in resolvers - async getOneById(id, _user = {}, resolver = 'user getOneById') { + async getOneById(id, me = {}, resolver = 'user getOneById') { try { - const result = await this.loaders(_user, resolver).readOne.load(id); - return result; + const result = await this.authorizedLoader.load(id); + // role: @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) + // ===== ====== ==== ======= + return authorizedFields(result, 'role', me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver + 'field "role"', 'readOne', me)); } catch (err) { log.error(err.message); } } - all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = 'user all') { + all({ lastCreatedAt = 0, limit = 10 }, me, resolver = 'user all') { try { const baseQuery = { createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, ['admin'], [], { User: this.context.User }, authlog(resolver, 'readMany', _user)); - const restrictedFields = (Object.keys(authQuery).length === 0) ? {} : { role: 0 }; + const authQuery = queryForRoles(me, ['admin'], [], { User: this.context.User }, authlog(resolver, 'readMany', me)); + // role: @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) + // ===== ====== + let authFields = {}; + authFields = fieldForRoles(authFields, 'role', me, ['admin'], [], { User: this.context.User }, authlog(resolver + 'field "role"', 'readMany', me)); const finalQuery = {...baseQuery, ...authQuery}; - return this.collection.find(finalQuery).sort({ createdAt: 1 }).project(restrictedFields).limit(limit).toArray(); + return this.collection.find(finalQuery).sort({ createdAt: 1 }).project(authFields).limit(limit).toArray(); } catch (err) { log.error(err.message); } } - ... + tweets(user, { minLikes, lastCreatedAt = 0, limit = 10 }, me, resolver = 'user tweets') { + try { + const baseQuery = { + authorId: user._id, + createdAt: { $gt: lastCreatedAt }, + }; + const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); + const finalQuery = {...baseQuery, ...authQuery}; + return this.context.Tweet.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + } catch (err) { log.error(err.message); } + } + + liked(user, { lastCreatedAt = 0, limit = 10 }, me, resolver = 'user liked') { + try { + const baseQuery = { + _id: { $in: user.likedIds }, + createdAt: { $gt: lastCreatedAt }, + }; + const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); + const finalQuery = {...baseQuery, ...authQuery}; + return this.context.Tweet.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + } catch (err) { log.error(err.message); } + } + + following(user, { lastCreatedAt = 0, limit = 10 }, me, resolver = 'user following') { + try { + const baseQuery = { + _id: { $in: user.followingIds || [] }, + createdAt: { $gt: lastCreatedAt }, + }; + const authQuery = queryForRoles(me, ['admin'], [], { User: this.context.User }, authlog(resolver, 'readMany', me)); + // role: @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) + // ====== + let authFields = {}; + authFields = fieldForRoles(authFields, 'role', me, ['admin'], [], { User: this.context.User }, authlog(resolver + 'field "role"', 'readMany', me)); + const finalQuery = {...baseQuery, ...authQuery}; + return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).project(authFields).limit(limit).toArray(); + } catch (err) { log.error(err.message); } + } + + followers(user, { lastCreatedAt = 0, limit = 10 }, me, resolver = 'user followers') { + try { + const baseQuery = { + followingIds: user._id, + createdAt: { $gt: lastCreatedAt }, + }; + const authQuery = queryForRoles(me, ['admin'], [], { User: this.context.User }, authlog(resolver, 'readMany', me)); + // role: @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) + // ====== + let authFields = {}; + authFields = fieldForRoles(authFields, 'role', me, ['admin'], [], { User: this.context.User }, authlog(resolver + 'field "role"', 'readMany', me)); + const finalQuery = {...baseQuery, ...authQuery}; + return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).project(authFields).limit(limit).toArray(); + } catch (err) { log.error(err.message); } + } + + createdBy(user, me, resolver = 'user createdBy') { + return this.context.User.getOneById(user.createdById, me, resolver); + } + + updatedBy(user, me, resolver = 'user updatedBy') { + return this.context.User.getOneById(user.updatedById, me, resolver); + } + + async insert(doc, me, resolver = 'insert user') { + try { + let insertedDoc = null; + let docToInsert = Object.assign({}, doc, { + createdAt: Date.now(), + updatedAt: Date.now(), + createdById: (me && me._id) ? me._id : 'unknown', + updatedById: (me && me._id) ? me._id : 'unknown', + }); + + const authQuery = queryForRoles(me, ['admin'], [], { User: this.context.User }, authlog(resolver, 'create', me)); + // role: @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) + // ===== ====== + docToInsert = authorizedFields(docToInsert, 'role', me, ['admin'], [], { User: this.context.User }, authlog(resolver + 'field "role"', 'create', me)); + + const id = (await this.collection.insertOne(docToInsert)).insertedId; + if (!id) { + log.error('insert user failed for:', JSON.stringify(docToInsert, null, 2)); + throw new Error(`insert user not possible for user ${id}.`); + } + + log.debug(`inserted user ${id}.`); + insertedDoc = this.getOneById(id, me, 'pubsub userInserted'); + this.pubsub.publish('userInserted', insertedDoc); + return insertedDoc; + + } catch (err) { log.error(err.message); } + } + + async updateById(id, doc, me, resolver = 'update user') { + try { + let updatedDoc = null; + const docBefore = await this.findOneById(id, me, 'user findOneById in updateById for docBefore'); + let docToUpdate = {$set: Object.assign({}, doc, { + updatedAt: Date.now(), + updatedById: (me && me._id) ? me._id : 'unknown', + })}; + + const baseQuery = {_id: id}; + const authQuery = queryForRoles(me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'update', me)); + // role: @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) + // ===== ====== + docToUpdate.$set = authorizedFields(docToUpdate.$set, 'role', me, ['admin'], [], { User: this.context.User }, authlog(resolver + 'field "role"', 'update', me)); + + const finalQuery = {...baseQuery, ...authQuery}; + const result = await this.collection.updateOne(finalQuery, docToUpdate); + if (result.result.ok !== 1){ + log.error(`update user failed finalQuery:`, JSON.stringify(finalQuery, null, 2)); + log.error('update user failed for docToUpdate:', JSON.stringify(docToUpdate, null, 2)); + throw new Error(`update user not possible for ${id}.`); + } + + log.debug(`updated user ${id}.`); + this.unauthorizedLoader.clear(id); + this.authorizedLoader.clear(id); + + updatedDoc = this.getOneById(id, me, 'pubsub userUpdated') + this.pubsub.publish('userUpdated', updatedDoc); + return updatedDoc; + + } catch (err) { log.error(err.message); } + } + + async removeById(id, me, resolver = 'remove user') { + try { + const docBefore = await this.findOneById(id, me, 'user findOneById in removeById for docBefore'); + const baseQuery = {_id: id}; + const authQuery = queryForRoles(me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'delete', me)); + const finalQuery = {...baseQuery, ...authQuery}; + const result = await this.collection.remove(finalQuery); + if (result.result.ok !== 1 || result.result.n !== 1){ + log.error(`remove user failed for finalQuery:`, JSON.stringify(finalQuery, null, 2)); + throw new Error(`remove user not possible for ${id}.`); + } + + log.debug(`removed user ${id}.`); + this.unauthorizedLoader.clear(id); + this.authorizedLoader.clear(id); + + this.pubsub.publish('userRemoved', id); + return result; + + } catch (err) { log.error(err.message); } + } } ``` +### function authlog +A logging function that understands "resolvers", "modes" and "users". Simple wrapper around whatever logging function we use. + +```javascript +// central logger for authorization checks +export function authlog(resolver = '', mode = '', me = {}) { + const makeMessage = (message) => `Authorize ${mode} "${resolver}" with user "${me.username ? me.username : ''}" ${message}`; + return { + debug: (message) => log.debug(makeMessage(message)), + error: (message) => {throw new Error(makeMessage(message))}, + }; +} +``` ### function findByIds This is an extended version of [mongo-find-by-ids](https://github.com/tmeasday/mongo-find-by-ids). The enhancement is only to provide an additional authQuery object, to extend the query to meet additional authorizations. ```javascript -// enhanced version of tmeasday's findByIds plus authQuery handling +// returns the record, cached if already read, checks authorization if set +// enhancement of tmeasday'findByIds export function findByIds(collection, ids = [], authQuery) { const baseQuery = { _id: { $in: ids } }; const finalQuery = {...baseQuery, ...authQuery}; @@ -253,29 +700,159 @@ export function findByIds(collection, ids = [], authQuery) { } ``` +### function loggedIn +Use function loggedIn, to check if a user is logged in. + +```javascript +// returns true, if user is logged in +export function loggedIn(me) { + if(me && me._id && me._id.toString() !== '') { + return true; + } + return false; +} +``` + +### function fieldAuthorized +User function fieldAuthorized, to check, if a user is allowed to access a specific field e.g. field "role" in the User model. + +```javascript +// returns true, if authorized to get field +// returns false, if NOT authorized to get field +export function fieldAuthorized(me = {}, userRoles = [], docRoles = [], { User }, logger){ + // The logged in user's role is authorized for the field + if (roleAuthorizedForDoc(me, userRoles, docRoles, { User }, logger)) { + return true; + } + // The user might be listed in any document field + if (loggedIn(me) && docRoles.length > 0){ + return true; + } + return false; +} +``` + +### function fieldForRoles +Use function fieldForRoles to prepare an authField object, which can be used in db calls, to get only those fields, the user is allowed to access. Use it like... + +```javascript +const authField = fieldForRoles(...) +this.collection.find(finalQuery).sort({ createdAt: 1 }).project(authFields).limit(limit).toArray(); +``` + + +```javascript +// returns a projection query of fields not to be shown, e.g. { role: 0 } +export function fieldForRoles(projection, field, me = {}, userRoles = [], docRoles = [], { User }, logger){ + const role = User.authRole(me); + // The logged in user's role is authorized for the field + if (roleAuthorizedForDoc(me, userRoles, docRoles, { User }, logger)) { + return projection; + } + // The user is listed in any document field + if (loggedIn(me) && docRoles.length > 0){ + return projection; + } + const authFields = Object.assign({}, { [field]: 0 }, projection); + logger.debug(`and role "${role ? role : ''}" not authorized to access field "${field}".`) + return authFields; +} +``` + +### function authorizedFields +Use function authorizedFields, to filter documents, to contain only the fields, which the user is allowed to access. E.g. pass in a result variable, which can be whether an array of documents or a document. It returns the documents without the field "role", if the user is not allowed to access the field role. + +```javascript +// imports a result (which is document or an array of documents), and returns the result, +// but it removes the field without authorization from documents, +// e.g. field "role" is removed from all result documents, if the user/role is not allowed to access it +export function authorizedFields(result, field, me, userRoles = [], docRoles = [], { User }, logger){ + const role = User.authRole(me) || ''; + + // if any userRole authorizes field + if (roleAuthorizedForDoc(me, userRoles, docRoles, { User }, logger)) { + return result; + } + + // if any docRole authorizes field + // The user is listed in any document field + if (loggedIn(me) && docRoles.length > 0){ + + // if the result was an array of documents, check each doc and field + if (_.isArray(result)){ + const authorizedResult = []; + // check all documents in the result array + result.every(doc => { + let fieldAuthorized = false; + // check all docRoles if any of them authorizes field + docRoles.every(docRole => { + // if one docRole authorizes the field, then fieldAuthorized = true + if (doc[docRole] && fieldContainsUserId(doc[docRole], me._id)){ + fieldAuthorized = true; + } + }); + if (!fieldAuthorized && doc[field]){ + delete doc[field]; + logger.debug(`with role "${role}" field "${field}" removed from document id "${doc._id}". No authorization.`); + } + authorizedResult.push(doc); + }); + return authorizedResult; + } + + // if the result was a document + if (_.isObject(result)){ + // check with all docRoles + let fieldAuthorized = false; + docRoles.every(docRole => { + // if one docRole authorizes the field, then fieldAuthorized = true + if (result[docRole] && fieldContainsUserId(result[docRole], me._id)){ + fieldAuthorized = true; + } + }); + if (!fieldAuthorized && result[field]){ + delete result[field]; + logger.debug(`with role "${role}" field "${field}" removed from document id "${result._id}". No authorization.`); + } + return result; + } + + } + + // not authorized to access field + if (result[field]){ + delete result[field]; + logger.debug(`with role "${role}" field "${field}" removed from document id "${result._id}". No authorization.`); + } + return result; +} +``` + ### function queryForRoles Use function queryForRoles to generate an authQuery object. It expects the following arguments: ```javascript // creates an authQuery object with additional query arguments, to implement authorization restrictions for mongodb access -export function queryForRoles(user = {}, userRoles = [], docRoles = [], { User }, logger) { +export function queryForRoles(me = {}, userRoles = [], docRoles = [], { User }, logger) { + const role = User.authRole(me); // Build query for the case: The logged in user's role is authorized - if (roleAuthorizedForDoc(user, userRoles, docRoles, { User }, logger)) { + if (roleAuthorizedForDoc(me, userRoles, docRoles, { User }, logger)) { return {}; // empty authQuery means, do operation with no access restrictions } // Build query for the case: The user is listed in any document field const query = { $or: [] }; - if (loggedIn(user)){ - docRoles.forEach(docRole => query.$or.push( { [docRole]: user._id } ) ); - logger.debug(user, `authQuery: ${JSON.stringify(query, null, 2)}`); + if (loggedIn(me)){ + docRoles.forEach(docRole => query.$or.push( { [docRole]: me._id } ) ); + logger.debug(`and role: "${role ? role : ''}" with \nauthQuery: ${JSON.stringify(query, null, 2)}`); if (query.$or.length > 0) return query; } // Not Authorized - logger.error(user, 'Not authorized'); + const message = `and role: "${role}" is not authorized.`; + logger.error(message); } ``` @@ -283,26 +860,28 @@ It expects the following arguments with the meanings: * **user:** this is the logged in user object out of the resolver's context * **userRoles:** an array with userRoles, which was generated by the @authorize directives in the .graphql file * **docRoles:** an array with docRoles, which was generated by the @authorize directives in the .graphql file -* **mode:** this is the current mode of operation: - * **create:** insert a record to the database - * **read:** read a record or many records from the database - * **readOne:** read only a single record from the database - * **readMany:** read many records from the the database - * **update:** update a record in the database - * **delete:** remove a record from the database * **User:** User context to access the User model -* **resolver:** this is a string with the resolver's name, optional, only for easier debugging +* **logger:** logging function e.g. authlog(resolver, mode, me) + * **mode:** this is the current mode of operation: + * **create:** insert a record to the database + * **read:** read a record or many records from the database + * **readOne:** read only a single record from the database + * **readMany:** read many records from the the database + * **update:** update a record in the database + * **delete:** remove a record from the database + * **resolver:** this is a string with the resolver's name, optional, only for easier debugging + * **me:** the user object, who is executing the request, and who is checked for authorization ### function roleAuthorizedForDoc This helper function is used by queryForRoles, and decides, if a user gains the authorization by its role. For example: If a user has a field "role" in his user document and it contains the value "admin". So it checks if a user's role is admin, and allows all operations for admins. ```javascript // returns true, if the user's role is authorized for a document -export function roleAuthorizedForDoc(user = {}, userRoles = [], docRoles = [], { User }, logger){ - const role = User.authRole(user); +export function roleAuthorizedForDoc(me = {}, userRoles = [], docRoles = [], { User }, logger){ + const role = User.authRole(me); - if ( userRoles.includes('world') || role && role !== '' && role !== '' && userRoles.length > 0 && userRoles.includes(role) ) { - logger.debug(user, 'is authorized'); + if ( userRoles.includes('world') || role && userRoles.length > 0 && userRoles.includes(role) ) { + logger.debug(`and role "${role ? role : ''}" is authorized`); return true; } @@ -375,89 +954,142 @@ export function fieldContainsUserId(docRoleField, userId) { } ``` -### function authlog - -A logging function that understands "resolvers", "modes" and "users". Simple wrapper around whatever logging function we use - -```js -export function authlog(resolver, mode, user) { - const makeMessage = (message) => `${resolver} ${mode} with user ${user.username ? user.username : ''} ${message}`; - return { - debug: (message) => logger.debug(makeMessage(message)), - error: (message) => throw new Error(makeMessage(message)) - }; -} -``` - ### ./resolver/User.js In the resolver interfaces, there are different objects: * the root object "tweet", contains the document fields * the args object "args", contains arguments from the graphql query/mutation * the context object "Tweet", contains the access to the database model of the Tweet collection -* the context object "_user", contains the current logged in user -if logged in-, which is provided from the server's passport implementation +* the context object "me", contains the current logged in user -if logged in-, which is provided from the server's passport implementation * the last argument in the resolver function is the resolver's name, which is optional and only to enhance the logging in debugging mode by additional information. If you have to analyze authorization outcomes, this helps a lot to figure out, which resolvers authorization rule fired. -```javascript - const resolvers = { - User: { - id(user) { - return user._id; - }, - - createdBy(user, args, { User, _user }) { - return User.createdBy(user, _user, 'createdBy'); - }, - - updatedBy(user, args, { User, _user }) { - return User.updatedBy(user, _user, 'updatedBy'); - }, - - tweets(user, { minLikes, lastCreatedAt, limit }, { User, _user }) { - return User.tweets(user, { minLikes, lastCreatedAt, limit }, _user, 'tweets'); - }, - - liked(user, { lastCreatedAt, limit }, { User, _user }) { - return User.liked(user, { lastCreatedAt, limit }, _user, 'liked'); - }, - following(user, { lastCreatedAt, limit }, { User, _user }) { - return User.following(user, { lastCreatedAt, limit }, _user, 'following'); - }, +```javascript + const resolvers = { + User: { + id(user) { + return user._id; + }, + + createdBy(user, args, { User, me }) { + return User.createdBy(user, me, 'createdBy'); + }, + + updatedBy(user, args, { User, me }) { + return User.updatedBy(user, me, 'updatedBy'); + }, + + tweets(user, { minLikes, lastCreatedAt, limit }, { User, me }) { + return User.tweets(user, { minLikes, lastCreatedAt, limit }, me, 'tweets'); + }, + + liked(user, { lastCreatedAt, limit }, { User, me }) { + return User.liked(user, { lastCreatedAt, limit }, me, 'liked'); + }, + + following(user, { lastCreatedAt, limit }, { User, me }) { + return User.following(user, { lastCreatedAt, limit }, me, 'following'); + }, + + followers(user, { lastCreatedAt, limit }, { User, me }) { + return User.followers(user, { lastCreatedAt, limit }, me, 'followers'); + }, + }, + Query: { + users(root, { lastCreatedAt, limit }, { User, me }) { + return User.all({ lastCreatedAt, limit }, me, 'users'); + }, + + user(root, { id }, { User, me }) { + return User.getOneById(id, me, 'user'); + }, + }, + Mutation: { + async createUser(root, { input }, { User, me }) { + return await User.insert(input, me); + }, + + async updateUser(root, { id, input }, { User, me }) { + return await User.updateById(id, input, me); + }, + + async removeUser(root, { id }, { User, me }) { + return await User.removeById(id, me, 'removeUser'); + }, + }, + Subscription: { + userCreated: user => user, + userUpdated: user => user, + userRemoved: id => id, + }, + }; + + export default resolvers; +``` - followers(user, { lastCreatedAt, limit }, { User, _user }) { - return User.followers(user, { lastCreatedAt, limit }, _user, 'followers'); - }, - }, - Query: { - users(root, { lastCreatedAt, limit }, { User, _user }) { - return User.all({ lastCreatedAt, limit }, _user, 'users'); - }, +### ./resolver/Tweet.js +In the resolver interfaces, there are different objects: +* the root object "tweet", contains the document fields +* the args object "args", contains arguments from the graphql query/mutation +* the context object "Tweet", contains the access to the database model of the Tweet collection +* the context object "me", contains the current logged in user -if logged in-, which is provided from the server's passport implementation +* the last argument in the resolver function is the resolver's name, which is optional and only to enhance the logging in debugging mode by additional information. If you have to analyze authorization outcomes, this helps a lot to figure out, which resolvers authorization rule fired. - user(root, { id }, { User, _user }) { - return User.getOneById(id, _user, 'user'); +```javascript + const resolvers = { + Tweet: { + id(tweet) { + return tweet._id; + }, + + author(tweet, args, { Tweet, me }) { + return Tweet.author(tweet, me, 'author'); + }, + + createdBy(tweet, args, { Tweet, me }) { + return Tweet.createdBy(tweet, me, 'createdBy'); + }, + + updatedBy(tweet, args, { Tweet, me }) { + return Tweet.updatedBy(tweet, me, 'updatedBy'); + }, + + coauthors(tweet, { lastCreatedAt, limit }, { Tweet, me }) { + return Tweet.coauthors(tweet, { lastCreatedAt, limit }, me, 'coauthors'); + }, + + likers(tweet, { lastCreatedAt, limit }, { Tweet, me }) { + return Tweet.likers(tweet, { lastCreatedAt, limit }, me, 'likers'); + }, }, - }, - Mutation: { - async createUser(root, { input }, { User, _user }) { - return await User.insert(input, _user); + Query: { + tweets(root, { lastCreatedAt, limit }, { Tweet, me }) { + return Tweet.all({ lastCreatedAt, limit }, me, 'tweets'); + }, + + tweet(root, { id }, { Tweet, me }) { + return Tweet.getOneById(id, me, 'tweet'); + }, }, - - async updateUser(root, { id, input }, { User, _user }) { - return await User.updateById(id, input, _user); + Mutation: { + async createTweet(root, { input }, { Tweet, me }) { + return await Tweet.insert(input, me); + }, + + async updateTweet(root, { id, input }, { Tweet, me }) { + return await Tweet.updateById(id, input, me); + }, + + async removeTweet(root, { id }, { Tweet, me }) { + return await Tweet.removeById(id, me, 'removeTweet'); + }, }, - - async removeUser(root, { id }, { User, _user }) { - return await User.removeById(id, _user, 'removeUser'); + Subscription: { + tweetCreated: tweet => tweet, + tweetUpdated: tweet => tweet, + tweetRemoved: id => id, }, - }, - Subscription: { - userCreated: user => user, - userUpdated: user => user, - userRemoved: id => id, - }, -}; - -export default resolvers; + }; + export default resolvers; ``` ### Testing @@ -471,9 +1103,10 @@ If you want to test with the http://localhost:3000/graphiql frontend, best downl ```bash brew cask install graphiql ``` -...and generate a JWT token for your test user by running: +...and have a look into the file **./test/output-app-end-to-end/scripts/JWTs.txt**, or generate this file by running: ```bash -babel-node ./test/output-app-end-to-end/scripts/generateJWT.js +cd ./test/output-app-end-to-end/scripts +babel-node ./generateJWT.js > JWTs.txt ``` This generates JWT tokens for the different test users from the ./test/seeds/User.json. Copy the wanted JWT token of the different users, and start the GraphiQL app with the following entries: diff --git a/test/output-app/model/Tweet.js b/test/output-app/model/Tweet.js index 2e936eb..cd02baa 100644 --- a/test/output-app/model/Tweet.js +++ b/test/output-app/model/Tweet.js @@ -1,90 +1,92 @@ import log from '../server/logger'; import DataLoader from 'dataloader'; -import { findByIds, queryForRoles, fieldContainsUserId } from '../server/authorize'; +import { findByIds, queryForRoles, fieldForRoles, fieldContainsUserId, authorizedFields, authlog } from '../server/authorize'; export default class Tweet { constructor(context) { this.context = context; this.collection = context.db.collection('tweet'); this.pubsub = context.pubsub; - this.loaders = (_user = {}, resolver = '') => ({ - readOne: new DataLoader(ids => new Promise( async (resolve, reject) => { - try { - const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readOne', { User: this.context.User }, resolver); - const result = await findByIds(this.collection, ids, authQuery); - resolve(result); - } catch (err) { reject(err); } - })), - // readMany: new DataLoader(ids => new Promise( async (resolve, reject) => { - // try { - // const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readMany', { User: this.context.User }, resolver); - // const result = await findByIds(this.collection, ids, authQuery); - // resolve(result); - // } catch (err) { reject(err); } - // })), - }); + const { me, User } = context; + let authQuery; + try { + authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User }, authlog('tweet findOneLoader', 'readOne', me)); + } catch (err) { + log.error(err.message); + authQuery = {_id: false}; + } + this.unauthorizedLoader = new DataLoader(ids => findByIds(this.collection, ids)); + this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); + } + + // used from server calls, without authorization checks, NOT for use in resolvers + async findOneById(id, me = {}, resolver = 'tweet findOneById') { + try { + return await this.unauthorizedLoader.load(id); + } catch (err) { log.error(err.message); } } - async getOneById(id, _user = {}, resolver = 'tweet getOneById') { + // used for api calls, with authorization checks, for use in resolvers + async getOneById(id, me = {}, resolver = 'tweet getOneById') { try { - const result = await this.loaders(_user, resolver).readOne.load(id); + const result = await this.authorizedLoader.load(id); return result; } catch (err) { log.error(err.message); } } - all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = 'tweet all') { + all({ lastCreatedAt = 0, limit = 10 }, me, resolver = 'tweet all') { try { const baseQuery = { createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readMany', { User: this.context.User }, resolver); + const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); const finalQuery = {...baseQuery, ...authQuery}; return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } catch (err){ log.error(err.message); } } - author(tweet, _user, resolver = 'tweet author') { - return this.context.User.getOneById(tweet.authorId, _user, resolver); + author(tweet, me, resolver = 'tweet author') { + return this.context.User.getOneById(tweet.authorId, me, resolver); } - createdBy(tweet, _user, resolver = 'tweet createdBy') { - return this.context.User.getOneById(tweet.createdById, _user, resolver); + createdBy(tweet, me, resolver = 'tweet createdBy') { + return this.context.User.getOneById(tweet.createdById, me, resolver); } - updatedBy(tweet, _user, resolver = 'tweet updatedBy') { - return this.context.User.getOneById(tweet.updatedById, _user, resolver); + updatedBy(tweet, me, resolver = 'tweet updatedBy') { + return this.context.User.getOneById(tweet.updatedById, me, resolver); } - coauthors(tweet, { lastCreatedAt = 0, limit = 10 }, _user, resolver = 'tweet coauthors') { + coauthors(tweet, { lastCreatedAt = 0, limit = 10 }, me, resolver = 'tweet coauthors') { try { const baseQuery = {_id: { $in: tweet.coauthorsIds }, createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readMany', { User: this.context.User }, resolver); + const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); const finalQuery = {...baseQuery, ...authQuery}; return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } catch (err){ log.error(err.message); } } - likers(tweet, { lastCreatedAt = 0, limit = 10 }, _user, resolver = 'tweet likers') { + likers(tweet, { lastCreatedAt = 0, limit = 10 }, me, resolver = 'tweet likers') { try { const baseQuery = {likedIds: tweet._id, createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readMany', { User: this.context.User }, resolver); + const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); const finalQuery = {...baseQuery, ...authQuery}; return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } catch (err){ log.error(err.message); } } - async insert(doc, _user, resolver = 'insert tweet') { + async insert(doc, me, resolver = 'insert tweet') { try { let insertedDoc = null; let docToInsert = Object.assign({}, doc, { createdAt: Date.now(), updatedAt: Date.now(), - createdById: (_user && _user._id) ? _user._id : 'unknown', - updatedById: (_user && _user._id) ? _user._id : 'unknown', + createdById: (me && me._id) ? me._id : 'unknown', + updatedById: (me && me._id) ? me._id : 'unknown', }); - const authQuery = queryForRoles(_user, ['admin'], ['authorId'], 'create', { User: this.context.User }, resolver); + const authQuery = queryForRoles(me, ['admin'], ['authorId'], { User: this.context.User }, authlog(resolver, 'create', me)); const docRoleFields = ['authorId'].map(key => ({ [key]: docToInsert[key] }) ); - if (Object.keys(authQuery).length > 0 && !fieldContainsUserId(docRoleFields, _user._id)) { + if (Object.keys(authQuery).length > 0 && !fieldContainsUserId(docRoleFields, me._id)) { throw new Error('Not authorized to insert tweet'); } @@ -95,24 +97,24 @@ export default class Tweet { } log.debug(`inserted tweet ${id}.`); - insertedDoc = this.getOneById(id, _user, 'pubsub tweetInserted'); + insertedDoc = this.getOneById(id, me, 'pubsub tweetInserted'); this.pubsub.publish('tweetInserted', insertedDoc); return insertedDoc; } catch (err){ log.error(err.message); } } - async updateById(id, doc, _user, resolver = 'update tweet') { + async updateById(id, doc, me, resolver = 'update tweet') { try { let updatedDoc = null; - const docBefore = await this.getOneById(id, _user, 'tweet getOneById in updateById for docBefore'); + const docBefore = await this.getOneById(id, me, 'tweet getOneById in updateById for docBefore'); let docToUpdate = {$set: Object.assign({}, doc, { updatedAt: Date.now(), - updatedById: (_user && _user._id) ? _user._id : 'unknown', + updatedById: (me && me._id) ? me._id : 'unknown', })}; const baseQuery = {_id: id}; - const authQuery = queryForRoles(_user, ['admin'], ['authorId', 'coauthorsIds'], 'update', { User: this.context.User }, resolver); + const authQuery = queryForRoles(me, ['admin'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'update', me)); const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.updateOne(finalQuery, docToUpdate); @@ -123,21 +125,21 @@ export default class Tweet { } log.debug(`updated tweet ${id}.`); - this.loaders().readOne.clear(id); - // this.loaders().readMany.clear(id); + this.unauthorizedLoader.clear(id); + this.authorizedLoader.clear(id); - updatedDoc = this.getOneById(id, _user, 'pubsub tweetUpdated'); + updatedDoc = this.getOneById(id, me, 'pubsub tweetUpdated'); this.pubsub.publish('tweetUpdated', updatedDoc); return updatedDoc; } catch (err){ log.error(err.message); } } - async removeById(id, _user, resolver = 'remove tweet') { + async removeById(id, me, resolver = 'remove tweet') { try { - const docBefore = this.getOneById(id, _user, 'tweet getOneById in removeById for docBefore'); + const docBefore = this.getOneById(id, me, 'tweet getOneById in removeById for docBefore'); const baseQuery = {_id: id}; - const authQuery = queryForRoles(_user, ['admin'], ['authorId'], 'delete', { User: this.context.User }, resolver); + const authQuery = queryForRoles(me, ['admin'], ['authorId'], { User: this.context.User }, authlog(resolver, 'delete', me)); const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.remove(finalQuery); @@ -147,8 +149,8 @@ export default class Tweet { } log.debug(`removed tweet ${id}.`); - this.loaders().readOne.clear(id); - // this.loaders().readMany.clear(id); + this.unauthorizedLoader.clear(id); + this.authorizedLoader.clear(id); this.pubsub.publish('tweetRemoved', id); return result; diff --git a/test/output-app/model/User.js b/test/output-app/model/User.js index 4e8392f..90902ac 100644 --- a/test/output-app/model/User.js +++ b/test/output-app/model/User.js @@ -1,141 +1,138 @@ import log from '../server/logger'; import DataLoader from 'dataloader'; -import { findByIds, queryForRoles, fieldContainsUserId } from '../server/authorize'; +import { findByIds, queryForRoles, fieldForRoles, fieldContainsUserId, authorizedFields, authlog } from '../server/authorize'; export default class User { constructor(context) { this.context = context; this.collection = context.db.collection('user'); this.pubsub = context.pubsub; - this._user = {}; - this.loaders = (_user = {}, resolver = '') => ({ - readOneWithoutAuth: new DataLoader(ids => new Promise( async (resolve, reject) => { - try { - const result = await findByIds(this.collection, ids, {}); - resolve(result); - } catch (err) { reject(err); } - })), - readOne: new DataLoader(ids => new Promise( async (resolve, reject) => { - try { - const authQuery = queryForRoles(_user, ['admin'], ['_id'], 'readOne', { User: this.context.User }, resolver); - const result = await findByIds(this.collection, ids, authQuery); - resolve(result); - } catch (err) { reject(err); } - })), - // readMany: new DataLoader(ids => new Promise( async (resolve, reject) => { - // try { - // const authQuery = queryForRoles(_user, ['admin'], [], 'readMany', { User: this.context.User }, resolver); - // const result = await findByIds(this.collection, ids, authQuery); - // resolve(result); - // } catch (err) { reject(err); } - // })), - }); + const { me } = context; + this.authRole = User.authRole; // otherwise not accessible in queryForRoles + let authQuery; + try { + authQuery = queryForRoles(me, ['admin'], ['_id'], { User }, authlog('user findOneLoader', 'readOne', me)); + } catch (err) { + log.error(err.message); + authQuery = {_id: false}; + } + this.unauthorizedLoader = new DataLoader(ids => findByIds(this.collection, ids)); + this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); } - authRole(user){ - return (user && user.role) ? user.role : ''; + // returns the role of the user + static authRole(user){ + return (user && user.role) ? user.role : null; } // used from server calls, without authorization checks, NOT for use in resolvers - async findOneById(id, _user = {}, resolver = 'user findOneById') { + async findOneById(id, me = {}, resolver = 'user findOneById') { try { - const result = await this.loaders(_user, resolver).readOneWithoutAuth.load(id); - return result; + return await this.unauthorizedLoader.load(id); } catch (err) { log.error(err.message); } } // used for api calls, with authorization checks, for use in resolvers - async getOneById(id, _user = {}, resolver = 'user getOneById') { + async getOneById(id, me = {}, resolver = 'user getOneById') { try { - const result = await this.loaders(_user, resolver).readOne.load(id); - return result; + const result = await this.authorizedLoader.load(id); + // role: @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) + // ===== ====== ==== ======= + return authorizedFields(result, 'role', me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver + 'field "role"', 'readOne', me)); } catch (err) { log.error(err.message); } } - all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = 'user all') { + all({ lastCreatedAt = 0, limit = 10 }, me, resolver = 'user all') { try { const baseQuery = { createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, ['admin'], [], 'readMany', { User: this.context.User }, resolver); - const restrictedFields = (Object.keys(authQuery).length === 0) ? {} : { role: 0 }; + const authQuery = queryForRoles(me, ['admin'], [], { User: this.context.User }, authlog(resolver, 'readMany', me)); + // role: @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) + // ===== ====== + let authFields = {}; + authFields = fieldForRoles(authFields, 'role', me, ['admin'], [], { User: this.context.User }, authlog(resolver + 'field "role"', 'readMany', me)); const finalQuery = {...baseQuery, ...authQuery}; - return this.collection.find(finalQuery).sort({ createdAt: 1 }).project(restrictedFields).limit(limit).toArray(); + return this.collection.find(finalQuery).sort({ createdAt: 1 }).project(authFields).limit(limit).toArray(); } catch (err) { log.error(err.message); } } - tweets(user, { minLikes, lastCreatedAt = 0, limit = 10 }, _user, resolver = 'user tweets') { + tweets(user, { minLikes, lastCreatedAt = 0, limit = 10 }, me, resolver = 'user tweets') { try { const baseQuery = { authorId: user._id, createdAt: { $gt: lastCreatedAt }, }; - const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readMany', { User: this.context.User }, resolver); + const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); const finalQuery = {...baseQuery, ...authQuery}; return this.context.Tweet.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } catch (err) { log.error(err.message); } } - liked(user, { lastCreatedAt = 0, limit = 10 }, _user, resolver = 'user liked') { + liked(user, { lastCreatedAt = 0, limit = 10 }, me, resolver = 'user liked') { try { const baseQuery = { _id: { $in: user.likedIds }, createdAt: { $gt: lastCreatedAt }, }; - const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readMany', { User: this.context.User }, resolver); + const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); const finalQuery = {...baseQuery, ...authQuery}; return this.context.Tweet.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } catch (err) { log.error(err.message); } } - following(user, { lastCreatedAt = 0, limit = 10 }, _user, resolver = 'user following') { + following(user, { lastCreatedAt = 0, limit = 10 }, me, resolver = 'user following') { try { const baseQuery = { _id: { $in: user.followingIds || [] }, createdAt: { $gt: lastCreatedAt }, }; - const authQuery = queryForRoles(_user, ['admin'], [], 'readMany', { User: this.context.User }, resolver); - const restrictedFields = (Object.keys(authQuery).length === 0) ? {} : { role: 0 }; + const authQuery = queryForRoles(me, ['admin'], [], { User: this.context.User }, authlog(resolver, 'readMany', me)); + // role: @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) + // ====== + let authFields = {}; + authFields = fieldForRoles(authFields, 'role', me, ['admin'], [], { User: this.context.User }, authlog(resolver + 'field "role"', 'readMany', me)); const finalQuery = {...baseQuery, ...authQuery}; - return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).project(restrictedFields).limit(limit).toArray(); + return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).project(authFields).limit(limit).toArray(); } catch (err) { log.error(err.message); } } - followers(user, { lastCreatedAt = 0, limit = 10 }, _user, resolver = 'user followers') { + followers(user, { lastCreatedAt = 0, limit = 10 }, me, resolver = 'user followers') { try { const baseQuery = { followingIds: user._id, createdAt: { $gt: lastCreatedAt }, }; - const authQuery = queryForRoles(_user, ['admin'], [], 'readMany', { User: this.context.User }, resolver); - const restrictedFields = (Object.keys(authQuery).length === 0) ? {} : { role: 0 }; + const authQuery = queryForRoles(me, ['admin'], [], { User: this.context.User }, authlog(resolver, 'readMany', me)); + // role: @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) + // ====== + let authFields = {}; + authFields = fieldForRoles(authFields, 'role', me, ['admin'], [], { User: this.context.User }, authlog(resolver + 'field "role"', 'readMany', me)); const finalQuery = {...baseQuery, ...authQuery}; - return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).project(restrictedFields).limit(limit).toArray(); + return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).project(authFields).limit(limit).toArray(); } catch (err) { log.error(err.message); } } - createdBy(user, _user, resolver = 'user createdBy') { - return this.context.User.getOneById(user.createdById, _user, resolver); + createdBy(user, me, resolver = 'user createdBy') { + return this.context.User.getOneById(user.createdById, me, resolver); } - updatedBy(user, _user, resolver = 'user updatedBy') { - return this.context.User.getOneById(user.updatedById, _user, resolver); + updatedBy(user, me, resolver = 'user updatedBy') { + return this.context.User.getOneById(user.updatedById, me, resolver); } - async insert(doc, _user, resolver = 'insert user') { + async insert(doc, me, resolver = 'insert user') { try { let insertedDoc = null; let docToInsert = Object.assign({}, doc, { createdAt: Date.now(), updatedAt: Date.now(), - createdById: (_user && _user._id) ? _user._id : 'unknown', - updatedById: (_user && _user._id) ? _user._id : 'unknown', + createdById: (me && me._id) ? me._id : 'unknown', + updatedById: (me && me._id) ? me._id : 'unknown', }); - const authQuery = queryForRoles(_user, ['admin'], [], 'create', { User: this.context.User }, resolver); - - const docRoleFields = [].map(key => ({ [key]: docToInsert[key] }) ); - if (Object.keys(authQuery).length > 0 && !fieldContainsUserId(docRoleFields, _user._id)) { - throw new Error('Not authorized to insert user'); - } + const authQuery = queryForRoles(me, ['admin'], [], { User: this.context.User }, authlog(resolver, 'create', me)); + // role: @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) + // ===== ====== + docToInsert = authorizedFields(docToInsert, 'role', me, ['admin'], [], { User: this.context.User }, authlog(resolver + 'field "role"', 'create', me)); const id = (await this.collection.insertOne(docToInsert)).insertedId; if (!id) { @@ -144,28 +141,27 @@ export default class User { } log.debug(`inserted user ${id}.`); - insertedDoc = this.getOneById(id, _user, 'pubsub userInserted'); + insertedDoc = this.getOneById(id, me, 'pubsub userInserted'); this.pubsub.publish('userInserted', insertedDoc); return insertedDoc; } catch (err) { log.error(err.message); } } - async updateById(id, doc, _user, resolver = 'update user') { + async updateById(id, doc, me, resolver = 'update user') { try { let updatedDoc = null; - const docBefore = await this.findOneById(id, _user, 'user findOneById in updateById for docBefore'); + const docBefore = await this.findOneById(id, me, 'user findOneById in updateById for docBefore'); let docToUpdate = {$set: Object.assign({}, doc, { updatedAt: Date.now(), - updatedById: (_user && _user._id) ? _user._id : 'unknown', + updatedById: (me && me._id) ? me._id : 'unknown', })}; const baseQuery = {_id: id}; - const authQuery = queryForRoles(_user, ['admin'], ['_id'], 'update', { User: this.context.User }, resolver); - - if (doc['role'] && Object.keys(authQuery).length > 0) { - throw new Error('Not authorized to update field "role"'); - } + const authQuery = queryForRoles(me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'update', me)); + // role: @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) + // ===== ====== + docToUpdate.$set = authorizedFields(docToUpdate.$set, 'role', me, ['admin'], [], { User: this.context.User }, authlog(resolver + 'field "role"', 'update', me)); const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.updateOne(finalQuery, docToUpdate); @@ -176,22 +172,21 @@ export default class User { } log.debug(`updated user ${id}.`); - this.loaders().readOneWithoutAuth.clear(id); - this.loaders().readOne.clear(id); - // this.loaders().readMany.clear(id); + this.unauthorizedLoader.clear(id); + this.authorizedLoader.clear(id); - updatedDoc = this.getOneById(id, _user, 'pubsub userUpdated') + updatedDoc = this.getOneById(id, me, 'pubsub userUpdated') this.pubsub.publish('userUpdated', updatedDoc); return updatedDoc; } catch (err) { log.error(err.message); } } - async removeById(id, _user, resolver = 'remove user') { + async removeById(id, me, resolver = 'remove user') { try { - const docBefore = await this.findOneById(id, _user, 'user findOneById in removeById for docBefore'); + const docBefore = await this.findOneById(id, me, 'user findOneById in removeById for docBefore'); const baseQuery = {_id: id}; - const authQuery = queryForRoles(_user, ['admin'], ['_id'], 'delete', { User: this.context.User }, resolver); + const authQuery = queryForRoles(me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'delete', me)); const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.remove(finalQuery); if (result.result.ok !== 1 || result.result.n !== 1){ @@ -200,9 +195,8 @@ export default class User { } log.debug(`removed user ${id}.`); - this.loaders().readOneWithoutAuth.clear(id); - this.loaders().readOne.clear(id); - // this.loaders().readMany.clear(id); + this.unauthorizedLoader.clear(id); + this.authorizedLoader.clear(id); this.pubsub.publish('userRemoved', id); return result; diff --git a/test/output-app/model/index.js b/test/output-app/model/index.js index 99f9412..ab03af2 100644 --- a/test/output-app/model/index.js +++ b/test/output-app/model/index.js @@ -2,8 +2,14 @@ const models = {}; export default function addModelsToContext(context) { const newContext = Object.assign({}, context); + + // User model has to be first, to initialize the other models with correct authorizations + if (models['User']){ + newContext['User'] = new models['User'](newContext); + } + Object.keys(models).forEach((key) => { - newContext[key] = new models[key](newContext); + if (key !== 'User') newContext[key] = new models[key](newContext); }); return newContext; } diff --git a/test/output-app/resolvers/Tweet.js b/test/output-app/resolvers/Tweet.js index a8fb88c..1de962c 100644 --- a/test/output-app/resolvers/Tweet.js +++ b/test/output-app/resolvers/Tweet.js @@ -4,46 +4,46 @@ const resolvers = { return tweet._id; }, - author(tweet, args, { Tweet, _user }) { - return Tweet.author(tweet, _user, 'author'); + author(tweet, args, { Tweet, me }) { + return Tweet.author(tweet, me, 'author'); }, - createdBy(tweet, args, { Tweet, _user }) { - return Tweet.createdBy(tweet, _user, 'createdBy'); + createdBy(tweet, args, { Tweet, me }) { + return Tweet.createdBy(tweet, me, 'createdBy'); }, - updatedBy(tweet, args, { Tweet, _user }) { - return Tweet.updatedBy(tweet, _user, 'updatedBy'); + updatedBy(tweet, args, { Tweet, me }) { + return Tweet.updatedBy(tweet, me, 'updatedBy'); }, - coauthors(tweet, { lastCreatedAt, limit }, { Tweet, _user }) { - return Tweet.coauthors(tweet, { lastCreatedAt, limit }, _user, 'coauthors'); + coauthors(tweet, { lastCreatedAt, limit }, { Tweet, me }) { + return Tweet.coauthors(tweet, { lastCreatedAt, limit }, me, 'coauthors'); }, - likers(tweet, { lastCreatedAt, limit }, { Tweet, _user }) { - return Tweet.likers(tweet, { lastCreatedAt, limit }, _user, 'likers'); + likers(tweet, { lastCreatedAt, limit }, { Tweet, me }) { + return Tweet.likers(tweet, { lastCreatedAt, limit }, me, 'likers'); }, }, Query: { - tweets(root, { lastCreatedAt, limit }, { Tweet, _user }) { - return Tweet.all({ lastCreatedAt, limit }, _user, 'tweets'); + tweets(root, { lastCreatedAt, limit }, { Tweet, me }) { + return Tweet.all({ lastCreatedAt, limit }, me, 'tweets'); }, - tweet(root, { id }, { Tweet, _user }) { - return Tweet.getOneById(id, _user, 'tweet'); + tweet(root, { id }, { Tweet, me }) { + return Tweet.getOneById(id, me, 'tweet'); }, }, Mutation: { - async createTweet(root, { input }, { Tweet, _user }) { - return await Tweet.insert(input, _user); + async createTweet(root, { input }, { Tweet, me }) { + return await Tweet.insert(input, me); }, - async updateTweet(root, { id, input }, { Tweet, _user }) { - return await Tweet.updateById(id, input, _user); + async updateTweet(root, { id, input }, { Tweet, me }) { + return await Tweet.updateById(id, input, me); }, - async removeTweet(root, { id }, { Tweet, _user }) { - return await Tweet.removeById(id, _user, 'removeTweet'); + async removeTweet(root, { id }, { Tweet, me }) { + return await Tweet.removeById(id, me, 'removeTweet'); }, }, Subscription: { diff --git a/test/output-app/resolvers/User.js b/test/output-app/resolvers/User.js index fa33f84..c22d379 100644 --- a/test/output-app/resolvers/User.js +++ b/test/output-app/resolvers/User.js @@ -4,50 +4,50 @@ return user._id; }, - createdBy(user, args, { User, _user }) { - return User.createdBy(user, _user, 'createdBy'); + createdBy(user, args, { User, me }) { + return User.createdBy(user, me, 'createdBy'); }, - updatedBy(user, args, { User, _user }) { - return User.updatedBy(user, _user, 'updatedBy'); + updatedBy(user, args, { User, me }) { + return User.updatedBy(user, me, 'updatedBy'); }, - tweets(user, { minLikes, lastCreatedAt, limit }, { User, _user }) { - return User.tweets(user, { minLikes, lastCreatedAt, limit }, _user, 'tweets'); + tweets(user, { minLikes, lastCreatedAt, limit }, { User, me }) { + return User.tweets(user, { minLikes, lastCreatedAt, limit }, me, 'tweets'); }, - liked(user, { lastCreatedAt, limit }, { User, _user }) { - return User.liked(user, { lastCreatedAt, limit }, _user, 'liked'); + liked(user, { lastCreatedAt, limit }, { User, me }) { + return User.liked(user, { lastCreatedAt, limit }, me, 'liked'); }, - following(user, { lastCreatedAt, limit }, { User, _user }) { - return User.following(user, { lastCreatedAt, limit }, _user, 'following'); + following(user, { lastCreatedAt, limit }, { User, me }) { + return User.following(user, { lastCreatedAt, limit }, me, 'following'); }, - followers(user, { lastCreatedAt, limit }, { User, _user }) { - return User.followers(user, { lastCreatedAt, limit }, _user, 'followers'); + followers(user, { lastCreatedAt, limit }, { User, me }) { + return User.followers(user, { lastCreatedAt, limit }, me, 'followers'); }, }, Query: { - users(root, { lastCreatedAt, limit }, { User, _user }) { - return User.all({ lastCreatedAt, limit }, _user, 'users'); + users(root, { lastCreatedAt, limit }, { User, me }) { + return User.all({ lastCreatedAt, limit }, me, 'users'); }, - user(root, { id }, { User, _user }) { - return User.getOneById(id, _user, 'user'); + user(root, { id }, { User, me }) { + return User.getOneById(id, me, 'user'); }, }, Mutation: { - async createUser(root, { input }, { User, _user }) { - return await User.insert(input, _user); + async createUser(root, { input }, { User, me }) { + return await User.insert(input, me); }, - async updateUser(root, { id, input }, { User, _user }) { - return await User.updateById(id, input, _user); + async updateUser(root, { id, input }, { User, me }) { + return await User.updateById(id, input, me); }, - async removeUser(root, { id }, { User, _user }) { - return await User.removeById(id, _user, 'removeUser'); + async removeUser(root, { id }, { User, me }) { + return await User.removeById(id, me, 'removeUser'); }, }, Subscription: { diff --git a/test/output-app/schema/User.graphql b/test/output-app/schema/User.graphql index 61d6fa3..c0d28a8 100644 --- a/test/output-app/schema/User.graphql +++ b/test/output-app/schema/User.graphql @@ -1,6 +1,6 @@ type User { id: ObjID! - role: String! + role: String username: String! bio: String notify: Boolean diff --git a/test/output-app/server/authenticate.js b/test/output-app/server/authenticate.js index c09fdf6..5ea4d39 100644 --- a/test/output-app/server/authenticate.js +++ b/test/output-app/server/authenticate.js @@ -4,15 +4,17 @@ import jwt from 'jwt-simple'; import { ObjectId } from 'mongodb'; import nodeify from 'nodeify'; import bcrypt from 'bcrypt'; -import log from '../server/logger'; +import DataLoader from 'dataloader'; +import { findByIds } from './authorize'; const KEY = 'test-key'; +let Loader; async function userFromPayload(request, jwtPayload) { if (!jwtPayload.userId) { throw new Error('No userId in JWT'); } - return await request.context.User.findOneById(ObjectId(jwtPayload.userId)); + return await Loader.load(ObjectId(jwtPayload.userId)); } passport.use(new Strategy({ @@ -23,7 +25,9 @@ passport.use(new Strategy({ nodeify(userFromPayload(request, jwtPayload), done); })); -export default function addPassport(app) { +export default function addPassport(app, User) { + Loader = new DataLoader(ids => findByIds(User, ids)); + app.use(passport.initialize()); app.post('/login', async (req, res, next) => { @@ -34,7 +38,7 @@ export default function addPassport(app) { throw new Error('Username or password not set on request'); } - const user = await req.context.User.collection.findOne({ email }); + const user = await User.findOne({ email }); if (!user || !(await bcrypt.compare(password, user.hash))) { throw new Error('User not found matching email/password combination'); } diff --git a/test/output-app/server/authorize.js b/test/output-app/server/authorize.js index 32444e5..53f9e72 100644 --- a/test/output-app/server/authorize.js +++ b/test/output-app/server/authorize.js @@ -1,6 +1,17 @@ import _ from 'lodash'; import log from '../server/logger'; +// central logger for authorization checks +export function authlog(resolver = '', mode = '', me = {}) { + const makeMessage = (message) => `Authorize ${mode} "${resolver}" with user "${me.username ? me.username : ''}" ${message}`; + return { + debug: (message) => log.debug(makeMessage(message)), + error: (message) => {throw new Error(makeMessage(message))}, + }; +} + +// returns the record, cached if already read, checks authorization if set +// enhancement of tmeasday'findByIds export function findByIds(collection, ids = [], authQuery) { const baseQuery = { _id: { $in: ids } }; const finalQuery = {...baseQuery, ...authQuery}; @@ -12,39 +23,135 @@ export function findByIds(collection, ids = [], authQuery) { } // returns true, if user is logged in -export function loggedIn(user) { - if(user && user._id && user._id.toString() !== '') { +export function loggedIn(me) { + if(me && me._id && me._id.toString() !== '') { + return true; + } + return false; +} + +// returns true, if authorized to get field +// returns false, if NOT authorized to get field +export function fieldAuthorized(me = {}, userRoles = [], docRoles = [], { User }, logger){ + // The logged in user's role is authorized for the field + if (roleAuthorizedForDoc(me, userRoles, docRoles, { User }, logger)) { + return true; + } + // The user might be listed in any document field + if (loggedIn(me) && docRoles.length > 0){ return true; } return false; } +// returns a projection query of fields not to be shown, e.g. { role: 0 } +export function fieldForRoles(projection, field, me = {}, userRoles = [], docRoles = [], { User }, logger){ + const role = User.authRole(me); + // The logged in user's role is authorized for the field + if (roleAuthorizedForDoc(me, userRoles, docRoles, { User }, logger)) { + return projection; + } + // The user is listed in any document field + if (loggedIn(me) && docRoles.length > 0){ + return projection; + } + const authFields = Object.assign({}, { [field]: 0 }, projection); + logger.debug(`and role "${role ? role : ''}" not authorized to access field "${field}".`) + return authFields; +} + +// imports a result (which is document or an array of documents), and returns the result, +// but it removes the field without authorization from documents, +// e.g. field "role" is removed from all result documents, if the user/role is not allowed to access it +export function authorizedFields(result, field, me, userRoles = [], docRoles = [], { User }, logger){ + const role = User.authRole(me) || ''; + + // if any userRole authorizes field + if (roleAuthorizedForDoc(me, userRoles, docRoles, { User }, logger)) { + return result; + } + + // if any docRole authorizes field + // The user is listed in any document field + if (loggedIn(me) && docRoles.length > 0){ + + // if the result was an array of documents, check each doc and field + if (_.isArray(result)){ + const authorizedResult = []; + // check all documents in the result array + result.every(doc => { + let fieldAuthorized = false; + // check all docRoles if any of them authorizes field + docRoles.every(docRole => { + // if one docRole authorizes the field, then fieldAuthorized = true + if (doc[docRole] && fieldContainsUserId(doc[docRole], me._id)){ + fieldAuthorized = true; + } + }); + if (!fieldAuthorized && doc[field]){ + delete doc[field]; + logger.debug(`with role "${role}" field "${field}" removed from document id "${doc._id}". No authorization.`); + } + authorizedResult.push(doc); + }); + return authorizedResult; + } + + // if the result was a document + if (_.isObject(result)){ + // check with all docRoles + let fieldAuthorized = false; + docRoles.every(docRole => { + // if one docRole authorizes the field, then fieldAuthorized = true + if (result[docRole] && fieldContainsUserId(result[docRole], me._id)){ + fieldAuthorized = true; + } + }); + if (!fieldAuthorized && result[field]){ + delete result[field]; + logger.debug(`with role "${role}" field "${field}" removed from document id "${result._id}". No authorization.`); + } + return result; + } + + } + + // not authorized to access field + if (result[field]){ + delete result[field]; + logger.debug(`with role "${role}" field "${field}" removed from document id "${result._id}". No authorization.`); + } + return result; +} + // creates an authQuery object with additional query arguments, to implement authorization restrictions for mongodb access -export function queryForRoles(user = {}, userRoles = [], docRoles = [], mode = '', { User }, resolver = '') { +export function queryForRoles(me = {}, userRoles = [], docRoles = [], { User }, logger) { + const role = User.authRole(me); // Build query for the case: The logged in user's role is authorized - if (roleAuthorizedForDoc(user, userRoles, docRoles, mode, { User }, resolver)) { + if (roleAuthorizedForDoc(me, userRoles, docRoles, { User }, logger)) { return {}; // empty authQuery means, do operation with no access restrictions } // Build query for the case: The user is listed in any document field const query = { $or: [] }; - if (loggedIn(user)){ - docRoles.forEach(docRole => query.$or.push( { [docRole]: user._id } ) ); - log.debug('authQuery:', JSON.stringify(query, null, 2)); + if (loggedIn(me)){ + docRoles.forEach(docRole => query.$or.push( { [docRole]: me._id } ) ); + logger.debug(`and role: "${role ? role : ''}" with \nauthQuery: ${JSON.stringify(query, null, 2)}`); if (query.$or.length > 0) return query; } // Not Authorized - throw new Error(`Authorization: Not authorized to ${mode} in ${resolver}.`); + const message = `and role: "${role}" is not authorized.`; + logger.error(message); } // returns true, if the user's role is authorized for a document -export function roleAuthorizedForDoc(user = {}, userRoles = [], docRoles = [], mode = '', { User }, resolver = ''){ - const role = User.authRole(user); +export function roleAuthorizedForDoc(me = {}, userRoles = [], docRoles = [], { User }, logger){ + const role = User.authRole(me); - if ( userRoles.includes('world') || role && role !== '' && role !== '' && userRoles.length > 0 && userRoles.includes(role) ) { - log.debug(`${resolver} ${mode} with user ${user.username ? user.username : ''} is authorized`); + if ( userRoles.includes('world') || role && userRoles.length > 0 && userRoles.includes(role) ) { + logger.debug(`and role "${role ? role : ''}" is authorized`); return true; } diff --git a/test/output-app/server/index.js b/test/output-app/server/index.js index c9d452b..84d01ce 100644 --- a/test/output-app/server/index.js +++ b/test/output-app/server/index.js @@ -32,26 +32,23 @@ async function startServer() { log.info('Logger started'); const db = await MongoClient.connect(MONGO_URL); + const UserCollection = db.collection('user'); const app = express().use('*', cors()); app.use(bodyParser.urlencoded({ extended: true })); app.use(bodyParser.json()); app.use(morgan("dev", { "stream": stream })); - app.use((req, res, next) => { - req.context = addModelsToContext({ db, pubsub }); - next(); - }); - - authenticate(app); + authenticate(app, UserCollection); app.use('/graphql', (req, res, next) => { - passport.authenticate('jwt', { session: false }, (err, _user) => { + passport.authenticate('jwt', { session: false }, (err, me) => { + req.context = addModelsToContext({ db, pubsub, me, UserCollection }); graphqlExpress(() => { // Get the query, the same way express-graphql does it // https://github.com/graphql/express-graphql/blob/3fa6e68582d6d933d37fa9e841da5d2aa39261cd/src/index.js#L257 const {variables, operationName} = req.body; - const {_id, username, role} = _user; + const {_id, username, role} = me; const query = req.query.query || req.body.query; log.debug('-'.repeat(80)); log.debug(`Request:\nUser: "${(username) ? username: ''}", role: "${(role) ? role : ''}", id: "${(_id) ? _id : ''}",\nOperation: "${operationName ? operationName : ''}", variables: "${variables ? JSON.stringify(variables) : ''}",\nQuery:\n${print(parse(query))}`); @@ -63,7 +60,7 @@ async function startServer() { } return { schema, - context: Object.assign({ _user }, req.context), + context: Object.assign({ me }, req.context), debug: true, // formatError(e) { console.log(e) }, }; diff --git a/test/output-app/server/logs/all-logs-readable.log b/test/output-app/server/logs/all-logs-readable.log index d9f355c..0c81a09 100644 --- a/test/output-app/server/logs/all-logs-readable.log +++ b/test/output-app/server/logs/all-logs-readable.log @@ -1,5 +1,8 @@ -2017-07-09 21:12:22 -------------------------------------------------------------------------------- -2017-07-09 21:12:22 Request: +2017-07-17 00:07:18 Logger started +2017-07-17 00:07:49 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:07:49 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:07:49 -------------------------------------------------------------------------------- +2017-07-17 00:07:49 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -11,8 +14,10 @@ Query: } } -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: +2017-07-17 00:08:01 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 -------------------------------------------------------------------------------- +2017-07-17 00:08:01 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -24,8 +29,10 @@ Query: } } -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: +2017-07-17 00:08:01 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 -------------------------------------------------------------------------------- +2017-07-17 00:08:01 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -36,9 +43,11 @@ Query: } } -2017-07-09 21:12:33 user readOne with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: +2017-07-17 00:08:01 Authorize readOne "userfield "role"" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 -------------------------------------------------------------------------------- +2017-07-17 00:08:01 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -49,9 +58,11 @@ Query: } } -2017-07-09 21:12:33 user readOne with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: +2017-07-17 00:08:01 Authorize readOne "userfield "role"" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 -------------------------------------------------------------------------------- +2017-07-17 00:08:01 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -62,9 +73,11 @@ Query: } } -2017-07-09 21:12:33 user readOne with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: +2017-07-17 00:08:01 Authorize readOne "userfield "role"" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 -------------------------------------------------------------------------------- +2017-07-17 00:08:01 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -76,9 +89,10 @@ Query: } } -2017-07-09 21:12:33 user readOne with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: +2017-07-17 00:08:01 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 -------------------------------------------------------------------------------- +2017-07-17 00:08:01 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -89,9 +103,13 @@ Query: } } -2017-07-09 21:12:33 users readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: +2017-07-17 00:08:01 Authorize readMany "users" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 Authorize readMany "usersfield "role"" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 Authorize readOne "userfield "role"" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 -------------------------------------------------------------------------------- +2017-07-17 00:08:01 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -102,9 +120,12 @@ Query: } } -2017-07-09 21:12:33 users readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: +2017-07-17 00:08:01 Authorize readMany "users" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 Authorize readMany "usersfield "role"" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 -------------------------------------------------------------------------------- +2017-07-17 00:08:01 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -115,9 +136,12 @@ Query: } } -2017-07-09 21:12:33 users readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: +2017-07-17 00:08:01 Authorize readMany "users" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 Authorize readMany "usersfield "role"" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 -------------------------------------------------------------------------------- +2017-07-17 00:08:01 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -128,9 +152,12 @@ Query: } } -2017-07-09 21:12:33 users readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: +2017-07-17 00:08:01 Authorize readMany "users" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 Authorize readMany "usersfield "role"" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 -------------------------------------------------------------------------------- +2017-07-17 00:08:01 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -143,10 +170,13 @@ Query: } } -2017-07-09 21:12:33 user readOne with user stubailo is authorized -2017-07-09 21:12:33 followers readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: +2017-07-17 00:08:01 Authorize readOne "userfield "role"" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 Authorize readMany "followers" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 Authorize readMany "followersfield "role"" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 -------------------------------------------------------------------------------- +2017-07-17 00:08:01 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -159,10 +189,13 @@ Query: } } -2017-07-09 21:12:33 user readOne with user stubailo is authorized -2017-07-09 21:12:33 followers readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: +2017-07-17 00:08:01 Authorize readOne "userfield "role"" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 Authorize readMany "followers" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 Authorize readMany "followersfield "role"" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 -------------------------------------------------------------------------------- +2017-07-17 00:08:01 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -175,10 +208,13 @@ Query: } } -2017-07-09 21:12:33 user readOne with user stubailo is authorized -2017-07-09 21:12:33 followers readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: +2017-07-17 00:08:01 Authorize readOne "userfield "role"" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 Authorize readMany "followers" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 Authorize readMany "followersfield "role"" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 -------------------------------------------------------------------------------- +2017-07-17 00:08:01 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -191,10 +227,13 @@ Query: } } -2017-07-09 21:12:33 user readOne with user stubailo is authorized -2017-07-09 21:12:33 followers readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: +2017-07-17 00:08:01 Authorize readOne "userfield "role"" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 Authorize readMany "followers" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 Authorize readMany "followersfield "role"" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 -------------------------------------------------------------------------------- +2017-07-17 00:08:01 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -207,10 +246,13 @@ Query: } } -2017-07-09 21:12:33 user readOne with user stubailo is authorized -2017-07-09 21:12:33 following readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: +2017-07-17 00:08:01 Authorize readOne "userfield "role"" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 Authorize readMany "following" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 Authorize readMany "followingfield "role"" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 -------------------------------------------------------------------------------- +2017-07-17 00:08:01 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -223,10 +265,13 @@ Query: } } -2017-07-09 21:12:33 user readOne with user stubailo is authorized -2017-07-09 21:12:33 following readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: +2017-07-17 00:08:01 Authorize readOne "userfield "role"" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:01 Authorize readMany "following" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readMany "followingfield "role"" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -239,10 +284,13 @@ Query: } } -2017-07-09 21:12:33 user readOne with user stubailo is authorized -2017-07-09 21:12:33 following readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: +2017-07-17 00:08:02 Authorize readOne "userfield "role"" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readMany "following" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readMany "followingfield "role"" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -255,10 +303,13 @@ Query: } } -2017-07-09 21:12:33 user readOne with user stubailo is authorized -2017-07-09 21:12:33 following readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: +2017-07-17 00:08:02 Authorize readOne "userfield "role"" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readMany "following" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readMany "followingfield "role"" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -271,10 +322,12 @@ Query: } } -2017-07-09 21:12:33 user readOne with user stubailo is authorized -2017-07-09 21:12:33 tweets readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: +2017-07-17 00:08:02 Authorize readOne "userfield "role"" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readMany "tweets" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -287,10 +340,12 @@ Query: } } -2017-07-09 21:12:33 user readOne with user stubailo is authorized -2017-07-09 21:12:33 tweets readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: +2017-07-17 00:08:02 Authorize readOne "userfield "role"" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readMany "tweets" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -303,10 +358,12 @@ Query: } } -2017-07-09 21:12:33 user readOne with user stubailo is authorized -2017-07-09 21:12:33 tweets readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: +2017-07-17 00:08:02 Authorize readOne "userfield "role"" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readMany "tweets" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -319,10 +376,12 @@ Query: } } -2017-07-09 21:12:33 user readOne with user stubailo is authorized -2017-07-09 21:12:33 tweets readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: +2017-07-17 00:08:02 Authorize readOne "userfield "role"" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readMany "tweets" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -335,10 +394,12 @@ Query: } } -2017-07-09 21:12:33 user readOne with user stubailo is authorized -2017-07-09 21:12:33 liked readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: +2017-07-17 00:08:02 Authorize readOne "userfield "role"" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readMany "liked" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -351,10 +412,12 @@ Query: } } -2017-07-09 21:12:33 user readOne with user stubailo is authorized -2017-07-09 21:12:33 liked readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: +2017-07-17 00:08:02 Authorize readOne "userfield "role"" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readMany "liked" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -367,10 +430,12 @@ Query: } } -2017-07-09 21:12:33 user readOne with user stubailo is authorized -2017-07-09 21:12:33 liked readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: +2017-07-17 00:08:02 Authorize readOne "userfield "role"" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readMany "liked" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -383,10 +448,12 @@ Query: } } -2017-07-09 21:12:33 user readOne with user stubailo is authorized -2017-07-09 21:12:33 liked readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: +2017-07-17 00:08:02 Authorize readOne "userfield "role"" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readMany "liked" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -398,8 +465,10 @@ Query: } } -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -410,11 +479,10 @@ Query: } } -2017-07-09 21:12:33 tweet readOne with user stubailo is authorized -2017-07-09 21:12:33 tweet readOne with user stubailo is authorized -2017-07-09 21:12:33 author readOne with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -425,9 +493,12 @@ Query: } } -2017-07-09 21:12:33 tweets readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: +2017-07-17 00:08:02 Authorize readMany "tweets" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "authorfield "role"" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -438,9 +509,11 @@ Query: } } -2017-07-09 21:12:33 tweets readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: +2017-07-17 00:08:02 Authorize readMany "tweets" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -451,9 +524,11 @@ Query: } } -2017-07-09 21:12:33 tweets readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: +2017-07-17 00:08:02 Authorize readMany "tweets" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -464,9 +539,11 @@ Query: } } -2017-07-09 21:12:33 tweets readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: +2017-07-17 00:08:02 Authorize readMany "tweets" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -479,10 +556,11 @@ Query: } } -2017-07-09 21:12:33 tweet readOne with user stubailo is authorized -2017-07-09 21:12:33 likers readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: +2017-07-17 00:08:02 Authorize readMany "likers" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -495,10 +573,11 @@ Query: } } -2017-07-09 21:12:33 tweet readOne with user stubailo is authorized -2017-07-09 21:12:33 likers readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: +2017-07-17 00:08:02 Authorize readMany "likers" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -511,10 +590,11 @@ Query: } } -2017-07-09 21:12:33 tweet readOne with user stubailo is authorized -2017-07-09 21:12:33 likers readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: +2017-07-17 00:08:02 Authorize readMany "likers" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -527,10 +607,11 @@ Query: } } -2017-07-09 21:12:33 tweet readOne with user stubailo is authorized -2017-07-09 21:12:33 likers readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: +2017-07-17 00:08:02 Authorize readMany "likers" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -541,12 +622,15 @@ mutation { } } -2017-07-09 21:12:33 insert user create with user stubailo is authorized -2017-07-09 21:12:33 inserted user 596280212157d09ddf9d7294. -2017-07-09 21:12:33 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", +2017-07-17 00:08:02 Authorize create "insert user" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize create "insert userfield "role"" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 inserted user 596be3c2949652fd418cc8fe. +2017-07-17 00:08:02 Authorize readOne "pubsub userInsertedfield "role"" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: +User: "tobkle", role: "admin", id: "596be3c2949652fd418cc8fe", Operation: "", variables: "", Query: mutation { @@ -555,181 +639,205 @@ mutation { } } -2017-07-09 21:12:33 insert user create with user tobkle is authorized -2017-07-09 21:12:33 inserted user 596280212157d09ddf9d7295. -2017-07-09 21:12:33 pubsub userInserted readOne with user tobkle is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", +2017-07-17 00:08:02 Authorize create "insert user" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 Authorize create "insert userfield "role"" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 inserted user 596be3c2949652fd418cc8ff. +2017-07-17 00:08:02 Authorize readOne "pubsub userInsertedfield "role"" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: +User: "tobkle", role: "admin", id: "596be3c2949652fd418cc8fe", Operation: "", variables: "", Query: { - user(id: "596280212157d09ddf9d7295") { + user(id: "596be3c2949652fd418cc8ff") { username bio role } } -2017-07-09 21:12:33 user readOne with user tobkle is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", +2017-07-17 00:08:02 Authorize readOne "userfield "role"" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: +User: "tobkle", role: "admin", id: "596be3c2949652fd418cc8fe", Operation: "", variables: "", Query: { - user(id: "596280212157d09ddf9d7294") { + user(id: "596be3c2949652fd418cc8fe") { username role } } -2017-07-09 21:12:33 user readOne with user tobkle is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", +2017-07-17 00:08:02 Authorize readOne "userfield "role"" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: +User: "tobkle", role: "admin", id: "596be3c2949652fd418cc8fe", Operation: "", variables: "", Query: mutation { - updateUser(id: "596280212157d09ddf9d7295", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + updateUser(id: "596be3c2949652fd418cc8ff", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { username bio role } } -2017-07-09 21:12:33 update user update with user tobkle is authorized -2017-07-09 21:12:33 updated user 596280212157d09ddf9d7295. -2017-07-09 21:12:33 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", +2017-07-17 00:08:02 Authorize update "update user" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 Authorize update "update userfield "role"" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 updated user 596be3c2949652fd418cc8ff. +2017-07-17 00:08:02 Authorize readOne "pubsub userUpdatedfield "role"" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: +User: "tobkle", role: "admin", id: "596be3c2949652fd418cc8fe", Operation: "", variables: "", Query: mutation { - updateUser(id: "596280212157d09ddf9d7294", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + updateUser(id: "596be3c2949652fd418cc8fe", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { username bio role } } -2017-07-09 21:12:33 update user update with user tobkle is authorized -2017-07-09 21:12:33 updated user 596280212157d09ddf9d7294. -2017-07-09 21:12:33 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", +2017-07-17 00:08:02 Authorize update "update user" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 Authorize update "update userfield "role"" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 updated user 596be3c2949652fd418cc8fe. +2017-07-17 00:08:02 Authorize readOne "pubsub userUpdatedfield "role"" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: +User: "tobkle", role: "admin", id: "596be3c2949652fd418cc8fe", Operation: "", variables: "", Query: mutation { - updateUser(id: "596280212157d09ddf9d7295", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + updateUser(id: "596be3c2949652fd418cc8ff", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { username bio role } } -2017-07-09 21:12:33 update user update with user tobkle is authorized -2017-07-09 21:12:33 updated user 596280212157d09ddf9d7295. -2017-07-09 21:12:33 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", +2017-07-17 00:08:02 Authorize update "update user" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 Authorize update "update userfield "role"" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 updated user 596be3c2949652fd418cc8ff. +2017-07-17 00:08:02 Authorize readOne "pubsub userUpdatedfield "role"" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: +User: "tobkle", role: "admin", id: "596be3c2949652fd418cc8fe", Operation: "", variables: "", Query: mutation { - updateUser(id: "596280212157d09ddf9d7294", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + updateUser(id: "596be3c2949652fd418cc8fe", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { username bio role } } -2017-07-09 21:12:33 update user update with user tobkle is authorized -2017-07-09 21:12:33 updated user 596280212157d09ddf9d7294. -2017-07-09 21:12:33 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "tobkle", role: "editor", id: "596280212157d09ddf9d7294", +2017-07-17 00:08:02 Authorize update "update user" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 Authorize update "update userfield "role"" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 updated user 596be3c2949652fd418cc8fe. +2017-07-17 00:08:02 Authorize readOne "pubsub userUpdatedfield "role"" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role: "editor" with +authQuery: { + "$or": [ + { + "_id": "596be3c2949652fd418cc8fe" + } + ] +} +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "editor" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: +User: "tobkle", role: "editor", id: "596be3c2949652fd418cc8fe", Operation: "", variables: "", Query: mutation { - updateUser(id: "596280212157d09ddf9d7294", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + updateUser(id: "596be3c2949652fd418cc8fe", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { username bio role } } -2017-07-09 21:12:33 authQuery: { +2017-07-17 00:08:02 Authorize update "update user" with user "tobkle" and role: "editor" with +authQuery: { "$or": [ { - "_id": "596280212157d09ddf9d7294" + "_id": "596be3c2949652fd418cc8fe" } ] } -2017-07-09 21:12:33 ERROR Not authorized to update field "role" -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "zoltan", role: "admin", id: "596280212157d09ddf9d7295", +2017-07-17 00:08:02 Authorize update "update userfield "role"" with user "tobkle" with role "editor" field "role" removed from document id "undefined". No authorization. +2017-07-17 00:08:02 updated user 596be3c2949652fd418cc8fe. +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "zoltan" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "zoltan" and role "admin" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: +User: "zoltan", role: "admin", id: "596be3c2949652fd418cc8ff", Operation: "", variables: "", Query: mutation { - updateUser(id: "596280212157d09ddf9d7294", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + updateUser(id: "596be3c2949652fd418cc8fe", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { username bio role } } -2017-07-09 21:12:33 update user update with user zoltan is authorized -2017-07-09 21:12:33 updated user 596280212157d09ddf9d7294. -2017-07-09 21:12:33 pubsub userUpdated readOne with user zoltan is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", +2017-07-17 00:08:02 Authorize update "update user" with user "zoltan" and role "admin" is authorized +2017-07-17 00:08:02 Authorize update "update userfield "role"" with user "zoltan" and role "admin" is authorized +2017-07-17 00:08:02 updated user 596be3c2949652fd418cc8fe. +2017-07-17 00:08:02 Authorize readOne "pubsub userUpdatedfield "role"" with user "zoltan" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: +User: "tobkle", role: "admin", id: "596be3c2949652fd418cc8fe", Operation: "", variables: "", Query: mutation { - removeUser(id: "596280212157d09ddf9d7295") + removeUser(id: "596be3c2949652fd418cc8ff") } -2017-07-09 21:12:33 removeUser delete with user tobkle is authorized -2017-07-09 21:12:33 removed user 596280212157d09ddf9d7295. -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", +2017-07-17 00:08:02 Authorize delete "removeUser" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 removed user 596be3c2949652fd418cc8ff. +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: +User: "tobkle", role: "admin", id: "596be3c2949652fd418cc8fe", Operation: "", variables: "", Query: mutation { - createTweet(input: {authorId: "596280212157d09ddf9d7294", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + createTweet(input: {authorId: "596be3c2949652fd418cc8fe", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { id } } -2017-07-09 21:12:33 insert tweet create with user tobkle is authorized -2017-07-09 21:12:33 inserted tweet 596280212157d09ddf9d7296. -2017-07-09 21:12:33 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 21:12:33 insert tweet create with user tobkle is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", +2017-07-17 00:08:02 Authorize create "insert tweet" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 inserted tweet 596be3c2949652fd418cc900. +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: +User: "tobkle", role: "admin", id: "596be3c2949652fd418cc8fe", Operation: "", variables: "", Query: { - tweet(id: "596280212157d09ddf9d7296") { + tweet(id: "596be3c2949652fd418cc900") { author { id } @@ -737,13 +845,27 @@ Query: } } -2017-07-09 21:12:33 tweet readOne with user tobkle is authorized -2017-07-09 21:12:33 inserted tweet 596280212157d09ddf9d7297. -2017-07-09 21:12:33 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 21:12:33 author readOne with user tobkle is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: +User: "tobkle", role: "admin", id: "596be3c2949652fd418cc8fe", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-17 00:08:02 Authorize create "insert tweet" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 inserted tweet 596be3c2949652fd418cc901. +2017-07-17 00:08:02 Authorize readOne "authorfield "role"" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: +User: "tobkle", role: "admin", id: "596be3c2949652fd418cc8fe", Operation: "", variables: "", Query: { @@ -755,113 +877,122 @@ Query: } } -2017-07-09 21:12:33 tweet readOne with user tobkle is authorized -2017-07-09 21:12:33 author readOne with user tobkle is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", +2017-07-17 00:08:02 Authorize readOne "authorfield "role"" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: +User: "tobkle", role: "admin", id: "596be3c2949652fd418cc8fe", Operation: "", variables: "", Query: mutation { - updateTweet(id: "596280212157d09ddf9d7296", input: {body: "This is a modified test tweet"}) { + updateTweet(id: "596be3c2949652fd418cc900", input: {body: "This is a modified test tweet"}) { body } } -2017-07-09 21:12:33 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 21:12:33 update tweet update with user tobkle is authorized -2017-07-09 21:12:33 updated tweet 596280212157d09ddf9d7296. -2017-07-09 21:12:33 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", +2017-07-17 00:08:02 Authorize update "update tweet" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 updated tweet 596be3c2949652fd418cc900. +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: +User: "tobkle", role: "admin", id: "596be3c2949652fd418cc8fe", Operation: "", variables: "", Query: mutation { - updateTweet(id: "596280212157d09ddf9d7297", input: {body: "This is a modified test tweet"}) { + updateTweet(id: "596be3c2949652fd418cc901", input: {body: "This is a modified test tweet"}) { body } } -2017-07-09 21:12:34 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 21:12:34 update tweet update with user tobkle is authorized -2017-07-09 21:12:34 updated tweet 596280212157d09ddf9d7297. -2017-07-09 21:12:34 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", +2017-07-17 00:08:02 Authorize update "update tweet" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 updated tweet 596be3c2949652fd418cc901. +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: +User: "tobkle", role: "admin", id: "596be3c2949652fd418cc8fe", Operation: "", variables: "", Query: { - tweet(id: "596280212157d09ddf9d7296") { + tweet(id: "596be3c2949652fd418cc900") { body } } -2017-07-09 21:12:34 tweet readOne with user tobkle is authorized -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: +User: "tobkle", role: "admin", id: "596be3c2949652fd418cc8fe", Operation: "", variables: "", Query: mutation { - removeTweet(id: "596280212157d09ddf9d7296") + removeTweet(id: "596be3c2949652fd418cc900") } -2017-07-09 21:12:34 removeTweet delete with user tobkle is authorized -2017-07-09 21:12:34 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 21:12:34 removed tweet 596280212157d09ddf9d7296. -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", +2017-07-17 00:08:02 Authorize delete "removeTweet" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 removed tweet 596be3c2949652fd418cc900. +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: +User: "tobkle", role: "admin", id: "596be3c2949652fd418cc8fe", Operation: "", variables: "", Query: mutation { - removeTweet(id: "596280212157d09ddf9d7297") + removeTweet(id: "596be3c2949652fd418cc901") } -2017-07-09 21:12:34 removeTweet delete with user tobkle is authorized -2017-07-09 21:12:34 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 21:12:34 removed tweet 596280212157d09ddf9d7297. -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", +2017-07-17 00:08:02 Authorize delete "removeTweet" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 removed tweet 596be3c2949652fd418cc901. +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: +User: "tobkle", role: "admin", id: "596be3c2949652fd418cc8fe", Operation: "", variables: "", Query: { - tweet(id: "596280212157d09ddf9d7296") { + tweet(id: "596be3c2949652fd418cc900") { body } } -2017-07-09 21:12:34 tweet readOne with user tobkle is authorized -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: +User: "tobkle", role: "admin", id: "596be3c2949652fd418cc8fe", Operation: "", variables: "", Query: mutation { - removeUser(id: "596280212157d09ddf9d7294") + removeUser(id: "596be3c2949652fd418cc8fe") } -2017-07-09 21:12:34 removeUser delete with user tobkle is authorized -2017-07-09 21:12:34 removed user 596280212157d09ddf9d7294. -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: +2017-07-17 00:08:02 Authorize delete "removeUser" with user "tobkle" and role "admin" is authorized +2017-07-17 00:08:02 removed user 596be3c2949652fd418cc8fe. +2017-07-17 00:08:02 ERROR Authorize readOne "user findOneLoader" with user "" and role: "null" is not authorized. +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "" and role "" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: { - user(id: "596280212157d09ddf9d7294") { + user(id: "596be3c2949652fd418cc8fe") { username bio role } } -2017-07-09 21:12:34 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: +2017-07-17 00:08:02 ERROR Cannot read property 'role' of undefined +2017-07-17 00:08:02 ERROR Authorize readOne "user findOneLoader" with user "" and role: "null" is not authorized. +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "" and role "" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -871,9 +1002,11 @@ mutation { } } -2017-07-09 21:12:34 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: +2017-07-17 00:08:02 ERROR Authorize create "insert user" with user "" and role: "null" is not authorized. +2017-07-17 00:08:02 ERROR Authorize readOne "user findOneLoader" with user "" and role: "null" is not authorized. +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "" and role "" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -885,9 +1018,11 @@ Query: } } -2017-07-09 21:12:34 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: +2017-07-17 00:08:02 ERROR Cannot read property 'role' of undefined +2017-07-17 00:08:02 ERROR Authorize readOne "user findOneLoader" with user "" and role: "null" is not authorized. +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "" and role "" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -899,9 +1034,11 @@ mutation { } } -2017-07-09 21:12:34 ERROR Authorization: Not authorized to update in update user. -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: +2017-07-17 00:08:02 ERROR Authorize update "update user" with user "" and role: "null" is not authorized. +2017-07-17 00:08:02 ERROR Authorize readOne "user findOneLoader" with user "" and role: "null" is not authorized. +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "" and role "" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -909,9 +1046,11 @@ mutation { removeUser(id: "583291a1638566b3c5a92ca1") } -2017-07-09 21:12:34 ERROR Authorization: Not authorized to delete in removeUser. -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: +2017-07-17 00:08:02 ERROR Authorize delete "removeUser" with user "" and role: "null" is not authorized. +2017-07-17 00:08:02 ERROR Authorize readOne "user findOneLoader" with user "" and role: "null" is not authorized. +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "" and role "" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -921,8 +1060,10 @@ mutation { } } -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: +2017-07-17 00:08:02 ERROR Authorize readOne "user findOneLoader" with user "" and role: "null" is not authorized. +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "" and role "" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -932,9 +1073,11 @@ mutation { } } -2017-07-09 21:12:34 ERROR Authorization: Not authorized to create in insert tweet. -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: +2017-07-17 00:08:02 ERROR Authorize create "insert tweet" with user "" and role: "null" is not authorized. +2017-07-17 00:08:02 ERROR Authorize readOne "user findOneLoader" with user "" and role: "null" is not authorized. +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "" and role "" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -947,10 +1090,11 @@ Query: } } -2017-07-09 21:12:34 tweet readOne with user is authorized -2017-07-09 21:12:34 ERROR Authorization: Not authorized to readOne in author. -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: +2017-07-17 00:08:02 ERROR Cannot read property 'role' of undefined +2017-07-17 00:08:02 ERROR Authorize readOne "user findOneLoader" with user "" and role: "null" is not authorized. +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "" and role "" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -960,10 +1104,11 @@ mutation { } } -2017-07-09 21:12:34 tweet getOneById in updateById for docBefore readOne with user is authorized -2017-07-09 21:12:34 ERROR Authorization: Not authorized to update in update tweet. -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: +2017-07-17 00:08:02 ERROR Authorize update "update tweet" with user "" and role: "null" is not authorized. +2017-07-17 00:08:02 ERROR Authorize readOne "user findOneLoader" with user "" and role: "null" is not authorized. +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "" and role "" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -973,10 +1118,11 @@ mutation { } } -2017-07-09 21:12:34 tweet getOneById in updateById for docBefore readOne with user is authorized -2017-07-09 21:12:34 ERROR Authorization: Not authorized to update in update tweet. -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: +2017-07-17 00:08:02 ERROR Authorize update "update tweet" with user "" and role: "null" is not authorized. +2017-07-17 00:08:02 ERROR Authorize readOne "user findOneLoader" with user "" and role: "null" is not authorized. +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "" and role "" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -984,10 +1130,11 @@ mutation { removeTweet(id: "583676d3618530145474e352") } -2017-07-09 21:12:34 ERROR Authorization: Not authorized to delete in removeTweet. -2017-07-09 21:12:34 tweet getOneById in removeById for docBefore readOne with user is authorized -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: +2017-07-17 00:08:02 ERROR Authorize delete "removeTweet" with user "" and role: "null" is not authorized. +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -998,12 +1145,22 @@ mutation { } } -2017-07-09 21:12:34 insert user create with user stubailo is authorized -2017-07-09 21:12:34 inserted user 596280222157d09ddf9d7298. -2017-07-09 21:12:34 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", +2017-07-17 00:08:02 Authorize create "insert user" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize create "insert userfield "role"" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 inserted user 596be3c2949652fd418cc902. +2017-07-17 00:08:02 Authorize readOne "pubsub userInsertedfield "role"" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role: "user" with +authQuery: { + "$or": [ + { + "_id": "596be3c2949652fd418cc902" + } + ] +} +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "user" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: +User: "tobkle", role: "user", id: "596be3c2949652fd418cc902", Operation: "", variables: "", Query: mutation { @@ -1012,13 +1169,23 @@ mutation { } } -2017-07-09 21:12:34 authQuery: { +2017-07-17 00:08:02 Authorize create "insert user" with user "tobkle" and role: "user" with +authQuery: { "$or": [] } -2017-07-09 21:12:34 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", +2017-07-17 00:08:02 ERROR Authorize create "insert user" with user "tobkle" and role: "user" is not authorized. +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role: "user" with +authQuery: { + "$or": [ + { + "_id": "596be3c2949652fd418cc902" + } + ] +} +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "user" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: +User: "tobkle", role: "user", id: "596be3c2949652fd418cc902", Operation: "", variables: "", Query: { @@ -1029,53 +1196,60 @@ Query: } } -2017-07-09 21:12:34 authQuery: { +2017-07-17 00:08:02 ERROR Cannot read property 'role' of undefined +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role: "user" with +authQuery: { "$or": [ { - "_id": "596280222157d09ddf9d7298" + "_id": "596be3c2949652fd418cc902" } ] } -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "user" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: +User: "tobkle", role: "user", id: "596be3c2949652fd418cc902", Operation: "", variables: "", Query: { - user(id: "596280222157d09ddf9d7298") { + user(id: "596be3c2949652fd418cc902") { username } } -2017-07-09 21:12:34 authQuery: { +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role: "user" with +authQuery: { "$or": [ { - "_id": "596280222157d09ddf9d7298" + "_id": "596be3c2949652fd418cc902" } ] } -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "user" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: +User: "tobkle", role: "user", id: "596be3c2949652fd418cc902", Operation: "", variables: "", Query: { - user(id: "596280222157d09ddf9d7298") { + user(id: "596be3c2949652fd418cc902") { username role } } -2017-07-09 21:12:34 authQuery: { +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role: "user" with +authQuery: { "$or": [ { - "_id": "596280222157d09ddf9d7298" + "_id": "596be3c2949652fd418cc902" } ] } -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "user" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: +User: "tobkle", role: "user", id: "596be3c2949652fd418cc902", Operation: "", variables: "", Query: mutation { @@ -1086,110 +1260,155 @@ mutation { } } -2017-07-09 21:12:34 authQuery: { +2017-07-17 00:08:02 Authorize update "update user" with user "tobkle" and role: "user" with +authQuery: { "$or": [ { - "_id": "596280222157d09ddf9d7298" + "_id": "596be3c2949652fd418cc902" } ] } -2017-07-09 21:12:34 ERROR Not authorized to update field "role" -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", +2017-07-17 00:08:02 Authorize update "update userfield "role"" with user "tobkle" with role "user" field "role" removed from document id "undefined". No authorization. +2017-07-17 00:08:02 updated user 583291a1638566b3c5a92ca1. +2017-07-17 00:08:02 ERROR Cannot read property 'role' of undefined +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role: "user" with +authQuery: { + "$or": [ + { + "_id": "596be3c2949652fd418cc902" + } + ] +} +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "user" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: +User: "tobkle", role: "user", id: "596be3c2949652fd418cc902", Operation: "", variables: "", Query: mutation { - updateUser(id: "596280222157d09ddf9d7298", input: {username: "tobkle", bio: "Maker of things, I guess"}) { + updateUser(id: "596be3c2949652fd418cc902", input: {username: "tobkle", bio: "Maker of things, I guess"}) { username bio } } -2017-07-09 21:12:34 authQuery: { +2017-07-17 00:08:02 Authorize update "update user" with user "tobkle" and role: "user" with +authQuery: { "$or": [ { - "_id": "596280222157d09ddf9d7298" + "_id": "596be3c2949652fd418cc902" } ] } -2017-07-09 21:12:34 updated user 596280222157d09ddf9d7298. -2017-07-09 21:12:34 authQuery: { +2017-07-17 00:08:02 updated user 596be3c2949652fd418cc902. +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role: "user" with +authQuery: { "$or": [ { - "_id": "596280222157d09ddf9d7298" + "_id": "596be3c2949652fd418cc902" } ] } -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "user" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: +User: "tobkle", role: "user", id: "596be3c2949652fd418cc902", Operation: "", variables: "", Query: mutation { - updateUser(id: "596280222157d09ddf9d7298", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + updateUser(id: "596be3c2949652fd418cc902", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { username bio role } } -2017-07-09 21:12:34 authQuery: { +2017-07-17 00:08:02 Authorize update "update user" with user "tobkle" and role: "user" with +authQuery: { + "$or": [ + { + "_id": "596be3c2949652fd418cc902" + } + ] +} +2017-07-17 00:08:02 Authorize update "update userfield "role"" with user "tobkle" with role "user" field "role" removed from document id "undefined". No authorization. +2017-07-17 00:08:02 updated user 596be3c2949652fd418cc902. +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role: "user" with +authQuery: { "$or": [ { - "_id": "596280222157d09ddf9d7298" + "_id": "596be3c2949652fd418cc902" } ] } -2017-07-09 21:12:34 ERROR Not authorized to update field "role" -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "user" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: +User: "tobkle", role: "user", id: "596be3c2949652fd418cc902", Operation: "", variables: "", Query: mutation { removeUser(id: "583291a1638566b3c5a92ca1") } -2017-07-09 21:12:34 authQuery: { +2017-07-17 00:08:02 Authorize delete "removeUser" with user "tobkle" and role: "user" with +authQuery: { "$or": [ { - "_id": "596280222157d09ddf9d7298" + "_id": "596be3c2949652fd418cc902" } ] } -2017-07-09 21:12:34 ERROR remove user failed for finalQuery: { +2017-07-17 00:08:02 ERROR remove user failed for finalQuery: { "_id": "583291a1638566b3c5a92ca1", "$or": [ { - "_id": "596280222157d09ddf9d7298" + "_id": "596be3c2949652fd418cc902" + } + ] +} +2017-07-17 00:08:02 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role: "user" with +authQuery: { + "$or": [ + { + "_id": "596be3c2949652fd418cc902" } ] } -2017-07-09 21:12:34 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "user" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: +User: "tobkle", role: "user", id: "596be3c2949652fd418cc902", Operation: "", variables: "", Query: mutation { - createTweet(input: {authorId: "596280222157d09ddf9d7298", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + createTweet(input: {authorId: "596be3c2949652fd418cc902", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { id } } -2017-07-09 21:12:34 authQuery: { +2017-07-17 00:08:02 Authorize create "insert tweet" with user "tobkle" and role: "user" with +authQuery: { "$or": [ { - "authorId": "596280222157d09ddf9d7298" + "authorId": "596be3c2949652fd418cc902" } ] } -2017-07-09 21:12:34 inserted tweet 596280222157d09ddf9d7299. -2017-07-09 21:12:34 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", +2017-07-17 00:08:02 inserted tweet 596be3c2949652fd418cc903. +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role: "user" with +authQuery: { + "$or": [ + { + "_id": "596be3c2949652fd418cc902" + } + ] +} +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "user" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: +User: "tobkle", role: "user", id: "596be3c2949652fd418cc902", Operation: "", variables: "", Query: mutation { @@ -1198,21 +1417,31 @@ mutation { } } -2017-07-09 21:12:34 authQuery: { +2017-07-17 00:08:02 Authorize create "insert tweet" with user "tobkle" and role: "user" with +authQuery: { "$or": [ { - "authorId": "596280222157d09ddf9d7298" + "authorId": "596be3c2949652fd418cc902" } ] } -2017-07-09 21:12:34 ERROR Not authorized to insert tweet -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", +2017-07-17 00:08:02 ERROR Not authorized to insert tweet +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role: "user" with +authQuery: { + "$or": [ + { + "_id": "596be3c2949652fd418cc902" + } + ] +} +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "user" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: +User: "tobkle", role: "user", id: "596be3c2949652fd418cc902", Operation: "", variables: "", Query: { - tweet(id: "596280222157d09ddf9d7299") { + tweet(id: "596be3c2949652fd418cc903") { author { id } @@ -1220,17 +1449,18 @@ Query: } } -2017-07-09 21:12:34 tweet readOne with user tobkle is authorized -2017-07-09 21:12:34 authQuery: { +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role: "user" with +authQuery: { "$or": [ { - "_id": "596280222157d09ddf9d7298" + "_id": "596be3c2949652fd418cc902" } ] } -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "user" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: +User: "tobkle", role: "user", id: "596be3c2949652fd418cc902", Operation: "", variables: "", Query: { @@ -1242,41 +1472,51 @@ Query: } } -2017-07-09 21:12:34 tweet readOne with user tobkle is authorized -2017-07-09 21:12:34 authQuery: { +2017-07-17 00:08:02 ERROR Cannot read property 'role' of undefined +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role: "user" with +authQuery: { "$or": [ { - "_id": "596280222157d09ddf9d7298" + "_id": "596be3c2949652fd418cc902" } ] } -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "user" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: +User: "tobkle", role: "user", id: "596be3c2949652fd418cc902", Operation: "", variables: "", Query: mutation { - updateTweet(id: "596280222157d09ddf9d7299", input: {body: "This is a modified test tweet"}) { + updateTweet(id: "596be3c2949652fd418cc903", input: {body: "This is a modified test tweet"}) { body } } -2017-07-09 21:12:34 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 21:12:34 authQuery: { +2017-07-17 00:08:02 Authorize update "update tweet" with user "tobkle" and role: "user" with +authQuery: { "$or": [ { - "authorId": "596280222157d09ddf9d7298" + "authorId": "596be3c2949652fd418cc902" }, { - "coauthorsIds": "596280222157d09ddf9d7298" + "coauthorsIds": "596be3c2949652fd418cc902" + } + ] +} +2017-07-17 00:08:02 updated tweet 596be3c2949652fd418cc903. +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role: "user" with +authQuery: { + "$or": [ + { + "_id": "596be3c2949652fd418cc902" } ] } -2017-07-09 21:12:34 updated tweet 596280222157d09ddf9d7299. -2017-07-09 21:12:34 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "user" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: +User: "tobkle", role: "user", id: "596be3c2949652fd418cc902", Operation: "", variables: "", Query: mutation { @@ -1285,137 +1525,185 @@ mutation { } } -2017-07-09 21:12:34 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 21:12:34 authQuery: { +2017-07-17 00:08:02 Authorize update "update tweet" with user "tobkle" and role: "user" with +authQuery: { "$or": [ { - "authorId": "596280222157d09ddf9d7298" + "authorId": "596be3c2949652fd418cc902" }, { - "coauthorsIds": "596280222157d09ddf9d7298" + "coauthorsIds": "596be3c2949652fd418cc902" } ] } -2017-07-09 21:12:34 ERROR update tweet failed finalQuery: { +2017-07-17 00:08:02 ERROR update tweet failed finalQuery: { "_id": "583676d3618530145474e352", "$or": [ { - "authorId": "596280222157d09ddf9d7298" + "authorId": "596be3c2949652fd418cc902" }, { - "coauthorsIds": "596280222157d09ddf9d7298" + "coauthorsIds": "596be3c2949652fd418cc902" } ] } -2017-07-09 21:12:34 ERROR update tweet failed for docToUpdate: { +2017-07-17 00:08:02 ERROR update tweet failed for docToUpdate: { "$set": { "body": "This is a modified test tweet", - "updatedAt": 1499627554277, - "updatedById": "596280222157d09ddf9d7298" + "updatedAt": 1500242882867, + "updatedById": "596be3c2949652fd418cc902" } } -2017-07-09 21:12:34 ERROR update tweet not possible for 583676d3618530145474e352. -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", +2017-07-17 00:08:02 ERROR update tweet not possible for 583676d3618530145474e352. +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role: "user" with +authQuery: { + "$or": [ + { + "_id": "596be3c2949652fd418cc902" + } + ] +} +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "user" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: +User: "tobkle", role: "user", id: "596be3c2949652fd418cc902", Operation: "", variables: "", Query: { - tweet(id: "596280222157d09ddf9d7299") { + tweet(id: "596be3c2949652fd418cc903") { body } } -2017-07-09 21:12:34 tweet readOne with user tobkle is authorized -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role: "user" with +authQuery: { + "$or": [ + { + "_id": "596be3c2949652fd418cc902" + } + ] +} +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "user" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: +User: "tobkle", role: "user", id: "596be3c2949652fd418cc902", Operation: "", variables: "", Query: mutation { - removeTweet(id: "596280222157d09ddf9d7299") + removeTweet(id: "596be3c2949652fd418cc903") } -2017-07-09 21:12:34 authQuery: { +2017-07-17 00:08:02 Authorize delete "removeTweet" with user "tobkle" and role: "user" with +authQuery: { + "$or": [ + { + "authorId": "596be3c2949652fd418cc902" + } + ] +} +2017-07-17 00:08:02 removed tweet 596be3c2949652fd418cc903. +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role: "user" with +authQuery: { "$or": [ { - "authorId": "596280222157d09ddf9d7298" + "_id": "596be3c2949652fd418cc902" } ] } -2017-07-09 21:12:34 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 21:12:34 removed tweet 596280222157d09ddf9d7299. -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "user" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: +User: "tobkle", role: "user", id: "596be3c2949652fd418cc902", Operation: "", variables: "", Query: mutation { removeTweet(id: "583676d3618530145474e352") } -2017-07-09 21:12:34 authQuery: { +2017-07-17 00:08:02 Authorize delete "removeTweet" with user "tobkle" and role: "user" with +authQuery: { "$or": [ { - "authorId": "596280222157d09ddf9d7298" + "authorId": "596be3c2949652fd418cc902" } ] } -2017-07-09 21:12:34 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 21:12:34 ERROR remove tweet failed for finalQuery: { +2017-07-17 00:08:02 ERROR remove tweet failed for finalQuery: { "_id": "583676d3618530145474e352", "$or": [ { - "authorId": "596280222157d09ddf9d7298" + "authorId": "596be3c2949652fd418cc902" } ] } -2017-07-09 21:12:34 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", +2017-07-17 00:08:02 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role: "user" with +authQuery: { + "$or": [ + { + "_id": "596be3c2949652fd418cc902" + } + ] +} +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "user" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: +User: "tobkle", role: "user", id: "596be3c2949652fd418cc902", Operation: "", variables: "", Query: { - tweet(id: "596280222157d09ddf9d7299") { + tweet(id: "596be3c2949652fd418cc903") { body } } -2017-07-09 21:12:34 tweet readOne with user tobkle is authorized -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role: "user" with +authQuery: { + "$or": [ + { + "_id": "596be3c2949652fd418cc902" + } + ] +} +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "user" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: +User: "tobkle", role: "user", id: "596be3c2949652fd418cc902", Operation: "", variables: "", Query: mutation { - removeUser(id: "596280222157d09ddf9d7298") + removeUser(id: "596be3c2949652fd418cc902") } -2017-07-09 21:12:34 authQuery: { +2017-07-17 00:08:02 Authorize delete "removeUser" with user "tobkle" and role: "user" with +authQuery: { "$or": [ { - "_id": "596280222157d09ddf9d7298" + "_id": "596be3c2949652fd418cc902" } ] } -2017-07-09 21:12:34 removed user 596280222157d09ddf9d7298. -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: +2017-07-17 00:08:02 removed user 596be3c2949652fd418cc902. +2017-07-17 00:08:02 ERROR Authorize readOne "user findOneLoader" with user "" and role: "null" is not authorized. +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "" and role "" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: { - user(id: "596280222157d09ddf9d7298") { + user(id: "596be3c2949652fd418cc902") { username bio role } } -2017-07-09 21:12:34 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: +2017-07-17 00:08:02 ERROR Cannot read property 'role' of undefined +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -1426,12 +1714,22 @@ mutation { } } -2017-07-09 21:12:34 insert user create with user stubailo is authorized -2017-07-09 21:12:34 inserted user 596280222157d09ddf9d729a. -2017-07-09 21:12:34 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "editor", id: "596280222157d09ddf9d729a", +2017-07-17 00:08:02 Authorize create "insert user" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize create "insert userfield "role"" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 inserted user 596be3c2949652fd418cc904. +2017-07-17 00:08:02 Authorize readOne "pubsub userInsertedfield "role"" with user "stubailo" and role "admin" is authorized +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role: "editor" with +authQuery: { + "$or": [ + { + "_id": "596be3c2949652fd418cc904" + } + ] +} +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "editor" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: +User: "tobkle", role: "editor", id: "596be3c2949652fd418cc904", Operation: "", variables: "", Query: mutation { @@ -1440,13 +1738,23 @@ mutation { } } -2017-07-09 21:12:34 authQuery: { +2017-07-17 00:08:02 Authorize create "insert user" with user "tobkle" and role: "editor" with +authQuery: { "$or": [] } -2017-07-09 21:12:34 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "editor", id: "596280222157d09ddf9d729a", +2017-07-17 00:08:02 ERROR Authorize create "insert user" with user "tobkle" and role: "editor" is not authorized. +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role: "editor" with +authQuery: { + "$or": [ + { + "_id": "596be3c2949652fd418cc904" + } + ] +} +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "editor" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: +User: "tobkle", role: "editor", id: "596be3c2949652fd418cc904", Operation: "", variables: "", Query: { @@ -1457,35 +1765,40 @@ Query: } } -2017-07-09 21:12:34 authQuery: { +2017-07-17 00:08:02 ERROR Cannot read property 'role' of undefined +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role: "editor" with +authQuery: { "$or": [ { - "_id": "596280222157d09ddf9d729a" + "_id": "596be3c2949652fd418cc904" } ] } -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "editor", id: "596280222157d09ddf9d729a", +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "editor" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: +User: "tobkle", role: "editor", id: "596be3c2949652fd418cc904", Operation: "", variables: "", Query: { - user(id: "596280222157d09ddf9d729a") { + user(id: "596be3c2949652fd418cc904") { username role } } -2017-07-09 21:12:34 authQuery: { +2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role: "editor" with +authQuery: { "$or": [ { - "_id": "596280222157d09ddf9d729a" + "_id": "596be3c2949652fd418cc904" } ] } -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "editor", id: "596280222157d09ddf9d729a", +2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "editor" is authorized +2017-07-17 00:08:02 -------------------------------------------------------------------------------- +2017-07-17 00:08:02 Request: +User: "tobkle", role: "editor", id: "596be3c2949652fd418cc904", Operation: "", variables: "", Query: mutation { @@ -1496,110 +1809,155 @@ mutation { } } -2017-07-09 21:12:34 authQuery: { +2017-07-17 00:08:02 Authorize update "update user" with user "tobkle" and role: "editor" with +authQuery: { + "$or": [ + { + "_id": "596be3c2949652fd418cc904" + } + ] +} +2017-07-17 00:08:02 Authorize update "update userfield "role"" with user "tobkle" with role "editor" field "role" removed from document id "undefined". No authorization. +2017-07-17 00:08:03 updated user 583291a1638566b3c5a92ca1. +2017-07-17 00:08:03 ERROR Cannot read property 'role' of undefined +2017-07-17 00:08:03 Authorize readOne "user findOneLoader" with user "tobkle" and role: "editor" with +authQuery: { "$or": [ { - "_id": "596280222157d09ddf9d729a" + "_id": "596be3c2949652fd418cc904" } ] } -2017-07-09 21:12:34 ERROR Not authorized to update field "role" -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "editor", id: "596280222157d09ddf9d729a", +2017-07-17 00:08:03 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "editor" is authorized +2017-07-17 00:08:03 -------------------------------------------------------------------------------- +2017-07-17 00:08:03 Request: +User: "tobkle", role: "editor", id: "596be3c2949652fd418cc904", Operation: "", variables: "", Query: mutation { - updateUser(id: "596280222157d09ddf9d729a", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { + updateUser(id: "596be3c2949652fd418cc904", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { username bio } } -2017-07-09 21:12:34 authQuery: { +2017-07-17 00:08:03 Authorize update "update user" with user "tobkle" and role: "editor" with +authQuery: { "$or": [ { - "_id": "596280222157d09ddf9d729a" + "_id": "596be3c2949652fd418cc904" } ] } -2017-07-09 21:12:34 updated user 596280222157d09ddf9d729a. -2017-07-09 21:12:34 authQuery: { +2017-07-17 00:08:03 updated user 596be3c2949652fd418cc904. +2017-07-17 00:08:03 Authorize readOne "user findOneLoader" with user "tmeasday" and role: "editor" with +authQuery: { "$or": [ { - "_id": "596280222157d09ddf9d729a" + "_id": "596be3c2949652fd418cc904" } ] } -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tmeasday", role: "editor", id: "596280222157d09ddf9d729a", +2017-07-17 00:08:03 Authorize readOne "tweet findOneLoader" with user "tmeasday" and role "editor" is authorized +2017-07-17 00:08:03 -------------------------------------------------------------------------------- +2017-07-17 00:08:03 Request: +User: "tmeasday", role: "editor", id: "596be3c2949652fd418cc904", Operation: "", variables: "", Query: mutation { - updateUser(id: "596280222157d09ddf9d729a", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { + updateUser(id: "596be3c2949652fd418cc904", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { username bio role } } -2017-07-09 21:12:34 authQuery: { +2017-07-17 00:08:03 Authorize update "update user" with user "tmeasday" and role: "editor" with +authQuery: { "$or": [ { - "_id": "596280222157d09ddf9d729a" + "_id": "596be3c2949652fd418cc904" } ] } -2017-07-09 21:12:34 ERROR Not authorized to update field "role" -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tmeasday", role: "editor", id: "596280222157d09ddf9d729a", +2017-07-17 00:08:03 Authorize update "update userfield "role"" with user "tmeasday" with role "editor" field "role" removed from document id "undefined". No authorization. +2017-07-17 00:08:03 updated user 596be3c2949652fd418cc904. +2017-07-17 00:08:03 Authorize readOne "user findOneLoader" with user "tmeasday" and role: "editor" with +authQuery: { + "$or": [ + { + "_id": "596be3c2949652fd418cc904" + } + ] +} +2017-07-17 00:08:03 Authorize readOne "tweet findOneLoader" with user "tmeasday" and role "editor" is authorized +2017-07-17 00:08:03 -------------------------------------------------------------------------------- +2017-07-17 00:08:03 Request: +User: "tmeasday", role: "editor", id: "596be3c2949652fd418cc904", Operation: "", variables: "", Query: mutation { removeUser(id: "583291a1638566b3c5a92ca1") } -2017-07-09 21:12:34 authQuery: { +2017-07-17 00:08:03 Authorize delete "removeUser" with user "tmeasday" and role: "editor" with +authQuery: { "$or": [ { - "_id": "596280222157d09ddf9d729a" + "_id": "596be3c2949652fd418cc904" } ] } -2017-07-09 21:12:34 ERROR remove user failed for finalQuery: { +2017-07-17 00:08:03 ERROR remove user failed for finalQuery: { "_id": "583291a1638566b3c5a92ca1", "$or": [ { - "_id": "596280222157d09ddf9d729a" + "_id": "596be3c2949652fd418cc904" } ] } -2017-07-09 21:12:34 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tmeasday", role: "editor", id: "596280222157d09ddf9d729a", +2017-07-17 00:08:03 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-07-17 00:08:03 Authorize readOne "user findOneLoader" with user "tmeasday" and role: "editor" with +authQuery: { + "$or": [ + { + "_id": "596be3c2949652fd418cc904" + } + ] +} +2017-07-17 00:08:03 Authorize readOne "tweet findOneLoader" with user "tmeasday" and role "editor" is authorized +2017-07-17 00:08:03 -------------------------------------------------------------------------------- +2017-07-17 00:08:03 Request: +User: "tmeasday", role: "editor", id: "596be3c2949652fd418cc904", Operation: "", variables: "", Query: mutation { - createTweet(input: {authorId: "596280222157d09ddf9d729a", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + createTweet(input: {authorId: "596be3c2949652fd418cc904", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { id } } -2017-07-09 21:12:34 authQuery: { +2017-07-17 00:08:03 Authorize create "insert tweet" with user "tmeasday" and role: "editor" with +authQuery: { "$or": [ { - "authorId": "596280222157d09ddf9d729a" + "authorId": "596be3c2949652fd418cc904" } ] } -2017-07-09 21:12:34 inserted tweet 596280222157d09ddf9d729b. -2017-07-09 21:12:34 pubsub tweetInserted readOne with user tmeasday is authorized -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tmeasday", role: "editor", id: "596280222157d09ddf9d729a", +2017-07-17 00:08:03 inserted tweet 596be3c3949652fd418cc905. +2017-07-17 00:08:03 Authorize readOne "user findOneLoader" with user "tmeasday" and role: "editor" with +authQuery: { + "$or": [ + { + "_id": "596be3c2949652fd418cc904" + } + ] +} +2017-07-17 00:08:03 Authorize readOne "tweet findOneLoader" with user "tmeasday" and role "editor" is authorized +2017-07-17 00:08:03 -------------------------------------------------------------------------------- +2017-07-17 00:08:03 Request: +User: "tmeasday", role: "editor", id: "596be3c2949652fd418cc904", Operation: "", variables: "", Query: mutation { @@ -1608,21 +1966,31 @@ mutation { } } -2017-07-09 21:12:34 authQuery: { +2017-07-17 00:08:03 Authorize create "insert tweet" with user "tmeasday" and role: "editor" with +authQuery: { + "$or": [ + { + "authorId": "596be3c2949652fd418cc904" + } + ] +} +2017-07-17 00:08:03 ERROR Not authorized to insert tweet +2017-07-17 00:08:03 Authorize readOne "user findOneLoader" with user "tmeasday" and role: "editor" with +authQuery: { "$or": [ { - "authorId": "596280222157d09ddf9d729a" + "_id": "596be3c2949652fd418cc904" } ] } -2017-07-09 21:12:34 ERROR Not authorized to insert tweet -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tmeasday", role: "editor", id: "596280222157d09ddf9d729a", +2017-07-17 00:08:03 Authorize readOne "tweet findOneLoader" with user "tmeasday" and role "editor" is authorized +2017-07-17 00:08:03 -------------------------------------------------------------------------------- +2017-07-17 00:08:03 Request: +User: "tmeasday", role: "editor", id: "596be3c2949652fd418cc904", Operation: "", variables: "", Query: { - tweet(id: "596280222157d09ddf9d729b") { + tweet(id: "596be3c3949652fd418cc905") { author { id } @@ -1630,17 +1998,18 @@ Query: } } -2017-07-09 21:12:34 tweet readOne with user tmeasday is authorized -2017-07-09 21:12:34 authQuery: { +2017-07-17 00:08:03 Authorize readOne "user findOneLoader" with user "tmeasday" and role: "editor" with +authQuery: { "$or": [ { - "_id": "596280222157d09ddf9d729a" + "_id": "596be3c2949652fd418cc904" } ] } -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tmeasday", role: "editor", id: "596280222157d09ddf9d729a", +2017-07-17 00:08:03 Authorize readOne "tweet findOneLoader" with user "tmeasday" and role "editor" is authorized +2017-07-17 00:08:03 -------------------------------------------------------------------------------- +2017-07-17 00:08:03 Request: +User: "tmeasday", role: "editor", id: "596be3c2949652fd418cc904", Operation: "", variables: "", Query: { @@ -1652,41 +2021,51 @@ Query: } } -2017-07-09 21:12:34 tweet readOne with user tmeasday is authorized -2017-07-09 21:12:34 authQuery: { +2017-07-17 00:08:03 ERROR Cannot read property 'role' of undefined +2017-07-17 00:08:03 Authorize readOne "user findOneLoader" with user "tmeasday" and role: "editor" with +authQuery: { "$or": [ { - "_id": "596280222157d09ddf9d729a" + "_id": "596be3c2949652fd418cc904" } ] } -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tmeasday", role: "editor", id: "596280222157d09ddf9d729a", +2017-07-17 00:08:03 Authorize readOne "tweet findOneLoader" with user "tmeasday" and role "editor" is authorized +2017-07-17 00:08:03 -------------------------------------------------------------------------------- +2017-07-17 00:08:03 Request: +User: "tmeasday", role: "editor", id: "596be3c2949652fd418cc904", Operation: "", variables: "", Query: mutation { - updateTweet(id: "596280222157d09ddf9d729b", input: {body: "This is a modified test tweet"}) { + updateTweet(id: "596be3c3949652fd418cc905", input: {body: "This is a modified test tweet"}) { body } } -2017-07-09 21:12:34 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized -2017-07-09 21:12:34 authQuery: { +2017-07-17 00:08:03 Authorize update "update tweet" with user "tmeasday" and role: "editor" with +authQuery: { "$or": [ { - "authorId": "596280222157d09ddf9d729a" + "authorId": "596be3c2949652fd418cc904" }, { - "coauthorsIds": "596280222157d09ddf9d729a" + "coauthorsIds": "596be3c2949652fd418cc904" } ] } -2017-07-09 21:12:34 updated tweet 596280222157d09ddf9d729b. -2017-07-09 21:12:34 pubsub tweetUpdated readOne with user tmeasday is authorized -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tmeasday", role: "editor", id: "596280222157d09ddf9d729a", +2017-07-17 00:08:03 updated tweet 596be3c3949652fd418cc905. +2017-07-17 00:08:03 Authorize readOne "user findOneLoader" with user "tmeasday" and role: "editor" with +authQuery: { + "$or": [ + { + "_id": "596be3c2949652fd418cc904" + } + ] +} +2017-07-17 00:08:03 Authorize readOne "tweet findOneLoader" with user "tmeasday" and role "editor" is authorized +2017-07-17 00:08:03 -------------------------------------------------------------------------------- +2017-07-17 00:08:03 Request: +User: "tmeasday", role: "editor", id: "596be3c2949652fd418cc904", Operation: "", variables: "", Query: mutation { @@ -1695,132 +2074,178 @@ mutation { } } -2017-07-09 21:12:34 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized -2017-07-09 21:12:34 authQuery: { +2017-07-17 00:08:03 Authorize update "update tweet" with user "tmeasday" and role: "editor" with +authQuery: { "$or": [ { - "authorId": "596280222157d09ddf9d729a" + "authorId": "596be3c2949652fd418cc904" }, { - "coauthorsIds": "596280222157d09ddf9d729a" + "coauthorsIds": "596be3c2949652fd418cc904" } ] } -2017-07-09 21:12:34 ERROR update tweet failed finalQuery: { +2017-07-17 00:08:03 ERROR update tweet failed finalQuery: { "_id": "583676d3618530145474e352", "$or": [ { - "authorId": "596280222157d09ddf9d729a" + "authorId": "596be3c2949652fd418cc904" }, { - "coauthorsIds": "596280222157d09ddf9d729a" + "coauthorsIds": "596be3c2949652fd418cc904" } ] } -2017-07-09 21:12:34 ERROR update tweet failed for docToUpdate: { +2017-07-17 00:08:03 ERROR update tweet failed for docToUpdate: { "$set": { "body": "This is a modified test tweet", - "updatedAt": 1499627554467, - "updatedById": "596280222157d09ddf9d729a" + "updatedAt": 1500242883108, + "updatedById": "596be3c2949652fd418cc904" } } -2017-07-09 21:12:34 ERROR update tweet not possible for 583676d3618530145474e352. -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tmeasday", role: "editor", id: "596280222157d09ddf9d729a", +2017-07-17 00:08:03 ERROR update tweet not possible for 583676d3618530145474e352. +2017-07-17 00:08:03 Authorize readOne "user findOneLoader" with user "tmeasday" and role: "editor" with +authQuery: { + "$or": [ + { + "_id": "596be3c2949652fd418cc904" + } + ] +} +2017-07-17 00:08:03 Authorize readOne "tweet findOneLoader" with user "tmeasday" and role "editor" is authorized +2017-07-17 00:08:03 -------------------------------------------------------------------------------- +2017-07-17 00:08:03 Request: +User: "tmeasday", role: "editor", id: "596be3c2949652fd418cc904", Operation: "", variables: "", Query: { - tweet(id: "596280222157d09ddf9d729b") { + tweet(id: "596be3c3949652fd418cc905") { body } } -2017-07-09 21:12:34 tweet readOne with user tmeasday is authorized -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tmeasday", role: "editor", id: "596280222157d09ddf9d729a", +2017-07-17 00:08:03 Authorize readOne "user findOneLoader" with user "tmeasday" and role: "editor" with +authQuery: { + "$or": [ + { + "_id": "596be3c2949652fd418cc904" + } + ] +} +2017-07-17 00:08:03 Authorize readOne "tweet findOneLoader" with user "tmeasday" and role "editor" is authorized +2017-07-17 00:08:03 -------------------------------------------------------------------------------- +2017-07-17 00:08:03 Request: +User: "tmeasday", role: "editor", id: "596be3c2949652fd418cc904", Operation: "", variables: "", Query: mutation { - removeTweet(id: "596280222157d09ddf9d729b") + removeTweet(id: "596be3c3949652fd418cc905") } -2017-07-09 21:12:34 authQuery: { +2017-07-17 00:08:03 Authorize delete "removeTweet" with user "tmeasday" and role: "editor" with +authQuery: { "$or": [ { - "authorId": "596280222157d09ddf9d729a" + "authorId": "596be3c2949652fd418cc904" } ] } -2017-07-09 21:12:34 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized -2017-07-09 21:12:34 removed tweet 596280222157d09ddf9d729b. -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tmeasday", role: "editor", id: "596280222157d09ddf9d729a", +2017-07-17 00:08:03 removed tweet 596be3c3949652fd418cc905. +2017-07-17 00:08:03 Authorize readOne "user findOneLoader" with user "tmeasday" and role: "editor" with +authQuery: { + "$or": [ + { + "_id": "596be3c2949652fd418cc904" + } + ] +} +2017-07-17 00:08:03 Authorize readOne "tweet findOneLoader" with user "tmeasday" and role "editor" is authorized +2017-07-17 00:08:03 -------------------------------------------------------------------------------- +2017-07-17 00:08:03 Request: +User: "tmeasday", role: "editor", id: "596be3c2949652fd418cc904", Operation: "", variables: "", Query: mutation { removeTweet(id: "583676d3618530145474e352") } -2017-07-09 21:12:34 authQuery: { +2017-07-17 00:08:03 Authorize delete "removeTweet" with user "tmeasday" and role: "editor" with +authQuery: { "$or": [ { - "authorId": "596280222157d09ddf9d729a" + "authorId": "596be3c2949652fd418cc904" } ] } -2017-07-09 21:12:34 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized -2017-07-09 21:12:34 ERROR remove tweet failed for finalQuery: { +2017-07-17 00:08:03 ERROR remove tweet failed for finalQuery: { "_id": "583676d3618530145474e352", "$or": [ { - "authorId": "596280222157d09ddf9d729a" + "authorId": "596be3c2949652fd418cc904" + } + ] +} +2017-07-17 00:08:03 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-07-17 00:08:03 Authorize readOne "user findOneLoader" with user "tmeasday" and role: "editor" with +authQuery: { + "$or": [ + { + "_id": "596be3c2949652fd418cc904" } ] } -2017-07-09 21:12:34 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tmeasday", role: "editor", id: "596280222157d09ddf9d729a", +2017-07-17 00:08:03 Authorize readOne "tweet findOneLoader" with user "tmeasday" and role "editor" is authorized +2017-07-17 00:08:03 -------------------------------------------------------------------------------- +2017-07-17 00:08:03 Request: +User: "tmeasday", role: "editor", id: "596be3c2949652fd418cc904", Operation: "", variables: "", Query: { - tweet(id: "596280222157d09ddf9d729b") { + tweet(id: "596be3c3949652fd418cc905") { body } } -2017-07-09 21:12:34 tweet readOne with user tmeasday is authorized -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tmeasday", role: "editor", id: "596280222157d09ddf9d729a", +2017-07-17 00:08:03 Authorize readOne "user findOneLoader" with user "tmeasday" and role: "editor" with +authQuery: { + "$or": [ + { + "_id": "596be3c2949652fd418cc904" + } + ] +} +2017-07-17 00:08:03 Authorize readOne "tweet findOneLoader" with user "tmeasday" and role "editor" is authorized +2017-07-17 00:08:03 -------------------------------------------------------------------------------- +2017-07-17 00:08:03 Request: +User: "tmeasday", role: "editor", id: "596be3c2949652fd418cc904", Operation: "", variables: "", Query: mutation { - removeUser(id: "596280222157d09ddf9d729a") + removeUser(id: "596be3c2949652fd418cc904") } -2017-07-09 21:12:34 authQuery: { +2017-07-17 00:08:03 Authorize delete "removeUser" with user "tmeasday" and role: "editor" with +authQuery: { "$or": [ { - "_id": "596280222157d09ddf9d729a" + "_id": "596be3c2949652fd418cc904" } ] } -2017-07-09 21:12:34 removed user 596280222157d09ddf9d729a. -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: +2017-07-17 00:08:03 removed user 596be3c2949652fd418cc904. +2017-07-17 00:08:03 ERROR Authorize readOne "user findOneLoader" with user "" and role: "null" is not authorized. +2017-07-17 00:08:03 Authorize readOne "tweet findOneLoader" with user "" and role "" is authorized +2017-07-17 00:08:03 -------------------------------------------------------------------------------- +2017-07-17 00:08:03 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: { - user(id: "596280222157d09ddf9d729a") { + user(id: "596be3c2949652fd418cc904") { username bio role } } -2017-07-09 21:12:34 ERROR Authorization: Not authorized to readOne in user. +2017-07-17 00:08:03 ERROR Cannot read property 'role' of undefined From 69954ce23fd53e4259a392e281e8a934128ce967 Mon Sep 17 00:00:00 2001 From: Tobias Klemmer Date: Mon, 17 Jul 2017 00:46:36 +0200 Subject: [PATCH 21/69] merge correction --- test/output-app/README.md | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/test/output-app/README.md b/test/output-app/README.md index 906f434..6d8b377 100644 --- a/test/output-app/README.md +++ b/test/output-app/README.md @@ -249,7 +249,6 @@ import { queryForRoles, findByIds } from '../server/authorize'; export default class { constructor(context){ -<<<<<<< HEAD ... const { me, User } = context; let authQuery; @@ -262,15 +261,6 @@ export default class { this.unauthorizedLoader = new DataLoader(ids => findByIds(this.collection, ids)); this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); ... -======= - ... - - this.unauthorizedLoader = new DataLoader(ids => findByIds(this.collection, ids)); - - const { user: me, User } = context; - const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readOne', { User }, 'findOneLoader'); - this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); ->>>>>>> 151b0b403ce6a91e6b8b05ba8bc51f7efe563f8e } ... // used from server calls, without authorization checks, NOT for use in resolvers From 755b2241d2fa2f5cfe39abd258e5694aaa183203 Mon Sep 17 00:00:00 2001 From: Tobias Klemmer Date: Tue, 18 Jul 2017 23:55:55 +0200 Subject: [PATCH 22/69] authorization-simple --- test/input/User.graphql | 5 +- .../scripts/run-end-to-end-tests.sh | 9 +- .../test-5-mutations-with-user-role-user.js | 8 + .../test-6-mutations-with-user-role-editor.js | 8 + test/output-app/README.md | 616 ++---- test/output-app/model/Tweet.js | 101 +- test/output-app/model/User.js | 167 +- test/output-app/resolvers/Tweet.js | 18 +- test/output-app/resolvers/User.js | 20 +- test/output-app/server/authorize.js | 119 +- .../server/logs/all-logs-readable.log | 1698 ++++++++--------- 11 files changed, 1141 insertions(+), 1628 deletions(-) diff --git a/test/input/User.graphql b/test/input/User.graphql index fb57e40..86b3007 100644 --- a/test/input/User.graphql +++ b/test/input/User.graphql @@ -2,12 +2,11 @@ type User @authorize( admin: ["create", "read", "update", "delete"] - this: ["readOne", "update", "delete"] + this: ["read", "update", "delete"] ) { - role: String @authRole("admin") @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) - + role: String @authRole("admin") username: String! bio: String diff --git a/test/output-app-end-to-end/scripts/run-end-to-end-tests.sh b/test/output-app-end-to-end/scripts/run-end-to-end-tests.sh index 5d2d677..6746686 100755 --- a/test/output-app-end-to-end/scripts/run-end-to-end-tests.sh +++ b/test/output-app-end-to-end/scripts/run-end-to-end-tests.sh @@ -27,10 +27,8 @@ mongoimport --drop --host 127.0.0.1:3002 --db database --collection tweet "$SEED echo "running tests" -$MOCHA "$TEST_DIR" - -echo "Please consider the log file for debugging $LOG_FILE" -echo "" +# Test all... + $MOCHA "$TEST_DIR" # Test only specific test files... # $MOCHA "$TEST_DIR/test-1-roles.js" @@ -39,3 +37,6 @@ echo "" # $MOCHA "$TEST_DIR/test-4-mutations-with-unknown-user.js" # $MOCHA "$TEST_DIR/test-5-mutations-with-user-role-user.js" # $MOCHA "$TEST_DIR/test-6-mutations-with-user-role-editor.js" + +echo "Please consider the log file for debugging $LOG_FILE" +echo "" diff --git a/test/output-app-end-to-end/test-5-mutations-with-user-role-user.js b/test/output-app-end-to-end/test-5-mutations-with-user-role-user.js index 0e994fb..aa585f8 100644 --- a/test/output-app-end-to-end/test-5-mutations-with-user-role-user.js +++ b/test/output-app-end-to-end/test-5-mutations-with-user-role-user.js @@ -59,6 +59,10 @@ describe('test-5: user with role "user"', () => { newUser = result.data.createUser.id; done(); }) + .catch(err => { + console.log(err); + done(); + }); }); describe('on type "user" (part 1)...', () => { @@ -235,6 +239,10 @@ describe('test-5: user with role "user"', () => { tweetId = result.data.createTweet.id; done(); }) + .catch(err => { + console.log(err); + done(); + }); }); it('can create tweet for himself', () => { diff --git a/test/output-app-end-to-end/test-6-mutations-with-user-role-editor.js b/test/output-app-end-to-end/test-6-mutations-with-user-role-editor.js index cf3b7e5..5cdc327 100644 --- a/test/output-app-end-to-end/test-6-mutations-with-user-role-editor.js +++ b/test/output-app-end-to-end/test-6-mutations-with-user-role-editor.js @@ -59,6 +59,10 @@ describe('test-6: user with role "editor"', () => { newUser = result.data.createUser.id; done(); }) + .catch(err => { + console.log(err); + done(); + }); }); describe('on type "user" (part 1)...', () => { @@ -224,6 +228,10 @@ describe('test-6: user with role "editor"', () => { tweetId = result.data.createTweet.id; done(); }) + .catch(err => { + console.log(err); + done(); + }); }); it('can create tweet for himself', () => { diff --git a/test/output-app/README.md b/test/output-app/README.md index 6d8b377..1a4ddd4 100644 --- a/test/output-app/README.md +++ b/test/output-app/README.md @@ -198,12 +198,11 @@ type User @authorize( admin: ["create", "read", "update", "delete"] - this: ["readOne", "update", "delete"] + this: ["read", "update", "delete"] ) { - role: String @authRole("admin") @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) - + role: String @authRole("admin") username: String! bio: String @@ -225,19 +224,6 @@ This has the following meaning: * document-role: "this", is created (document roles have own fields in the document, but this is a special case for the field _id, which is not shown in the input type, but will be generated in the later schema file.) Only the user id of "this" meaning _id is allowed to readOne, update, delete its single User document. -Here we use also the @authorize directive on field level for the field role: -```javascript -... -role: String @authRole("admin") @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) -... -``` -This adds additional authorization checks on the field level just for this field "role". -Every time this field "role" appears in any document, it will be checked, if the user is authorized to do the operation on this document containing this field. If the field is not in the document, it skips the field check. - -In this case it checks: -* if the user-role "admin" is the authorized user, then it allows him to create, read, update, delete operations also on the document, if it contains the field "role" -* if the document-role "this" (=owner of the document user._id_ = doc._id_) to do the operations "readOne" on the User document, but it doesn't allow him to upgrade/update his own User.role. - Use create-graphql-server cli to generate the according schema, resolver, model files with the create-graphql-server command line interface. After its generation, you will find the generated files in the sub folders: schema, resolvers, model folders. The generated model files will use the following functions to implement the authorization logic. ### model.js @@ -248,39 +234,27 @@ import DataLoader from 'dataloader'; import { queryForRoles, findByIds } from '../server/authorize'; export default class { - constructor(context){ - ... - const { me, User } = context; - let authQuery; - try { - authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User }, authlog('tweet findOneLoader', 'readOne', me)); - } catch (err) { - log.error(err.message); - authQuery = {_id: false}; - } - this.unauthorizedLoader = new DataLoader(ids => findByIds(this.collection, ids)); - this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); - ... - } + constructor(context) { + ... + let authQuery; + try { + const { me, User } = context; + authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User }, authlog('tweet findOneById', 'readOne', me)); + } catch (err) { + log.error(err.message); + authQuery = {_id: false}; // otherwise admin access + } + this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); + } ... -// used from server calls, without authorization checks, NOT for use in resolvers -async findOneById(id, me = {}, resolver = 'tweet findOneById') { +async findOneById(id, me, resolver) { try { - return await this.unauthorizedLoader.load(id); + return await this.authorizedLoader.load(id); } catch (err) { log.error(err.message); } } -// used for api calls, with authorization checks, for use in resolvers -async getOneById(id, me = {}, resolver = 'tweet getOneById') { +find({ lastCreatedAt = 0, limit = 10, baseQuery = { createdAt: { $gt: lastCreatedAt } } }, me, resolver) { try { - const result = await this.authorizedLoader.load(id); - return result; - } catch (err) { log.error(err.message); } -} - -all({ lastCreatedAt = 0, limit = 10 }, me, resolver = 'tweet all') { - try { - const baseQuery = { createdAt: { $gt: lastCreatedAt } }; const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); const finalQuery = {...baseQuery, ...authQuery}; return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); @@ -294,163 +268,118 @@ all({ lastCreatedAt = 0, limit = 10 }, me, resolver = 'tweet all') { generated model file for the above input type Tweet.graphql: this.auth is generated by the @authorize directive. You can see, the directive argument "read" is used to express "readOne" and "readMany" at the same time. Instead you can use "readOne" and "readMany" for fine grained control on read operations, to allow access to just one record or many records. ```javascript -iimport log from '../server/logger'; +import log from '../server/logger'; import DataLoader from 'dataloader'; -import { findByIds, queryForRoles, fieldForRoles, fieldContainsUserId, authorizedFields, authlog } from '../server/authorize'; +import { findByIds, queryForRoles, authlog, checkAuthDoc } from '../server/authorize'; export default class Tweet { constructor(context) { this.context = context; this.collection = context.db.collection('tweet'); this.pubsub = context.pubsub; - const { me, User } = context; let authQuery; try { - authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User }, authlog('tweet findOneLoader', 'readOne', me)); + const { me, User } = context; + authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User }, authlog('tweet findOneById', 'readOne', me)); } catch (err) { log.error(err.message); - authQuery = {_id: false}; + authQuery = {_id: false}; // otherwise admin access } - this.unauthorizedLoader = new DataLoader(ids => findByIds(this.collection, ids)); this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); } - // used from server calls, without authorization checks, NOT for use in resolvers - async findOneById(id, me = {}, resolver = 'tweet findOneById') { - try { - return await this.unauthorizedLoader.load(id); - } catch (err) { log.error(err.message); } - } - - // used for api calls, with authorization checks, for use in resolvers - async getOneById(id, me = {}, resolver = 'tweet getOneById') { + async findOneById(id, me, resolver) { try { - const result = await this.authorizedLoader.load(id); - return result; + return await this.authorizedLoader.load(id); } catch (err) { log.error(err.message); } } - all({ lastCreatedAt = 0, limit = 10 }, me, resolver = 'tweet all') { + find({ lastCreatedAt = 0, limit = 10, baseQuery = { createdAt: { $gt: lastCreatedAt } } }, me, resolver) { try { - const baseQuery = { createdAt: { $gt: lastCreatedAt } }; const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); const finalQuery = {...baseQuery, ...authQuery}; return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } catch (err){ log.error(err.message); } } - author(tweet, me, resolver = 'tweet author') { - return this.context.User.getOneById(tweet.authorId, me, resolver); + createdBy(tweet, me, resolver) { + return this.context.User.findOneById(tweet.createdById, me, resolver); } - createdBy(tweet, me, resolver = 'tweet createdBy') { - return this.context.User.getOneById(tweet.createdById, me, resolver); + updatedBy(tweet, me, resolver) { + return this.context.User.findOneById(tweet.updatedById, me, resolver); } - updatedBy(tweet, me, resolver = 'tweet updatedBy') { - return this.context.User.getOneById(tweet.updatedById, me, resolver); + author(tweet, me, resolver) { + return this.context.User.findOneById(tweet.authorId, me, resolver); } - coauthors(tweet, { lastCreatedAt = 0, limit = 10 }, me, resolver = 'tweet coauthors') { - try { - const baseQuery = {_id: { $in: tweet.coauthorsIds }, createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); - const finalQuery = {...baseQuery, ...authQuery}; - return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); - } catch (err){ log.error(err.message); } + coauthors(tweet, { lastCreatedAt = 0, limit = 10 }, me, resolver) { + const baseQuery = {_id: { $in: tweet.coauthorsIds }, createdAt: { $gt: lastCreatedAt } }; + return this.context.User.find({ lastCreatedAt, limit, baseQuery }, me, resolver); } - likers(tweet, { lastCreatedAt = 0, limit = 10 }, me, resolver = 'tweet likers') { - try { - const baseQuery = {likedIds: tweet._id, createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); - const finalQuery = {...baseQuery, ...authQuery}; - return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); - } catch (err){ log.error(err.message); } + likers(tweet, { lastCreatedAt = 0, limit = 10 }, me, resolver) { + const baseQuery = {likedIds: tweet._id, createdAt: { $gt: lastCreatedAt } }; + return this.context.User.find({ lastCreatedAt, limit, baseQuery }, me, resolver); } - async insert(doc, me, resolver = 'insert tweet') { + async insert(doc, me, resolver) { try { - let insertedDoc = null; let docToInsert = Object.assign({}, doc, { createdAt: Date.now(), updatedAt: Date.now(), createdById: (me && me._id) ? me._id : 'unknown', updatedById: (me && me._id) ? me._id : 'unknown', }); - - const authQuery = queryForRoles(me, ['admin'], ['authorId'], { User: this.context.User }, authlog(resolver, 'create', me)); - - const docRoleFields = ['authorId'].map(key => ({ [key]: docToInsert[key] }) ); - if (Object.keys(authQuery).length > 0 && !fieldContainsUserId(docRoleFields, me._id)) { - throw new Error('Not authorized to insert tweet'); - } - + log.debug(JSON.stringify(docToInsert, null, 2)); + // const authQuery = queryForRoles(me, ['admin'], ['authorId'], { User: this.context.User }, authlog(resolver, 'create', me)); + checkAuthDoc(docToInsert, me, ['admin'], ['authorId'], { User: this.context.User }, authlog(resolver, 'create', me)); const id = (await this.collection.insertOne(docToInsert)).insertedId; if (!id) { - log.error('insert tweet failed for docToInsert:', JSON.stringify(docToInsert, null, 2)); - throw new Error(`insert tweet not possible for ${id}.`); + throw new Error(`insert tweet not possible.`); } - log.debug(`inserted tweet ${id}.`); - insertedDoc = this.getOneById(id, me, 'pubsub tweetInserted'); + const insertedDoc = this.findOneById(id, me, 'pubsub tweetInserted'); this.pubsub.publish('tweetInserted', insertedDoc); return insertedDoc; - } catch (err){ log.error(err.message); } } - async updateById(id, doc, me, resolver = 'update tweet') { + async updateById(id, doc, me, resolver) { try { - let updatedDoc = null; - const docBefore = await this.getOneById(id, me, 'tweet getOneById in updateById for docBefore'); let docToUpdate = {$set: Object.assign({}, doc, { updatedAt: Date.now(), updatedById: (me && me._id) ? me._id : 'unknown', })}; - const baseQuery = {_id: id}; const authQuery = queryForRoles(me, ['admin'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'update', me)); - const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.updateOne(finalQuery, docToUpdate); if (result.result.ok !== 1 || result.result.n !== 1){ - log.error(`update tweet failed finalQuery:`, JSON.stringify(finalQuery, null, 2)); - log.error('update tweet failed for docToUpdate:', JSON.stringify(docToUpdate, null, 2)); throw new Error(`update tweet not possible for ${id}.`); } - log.debug(`updated tweet ${id}.`); - this.unauthorizedLoader.clear(id); this.authorizedLoader.clear(id); - - updatedDoc = this.getOneById(id, me, 'pubsub tweetUpdated'); + const updatedDoc = this.findOneById(id, me, 'pubsub tweetUpdated'); this.pubsub.publish('tweetUpdated', updatedDoc); return updatedDoc; - } catch (err){ log.error(err.message); } } - async removeById(id, me, resolver = 'remove tweet') { + async removeById(id, me, resolver) { try { - const docBefore = this.getOneById(id, me, 'tweet getOneById in removeById for docBefore'); const baseQuery = {_id: id}; const authQuery = queryForRoles(me, ['admin'], ['authorId'], { User: this.context.User }, authlog(resolver, 'delete', me)); const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.remove(finalQuery); - if (result.result.ok !== 1 || result.result.n !== 1){ - log.error(`remove tweet failed for finalQuery:`, JSON.stringify(finalQuery, null, 2)); throw new Error(`remove tweet not possible for ${id}.`); } - log.debug(`removed tweet ${id}.`); - this.unauthorizedLoader.clear(id); this.authorizedLoader.clear(id); - this.pubsub.publish('tweetRemoved', id); return result; - } catch (err){ log.error(err.message); } } } @@ -463,207 +392,144 @@ this.auth is generated by the @authorize directive. Here also with field authori ```javascript import log from '../server/logger'; import DataLoader from 'dataloader'; -import { findByIds, queryForRoles, fieldForRoles, fieldContainsUserId, authorizedFields, authlog } from '../server/authorize'; +import { findByIds, queryForRoles, authlog, checkAuthDoc } from '../server/authorize'; export default class User { constructor(context) { this.context = context; this.collection = context.db.collection('user'); this.pubsub = context.pubsub; - const { me } = context; - this.authRole = User.authRole; // otherwise not accessible in queryForRoles + this.authRole = User.authRole; let authQuery; try { - authQuery = queryForRoles(me, ['admin'], ['_id'], { User }, authlog('user findOneLoader', 'readOne', me)); + const { me } = context; + authQuery = queryForRoles(me, ['admin'], ['_id'], { User }, authlog('user findOneById', 'readOne', me)); } catch (err) { log.error(err.message); - authQuery = {_id: false}; + authQuery = {_id: false}; // otherwise admin access } - this.unauthorizedLoader = new DataLoader(ids => findByIds(this.collection, ids)); this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); } - // returns the role of the user static authRole(user){ return (user && user.role) ? user.role : null; } - // used from server calls, without authorization checks, NOT for use in resolvers - async findOneById(id, me = {}, resolver = 'user findOneById') { + async findOneById(id, me, resolver) { try { - return await this.unauthorizedLoader.load(id); + return await this.authorizedLoader.load(id); } catch (err) { log.error(err.message); } } - // used for api calls, with authorization checks, for use in resolvers - async getOneById(id, me = {}, resolver = 'user getOneById') { + find({ lastCreatedAt = 0, limit = 10, baseQuery = { createdAt: { $gt: lastCreatedAt } } }, me, resolver) { try { - const result = await this.authorizedLoader.load(id); - // role: @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) - // ===== ====== ==== ======= - return authorizedFields(result, 'role', me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver + 'field "role"', 'readOne', me)); + const authQuery = queryForRoles(me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'readMany', me)); + const finalQuery = {...baseQuery, ...authQuery}; + return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } catch (err) { log.error(err.message); } } - all({ lastCreatedAt = 0, limit = 10 }, me, resolver = 'user all') { - try { - const baseQuery = { createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(me, ['admin'], [], { User: this.context.User }, authlog(resolver, 'readMany', me)); - // role: @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) - // ===== ====== - let authFields = {}; - authFields = fieldForRoles(authFields, 'role', me, ['admin'], [], { User: this.context.User }, authlog(resolver + 'field "role"', 'readMany', me)); - const finalQuery = {...baseQuery, ...authQuery}; - return this.collection.find(finalQuery).sort({ createdAt: 1 }).project(authFields).limit(limit).toArray(); - } catch (err) { log.error(err.message); } + tweets(user, { minLikes, lastCreatedAt = 0, limit = 10 }, me, resolver) { + const baseQuery = { authorId: user._id, createdAt: { $gt: lastCreatedAt } }; + return this.context.Tweet.find({ lastCreatedAt, limit, baseQuery }, me, resolver); } - tweets(user, { minLikes, lastCreatedAt = 0, limit = 10 }, me, resolver = 'user tweets') { - try { - const baseQuery = { - authorId: user._id, - createdAt: { $gt: lastCreatedAt }, - }; - const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); - const finalQuery = {...baseQuery, ...authQuery}; - return this.context.Tweet.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); - } catch (err) { log.error(err.message); } + liked(user, { lastCreatedAt = 0, limit = 10 }, me, resolver) { + const baseQuery = { _id: { $in: user.likedIds || [] }, createdAt: { $gt: lastCreatedAt } }; + return this.context.Tweet.find({ lastCreatedAt, limit, baseQuery }, me, resolver); } - liked(user, { lastCreatedAt = 0, limit = 10 }, me, resolver = 'user liked') { - try { - const baseQuery = { - _id: { $in: user.likedIds }, - createdAt: { $gt: lastCreatedAt }, - }; - const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); - const finalQuery = {...baseQuery, ...authQuery}; - return this.context.Tweet.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); - } catch (err) { log.error(err.message); } + following(user, { lastCreatedAt = 0, limit = 10 }, me, resolver) { + const baseQuery = { _id: { $in: user.followingIds || [] }, createdAt: { $gt: lastCreatedAt } }; + return this.context.User.find({ lastCreatedAt, limit, baseQuery }, me, resolver); } - following(user, { lastCreatedAt = 0, limit = 10 }, me, resolver = 'user following') { - try { - const baseQuery = { - _id: { $in: user.followingIds || [] }, - createdAt: { $gt: lastCreatedAt }, - }; - const authQuery = queryForRoles(me, ['admin'], [], { User: this.context.User }, authlog(resolver, 'readMany', me)); - // role: @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) - // ====== - let authFields = {}; - authFields = fieldForRoles(authFields, 'role', me, ['admin'], [], { User: this.context.User }, authlog(resolver + 'field "role"', 'readMany', me)); - const finalQuery = {...baseQuery, ...authQuery}; - return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).project(authFields).limit(limit).toArray(); - } catch (err) { log.error(err.message); } + followers(user, { lastCreatedAt = 0, limit = 10 }, me, resolver) { + const baseQuery = { followingIds: user._id, createdAt: { $gt: lastCreatedAt } }; + return this.context.User.find({ lastCreatedAt, limit, baseQuery }, me, resolver); } - followers(user, { lastCreatedAt = 0, limit = 10 }, me, resolver = 'user followers') { - try { - const baseQuery = { - followingIds: user._id, - createdAt: { $gt: lastCreatedAt }, - }; - const authQuery = queryForRoles(me, ['admin'], [], { User: this.context.User }, authlog(resolver, 'readMany', me)); - // role: @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) - // ====== - let authFields = {}; - authFields = fieldForRoles(authFields, 'role', me, ['admin'], [], { User: this.context.User }, authlog(resolver + 'field "role"', 'readMany', me)); - const finalQuery = {...baseQuery, ...authQuery}; - return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).project(authFields).limit(limit).toArray(); - } catch (err) { log.error(err.message); } + createdBy(user, me, resolver) { + return this.context.User.findOneById(user.createdById, me, resolver); } - createdBy(user, me, resolver = 'user createdBy') { - return this.context.User.getOneById(user.createdById, me, resolver); + updatedBy(user, me, resolver) { + return this.context.User.findOneById(user.updatedById, me, resolver); } - updatedBy(user, me, resolver = 'user updatedBy') { - return this.context.User.getOneById(user.updatedById, me, resolver); + // Begin of user inserted method + protectFields(me, authorizedUserRoles, protectedFields, inputObject){ + const result = Object.assign({}, inputObject); + const role = this.context.User.authRole(me); + // if user is not allowed to access specific fields... + if (!authorizedUserRoles.includes(role)){ + protectedFields.every(protectedField => { + if (result[protectedField]) delete result[protectedField]; + }); + } + return result; } + // End of user inserted method - async insert(doc, me, resolver = 'insert user') { + async insert(doc, me, resolver) { try { - let insertedDoc = null; let docToInsert = Object.assign({}, doc, { createdAt: Date.now(), updatedAt: Date.now(), createdById: (me && me._id) ? me._id : 'unknown', updatedById: (me && me._id) ? me._id : 'unknown', }); - - const authQuery = queryForRoles(me, ['admin'], [], { User: this.context.User }, authlog(resolver, 'create', me)); - // role: @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) - // ===== ====== - docToInsert = authorizedFields(docToInsert, 'role', me, ['admin'], [], { User: this.context.User }, authlog(resolver + 'field "role"', 'create', me)); - + // const authQuery = queryForRoles(me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'create', me)); + checkAuthDoc(docToInsert, me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'create', me)); + // User inserted line: + docToInsert = this.protectFields(me, ['admin'], ['role'], docToInsert); const id = (await this.collection.insertOne(docToInsert)).insertedId; if (!id) { - log.error('insert user failed for:', JSON.stringify(docToInsert, null, 2)); - throw new Error(`insert user not possible for user ${id}.`); + throw new Error(`insert user not possible.`); } - log.debug(`inserted user ${id}.`); - insertedDoc = this.getOneById(id, me, 'pubsub userInserted'); + const insertedDoc = this.findOneById(id, me, 'pubsub userInserted'); this.pubsub.publish('userInserted', insertedDoc); return insertedDoc; - } catch (err) { log.error(err.message); } } - async updateById(id, doc, me, resolver = 'update user') { + async updateById(id, doc, me, resolver) { try { - let updatedDoc = null; - const docBefore = await this.findOneById(id, me, 'user findOneById in updateById for docBefore'); let docToUpdate = {$set: Object.assign({}, doc, { updatedAt: Date.now(), updatedById: (me && me._id) ? me._id : 'unknown', })}; - const baseQuery = {_id: id}; const authQuery = queryForRoles(me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'update', me)); - // role: @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) - // ===== ====== - docToUpdate.$set = authorizedFields(docToUpdate.$set, 'role', me, ['admin'], [], { User: this.context.User }, authlog(resolver + 'field "role"', 'update', me)); - const finalQuery = {...baseQuery, ...authQuery}; + // User inserted line: + docToUpdate.$set = this.protectFields(me, ['admin'], ['role'], docToUpdate.$set); const result = await this.collection.updateOne(finalQuery, docToUpdate); - if (result.result.ok !== 1){ - log.error(`update user failed finalQuery:`, JSON.stringify(finalQuery, null, 2)); - log.error('update user failed for docToUpdate:', JSON.stringify(docToUpdate, null, 2)); + if (result.result.ok !== 1 || result.result.n !== 1){ throw new Error(`update user not possible for ${id}.`); } - log.debug(`updated user ${id}.`); - this.unauthorizedLoader.clear(id); this.authorizedLoader.clear(id); - - updatedDoc = this.getOneById(id, me, 'pubsub userUpdated') + const updatedDoc = this.findOneById(id, me, 'pubsub userUpdated') this.pubsub.publish('userUpdated', updatedDoc); return updatedDoc; - } catch (err) { log.error(err.message); } } - async removeById(id, me, resolver = 'remove user') { + async removeById(id, me, resolver) { try { - const docBefore = await this.findOneById(id, me, 'user findOneById in removeById for docBefore'); const baseQuery = {_id: id}; const authQuery = queryForRoles(me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'delete', me)); const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.remove(finalQuery); if (result.result.ok !== 1 || result.result.n !== 1){ - log.error(`remove user failed for finalQuery:`, JSON.stringify(finalQuery, null, 2)); throw new Error(`remove user not possible for ${id}.`); } - log.debug(`removed user ${id}.`); - this.unauthorizedLoader.clear(id); this.authorizedLoader.clear(id); - this.pubsub.publish('userRemoved', id); return result; - } catch (err) { log.error(err.message); } } } @@ -700,131 +566,47 @@ export function findByIds(collection, ids = [], authQuery) { } ``` -### function loggedIn -Use function loggedIn, to check if a user is logged in. +### function checkAuthDoc +Use function checkAuthDoc to check and get back the document. Especially used in insert operations, to figure out, if the toBeInsertedDoc is valid to be added by this userRole, docRole and action. ```javascript -// returns true, if user is logged in -export function loggedIn(me) { - if(me && me._id && me._id.toString() !== '') { - return true; - } - return false; -} -``` - -### function fieldAuthorized -User function fieldAuthorized, to check, if a user is allowed to access a specific field e.g. field "role" in the User model. +export function checkAuthDoc(doc, me, userRoles, docRoles, { User }, logger){ + const role = User.authRole(me); -```javascript -// returns true, if authorized to get field -// returns false, if NOT authorized to get field -export function fieldAuthorized(me = {}, userRoles = [], docRoles = [], { User }, logger){ - // The logged in user's role is authorized for the field - if (roleAuthorizedForDoc(me, userRoles, docRoles, { User }, logger)) { - return true; - } - // The user might be listed in any document field - if (loggedIn(me) && docRoles.length > 0){ - return true; + // check if userRole entitles current user for this action + if (userRoleAuthorized(me, userRoles, { User }, logger)) { + logger.debug(`and role: "${role}" is authorized by userRole.`); + return doc; } - return false; -} -``` - -### function fieldForRoles -Use function fieldForRoles to prepare an authField object, which can be used in db calls, to get only those fields, the user is allowed to access. Use it like... - -```javascript -const authField = fieldForRoles(...) -this.collection.find(finalQuery).sort({ createdAt: 1 }).project(authFields).limit(limit).toArray(); -``` - -```javascript -// returns a projection query of fields not to be shown, e.g. { role: 0 } -export function fieldForRoles(projection, field, me = {}, userRoles = [], docRoles = [], { User }, logger){ - const role = User.authRole(me); - // The logged in user's role is authorized for the field - if (roleAuthorizedForDoc(me, userRoles, docRoles, { User }, logger)) { - return projection; - } - // The user is listed in any document field - if (loggedIn(me) && docRoles.length > 0){ - return projection; + // check if docRole entitles current user for this document and action + let authorized = false; + docRoles.every(field => { + if (fieldContainsUserId(doc[field], me._id)){ + authorized = true; + } + }) + if (authorized) { + logger.debug(`and role: "${role}" is authorized by docRole.`); + return doc; } - const authFields = Object.assign({}, { [field]: 0 }, projection); - logger.debug(`and role "${role ? role : ''}" not authorized to access field "${field}".`) - return authFields; + + // Not Authorized + logger.error(`and role: "${role}" is not authorized.`); } ``` -### function authorizedFields -Use function authorizedFields, to filter documents, to contain only the fields, which the user is allowed to access. E.g. pass in a result variable, which can be whether an array of documents or a document. It returns the documents without the field "role", if the user is not allowed to access the field role. - -```javascript -// imports a result (which is document or an array of documents), and returns the result, -// but it removes the field without authorization from documents, -// e.g. field "role" is removed from all result documents, if the user/role is not allowed to access it -export function authorizedFields(result, field, me, userRoles = [], docRoles = [], { User }, logger){ - const role = User.authRole(me) || ''; - - // if any userRole authorizes field - if (roleAuthorizedForDoc(me, userRoles, docRoles, { User }, logger)) { - return result; - } - - // if any docRole authorizes field - // The user is listed in any document field - if (loggedIn(me) && docRoles.length > 0){ - - // if the result was an array of documents, check each doc and field - if (_.isArray(result)){ - const authorizedResult = []; - // check all documents in the result array - result.every(doc => { - let fieldAuthorized = false; - // check all docRoles if any of them authorizes field - docRoles.every(docRole => { - // if one docRole authorizes the field, then fieldAuthorized = true - if (doc[docRole] && fieldContainsUserId(doc[docRole], me._id)){ - fieldAuthorized = true; - } - }); - if (!fieldAuthorized && doc[field]){ - delete doc[field]; - logger.debug(`with role "${role}" field "${field}" removed from document id "${doc._id}". No authorization.`); - } - authorizedResult.push(doc); - }); - return authorizedResult; - } - - // if the result was a document - if (_.isObject(result)){ - // check with all docRoles - let fieldAuthorized = false; - docRoles.every(docRole => { - // if one docRole authorizes the field, then fieldAuthorized = true - if (result[docRole] && fieldContainsUserId(result[docRole], me._id)){ - fieldAuthorized = true; - } - }); - if (!fieldAuthorized && result[field]){ - delete result[field]; - logger.debug(`with role "${role}" field "${field}" removed from document id "${result._id}". No authorization.`); - } - return result; - } - } +### function loggedIn +Use function loggedIn, to check if a user is logged in. - // not authorized to access field - if (result[field]){ - delete result[field]; - logger.debug(`with role "${role}" field "${field}" removed from document id "${result._id}". No authorization.`); +```javascript +// returns true, if user is logged in +export function loggedIn(me) { + if(me && me._id && me._id.toString() !== '') { + return true; } - return result; + return false; } ``` @@ -838,7 +620,7 @@ export function queryForRoles(me = {}, userRoles = [], docRoles = [], { User }, const role = User.authRole(me); // Build query for the case: The logged in user's role is authorized - if (roleAuthorizedForDoc(me, userRoles, docRoles, { User }, logger)) { + if (userRoleAuthorized(me, userRoles, { User }, logger)) { return {}; // empty authQuery means, do operation with no access restrictions } @@ -872,12 +654,12 @@ It expects the following arguments with the meanings: * **resolver:** this is a string with the resolver's name, optional, only for easier debugging * **me:** the user object, who is executing the request, and who is checked for authorization -### function roleAuthorizedForDoc +### function userRoleAuthorized This helper function is used by queryForRoles, and decides, if a user gains the authorization by its role. For example: If a user has a field "role" in his user document and it contains the value "admin". So it checks if a user's role is admin, and allows all operations for admins. ```javascript // returns true, if the user's role is authorized for a document -export function roleAuthorizedForDoc(me = {}, userRoles = [], docRoles = [], { User }, logger){ +export function userRoleAuthorized(me = {}, userRoles = [], { User }, logger){ const role = User.authRole(me); if ( userRoles.includes('world') || role && userRoles.length > 0 && userRoles.includes(role) ) { @@ -963,66 +745,66 @@ In the resolver interfaces, there are different objects: * the last argument in the resolver function is the resolver's name, which is optional and only to enhance the logging in debugging mode by additional information. If you have to analyze authorization outcomes, this helps a lot to figure out, which resolvers authorization rule fired. ```javascript - const resolvers = { - User: { - id(user) { - return user._id; - }, - - createdBy(user, args, { User, me }) { - return User.createdBy(user, me, 'createdBy'); - }, - - updatedBy(user, args, { User, me }) { - return User.updatedBy(user, me, 'updatedBy'); - }, - - tweets(user, { minLikes, lastCreatedAt, limit }, { User, me }) { - return User.tweets(user, { minLikes, lastCreatedAt, limit }, me, 'tweets'); - }, - - liked(user, { lastCreatedAt, limit }, { User, me }) { - return User.liked(user, { lastCreatedAt, limit }, me, 'liked'); - }, - - following(user, { lastCreatedAt, limit }, { User, me }) { - return User.following(user, { lastCreatedAt, limit }, me, 'following'); - }, - - followers(user, { lastCreatedAt, limit }, { User, me }) { - return User.followers(user, { lastCreatedAt, limit }, me, 'followers'); - }, - }, - Query: { - users(root, { lastCreatedAt, limit }, { User, me }) { - return User.all({ lastCreatedAt, limit }, me, 'users'); - }, - - user(root, { id }, { User, me }) { - return User.getOneById(id, me, 'user'); - }, - }, - Mutation: { - async createUser(root, { input }, { User, me }) { - return await User.insert(input, me); - }, - - async updateUser(root, { id, input }, { User, me }) { - return await User.updateById(id, input, me); - }, - - async removeUser(root, { id }, { User, me }) { - return await User.removeById(id, me, 'removeUser'); - }, - }, - Subscription: { - userCreated: user => user, - userUpdated: user => user, - userRemoved: id => id, - }, - }; - - export default resolvers; + const resolvers = { + User: { + id(user) { + return user._id; + }, + + createdBy(user, args, { User, me }) { + return User.createdBy(user, me, 'user createdBy'); + }, + + updatedBy(user, args, { User, me }) { + return User.updatedBy(user, me, 'user updatedBy'); + }, + + tweets(user, { minLikes, lastCreatedAt, limit }, { User, me }) { + return User.tweets(user, { minLikes, lastCreatedAt, limit }, me, 'user tweets'); + }, + + liked(user, { lastCreatedAt, limit }, { User, me }) { + return User.liked(user, { lastCreatedAt, limit }, me, 'user liked'); + }, + + following(user, { lastCreatedAt, limit }, { User, me }) { + return User.following(user, { lastCreatedAt, limit }, me, 'user following'); + }, + + followers(user, { lastCreatedAt, limit }, { User, me }) { + return User.followers(user, { lastCreatedAt, limit }, me, 'user followers'); + }, + }, + Query: { + users(root, { lastCreatedAt, limit }, { User, me }) { + return User.find({ lastCreatedAt, limit }, me, 'users'); + }, + + user(root, { id }, { User, me }) { + return User.findOneById(id, me, 'user'); + }, + }, + Mutation: { + async createUser(root, { input }, { User, me }) { + return await User.insert(input, me, 'createUser'); + }, + + async updateUser(root, { id, input }, { User, me }) { + return await User.updateById(id, input, me, 'updateUser'); + }, + + async removeUser(root, { id }, { User, me }) { + return await User.removeById(id, me, 'removeUser'); + }, + }, + Subscription: { + userCreated: user => user, + userUpdated: user => user, + userRemoved: id => id, + }, + }; + + export default resolvers; ``` ### ./resolver/Tweet.js @@ -1041,41 +823,41 @@ In the resolver interfaces, there are different objects: }, author(tweet, args, { Tweet, me }) { - return Tweet.author(tweet, me, 'author'); + return Tweet.author(tweet, me, 'tweet author'); }, createdBy(tweet, args, { Tweet, me }) { - return Tweet.createdBy(tweet, me, 'createdBy'); + return Tweet.createdBy(tweet, me, 'tweet createdBy'); }, updatedBy(tweet, args, { Tweet, me }) { - return Tweet.updatedBy(tweet, me, 'updatedBy'); + return Tweet.updatedBy(tweet, me, 'tweet updatedBy'); }, coauthors(tweet, { lastCreatedAt, limit }, { Tweet, me }) { - return Tweet.coauthors(tweet, { lastCreatedAt, limit }, me, 'coauthors'); + return Tweet.coauthors(tweet, { lastCreatedAt, limit }, me, 'tweet coauthors'); }, likers(tweet, { lastCreatedAt, limit }, { Tweet, me }) { - return Tweet.likers(tweet, { lastCreatedAt, limit }, me, 'likers'); + return Tweet.likers(tweet, { lastCreatedAt, limit }, me, 'tweet likers'); }, }, Query: { tweets(root, { lastCreatedAt, limit }, { Tweet, me }) { - return Tweet.all({ lastCreatedAt, limit }, me, 'tweets'); + return Tweet.find({ lastCreatedAt, limit }, me, 'tweets'); }, tweet(root, { id }, { Tweet, me }) { - return Tweet.getOneById(id, me, 'tweet'); + return Tweet.findOneById(id, me, 'tweet'); }, }, Mutation: { async createTweet(root, { input }, { Tweet, me }) { - return await Tweet.insert(input, me); + return await Tweet.insert(input, me, 'createTweet'); }, async updateTweet(root, { id, input }, { Tweet, me }) { - return await Tweet.updateById(id, input, me); + return await Tweet.updateById(id, input, me, 'updateTweet'); }, async removeTweet(root, { id }, { Tweet, me }) { diff --git a/test/output-app/model/Tweet.js b/test/output-app/model/Tweet.js index cd02baa..e2c19bc 100644 --- a/test/output-app/model/Tweet.js +++ b/test/output-app/model/Tweet.js @@ -1,160 +1,115 @@ import log from '../server/logger'; import DataLoader from 'dataloader'; -import { findByIds, queryForRoles, fieldForRoles, fieldContainsUserId, authorizedFields, authlog } from '../server/authorize'; +import { findByIds, queryForRoles, authlog, checkAuthDoc } from '../server/authorize'; export default class Tweet { constructor(context) { this.context = context; this.collection = context.db.collection('tweet'); this.pubsub = context.pubsub; - const { me, User } = context; let authQuery; try { - authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User }, authlog('tweet findOneLoader', 'readOne', me)); + const { me, User } = context; + authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User }, authlog('tweet findOneById', 'readOne', me)); } catch (err) { log.error(err.message); - authQuery = {_id: false}; + authQuery = {_id: false}; // otherwise admin access } - this.unauthorizedLoader = new DataLoader(ids => findByIds(this.collection, ids)); this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); } - // used from server calls, without authorization checks, NOT for use in resolvers - async findOneById(id, me = {}, resolver = 'tweet findOneById') { + async findOneById(id, me, resolver) { try { - return await this.unauthorizedLoader.load(id); + return await this.authorizedLoader.load(id); } catch (err) { log.error(err.message); } } - // used for api calls, with authorization checks, for use in resolvers - async getOneById(id, me = {}, resolver = 'tweet getOneById') { + find({ lastCreatedAt = 0, limit = 10, baseQuery = { createdAt: { $gt: lastCreatedAt } } }, me, resolver) { try { - const result = await this.authorizedLoader.load(id); - return result; - } catch (err) { log.error(err.message); } - } - - all({ lastCreatedAt = 0, limit = 10 }, me, resolver = 'tweet all') { - try { - const baseQuery = { createdAt: { $gt: lastCreatedAt } }; const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); const finalQuery = {...baseQuery, ...authQuery}; return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } catch (err){ log.error(err.message); } } - author(tweet, me, resolver = 'tweet author') { - return this.context.User.getOneById(tweet.authorId, me, resolver); + createdBy(tweet, me, resolver) { + return this.context.User.findOneById(tweet.createdById, me, resolver); } - createdBy(tweet, me, resolver = 'tweet createdBy') { - return this.context.User.getOneById(tweet.createdById, me, resolver); + updatedBy(tweet, me, resolver) { + return this.context.User.findOneById(tweet.updatedById, me, resolver); } - updatedBy(tweet, me, resolver = 'tweet updatedBy') { - return this.context.User.getOneById(tweet.updatedById, me, resolver); + author(tweet, me, resolver) { + return this.context.User.findOneById(tweet.authorId, me, resolver); } - coauthors(tweet, { lastCreatedAt = 0, limit = 10 }, me, resolver = 'tweet coauthors') { - try { - const baseQuery = {_id: { $in: tweet.coauthorsIds }, createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); - const finalQuery = {...baseQuery, ...authQuery}; - return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); - } catch (err){ log.error(err.message); } + coauthors(tweet, { lastCreatedAt = 0, limit = 10 }, me, resolver) { + const baseQuery = {_id: { $in: tweet.coauthorsIds }, createdAt: { $gt: lastCreatedAt } }; + return this.context.User.find({ lastCreatedAt, limit, baseQuery }, me, resolver); } - likers(tweet, { lastCreatedAt = 0, limit = 10 }, me, resolver = 'tweet likers') { - try { - const baseQuery = {likedIds: tweet._id, createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); - const finalQuery = {...baseQuery, ...authQuery}; - return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); - } catch (err){ log.error(err.message); } + likers(tweet, { lastCreatedAt = 0, limit = 10 }, me, resolver) { + const baseQuery = {likedIds: tweet._id, createdAt: { $gt: lastCreatedAt } }; + return this.context.User.find({ lastCreatedAt, limit, baseQuery }, me, resolver); } - async insert(doc, me, resolver = 'insert tweet') { + async insert(doc, me, resolver) { try { - let insertedDoc = null; let docToInsert = Object.assign({}, doc, { createdAt: Date.now(), updatedAt: Date.now(), createdById: (me && me._id) ? me._id : 'unknown', updatedById: (me && me._id) ? me._id : 'unknown', }); - - const authQuery = queryForRoles(me, ['admin'], ['authorId'], { User: this.context.User }, authlog(resolver, 'create', me)); - - const docRoleFields = ['authorId'].map(key => ({ [key]: docToInsert[key] }) ); - if (Object.keys(authQuery).length > 0 && !fieldContainsUserId(docRoleFields, me._id)) { - throw new Error('Not authorized to insert tweet'); - } - + log.debug(JSON.stringify(docToInsert, null, 2)); + // const authQuery = queryForRoles(me, ['admin'], ['authorId'], { User: this.context.User }, authlog(resolver, 'create', me)); + checkAuthDoc(docToInsert, me, ['admin'], ['authorId'], { User: this.context.User }, authlog(resolver, 'create', me)); const id = (await this.collection.insertOne(docToInsert)).insertedId; if (!id) { - log.error('insert tweet failed for docToInsert:', JSON.stringify(docToInsert, null, 2)); - throw new Error(`insert tweet not possible for ${id}.`); + throw new Error(`insert tweet not possible.`); } - log.debug(`inserted tweet ${id}.`); - insertedDoc = this.getOneById(id, me, 'pubsub tweetInserted'); + const insertedDoc = this.findOneById(id, me, 'pubsub tweetInserted'); this.pubsub.publish('tweetInserted', insertedDoc); return insertedDoc; - } catch (err){ log.error(err.message); } } - async updateById(id, doc, me, resolver = 'update tweet') { + async updateById(id, doc, me, resolver) { try { - let updatedDoc = null; - const docBefore = await this.getOneById(id, me, 'tweet getOneById in updateById for docBefore'); let docToUpdate = {$set: Object.assign({}, doc, { updatedAt: Date.now(), updatedById: (me && me._id) ? me._id : 'unknown', })}; - const baseQuery = {_id: id}; const authQuery = queryForRoles(me, ['admin'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'update', me)); - const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.updateOne(finalQuery, docToUpdate); if (result.result.ok !== 1 || result.result.n !== 1){ - log.error(`update tweet failed finalQuery:`, JSON.stringify(finalQuery, null, 2)); - log.error('update tweet failed for docToUpdate:', JSON.stringify(docToUpdate, null, 2)); throw new Error(`update tweet not possible for ${id}.`); } - log.debug(`updated tweet ${id}.`); - this.unauthorizedLoader.clear(id); this.authorizedLoader.clear(id); - - updatedDoc = this.getOneById(id, me, 'pubsub tweetUpdated'); + const updatedDoc = this.findOneById(id, me, 'pubsub tweetUpdated'); this.pubsub.publish('tweetUpdated', updatedDoc); return updatedDoc; - } catch (err){ log.error(err.message); } } - async removeById(id, me, resolver = 'remove tweet') { + async removeById(id, me, resolver) { try { - const docBefore = this.getOneById(id, me, 'tweet getOneById in removeById for docBefore'); const baseQuery = {_id: id}; const authQuery = queryForRoles(me, ['admin'], ['authorId'], { User: this.context.User }, authlog(resolver, 'delete', me)); const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.remove(finalQuery); - if (result.result.ok !== 1 || result.result.n !== 1){ - log.error(`remove tweet failed for finalQuery:`, JSON.stringify(finalQuery, null, 2)); throw new Error(`remove tweet not possible for ${id}.`); } - log.debug(`removed tweet ${id}.`); - this.unauthorizedLoader.clear(id); this.authorizedLoader.clear(id); - this.pubsub.publish('tweetRemoved', id); return result; - } catch (err){ log.error(err.message); } } } diff --git a/test/output-app/model/User.js b/test/output-app/model/User.js index 90902ac..7446a96 100644 --- a/test/output-app/model/User.js +++ b/test/output-app/model/User.js @@ -1,206 +1,143 @@ import log from '../server/logger'; import DataLoader from 'dataloader'; -import { findByIds, queryForRoles, fieldForRoles, fieldContainsUserId, authorizedFields, authlog } from '../server/authorize'; +import { findByIds, queryForRoles, authlog, checkAuthDoc } from '../server/authorize'; export default class User { constructor(context) { this.context = context; this.collection = context.db.collection('user'); this.pubsub = context.pubsub; - const { me } = context; - this.authRole = User.authRole; // otherwise not accessible in queryForRoles + this.authRole = User.authRole; let authQuery; try { - authQuery = queryForRoles(me, ['admin'], ['_id'], { User }, authlog('user findOneLoader', 'readOne', me)); + const { me } = context; + authQuery = queryForRoles(me, ['admin'], ['_id'], { User }, authlog('user findOneById', 'readOne', me)); } catch (err) { log.error(err.message); - authQuery = {_id: false}; + authQuery = {_id: false}; // otherwise admin access } - this.unauthorizedLoader = new DataLoader(ids => findByIds(this.collection, ids)); this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); } - // returns the role of the user static authRole(user){ return (user && user.role) ? user.role : null; } - // used from server calls, without authorization checks, NOT for use in resolvers - async findOneById(id, me = {}, resolver = 'user findOneById') { + async findOneById(id, me, resolver) { try { - return await this.unauthorizedLoader.load(id); + return await this.authorizedLoader.load(id); } catch (err) { log.error(err.message); } } - // used for api calls, with authorization checks, for use in resolvers - async getOneById(id, me = {}, resolver = 'user getOneById') { + find({ lastCreatedAt = 0, limit = 10, baseQuery = { createdAt: { $gt: lastCreatedAt } } }, me, resolver) { try { - const result = await this.authorizedLoader.load(id); - // role: @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) - // ===== ====== ==== ======= - return authorizedFields(result, 'role', me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver + 'field "role"', 'readOne', me)); + const authQuery = queryForRoles(me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'readMany', me)); + const finalQuery = {...baseQuery, ...authQuery}; + return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } catch (err) { log.error(err.message); } } - all({ lastCreatedAt = 0, limit = 10 }, me, resolver = 'user all') { - try { - const baseQuery = { createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(me, ['admin'], [], { User: this.context.User }, authlog(resolver, 'readMany', me)); - // role: @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) - // ===== ====== - let authFields = {}; - authFields = fieldForRoles(authFields, 'role', me, ['admin'], [], { User: this.context.User }, authlog(resolver + 'field "role"', 'readMany', me)); - const finalQuery = {...baseQuery, ...authQuery}; - return this.collection.find(finalQuery).sort({ createdAt: 1 }).project(authFields).limit(limit).toArray(); - } catch (err) { log.error(err.message); } + tweets(user, { minLikes, lastCreatedAt = 0, limit = 10 }, me, resolver) { + const baseQuery = { authorId: user._id, createdAt: { $gt: lastCreatedAt } }; + return this.context.Tweet.find({ lastCreatedAt, limit, baseQuery }, me, resolver); } - tweets(user, { minLikes, lastCreatedAt = 0, limit = 10 }, me, resolver = 'user tweets') { - try { - const baseQuery = { - authorId: user._id, - createdAt: { $gt: lastCreatedAt }, - }; - const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); - const finalQuery = {...baseQuery, ...authQuery}; - return this.context.Tweet.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); - } catch (err) { log.error(err.message); } + liked(user, { lastCreatedAt = 0, limit = 10 }, me, resolver) { + const baseQuery = { _id: { $in: user.likedIds || [] }, createdAt: { $gt: lastCreatedAt } }; + return this.context.Tweet.find({ lastCreatedAt, limit, baseQuery }, me, resolver); } - liked(user, { lastCreatedAt = 0, limit = 10 }, me, resolver = 'user liked') { - try { - const baseQuery = { - _id: { $in: user.likedIds }, - createdAt: { $gt: lastCreatedAt }, - }; - const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); - const finalQuery = {...baseQuery, ...authQuery}; - return this.context.Tweet.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); - } catch (err) { log.error(err.message); } + following(user, { lastCreatedAt = 0, limit = 10 }, me, resolver) { + const baseQuery = { _id: { $in: user.followingIds || [] }, createdAt: { $gt: lastCreatedAt } }; + return this.context.User.find({ lastCreatedAt, limit, baseQuery }, me, resolver); } - following(user, { lastCreatedAt = 0, limit = 10 }, me, resolver = 'user following') { - try { - const baseQuery = { - _id: { $in: user.followingIds || [] }, - createdAt: { $gt: lastCreatedAt }, - }; - const authQuery = queryForRoles(me, ['admin'], [], { User: this.context.User }, authlog(resolver, 'readMany', me)); - // role: @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) - // ====== - let authFields = {}; - authFields = fieldForRoles(authFields, 'role', me, ['admin'], [], { User: this.context.User }, authlog(resolver + 'field "role"', 'readMany', me)); - const finalQuery = {...baseQuery, ...authQuery}; - return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).project(authFields).limit(limit).toArray(); - } catch (err) { log.error(err.message); } + followers(user, { lastCreatedAt = 0, limit = 10 }, me, resolver) { + const baseQuery = { followingIds: user._id, createdAt: { $gt: lastCreatedAt } }; + return this.context.User.find({ lastCreatedAt, limit, baseQuery }, me, resolver); } - followers(user, { lastCreatedAt = 0, limit = 10 }, me, resolver = 'user followers') { - try { - const baseQuery = { - followingIds: user._id, - createdAt: { $gt: lastCreatedAt }, - }; - const authQuery = queryForRoles(me, ['admin'], [], { User: this.context.User }, authlog(resolver, 'readMany', me)); - // role: @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) - // ====== - let authFields = {}; - authFields = fieldForRoles(authFields, 'role', me, ['admin'], [], { User: this.context.User }, authlog(resolver + 'field "role"', 'readMany', me)); - const finalQuery = {...baseQuery, ...authQuery}; - return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).project(authFields).limit(limit).toArray(); - } catch (err) { log.error(err.message); } + createdBy(user, me, resolver) { + return this.context.User.findOneById(user.createdById, me, resolver); } - createdBy(user, me, resolver = 'user createdBy') { - return this.context.User.getOneById(user.createdById, me, resolver); + updatedBy(user, me, resolver) { + return this.context.User.findOneById(user.updatedById, me, resolver); } - updatedBy(user, me, resolver = 'user updatedBy') { - return this.context.User.getOneById(user.updatedById, me, resolver); + // Begin of user inserted method + protectFields(me, authorizedUserRoles, protectedFields, inputObject){ + const result = Object.assign({}, inputObject); + const role = this.context.User.authRole(me); + // if user is not allowed to access specific fields... + if (!authorizedUserRoles.includes(role)){ + protectedFields.every(protectedField => { + if (result[protectedField]) delete result[protectedField]; + }); + } + return result; } + // End of user inserted method - async insert(doc, me, resolver = 'insert user') { + async insert(doc, me, resolver) { try { - let insertedDoc = null; let docToInsert = Object.assign({}, doc, { createdAt: Date.now(), updatedAt: Date.now(), createdById: (me && me._id) ? me._id : 'unknown', updatedById: (me && me._id) ? me._id : 'unknown', }); - - const authQuery = queryForRoles(me, ['admin'], [], { User: this.context.User }, authlog(resolver, 'create', me)); - // role: @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) - // ===== ====== - docToInsert = authorizedFields(docToInsert, 'role', me, ['admin'], [], { User: this.context.User }, authlog(resolver + 'field "role"', 'create', me)); - + // const authQuery = queryForRoles(me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'create', me)); + checkAuthDoc(docToInsert, me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'create', me)); + // User inserted line: + docToInsert = this.protectFields(me, ['admin'], ['role'], docToInsert); const id = (await this.collection.insertOne(docToInsert)).insertedId; if (!id) { - log.error('insert user failed for:', JSON.stringify(docToInsert, null, 2)); - throw new Error(`insert user not possible for user ${id}.`); + throw new Error(`insert user not possible.`); } - log.debug(`inserted user ${id}.`); - insertedDoc = this.getOneById(id, me, 'pubsub userInserted'); + const insertedDoc = this.findOneById(id, me, 'pubsub userInserted'); this.pubsub.publish('userInserted', insertedDoc); return insertedDoc; - } catch (err) { log.error(err.message); } } - async updateById(id, doc, me, resolver = 'update user') { + async updateById(id, doc, me, resolver) { try { - let updatedDoc = null; - const docBefore = await this.findOneById(id, me, 'user findOneById in updateById for docBefore'); let docToUpdate = {$set: Object.assign({}, doc, { updatedAt: Date.now(), updatedById: (me && me._id) ? me._id : 'unknown', })}; - const baseQuery = {_id: id}; const authQuery = queryForRoles(me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'update', me)); - // role: @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) - // ===== ====== - docToUpdate.$set = authorizedFields(docToUpdate.$set, 'role', me, ['admin'], [], { User: this.context.User }, authlog(resolver + 'field "role"', 'update', me)); - const finalQuery = {...baseQuery, ...authQuery}; + // User inserted line: + docToUpdate.$set = this.protectFields(me, ['admin'], ['role'], docToUpdate.$set); const result = await this.collection.updateOne(finalQuery, docToUpdate); - if (result.result.ok !== 1){ - log.error(`update user failed finalQuery:`, JSON.stringify(finalQuery, null, 2)); - log.error('update user failed for docToUpdate:', JSON.stringify(docToUpdate, null, 2)); + if (result.result.ok !== 1 || result.result.n !== 1){ throw new Error(`update user not possible for ${id}.`); } - log.debug(`updated user ${id}.`); - this.unauthorizedLoader.clear(id); this.authorizedLoader.clear(id); - - updatedDoc = this.getOneById(id, me, 'pubsub userUpdated') + const updatedDoc = this.findOneById(id, me, 'pubsub userUpdated') this.pubsub.publish('userUpdated', updatedDoc); return updatedDoc; - } catch (err) { log.error(err.message); } } - async removeById(id, me, resolver = 'remove user') { + async removeById(id, me, resolver) { try { - const docBefore = await this.findOneById(id, me, 'user findOneById in removeById for docBefore'); const baseQuery = {_id: id}; const authQuery = queryForRoles(me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'delete', me)); const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.remove(finalQuery); if (result.result.ok !== 1 || result.result.n !== 1){ - log.error(`remove user failed for finalQuery:`, JSON.stringify(finalQuery, null, 2)); throw new Error(`remove user not possible for ${id}.`); } - log.debug(`removed user ${id}.`); - this.unauthorizedLoader.clear(id); this.authorizedLoader.clear(id); - this.pubsub.publish('userRemoved', id); return result; - } catch (err) { log.error(err.message); } } } diff --git a/test/output-app/resolvers/Tweet.js b/test/output-app/resolvers/Tweet.js index 1de962c..b361041 100644 --- a/test/output-app/resolvers/Tweet.js +++ b/test/output-app/resolvers/Tweet.js @@ -5,41 +5,41 @@ const resolvers = { }, author(tweet, args, { Tweet, me }) { - return Tweet.author(tweet, me, 'author'); + return Tweet.author(tweet, me, 'tweet author'); }, createdBy(tweet, args, { Tweet, me }) { - return Tweet.createdBy(tweet, me, 'createdBy'); + return Tweet.createdBy(tweet, me, 'tweet createdBy'); }, updatedBy(tweet, args, { Tweet, me }) { - return Tweet.updatedBy(tweet, me, 'updatedBy'); + return Tweet.updatedBy(tweet, me, 'tweet updatedBy'); }, coauthors(tweet, { lastCreatedAt, limit }, { Tweet, me }) { - return Tweet.coauthors(tweet, { lastCreatedAt, limit }, me, 'coauthors'); + return Tweet.coauthors(tweet, { lastCreatedAt, limit }, me, 'tweet coauthors'); }, likers(tweet, { lastCreatedAt, limit }, { Tweet, me }) { - return Tweet.likers(tweet, { lastCreatedAt, limit }, me, 'likers'); + return Tweet.likers(tweet, { lastCreatedAt, limit }, me, 'tweet likers'); }, }, Query: { tweets(root, { lastCreatedAt, limit }, { Tweet, me }) { - return Tweet.all({ lastCreatedAt, limit }, me, 'tweets'); + return Tweet.find({ lastCreatedAt, limit }, me, 'tweets'); }, tweet(root, { id }, { Tweet, me }) { - return Tweet.getOneById(id, me, 'tweet'); + return Tweet.findOneById(id, me, 'tweet'); }, }, Mutation: { async createTweet(root, { input }, { Tweet, me }) { - return await Tweet.insert(input, me); + return await Tweet.insert(input, me, 'createTweet'); }, async updateTweet(root, { id, input }, { Tweet, me }) { - return await Tweet.updateById(id, input, me); + return await Tweet.updateById(id, input, me, 'updateTweet'); }, async removeTweet(root, { id }, { Tweet, me }) { diff --git a/test/output-app/resolvers/User.js b/test/output-app/resolvers/User.js index c22d379..72eedad 100644 --- a/test/output-app/resolvers/User.js +++ b/test/output-app/resolvers/User.js @@ -5,45 +5,45 @@ }, createdBy(user, args, { User, me }) { - return User.createdBy(user, me, 'createdBy'); + return User.createdBy(user, me, 'user createdBy'); }, updatedBy(user, args, { User, me }) { - return User.updatedBy(user, me, 'updatedBy'); + return User.updatedBy(user, me, 'user updatedBy'); }, tweets(user, { minLikes, lastCreatedAt, limit }, { User, me }) { - return User.tweets(user, { minLikes, lastCreatedAt, limit }, me, 'tweets'); + return User.tweets(user, { minLikes, lastCreatedAt, limit }, me, 'user tweets'); }, liked(user, { lastCreatedAt, limit }, { User, me }) { - return User.liked(user, { lastCreatedAt, limit }, me, 'liked'); + return User.liked(user, { lastCreatedAt, limit }, me, 'user liked'); }, following(user, { lastCreatedAt, limit }, { User, me }) { - return User.following(user, { lastCreatedAt, limit }, me, 'following'); + return User.following(user, { lastCreatedAt, limit }, me, 'user following'); }, followers(user, { lastCreatedAt, limit }, { User, me }) { - return User.followers(user, { lastCreatedAt, limit }, me, 'followers'); + return User.followers(user, { lastCreatedAt, limit }, me, 'user followers'); }, }, Query: { users(root, { lastCreatedAt, limit }, { User, me }) { - return User.all({ lastCreatedAt, limit }, me, 'users'); + return User.find({ lastCreatedAt, limit }, me, 'users'); }, user(root, { id }, { User, me }) { - return User.getOneById(id, me, 'user'); + return User.findOneById(id, me, 'user'); }, }, Mutation: { async createUser(root, { input }, { User, me }) { - return await User.insert(input, me); + return await User.insert(input, me, 'createUser'); }, async updateUser(root, { id, input }, { User, me }) { - return await User.updateById(id, input, me); + return await User.updateById(id, input, me, 'updateUser'); }, async removeUser(root, { id }, { User, me }) { diff --git a/test/output-app/server/authorize.js b/test/output-app/server/authorize.js index 53f9e72..dd0a7b9 100644 --- a/test/output-app/server/authorize.js +++ b/test/output-app/server/authorize.js @@ -22,106 +22,37 @@ export function findByIds(collection, ids = [], authQuery) { }); } -// returns true, if user is logged in -export function loggedIn(me) { - if(me && me._id && me._id.toString() !== '') { - return true; - } - return false; -} - -// returns true, if authorized to get field -// returns false, if NOT authorized to get field -export function fieldAuthorized(me = {}, userRoles = [], docRoles = [], { User }, logger){ - // The logged in user's role is authorized for the field - if (roleAuthorizedForDoc(me, userRoles, docRoles, { User }, logger)) { - return true; - } - // The user might be listed in any document field - if (loggedIn(me) && docRoles.length > 0){ - return true; - } - return false; -} - -// returns a projection query of fields not to be shown, e.g. { role: 0 } -export function fieldForRoles(projection, field, me = {}, userRoles = [], docRoles = [], { User }, logger){ +export function checkAuthDoc(doc, me, userRoles, docRoles, { User }, logger){ const role = User.authRole(me); - // The logged in user's role is authorized for the field - if (roleAuthorizedForDoc(me, userRoles, docRoles, { User }, logger)) { - return projection; - } - // The user is listed in any document field - if (loggedIn(me) && docRoles.length > 0){ - return projection; - } - const authFields = Object.assign({}, { [field]: 0 }, projection); - logger.debug(`and role "${role ? role : ''}" not authorized to access field "${field}".`) - return authFields; -} - -// imports a result (which is document or an array of documents), and returns the result, -// but it removes the field without authorization from documents, -// e.g. field "role" is removed from all result documents, if the user/role is not allowed to access it -export function authorizedFields(result, field, me, userRoles = [], docRoles = [], { User }, logger){ - const role = User.authRole(me) || ''; - // if any userRole authorizes field - if (roleAuthorizedForDoc(me, userRoles, docRoles, { User }, logger)) { - return result; + // check if userRole entitles current user for this action + if (userRoleAuthorized(me, userRoles, { User }, logger)) { + logger.debug(`and role: "${role}" is authorized by userRole.`); + return doc; } - // if any docRole authorizes field - // The user is listed in any document field - if (loggedIn(me) && docRoles.length > 0){ - - // if the result was an array of documents, check each doc and field - if (_.isArray(result)){ - const authorizedResult = []; - // check all documents in the result array - result.every(doc => { - let fieldAuthorized = false; - // check all docRoles if any of them authorizes field - docRoles.every(docRole => { - // if one docRole authorizes the field, then fieldAuthorized = true - if (doc[docRole] && fieldContainsUserId(doc[docRole], me._id)){ - fieldAuthorized = true; - } - }); - if (!fieldAuthorized && doc[field]){ - delete doc[field]; - logger.debug(`with role "${role}" field "${field}" removed from document id "${doc._id}". No authorization.`); - } - authorizedResult.push(doc); - }); - return authorizedResult; - } - - // if the result was a document - if (_.isObject(result)){ - // check with all docRoles - let fieldAuthorized = false; - docRoles.every(docRole => { - // if one docRole authorizes the field, then fieldAuthorized = true - if (result[docRole] && fieldContainsUserId(result[docRole], me._id)){ - fieldAuthorized = true; - } - }); - if (!fieldAuthorized && result[field]){ - delete result[field]; - logger.debug(`with role "${role}" field "${field}" removed from document id "${result._id}". No authorization.`); - } - return result; + // check if docRole entitles current user for this document and action + let authorized = false; + docRoles.every(field => { + if (fieldContainsUserId(doc[field], me._id)){ + authorized = true; } - + }) + if (authorized) { + logger.debug(`and role: "${role}" is authorized by docRole.`); + return doc; } - // not authorized to access field - if (result[field]){ - delete result[field]; - logger.debug(`with role "${role}" field "${field}" removed from document id "${result._id}". No authorization.`); + // Not Authorized + logger.error(`and role: "${role}" is not authorized.`); +} + +// returns true, if user is logged in +export function loggedIn(me) { + if(me && me._id && me._id.toString() !== '') { + return true; } - return result; + return false; } // creates an authQuery object with additional query arguments, to implement authorization restrictions for mongodb access @@ -129,7 +60,7 @@ export function queryForRoles(me = {}, userRoles = [], docRoles = [], { User }, const role = User.authRole(me); // Build query for the case: The logged in user's role is authorized - if (roleAuthorizedForDoc(me, userRoles, docRoles, { User }, logger)) { + if (userRoleAuthorized(me, userRoles, { User }, logger)) { return {}; // empty authQuery means, do operation with no access restrictions } @@ -147,7 +78,7 @@ export function queryForRoles(me = {}, userRoles = [], docRoles = [], { User }, } // returns true, if the user's role is authorized for a document -export function roleAuthorizedForDoc(me = {}, userRoles = [], docRoles = [], { User }, logger){ +export function userRoleAuthorized(me = {}, userRoles = [], { User }, logger){ const role = User.authRole(me); if ( userRoles.includes('world') || role && userRoles.length > 0 && userRoles.includes(role) ) { diff --git a/test/output-app/server/logs/all-logs-readable.log b/test/output-app/server/logs/all-logs-readable.log index 0c81a09..4d8c0a0 100644 --- a/test/output-app/server/logs/all-logs-readable.log +++ b/test/output-app/server/logs/all-logs-readable.log @@ -1,8 +1,8 @@ -2017-07-17 00:07:18 Logger started -2017-07-17 00:07:49 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:07:49 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:07:49 -------------------------------------------------------------------------------- -2017-07-17 00:07:49 Request: +x2017-07-18 23:42:06 Logger started +2017-07-18 23:42:35 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:35 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:35 -------------------------------------------------------------------------------- +2017-07-18 23:42:35 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -14,10 +14,10 @@ Query: } } -2017-07-17 00:08:01 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 -------------------------------------------------------------------------------- -2017-07-17 00:08:01 Request: +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -29,10 +29,10 @@ Query: } } -2017-07-17 00:08:01 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 -------------------------------------------------------------------------------- -2017-07-17 00:08:01 Request: +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -43,11 +43,10 @@ Query: } } -2017-07-17 00:08:01 Authorize readOne "userfield "role"" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 -------------------------------------------------------------------------------- -2017-07-17 00:08:01 Request: +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -58,11 +57,10 @@ Query: } } -2017-07-17 00:08:01 Authorize readOne "userfield "role"" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 -------------------------------------------------------------------------------- -2017-07-17 00:08:01 Request: +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -73,11 +71,10 @@ Query: } } -2017-07-17 00:08:01 Authorize readOne "userfield "role"" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 -------------------------------------------------------------------------------- -2017-07-17 00:08:01 Request: +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -89,10 +86,10 @@ Query: } } -2017-07-17 00:08:01 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 -------------------------------------------------------------------------------- -2017-07-17 00:08:01 Request: +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -103,13 +100,11 @@ Query: } } -2017-07-17 00:08:01 Authorize readMany "users" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 Authorize readMany "usersfield "role"" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 Authorize readOne "userfield "role"" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 -------------------------------------------------------------------------------- -2017-07-17 00:08:01 Request: +2017-07-18 23:42:49 Authorize readMany "users" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -120,12 +115,11 @@ Query: } } -2017-07-17 00:08:01 Authorize readMany "users" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 Authorize readMany "usersfield "role"" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 -------------------------------------------------------------------------------- -2017-07-17 00:08:01 Request: +2017-07-18 23:42:49 Authorize readMany "users" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -136,12 +130,11 @@ Query: } } -2017-07-17 00:08:01 Authorize readMany "users" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 Authorize readMany "usersfield "role"" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 -------------------------------------------------------------------------------- -2017-07-17 00:08:01 Request: +2017-07-18 23:42:49 Authorize readMany "users" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -152,12 +145,11 @@ Query: } } -2017-07-17 00:08:01 Authorize readMany "users" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 Authorize readMany "usersfield "role"" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 -------------------------------------------------------------------------------- -2017-07-17 00:08:01 Request: +2017-07-18 23:42:49 Authorize readMany "users" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -170,13 +162,11 @@ Query: } } -2017-07-17 00:08:01 Authorize readOne "userfield "role"" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 Authorize readMany "followers" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 Authorize readMany "followersfield "role"" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 -------------------------------------------------------------------------------- -2017-07-17 00:08:01 Request: +2017-07-18 23:42:49 Authorize readMany "user followers" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -189,13 +179,11 @@ Query: } } -2017-07-17 00:08:01 Authorize readOne "userfield "role"" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 Authorize readMany "followers" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 Authorize readMany "followersfield "role"" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 -------------------------------------------------------------------------------- -2017-07-17 00:08:01 Request: +2017-07-18 23:42:49 Authorize readMany "user followers" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -208,13 +196,11 @@ Query: } } -2017-07-17 00:08:01 Authorize readOne "userfield "role"" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 Authorize readMany "followers" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 Authorize readMany "followersfield "role"" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 -------------------------------------------------------------------------------- -2017-07-17 00:08:01 Request: +2017-07-18 23:42:49 Authorize readMany "user followers" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -227,13 +213,11 @@ Query: } } -2017-07-17 00:08:01 Authorize readOne "userfield "role"" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 Authorize readMany "followers" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 Authorize readMany "followersfield "role"" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 -------------------------------------------------------------------------------- -2017-07-17 00:08:01 Request: +2017-07-18 23:42:49 Authorize readMany "user followers" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -246,13 +230,11 @@ Query: } } -2017-07-17 00:08:01 Authorize readOne "userfield "role"" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 Authorize readMany "following" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 Authorize readMany "followingfield "role"" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 -------------------------------------------------------------------------------- -2017-07-17 00:08:01 Request: +2017-07-18 23:42:49 Authorize readMany "user following" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -265,13 +247,11 @@ Query: } } -2017-07-17 00:08:01 Authorize readOne "userfield "role"" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:01 Authorize readMany "following" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readMany "followingfield "role"" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: +2017-07-18 23:42:49 Authorize readMany "user following" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -284,13 +264,11 @@ Query: } } -2017-07-17 00:08:02 Authorize readOne "userfield "role"" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readMany "following" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readMany "followingfield "role"" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: +2017-07-18 23:42:49 Authorize readMany "user following" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -303,13 +281,11 @@ Query: } } -2017-07-17 00:08:02 Authorize readOne "userfield "role"" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readMany "following" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readMany "followingfield "role"" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: +2017-07-18 23:42:49 Authorize readMany "user following" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -322,12 +298,11 @@ Query: } } -2017-07-17 00:08:02 Authorize readOne "userfield "role"" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readMany "tweets" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: +2017-07-18 23:42:49 Authorize readMany "user tweets" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -340,12 +315,11 @@ Query: } } -2017-07-17 00:08:02 Authorize readOne "userfield "role"" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readMany "tweets" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: +2017-07-18 23:42:49 Authorize readMany "user tweets" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -358,12 +332,11 @@ Query: } } -2017-07-17 00:08:02 Authorize readOne "userfield "role"" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readMany "tweets" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: +2017-07-18 23:42:49 Authorize readMany "user tweets" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -376,12 +349,11 @@ Query: } } -2017-07-17 00:08:02 Authorize readOne "userfield "role"" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readMany "tweets" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: +2017-07-18 23:42:49 Authorize readMany "user tweets" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -394,12 +366,11 @@ Query: } } -2017-07-17 00:08:02 Authorize readOne "userfield "role"" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readMany "liked" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: +2017-07-18 23:42:49 Authorize readMany "user liked" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -412,12 +383,11 @@ Query: } } -2017-07-17 00:08:02 Authorize readOne "userfield "role"" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readMany "liked" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: +2017-07-18 23:42:49 Authorize readMany "user liked" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -430,12 +400,11 @@ Query: } } -2017-07-17 00:08:02 Authorize readOne "userfield "role"" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readMany "liked" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: +2017-07-18 23:42:49 Authorize readMany "user liked" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -448,41 +417,40 @@ Query: } } -2017-07-17 00:08:02 Authorize readOne "userfield "role"" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readMany "liked" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: +2017-07-18 23:42:49 Authorize readMany "user liked" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: { tweet(id: "583676d3618530145474e351") { - author { - username - } + id + body } } -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: { tweet(id: "583676d3618530145474e351") { - id - body + author { + username + } } } -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -493,12 +461,11 @@ Query: } } -2017-07-17 00:08:02 Authorize readMany "tweets" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "authorfield "role"" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: +2017-07-18 23:42:49 Authorize readMany "tweets" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -509,11 +476,11 @@ Query: } } -2017-07-17 00:08:02 Authorize readMany "tweets" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: +2017-07-18 23:42:49 Authorize readMany "tweets" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -524,11 +491,11 @@ Query: } } -2017-07-17 00:08:02 Authorize readMany "tweets" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: +2017-07-18 23:42:49 Authorize readMany "tweets" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -539,11 +506,11 @@ Query: } } -2017-07-17 00:08:02 Authorize readMany "tweets" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: +2017-07-18 23:42:49 Authorize readMany "tweets" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -556,11 +523,11 @@ Query: } } -2017-07-17 00:08:02 Authorize readMany "likers" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: +2017-07-18 23:42:49 Authorize readMany "tweet likers" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -573,11 +540,11 @@ Query: } } -2017-07-17 00:08:02 Authorize readMany "likers" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: +2017-07-18 23:42:49 Authorize readMany "tweet likers" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -590,11 +557,11 @@ Query: } } -2017-07-17 00:08:02 Authorize readMany "likers" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: +2017-07-18 23:42:49 Authorize readMany "tweet likers" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -607,11 +574,11 @@ Query: } } -2017-07-17 00:08:02 Authorize readMany "likers" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: +2017-07-18 23:42:49 Authorize readMany "tweet likers" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -622,15 +589,14 @@ mutation { } } -2017-07-17 00:08:02 Authorize create "insert user" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize create "insert userfield "role"" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 inserted user 596be3c2949652fd418cc8fe. -2017-07-17 00:08:02 Authorize readOne "pubsub userInsertedfield "role"" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: -User: "tobkle", role: "admin", id: "596be3c2949652fd418cc8fe", +2017-07-18 23:42:49 Authorize create "createUser" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize create "createUser" with user "stubailo" and role: "admin" is authorized by userRole. +2017-07-18 23:42:49 inserted user 596e80d9aba34620ffa518b7. +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: +User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", Operation: "", variables: "", Query: mutation { @@ -639,233 +605,238 @@ mutation { } } -2017-07-17 00:08:02 Authorize create "insert user" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 Authorize create "insert userfield "role"" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 inserted user 596be3c2949652fd418cc8ff. -2017-07-17 00:08:02 Authorize readOne "pubsub userInsertedfield "role"" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: -User: "tobkle", role: "admin", id: "596be3c2949652fd418cc8fe", +2017-07-18 23:42:49 Authorize create "createUser" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:49 Authorize create "createUser" with user "tobkle" and role: "admin" is authorized by userRole. +2017-07-18 23:42:49 inserted user 596e80d9aba34620ffa518b8. +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: +User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", Operation: "", variables: "", Query: { - user(id: "596be3c2949652fd418cc8ff") { + user(id: "596e80d9aba34620ffa518b8") { username bio role } } -2017-07-17 00:08:02 Authorize readOne "userfield "role"" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: -User: "tobkle", role: "admin", id: "596be3c2949652fd418cc8fe", +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: +User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", Operation: "", variables: "", Query: { - user(id: "596be3c2949652fd418cc8fe") { + user(id: "596e80d9aba34620ffa518b7") { username role } } -2017-07-17 00:08:02 Authorize readOne "userfield "role"" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: -User: "tobkle", role: "admin", id: "596be3c2949652fd418cc8fe", +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: +User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", Operation: "", variables: "", Query: mutation { - updateUser(id: "596be3c2949652fd418cc8ff", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + updateUser(id: "596e80d9aba34620ffa518b8", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { username bio role } } -2017-07-17 00:08:02 Authorize update "update user" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 Authorize update "update userfield "role"" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 updated user 596be3c2949652fd418cc8ff. -2017-07-17 00:08:02 Authorize readOne "pubsub userUpdatedfield "role"" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: -User: "tobkle", role: "admin", id: "596be3c2949652fd418cc8fe", +2017-07-18 23:42:49 Authorize update "updateUser" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:49 updated user 596e80d9aba34620ffa518b8. +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: +User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", Operation: "", variables: "", Query: mutation { - updateUser(id: "596be3c2949652fd418cc8fe", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + updateUser(id: "596e80d9aba34620ffa518b7", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { username bio role } } -2017-07-17 00:08:02 Authorize update "update user" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 Authorize update "update userfield "role"" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 updated user 596be3c2949652fd418cc8fe. -2017-07-17 00:08:02 Authorize readOne "pubsub userUpdatedfield "role"" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: -User: "tobkle", role: "admin", id: "596be3c2949652fd418cc8fe", +2017-07-18 23:42:49 Authorize update "updateUser" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:49 updated user 596e80d9aba34620ffa518b7. +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: +User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", Operation: "", variables: "", Query: mutation { - updateUser(id: "596be3c2949652fd418cc8ff", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + updateUser(id: "596e80d9aba34620ffa518b8", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { username bio role } } -2017-07-17 00:08:02 Authorize update "update user" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 Authorize update "update userfield "role"" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 updated user 596be3c2949652fd418cc8ff. -2017-07-17 00:08:02 Authorize readOne "pubsub userUpdatedfield "role"" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: -User: "tobkle", role: "admin", id: "596be3c2949652fd418cc8fe", +2017-07-18 23:42:49 Authorize update "updateUser" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:49 updated user 596e80d9aba34620ffa518b8. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", Operation: "", variables: "", Query: mutation { - updateUser(id: "596be3c2949652fd418cc8fe", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + updateUser(id: "596e80d9aba34620ffa518b7", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { username bio role } } -2017-07-17 00:08:02 Authorize update "update user" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 Authorize update "update userfield "role"" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 updated user 596be3c2949652fd418cc8fe. -2017-07-17 00:08:02 Authorize readOne "pubsub userUpdatedfield "role"" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role: "editor" with +2017-07-18 23:42:50 Authorize update "updateUser" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 updated user 596e80d9aba34620ffa518b7. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "editor" with authQuery: { "$or": [ { - "_id": "596be3c2949652fd418cc8fe" + "_id": "596e80d9aba34620ffa518b7" } ] } -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "editor" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: -User: "tobkle", role: "editor", id: "596be3c2949652fd418cc8fe", +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "editor" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "editor", id: "596e80d9aba34620ffa518b7", Operation: "", variables: "", Query: mutation { - updateUser(id: "596be3c2949652fd418cc8fe", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + updateUser(id: "596e80d9aba34620ffa518b7", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { username bio role } } -2017-07-17 00:08:02 Authorize update "update user" with user "tobkle" and role: "editor" with +2017-07-18 23:42:50 Authorize update "updateUser" with user "tobkle" and role: "editor" with authQuery: { "$or": [ { - "_id": "596be3c2949652fd418cc8fe" + "_id": "596e80d9aba34620ffa518b7" } ] } -2017-07-17 00:08:02 Authorize update "update userfield "role"" with user "tobkle" with role "editor" field "role" removed from document id "undefined". No authorization. -2017-07-17 00:08:02 updated user 596be3c2949652fd418cc8fe. -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "zoltan" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "zoltan" and role "admin" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: -User: "zoltan", role: "admin", id: "596be3c2949652fd418cc8ff", +2017-07-18 23:42:50 updated user 596e80d9aba34620ffa518b7. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "zoltan" and role "admin" is authorized +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "zoltan" and role "admin" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "zoltan", role: "admin", id: "596e80d9aba34620ffa518b8", Operation: "", variables: "", Query: mutation { - updateUser(id: "596be3c2949652fd418cc8fe", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + updateUser(id: "596e80d9aba34620ffa518b7", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { username bio role } } -2017-07-17 00:08:02 Authorize update "update user" with user "zoltan" and role "admin" is authorized -2017-07-17 00:08:02 Authorize update "update userfield "role"" with user "zoltan" and role "admin" is authorized -2017-07-17 00:08:02 updated user 596be3c2949652fd418cc8fe. -2017-07-17 00:08:02 Authorize readOne "pubsub userUpdatedfield "role"" with user "zoltan" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: -User: "tobkle", role: "admin", id: "596be3c2949652fd418cc8fe", +2017-07-18 23:42:50 Authorize update "updateUser" with user "zoltan" and role "admin" is authorized +2017-07-18 23:42:50 updated user 596e80d9aba34620ffa518b7. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", Operation: "", variables: "", Query: mutation { - removeUser(id: "596be3c2949652fd418cc8ff") + removeUser(id: "596e80d9aba34620ffa518b8") } -2017-07-17 00:08:02 Authorize delete "removeUser" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 removed user 596be3c2949652fd418cc8ff. -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: -User: "tobkle", role: "admin", id: "596be3c2949652fd418cc8fe", +2017-07-18 23:42:50 Authorize delete "removeUser" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 removed user 596e80d9aba34620ffa518b8. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", Operation: "", variables: "", Query: mutation { - createTweet(input: {authorId: "596be3c2949652fd418cc8fe", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + createTweet(input: {authorId: "596e80d9aba34620ffa518b7", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { id } } -2017-07-17 00:08:02 Authorize create "insert tweet" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 inserted tweet 596be3c2949652fd418cc900. -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: -User: "tobkle", role: "admin", id: "596be3c2949652fd418cc8fe", +2017-07-18 23:42:50 { + "authorId": "596e80d9aba34620ffa518b7", + "body": "This is a test tweet of user tobkle", + "coauthorsIds": [], + "createdAt": 1500414170065, + "updatedAt": 1500414170065, + "createdById": "596e80d9aba34620ffa518b7", + "updatedById": "596e80d9aba34620ffa518b7" +} +2017-07-18 23:42:50 Authorize create "createTweet" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 Authorize create "createTweet" with user "tobkle" and role: "admin" is authorized by userRole. +2017-07-18 23:42:50 inserted tweet 596e80daaba34620ffa518b9. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", Operation: "", variables: "", Query: -{ - tweet(id: "596be3c2949652fd418cc900") { - author { - id - } - body +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id } } -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: -User: "tobkle", role: "admin", id: "596be3c2949652fd418cc8fe", +2017-07-18 23:42:50 { + "authorId": "583291a1638566b3c5a92ca1", + "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", + "coauthorsIds": [], + "createdAt": 1500414170102, + "updatedAt": 1500414170102, + "createdById": "596e80d9aba34620ffa518b7", + "updatedById": "596e80d9aba34620ffa518b7" +} +2017-07-18 23:42:50 Authorize create "createTweet" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 Authorize create "createTweet" with user "tobkle" and role: "admin" is authorized by userRole. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", Operation: "", variables: "", Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id +{ + tweet(id: "596e80daaba34620ffa518b9") { + author { + id + } + body } } -2017-07-17 00:08:02 Authorize create "insert tweet" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 inserted tweet 596be3c2949652fd418cc901. -2017-07-17 00:08:02 Authorize readOne "authorfield "role"" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: -User: "tobkle", role: "admin", id: "596be3c2949652fd418cc8fe", +2017-07-18 23:42:50 inserted tweet 596e80daaba34620ffa518ba. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", Operation: "", variables: "", Query: { @@ -877,122 +848,120 @@ Query: } } -2017-07-17 00:08:02 Authorize readOne "authorfield "role"" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: -User: "tobkle", role: "admin", id: "596be3c2949652fd418cc8fe", +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", Operation: "", variables: "", Query: mutation { - updateTweet(id: "596be3c2949652fd418cc900", input: {body: "This is a modified test tweet"}) { + updateTweet(id: "596e80daaba34620ffa518b9", input: {body: "This is a modified test tweet"}) { body } } -2017-07-17 00:08:02 Authorize update "update tweet" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 updated tweet 596be3c2949652fd418cc900. -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: -User: "tobkle", role: "admin", id: "596be3c2949652fd418cc8fe", +2017-07-18 23:42:50 Authorize update "updateTweet" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 updated tweet 596e80daaba34620ffa518b9. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", Operation: "", variables: "", Query: mutation { - updateTweet(id: "596be3c2949652fd418cc901", input: {body: "This is a modified test tweet"}) { + updateTweet(id: "596e80daaba34620ffa518ba", input: {body: "This is a modified test tweet"}) { body } } -2017-07-17 00:08:02 Authorize update "update tweet" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 updated tweet 596be3c2949652fd418cc901. -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: -User: "tobkle", role: "admin", id: "596be3c2949652fd418cc8fe", +2017-07-18 23:42:50 Authorize update "updateTweet" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 updated tweet 596e80daaba34620ffa518ba. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", Operation: "", variables: "", Query: { - tweet(id: "596be3c2949652fd418cc900") { + tweet(id: "596e80daaba34620ffa518b9") { body } } -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: -User: "tobkle", role: "admin", id: "596be3c2949652fd418cc8fe", +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", Operation: "", variables: "", Query: mutation { - removeTweet(id: "596be3c2949652fd418cc900") + removeTweet(id: "596e80daaba34620ffa518b9") } -2017-07-17 00:08:02 Authorize delete "removeTweet" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 removed tweet 596be3c2949652fd418cc900. -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: -User: "tobkle", role: "admin", id: "596be3c2949652fd418cc8fe", +2017-07-18 23:42:50 Authorize delete "removeTweet" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 removed tweet 596e80daaba34620ffa518b9. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", Operation: "", variables: "", Query: mutation { - removeTweet(id: "596be3c2949652fd418cc901") + removeTweet(id: "596e80daaba34620ffa518ba") } -2017-07-17 00:08:02 Authorize delete "removeTweet" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 removed tweet 596be3c2949652fd418cc901. -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: -User: "tobkle", role: "admin", id: "596be3c2949652fd418cc8fe", +2017-07-18 23:42:50 Authorize delete "removeTweet" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 removed tweet 596e80daaba34620ffa518ba. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", Operation: "", variables: "", Query: { - tweet(id: "596be3c2949652fd418cc900") { + tweet(id: "596e80daaba34620ffa518b9") { body } } -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: -User: "tobkle", role: "admin", id: "596be3c2949652fd418cc8fe", +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", Operation: "", variables: "", Query: mutation { - removeUser(id: "596be3c2949652fd418cc8fe") + removeUser(id: "596e80d9aba34620ffa518b7") } -2017-07-17 00:08:02 Authorize delete "removeUser" with user "tobkle" and role "admin" is authorized -2017-07-17 00:08:02 removed user 596be3c2949652fd418cc8fe. -2017-07-17 00:08:02 ERROR Authorize readOne "user findOneLoader" with user "" and role: "null" is not authorized. -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "" and role "" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: +2017-07-18 23:42:50 Authorize delete "removeUser" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 removed user 596e80d9aba34620ffa518b7. +2017-07-18 23:42:50 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "" and role "" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: { - user(id: "596be3c2949652fd418cc8fe") { + user(id: "596e80d9aba34620ffa518b7") { username bio role } } -2017-07-17 00:08:02 ERROR Cannot read property 'role' of undefined -2017-07-17 00:08:02 ERROR Authorize readOne "user findOneLoader" with user "" and role: "null" is not authorized. -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "" and role "" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: +2017-07-18 23:42:50 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "" and role "" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -1002,11 +971,11 @@ mutation { } } -2017-07-17 00:08:02 ERROR Authorize create "insert user" with user "" and role: "null" is not authorized. -2017-07-17 00:08:02 ERROR Authorize readOne "user findOneLoader" with user "" and role: "null" is not authorized. -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "" and role "" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: +2017-07-18 23:42:50 ERROR Cannot read property 'toString' of undefined +2017-07-18 23:42:50 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "" and role "" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -1018,11 +987,10 @@ Query: } } -2017-07-17 00:08:02 ERROR Cannot read property 'role' of undefined -2017-07-17 00:08:02 ERROR Authorize readOne "user findOneLoader" with user "" and role: "null" is not authorized. -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "" and role "" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: +2017-07-18 23:42:50 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "" and role "" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -1034,11 +1002,11 @@ mutation { } } -2017-07-17 00:08:02 ERROR Authorize update "update user" with user "" and role: "null" is not authorized. -2017-07-17 00:08:02 ERROR Authorize readOne "user findOneLoader" with user "" and role: "null" is not authorized. -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "" and role "" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: +2017-07-18 23:42:50 ERROR Authorize update "updateUser" with user "" and role: "null" is not authorized. +2017-07-18 23:42:50 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "" and role "" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -1046,11 +1014,11 @@ mutation { removeUser(id: "583291a1638566b3c5a92ca1") } -2017-07-17 00:08:02 ERROR Authorize delete "removeUser" with user "" and role: "null" is not authorized. -2017-07-17 00:08:02 ERROR Authorize readOne "user findOneLoader" with user "" and role: "null" is not authorized. -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "" and role "" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: +2017-07-18 23:42:50 ERROR Authorize delete "removeUser" with user "" and role: "null" is not authorized. +2017-07-18 23:42:50 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "" and role "" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -1060,10 +1028,10 @@ mutation { } } -2017-07-17 00:08:02 ERROR Authorize readOne "user findOneLoader" with user "" and role: "null" is not authorized. -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "" and role "" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: +2017-07-18 23:42:50 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "" and role "" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -1073,11 +1041,20 @@ mutation { } } -2017-07-17 00:08:02 ERROR Authorize create "insert tweet" with user "" and role: "null" is not authorized. -2017-07-17 00:08:02 ERROR Authorize readOne "user findOneLoader" with user "" and role: "null" is not authorized. -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "" and role "" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: +2017-07-18 23:42:50 { + "authorId": "583291a1638566b3c5a92ca1", + "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", + "coauthorsIds": [], + "createdAt": 1500414170256, + "updatedAt": 1500414170256, + "createdById": "unknown", + "updatedById": "unknown" +} +2017-07-18 23:42:50 ERROR Cannot read property 'toString' of undefined +2017-07-18 23:42:50 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "" and role "" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -1090,11 +1067,10 @@ Query: } } -2017-07-17 00:08:02 ERROR Cannot read property 'role' of undefined -2017-07-17 00:08:02 ERROR Authorize readOne "user findOneLoader" with user "" and role: "null" is not authorized. -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "" and role "" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: +2017-07-18 23:42:50 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "" and role "" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -1104,11 +1080,11 @@ mutation { } } -2017-07-17 00:08:02 ERROR Authorize update "update tweet" with user "" and role: "null" is not authorized. -2017-07-17 00:08:02 ERROR Authorize readOne "user findOneLoader" with user "" and role: "null" is not authorized. -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "" and role "" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: +2017-07-18 23:42:50 ERROR Authorize update "updateTweet" with user "" and role: "null" is not authorized. +2017-07-18 23:42:50 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "" and role "" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -1118,11 +1094,11 @@ mutation { } } -2017-07-17 00:08:02 ERROR Authorize update "update tweet" with user "" and role: "null" is not authorized. -2017-07-17 00:08:02 ERROR Authorize readOne "user findOneLoader" with user "" and role: "null" is not authorized. -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "" and role "" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: +2017-07-18 23:42:50 ERROR Authorize update "updateTweet" with user "" and role: "null" is not authorized. +2017-07-18 23:42:50 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "" and role "" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -1130,11 +1106,11 @@ mutation { removeTweet(id: "583676d3618530145474e352") } -2017-07-17 00:08:02 ERROR Authorize delete "removeTweet" with user "" and role: "null" is not authorized. -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: +2017-07-18 23:42:50 ERROR Authorize delete "removeTweet" with user "" and role: "null" is not authorized. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -1145,22 +1121,21 @@ mutation { } } -2017-07-17 00:08:02 Authorize create "insert user" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize create "insert userfield "role"" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 inserted user 596be3c2949652fd418cc902. -2017-07-17 00:08:02 Authorize readOne "pubsub userInsertedfield "role"" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role: "user" with +2017-07-18 23:42:50 Authorize create "createUser" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:50 Authorize create "createUser" with user "stubailo" and role: "admin" is authorized by userRole. +2017-07-18 23:42:50 inserted user 596e80daaba34620ffa518bb. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596be3c2949652fd418cc902" + "_id": "596e80daaba34620ffa518bb" } ] } -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "user" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: -User: "tobkle", role: "user", id: "596be3c2949652fd418cc902", +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", Operation: "", variables: "", Query: mutation { @@ -1169,23 +1144,19 @@ mutation { } } -2017-07-17 00:08:02 Authorize create "insert user" with user "tobkle" and role: "user" with -authQuery: { - "$or": [] -} -2017-07-17 00:08:02 ERROR Authorize create "insert user" with user "tobkle" and role: "user" is not authorized. -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role: "user" with +2017-07-18 23:42:50 ERROR Cannot read property 'toString' of undefined +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596be3c2949652fd418cc902" + "_id": "596e80daaba34620ffa518bb" } ] } -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "user" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: -User: "tobkle", role: "user", id: "596be3c2949652fd418cc902", +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", Operation: "", variables: "", Query: { @@ -1196,60 +1167,59 @@ Query: } } -2017-07-17 00:08:02 ERROR Cannot read property 'role' of undefined -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role: "user" with +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596be3c2949652fd418cc902" + "_id": "596e80daaba34620ffa518bb" } ] } -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "user" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: -User: "tobkle", role: "user", id: "596be3c2949652fd418cc902", +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", Operation: "", variables: "", Query: { - user(id: "596be3c2949652fd418cc902") { + user(id: "596e80daaba34620ffa518bb") { username } } -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role: "user" with +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596be3c2949652fd418cc902" + "_id": "596e80daaba34620ffa518bb" } ] } -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "user" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: -User: "tobkle", role: "user", id: "596be3c2949652fd418cc902", +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", Operation: "", variables: "", Query: { - user(id: "596be3c2949652fd418cc902") { + user(id: "596e80daaba34620ffa518bb") { username role } } -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role: "user" with +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596be3c2949652fd418cc902" + "_id": "596e80daaba34620ffa518bb" } ] } -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "user" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: -User: "tobkle", role: "user", id: "596be3c2949652fd418cc902", +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", Operation: "", variables: "", Query: mutation { @@ -1260,155 +1230,146 @@ mutation { } } -2017-07-17 00:08:02 Authorize update "update user" with user "tobkle" and role: "user" with +2017-07-18 23:42:50 Authorize update "updateUser" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596be3c2949652fd418cc902" + "_id": "596e80daaba34620ffa518bb" } ] } -2017-07-17 00:08:02 Authorize update "update userfield "role"" with user "tobkle" with role "user" field "role" removed from document id "undefined". No authorization. -2017-07-17 00:08:02 updated user 583291a1638566b3c5a92ca1. -2017-07-17 00:08:02 ERROR Cannot read property 'role' of undefined -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role: "user" with +2017-07-18 23:42:50 ERROR update user not possible for 583291a1638566b3c5a92ca1. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596be3c2949652fd418cc902" + "_id": "596e80daaba34620ffa518bb" } ] } -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "user" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: -User: "tobkle", role: "user", id: "596be3c2949652fd418cc902", +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", Operation: "", variables: "", Query: mutation { - updateUser(id: "596be3c2949652fd418cc902", input: {username: "tobkle", bio: "Maker of things, I guess"}) { + updateUser(id: "596e80daaba34620ffa518bb", input: {username: "tobkle", bio: "Maker of things, I guess"}) { username bio } } -2017-07-17 00:08:02 Authorize update "update user" with user "tobkle" and role: "user" with +2017-07-18 23:42:50 Authorize update "updateUser" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596be3c2949652fd418cc902" + "_id": "596e80daaba34620ffa518bb" } ] } -2017-07-17 00:08:02 updated user 596be3c2949652fd418cc902. -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role: "user" with +2017-07-18 23:42:50 updated user 596e80daaba34620ffa518bb. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596be3c2949652fd418cc902" + "_id": "596e80daaba34620ffa518bb" } ] } -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "user" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: -User: "tobkle", role: "user", id: "596be3c2949652fd418cc902", +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", Operation: "", variables: "", Query: mutation { - updateUser(id: "596be3c2949652fd418cc902", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + updateUser(id: "596e80daaba34620ffa518bb", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { username bio role } } -2017-07-17 00:08:02 Authorize update "update user" with user "tobkle" and role: "user" with +2017-07-18 23:42:50 Authorize update "updateUser" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596be3c2949652fd418cc902" + "_id": "596e80daaba34620ffa518bb" } ] } -2017-07-17 00:08:02 Authorize update "update userfield "role"" with user "tobkle" with role "user" field "role" removed from document id "undefined". No authorization. -2017-07-17 00:08:02 updated user 596be3c2949652fd418cc902. -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role: "user" with +2017-07-18 23:42:50 updated user 596e80daaba34620ffa518bb. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596be3c2949652fd418cc902" + "_id": "596e80daaba34620ffa518bb" } ] } -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "user" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: -User: "tobkle", role: "user", id: "596be3c2949652fd418cc902", +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", Operation: "", variables: "", Query: mutation { removeUser(id: "583291a1638566b3c5a92ca1") } -2017-07-17 00:08:02 Authorize delete "removeUser" with user "tobkle" and role: "user" with +2017-07-18 23:42:50 Authorize delete "removeUser" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596be3c2949652fd418cc902" + "_id": "596e80daaba34620ffa518bb" } ] } -2017-07-17 00:08:02 ERROR remove user failed for finalQuery: { - "_id": "583291a1638566b3c5a92ca1", - "$or": [ - { - "_id": "596be3c2949652fd418cc902" - } - ] -} -2017-07-17 00:08:02 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role: "user" with +2017-07-18 23:42:50 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596be3c2949652fd418cc902" + "_id": "596e80daaba34620ffa518bb" } ] } -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "user" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: -User: "tobkle", role: "user", id: "596be3c2949652fd418cc902", +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", Operation: "", variables: "", Query: mutation { - createTweet(input: {authorId: "596be3c2949652fd418cc902", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + createTweet(input: {authorId: "596e80daaba34620ffa518bb", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { id } } -2017-07-17 00:08:02 Authorize create "insert tweet" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "authorId": "596be3c2949652fd418cc902" - } - ] +2017-07-18 23:42:50 { + "authorId": "596e80daaba34620ffa518bb", + "body": "This is a test tweet of user tobkle", + "coauthorsIds": [], + "createdAt": 1500414170485, + "updatedAt": 1500414170485, + "createdById": "596e80daaba34620ffa518bb", + "updatedById": "596e80daaba34620ffa518bb" } -2017-07-17 00:08:02 inserted tweet 596be3c2949652fd418cc903. -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role: "user" with +2017-07-18 23:42:50 Authorize create "createTweet" with user "tobkle" and role: "user" is authorized by docRole. +2017-07-18 23:42:50 inserted tweet 596e80daaba34620ffa518bc. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596be3c2949652fd418cc902" + "_id": "596e80daaba34620ffa518bb" } ] } -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "user" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: -User: "tobkle", role: "user", id: "596be3c2949652fd418cc902", +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", Operation: "", variables: "", Query: mutation { @@ -1417,31 +1378,32 @@ mutation { } } -2017-07-17 00:08:02 Authorize create "insert tweet" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "authorId": "596be3c2949652fd418cc902" - } - ] +2017-07-18 23:42:50 { + "authorId": "583291a1638566b3c5a92ca1", + "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", + "coauthorsIds": [], + "createdAt": 1500414170510, + "updatedAt": 1500414170510, + "createdById": "596e80daaba34620ffa518bb", + "updatedById": "596e80daaba34620ffa518bb" } -2017-07-17 00:08:02 ERROR Not authorized to insert tweet -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role: "user" with +2017-07-18 23:42:50 ERROR Authorize create "createTweet" with user "tobkle" and role: "user" is not authorized. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596be3c2949652fd418cc902" + "_id": "596e80daaba34620ffa518bb" } ] } -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "user" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: -User: "tobkle", role: "user", id: "596be3c2949652fd418cc902", +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", Operation: "", variables: "", Query: { - tweet(id: "596be3c2949652fd418cc903") { + tweet(id: "596e80daaba34620ffa518bc") { author { id } @@ -1449,18 +1411,18 @@ Query: } } -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role: "user" with +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596be3c2949652fd418cc902" + "_id": "596e80daaba34620ffa518bb" } ] } -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "user" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: -User: "tobkle", role: "user", id: "596be3c2949652fd418cc902", +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", Operation: "", variables: "", Query: { @@ -1472,51 +1434,50 @@ Query: } } -2017-07-17 00:08:02 ERROR Cannot read property 'role' of undefined -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role: "user" with +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596be3c2949652fd418cc902" + "_id": "596e80daaba34620ffa518bb" } ] } -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "user" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: -User: "tobkle", role: "user", id: "596be3c2949652fd418cc902", +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", Operation: "", variables: "", Query: mutation { - updateTweet(id: "596be3c2949652fd418cc903", input: {body: "This is a modified test tweet"}) { + updateTweet(id: "596e80daaba34620ffa518bc", input: {body: "This is a modified test tweet"}) { body } } -2017-07-17 00:08:02 Authorize update "update tweet" with user "tobkle" and role: "user" with +2017-07-18 23:42:50 Authorize update "updateTweet" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "authorId": "596be3c2949652fd418cc902" + "authorId": "596e80daaba34620ffa518bb" }, { - "coauthorsIds": "596be3c2949652fd418cc902" + "coauthorsIds": "596e80daaba34620ffa518bb" } ] } -2017-07-17 00:08:02 updated tweet 596be3c2949652fd418cc903. -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role: "user" with +2017-07-18 23:42:50 updated tweet 596e80daaba34620ffa518bc. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596be3c2949652fd418cc902" + "_id": "596e80daaba34620ffa518bb" } ] } -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "user" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: -User: "tobkle", role: "user", id: "596be3c2949652fd418cc902", +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", Operation: "", variables: "", Query: mutation { @@ -1525,185 +1486,158 @@ mutation { } } -2017-07-17 00:08:02 Authorize update "update tweet" with user "tobkle" and role: "user" with +2017-07-18 23:42:50 Authorize update "updateTweet" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "authorId": "596be3c2949652fd418cc902" + "authorId": "596e80daaba34620ffa518bb" }, { - "coauthorsIds": "596be3c2949652fd418cc902" + "coauthorsIds": "596e80daaba34620ffa518bb" } ] } -2017-07-17 00:08:02 ERROR update tweet failed finalQuery: { - "_id": "583676d3618530145474e352", - "$or": [ - { - "authorId": "596be3c2949652fd418cc902" - }, - { - "coauthorsIds": "596be3c2949652fd418cc902" - } - ] -} -2017-07-17 00:08:02 ERROR update tweet failed for docToUpdate: { - "$set": { - "body": "This is a modified test tweet", - "updatedAt": 1500242882867, - "updatedById": "596be3c2949652fd418cc902" - } -} -2017-07-17 00:08:02 ERROR update tweet not possible for 583676d3618530145474e352. -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role: "user" with +2017-07-18 23:42:50 ERROR update tweet not possible for 583676d3618530145474e352. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596be3c2949652fd418cc902" + "_id": "596e80daaba34620ffa518bb" } ] } -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "user" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: -User: "tobkle", role: "user", id: "596be3c2949652fd418cc902", +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", Operation: "", variables: "", Query: { - tweet(id: "596be3c2949652fd418cc903") { + tweet(id: "596e80daaba34620ffa518bc") { body } } -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role: "user" with +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596be3c2949652fd418cc902" + "_id": "596e80daaba34620ffa518bb" } ] } -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "user" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: -User: "tobkle", role: "user", id: "596be3c2949652fd418cc902", +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", Operation: "", variables: "", Query: mutation { - removeTweet(id: "596be3c2949652fd418cc903") + removeTweet(id: "596e80daaba34620ffa518bc") } -2017-07-17 00:08:02 Authorize delete "removeTweet" with user "tobkle" and role: "user" with +2017-07-18 23:42:50 Authorize delete "removeTweet" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "authorId": "596be3c2949652fd418cc902" + "authorId": "596e80daaba34620ffa518bb" } ] } -2017-07-17 00:08:02 removed tweet 596be3c2949652fd418cc903. -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role: "user" with +2017-07-18 23:42:50 removed tweet 596e80daaba34620ffa518bc. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596be3c2949652fd418cc902" + "_id": "596e80daaba34620ffa518bb" } ] } -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "user" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: -User: "tobkle", role: "user", id: "596be3c2949652fd418cc902", +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", Operation: "", variables: "", Query: mutation { removeTweet(id: "583676d3618530145474e352") } -2017-07-17 00:08:02 Authorize delete "removeTweet" with user "tobkle" and role: "user" with +2017-07-18 23:42:50 Authorize delete "removeTweet" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "authorId": "596be3c2949652fd418cc902" + "authorId": "596e80daaba34620ffa518bb" } ] } -2017-07-17 00:08:02 ERROR remove tweet failed for finalQuery: { - "_id": "583676d3618530145474e352", - "$or": [ - { - "authorId": "596be3c2949652fd418cc902" - } - ] -} -2017-07-17 00:08:02 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role: "user" with +2017-07-18 23:42:50 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596be3c2949652fd418cc902" + "_id": "596e80daaba34620ffa518bb" } ] } -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "user" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: -User: "tobkle", role: "user", id: "596be3c2949652fd418cc902", +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", Operation: "", variables: "", Query: { - tweet(id: "596be3c2949652fd418cc903") { + tweet(id: "596e80daaba34620ffa518bc") { body } } -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role: "user" with +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596be3c2949652fd418cc902" + "_id": "596e80daaba34620ffa518bb" } ] } -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "user" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: -User: "tobkle", role: "user", id: "596be3c2949652fd418cc902", +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", Operation: "", variables: "", Query: mutation { - removeUser(id: "596be3c2949652fd418cc902") + removeUser(id: "596e80daaba34620ffa518bb") } -2017-07-17 00:08:02 Authorize delete "removeUser" with user "tobkle" and role: "user" with +2017-07-18 23:42:50 Authorize delete "removeUser" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596be3c2949652fd418cc902" + "_id": "596e80daaba34620ffa518bb" } ] } -2017-07-17 00:08:02 removed user 596be3c2949652fd418cc902. -2017-07-17 00:08:02 ERROR Authorize readOne "user findOneLoader" with user "" and role: "null" is not authorized. -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "" and role "" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: +2017-07-18 23:42:50 removed user 596e80daaba34620ffa518bb. +2017-07-18 23:42:50 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "" and role "" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: { - user(id: "596be3c2949652fd418cc902") { + user(id: "596e80daaba34620ffa518bb") { username bio role } } -2017-07-17 00:08:02 ERROR Cannot read property 'role' of undefined -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -1714,22 +1648,21 @@ mutation { } } -2017-07-17 00:08:02 Authorize create "insert user" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize create "insert userfield "role"" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 inserted user 596be3c2949652fd418cc904. -2017-07-17 00:08:02 Authorize readOne "pubsub userInsertedfield "role"" with user "stubailo" and role "admin" is authorized -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role: "editor" with +2017-07-18 23:42:50 Authorize create "createUser" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:50 Authorize create "createUser" with user "stubailo" and role: "admin" is authorized by userRole. +2017-07-18 23:42:50 inserted user 596e80daaba34620ffa518bd. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "editor" with authQuery: { "$or": [ { - "_id": "596be3c2949652fd418cc904" + "_id": "596e80daaba34620ffa518bd" } ] } -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "editor" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: -User: "tobkle", role: "editor", id: "596be3c2949652fd418cc904", +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "editor" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "editor", id: "596e80daaba34620ffa518bd", Operation: "", variables: "", Query: mutation { @@ -1738,23 +1671,19 @@ mutation { } } -2017-07-17 00:08:02 Authorize create "insert user" with user "tobkle" and role: "editor" with -authQuery: { - "$or": [] -} -2017-07-17 00:08:02 ERROR Authorize create "insert user" with user "tobkle" and role: "editor" is not authorized. -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role: "editor" with +2017-07-18 23:42:50 ERROR Cannot read property 'toString' of undefined +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "editor" with authQuery: { "$or": [ { - "_id": "596be3c2949652fd418cc904" + "_id": "596e80daaba34620ffa518bd" } ] } -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "editor" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: -User: "tobkle", role: "editor", id: "596be3c2949652fd418cc904", +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "editor" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "editor", id: "596e80daaba34620ffa518bd", Operation: "", variables: "", Query: { @@ -1765,40 +1694,39 @@ Query: } } -2017-07-17 00:08:02 ERROR Cannot read property 'role' of undefined -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role: "editor" with +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "editor" with authQuery: { "$or": [ { - "_id": "596be3c2949652fd418cc904" + "_id": "596e80daaba34620ffa518bd" } ] } -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "editor" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: -User: "tobkle", role: "editor", id: "596be3c2949652fd418cc904", +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "editor" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "editor", id: "596e80daaba34620ffa518bd", Operation: "", variables: "", Query: { - user(id: "596be3c2949652fd418cc904") { + user(id: "596e80daaba34620ffa518bd") { username role } } -2017-07-17 00:08:02 Authorize readOne "user findOneLoader" with user "tobkle" and role: "editor" with +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "editor" with authQuery: { "$or": [ { - "_id": "596be3c2949652fd418cc904" + "_id": "596e80daaba34620ffa518bd" } ] } -2017-07-17 00:08:02 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "editor" is authorized -2017-07-17 00:08:02 -------------------------------------------------------------------------------- -2017-07-17 00:08:02 Request: -User: "tobkle", role: "editor", id: "596be3c2949652fd418cc904", +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "editor" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "editor", id: "596e80daaba34620ffa518bd", Operation: "", variables: "", Query: mutation { @@ -1809,155 +1737,146 @@ mutation { } } -2017-07-17 00:08:02 Authorize update "update user" with user "tobkle" and role: "editor" with +2017-07-18 23:42:50 Authorize update "updateUser" with user "tobkle" and role: "editor" with authQuery: { "$or": [ { - "_id": "596be3c2949652fd418cc904" + "_id": "596e80daaba34620ffa518bd" } ] } -2017-07-17 00:08:02 Authorize update "update userfield "role"" with user "tobkle" with role "editor" field "role" removed from document id "undefined". No authorization. -2017-07-17 00:08:03 updated user 583291a1638566b3c5a92ca1. -2017-07-17 00:08:03 ERROR Cannot read property 'role' of undefined -2017-07-17 00:08:03 Authorize readOne "user findOneLoader" with user "tobkle" and role: "editor" with +2017-07-18 23:42:50 ERROR update user not possible for 583291a1638566b3c5a92ca1. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "editor" with authQuery: { "$or": [ { - "_id": "596be3c2949652fd418cc904" + "_id": "596e80daaba34620ffa518bd" } ] } -2017-07-17 00:08:03 Authorize readOne "tweet findOneLoader" with user "tobkle" and role "editor" is authorized -2017-07-17 00:08:03 -------------------------------------------------------------------------------- -2017-07-17 00:08:03 Request: -User: "tobkle", role: "editor", id: "596be3c2949652fd418cc904", +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "editor" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "editor", id: "596e80daaba34620ffa518bd", Operation: "", variables: "", Query: mutation { - updateUser(id: "596be3c2949652fd418cc904", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { + updateUser(id: "596e80daaba34620ffa518bd", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { username bio } } -2017-07-17 00:08:03 Authorize update "update user" with user "tobkle" and role: "editor" with +2017-07-18 23:42:50 Authorize update "updateUser" with user "tobkle" and role: "editor" with authQuery: { "$or": [ { - "_id": "596be3c2949652fd418cc904" + "_id": "596e80daaba34620ffa518bd" } ] } -2017-07-17 00:08:03 updated user 596be3c2949652fd418cc904. -2017-07-17 00:08:03 Authorize readOne "user findOneLoader" with user "tmeasday" and role: "editor" with +2017-07-18 23:42:50 updated user 596e80daaba34620ffa518bd. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "_id": "596be3c2949652fd418cc904" + "_id": "596e80daaba34620ffa518bd" } ] } -2017-07-17 00:08:03 Authorize readOne "tweet findOneLoader" with user "tmeasday" and role "editor" is authorized -2017-07-17 00:08:03 -------------------------------------------------------------------------------- -2017-07-17 00:08:03 Request: -User: "tmeasday", role: "editor", id: "596be3c2949652fd418cc904", +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tmeasday", role: "editor", id: "596e80daaba34620ffa518bd", Operation: "", variables: "", Query: mutation { - updateUser(id: "596be3c2949652fd418cc904", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { + updateUser(id: "596e80daaba34620ffa518bd", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { username bio role } } -2017-07-17 00:08:03 Authorize update "update user" with user "tmeasday" and role: "editor" with +2017-07-18 23:42:50 Authorize update "updateUser" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "_id": "596be3c2949652fd418cc904" + "_id": "596e80daaba34620ffa518bd" } ] } -2017-07-17 00:08:03 Authorize update "update userfield "role"" with user "tmeasday" with role "editor" field "role" removed from document id "undefined". No authorization. -2017-07-17 00:08:03 updated user 596be3c2949652fd418cc904. -2017-07-17 00:08:03 Authorize readOne "user findOneLoader" with user "tmeasday" and role: "editor" with +2017-07-18 23:42:50 updated user 596e80daaba34620ffa518bd. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "_id": "596be3c2949652fd418cc904" + "_id": "596e80daaba34620ffa518bd" } ] } -2017-07-17 00:08:03 Authorize readOne "tweet findOneLoader" with user "tmeasday" and role "editor" is authorized -2017-07-17 00:08:03 -------------------------------------------------------------------------------- -2017-07-17 00:08:03 Request: -User: "tmeasday", role: "editor", id: "596be3c2949652fd418cc904", +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tmeasday", role: "editor", id: "596e80daaba34620ffa518bd", Operation: "", variables: "", Query: mutation { removeUser(id: "583291a1638566b3c5a92ca1") } -2017-07-17 00:08:03 Authorize delete "removeUser" with user "tmeasday" and role: "editor" with +2017-07-18 23:42:50 Authorize delete "removeUser" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "_id": "596be3c2949652fd418cc904" + "_id": "596e80daaba34620ffa518bd" } ] } -2017-07-17 00:08:03 ERROR remove user failed for finalQuery: { - "_id": "583291a1638566b3c5a92ca1", - "$or": [ - { - "_id": "596be3c2949652fd418cc904" - } - ] -} -2017-07-17 00:08:03 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-07-17 00:08:03 Authorize readOne "user findOneLoader" with user "tmeasday" and role: "editor" with +2017-07-18 23:42:50 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "_id": "596be3c2949652fd418cc904" + "_id": "596e80daaba34620ffa518bd" } ] } -2017-07-17 00:08:03 Authorize readOne "tweet findOneLoader" with user "tmeasday" and role "editor" is authorized -2017-07-17 00:08:03 -------------------------------------------------------------------------------- -2017-07-17 00:08:03 Request: -User: "tmeasday", role: "editor", id: "596be3c2949652fd418cc904", +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tmeasday", role: "editor", id: "596e80daaba34620ffa518bd", Operation: "", variables: "", Query: mutation { - createTweet(input: {authorId: "596be3c2949652fd418cc904", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + createTweet(input: {authorId: "596e80daaba34620ffa518bd", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { id } } -2017-07-17 00:08:03 Authorize create "insert tweet" with user "tmeasday" and role: "editor" with -authQuery: { - "$or": [ - { - "authorId": "596be3c2949652fd418cc904" - } - ] +2017-07-18 23:42:50 { + "authorId": "596e80daaba34620ffa518bd", + "body": "This is a test tweet of user tobkle", + "coauthorsIds": [], + "createdAt": 1500414170722, + "updatedAt": 1500414170722, + "createdById": "596e80daaba34620ffa518bd", + "updatedById": "596e80daaba34620ffa518bd" } -2017-07-17 00:08:03 inserted tweet 596be3c3949652fd418cc905. -2017-07-17 00:08:03 Authorize readOne "user findOneLoader" with user "tmeasday" and role: "editor" with +2017-07-18 23:42:50 Authorize create "createTweet" with user "tmeasday" and role: "editor" is authorized by docRole. +2017-07-18 23:42:50 inserted tweet 596e80daaba34620ffa518be. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "_id": "596be3c2949652fd418cc904" + "_id": "596e80daaba34620ffa518bd" } ] } -2017-07-17 00:08:03 Authorize readOne "tweet findOneLoader" with user "tmeasday" and role "editor" is authorized -2017-07-17 00:08:03 -------------------------------------------------------------------------------- -2017-07-17 00:08:03 Request: -User: "tmeasday", role: "editor", id: "596be3c2949652fd418cc904", +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tmeasday", role: "editor", id: "596e80daaba34620ffa518bd", Operation: "", variables: "", Query: mutation { @@ -1966,31 +1885,32 @@ mutation { } } -2017-07-17 00:08:03 Authorize create "insert tweet" with user "tmeasday" and role: "editor" with -authQuery: { - "$or": [ - { - "authorId": "596be3c2949652fd418cc904" - } - ] +2017-07-18 23:42:50 { + "authorId": "583291a1638566b3c5a92ca1", + "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", + "coauthorsIds": [], + "createdAt": 1500414170729, + "updatedAt": 1500414170729, + "createdById": "596e80daaba34620ffa518bd", + "updatedById": "596e80daaba34620ffa518bd" } -2017-07-17 00:08:03 ERROR Not authorized to insert tweet -2017-07-17 00:08:03 Authorize readOne "user findOneLoader" with user "tmeasday" and role: "editor" with +2017-07-18 23:42:50 ERROR Authorize create "createTweet" with user "tmeasday" and role: "editor" is not authorized. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "_id": "596be3c2949652fd418cc904" + "_id": "596e80daaba34620ffa518bd" } ] } -2017-07-17 00:08:03 Authorize readOne "tweet findOneLoader" with user "tmeasday" and role "editor" is authorized -2017-07-17 00:08:03 -------------------------------------------------------------------------------- -2017-07-17 00:08:03 Request: -User: "tmeasday", role: "editor", id: "596be3c2949652fd418cc904", +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tmeasday", role: "editor", id: "596e80daaba34620ffa518bd", Operation: "", variables: "", Query: { - tweet(id: "596be3c3949652fd418cc905") { + tweet(id: "596e80daaba34620ffa518be") { author { id } @@ -1998,18 +1918,18 @@ Query: } } -2017-07-17 00:08:03 Authorize readOne "user findOneLoader" with user "tmeasday" and role: "editor" with +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "_id": "596be3c2949652fd418cc904" + "_id": "596e80daaba34620ffa518bd" } ] } -2017-07-17 00:08:03 Authorize readOne "tweet findOneLoader" with user "tmeasday" and role "editor" is authorized -2017-07-17 00:08:03 -------------------------------------------------------------------------------- -2017-07-17 00:08:03 Request: -User: "tmeasday", role: "editor", id: "596be3c2949652fd418cc904", +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tmeasday", role: "editor", id: "596e80daaba34620ffa518bd", Operation: "", variables: "", Query: { @@ -2021,51 +1941,50 @@ Query: } } -2017-07-17 00:08:03 ERROR Cannot read property 'role' of undefined -2017-07-17 00:08:03 Authorize readOne "user findOneLoader" with user "tmeasday" and role: "editor" with +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "_id": "596be3c2949652fd418cc904" + "_id": "596e80daaba34620ffa518bd" } ] } -2017-07-17 00:08:03 Authorize readOne "tweet findOneLoader" with user "tmeasday" and role "editor" is authorized -2017-07-17 00:08:03 -------------------------------------------------------------------------------- -2017-07-17 00:08:03 Request: -User: "tmeasday", role: "editor", id: "596be3c2949652fd418cc904", +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tmeasday", role: "editor", id: "596e80daaba34620ffa518bd", Operation: "", variables: "", Query: mutation { - updateTweet(id: "596be3c3949652fd418cc905", input: {body: "This is a modified test tweet"}) { + updateTweet(id: "596e80daaba34620ffa518be", input: {body: "This is a modified test tweet"}) { body } } -2017-07-17 00:08:03 Authorize update "update tweet" with user "tmeasday" and role: "editor" with +2017-07-18 23:42:50 Authorize update "updateTweet" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "authorId": "596be3c2949652fd418cc904" + "authorId": "596e80daaba34620ffa518bd" }, { - "coauthorsIds": "596be3c2949652fd418cc904" + "coauthorsIds": "596e80daaba34620ffa518bd" } ] } -2017-07-17 00:08:03 updated tweet 596be3c3949652fd418cc905. -2017-07-17 00:08:03 Authorize readOne "user findOneLoader" with user "tmeasday" and role: "editor" with +2017-07-18 23:42:50 updated tweet 596e80daaba34620ffa518be. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "_id": "596be3c2949652fd418cc904" + "_id": "596e80daaba34620ffa518bd" } ] } -2017-07-17 00:08:03 Authorize readOne "tweet findOneLoader" with user "tmeasday" and role "editor" is authorized -2017-07-17 00:08:03 -------------------------------------------------------------------------------- -2017-07-17 00:08:03 Request: -User: "tmeasday", role: "editor", id: "596be3c2949652fd418cc904", +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tmeasday", role: "editor", id: "596e80daaba34620ffa518bd", Operation: "", variables: "", Query: mutation { @@ -2074,178 +1993,151 @@ mutation { } } -2017-07-17 00:08:03 Authorize update "update tweet" with user "tmeasday" and role: "editor" with +2017-07-18 23:42:50 Authorize update "updateTweet" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "authorId": "596be3c2949652fd418cc904" - }, - { - "coauthorsIds": "596be3c2949652fd418cc904" - } - ] -} -2017-07-17 00:08:03 ERROR update tweet failed finalQuery: { - "_id": "583676d3618530145474e352", - "$or": [ - { - "authorId": "596be3c2949652fd418cc904" + "authorId": "596e80daaba34620ffa518bd" }, { - "coauthorsIds": "596be3c2949652fd418cc904" + "coauthorsIds": "596e80daaba34620ffa518bd" } ] } -2017-07-17 00:08:03 ERROR update tweet failed for docToUpdate: { - "$set": { - "body": "This is a modified test tweet", - "updatedAt": 1500242883108, - "updatedById": "596be3c2949652fd418cc904" - } -} -2017-07-17 00:08:03 ERROR update tweet not possible for 583676d3618530145474e352. -2017-07-17 00:08:03 Authorize readOne "user findOneLoader" with user "tmeasday" and role: "editor" with +2017-07-18 23:42:50 ERROR update tweet not possible for 583676d3618530145474e352. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "_id": "596be3c2949652fd418cc904" + "_id": "596e80daaba34620ffa518bd" } ] } -2017-07-17 00:08:03 Authorize readOne "tweet findOneLoader" with user "tmeasday" and role "editor" is authorized -2017-07-17 00:08:03 -------------------------------------------------------------------------------- -2017-07-17 00:08:03 Request: -User: "tmeasday", role: "editor", id: "596be3c2949652fd418cc904", +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tmeasday", role: "editor", id: "596e80daaba34620ffa518bd", Operation: "", variables: "", Query: { - tweet(id: "596be3c3949652fd418cc905") { + tweet(id: "596e80daaba34620ffa518be") { body } } -2017-07-17 00:08:03 Authorize readOne "user findOneLoader" with user "tmeasday" and role: "editor" with +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "_id": "596be3c2949652fd418cc904" + "_id": "596e80daaba34620ffa518bd" } ] } -2017-07-17 00:08:03 Authorize readOne "tweet findOneLoader" with user "tmeasday" and role "editor" is authorized -2017-07-17 00:08:03 -------------------------------------------------------------------------------- -2017-07-17 00:08:03 Request: -User: "tmeasday", role: "editor", id: "596be3c2949652fd418cc904", +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tmeasday", role: "editor", id: "596e80daaba34620ffa518bd", Operation: "", variables: "", Query: mutation { - removeTweet(id: "596be3c3949652fd418cc905") + removeTweet(id: "596e80daaba34620ffa518be") } -2017-07-17 00:08:03 Authorize delete "removeTweet" with user "tmeasday" and role: "editor" with +2017-07-18 23:42:50 Authorize delete "removeTweet" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "authorId": "596be3c2949652fd418cc904" + "authorId": "596e80daaba34620ffa518bd" } ] } -2017-07-17 00:08:03 removed tweet 596be3c3949652fd418cc905. -2017-07-17 00:08:03 Authorize readOne "user findOneLoader" with user "tmeasday" and role: "editor" with +2017-07-18 23:42:50 removed tweet 596e80daaba34620ffa518be. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "_id": "596be3c2949652fd418cc904" + "_id": "596e80daaba34620ffa518bd" } ] } -2017-07-17 00:08:03 Authorize readOne "tweet findOneLoader" with user "tmeasday" and role "editor" is authorized -2017-07-17 00:08:03 -------------------------------------------------------------------------------- -2017-07-17 00:08:03 Request: -User: "tmeasday", role: "editor", id: "596be3c2949652fd418cc904", +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tmeasday", role: "editor", id: "596e80daaba34620ffa518bd", Operation: "", variables: "", Query: mutation { removeTweet(id: "583676d3618530145474e352") } -2017-07-17 00:08:03 Authorize delete "removeTweet" with user "tmeasday" and role: "editor" with +2017-07-18 23:42:50 Authorize delete "removeTweet" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "authorId": "596be3c2949652fd418cc904" - } - ] -} -2017-07-17 00:08:03 ERROR remove tweet failed for finalQuery: { - "_id": "583676d3618530145474e352", - "$or": [ - { - "authorId": "596be3c2949652fd418cc904" + "authorId": "596e80daaba34620ffa518bd" } ] } -2017-07-17 00:08:03 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-07-17 00:08:03 Authorize readOne "user findOneLoader" with user "tmeasday" and role: "editor" with +2017-07-18 23:42:50 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "_id": "596be3c2949652fd418cc904" + "_id": "596e80daaba34620ffa518bd" } ] } -2017-07-17 00:08:03 Authorize readOne "tweet findOneLoader" with user "tmeasday" and role "editor" is authorized -2017-07-17 00:08:03 -------------------------------------------------------------------------------- -2017-07-17 00:08:03 Request: -User: "tmeasday", role: "editor", id: "596be3c2949652fd418cc904", +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tmeasday", role: "editor", id: "596e80daaba34620ffa518bd", Operation: "", variables: "", Query: { - tweet(id: "596be3c3949652fd418cc905") { + tweet(id: "596e80daaba34620ffa518be") { body } } -2017-07-17 00:08:03 Authorize readOne "user findOneLoader" with user "tmeasday" and role: "editor" with +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "_id": "596be3c2949652fd418cc904" + "_id": "596e80daaba34620ffa518bd" } ] } -2017-07-17 00:08:03 Authorize readOne "tweet findOneLoader" with user "tmeasday" and role "editor" is authorized -2017-07-17 00:08:03 -------------------------------------------------------------------------------- -2017-07-17 00:08:03 Request: -User: "tmeasday", role: "editor", id: "596be3c2949652fd418cc904", +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tmeasday", role: "editor", id: "596e80daaba34620ffa518bd", Operation: "", variables: "", Query: mutation { - removeUser(id: "596be3c2949652fd418cc904") + removeUser(id: "596e80daaba34620ffa518bd") } -2017-07-17 00:08:03 Authorize delete "removeUser" with user "tmeasday" and role: "editor" with +2017-07-18 23:42:50 Authorize delete "removeUser" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "_id": "596be3c2949652fd418cc904" + "_id": "596e80daaba34620ffa518bd" } ] } -2017-07-17 00:08:03 removed user 596be3c2949652fd418cc904. -2017-07-17 00:08:03 ERROR Authorize readOne "user findOneLoader" with user "" and role: "null" is not authorized. -2017-07-17 00:08:03 Authorize readOne "tweet findOneLoader" with user "" and role "" is authorized -2017-07-17 00:08:03 -------------------------------------------------------------------------------- -2017-07-17 00:08:03 Request: +2017-07-18 23:42:50 removed user 596e80daaba34620ffa518bd. +2017-07-18 23:42:50 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "" and role "" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: { - user(id: "596be3c2949652fd418cc904") { + user(id: "596e80daaba34620ffa518bd") { username bio role } } -2017-07-17 00:08:03 ERROR Cannot read property 'role' of undefined From 49cee9350e0854116a416d7069f5a673b569ac37 Mon Sep 17 00:00:00 2001 From: tobkle Date: Thu, 3 Aug 2017 19:12:12 +0200 Subject: [PATCH 23/69] authorization --- test/output-app/README.md | 47 +- test/output-app/model/User.js | 23 +- test/output-app/server/authorize.js | 13 + test/output-app/server/index.js | 5 +- .../server/logs/all-logs-readable.log | 1521 ++++++++--------- 5 files changed, 806 insertions(+), 803 deletions(-) diff --git a/test/output-app/README.md b/test/output-app/README.md index 1a4ddd4..efe47d8 100644 --- a/test/output-app/README.md +++ b/test/output-app/README.md @@ -51,7 +51,10 @@ async function startServer() { schema, context: Object.assign({ me }, req.context), debug: true, - // formatError(e) { console.log(e) }, + formatError(e) { + console.log(e); + return e; + }, }; })(req, res, next); })(req, res, next); @@ -383,6 +386,7 @@ export default class Tweet { } catch (err){ log.error(err.message); } } } + ``` ### ./model/User.js @@ -392,7 +396,7 @@ this.auth is generated by the @authorize directive. Here also with field authori ```javascript import log from '../server/logger'; import DataLoader from 'dataloader'; -import { findByIds, queryForRoles, authlog, checkAuthDoc } from '../server/authorize'; +import { findByIds, queryForRoles, authlog, checkAuthDoc, protectFields } from '../server/authorize'; export default class User { constructor(context) { @@ -457,20 +461,6 @@ export default class User { return this.context.User.findOneById(user.updatedById, me, resolver); } - // Begin of user inserted method - protectFields(me, authorizedUserRoles, protectedFields, inputObject){ - const result = Object.assign({}, inputObject); - const role = this.context.User.authRole(me); - // if user is not allowed to access specific fields... - if (!authorizedUserRoles.includes(role)){ - protectedFields.every(protectedField => { - if (result[protectedField]) delete result[protectedField]; - }); - } - return result; - } - // End of user inserted method - async insert(doc, me, resolver) { try { let docToInsert = Object.assign({}, doc, { @@ -479,10 +469,8 @@ export default class User { createdById: (me && me._id) ? me._id : 'unknown', updatedById: (me && me._id) ? me._id : 'unknown', }); - // const authQuery = queryForRoles(me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'create', me)); checkAuthDoc(docToInsert, me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'create', me)); - // User inserted line: - docToInsert = this.protectFields(me, ['admin'], ['role'], docToInsert); + docToInsert = this.protectFields(me, ['admin'], ['role'], docToInsert, { User: this.context.User }); const id = (await this.collection.insertOne(docToInsert)).insertedId; if (!id) { throw new Error(`insert user not possible.`); @@ -503,8 +491,7 @@ export default class User { const baseQuery = {_id: id}; const authQuery = queryForRoles(me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'update', me)); const finalQuery = {...baseQuery, ...authQuery}; - // User inserted line: - docToUpdate.$set = this.protectFields(me, ['admin'], ['role'], docToUpdate.$set); + docToUpdate.$set = this.protectFields(me, ['admin'], ['role'], docToUpdate.$set, { User: this.context.User }); const result = await this.collection.updateOne(finalQuery, docToUpdate); if (result.result.ok !== 1 || result.result.n !== 1){ throw new Error(`update user not possible for ${id}.`); @@ -566,6 +553,24 @@ export function findByIds(collection, ids = [], authQuery) { } ``` +### function protectFields +Use function protectFields to protect single fields from access. Provide signed in user in "me", the authorized User roles for the protected field(s) - meaning the user who is allowed to access the field -, provide an array with protected fields, and the current document object, which is to be checked for protected fields and the User model context. + +```javascript +// returns whether the authorized record, or the record without not authorized field(s) +export function protectFields(me, authorizedUserRoles, protectedFields, inputObject, { User }){ + const result = Object.assign({}, inputObject); + const role = User.authRole(me); + // if user is not allowed to access specific fields, remove field from object... + if (!authorizedUserRoles.includes(role)){ + protectedFields.every(protectedField => { + if (result[protectedField]) delete result[protectedField]; + }); + } + return result; +} +``` + ### function checkAuthDoc Use function checkAuthDoc to check and get back the document. Especially used in insert operations, to figure out, if the toBeInsertedDoc is valid to be added by this userRole, docRole and action. diff --git a/test/output-app/model/User.js b/test/output-app/model/User.js index 7446a96..7c6b165 100644 --- a/test/output-app/model/User.js +++ b/test/output-app/model/User.js @@ -1,6 +1,6 @@ import log from '../server/logger'; import DataLoader from 'dataloader'; -import { findByIds, queryForRoles, authlog, checkAuthDoc } from '../server/authorize'; +import { findByIds, queryForRoles, authlog, checkAuthDoc, protectFields } from '../server/authorize'; export default class User { constructor(context) { @@ -65,20 +65,6 @@ export default class User { return this.context.User.findOneById(user.updatedById, me, resolver); } - // Begin of user inserted method - protectFields(me, authorizedUserRoles, protectedFields, inputObject){ - const result = Object.assign({}, inputObject); - const role = this.context.User.authRole(me); - // if user is not allowed to access specific fields... - if (!authorizedUserRoles.includes(role)){ - protectedFields.every(protectedField => { - if (result[protectedField]) delete result[protectedField]; - }); - } - return result; - } - // End of user inserted method - async insert(doc, me, resolver) { try { let docToInsert = Object.assign({}, doc, { @@ -87,10 +73,8 @@ export default class User { createdById: (me && me._id) ? me._id : 'unknown', updatedById: (me && me._id) ? me._id : 'unknown', }); - // const authQuery = queryForRoles(me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'create', me)); checkAuthDoc(docToInsert, me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'create', me)); - // User inserted line: - docToInsert = this.protectFields(me, ['admin'], ['role'], docToInsert); + docToInsert = protectFields(me, ['admin'], ['role'], docToInsert, { User: this.context.User }); const id = (await this.collection.insertOne(docToInsert)).insertedId; if (!id) { throw new Error(`insert user not possible.`); @@ -111,8 +95,7 @@ export default class User { const baseQuery = {_id: id}; const authQuery = queryForRoles(me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'update', me)); const finalQuery = {...baseQuery, ...authQuery}; - // User inserted line: - docToUpdate.$set = this.protectFields(me, ['admin'], ['role'], docToUpdate.$set); + docToUpdate.$set = protectFields(me, ['admin'], ['role'], docToUpdate.$set, { User: this.context.User }); const result = await this.collection.updateOne(finalQuery, docToUpdate); if (result.result.ok !== 1 || result.result.n !== 1){ throw new Error(`update user not possible for ${id}.`); diff --git a/test/output-app/server/authorize.js b/test/output-app/server/authorize.js index dd0a7b9..f8d8ef8 100644 --- a/test/output-app/server/authorize.js +++ b/test/output-app/server/authorize.js @@ -22,6 +22,19 @@ export function findByIds(collection, ids = [], authQuery) { }); } +// returns whether the authorized record, or the record without not authorized field(s) +export function protectFields(me, authorizedUserRoles, protectedFields, inputObject, { User }){ + const result = Object.assign({}, inputObject); + const role = User.authRole(me); + // if user is not allowed to access specific fields, remove field from object... + if (!authorizedUserRoles.includes(role)){ + protectedFields.every(protectedField => { + if (result[protectedField]) delete result[protectedField]; + }); + } + return result; +} + export function checkAuthDoc(doc, me, userRoles, docRoles, { User }, logger){ const role = User.authRole(me); diff --git a/test/output-app/server/index.js b/test/output-app/server/index.js index 84d01ce..0b9bcd0 100644 --- a/test/output-app/server/index.js +++ b/test/output-app/server/index.js @@ -62,7 +62,10 @@ async function startServer() { schema, context: Object.assign({ me }, req.context), debug: true, - // formatError(e) { console.log(e) }, + formatError(e) { + console.log(e); + return e; + }, }; })(req, res, next); })(req, res, next); diff --git a/test/output-app/server/logs/all-logs-readable.log b/test/output-app/server/logs/all-logs-readable.log index 4d8c0a0..e310730 100644 --- a/test/output-app/server/logs/all-logs-readable.log +++ b/test/output-app/server/logs/all-logs-readable.log @@ -1,8 +1,7 @@ -x2017-07-18 23:42:06 Logger started -2017-07-18 23:42:35 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:35 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:35 -------------------------------------------------------------------------------- -2017-07-18 23:42:35 Request: +2017-08-03 19:11:27 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:27 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:27 -------------------------------------------------------------------------------- +2017-08-03 19:11:27 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -14,10 +13,10 @@ Query: } } -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -29,10 +28,10 @@ Query: } } -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -43,10 +42,10 @@ Query: } } -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -57,10 +56,10 @@ Query: } } -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -71,10 +70,10 @@ Query: } } -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -86,10 +85,10 @@ Query: } } -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -100,11 +99,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "users" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "users" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -115,11 +114,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "users" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "users" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -130,11 +129,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "users" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "users" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -145,11 +144,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "users" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "users" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -162,11 +161,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "user followers" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "user followers" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -179,11 +178,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "user followers" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "user followers" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -196,11 +195,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "user followers" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "user followers" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -213,11 +212,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "user followers" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "user followers" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -230,11 +229,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "user following" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "user following" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -247,11 +246,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "user following" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "user following" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -264,11 +263,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "user following" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "user following" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -281,11 +280,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "user following" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "user following" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -298,11 +297,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "user tweets" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "user tweets" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -315,11 +314,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "user tweets" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "user tweets" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -332,11 +331,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "user tweets" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "user tweets" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -349,11 +348,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "user tweets" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "user tweets" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -366,11 +365,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "user liked" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "user liked" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -383,11 +382,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "user liked" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "user liked" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -400,11 +399,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "user liked" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "user liked" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -417,11 +416,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "user liked" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "user liked" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -432,10 +431,10 @@ Query: } } -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -447,10 +446,10 @@ Query: } } -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -461,11 +460,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "tweets" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "tweets" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -476,11 +475,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "tweets" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "tweets" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -491,11 +490,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "tweets" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "tweets" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -506,11 +505,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "tweets" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "tweets" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -523,11 +522,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "tweet likers" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "tweet likers" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -540,11 +539,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "tweet likers" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "tweet likers" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -557,11 +556,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "tweet likers" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "tweet likers" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -574,11 +573,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "tweet likers" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "tweet likers" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -589,14 +588,14 @@ mutation { } } -2017-07-18 23:42:49 Authorize create "createUser" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize create "createUser" with user "stubailo" and role: "admin" is authorized by userRole. -2017-07-18 23:42:49 inserted user 596e80d9aba34620ffa518b7. -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: -User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +2017-08-03 19:11:36 Authorize create "createUser" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize create "createUser" with user "stubailo" and role: "admin" is authorized by userRole. +2017-08-03 19:11:36 inserted user 59835948075def94489f4100. +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: +User: "tobkle", role: "admin", id: "59835948075def94489f4100", Operation: "", variables: "", Query: mutation { @@ -605,197 +604,197 @@ mutation { } } -2017-07-18 23:42:49 Authorize create "createUser" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:49 Authorize create "createUser" with user "tobkle" and role: "admin" is authorized by userRole. -2017-07-18 23:42:49 inserted user 596e80d9aba34620ffa518b8. -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: -User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +2017-08-03 19:11:36 Authorize create "createUser" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 Authorize create "createUser" with user "tobkle" and role: "admin" is authorized by userRole. +2017-08-03 19:11:36 inserted user 59835948075def94489f4101. +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: +User: "tobkle", role: "admin", id: "59835948075def94489f4100", Operation: "", variables: "", Query: { - user(id: "596e80d9aba34620ffa518b8") { + user(id: "59835948075def94489f4101") { username bio role } } -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: -User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: +User: "tobkle", role: "admin", id: "59835948075def94489f4100", Operation: "", variables: "", Query: { - user(id: "596e80d9aba34620ffa518b7") { + user(id: "59835948075def94489f4100") { username role } } -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: -User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: +User: "tobkle", role: "admin", id: "59835948075def94489f4100", Operation: "", variables: "", Query: mutation { - updateUser(id: "596e80d9aba34620ffa518b8", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + updateUser(id: "59835948075def94489f4101", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { username bio role } } -2017-07-18 23:42:49 Authorize update "updateUser" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:49 updated user 596e80d9aba34620ffa518b8. -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: -User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +2017-08-03 19:11:36 Authorize update "updateUser" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 updated user 59835948075def94489f4101. +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: +User: "tobkle", role: "admin", id: "59835948075def94489f4100", Operation: "", variables: "", Query: mutation { - updateUser(id: "596e80d9aba34620ffa518b7", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + updateUser(id: "59835948075def94489f4100", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { username bio role } } -2017-07-18 23:42:49 Authorize update "updateUser" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:49 updated user 596e80d9aba34620ffa518b7. -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: -User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +2017-08-03 19:11:36 Authorize update "updateUser" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 updated user 59835948075def94489f4100. +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: +User: "tobkle", role: "admin", id: "59835948075def94489f4100", Operation: "", variables: "", Query: mutation { - updateUser(id: "596e80d9aba34620ffa518b8", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + updateUser(id: "59835948075def94489f4101", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { username bio role } } -2017-07-18 23:42:49 Authorize update "updateUser" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:49 updated user 596e80d9aba34620ffa518b8. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +2017-08-03 19:11:36 Authorize update "updateUser" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 updated user 59835948075def94489f4101. +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: +User: "tobkle", role: "admin", id: "59835948075def94489f4100", Operation: "", variables: "", Query: mutation { - updateUser(id: "596e80d9aba34620ffa518b7", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + updateUser(id: "59835948075def94489f4100", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { username bio role } } -2017-07-18 23:42:50 Authorize update "updateUser" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 updated user 596e80d9aba34620ffa518b7. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "editor" with +2017-08-03 19:11:36 Authorize update "updateUser" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 updated user 59835948075def94489f4100. +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role: "editor" with authQuery: { "$or": [ { - "_id": "596e80d9aba34620ffa518b7" + "_id": "59835948075def94489f4100" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "editor" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "editor", id: "596e80d9aba34620ffa518b7", +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "editor" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: +User: "tobkle", role: "editor", id: "59835948075def94489f4100", Operation: "", variables: "", Query: mutation { - updateUser(id: "596e80d9aba34620ffa518b7", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + updateUser(id: "59835948075def94489f4100", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { username bio role } } -2017-07-18 23:42:50 Authorize update "updateUser" with user "tobkle" and role: "editor" with +2017-08-03 19:11:36 Authorize update "updateUser" with user "tobkle" and role: "editor" with authQuery: { "$or": [ { - "_id": "596e80d9aba34620ffa518b7" + "_id": "59835948075def94489f4100" } ] } -2017-07-18 23:42:50 updated user 596e80d9aba34620ffa518b7. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "zoltan" and role "admin" is authorized -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "zoltan" and role "admin" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "zoltan", role: "admin", id: "596e80d9aba34620ffa518b8", +2017-08-03 19:11:36 updated user 59835948075def94489f4100. +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "zoltan" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "zoltan" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: +User: "zoltan", role: "admin", id: "59835948075def94489f4101", Operation: "", variables: "", Query: mutation { - updateUser(id: "596e80d9aba34620ffa518b7", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + updateUser(id: "59835948075def94489f4100", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { username bio role } } -2017-07-18 23:42:50 Authorize update "updateUser" with user "zoltan" and role "admin" is authorized -2017-07-18 23:42:50 updated user 596e80d9aba34620ffa518b7. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +2017-08-03 19:11:36 Authorize update "updateUser" with user "zoltan" and role "admin" is authorized +2017-08-03 19:11:36 updated user 59835948075def94489f4100. +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: +User: "tobkle", role: "admin", id: "59835948075def94489f4100", Operation: "", variables: "", Query: mutation { - removeUser(id: "596e80d9aba34620ffa518b8") + removeUser(id: "59835948075def94489f4101") } -2017-07-18 23:42:50 Authorize delete "removeUser" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 removed user 596e80d9aba34620ffa518b8. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +2017-08-03 19:11:36 Authorize delete "removeUser" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 removed user 59835948075def94489f4101. +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: +User: "tobkle", role: "admin", id: "59835948075def94489f4100", Operation: "", variables: "", Query: mutation { - createTweet(input: {authorId: "596e80d9aba34620ffa518b7", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + createTweet(input: {authorId: "59835948075def94489f4100", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { id } } -2017-07-18 23:42:50 { - "authorId": "596e80d9aba34620ffa518b7", +2017-08-03 19:11:36 { + "authorId": "59835948075def94489f4100", "body": "This is a test tweet of user tobkle", "coauthorsIds": [], - "createdAt": 1500414170065, - "updatedAt": 1500414170065, - "createdById": "596e80d9aba34620ffa518b7", - "updatedById": "596e80d9aba34620ffa518b7" + "createdAt": 1501780296690, + "updatedAt": 1501780296690, + "createdById": "59835948075def94489f4100", + "updatedById": "59835948075def94489f4100" } -2017-07-18 23:42:50 Authorize create "createTweet" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 Authorize create "createTweet" with user "tobkle" and role: "admin" is authorized by userRole. -2017-07-18 23:42:50 inserted tweet 596e80daaba34620ffa518b9. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +2017-08-03 19:11:36 Authorize create "createTweet" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 Authorize create "createTweet" with user "tobkle" and role: "admin" is authorized by userRole. +2017-08-03 19:11:36 inserted tweet 59835948075def94489f4102. +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: +User: "tobkle", role: "admin", id: "59835948075def94489f4100", Operation: "", variables: "", Query: mutation { @@ -804,26 +803,26 @@ mutation { } } -2017-07-18 23:42:50 { +2017-08-03 19:11:36 { "authorId": "583291a1638566b3c5a92ca1", "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", "coauthorsIds": [], - "createdAt": 1500414170102, - "updatedAt": 1500414170102, - "createdById": "596e80d9aba34620ffa518b7", - "updatedById": "596e80d9aba34620ffa518b7" + "createdAt": 1501780296700, + "updatedAt": 1501780296700, + "createdById": "59835948075def94489f4100", + "updatedById": "59835948075def94489f4100" } -2017-07-18 23:42:50 Authorize create "createTweet" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 Authorize create "createTweet" with user "tobkle" and role: "admin" is authorized by userRole. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +2017-08-03 19:11:36 Authorize create "createTweet" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 Authorize create "createTweet" with user "tobkle" and role: "admin" is authorized by userRole. +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: +User: "tobkle", role: "admin", id: "59835948075def94489f4100", Operation: "", variables: "", Query: { - tweet(id: "596e80daaba34620ffa518b9") { + tweet(id: "59835948075def94489f4102") { author { id } @@ -831,12 +830,12 @@ Query: } } -2017-07-18 23:42:50 inserted tweet 596e80daaba34620ffa518ba. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +2017-08-03 19:11:36 inserted tweet 59835948075def94489f4103. +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: +User: "tobkle", role: "admin", id: "59835948075def94489f4100", Operation: "", variables: "", Query: { @@ -848,120 +847,120 @@ Query: } } -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: +User: "tobkle", role: "admin", id: "59835948075def94489f4100", Operation: "", variables: "", Query: mutation { - updateTweet(id: "596e80daaba34620ffa518b9", input: {body: "This is a modified test tweet"}) { + updateTweet(id: "59835948075def94489f4102", input: {body: "This is a modified test tweet"}) { body } } -2017-07-18 23:42:50 Authorize update "updateTweet" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 updated tweet 596e80daaba34620ffa518b9. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +2017-08-03 19:11:36 Authorize update "updateTweet" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 updated tweet 59835948075def94489f4102. +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: +User: "tobkle", role: "admin", id: "59835948075def94489f4100", Operation: "", variables: "", Query: mutation { - updateTweet(id: "596e80daaba34620ffa518ba", input: {body: "This is a modified test tweet"}) { + updateTweet(id: "59835948075def94489f4103", input: {body: "This is a modified test tweet"}) { body } } -2017-07-18 23:42:50 Authorize update "updateTweet" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 updated tweet 596e80daaba34620ffa518ba. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +2017-08-03 19:11:36 Authorize update "updateTweet" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 updated tweet 59835948075def94489f4103. +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: +User: "tobkle", role: "admin", id: "59835948075def94489f4100", Operation: "", variables: "", Query: { - tweet(id: "596e80daaba34620ffa518b9") { + tweet(id: "59835948075def94489f4102") { body } } -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: +User: "tobkle", role: "admin", id: "59835948075def94489f4100", Operation: "", variables: "", Query: mutation { - removeTweet(id: "596e80daaba34620ffa518b9") + removeTweet(id: "59835948075def94489f4102") } -2017-07-18 23:42:50 Authorize delete "removeTweet" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 removed tweet 596e80daaba34620ffa518b9. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +2017-08-03 19:11:36 Authorize delete "removeTweet" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 removed tweet 59835948075def94489f4102. +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: +User: "tobkle", role: "admin", id: "59835948075def94489f4100", Operation: "", variables: "", Query: mutation { - removeTweet(id: "596e80daaba34620ffa518ba") + removeTweet(id: "59835948075def94489f4103") } -2017-07-18 23:42:50 Authorize delete "removeTweet" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 removed tweet 596e80daaba34620ffa518ba. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +2017-08-03 19:11:36 Authorize delete "removeTweet" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 removed tweet 59835948075def94489f4103. +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: +User: "tobkle", role: "admin", id: "59835948075def94489f4100", Operation: "", variables: "", Query: { - tweet(id: "596e80daaba34620ffa518b9") { + tweet(id: "59835948075def94489f4102") { body } } -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: +User: "tobkle", role: "admin", id: "59835948075def94489f4100", Operation: "", variables: "", Query: mutation { - removeUser(id: "596e80d9aba34620ffa518b7") + removeUser(id: "59835948075def94489f4100") } -2017-07-18 23:42:50 Authorize delete "removeUser" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 removed user 596e80d9aba34620ffa518b7. -2017-07-18 23:42:50 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "" and role "" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: +2017-08-03 19:11:36 Authorize delete "removeUser" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 removed user 59835948075def94489f4100. +2017-08-03 19:11:36 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "" and role "" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: { - user(id: "596e80d9aba34620ffa518b7") { + user(id: "59835948075def94489f4100") { username bio role } } -2017-07-18 23:42:50 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "" and role "" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: +2017-08-03 19:11:36 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "" and role "" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -971,11 +970,11 @@ mutation { } } -2017-07-18 23:42:50 ERROR Cannot read property 'toString' of undefined -2017-07-18 23:42:50 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "" and role "" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: +2017-08-03 19:11:36 ERROR Cannot read property 'toString' of undefined +2017-08-03 19:11:36 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "" and role "" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -987,10 +986,10 @@ Query: } } -2017-07-18 23:42:50 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "" and role "" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: +2017-08-03 19:11:36 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "" and role "" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -1002,11 +1001,11 @@ mutation { } } -2017-07-18 23:42:50 ERROR Authorize update "updateUser" with user "" and role: "null" is not authorized. -2017-07-18 23:42:50 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "" and role "" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: +2017-08-03 19:11:36 ERROR Authorize update "updateUser" with user "" and role: "null" is not authorized. +2017-08-03 19:11:36 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "" and role "" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -1014,11 +1013,11 @@ mutation { removeUser(id: "583291a1638566b3c5a92ca1") } -2017-07-18 23:42:50 ERROR Authorize delete "removeUser" with user "" and role: "null" is not authorized. -2017-07-18 23:42:50 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "" and role "" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: +2017-08-03 19:11:36 ERROR Authorize delete "removeUser" with user "" and role: "null" is not authorized. +2017-08-03 19:11:36 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "" and role "" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -1028,10 +1027,10 @@ mutation { } } -2017-07-18 23:42:50 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "" and role "" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: +2017-08-03 19:11:36 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "" and role "" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -1041,20 +1040,20 @@ mutation { } } -2017-07-18 23:42:50 { +2017-08-03 19:11:36 { "authorId": "583291a1638566b3c5a92ca1", "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", "coauthorsIds": [], - "createdAt": 1500414170256, - "updatedAt": 1500414170256, + "createdAt": 1501780296965, + "updatedAt": 1501780296965, "createdById": "unknown", "updatedById": "unknown" } -2017-07-18 23:42:50 ERROR Cannot read property 'toString' of undefined -2017-07-18 23:42:50 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "" and role "" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: +2017-08-03 19:11:36 ERROR Cannot read property 'toString' of undefined +2017-08-03 19:11:36 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "" and role "" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -1067,10 +1066,10 @@ Query: } } -2017-07-18 23:42:50 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "" and role "" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: +2017-08-03 19:11:36 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "" and role "" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -1080,11 +1079,11 @@ mutation { } } -2017-07-18 23:42:50 ERROR Authorize update "updateTweet" with user "" and role: "null" is not authorized. -2017-07-18 23:42:50 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "" and role "" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: +2017-08-03 19:11:37 ERROR Authorize update "updateTweet" with user "" and role: "null" is not authorized. +2017-08-03 19:11:37 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "" and role "" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -1094,11 +1093,11 @@ mutation { } } -2017-07-18 23:42:50 ERROR Authorize update "updateTweet" with user "" and role: "null" is not authorized. -2017-07-18 23:42:50 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "" and role "" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: +2017-08-03 19:11:37 ERROR Authorize update "updateTweet" with user "" and role: "null" is not authorized. +2017-08-03 19:11:37 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "" and role "" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -1106,11 +1105,11 @@ mutation { removeTweet(id: "583676d3618530145474e352") } -2017-07-18 23:42:50 ERROR Authorize delete "removeTweet" with user "" and role: "null" is not authorized. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: +2017-08-03 19:11:37 ERROR Authorize delete "removeTweet" with user "" and role: "null" is not authorized. +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -1121,21 +1120,21 @@ mutation { } } -2017-07-18 23:42:50 Authorize create "createUser" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:50 Authorize create "createUser" with user "stubailo" and role: "admin" is authorized by userRole. -2017-07-18 23:42:50 inserted user 596e80daaba34620ffa518bb. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 Authorize create "createUser" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:37 Authorize create "createUser" with user "stubailo" and role: "admin" is authorized by userRole. +2017-08-03 19:11:37 inserted user 59835949075def94489f4104. +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bb" + "_id": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tobkle", role: "user", id: "59835949075def94489f4104", Operation: "", variables: "", Query: mutation { @@ -1144,19 +1143,19 @@ mutation { } } -2017-07-18 23:42:50 ERROR Cannot read property 'toString' of undefined -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 ERROR Cannot read property 'toString' of undefined +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bb" + "_id": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tobkle", role: "user", id: "59835949075def94489f4104", Operation: "", variables: "", Query: { @@ -1167,59 +1166,59 @@ Query: } } -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bb" + "_id": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tobkle", role: "user", id: "59835949075def94489f4104", Operation: "", variables: "", Query: { - user(id: "596e80daaba34620ffa518bb") { + user(id: "59835949075def94489f4104") { username } } -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bb" + "_id": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tobkle", role: "user", id: "59835949075def94489f4104", Operation: "", variables: "", Query: { - user(id: "596e80daaba34620ffa518bb") { + user(id: "59835949075def94489f4104") { username role } } -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bb" + "_id": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tobkle", role: "user", id: "59835949075def94489f4104", Operation: "", variables: "", Query: mutation { @@ -1230,146 +1229,146 @@ mutation { } } -2017-07-18 23:42:50 Authorize update "updateUser" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 Authorize update "updateUser" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bb" + "_id": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 ERROR update user not possible for 583291a1638566b3c5a92ca1. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 ERROR update user not possible for 583291a1638566b3c5a92ca1. +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bb" + "_id": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tobkle", role: "user", id: "59835949075def94489f4104", Operation: "", variables: "", Query: mutation { - updateUser(id: "596e80daaba34620ffa518bb", input: {username: "tobkle", bio: "Maker of things, I guess"}) { + updateUser(id: "59835949075def94489f4104", input: {username: "tobkle", bio: "Maker of things, I guess"}) { username bio } } -2017-07-18 23:42:50 Authorize update "updateUser" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 Authorize update "updateUser" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bb" + "_id": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 updated user 596e80daaba34620ffa518bb. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 updated user 59835949075def94489f4104. +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bb" + "_id": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tobkle", role: "user", id: "59835949075def94489f4104", Operation: "", variables: "", Query: mutation { - updateUser(id: "596e80daaba34620ffa518bb", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + updateUser(id: "59835949075def94489f4104", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { username bio role } } -2017-07-18 23:42:50 Authorize update "updateUser" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 Authorize update "updateUser" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bb" + "_id": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 updated user 596e80daaba34620ffa518bb. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 updated user 59835949075def94489f4104. +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bb" + "_id": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tobkle", role: "user", id: "59835949075def94489f4104", Operation: "", variables: "", Query: mutation { removeUser(id: "583291a1638566b3c5a92ca1") } -2017-07-18 23:42:50 Authorize delete "removeUser" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 Authorize delete "removeUser" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bb" + "_id": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bb" + "_id": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tobkle", role: "user", id: "59835949075def94489f4104", Operation: "", variables: "", Query: mutation { - createTweet(input: {authorId: "596e80daaba34620ffa518bb", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + createTweet(input: {authorId: "59835949075def94489f4104", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { id } } -2017-07-18 23:42:50 { - "authorId": "596e80daaba34620ffa518bb", +2017-08-03 19:11:37 { + "authorId": "59835949075def94489f4104", "body": "This is a test tweet of user tobkle", "coauthorsIds": [], - "createdAt": 1500414170485, - "updatedAt": 1500414170485, - "createdById": "596e80daaba34620ffa518bb", - "updatedById": "596e80daaba34620ffa518bb" -} -2017-07-18 23:42:50 Authorize create "createTweet" with user "tobkle" and role: "user" is authorized by docRole. -2017-07-18 23:42:50 inserted tweet 596e80daaba34620ffa518bc. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with + "createdAt": 1501780297175, + "updatedAt": 1501780297175, + "createdById": "59835949075def94489f4104", + "updatedById": "59835949075def94489f4104" +} +2017-08-03 19:11:37 Authorize create "createTweet" with user "tobkle" and role: "user" is authorized by docRole. +2017-08-03 19:11:37 inserted tweet 59835949075def94489f4105. +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bb" + "_id": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tobkle", role: "user", id: "59835949075def94489f4104", Operation: "", variables: "", Query: mutation { @@ -1378,32 +1377,32 @@ mutation { } } -2017-07-18 23:42:50 { +2017-08-03 19:11:37 { "authorId": "583291a1638566b3c5a92ca1", "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", "coauthorsIds": [], - "createdAt": 1500414170510, - "updatedAt": 1500414170510, - "createdById": "596e80daaba34620ffa518bb", - "updatedById": "596e80daaba34620ffa518bb" + "createdAt": 1501780297182, + "updatedAt": 1501780297182, + "createdById": "59835949075def94489f4104", + "updatedById": "59835949075def94489f4104" } -2017-07-18 23:42:50 ERROR Authorize create "createTweet" with user "tobkle" and role: "user" is not authorized. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 ERROR Authorize create "createTweet" with user "tobkle" and role: "user" is not authorized. +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bb" + "_id": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tobkle", role: "user", id: "59835949075def94489f4104", Operation: "", variables: "", Query: { - tweet(id: "596e80daaba34620ffa518bc") { + tweet(id: "59835949075def94489f4105") { author { id } @@ -1411,18 +1410,18 @@ Query: } } -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bb" + "_id": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tobkle", role: "user", id: "59835949075def94489f4104", Operation: "", variables: "", Query: { @@ -1434,50 +1433,50 @@ Query: } } -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bb" + "_id": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tobkle", role: "user", id: "59835949075def94489f4104", Operation: "", variables: "", Query: mutation { - updateTweet(id: "596e80daaba34620ffa518bc", input: {body: "This is a modified test tweet"}) { + updateTweet(id: "59835949075def94489f4105", input: {body: "This is a modified test tweet"}) { body } } -2017-07-18 23:42:50 Authorize update "updateTweet" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 Authorize update "updateTweet" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "authorId": "596e80daaba34620ffa518bb" + "authorId": "59835949075def94489f4104" }, { - "coauthorsIds": "596e80daaba34620ffa518bb" + "coauthorsIds": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 updated tweet 596e80daaba34620ffa518bc. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 updated tweet 59835949075def94489f4105. +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bb" + "_id": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tobkle", role: "user", id: "59835949075def94489f4104", Operation: "", variables: "", Query: mutation { @@ -1486,158 +1485,158 @@ mutation { } } -2017-07-18 23:42:50 Authorize update "updateTweet" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 Authorize update "updateTweet" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "authorId": "596e80daaba34620ffa518bb" + "authorId": "59835949075def94489f4104" }, { - "coauthorsIds": "596e80daaba34620ffa518bb" + "coauthorsIds": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 ERROR update tweet not possible for 583676d3618530145474e352. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 ERROR update tweet not possible for 583676d3618530145474e352. +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bb" + "_id": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tobkle", role: "user", id: "59835949075def94489f4104", Operation: "", variables: "", Query: { - tweet(id: "596e80daaba34620ffa518bc") { + tweet(id: "59835949075def94489f4105") { body } } -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bb" + "_id": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tobkle", role: "user", id: "59835949075def94489f4104", Operation: "", variables: "", Query: mutation { - removeTweet(id: "596e80daaba34620ffa518bc") + removeTweet(id: "59835949075def94489f4105") } -2017-07-18 23:42:50 Authorize delete "removeTweet" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 Authorize delete "removeTweet" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "authorId": "596e80daaba34620ffa518bb" + "authorId": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 removed tweet 596e80daaba34620ffa518bc. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 removed tweet 59835949075def94489f4105. +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bb" + "_id": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tobkle", role: "user", id: "59835949075def94489f4104", Operation: "", variables: "", Query: mutation { removeTweet(id: "583676d3618530145474e352") } -2017-07-18 23:42:50 Authorize delete "removeTweet" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 Authorize delete "removeTweet" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "authorId": "596e80daaba34620ffa518bb" + "authorId": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bb" + "_id": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tobkle", role: "user", id: "59835949075def94489f4104", Operation: "", variables: "", Query: { - tweet(id: "596e80daaba34620ffa518bc") { + tweet(id: "59835949075def94489f4105") { body } } -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bb" + "_id": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tobkle", role: "user", id: "59835949075def94489f4104", Operation: "", variables: "", Query: mutation { - removeUser(id: "596e80daaba34620ffa518bb") + removeUser(id: "59835949075def94489f4104") } -2017-07-18 23:42:50 Authorize delete "removeUser" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 Authorize delete "removeUser" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bb" + "_id": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 removed user 596e80daaba34620ffa518bb. -2017-07-18 23:42:50 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "" and role "" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: +2017-08-03 19:11:37 removed user 59835949075def94489f4104. +2017-08-03 19:11:37 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "" and role "" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: { - user(id: "596e80daaba34620ffa518bb") { + user(id: "59835949075def94489f4104") { username bio role } } -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -1648,21 +1647,21 @@ mutation { } } -2017-07-18 23:42:50 Authorize create "createUser" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:50 Authorize create "createUser" with user "stubailo" and role: "admin" is authorized by userRole. -2017-07-18 23:42:50 inserted user 596e80daaba34620ffa518bd. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "editor" with +2017-08-03 19:11:37 Authorize create "createUser" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:37 Authorize create "createUser" with user "stubailo" and role: "admin" is authorized by userRole. +2017-08-03 19:11:37 inserted user 59835949075def94489f4106. +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "editor" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bd" + "_id": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "editor" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "editor", id: "596e80daaba34620ffa518bd", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "editor" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tobkle", role: "editor", id: "59835949075def94489f4106", Operation: "", variables: "", Query: mutation { @@ -1671,19 +1670,19 @@ mutation { } } -2017-07-18 23:42:50 ERROR Cannot read property 'toString' of undefined -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "editor" with +2017-08-03 19:11:37 ERROR Cannot read property 'toString' of undefined +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "editor" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bd" + "_id": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "editor" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "editor", id: "596e80daaba34620ffa518bd", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "editor" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tobkle", role: "editor", id: "59835949075def94489f4106", Operation: "", variables: "", Query: { @@ -1694,39 +1693,39 @@ Query: } } -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "editor" with +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "editor" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bd" + "_id": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "editor" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "editor", id: "596e80daaba34620ffa518bd", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "editor" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tobkle", role: "editor", id: "59835949075def94489f4106", Operation: "", variables: "", Query: { - user(id: "596e80daaba34620ffa518bd") { + user(id: "59835949075def94489f4106") { username role } } -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "editor" with +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "editor" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bd" + "_id": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "editor" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "editor", id: "596e80daaba34620ffa518bd", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "editor" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tobkle", role: "editor", id: "59835949075def94489f4106", Operation: "", variables: "", Query: mutation { @@ -1737,146 +1736,146 @@ mutation { } } -2017-07-18 23:42:50 Authorize update "updateUser" with user "tobkle" and role: "editor" with +2017-08-03 19:11:37 Authorize update "updateUser" with user "tobkle" and role: "editor" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bd" + "_id": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 ERROR update user not possible for 583291a1638566b3c5a92ca1. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "editor" with +2017-08-03 19:11:37 ERROR update user not possible for 583291a1638566b3c5a92ca1. +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "editor" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bd" + "_id": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "editor" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "editor", id: "596e80daaba34620ffa518bd", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "editor" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tobkle", role: "editor", id: "59835949075def94489f4106", Operation: "", variables: "", Query: mutation { - updateUser(id: "596e80daaba34620ffa518bd", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { + updateUser(id: "59835949075def94489f4106", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { username bio } } -2017-07-18 23:42:50 Authorize update "updateUser" with user "tobkle" and role: "editor" with +2017-08-03 19:11:37 Authorize update "updateUser" with user "tobkle" and role: "editor" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bd" + "_id": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 updated user 596e80daaba34620ffa518bd. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with +2017-08-03 19:11:37 updated user 59835949075def94489f4106. +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bd" + "_id": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tmeasday", role: "editor", id: "596e80daaba34620ffa518bd", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tmeasday", role: "editor", id: "59835949075def94489f4106", Operation: "", variables: "", Query: mutation { - updateUser(id: "596e80daaba34620ffa518bd", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { + updateUser(id: "59835949075def94489f4106", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { username bio role } } -2017-07-18 23:42:50 Authorize update "updateUser" with user "tmeasday" and role: "editor" with +2017-08-03 19:11:37 Authorize update "updateUser" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bd" + "_id": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 updated user 596e80daaba34620ffa518bd. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with +2017-08-03 19:11:37 updated user 59835949075def94489f4106. +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bd" + "_id": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tmeasday", role: "editor", id: "596e80daaba34620ffa518bd", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tmeasday", role: "editor", id: "59835949075def94489f4106", Operation: "", variables: "", Query: mutation { removeUser(id: "583291a1638566b3c5a92ca1") } -2017-07-18 23:42:50 Authorize delete "removeUser" with user "tmeasday" and role: "editor" with +2017-08-03 19:11:37 Authorize delete "removeUser" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bd" + "_id": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with +2017-08-03 19:11:37 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bd" + "_id": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tmeasday", role: "editor", id: "596e80daaba34620ffa518bd", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tmeasday", role: "editor", id: "59835949075def94489f4106", Operation: "", variables: "", Query: mutation { - createTweet(input: {authorId: "596e80daaba34620ffa518bd", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + createTweet(input: {authorId: "59835949075def94489f4106", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { id } } -2017-07-18 23:42:50 { - "authorId": "596e80daaba34620ffa518bd", +2017-08-03 19:11:37 { + "authorId": "59835949075def94489f4106", "body": "This is a test tweet of user tobkle", "coauthorsIds": [], - "createdAt": 1500414170722, - "updatedAt": 1500414170722, - "createdById": "596e80daaba34620ffa518bd", - "updatedById": "596e80daaba34620ffa518bd" -} -2017-07-18 23:42:50 Authorize create "createTweet" with user "tmeasday" and role: "editor" is authorized by docRole. -2017-07-18 23:42:50 inserted tweet 596e80daaba34620ffa518be. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with + "createdAt": 1501780297472, + "updatedAt": 1501780297472, + "createdById": "59835949075def94489f4106", + "updatedById": "59835949075def94489f4106" +} +2017-08-03 19:11:37 Authorize create "createTweet" with user "tmeasday" and role: "editor" is authorized by docRole. +2017-08-03 19:11:37 inserted tweet 59835949075def94489f4107. +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bd" + "_id": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tmeasday", role: "editor", id: "596e80daaba34620ffa518bd", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tmeasday", role: "editor", id: "59835949075def94489f4106", Operation: "", variables: "", Query: mutation { @@ -1885,32 +1884,32 @@ mutation { } } -2017-07-18 23:42:50 { +2017-08-03 19:11:37 { "authorId": "583291a1638566b3c5a92ca1", "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", "coauthorsIds": [], - "createdAt": 1500414170729, - "updatedAt": 1500414170729, - "createdById": "596e80daaba34620ffa518bd", - "updatedById": "596e80daaba34620ffa518bd" + "createdAt": 1501780297510, + "updatedAt": 1501780297510, + "createdById": "59835949075def94489f4106", + "updatedById": "59835949075def94489f4106" } -2017-07-18 23:42:50 ERROR Authorize create "createTweet" with user "tmeasday" and role: "editor" is not authorized. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with +2017-08-03 19:11:37 ERROR Authorize create "createTweet" with user "tmeasday" and role: "editor" is not authorized. +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bd" + "_id": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tmeasday", role: "editor", id: "596e80daaba34620ffa518bd", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tmeasday", role: "editor", id: "59835949075def94489f4106", Operation: "", variables: "", Query: { - tweet(id: "596e80daaba34620ffa518be") { + tweet(id: "59835949075def94489f4107") { author { id } @@ -1918,18 +1917,18 @@ Query: } } -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bd" + "_id": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tmeasday", role: "editor", id: "596e80daaba34620ffa518bd", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tmeasday", role: "editor", id: "59835949075def94489f4106", Operation: "", variables: "", Query: { @@ -1941,50 +1940,50 @@ Query: } } -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bd" + "_id": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tmeasday", role: "editor", id: "596e80daaba34620ffa518bd", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tmeasday", role: "editor", id: "59835949075def94489f4106", Operation: "", variables: "", Query: mutation { - updateTweet(id: "596e80daaba34620ffa518be", input: {body: "This is a modified test tweet"}) { + updateTweet(id: "59835949075def94489f4107", input: {body: "This is a modified test tweet"}) { body } } -2017-07-18 23:42:50 Authorize update "updateTweet" with user "tmeasday" and role: "editor" with +2017-08-03 19:11:37 Authorize update "updateTweet" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "authorId": "596e80daaba34620ffa518bd" + "authorId": "59835949075def94489f4106" }, { - "coauthorsIds": "596e80daaba34620ffa518bd" + "coauthorsIds": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 updated tweet 596e80daaba34620ffa518be. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with +2017-08-03 19:11:37 updated tweet 59835949075def94489f4107. +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bd" + "_id": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tmeasday", role: "editor", id: "596e80daaba34620ffa518bd", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tmeasday", role: "editor", id: "59835949075def94489f4106", Operation: "", variables: "", Query: mutation { @@ -1993,148 +1992,148 @@ mutation { } } -2017-07-18 23:42:50 Authorize update "updateTweet" with user "tmeasday" and role: "editor" with +2017-08-03 19:11:37 Authorize update "updateTweet" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "authorId": "596e80daaba34620ffa518bd" + "authorId": "59835949075def94489f4106" }, { - "coauthorsIds": "596e80daaba34620ffa518bd" + "coauthorsIds": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 ERROR update tweet not possible for 583676d3618530145474e352. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with +2017-08-03 19:11:37 ERROR update tweet not possible for 583676d3618530145474e352. +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bd" + "_id": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tmeasday", role: "editor", id: "596e80daaba34620ffa518bd", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tmeasday", role: "editor", id: "59835949075def94489f4106", Operation: "", variables: "", Query: { - tweet(id: "596e80daaba34620ffa518be") { + tweet(id: "59835949075def94489f4107") { body } } -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bd" + "_id": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tmeasday", role: "editor", id: "596e80daaba34620ffa518bd", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tmeasday", role: "editor", id: "59835949075def94489f4106", Operation: "", variables: "", Query: mutation { - removeTweet(id: "596e80daaba34620ffa518be") + removeTweet(id: "59835949075def94489f4107") } -2017-07-18 23:42:50 Authorize delete "removeTweet" with user "tmeasday" and role: "editor" with +2017-08-03 19:11:37 Authorize delete "removeTweet" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "authorId": "596e80daaba34620ffa518bd" + "authorId": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 removed tweet 596e80daaba34620ffa518be. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with +2017-08-03 19:11:37 removed tweet 59835949075def94489f4107. +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bd" + "_id": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tmeasday", role: "editor", id: "596e80daaba34620ffa518bd", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tmeasday", role: "editor", id: "59835949075def94489f4106", Operation: "", variables: "", Query: mutation { removeTweet(id: "583676d3618530145474e352") } -2017-07-18 23:42:50 Authorize delete "removeTweet" with user "tmeasday" and role: "editor" with +2017-08-03 19:11:37 Authorize delete "removeTweet" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "authorId": "596e80daaba34620ffa518bd" + "authorId": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with +2017-08-03 19:11:37 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bd" + "_id": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tmeasday", role: "editor", id: "596e80daaba34620ffa518bd", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tmeasday", role: "editor", id: "59835949075def94489f4106", Operation: "", variables: "", Query: { - tweet(id: "596e80daaba34620ffa518be") { + tweet(id: "59835949075def94489f4107") { body } } -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bd" + "_id": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tmeasday", role: "editor", id: "596e80daaba34620ffa518bd", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tmeasday", role: "editor", id: "59835949075def94489f4106", Operation: "", variables: "", Query: mutation { - removeUser(id: "596e80daaba34620ffa518bd") + removeUser(id: "59835949075def94489f4106") } -2017-07-18 23:42:50 Authorize delete "removeUser" with user "tmeasday" and role: "editor" with +2017-08-03 19:11:37 Authorize delete "removeUser" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bd" + "_id": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 removed user 596e80daaba34620ffa518bd. -2017-07-18 23:42:50 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "" and role "" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: +2017-08-03 19:11:37 removed user 59835949075def94489f4106. +2017-08-03 19:11:37 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "" and role "" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: { - user(id: "596e80daaba34620ffa518bd") { + user(id: "59835949075def94489f4106") { username bio role From d5a4c322d549f970919a0aa00788eee4478153ea Mon Sep 17 00:00:00 2001 From: tobkle Date: Mon, 8 May 2017 23:47:33 +0200 Subject: [PATCH 24/69] add-user and authorization prototype --- CHANGELOG.md | 5 + README.md | 149 ++++++++++++ bin/create-graphql-server.js | 87 +++++-- generate/authorization/index.js | 220 +++++++++++++++++ generate/index.js | 11 +- generate/model/index.js | 41 ++-- generate/model/templates/user.js.template | 55 +++++ generate/resolvers/index.js | 26 +- generate/resolvers/templates/base.js.template | 56 ++++- generate/schema/index.js | 118 ++++++--- package.json | 4 + skel/authorization/index.js | 194 +++++++++++++++ test/input-authorization/Post1.graphql | 5 + test/input-authorization/Post2.graphql | 14 ++ test/input-authorization/User1.graphql | 3 + test/input-authorization/User2.graphql | 13 + test/test-authorization.sh | 228 ++++++++++++++++++ yarn.lock | 207 ++++++++++++++-- 18 files changed, 1322 insertions(+), 114 deletions(-) create mode 100644 generate/authorization/index.js create mode 100644 generate/model/templates/user.js.template create mode 100644 skel/authorization/index.js create mode 100644 test/input-authorization/Post1.graphql create mode 100644 test/input-authorization/Post2.graphql create mode 100644 test/input-authorization/User1.graphql create mode 100644 test/input-authorization/User2.graphql create mode 100755 test/test-authorization.sh diff --git a/CHANGELOG.md b/CHANGELOG.md index 60c9b82..bc17703 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,4 +1,9 @@ +0.5.5 + +- Added an authorization generator +- Added a command add-user to generate user resolvers automatically + 0.5.4 - Added the possibility to run "add-type" several times, which overwrites existing types diff --git a/README.md b/README.md index a6002d8..b39ceca 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,152 @@ +*** WORK IN PROGRESS -- NOT YET FINISHED *** +development is not yet finalized, and not yet tested +This is to discuss the current approach to introduce a generator for authorizations also. + +# Command **add-user** +To add a new User type, use the following command: +```bash + create-graphql-server add-user path/to/user-input-type.graphql +``` + +This generates a new user with the input type file. A new command was necessary, as the user type has a different resolver to handle password and hash. + +If important fields with dependent logics are missing, they are added automatically by the generator, such as the fields: **email**, **password**, **role**. + +# Authorization for types +Use the new directive @authorize in the type definition to control the authorization settings: +```javascript + type User + @authorize( + create: ["owner"] + read: ["world"] + update: ["owner", "admin"] + delete: ["owner", "admin"] + ownerField: "id" + roleField: "role" + defaultUserRole: 'user', + firstUserRole: 'admin', + adminUserRole: 'admin', + ) + { + email: String! + name: String + role: String! + } +``` +or: +```javascript + type Post + @authorize( + create: ["owner"] + read: ["world"] + update: ["owner", "admin"] + delete: ["owner", "admin"] + ownerField: "ownerId" + roleField: "role" + ) + { + post: String! + comment: String + owner: User1 @belongsTo + } +``` + +Meaning of the directive's arguments: +* create = Authorization for a create mutation +* read = Authorization for a read query +* update = Authorization for a update mutation +* delete = Authorization for a delete mutation +* +Add the authorized users in the array with... +* "owner" = the user, who created the document +* "world" = everyone is authorized +* "admin" = the administrator, of the system +* role = add any role, in the role field + +The generator will create a new folder named authorization. In that folder, a new index.js file is copied into, which hosts the authorization logic. This authorization logic exposes only one central function **authorize()**, which will be called for each resolver's data handler. This authorize function should be only used in the resolver. It can send and receive whether an array or a document. It has the following signature: + +```javascript +const authorized_data = await authorize('TypeName', TypeName, 'mode', user, data); +``` +whereas: 'TypeName' is a string with the current type name of the resolver, the passed TypeName contains the context of the resolver (Model,...), 'mode' contains a string with any of the available modes of the data access: 'create', 'read', 'update', 'delete', to inform the authorization module, what kind of data operation it shall authorize, user is the context object of the authenticated user, and input is the data which should be checked. The authorize function returns checked and authorized data. If for example one document of the data array is not accessible by the authenticated user, then it is filtered out and not included in the returned array/object. + +Also, for each generated type, it creates an additional file in the authorization folder named by its type.js. In that file, all rules for a successfull authorization check is stored. You can adjust this file directly also afterwards as it keeps only data, with the following rules: + +```javascript +let defaultAuthorization = { + name: ObjectTypeDefinition.name.value || 'nameNotFound', + field: { + ownerField: 'ownerId', + roleField: 'role', + }, + rules: [ + { + mode: 'create', + roles: ['owner'], + removeFields: [], + }, + { + mode: 'read', + roles: ['owner'], + removeFields: [], + }, + { + mode: 'update', + roles: ['owner', 'admin'], + removeFields: [], + }, + { + mode: 'delete', + roles: ['owner', 'admin'], + removeFields: [], + }, + ] +}; +``` + +```javascript +let defaultUserAuthorization = { + name: ObjectTypeDefinition.name.value || 'nameNotFound', + isUser: true, + defaultUserRole: 'user', + firstUserRole: 'admin', + adminUserRole: 'admin', + field: { + ownerField: 'id', + roleField: 'role', + }, + rules: [ + { + mode: 'create', + roles: ['world'], + removeFields: ['role'], + }, + { + mode: 'read', + roles: ['world'], + removeFields: [], + }, + { + mode: 'update', + roles: ['owner'], + removeFields: ['role'], + }, + { + mode: 'update', + roles: ['admin'], + removeFields: [], + }, + { + mode: 'delete', + roles: ['owner', 'admin'], + removeFields: [], + }, + ] +}; +``` + +If you don't enter any @authorize directive in your input file. It will generate the above rules for you automatically. + # Create GraphQL Server This is a simple scaffolding tool for GraphQL apps, built on MongoDB. diff --git a/bin/create-graphql-server.js b/bin/create-graphql-server.js index b34fc6d..1ce8a8d 100755 --- a/bin/create-graphql-server.js +++ b/bin/create-graphql-server.js @@ -39,6 +39,7 @@ function usage() { console.log(' - create-graphql-server init project-dir'); console.log(' - create-graphql-server add-type path/to/type.graphql'); console.log(' - create-graphql-server add-type path'); + console.log(' - create-graphql-server add-user path/to/UserType.graphql'); console.log(' - create-graphql-server remove-type path/to/type.graphql'); console.log(' - create-graphql-server remove-type path'); console.log(' - create-graphql-server remove-type typename'); @@ -70,18 +71,21 @@ function usage() { process.exit(1); } -function adjustTypeName(typeName){ +function adjustTypeName(typeName) { return typeName.charAt(0).toUpperCase() + typeName.slice(1).toLowerCase(); } function getFileUpdateList(inputSchemaFile, mode) { let inputSchemaStr = ''; // in add mode or if a graphql path/file name was provided, the input file must be there, - if (mode === 'add' || inputSchemaFile.includes('.graphql') || inputSchemaFile.includes('/')) { - if (! fs.existsSync(inputSchemaFile)) { - console.error( - chalk.bold.red('Error: Cannot read file', inputSchemaFile) - ); + if ( + mode === 'add-type' || + mode === 'add-user' || + inputSchemaFile.includes('.graphql') || + inputSchemaFile.includes('/') + ) { + if (!fs.existsSync(inputSchemaFile)) { + console.error(chalk.bold.red('Error: Cannot read file', inputSchemaFile)); console.log(''); process.exit(1); } @@ -100,7 +104,8 @@ function getFileUpdateList(inputSchemaFile, mode) { outputSchemaStr, resolversStr, modelStr, - } = generate(inputSchemaStr); + authorizationStr, + } = generate(inputSchemaStr, mode); // do validation checks // shouldn't be necessary, but... @@ -115,7 +120,8 @@ function getFileUpdateList(inputSchemaFile, mode) { !modelStr || outputSchemaStr === '' || resolversStr === '' || - modelStr === '' + modelStr === '' || + authorizationStr === '' ) { console.error('Error: Error while generating target Code.'); process.exit(0); @@ -153,6 +159,13 @@ function getFileUpdateList(inputSchemaFile, mode) { indexPattern: `\nimport ${TypeName} from './${TypeName}';\n` + `models.${TypeName} = ${TypeName};\n`, }, + { + typePath: path.join('authorization', `${TypeName}.js`), + typeString: authorizationStr, + indexPath: path.join('authorization', 'index.js'), + indexPattern: `\nimport ${TypeName} from './${TypeName}';\n` + + `authorizations.${TypeName} = ${TypeName};\n`, + }, ]; } @@ -390,16 +403,19 @@ function addPatternToFiles(fileUpdateList) { function getFilesRecursively(folder, filetype) { // getting all files of a path and of a specific filetype recursively - let list = [], stats, - files = fs.readdirSync(folder); + let list = []; + let stats; + const files = fs.readdirSync(folder); - files.forEach(file => { + files.forEach((file) => { stats = fs.lstatSync(path.join(folder, file)); - if(stats.isDirectory()) { - list = list.concat(getFilesRecursively(path.join(folder, file), filetype)); + if (stats.isDirectory()) { + list = list.concat( + getFilesRecursively(path.join(folder, file), filetype) + ); } else if (file.includes(filetype)) { - console.log('found:', path.join(folder, file)); - list.push(path.join(folder, file)); + console.log('found:', path.join(folder, file)); + list.push(path.join(folder, file)); } }); @@ -408,10 +424,10 @@ function getFilesRecursively(folder, filetype) { // MAIN FUNCTIONS -function addType(inputSchemaFile, options) { +function addType(inputSchemaFile, options, mode) { // generates a new data type with all its files and references console.log(chalk.bold.blue('Running add-type')); - const fileUpdateList = getFileUpdateList(inputSchemaFile, 'add'); + const fileUpdateList = getFileUpdateList(inputSchemaFile, mode); checkForFileChanges(fileUpdateList, options['force-update']); createTypeFiles(fileUpdateList); addPatternToFiles(fileUpdateList); @@ -455,15 +471,18 @@ if (commands[0] === 'init') { if (!inputSchemaFile) { usage(); } - if (fs.existsSync(inputSchemaFile) && fs.lstatSync(inputSchemaFile).isDirectory()) { - //directory name entered + if ( + fs.existsSync(inputSchemaFile) && + fs.lstatSync(inputSchemaFile).isDirectory() + ) { + // directory name entered const files = getFilesRecursively(inputSchemaFile, '.graphql'); - files.forEach(file => { - addType(file, argv); + files.forEach((file) => { + addType(file, argv, commands[0]); }); } else { // single file entered - addType(inputSchemaFile, argv); + addType(inputSchemaFile, argv, commands[0]); } process.exit(0); } else if (commands[0] === 'remove-type') { @@ -471,10 +490,13 @@ if (commands[0] === 'init') { if (!inputSchemaFile) { usage(); } - if (fs.existsSync(inputSchemaFile) && fs.lstatSync(inputSchemaFile).isDirectory()) { + if ( + fs.existsSync(inputSchemaFile) && + fs.lstatSync(inputSchemaFile).isDirectory() + ) { // directory name entered const files = getFilesRecursively(inputSchemaFile, '.graphql'); - files.forEach(file => { + files.forEach((file) => { removeType(file, argv); }); } else { @@ -482,6 +504,23 @@ if (commands[0] === 'init') { removeType(inputSchemaFile, argv); } process.exit(0); +} else if (commands[0] === 'add-user') { + const inputSchemaFile = commands[1]; + if (!inputSchemaFile) { + usage(); + } + if ( + fs.existsSync(inputSchemaFile) && + fs.lstatSync(inputSchemaFile).isDirectory() + ) { + // directory name entered + console.error('Please enter a User Type instead of a directory.'); + process.exit(0); + } else { + // single file entered + addType(inputSchemaFile, argv, commands[0]); + } + process.exit(0); } else { usage(); } diff --git a/generate/authorization/index.js b/generate/authorization/index.js new file mode 100644 index 0000000..93c133d --- /dev/null +++ b/generate/authorization/index.js @@ -0,0 +1,220 @@ +import assert from 'assert'; + +export default function generateAuthorization(inputSchema, mode) { + // Check that the input looks like we expect -- a single ObjectType definition + assert(inputSchema.kind === 'Document'); + assert(inputSchema.definitions.length === 1); + + let ObjectTypeDefinition = inputSchema.definitions.filter((node) => { + return node.kind === 'ObjectTypeDefinition'; + }); + if (ObjectTypeDefinition.length > 1) { + throw new Error( + 'generateAuthorization: only one type definition per file allowed' + ); } + if (ObjectTypeDefinition.length < 1) { + throw new Error('generateAuthorization: no type definition found in file'); + } + ObjectTypeDefinition = ObjectTypeDefinition[0]; + + let defaultAuthorization = { + name: ObjectTypeDefinition.name.value || 'nameNotFound', + field: { + ownerField: 'ownerId', + roleField: 'role', + }, + rules: [ + { + mode: 'create', + roles: ['owner'], + removeFields: [], + }, + { + mode: 'read', + roles: ['owner'], + removeFields: [], + }, + { + mode: 'update', + roles: ['owner', 'admin'], + removeFields: [], + }, + { + mode: 'delete', + roles: ['owner', 'admin'], + removeFields: [], + }, + ], + }; + + const defaultUserAuthorization = { + name: ObjectTypeDefinition.name.value || 'nameNotFound', + isUser: true, + defaultUserRole: 'user', + firstUserRole: 'admin', + adminUserRole: 'admin', + field: { + ownerField: 'id', + roleField: 'role', + }, + rules: [ + { + mode: 'create', + roles: ['world'], + removeFields: ['role'], + }, + { + mode: 'read', + roles: ['world'], + removeFields: [], + }, + { + mode: 'update', + roles: ['owner'], + removeFields: ['role'], + }, + { + mode: 'update', + roles: ['admin'], + removeFields: [], + }, + { + mode: 'delete', + roles: ['owner', 'admin'], + removeFields: [], + }, + ], + }; + + let authorization = {}; + + if (mode === 'add-user') { + defaultAuthorization = defaultUserAuthorization; + } + authorization = Object.assign({}, defaultAuthorization); + authorization.rules = []; + + // Reading Directives out of type file if available + if (ObjectTypeDefinition.directives) { + ObjectTypeDefinition.directives.forEach((directive) => { + if ( + directive.kind && + directive.kind === 'Directive' && + directive.name && + directive.name.kind && + directive.name.kind === 'Name' && + directive.name.value && + directive.name.value === 'authorize' && + directive.arguments && + directive.arguments.length > 0 + ) { + // Directive "@authorized" found in type definition with arguments + directive.arguments.forEach((argument) => { + // handle the different arguments now + + // RULES create/read/update/delete + if ( + argument.kind && + argument.kind === 'Argument' && + argument.name && + argument.name.kind && + argument.name.kind === 'Name' && + argument.name.value && + (argument.name.value === 'create' || + argument.name.value === 'read' || + argument.name.value === 'update' || + argument.name.value === 'delete') && + argument.value + ) { + if (argument.value.kind && argument.value.kind === 'ListValue') { + // it is a List + const roles = []; + argument.value.values.forEach((value) => { + if ( + value.kind && + value.kind === 'StringValue' && + value.value !== '' + ) { + roles.push(value.value); + } + }); // each value + authorization.rules.push({ + mode: argument.name.value, + roles, + removeFields: [], + }); + } // ListValue + + if ( + argument.value.kind && + argument.value.kind === 'StringValue' && + argument.value.value !== '' + ) { + // it is a List + authorization.rules.push({ + mode: argument.name.value, + roles: [argument.value.value], + removeFields: [], + }); + } // StringValue + } // create/read/update/delete + + // FIELD ownerField, roleField + if ( + argument.kind && + argument.kind === 'Argument' && + argument.name && + argument.name.kind && + argument.name.kind === 'Name' && + argument.name.value && + (argument.name.value === 'ownerField' || + argument.name.value === 'roleField') && + argument.value + ) { + if ( + argument.value.kind && + argument.value.kind === 'StringValue' && + argument.value.value !== '' + ) { + // it is a List + authorization.field[argument.name.value] = argument.value.value; + } // StringValue + } // ownerField / roleField + + // FIELDS: + // defaultUserRole: 'user', + // firstUserRole: 'admin', + // adminUserRole: 'admin', + if ( + argument.kind && + argument.kind === 'Argument' && + argument.name && + argument.name.kind && + argument.name.kind === 'Name' && + argument.name.value && + (argument.name.value === 'defaultUserRole' || + argument.name.value === 'firstUserRole' || + argument.name.value === 'adminUserRole') && + argument.value + ) { + if ( + argument.value.kind && + argument.value.kind === 'StringValue' && + argument.value.value !== '' + ) { + // it is a List + authorization[argument.name.value] = argument.value.value; + } // StringValue + } // defaultUserRole, firstUserRole, adminUserRole + }); // forEach(argument) + } // directive authorize + }); // forEach directive + } // directive there + + // Check if Directives were available: + if (authorization.rules.length === 0) { + authorization.rules = defaultAuthorization.rules; + } + + return `export default ${JSON.stringify(authorization, null, 2)};`; +} diff --git a/generate/index.js b/generate/index.js index 0574627..7ac8242 100644 --- a/generate/index.js +++ b/generate/index.js @@ -6,18 +6,20 @@ import { parse, print } from 'graphql'; import generateSchema from './schema'; import generateResolvers from './resolvers'; import generateModel from './model'; +import generateAuthorization from './authorization'; import { lcFirst } from './util/capitalization'; -export default function generate(inputSchemaStr) { +export default function generate(inputSchemaStr, mode) { const inputSchema = parse(inputSchemaStr); const type = inputSchema.definitions[0]; const TypeName = type.name.value; - const outputSchema = generateSchema(inputSchema); + const outputSchema = generateSchema(inputSchema, mode); const outputSchemaStr = print(outputSchema); - const resolversStr = generateResolvers(inputSchema); - const modelStr = generateModel(inputSchema); + const resolversStr = generateResolvers(inputSchema, mode); + const modelStr = generateModel(inputSchema, mode); + const authorizationStr = generateAuthorization(inputSchema, mode); return { typeName: lcFirst(TypeName), @@ -25,5 +27,6 @@ export default function generate(inputSchemaStr) { outputSchemaStr, resolversStr, modelStr, + authorizationStr, }; } diff --git a/generate/model/index.js b/generate/model/index.js index cfbb1cb..3734773 100644 --- a/generate/model/index.js +++ b/generate/model/index.js @@ -11,17 +11,15 @@ function read(name) { const templates = { base: read('base'), + user: read('user'), singularAssociation: read('singularAssociation'), paginatedAssociation: read('paginatedAssociation'), }; -function buildAst(template, { - typeName, - fieldName, - argsStr, - ReturnTypeName, - query, -}) { +function buildAst( + template, + { typeName, fieldName, argsStr, ReturnTypeName, query } +) { const argsWithDefaultsStr = argsStr .replace('lastCreatedAt', 'lastCreatedAt = 0') .replace('limit', 'limit = 10'); @@ -34,9 +32,11 @@ function buildAst(template, { }); } - const generators = { - base({ typeName, TypeName }) { + base({ typeName, TypeName }, mode) { + if (mode === 'add-user') { + return templateToAst(templates.user, { typeName, TypeName }); + } return templateToAst(templates.base, { typeName, TypeName }); }, belongsTo(replacements) { @@ -73,26 +73,29 @@ const generators = { }, }; -export function generateModelAst(inputSchema) { +export function generateModelAst(inputSchema, mode) { const type = inputSchema.definitions[0]; const TypeName = type.name.value; const typeName = lcFirst(TypeName); - const ast = generators.base({ TypeName, typeName }); + const ast = generators.base({ TypeName, typeName }, mode); + + let startWith = 2; + if (mode === 'add-user') { + startWith = 4; + } // XXX: rather than hardcoding in array indices it would be less brittle to // walk the tree using https://github.com/benjamn/ast-types - const classMethodsAst = ast.program.body[2] // export - .declaration // class declaration - .body.body; + const classMethodsAst = + ast.program.body[startWith].declaration.body.body; // export // class declaration const findOneMethod = classMethodsAst.find(m => m.key.name === 'all'); let nextIndex = classMethodsAst.indexOf(findOneMethod) + 1; - generatePerField(type, generators).forEach((resolverFunctionAst) => { - const classMethodAst = resolverFunctionAst.program.body[0] // class declaration - .body.body[0]; // classMethod + const classMethodAst = + resolverFunctionAst.program.body[0].body.body[0]; // class declaration // classMethod classMethodsAst.splice(nextIndex, 0, classMethodAst); nextIndex += 1; @@ -101,7 +104,7 @@ export function generateModelAst(inputSchema) { return ast; } -export default function generateModel(inputSchema) { - const ast = generateModelAst(inputSchema); +export default function generateModel(inputSchema, mode) { + const ast = generateModelAst(inputSchema, mode); return print(ast, { trailingComma: true }).code; } diff --git a/generate/model/templates/user.js.template b/generate/model/templates/user.js.template new file mode 100644 index 0000000..346d675 --- /dev/null +++ b/generate/model/templates/user.js.template @@ -0,0 +1,55 @@ +import DataLoader from 'dataloader'; +import findByIds from 'mongo-find-by-ids'; +import bcrypt from 'bcrypt'; +const SALT_ROUNDS = 10; + +export default class TypeName { + constructor(context) { + this.context = context; + this.collection = context.db.collection('typeName'); + this.pubsub = context.pubsub; + this.loader = new DataLoader(ids => findByIds(this.collection, ids)); + } + + findOneById(id) { + return this.loader.load(id); + } + + all({ lastCreatedAt = 0, limit = 10 }) { + return this.collection.find({ + createdAt: { $gt: lastCreatedAt }, + }).sort({ createdAt: 1 }).limit(limit).toArray(); + } + + async insert(doc) { + const { password } = doc; + delete doc.password; + const hash = await bcrypt.hash(password, SALT_ROUNDS); + const docToInsert = Object.assign({}, doc, { + hash, + createdAt: Date.now(), + updatedAt: Date.now(), + }); + const id = (await this.collection.insertOne(docToInsert)).insertedId; + this.pubsub.publish('typeNameInserted', await this.findOneById(id)); + return id; + } + + async updateById(id, doc) { + const ret = await this.collection.update({ _id: id }, { + $set: Object.assign({}, doc, { + updatedAt: Date.now(), + }), + }); + this.loader.clear(id); + this.pubsub.publish('typeNameUpdated', await this.findOneById(id)); + return ret; + } + + async removeById(id) { + const ret = this.collection.remove({ _id: id }); + this.loader.clear(id); + this.pubsub.publish('typeNameRemoved', id); + return ret; + } +} diff --git a/generate/resolvers/index.js b/generate/resolvers/index.js index b983b3c..5fecd3c 100644 --- a/generate/resolvers/index.js +++ b/generate/resolvers/index.js @@ -11,6 +11,7 @@ function read(name) { const templates = { base: read('base'), + user: read('base'), fieldOfType: read('fieldOfType'), paginatedField: read('paginatedField'), }; @@ -22,7 +23,10 @@ function generateResolver(template) { } const generators = { - base({ typeName, TypeName }) { + base({ typeName, TypeName }, mode) { + if (mode === 'add-user') { + return templateToAst(templates.user, { typeName, TypeName }); + } return templateToAst(templates.base, { typeName, TypeName }); }, belongsTo: generateResolver(templates.fieldOfType), @@ -32,23 +36,23 @@ const generators = { hasAndBelongsToMany: generateResolver(templates.paginatedField), }; -export function generateResolversAst(inputSchema) { +export function generateResolversAst(inputSchema, mode) { const type = inputSchema.definitions[0]; const TypeName = type.name.value; const typeName = lcFirst(TypeName); - const ast = generators.base({ TypeName, typeName }); + const ast = generators.base({ TypeName, typeName }, mode); // XXX: rather than hardcoding in array indices it would be less brittle to // walk the tree using https://github.com/benjamn/ast-types - const typeResolversAst = ast.program.body[0] // const - .declarations[0].init // object expression - .properties[0].value; // object value + const typeResolversAst = + ast.program.body[1].declarations[0].init.properties[0].value; + // const // object expression // object value generatePerField(type, generators).forEach((resolverFunctionAst) => { - const resolverProperty = resolverFunctionAst.program.body[0] // variable declaration - .declarations[0].init // object expression - .properties[0]; + const resolverProperty = + resolverFunctionAst.program.body[0].declarations[0].init.properties[0]; + // variable declaration // object expression typeResolversAst.properties.push(resolverProperty); }); @@ -56,7 +60,7 @@ export function generateResolversAst(inputSchema) { return ast; } -export default function generateResolvers(inputSchema) { - const ast = generateResolversAst(inputSchema); +export default function generateResolvers(inputSchema, mode) { + const ast = generateResolversAst(inputSchema, mode); return print(ast, { trailingComma: true }).code; } diff --git a/generate/resolvers/templates/base.js.template b/generate/resolvers/templates/base.js.template index 158c416..61f36b4 100644 --- a/generate/resolvers/templates/base.js.template +++ b/generate/resolvers/templates/base.js.template @@ -1,3 +1,4 @@ +import authorize from '../authorization'; const resolvers = { TypeName: { id(typeName) { @@ -5,27 +6,58 @@ const resolvers = { }, }, Query: { - typeNames(root, { lastCreatedAt, limit }, { TypeName }) { - return TypeName.all({ lastCreatedAt, limit }); + typeNames(root, { lastCreatedAt, limit }, { TypeName, user }) { + return TypeName.all({ lastCreatedAt, limit }) + .then(data => { + if (data.length > 0){ + async () => { + return await authorize('TypeName', TypeName, 'read', user, data); + } + } + return data; + }); }, - typeName(root, { id }, { TypeName }) { - return TypeName.findOneById(id); + typeName(root, { id }, { TypeName, user }) { + return TypeName.findOneById(id) + .then(data => { + if (data.length > 0){ + async () => { + return await authorize('TypeName', TypeName, 'read', user, data); + } + } + return data; + }); }, }, Mutation: { - async createTypeName(root, { input }, { TypeName }) { - const id = await TypeName.insert(input); - return TypeName.findOneById(id); + async createTypeName(root, { input }, { TypeName, user }) { + const authorized = await authorize('TypeName', TypeName, 'create', user, input); + if (authorized){ + const id = await TypeName.insert(authorized); + return TypeName.findOneById(id); + } + throw new Error('Not authorized to create TypeName'); }, - async updateTypeName(root, { id, input }, { TypeName }) { - await TypeName.updateById(id, input); - return TypeName.findOneById(id); + async updateTypeName(root, { id, input }, { TypeName, user }) { + const data = await TypeName.findOneById(id); + const authorized = await authorize('TypeName', TypeName, 'update', user, data); + if (authorized){ + console.log('authorized in resolver', JSON.stringify(authorized, null, 2)); + await TypeName.updateById(id, input); + return TypeName.findOneById(id); + } + throw new Error('Not authorized to update TypeName'); }, - removeTypeName(root, { id }, { TypeName }) { - return TypeName.removeById(id); + async removeTypeName(root, { id }, { TypeName, user }) { + const data = await TypeName.findOneById(id); + const authorized = await authorize('TypeName', TypeName, 'delete', user, data); + if (authorized){ + return TypeName.removeById(authorized.id); + } + throw new Error('Not authorized to delete TypeName'); }, }, Subscription: { diff --git a/generate/schema/index.js b/generate/schema/index.js index 2ef641d..1a8be11 100644 --- a/generate/schema/index.js +++ b/generate/schema/index.js @@ -15,11 +15,15 @@ import { /* eslint-disable no-param-reassign */ -export default function generateSchema(inputSchema) { +export default function generateSchema(inputSchema, mode) { // Check that the input looks like we expect -- a single ObjectType definition assert(inputSchema.kind === 'Document'); assert(inputSchema.definitions.length === 1); + let emailFieldIncluded = false; + let passwordFieldIncluded = false; + let roleFieldIncluded = false; + const outputSchema = cloneDeep(inputSchema); const type = outputSchema.definitions[0]; @@ -34,6 +38,10 @@ export default function generateSchema(inputSchema) { applyCustomDirectives(field); }); + if (field.name === 'email') emailFieldIncluded = true; + if (field.name === 'password') passwordFieldIncluded = true; + if (field.name === 'role') roleFieldIncluded = true; + // XXX: Not sure if this the correct logic but it makes my tests pass // TODO: check for @unmodifiable let possibleInputType = field.type; @@ -44,12 +52,19 @@ export default function generateSchema(inputSchema) { } if (possibleInputType.kind === 'NamedType') { - const isScalarField = includes(SCALAR_TYPE_NAMES, possibleInputType.name.value); + const isScalarField = includes( + SCALAR_TYPE_NAMES, + possibleInputType.name.value + ); let inputField; if (isScalarField || !!directivesByName.enum) { inputField = field; } else { - inputField = buildField(`${field.name.value}Id`, [], `ObjID${inputTypeModifier}`); + inputField = buildField( + `${field.name.value}Id`, + [], + `ObjID${inputTypeModifier}` + ); } createInputFields.push(inputField); @@ -61,51 +76,94 @@ export default function generateSchema(inputSchema) { field.directives = []; }); + if (mode === 'add-user') { + if (!emailFieldIncluded) { + createInputFields.push(buildField('email', [], 'String!')); + updateInputFields.push(buildField('email', [], 'String')); + type.fields.push(buildField('email', [], 'String!')); + } + if (!passwordFieldIncluded) { + createInputFields.push(buildField('password', [], 'String!')); + updateInputFields.push(buildField('password', [], 'String')); + // no type field, as it won't be stored, is only for input/update + } + if (!roleFieldIncluded) { + createInputFields.push(buildField('role', [], 'String!')); + updateInputFields.push(buildField('role', [], 'String')); + type.fields.push(buildField('role', [], 'String!')); + } + } + type.fields.unshift(buildField('id', [], 'ObjID!')); type.fields.push(buildField('createdAt', [], 'Float!')); type.fields.push(buildField('updatedAt', [], 'Float!')); - const queryOneField = buildField(typeName.toLowerCase(), [idArgument()], typeName); - const queryAllField = buildField(`${typeName.toLowerCase()}s`, [], `[${typeName}!]`); + const queryOneField = buildField( + typeName.toLowerCase(), + [idArgument()], + typeName + ); + const queryAllField = buildField( + `${typeName.toLowerCase()}s`, + [], + `[${typeName}!]` + ); addPaginationArguments(queryAllField); outputSchema.definitions.push( - buildTypeExtension(buildTypeDefinition('Query', [queryAllField, queryOneField])) + buildTypeExtension( + buildTypeDefinition('Query', [queryAllField, queryOneField]) + ) ); const createInputTypeName = `Create${typeName}Input`; outputSchema.definitions.push( - buildTypeDefinition(createInputTypeName, createInputFields, 'InputObjectTypeDefinition') + buildTypeDefinition( + createInputTypeName, + createInputFields, + 'InputObjectTypeDefinition' + ) ); const updateInputTypeName = `Update${typeName}Input`; outputSchema.definitions.push( - buildTypeDefinition(updateInputTypeName, updateInputFields, 'InputObjectTypeDefinition') + buildTypeDefinition( + updateInputTypeName, + updateInputFields, + 'InputObjectTypeDefinition' + ) ); // Create update input type if readonly fields - outputSchema.definitions.push(buildTypeExtension( - buildTypeDefinition('Mutation', [ - buildField(`create${typeName}`, [ - buildArgument('input', `${createInputTypeName}!`), - ], typeName), - - buildField(`update${typeName}`, [ - idArgument(), - buildArgument('input', `${updateInputTypeName}!`), - ], typeName), - - buildField(`remove${typeName}`, [idArgument()], 'Boolean'), - ]) - )); - - outputSchema.definitions.push(buildTypeExtension( - buildTypeDefinition('Subscription', [ - buildField(`${typeName.toLowerCase()}Created`, [], typeName), - buildField(`${typeName.toLowerCase()}Updated`, [], typeName), - buildField(`${typeName.toLowerCase()}Removed`, [], 'ObjID'), - ]) - )); + outputSchema.definitions.push( + buildTypeExtension( + buildTypeDefinition('Mutation', [ + buildField( + `create${typeName}`, + [buildArgument('input', `${createInputTypeName}!`)], + typeName + ), + + buildField( + `update${typeName}`, + [idArgument(), buildArgument('input', `${updateInputTypeName}!`)], + typeName + ), + + buildField(`remove${typeName}`, [idArgument()], 'Boolean'), + ]) + ) + ); + + outputSchema.definitions.push( + buildTypeExtension( + buildTypeDefinition('Subscription', [ + buildField(`${typeName.toLowerCase()}Created`, [], typeName), + buildField(`${typeName.toLowerCase()}Updated`, [], typeName), + buildField(`${typeName.toLowerCase()}Removed`, [], 'ObjID'), + ]) + ) + ); return outputSchema; } diff --git a/package.json b/package.json index eea5dbe..bbbcb7b 100644 --- a/package.json +++ b/package.json @@ -18,6 +18,8 @@ "output-app-generation-test": "./test/output-app-generation-test.sh", "pretest-add-update-remove": "npm run build", "test-add-update-remove": "./test/test-add-update-remove.sh", + "pretest-authorization": "npm run build", + "test-authorization": "./test/test-authorization.sh", "clean": "rm -rf dist/*", "build": "npm run clean && babel bin --out-dir dist/bin && babel generate -D --out-dir dist/generate && cp -r skel dist", "prepublish": "npm run build" @@ -44,7 +46,9 @@ "node-fetch": "^1.6.3" }, "dependencies": { + "ast-types": "^0.9.11", "babylon": "^6.14.1", + "bcrypt": "^1.0.2", "chalk": "^1.1.3", "cpr": "^2.0.0", "denodeify": "^1.2.1", diff --git a/skel/authorization/index.js b/skel/authorization/index.js new file mode 100644 index 0000000..041d9f0 --- /dev/null +++ b/skel/authorization/index.js @@ -0,0 +1,194 @@ +const authorizations = {}; + +function isArray(anything) { + // for easier reading + if (Object.prototype.toString.call(anything) === '[object Array]') { + return true; + } + return false; +} + +function isObject(anything) { + // for easier reading + if (typeof anything === 'object') { + return true; + } + return false; +} + +function removeFields(doc, rmFields) { + // remove the fields from the document, which aren't allowed to query or mutate + const newDoc = Object.assign({}, doc); + if (rmFields && isArray(rmFields)) { + rmFields.forEach((field) => { + if (field && field !== '' && newDoc[field]) { + delete newDoc[field]; + } + }); + } + return newDoc; +} + +function getConfig(type) { + return authorizations[type] + ? authorizations[type] + : { + name: '', + field: { + ownerField: 'ownerId', + roleField: 'role', + }, + rules: [ + { + mode: 'create', + roles: ['owner'], + removeFields: [], + }, + { + mode: 'read', + roles: ['owner'], + removeFields: [], + }, + { + mode: 'update', + roles: ['owner', 'admin'], + removeFields: [], + }, + { + mode: 'delete', + roles: ['owner', 'admin'], + removeFields: [], + }, + ], + }; +} + +async function makeFirstUserAdmin(type, Type, mode, user, doc) { + const config = getConfig(type); + let newDoc = Object.assign({}, doc); + if (config.isUser && mode === 'create') { + let role = 'user'; + delete newDoc.role; + const countUser = await Type.collection.find().count(); + if (countUser === 0) { + role = config.firstUserRole || 'admin'; + } else { + role = config.defaultUserRole || 'user'; + } + const newRole = { [config.field.roleField]: role }; + newDoc = Object.assign({}, newDoc, newRole); + } + return newDoc; +} + +function isUserDocumentOwner(user, doc, fieldContainingOwner) { + // checks if the authenticated user is the owner of the document + if ( + user && + doc && + doc[fieldContainingOwner] && + user.id === doc[fieldContainingOwner] + ) { + return true; + } + return false; +} + +function hasUserRole(user, role, fieldContainingRole) { + // checks if the authenticated user has the necessary role to be authorized + if ( + user && + role && + user[fieldContainingRole] && + user[fieldContainingRole] === role + ) { + return true; + } + return false; +} + +async function check_rules(type, Type, mode, user, doc) { + // check all provided rules from the type, only if one leads to an authorization + // the document will be returned + const config = getConfig(type); + let authorized = false; + let newDoc = Object.assign({}, doc); + // check all rules, now... + config.rules.forEach((rule) => { + if (rule.mode === mode) { + // check only the rules for the current mode: e.g. create, read, update, delete + + rule.roles.forEach((role) => { + // check all roles, if one fires + + if (role === 'world') { + // everyone is authorized + // console.log('authorize rule:', mode, role, 'authorized'); + authorized = true; + // if some fields aren't allowed for the world, removing them here + newDoc = Object.assign({}, removeFields(doc, rule.removeFields)); + } + + if (role === 'owner') { + // only the owner of the document should be allowed + // we need to know, which field contains the owner id, see type input file for generator + if (isUserDocumentOwner(user, doc, config.field.ownerField)) { + // owner is authorized, + // console.log('authorize rule:', mode, role, 'authorized'); + authorized = true; + // if some fields aren't allowed for the owner, removing them here + newDoc = Object.assign({}, removeFields(doc, rule.removeFields)); + } + } + + if (hasUserRole(user, role, config.field.roleField)) { + // specific role is authorized: e.g. admin, user, etc. + // console.log('authorize rule:', mode, role, 'authorized'); + authorized = true; + // if some fields aren't allowed for this role, removing them here + newDoc = Object.assign({}, removeFields(doc, rule.removeFields)); + } + }); + } + }); + + if (authorized) { + if (config.isUser && mode === 'create') { + newDoc = Object.assign( + {}, + await makeFirstUserAdmin(type, Type, mode, user, newDoc) + ); + } + // at least one rule fired, so the authenticated user is allowed to work with the document + return newDoc; + } + + // user or role was NOT authorized, return null + return null; +} + +export default async function authorize(type, Type, mode, user, data) { + // main authorize function, which is called by all resolvers + if (isArray(data)) { + // if data is an array, check each document individually + const result = []; + data.forEach((doc) => { + return async () => { + const newDoc = await check_rules(type, Type, mode, user, doc); + if (newDoc) result.push(newDoc); + }; + }); + return result; + } else if (isObject(data)) { + // if data is an object, check it directly + const doc = data; + const newDoc = await check_rules(type, Type, mode, user, doc); + return newDoc; + } + // otherwise return nothing + /* console.error( + 'Error in authorize: authorization rules for type not available.' + ); + */ + return null; +} diff --git a/test/input-authorization/Post1.graphql b/test/input-authorization/Post1.graphql new file mode 100644 index 0000000..4af28a6 --- /dev/null +++ b/test/input-authorization/Post1.graphql @@ -0,0 +1,5 @@ +type Post1 +{ + post: String! + owner: User1 @belongsTo +} \ No newline at end of file diff --git a/test/input-authorization/Post2.graphql b/test/input-authorization/Post2.graphql new file mode 100644 index 0000000..7872935 --- /dev/null +++ b/test/input-authorization/Post2.graphql @@ -0,0 +1,14 @@ +type Post2 +@authorize( + create: ["owner"] + read: ["world"] + update: ["owner", "admin"] + delete: ["owner", "admin"] + ownerField: "ownerId" + roleField: "role" +) +{ + post: String! + comment: String + owner: User1 @belongsTo +} \ No newline at end of file diff --git a/test/input-authorization/User1.graphql b/test/input-authorization/User1.graphql new file mode 100644 index 0000000..2c40ea6 --- /dev/null +++ b/test/input-authorization/User1.graphql @@ -0,0 +1,3 @@ +type User1 { + name: String +} \ No newline at end of file diff --git a/test/input-authorization/User2.graphql b/test/input-authorization/User2.graphql new file mode 100644 index 0000000..faccbd3 --- /dev/null +++ b/test/input-authorization/User2.graphql @@ -0,0 +1,13 @@ +type User2 +@authorize( + create: ["owner"] + read: ["world"] + update: ["owner", "admin"] + delete: ["owner", "admin"] + ownerField: "ownerId" + roleField: "role" +) +{ + name: String + bio: String +} \ No newline at end of file diff --git a/test/test-authorization.sh b/test/test-authorization.sh new file mode 100755 index 0000000..5893f07 --- /dev/null +++ b/test/test-authorization.sh @@ -0,0 +1,228 @@ +#!/bin/bash +pushd "$(dirname $0)/.." > /dev/null +PACKAGE_DIR=`pwd` +popd > /dev/null + +CGS="$PACKAGE_DIR/dist/bin/create-graphql-server.js" +INPUT_DIR="$PACKAGE_DIR/test/input-authorization" +chmod +x $CGS + +set -e + +MD5HASH="" +TMPDIR1=`mktemp -d 2>/dev/null || mktemp -d -t 'cgs-test-authorization'` + +chmod -R 777 $TMPDIR1 + +function finish { + rm -rf $TMPDIR1 + echo + echo + echo "Test failed" +} +trap finish EXIT + +function exists { + if [ -f $1 ] ; then + return 0 + else + echo "Error: File is missing: " $1 + return 1 + fi +} + +function ifDirExistsRemove { + if [ -d $1 ] ; then + rm -rf $1 + fi +} + +function hasRef { + if [ -f $1 ] ; then + if [ `grep -o $2 $1 | wc -l` -eq $3 ] ; then + return 0 + else + echo "Error: File" $1 "contains" `grep -o $2 $1 | wc -l` "times the string '"$2"'. Expected are" $3 "times." + return 1 + fi + else + echo "Error: File is missing: " $1 + return 1 + fi +} + +function getMD5 { + # Detect Operating system + OS=$(uname) + MD5HASH="" + case "$OS" in + "Darwin") + { + MD5HASH=$(md5 -q $1) + } ;; + "Linux") + { + MD5HASH=($(md5sum $1)) + } ;; + *) + { + echo "Test failed. Unsopported OS" + exit + } ;; + esac + echo "$MD5HASH" +} + +function openDevEnv { + OS=$(uname) + MD5HASH="" + case "$OS" in + "Darwin") + { + PWD=$(pwd) + open $PWD + # open -a iTerm $PWD + subl . & + yarn install && yarn start + } ;; + esac +} + +# Prepare directory +echo 'cd $TMPDIR1' +cd $TMPDIR1 +ifDirExistsRemove output-app-start + +echo 'JWT_KEY=test-key $CGS init output-app-start' +JWT_KEY='test-key' $CGS init output-app-start + +echo 'cd output-app-start' +cd output-app-start + +echo '$CGS add-user "$INPUT_DIR/User1.graphql"' +$CGS add-user "$INPUT_DIR/User1.graphql" + +echo '$CGS add-user "$INPUT_DIR/User2.graphql"' +$CGS add-user "$INPUT_DIR/User2.graphql" + +echo '$CGS add-type "$INPUT_DIR/Post1.graphql"' +$CGS add-type "$INPUT_DIR/Post1.graphql" + +echo '$CGS add-type "$INPUT_DIR/Post2.graphql"' +$CGS add-type "$INPUT_DIR/Post2.graphql" + +# TEST1: Testing of 4 add-types +# it (should be pattern User1, User2, Post1, Post2 in model/index.js) +# it (should be pattern User1, User2, Post1, Post2 in resolvers/index.js) +# it (should be pattern User1, User2, Post1, Post2 in schema/index.js) +# it (should be pattern User1, User2, Post1, Post2 in authorization/index.js) +# it (should be a model/User1.js, resolver/User1.js, schema/User1.graphql, authorization/User1.js) +# it (should be a model/User2.js, resolver/User2.js, schema/User2.graphql, authorization/User2.js) +# it (should be a model/Post1.js, resolver/Post1.js, schema/Post1.graphql, authorization/Post1.js) +# it (should be a model/Post2.js, resolver/Post2.js, schema/Post2.graphql, authorization/Post2.js) +# testing files for existence: + +if exists "./model/User1.js" && + exists "./model/User2.js" && + exists "./model/Post1.js" && + exists "./model/Post2.js" && + + exists "./resolvers/User1.js" && + exists "./resolvers/User2.js" && + exists "./resolvers/Post1.js" && + exists "./resolvers/Post2.js" && + + exists "./schema/User1.graphql" && + exists "./schema/User2.graphql" && + exists "./schema/Post1.graphql" && + exists "./schema/Post2.graphql" && + + exists "./authorization/User1.js" && + exists "./authorization/User2.js" && + exists "./authorization/Post1.js" && + exists "./authorization/Post2.js" && + + hasRef "./model/index.js" "User1" 4 && + hasRef "./model/index.js" "User2" 4 && + hasRef "./model/index.js" "Post1" 4 && + hasRef "./model/index.js" "Post2" 4 && + + hasRef "./resolvers/index.js" "user1Resolvers" 2 && + hasRef "./resolvers/index.js" "user2Resolvers" 2 && + hasRef "./resolvers/index.js" "post1Resolvers" 2 && + hasRef "./resolvers/index.js" "post2Resolvers" 2 && + + hasRef "./schema/index.js" "./User1.graphql" 1 && + hasRef "./schema/index.js" "./User2.graphql" 1 && + hasRef "./schema/index.js" "./Post1.graphql" 1 && + hasRef "./schema/index.js" "./Post2.graphql" 1 && + + hasRef "./authorization/User1.js" "isUser" 1 && + hasRef "./authorization/User1.js" "defaultUserRole" 1 && + hasRef "./authorization/User1.js" "firstUserRole" 1 && + hasRef "./authorization/User1.js" "adminUserRole" 1 && + hasRef "./authorization/User1.js" "ownerField" 1 && + hasRef "./authorization/User1.js" "roleField" 1 && + hasRef "./authorization/User1.js" "create" 1 && + hasRef "./authorization/User1.js" "read" 1 && + hasRef "./authorization/User1.js" "update" 2 && + hasRef "./authorization/User1.js" "delete" 1 && + + hasRef "./authorization/User2.js" "isUser" 1 && + hasRef "./authorization/User2.js" "defaultUserRole" 1 && + hasRef "./authorization/User2.js" "firstUserRole" 1 && + hasRef "./authorization/User2.js" "adminUserRole" 1 && + hasRef "./authorization/User2.js" "ownerField" 1 && + hasRef "./authorization/User2.js" "roleField" 1 && + hasRef "./authorization/User2.js" "create" 1 && + hasRef "./authorization/User2.js" "read" 1 && + hasRef "./authorization/User2.js" "update" 1 && + hasRef "./authorization/User2.js" "delete" 1 && + + hasRef "./authorization/Post2.js" "ownerField" 1 && + hasRef "./authorization/Post2.js" "roleField" 1 && + hasRef "./authorization/Post2.js" "create" 1 && + hasRef "./authorization/Post2.js" "read" 1 && + hasRef "./authorization/Post2.js" "update" 1 && + hasRef "./authorization/Post2.js" "delete" 1 && + + hasRef "./authorization/Post2.js" "ownerField" 1 && + hasRef "./authorization/Post2.js" "roleField" 1 && + hasRef "./authorization/Post2.js" "create" 1 && + hasRef "./authorization/Post2.js" "read" 1 && + hasRef "./authorization/Post2.js" "update" 1 && + hasRef "./authorization/Post2.js" "delete" 1 && + + hasRef "./schema/User1.graphql" "name" 3 && + hasRef "./schema/User1.graphql" "email" 3 && + hasRef "./schema/User1.graphql" "password" 2 && + hasRef "./schema/User1.graphql" "role:" 3 && + + hasRef "./schema/User2.graphql" "name" 3 && + hasRef "./schema/User2.graphql" "email" 3 && + hasRef "./schema/User2.graphql" "password" 2 && + hasRef "./schema/User2.graphql" "role:" 3 && + + hasRef "./schema/Post1.graphql" "post:" 3 && + hasRef "./schema/Post1.graphql" "owner:" 1 && + hasRef "./schema/Post1.graphql" "ownerId:" 2 && + + hasRef "./schema/Post2.graphql" "post:" 3 && + hasRef "./schema/Post2.graphql" "owner:" 1 && + hasRef "./schema/Post2.graphql" "ownerId:" 2 && + + hasRef "./authorization/index.js" "User1" 4 && + hasRef "./authorization/index.js" "User2" 4 && + hasRef "./authorization/index.js" "Post1" 4 && + hasRef "./authorization/index.js" "Post2" 4 ; then + echo "Test Passed Test1: 4 add-types" + openDevEnv +else + echo "Test Failed Test1: 4 add-types" +fi + +set +e +trap - EXIT +echo " " +echo "ALL TESTS PASSED" +echo " " \ No newline at end of file diff --git a/yarn.lock b/yarn.lock index 45f42dc..6161d8c 100644 --- a/yarn.lock +++ b/yarn.lock @@ -31,6 +31,13 @@ ajv@^4.7.0: co "^4.6.0" json-stable-stringify "^1.0.1" +ajv@^4.9.1: + version "4.11.8" + resolved "https://registry.yarnpkg.com/ajv/-/ajv-4.11.8.tgz#82ffb02b29e662ae53bdc20af15947706739c536" + dependencies: + co "^4.6.0" + json-stable-stringify "^1.0.1" + ansi-escapes@^1.1.0: version "1.4.0" resolved "https://registry.yarnpkg.com/ansi-escapes/-/ansi-escapes-1.4.0.tgz#d3a8a83b319aa67793662b13e761c7911422306e" @@ -119,6 +126,10 @@ ast-types@0.9.2: version "0.9.2" resolved "https://registry.yarnpkg.com/ast-types/-/ast-types-0.9.2.tgz#2cc19979d15c655108bf565323b8e7ee38751f6b" +ast-types@^0.9.11: + version "0.9.11" + resolved "https://registry.yarnpkg.com/ast-types/-/ast-types-0.9.11.tgz#371177bb59232ff5ceaa1d09ee5cad705b1a5aa9" + async-each@^1.0.0: version "1.0.1" resolved "https://registry.yarnpkg.com/async-each/-/async-each-1.0.1.tgz#19d386a1d9edc6e7c1c85d388aedbcc56d33602d" @@ -169,6 +180,14 @@ babel-code-frame@^6.16.0: esutils "^2.0.2" js-tokens "^2.0.0" +babel-code-frame@^6.22.0: + version "6.22.0" + resolved "https://registry.yarnpkg.com/babel-code-frame/-/babel-code-frame-6.22.0.tgz#027620bee567a88c32561574e7fd0801d33118e4" + dependencies: + chalk "^1.1.0" + esutils "^2.0.2" + js-tokens "^3.0.0" + babel-core@6.17.0, babel-core@^6.16.0: version "6.17.0" resolved "https://registry.yarnpkg.com/babel-core/-/babel-core-6.17.0.tgz#6c4576447df479e241e58c807e4bc7da4db7f425" @@ -195,14 +214,14 @@ babel-core@6.17.0, babel-core@^6.16.0: slash "^1.0.0" source-map "^0.5.0" -babel-eslint@7.0.0: - version "7.0.0" - resolved "https://registry.yarnpkg.com/babel-eslint/-/babel-eslint-7.0.0.tgz#54e51b4033f54ac81326ecea4c646a779935196d" +babel-eslint@^7.0.0: + version "7.2.3" + resolved "https://registry.yarnpkg.com/babel-eslint/-/babel-eslint-7.2.3.tgz#b2fe2d80126470f5c19442dc757253a897710827" dependencies: - babel-traverse "^6.15.0" - babel-types "^6.15.0" - babylon "^6.11.2" - lodash.pickby "^4.6.0" + babel-code-frame "^6.22.0" + babel-traverse "^6.23.1" + babel-types "^6.23.0" + babylon "^6.17.0" babel-generator@^6.17.0: version "6.18.0" @@ -343,6 +362,12 @@ babel-helpers@^6.16.0: babel-runtime "^6.0.0" babel-template "^6.16.0" +babel-messages@^6.23.0: + version "6.23.0" + resolved "https://registry.yarnpkg.com/babel-messages/-/babel-messages-6.23.0.tgz#f3cdf4703858035b2a2951c6ec5edf6c62f2630e" + dependencies: + babel-runtime "^6.22.0" + babel-messages@^6.8.0: version "6.8.0" resolved "https://registry.yarnpkg.com/babel-messages/-/babel-messages-6.8.0.tgz#bf504736ca967e6d65ef0adb5a2a5f947c8e0eb9" @@ -747,6 +772,13 @@ babel-runtime@^6.0.0, babel-runtime@^6.11.6, babel-runtime@^6.9.0, babel-runtime core-js "^2.4.0" regenerator-runtime "^0.9.5" +babel-runtime@^6.22.0: + version "6.23.0" + resolved "https://registry.yarnpkg.com/babel-runtime/-/babel-runtime-6.23.0.tgz#0a9489f144de70efb3ce4300accdb329e2fc543b" + dependencies: + core-js "^2.4.0" + regenerator-runtime "^0.10.0" + babel-template@^6.14.0, babel-template@^6.15.0, babel-template@^6.16.0, babel-template@^6.8.0: version "6.16.0" resolved "https://registry.yarnpkg.com/babel-template/-/babel-template-6.16.0.tgz#e149dd1a9f03a35f817ddbc4d0481988e7ebc8ca" @@ -757,7 +789,7 @@ babel-template@^6.14.0, babel-template@^6.15.0, babel-template@^6.16.0, babel-te babylon "^6.11.0" lodash "^4.2.0" -babel-traverse@^6.15.0, babel-traverse@^6.16.0, babel-traverse@^6.18.0: +babel-traverse@^6.16.0: version "6.18.0" resolved "https://registry.yarnpkg.com/babel-traverse/-/babel-traverse-6.18.0.tgz#5aeaa980baed2a07c8c47329cd90c3b90c80f05e" dependencies: @@ -771,7 +803,30 @@ babel-traverse@^6.15.0, babel-traverse@^6.16.0, babel-traverse@^6.18.0: invariant "^2.2.0" lodash "^4.2.0" -babel-types@^6.13.0, babel-types@^6.15.0, babel-types@^6.16.0, babel-types@^6.18.0, babel-types@^6.8.0, babel-types@^6.9.0: +babel-traverse@^6.18.0, babel-traverse@^6.23.1: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-traverse/-/babel-traverse-6.24.1.tgz#ab36673fd356f9a0948659e7b338d5feadb31695" + dependencies: + babel-code-frame "^6.22.0" + babel-messages "^6.23.0" + babel-runtime "^6.22.0" + babel-types "^6.24.1" + babylon "^6.15.0" + debug "^2.2.0" + globals "^9.0.0" + invariant "^2.2.0" + lodash "^4.2.0" + +babel-types@^6.13.0, babel-types@^6.18.0, babel-types@^6.23.0, babel-types@^6.24.1, babel-types@^6.8.0, babel-types@^6.9.0: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-types/-/babel-types-6.24.1.tgz#a136879dc15b3606bda0d90c1fc74304c2ff0975" + dependencies: + babel-runtime "^6.22.0" + esutils "^2.0.2" + lodash "^4.2.0" + to-fast-properties "^1.0.1" + +babel-types@^6.16.0: version "6.18.0" resolved "https://registry.yarnpkg.com/babel-types/-/babel-types-6.18.0.tgz#1f7d5a73474c59eb9151b2417bbff4e4fce7c3f8" dependencies: @@ -780,10 +835,14 @@ babel-types@^6.13.0, babel-types@^6.15.0, babel-types@^6.16.0, babel-types@^6.18 lodash "^4.2.0" to-fast-properties "^1.0.1" -babylon, babylon@^6.11.0, babylon@^6.11.2: +babylon, babylon@^6.11.0: version "6.14.1" resolved "https://registry.yarnpkg.com/babylon/-/babylon-6.14.1.tgz#956275fab72753ad9b3435d7afe58f8bf0a29815" +babylon@^6.15.0, babylon@^6.17.0: + version "6.17.0" + resolved "https://registry.yarnpkg.com/babylon/-/babylon-6.17.0.tgz#37da948878488b9c4e3c4038893fa3314b3fc932" + balanced-match@^0.4.1: version "0.4.2" resolved "https://registry.yarnpkg.com/balanced-match/-/balanced-match-0.4.2.tgz#cb3f3e3c732dc0f01ee70b403f302e61d7709838" @@ -794,6 +853,14 @@ bcrypt-pbkdf@^1.0.0: dependencies: tweetnacl "^0.14.3" +bcrypt@^1.0.2: + version "1.0.2" + resolved "https://registry.yarnpkg.com/bcrypt/-/bcrypt-1.0.2.tgz#d05fc5d223173e0e28ec381c0f00cc25ffaf2736" + dependencies: + bindings "1.2.1" + nan "2.5.0" + node-pre-gyp "0.6.32" + bin-version-check@^2.1.0: version "2.1.0" resolved "https://registry.yarnpkg.com/bin-version-check/-/bin-version-check-2.1.0.tgz#e4e5df290b9069f7d111324031efc13fdd11a5b0" @@ -813,6 +880,10 @@ binary-extensions@^1.0.0: version "1.7.0" resolved "https://registry.yarnpkg.com/binary-extensions/-/binary-extensions-1.7.0.tgz#6c1610db163abfb34edfe42fa423343a1e01185d" +bindings@1.2.1: + version "1.2.1" + resolved "https://registry.yarnpkg.com/bindings/-/bindings-1.2.1.tgz#14ad6113812d2d37d72e67b4cacb4bb726505f11" + block-stream@*: version "0.0.9" resolved "https://registry.yarnpkg.com/block-stream/-/block-stream-0.0.9.tgz#13ebfe778a03205cfe03751481ebb4b3300c126a" @@ -877,6 +948,10 @@ caseless@~0.11.0: version "0.11.0" resolved "https://registry.yarnpkg.com/caseless/-/caseless-0.11.0.tgz#715b96ea9841593cc33067923f5ec60ebda4f7d7" +caseless@~0.12.0: + version "0.12.0" + resolved "https://registry.yarnpkg.com/caseless/-/caseless-0.12.0.tgz#1b681c21ff84033c826543090689420d187151dc" + chai: version "3.5.0" resolved "https://registry.yarnpkg.com/chai/-/chai-3.5.0.tgz#4d02637b067fe958bdbfdd3a40ec56fef7373247" @@ -1498,6 +1573,19 @@ gauge@~2.6.0: strip-ansi "^3.0.1" wide-align "^1.1.0" +gauge@~2.7.3: + version "2.7.4" + resolved "https://registry.yarnpkg.com/gauge/-/gauge-2.7.4.tgz#2c03405c7538c39d7eb37b317022e325fb018bf7" + dependencies: + aproba "^1.0.3" + console-control-strings "^1.0.0" + has-unicode "^2.0.0" + object-assign "^4.1.0" + signal-exit "^3.0.0" + string-width "^1.0.1" + strip-ansi "^3.0.1" + wide-align "^1.1.0" + generate-function@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/generate-function/-/generate-function-2.0.0.tgz#6858fe7c0969b7d4e9093337647ac79f60dfbe74" @@ -1596,6 +1684,10 @@ growl@1.9.2: version "1.9.2" resolved "https://registry.yarnpkg.com/growl/-/growl-1.9.2.tgz#0ea7743715db8d8de2c5ede1775e1b45ac85c02f" +har-schema@^1.0.5: + version "1.0.5" + resolved "https://registry.yarnpkg.com/har-schema/-/har-schema-1.0.5.tgz#d263135f43307c02c602afc8fe95970c0151369e" + har-validator@~2.0.6: version "2.0.6" resolved "https://registry.yarnpkg.com/har-validator/-/har-validator-2.0.6.tgz#cdcbc08188265ad119b6a5a7c8ab70eecfb5d27d" @@ -1605,6 +1697,13 @@ har-validator@~2.0.6: is-my-json-valid "^2.12.4" pinkie-promise "^2.0.0" +har-validator@~4.2.1: + version "4.2.1" + resolved "https://registry.yarnpkg.com/har-validator/-/har-validator-4.2.1.tgz#33481d0f1bbff600dd203d75812a6a5fba002e2a" + dependencies: + ajv "^4.9.1" + har-schema "^1.0.5" + has-ansi@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/has-ansi/-/has-ansi-2.0.0.tgz#34f5049ce1ecdf2b0649af3ef24e45ed35416d91" @@ -1867,6 +1966,10 @@ js-tokens@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/js-tokens/-/js-tokens-2.0.0.tgz#79903f5563ee778cc1162e6dcf1a0027c97f9cb5" +js-tokens@^3.0.0: + version "3.0.1" + resolved "https://registry.yarnpkg.com/js-tokens/-/js-tokens-3.0.1.tgz#08e9f132484a2c45a30907e9dc4d5567b7f114d7" + js-yaml@^3.5.1: version "3.7.0" resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-3.7.0.tgz#5c967ddd837a9bfdca5f2de84253abe8a1c03b80" @@ -2029,10 +2132,6 @@ lodash.merge@^4.6.0: version "4.6.0" resolved "https://registry.yarnpkg.com/lodash.merge/-/lodash.merge-4.6.0.tgz#69884ba144ac33fe699737a6086deffadd0f89c5" -lodash.pickby@^4.6.0: - version "4.6.0" - resolved "https://registry.yarnpkg.com/lodash.pickby/-/lodash.pickby-4.6.0.tgz#7dea21d8c18d7703a27c704c15d3b84a67e33aff" - lodash@^4.0.0, lodash@^4.2.0, lodash@^4.3.0: version "4.16.6" resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.16.6.tgz#d22c9ac660288f3843e16ba7d2b5d06cca27d777" @@ -2159,6 +2258,10 @@ mute-stream@0.0.5: version "0.0.5" resolved "https://registry.yarnpkg.com/mute-stream/-/mute-stream-0.0.5.tgz#8fbfabb0a98a253d3184331f9e8deb7372fac6c0" +nan@2.5.0: + version "2.5.0" + resolved "https://registry.yarnpkg.com/nan/-/nan-2.5.0.tgz#aa8f1e34531d807e9e27755b234b4a6ec0c152a8" + nan@^2.3.0: version "2.4.0" resolved "https://registry.yarnpkg.com/nan/-/nan-2.4.0.tgz#fb3c59d45fe4effe215f0b890f8adf6eb32d2232" @@ -2174,6 +2277,20 @@ node-fetch: encoding "^0.1.11" is-stream "^1.0.1" +node-pre-gyp@0.6.32: + version "0.6.32" + resolved "https://registry.yarnpkg.com/node-pre-gyp/-/node-pre-gyp-0.6.32.tgz#fc452b376e7319b3d255f5f34853ef6fd8fe1fd5" + dependencies: + mkdirp "~0.5.1" + nopt "~3.0.6" + npmlog "^4.0.1" + rc "~1.1.6" + request "^2.79.0" + rimraf "~2.5.4" + semver "~5.3.0" + tar "~2.2.1" + tar-pack "~3.3.0" + node-pre-gyp@^0.6.29: version "0.6.31" resolved "https://registry.yarnpkg.com/node-pre-gyp/-/node-pre-gyp-0.6.31.tgz#d8a00ddaa301a940615dbcc8caad4024d58f6017" @@ -2220,6 +2337,15 @@ npmlog@^4.0.0: gauge "~2.6.0" set-blocking "~2.0.0" +npmlog@^4.0.1: + version "4.1.0" + resolved "https://registry.yarnpkg.com/npmlog/-/npmlog-4.1.0.tgz#dc59bee85f64f00ed424efb2af0783df25d1c0b5" + dependencies: + are-we-there-yet "~1.1.2" + console-control-strings "~1.1.0" + gauge "~2.7.3" + set-blocking "~2.0.0" + number-is-nan@^1.0.0: version "1.0.1" resolved "https://registry.yarnpkg.com/number-is-nan/-/number-is-nan-1.0.1.tgz#097b602b53422a522c1afb8790318336941a011d" @@ -2323,6 +2449,10 @@ path-type@^1.0.0: pify "^2.0.0" pinkie-promise "^2.0.0" +performance-now@^0.2.0: + version "0.2.0" + resolved "https://registry.yarnpkg.com/performance-now/-/performance-now-0.2.0.tgz#33ef30c5c77d4ea21c5a53869d91b56d8f2555e5" + pify@^2.0.0: version "2.3.0" resolved "https://registry.yarnpkg.com/pify/-/pify-2.3.0.tgz#ed141a6ac043a849ea588498e7dca8b15330e90c" @@ -2381,6 +2511,10 @@ qs@~6.3.0: version "6.3.0" resolved "https://registry.yarnpkg.com/qs/-/qs-6.3.0.tgz#f403b264f23bc01228c74131b407f18d5ea5d442" +qs@~6.4.0: + version "6.4.0" + resolved "https://registry.yarnpkg.com/qs/-/qs-6.4.0.tgz#13e26d28ad6b0ffaa91312cd3bf708ed351e7233" + randomatic@^1.1.3: version "1.1.5" resolved "https://registry.yarnpkg.com/randomatic/-/randomatic-1.1.5.tgz#5e9ef5f2d573c67bd2b8124ae90b5156e457840b" @@ -2472,6 +2606,10 @@ regenerate@^1.2.1: version "1.3.2" resolved "https://registry.yarnpkg.com/regenerate/-/regenerate-1.3.2.tgz#d1941c67bad437e1be76433add5b385f95b19260" +regenerator-runtime@^0.10.0: + version "0.10.5" + resolved "https://registry.yarnpkg.com/regenerator-runtime/-/regenerator-runtime-0.10.5.tgz#336c3efc1220adcedda2c9fab67b5a7955a33658" + regenerator-runtime@^0.9.5: version "0.9.6" resolved "https://registry.yarnpkg.com/regenerator-runtime/-/regenerator-runtime-0.9.6.tgz#d33eb95d0d2001a4be39659707c51b0cb71ce029" @@ -2540,6 +2678,33 @@ request@^2.65.0, request@^2.75.0: tough-cookie "~2.3.0" tunnel-agent "~0.4.1" +request@^2.79.0: + version "2.81.0" + resolved "https://registry.yarnpkg.com/request/-/request-2.81.0.tgz#c6928946a0e06c5f8d6f8a9333469ffda46298a0" + dependencies: + aws-sign2 "~0.6.0" + aws4 "^1.2.1" + caseless "~0.12.0" + combined-stream "~1.0.5" + extend "~3.0.0" + forever-agent "~0.6.1" + form-data "~2.1.1" + har-validator "~4.2.1" + hawk "~3.1.3" + http-signature "~1.1.0" + is-typedarray "~1.0.0" + isstream "~0.1.2" + json-stringify-safe "~5.0.1" + mime-types "~2.1.7" + oauth-sign "~0.8.1" + performance-now "^0.2.0" + qs "~6.4.0" + safe-buffer "^5.0.1" + stringstream "~0.0.4" + tough-cookie "~2.3.0" + tunnel-agent "^0.6.0" + uuid "^3.0.0" + require-uncached@^1.0.2: version "1.0.3" resolved "https://registry.yarnpkg.com/require-uncached/-/require-uncached-1.0.3.tgz#4e0d56d6c9662fd31e43011c4b95aa49955421d3" @@ -2578,6 +2743,10 @@ rx-lite@^3.1.2: version "3.1.2" resolved "https://registry.yarnpkg.com/rx-lite/-/rx-lite-3.1.2.tgz#19ce502ca572665f3b647b10939f97fd1615f102" +safe-buffer@^5.0.1: + version "5.0.1" + resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.0.1.tgz#d263ca54696cd8a306b5ca6551e92de57918fbe7" + semver-regex@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/semver-regex/-/semver-regex-1.0.0.tgz#92a4969065f9c70c694753d55248fc68f8f652c9" @@ -2790,6 +2959,12 @@ tryit@^1.0.1: version "1.0.3" resolved "https://registry.yarnpkg.com/tryit/-/tryit-1.0.3.tgz#393be730a9446fd1ead6da59a014308f36c289cb" +tunnel-agent@^0.6.0: + version "0.6.0" + resolved "https://registry.yarnpkg.com/tunnel-agent/-/tunnel-agent-0.6.0.tgz#27a5dea06b36b04a0a9966774b290868f0fc40fd" + dependencies: + safe-buffer "^5.0.1" + tunnel-agent@~0.4.1: version "0.4.3" resolved "https://registry.yarnpkg.com/tunnel-agent/-/tunnel-agent-0.4.3.tgz#6373db76909fe570e08d73583365ed828a74eeeb" @@ -2834,6 +3009,10 @@ util-deprecate@~1.0.1: version "1.0.2" resolved "https://registry.yarnpkg.com/util-deprecate/-/util-deprecate-1.0.2.tgz#450d4dc9fa70de732762fbd2d4a28981419a0ccf" +uuid@^3.0.0: + version "3.0.1" + resolved "https://registry.yarnpkg.com/uuid/-/uuid-3.0.1.tgz#6544bba2dfda8c1cf17e629a3a305e2bb1fee6c1" + v8flags@^2.0.10: version "2.0.11" resolved "https://registry.yarnpkg.com/v8flags/-/v8flags-2.0.11.tgz#bca8f30f0d6d60612cc2c00641e6962d42ae6881" From 542780719201474547f694e793c32a50bf6b750e Mon Sep 17 00:00:00 2001 From: tobkle Date: Thu, 3 Aug 2017 19:30:34 +0200 Subject: [PATCH 25/69] Revert "add-user and authorization prototype" This reverts commit d5a4c322d549f970919a0aa00788eee4478153ea. --- CHANGELOG.md | 5 - README.md | 149 ------------ bin/create-graphql-server.js | 87 ++----- generate/authorization/index.js | 220 ----------------- generate/index.js | 11 +- generate/model/index.js | 41 ++-- generate/model/templates/user.js.template | 55 ----- generate/resolvers/index.js | 26 +- generate/resolvers/templates/base.js.template | 56 +---- generate/schema/index.js | 118 +++------ package.json | 4 - skel/authorization/index.js | 194 --------------- test/input-authorization/Post1.graphql | 5 - test/input-authorization/Post2.graphql | 14 -- test/input-authorization/User1.graphql | 3 - test/input-authorization/User2.graphql | 13 - test/test-authorization.sh | 228 ------------------ yarn.lock | 207 ++-------------- 18 files changed, 114 insertions(+), 1322 deletions(-) delete mode 100644 generate/authorization/index.js delete mode 100644 generate/model/templates/user.js.template delete mode 100644 skel/authorization/index.js delete mode 100644 test/input-authorization/Post1.graphql delete mode 100644 test/input-authorization/Post2.graphql delete mode 100644 test/input-authorization/User1.graphql delete mode 100644 test/input-authorization/User2.graphql delete mode 100755 test/test-authorization.sh diff --git a/CHANGELOG.md b/CHANGELOG.md index bc17703..60c9b82 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,9 +1,4 @@ -0.5.5 - -- Added an authorization generator -- Added a command add-user to generate user resolvers automatically - 0.5.4 - Added the possibility to run "add-type" several times, which overwrites existing types diff --git a/README.md b/README.md index b39ceca..a6002d8 100644 --- a/README.md +++ b/README.md @@ -1,152 +1,3 @@ -*** WORK IN PROGRESS -- NOT YET FINISHED *** -development is not yet finalized, and not yet tested -This is to discuss the current approach to introduce a generator for authorizations also. - -# Command **add-user** -To add a new User type, use the following command: -```bash - create-graphql-server add-user path/to/user-input-type.graphql -``` - -This generates a new user with the input type file. A new command was necessary, as the user type has a different resolver to handle password and hash. - -If important fields with dependent logics are missing, they are added automatically by the generator, such as the fields: **email**, **password**, **role**. - -# Authorization for types -Use the new directive @authorize in the type definition to control the authorization settings: -```javascript - type User - @authorize( - create: ["owner"] - read: ["world"] - update: ["owner", "admin"] - delete: ["owner", "admin"] - ownerField: "id" - roleField: "role" - defaultUserRole: 'user', - firstUserRole: 'admin', - adminUserRole: 'admin', - ) - { - email: String! - name: String - role: String! - } -``` -or: -```javascript - type Post - @authorize( - create: ["owner"] - read: ["world"] - update: ["owner", "admin"] - delete: ["owner", "admin"] - ownerField: "ownerId" - roleField: "role" - ) - { - post: String! - comment: String - owner: User1 @belongsTo - } -``` - -Meaning of the directive's arguments: -* create = Authorization for a create mutation -* read = Authorization for a read query -* update = Authorization for a update mutation -* delete = Authorization for a delete mutation -* -Add the authorized users in the array with... -* "owner" = the user, who created the document -* "world" = everyone is authorized -* "admin" = the administrator, of the system -* role = add any role, in the role field - -The generator will create a new folder named authorization. In that folder, a new index.js file is copied into, which hosts the authorization logic. This authorization logic exposes only one central function **authorize()**, which will be called for each resolver's data handler. This authorize function should be only used in the resolver. It can send and receive whether an array or a document. It has the following signature: - -```javascript -const authorized_data = await authorize('TypeName', TypeName, 'mode', user, data); -``` -whereas: 'TypeName' is a string with the current type name of the resolver, the passed TypeName contains the context of the resolver (Model,...), 'mode' contains a string with any of the available modes of the data access: 'create', 'read', 'update', 'delete', to inform the authorization module, what kind of data operation it shall authorize, user is the context object of the authenticated user, and input is the data which should be checked. The authorize function returns checked and authorized data. If for example one document of the data array is not accessible by the authenticated user, then it is filtered out and not included in the returned array/object. - -Also, for each generated type, it creates an additional file in the authorization folder named by its type.js. In that file, all rules for a successfull authorization check is stored. You can adjust this file directly also afterwards as it keeps only data, with the following rules: - -```javascript -let defaultAuthorization = { - name: ObjectTypeDefinition.name.value || 'nameNotFound', - field: { - ownerField: 'ownerId', - roleField: 'role', - }, - rules: [ - { - mode: 'create', - roles: ['owner'], - removeFields: [], - }, - { - mode: 'read', - roles: ['owner'], - removeFields: [], - }, - { - mode: 'update', - roles: ['owner', 'admin'], - removeFields: [], - }, - { - mode: 'delete', - roles: ['owner', 'admin'], - removeFields: [], - }, - ] -}; -``` - -```javascript -let defaultUserAuthorization = { - name: ObjectTypeDefinition.name.value || 'nameNotFound', - isUser: true, - defaultUserRole: 'user', - firstUserRole: 'admin', - adminUserRole: 'admin', - field: { - ownerField: 'id', - roleField: 'role', - }, - rules: [ - { - mode: 'create', - roles: ['world'], - removeFields: ['role'], - }, - { - mode: 'read', - roles: ['world'], - removeFields: [], - }, - { - mode: 'update', - roles: ['owner'], - removeFields: ['role'], - }, - { - mode: 'update', - roles: ['admin'], - removeFields: [], - }, - { - mode: 'delete', - roles: ['owner', 'admin'], - removeFields: [], - }, - ] -}; -``` - -If you don't enter any @authorize directive in your input file. It will generate the above rules for you automatically. - # Create GraphQL Server This is a simple scaffolding tool for GraphQL apps, built on MongoDB. diff --git a/bin/create-graphql-server.js b/bin/create-graphql-server.js index 1ce8a8d..b34fc6d 100755 --- a/bin/create-graphql-server.js +++ b/bin/create-graphql-server.js @@ -39,7 +39,6 @@ function usage() { console.log(' - create-graphql-server init project-dir'); console.log(' - create-graphql-server add-type path/to/type.graphql'); console.log(' - create-graphql-server add-type path'); - console.log(' - create-graphql-server add-user path/to/UserType.graphql'); console.log(' - create-graphql-server remove-type path/to/type.graphql'); console.log(' - create-graphql-server remove-type path'); console.log(' - create-graphql-server remove-type typename'); @@ -71,21 +70,18 @@ function usage() { process.exit(1); } -function adjustTypeName(typeName) { +function adjustTypeName(typeName){ return typeName.charAt(0).toUpperCase() + typeName.slice(1).toLowerCase(); } function getFileUpdateList(inputSchemaFile, mode) { let inputSchemaStr = ''; // in add mode or if a graphql path/file name was provided, the input file must be there, - if ( - mode === 'add-type' || - mode === 'add-user' || - inputSchemaFile.includes('.graphql') || - inputSchemaFile.includes('/') - ) { - if (!fs.existsSync(inputSchemaFile)) { - console.error(chalk.bold.red('Error: Cannot read file', inputSchemaFile)); + if (mode === 'add' || inputSchemaFile.includes('.graphql') || inputSchemaFile.includes('/')) { + if (! fs.existsSync(inputSchemaFile)) { + console.error( + chalk.bold.red('Error: Cannot read file', inputSchemaFile) + ); console.log(''); process.exit(1); } @@ -104,8 +100,7 @@ function getFileUpdateList(inputSchemaFile, mode) { outputSchemaStr, resolversStr, modelStr, - authorizationStr, - } = generate(inputSchemaStr, mode); + } = generate(inputSchemaStr); // do validation checks // shouldn't be necessary, but... @@ -120,8 +115,7 @@ function getFileUpdateList(inputSchemaFile, mode) { !modelStr || outputSchemaStr === '' || resolversStr === '' || - modelStr === '' || - authorizationStr === '' + modelStr === '' ) { console.error('Error: Error while generating target Code.'); process.exit(0); @@ -159,13 +153,6 @@ function getFileUpdateList(inputSchemaFile, mode) { indexPattern: `\nimport ${TypeName} from './${TypeName}';\n` + `models.${TypeName} = ${TypeName};\n`, }, - { - typePath: path.join('authorization', `${TypeName}.js`), - typeString: authorizationStr, - indexPath: path.join('authorization', 'index.js'), - indexPattern: `\nimport ${TypeName} from './${TypeName}';\n` + - `authorizations.${TypeName} = ${TypeName};\n`, - }, ]; } @@ -403,19 +390,16 @@ function addPatternToFiles(fileUpdateList) { function getFilesRecursively(folder, filetype) { // getting all files of a path and of a specific filetype recursively - let list = []; - let stats; - const files = fs.readdirSync(folder); + let list = [], stats, + files = fs.readdirSync(folder); - files.forEach((file) => { + files.forEach(file => { stats = fs.lstatSync(path.join(folder, file)); - if (stats.isDirectory()) { - list = list.concat( - getFilesRecursively(path.join(folder, file), filetype) - ); + if(stats.isDirectory()) { + list = list.concat(getFilesRecursively(path.join(folder, file), filetype)); } else if (file.includes(filetype)) { - console.log('found:', path.join(folder, file)); - list.push(path.join(folder, file)); + console.log('found:', path.join(folder, file)); + list.push(path.join(folder, file)); } }); @@ -424,10 +408,10 @@ function getFilesRecursively(folder, filetype) { // MAIN FUNCTIONS -function addType(inputSchemaFile, options, mode) { +function addType(inputSchemaFile, options) { // generates a new data type with all its files and references console.log(chalk.bold.blue('Running add-type')); - const fileUpdateList = getFileUpdateList(inputSchemaFile, mode); + const fileUpdateList = getFileUpdateList(inputSchemaFile, 'add'); checkForFileChanges(fileUpdateList, options['force-update']); createTypeFiles(fileUpdateList); addPatternToFiles(fileUpdateList); @@ -471,18 +455,15 @@ if (commands[0] === 'init') { if (!inputSchemaFile) { usage(); } - if ( - fs.existsSync(inputSchemaFile) && - fs.lstatSync(inputSchemaFile).isDirectory() - ) { - // directory name entered + if (fs.existsSync(inputSchemaFile) && fs.lstatSync(inputSchemaFile).isDirectory()) { + //directory name entered const files = getFilesRecursively(inputSchemaFile, '.graphql'); - files.forEach((file) => { - addType(file, argv, commands[0]); + files.forEach(file => { + addType(file, argv); }); } else { // single file entered - addType(inputSchemaFile, argv, commands[0]); + addType(inputSchemaFile, argv); } process.exit(0); } else if (commands[0] === 'remove-type') { @@ -490,13 +471,10 @@ if (commands[0] === 'init') { if (!inputSchemaFile) { usage(); } - if ( - fs.existsSync(inputSchemaFile) && - fs.lstatSync(inputSchemaFile).isDirectory() - ) { + if (fs.existsSync(inputSchemaFile) && fs.lstatSync(inputSchemaFile).isDirectory()) { // directory name entered const files = getFilesRecursively(inputSchemaFile, '.graphql'); - files.forEach((file) => { + files.forEach(file => { removeType(file, argv); }); } else { @@ -504,23 +482,6 @@ if (commands[0] === 'init') { removeType(inputSchemaFile, argv); } process.exit(0); -} else if (commands[0] === 'add-user') { - const inputSchemaFile = commands[1]; - if (!inputSchemaFile) { - usage(); - } - if ( - fs.existsSync(inputSchemaFile) && - fs.lstatSync(inputSchemaFile).isDirectory() - ) { - // directory name entered - console.error('Please enter a User Type instead of a directory.'); - process.exit(0); - } else { - // single file entered - addType(inputSchemaFile, argv, commands[0]); - } - process.exit(0); } else { usage(); } diff --git a/generate/authorization/index.js b/generate/authorization/index.js deleted file mode 100644 index 93c133d..0000000 --- a/generate/authorization/index.js +++ /dev/null @@ -1,220 +0,0 @@ -import assert from 'assert'; - -export default function generateAuthorization(inputSchema, mode) { - // Check that the input looks like we expect -- a single ObjectType definition - assert(inputSchema.kind === 'Document'); - assert(inputSchema.definitions.length === 1); - - let ObjectTypeDefinition = inputSchema.definitions.filter((node) => { - return node.kind === 'ObjectTypeDefinition'; - }); - if (ObjectTypeDefinition.length > 1) { - throw new Error( - 'generateAuthorization: only one type definition per file allowed' - ); } - if (ObjectTypeDefinition.length < 1) { - throw new Error('generateAuthorization: no type definition found in file'); - } - ObjectTypeDefinition = ObjectTypeDefinition[0]; - - let defaultAuthorization = { - name: ObjectTypeDefinition.name.value || 'nameNotFound', - field: { - ownerField: 'ownerId', - roleField: 'role', - }, - rules: [ - { - mode: 'create', - roles: ['owner'], - removeFields: [], - }, - { - mode: 'read', - roles: ['owner'], - removeFields: [], - }, - { - mode: 'update', - roles: ['owner', 'admin'], - removeFields: [], - }, - { - mode: 'delete', - roles: ['owner', 'admin'], - removeFields: [], - }, - ], - }; - - const defaultUserAuthorization = { - name: ObjectTypeDefinition.name.value || 'nameNotFound', - isUser: true, - defaultUserRole: 'user', - firstUserRole: 'admin', - adminUserRole: 'admin', - field: { - ownerField: 'id', - roleField: 'role', - }, - rules: [ - { - mode: 'create', - roles: ['world'], - removeFields: ['role'], - }, - { - mode: 'read', - roles: ['world'], - removeFields: [], - }, - { - mode: 'update', - roles: ['owner'], - removeFields: ['role'], - }, - { - mode: 'update', - roles: ['admin'], - removeFields: [], - }, - { - mode: 'delete', - roles: ['owner', 'admin'], - removeFields: [], - }, - ], - }; - - let authorization = {}; - - if (mode === 'add-user') { - defaultAuthorization = defaultUserAuthorization; - } - authorization = Object.assign({}, defaultAuthorization); - authorization.rules = []; - - // Reading Directives out of type file if available - if (ObjectTypeDefinition.directives) { - ObjectTypeDefinition.directives.forEach((directive) => { - if ( - directive.kind && - directive.kind === 'Directive' && - directive.name && - directive.name.kind && - directive.name.kind === 'Name' && - directive.name.value && - directive.name.value === 'authorize' && - directive.arguments && - directive.arguments.length > 0 - ) { - // Directive "@authorized" found in type definition with arguments - directive.arguments.forEach((argument) => { - // handle the different arguments now - - // RULES create/read/update/delete - if ( - argument.kind && - argument.kind === 'Argument' && - argument.name && - argument.name.kind && - argument.name.kind === 'Name' && - argument.name.value && - (argument.name.value === 'create' || - argument.name.value === 'read' || - argument.name.value === 'update' || - argument.name.value === 'delete') && - argument.value - ) { - if (argument.value.kind && argument.value.kind === 'ListValue') { - // it is a List - const roles = []; - argument.value.values.forEach((value) => { - if ( - value.kind && - value.kind === 'StringValue' && - value.value !== '' - ) { - roles.push(value.value); - } - }); // each value - authorization.rules.push({ - mode: argument.name.value, - roles, - removeFields: [], - }); - } // ListValue - - if ( - argument.value.kind && - argument.value.kind === 'StringValue' && - argument.value.value !== '' - ) { - // it is a List - authorization.rules.push({ - mode: argument.name.value, - roles: [argument.value.value], - removeFields: [], - }); - } // StringValue - } // create/read/update/delete - - // FIELD ownerField, roleField - if ( - argument.kind && - argument.kind === 'Argument' && - argument.name && - argument.name.kind && - argument.name.kind === 'Name' && - argument.name.value && - (argument.name.value === 'ownerField' || - argument.name.value === 'roleField') && - argument.value - ) { - if ( - argument.value.kind && - argument.value.kind === 'StringValue' && - argument.value.value !== '' - ) { - // it is a List - authorization.field[argument.name.value] = argument.value.value; - } // StringValue - } // ownerField / roleField - - // FIELDS: - // defaultUserRole: 'user', - // firstUserRole: 'admin', - // adminUserRole: 'admin', - if ( - argument.kind && - argument.kind === 'Argument' && - argument.name && - argument.name.kind && - argument.name.kind === 'Name' && - argument.name.value && - (argument.name.value === 'defaultUserRole' || - argument.name.value === 'firstUserRole' || - argument.name.value === 'adminUserRole') && - argument.value - ) { - if ( - argument.value.kind && - argument.value.kind === 'StringValue' && - argument.value.value !== '' - ) { - // it is a List - authorization[argument.name.value] = argument.value.value; - } // StringValue - } // defaultUserRole, firstUserRole, adminUserRole - }); // forEach(argument) - } // directive authorize - }); // forEach directive - } // directive there - - // Check if Directives were available: - if (authorization.rules.length === 0) { - authorization.rules = defaultAuthorization.rules; - } - - return `export default ${JSON.stringify(authorization, null, 2)};`; -} diff --git a/generate/index.js b/generate/index.js index 7ac8242..0574627 100644 --- a/generate/index.js +++ b/generate/index.js @@ -6,20 +6,18 @@ import { parse, print } from 'graphql'; import generateSchema from './schema'; import generateResolvers from './resolvers'; import generateModel from './model'; -import generateAuthorization from './authorization'; import { lcFirst } from './util/capitalization'; -export default function generate(inputSchemaStr, mode) { +export default function generate(inputSchemaStr) { const inputSchema = parse(inputSchemaStr); const type = inputSchema.definitions[0]; const TypeName = type.name.value; - const outputSchema = generateSchema(inputSchema, mode); + const outputSchema = generateSchema(inputSchema); const outputSchemaStr = print(outputSchema); - const resolversStr = generateResolvers(inputSchema, mode); - const modelStr = generateModel(inputSchema, mode); - const authorizationStr = generateAuthorization(inputSchema, mode); + const resolversStr = generateResolvers(inputSchema); + const modelStr = generateModel(inputSchema); return { typeName: lcFirst(TypeName), @@ -27,6 +25,5 @@ export default function generate(inputSchemaStr, mode) { outputSchemaStr, resolversStr, modelStr, - authorizationStr, }; } diff --git a/generate/model/index.js b/generate/model/index.js index 3734773..cfbb1cb 100644 --- a/generate/model/index.js +++ b/generate/model/index.js @@ -11,15 +11,17 @@ function read(name) { const templates = { base: read('base'), - user: read('user'), singularAssociation: read('singularAssociation'), paginatedAssociation: read('paginatedAssociation'), }; -function buildAst( - template, - { typeName, fieldName, argsStr, ReturnTypeName, query } -) { +function buildAst(template, { + typeName, + fieldName, + argsStr, + ReturnTypeName, + query, +}) { const argsWithDefaultsStr = argsStr .replace('lastCreatedAt', 'lastCreatedAt = 0') .replace('limit', 'limit = 10'); @@ -32,11 +34,9 @@ function buildAst( }); } + const generators = { - base({ typeName, TypeName }, mode) { - if (mode === 'add-user') { - return templateToAst(templates.user, { typeName, TypeName }); - } + base({ typeName, TypeName }) { return templateToAst(templates.base, { typeName, TypeName }); }, belongsTo(replacements) { @@ -73,29 +73,26 @@ const generators = { }, }; -export function generateModelAst(inputSchema, mode) { +export function generateModelAst(inputSchema) { const type = inputSchema.definitions[0]; const TypeName = type.name.value; const typeName = lcFirst(TypeName); - const ast = generators.base({ TypeName, typeName }, mode); - - let startWith = 2; - if (mode === 'add-user') { - startWith = 4; - } + const ast = generators.base({ TypeName, typeName }); // XXX: rather than hardcoding in array indices it would be less brittle to // walk the tree using https://github.com/benjamn/ast-types - const classMethodsAst = - ast.program.body[startWith].declaration.body.body; // export // class declaration + const classMethodsAst = ast.program.body[2] // export + .declaration // class declaration + .body.body; const findOneMethod = classMethodsAst.find(m => m.key.name === 'all'); let nextIndex = classMethodsAst.indexOf(findOneMethod) + 1; + generatePerField(type, generators).forEach((resolverFunctionAst) => { - const classMethodAst = - resolverFunctionAst.program.body[0].body.body[0]; // class declaration // classMethod + const classMethodAst = resolverFunctionAst.program.body[0] // class declaration + .body.body[0]; // classMethod classMethodsAst.splice(nextIndex, 0, classMethodAst); nextIndex += 1; @@ -104,7 +101,7 @@ export function generateModelAst(inputSchema, mode) { return ast; } -export default function generateModel(inputSchema, mode) { - const ast = generateModelAst(inputSchema, mode); +export default function generateModel(inputSchema) { + const ast = generateModelAst(inputSchema); return print(ast, { trailingComma: true }).code; } diff --git a/generate/model/templates/user.js.template b/generate/model/templates/user.js.template deleted file mode 100644 index 346d675..0000000 --- a/generate/model/templates/user.js.template +++ /dev/null @@ -1,55 +0,0 @@ -import DataLoader from 'dataloader'; -import findByIds from 'mongo-find-by-ids'; -import bcrypt from 'bcrypt'; -const SALT_ROUNDS = 10; - -export default class TypeName { - constructor(context) { - this.context = context; - this.collection = context.db.collection('typeName'); - this.pubsub = context.pubsub; - this.loader = new DataLoader(ids => findByIds(this.collection, ids)); - } - - findOneById(id) { - return this.loader.load(id); - } - - all({ lastCreatedAt = 0, limit = 10 }) { - return this.collection.find({ - createdAt: { $gt: lastCreatedAt }, - }).sort({ createdAt: 1 }).limit(limit).toArray(); - } - - async insert(doc) { - const { password } = doc; - delete doc.password; - const hash = await bcrypt.hash(password, SALT_ROUNDS); - const docToInsert = Object.assign({}, doc, { - hash, - createdAt: Date.now(), - updatedAt: Date.now(), - }); - const id = (await this.collection.insertOne(docToInsert)).insertedId; - this.pubsub.publish('typeNameInserted', await this.findOneById(id)); - return id; - } - - async updateById(id, doc) { - const ret = await this.collection.update({ _id: id }, { - $set: Object.assign({}, doc, { - updatedAt: Date.now(), - }), - }); - this.loader.clear(id); - this.pubsub.publish('typeNameUpdated', await this.findOneById(id)); - return ret; - } - - async removeById(id) { - const ret = this.collection.remove({ _id: id }); - this.loader.clear(id); - this.pubsub.publish('typeNameRemoved', id); - return ret; - } -} diff --git a/generate/resolvers/index.js b/generate/resolvers/index.js index 5fecd3c..b983b3c 100644 --- a/generate/resolvers/index.js +++ b/generate/resolvers/index.js @@ -11,7 +11,6 @@ function read(name) { const templates = { base: read('base'), - user: read('base'), fieldOfType: read('fieldOfType'), paginatedField: read('paginatedField'), }; @@ -23,10 +22,7 @@ function generateResolver(template) { } const generators = { - base({ typeName, TypeName }, mode) { - if (mode === 'add-user') { - return templateToAst(templates.user, { typeName, TypeName }); - } + base({ typeName, TypeName }) { return templateToAst(templates.base, { typeName, TypeName }); }, belongsTo: generateResolver(templates.fieldOfType), @@ -36,23 +32,23 @@ const generators = { hasAndBelongsToMany: generateResolver(templates.paginatedField), }; -export function generateResolversAst(inputSchema, mode) { +export function generateResolversAst(inputSchema) { const type = inputSchema.definitions[0]; const TypeName = type.name.value; const typeName = lcFirst(TypeName); - const ast = generators.base({ TypeName, typeName }, mode); + const ast = generators.base({ TypeName, typeName }); // XXX: rather than hardcoding in array indices it would be less brittle to // walk the tree using https://github.com/benjamn/ast-types - const typeResolversAst = - ast.program.body[1].declarations[0].init.properties[0].value; - // const // object expression // object value + const typeResolversAst = ast.program.body[0] // const + .declarations[0].init // object expression + .properties[0].value; // object value generatePerField(type, generators).forEach((resolverFunctionAst) => { - const resolverProperty = - resolverFunctionAst.program.body[0].declarations[0].init.properties[0]; - // variable declaration // object expression + const resolverProperty = resolverFunctionAst.program.body[0] // variable declaration + .declarations[0].init // object expression + .properties[0]; typeResolversAst.properties.push(resolverProperty); }); @@ -60,7 +56,7 @@ export function generateResolversAst(inputSchema, mode) { return ast; } -export default function generateResolvers(inputSchema, mode) { - const ast = generateResolversAst(inputSchema, mode); +export default function generateResolvers(inputSchema) { + const ast = generateResolversAst(inputSchema); return print(ast, { trailingComma: true }).code; } diff --git a/generate/resolvers/templates/base.js.template b/generate/resolvers/templates/base.js.template index 61f36b4..158c416 100644 --- a/generate/resolvers/templates/base.js.template +++ b/generate/resolvers/templates/base.js.template @@ -1,4 +1,3 @@ -import authorize from '../authorization'; const resolvers = { TypeName: { id(typeName) { @@ -6,58 +5,27 @@ const resolvers = { }, }, Query: { - typeNames(root, { lastCreatedAt, limit }, { TypeName, user }) { - return TypeName.all({ lastCreatedAt, limit }) - .then(data => { - if (data.length > 0){ - async () => { - return await authorize('TypeName', TypeName, 'read', user, data); - } - } - return data; - }); + typeNames(root, { lastCreatedAt, limit }, { TypeName }) { + return TypeName.all({ lastCreatedAt, limit }); }, - typeName(root, { id }, { TypeName, user }) { - return TypeName.findOneById(id) - .then(data => { - if (data.length > 0){ - async () => { - return await authorize('TypeName', TypeName, 'read', user, data); - } - } - return data; - }); + typeName(root, { id }, { TypeName }) { + return TypeName.findOneById(id); }, }, Mutation: { - async createTypeName(root, { input }, { TypeName, user }) { - const authorized = await authorize('TypeName', TypeName, 'create', user, input); - if (authorized){ - const id = await TypeName.insert(authorized); - return TypeName.findOneById(id); - } - throw new Error('Not authorized to create TypeName'); + async createTypeName(root, { input }, { TypeName }) { + const id = await TypeName.insert(input); + return TypeName.findOneById(id); }, - async updateTypeName(root, { id, input }, { TypeName, user }) { - const data = await TypeName.findOneById(id); - const authorized = await authorize('TypeName', TypeName, 'update', user, data); - if (authorized){ - console.log('authorized in resolver', JSON.stringify(authorized, null, 2)); - await TypeName.updateById(id, input); - return TypeName.findOneById(id); - } - throw new Error('Not authorized to update TypeName'); + async updateTypeName(root, { id, input }, { TypeName }) { + await TypeName.updateById(id, input); + return TypeName.findOneById(id); }, - async removeTypeName(root, { id }, { TypeName, user }) { - const data = await TypeName.findOneById(id); - const authorized = await authorize('TypeName', TypeName, 'delete', user, data); - if (authorized){ - return TypeName.removeById(authorized.id); - } - throw new Error('Not authorized to delete TypeName'); + removeTypeName(root, { id }, { TypeName }) { + return TypeName.removeById(id); }, }, Subscription: { diff --git a/generate/schema/index.js b/generate/schema/index.js index 1a8be11..2ef641d 100644 --- a/generate/schema/index.js +++ b/generate/schema/index.js @@ -15,15 +15,11 @@ import { /* eslint-disable no-param-reassign */ -export default function generateSchema(inputSchema, mode) { +export default function generateSchema(inputSchema) { // Check that the input looks like we expect -- a single ObjectType definition assert(inputSchema.kind === 'Document'); assert(inputSchema.definitions.length === 1); - let emailFieldIncluded = false; - let passwordFieldIncluded = false; - let roleFieldIncluded = false; - const outputSchema = cloneDeep(inputSchema); const type = outputSchema.definitions[0]; @@ -38,10 +34,6 @@ export default function generateSchema(inputSchema, mode) { applyCustomDirectives(field); }); - if (field.name === 'email') emailFieldIncluded = true; - if (field.name === 'password') passwordFieldIncluded = true; - if (field.name === 'role') roleFieldIncluded = true; - // XXX: Not sure if this the correct logic but it makes my tests pass // TODO: check for @unmodifiable let possibleInputType = field.type; @@ -52,19 +44,12 @@ export default function generateSchema(inputSchema, mode) { } if (possibleInputType.kind === 'NamedType') { - const isScalarField = includes( - SCALAR_TYPE_NAMES, - possibleInputType.name.value - ); + const isScalarField = includes(SCALAR_TYPE_NAMES, possibleInputType.name.value); let inputField; if (isScalarField || !!directivesByName.enum) { inputField = field; } else { - inputField = buildField( - `${field.name.value}Id`, - [], - `ObjID${inputTypeModifier}` - ); + inputField = buildField(`${field.name.value}Id`, [], `ObjID${inputTypeModifier}`); } createInputFields.push(inputField); @@ -76,94 +61,51 @@ export default function generateSchema(inputSchema, mode) { field.directives = []; }); - if (mode === 'add-user') { - if (!emailFieldIncluded) { - createInputFields.push(buildField('email', [], 'String!')); - updateInputFields.push(buildField('email', [], 'String')); - type.fields.push(buildField('email', [], 'String!')); - } - if (!passwordFieldIncluded) { - createInputFields.push(buildField('password', [], 'String!')); - updateInputFields.push(buildField('password', [], 'String')); - // no type field, as it won't be stored, is only for input/update - } - if (!roleFieldIncluded) { - createInputFields.push(buildField('role', [], 'String!')); - updateInputFields.push(buildField('role', [], 'String')); - type.fields.push(buildField('role', [], 'String!')); - } - } - type.fields.unshift(buildField('id', [], 'ObjID!')); type.fields.push(buildField('createdAt', [], 'Float!')); type.fields.push(buildField('updatedAt', [], 'Float!')); - const queryOneField = buildField( - typeName.toLowerCase(), - [idArgument()], - typeName - ); - const queryAllField = buildField( - `${typeName.toLowerCase()}s`, - [], - `[${typeName}!]` - ); + const queryOneField = buildField(typeName.toLowerCase(), [idArgument()], typeName); + const queryAllField = buildField(`${typeName.toLowerCase()}s`, [], `[${typeName}!]`); addPaginationArguments(queryAllField); outputSchema.definitions.push( - buildTypeExtension( - buildTypeDefinition('Query', [queryAllField, queryOneField]) - ) + buildTypeExtension(buildTypeDefinition('Query', [queryAllField, queryOneField])) ); const createInputTypeName = `Create${typeName}Input`; outputSchema.definitions.push( - buildTypeDefinition( - createInputTypeName, - createInputFields, - 'InputObjectTypeDefinition' - ) + buildTypeDefinition(createInputTypeName, createInputFields, 'InputObjectTypeDefinition') ); const updateInputTypeName = `Update${typeName}Input`; outputSchema.definitions.push( - buildTypeDefinition( - updateInputTypeName, - updateInputFields, - 'InputObjectTypeDefinition' - ) + buildTypeDefinition(updateInputTypeName, updateInputFields, 'InputObjectTypeDefinition') ); // Create update input type if readonly fields - outputSchema.definitions.push( - buildTypeExtension( - buildTypeDefinition('Mutation', [ - buildField( - `create${typeName}`, - [buildArgument('input', `${createInputTypeName}!`)], - typeName - ), - - buildField( - `update${typeName}`, - [idArgument(), buildArgument('input', `${updateInputTypeName}!`)], - typeName - ), - - buildField(`remove${typeName}`, [idArgument()], 'Boolean'), - ]) - ) - ); - - outputSchema.definitions.push( - buildTypeExtension( - buildTypeDefinition('Subscription', [ - buildField(`${typeName.toLowerCase()}Created`, [], typeName), - buildField(`${typeName.toLowerCase()}Updated`, [], typeName), - buildField(`${typeName.toLowerCase()}Removed`, [], 'ObjID'), - ]) - ) - ); + outputSchema.definitions.push(buildTypeExtension( + buildTypeDefinition('Mutation', [ + buildField(`create${typeName}`, [ + buildArgument('input', `${createInputTypeName}!`), + ], typeName), + + buildField(`update${typeName}`, [ + idArgument(), + buildArgument('input', `${updateInputTypeName}!`), + ], typeName), + + buildField(`remove${typeName}`, [idArgument()], 'Boolean'), + ]) + )); + + outputSchema.definitions.push(buildTypeExtension( + buildTypeDefinition('Subscription', [ + buildField(`${typeName.toLowerCase()}Created`, [], typeName), + buildField(`${typeName.toLowerCase()}Updated`, [], typeName), + buildField(`${typeName.toLowerCase()}Removed`, [], 'ObjID'), + ]) + )); return outputSchema; } diff --git a/package.json b/package.json index bbbcb7b..eea5dbe 100644 --- a/package.json +++ b/package.json @@ -18,8 +18,6 @@ "output-app-generation-test": "./test/output-app-generation-test.sh", "pretest-add-update-remove": "npm run build", "test-add-update-remove": "./test/test-add-update-remove.sh", - "pretest-authorization": "npm run build", - "test-authorization": "./test/test-authorization.sh", "clean": "rm -rf dist/*", "build": "npm run clean && babel bin --out-dir dist/bin && babel generate -D --out-dir dist/generate && cp -r skel dist", "prepublish": "npm run build" @@ -46,9 +44,7 @@ "node-fetch": "^1.6.3" }, "dependencies": { - "ast-types": "^0.9.11", "babylon": "^6.14.1", - "bcrypt": "^1.0.2", "chalk": "^1.1.3", "cpr": "^2.0.0", "denodeify": "^1.2.1", diff --git a/skel/authorization/index.js b/skel/authorization/index.js deleted file mode 100644 index 041d9f0..0000000 --- a/skel/authorization/index.js +++ /dev/null @@ -1,194 +0,0 @@ -const authorizations = {}; - -function isArray(anything) { - // for easier reading - if (Object.prototype.toString.call(anything) === '[object Array]') { - return true; - } - return false; -} - -function isObject(anything) { - // for easier reading - if (typeof anything === 'object') { - return true; - } - return false; -} - -function removeFields(doc, rmFields) { - // remove the fields from the document, which aren't allowed to query or mutate - const newDoc = Object.assign({}, doc); - if (rmFields && isArray(rmFields)) { - rmFields.forEach((field) => { - if (field && field !== '' && newDoc[field]) { - delete newDoc[field]; - } - }); - } - return newDoc; -} - -function getConfig(type) { - return authorizations[type] - ? authorizations[type] - : { - name: '', - field: { - ownerField: 'ownerId', - roleField: 'role', - }, - rules: [ - { - mode: 'create', - roles: ['owner'], - removeFields: [], - }, - { - mode: 'read', - roles: ['owner'], - removeFields: [], - }, - { - mode: 'update', - roles: ['owner', 'admin'], - removeFields: [], - }, - { - mode: 'delete', - roles: ['owner', 'admin'], - removeFields: [], - }, - ], - }; -} - -async function makeFirstUserAdmin(type, Type, mode, user, doc) { - const config = getConfig(type); - let newDoc = Object.assign({}, doc); - if (config.isUser && mode === 'create') { - let role = 'user'; - delete newDoc.role; - const countUser = await Type.collection.find().count(); - if (countUser === 0) { - role = config.firstUserRole || 'admin'; - } else { - role = config.defaultUserRole || 'user'; - } - const newRole = { [config.field.roleField]: role }; - newDoc = Object.assign({}, newDoc, newRole); - } - return newDoc; -} - -function isUserDocumentOwner(user, doc, fieldContainingOwner) { - // checks if the authenticated user is the owner of the document - if ( - user && - doc && - doc[fieldContainingOwner] && - user.id === doc[fieldContainingOwner] - ) { - return true; - } - return false; -} - -function hasUserRole(user, role, fieldContainingRole) { - // checks if the authenticated user has the necessary role to be authorized - if ( - user && - role && - user[fieldContainingRole] && - user[fieldContainingRole] === role - ) { - return true; - } - return false; -} - -async function check_rules(type, Type, mode, user, doc) { - // check all provided rules from the type, only if one leads to an authorization - // the document will be returned - const config = getConfig(type); - let authorized = false; - let newDoc = Object.assign({}, doc); - // check all rules, now... - config.rules.forEach((rule) => { - if (rule.mode === mode) { - // check only the rules for the current mode: e.g. create, read, update, delete - - rule.roles.forEach((role) => { - // check all roles, if one fires - - if (role === 'world') { - // everyone is authorized - // console.log('authorize rule:', mode, role, 'authorized'); - authorized = true; - // if some fields aren't allowed for the world, removing them here - newDoc = Object.assign({}, removeFields(doc, rule.removeFields)); - } - - if (role === 'owner') { - // only the owner of the document should be allowed - // we need to know, which field contains the owner id, see type input file for generator - if (isUserDocumentOwner(user, doc, config.field.ownerField)) { - // owner is authorized, - // console.log('authorize rule:', mode, role, 'authorized'); - authorized = true; - // if some fields aren't allowed for the owner, removing them here - newDoc = Object.assign({}, removeFields(doc, rule.removeFields)); - } - } - - if (hasUserRole(user, role, config.field.roleField)) { - // specific role is authorized: e.g. admin, user, etc. - // console.log('authorize rule:', mode, role, 'authorized'); - authorized = true; - // if some fields aren't allowed for this role, removing them here - newDoc = Object.assign({}, removeFields(doc, rule.removeFields)); - } - }); - } - }); - - if (authorized) { - if (config.isUser && mode === 'create') { - newDoc = Object.assign( - {}, - await makeFirstUserAdmin(type, Type, mode, user, newDoc) - ); - } - // at least one rule fired, so the authenticated user is allowed to work with the document - return newDoc; - } - - // user or role was NOT authorized, return null - return null; -} - -export default async function authorize(type, Type, mode, user, data) { - // main authorize function, which is called by all resolvers - if (isArray(data)) { - // if data is an array, check each document individually - const result = []; - data.forEach((doc) => { - return async () => { - const newDoc = await check_rules(type, Type, mode, user, doc); - if (newDoc) result.push(newDoc); - }; - }); - return result; - } else if (isObject(data)) { - // if data is an object, check it directly - const doc = data; - const newDoc = await check_rules(type, Type, mode, user, doc); - return newDoc; - } - // otherwise return nothing - /* console.error( - 'Error in authorize: authorization rules for type not available.' - ); - */ - return null; -} diff --git a/test/input-authorization/Post1.graphql b/test/input-authorization/Post1.graphql deleted file mode 100644 index 4af28a6..0000000 --- a/test/input-authorization/Post1.graphql +++ /dev/null @@ -1,5 +0,0 @@ -type Post1 -{ - post: String! - owner: User1 @belongsTo -} \ No newline at end of file diff --git a/test/input-authorization/Post2.graphql b/test/input-authorization/Post2.graphql deleted file mode 100644 index 7872935..0000000 --- a/test/input-authorization/Post2.graphql +++ /dev/null @@ -1,14 +0,0 @@ -type Post2 -@authorize( - create: ["owner"] - read: ["world"] - update: ["owner", "admin"] - delete: ["owner", "admin"] - ownerField: "ownerId" - roleField: "role" -) -{ - post: String! - comment: String - owner: User1 @belongsTo -} \ No newline at end of file diff --git a/test/input-authorization/User1.graphql b/test/input-authorization/User1.graphql deleted file mode 100644 index 2c40ea6..0000000 --- a/test/input-authorization/User1.graphql +++ /dev/null @@ -1,3 +0,0 @@ -type User1 { - name: String -} \ No newline at end of file diff --git a/test/input-authorization/User2.graphql b/test/input-authorization/User2.graphql deleted file mode 100644 index faccbd3..0000000 --- a/test/input-authorization/User2.graphql +++ /dev/null @@ -1,13 +0,0 @@ -type User2 -@authorize( - create: ["owner"] - read: ["world"] - update: ["owner", "admin"] - delete: ["owner", "admin"] - ownerField: "ownerId" - roleField: "role" -) -{ - name: String - bio: String -} \ No newline at end of file diff --git a/test/test-authorization.sh b/test/test-authorization.sh deleted file mode 100755 index 5893f07..0000000 --- a/test/test-authorization.sh +++ /dev/null @@ -1,228 +0,0 @@ -#!/bin/bash -pushd "$(dirname $0)/.." > /dev/null -PACKAGE_DIR=`pwd` -popd > /dev/null - -CGS="$PACKAGE_DIR/dist/bin/create-graphql-server.js" -INPUT_DIR="$PACKAGE_DIR/test/input-authorization" -chmod +x $CGS - -set -e - -MD5HASH="" -TMPDIR1=`mktemp -d 2>/dev/null || mktemp -d -t 'cgs-test-authorization'` - -chmod -R 777 $TMPDIR1 - -function finish { - rm -rf $TMPDIR1 - echo - echo - echo "Test failed" -} -trap finish EXIT - -function exists { - if [ -f $1 ] ; then - return 0 - else - echo "Error: File is missing: " $1 - return 1 - fi -} - -function ifDirExistsRemove { - if [ -d $1 ] ; then - rm -rf $1 - fi -} - -function hasRef { - if [ -f $1 ] ; then - if [ `grep -o $2 $1 | wc -l` -eq $3 ] ; then - return 0 - else - echo "Error: File" $1 "contains" `grep -o $2 $1 | wc -l` "times the string '"$2"'. Expected are" $3 "times." - return 1 - fi - else - echo "Error: File is missing: " $1 - return 1 - fi -} - -function getMD5 { - # Detect Operating system - OS=$(uname) - MD5HASH="" - case "$OS" in - "Darwin") - { - MD5HASH=$(md5 -q $1) - } ;; - "Linux") - { - MD5HASH=($(md5sum $1)) - } ;; - *) - { - echo "Test failed. Unsopported OS" - exit - } ;; - esac - echo "$MD5HASH" -} - -function openDevEnv { - OS=$(uname) - MD5HASH="" - case "$OS" in - "Darwin") - { - PWD=$(pwd) - open $PWD - # open -a iTerm $PWD - subl . & - yarn install && yarn start - } ;; - esac -} - -# Prepare directory -echo 'cd $TMPDIR1' -cd $TMPDIR1 -ifDirExistsRemove output-app-start - -echo 'JWT_KEY=test-key $CGS init output-app-start' -JWT_KEY='test-key' $CGS init output-app-start - -echo 'cd output-app-start' -cd output-app-start - -echo '$CGS add-user "$INPUT_DIR/User1.graphql"' -$CGS add-user "$INPUT_DIR/User1.graphql" - -echo '$CGS add-user "$INPUT_DIR/User2.graphql"' -$CGS add-user "$INPUT_DIR/User2.graphql" - -echo '$CGS add-type "$INPUT_DIR/Post1.graphql"' -$CGS add-type "$INPUT_DIR/Post1.graphql" - -echo '$CGS add-type "$INPUT_DIR/Post2.graphql"' -$CGS add-type "$INPUT_DIR/Post2.graphql" - -# TEST1: Testing of 4 add-types -# it (should be pattern User1, User2, Post1, Post2 in model/index.js) -# it (should be pattern User1, User2, Post1, Post2 in resolvers/index.js) -# it (should be pattern User1, User2, Post1, Post2 in schema/index.js) -# it (should be pattern User1, User2, Post1, Post2 in authorization/index.js) -# it (should be a model/User1.js, resolver/User1.js, schema/User1.graphql, authorization/User1.js) -# it (should be a model/User2.js, resolver/User2.js, schema/User2.graphql, authorization/User2.js) -# it (should be a model/Post1.js, resolver/Post1.js, schema/Post1.graphql, authorization/Post1.js) -# it (should be a model/Post2.js, resolver/Post2.js, schema/Post2.graphql, authorization/Post2.js) -# testing files for existence: - -if exists "./model/User1.js" && - exists "./model/User2.js" && - exists "./model/Post1.js" && - exists "./model/Post2.js" && - - exists "./resolvers/User1.js" && - exists "./resolvers/User2.js" && - exists "./resolvers/Post1.js" && - exists "./resolvers/Post2.js" && - - exists "./schema/User1.graphql" && - exists "./schema/User2.graphql" && - exists "./schema/Post1.graphql" && - exists "./schema/Post2.graphql" && - - exists "./authorization/User1.js" && - exists "./authorization/User2.js" && - exists "./authorization/Post1.js" && - exists "./authorization/Post2.js" && - - hasRef "./model/index.js" "User1" 4 && - hasRef "./model/index.js" "User2" 4 && - hasRef "./model/index.js" "Post1" 4 && - hasRef "./model/index.js" "Post2" 4 && - - hasRef "./resolvers/index.js" "user1Resolvers" 2 && - hasRef "./resolvers/index.js" "user2Resolvers" 2 && - hasRef "./resolvers/index.js" "post1Resolvers" 2 && - hasRef "./resolvers/index.js" "post2Resolvers" 2 && - - hasRef "./schema/index.js" "./User1.graphql" 1 && - hasRef "./schema/index.js" "./User2.graphql" 1 && - hasRef "./schema/index.js" "./Post1.graphql" 1 && - hasRef "./schema/index.js" "./Post2.graphql" 1 && - - hasRef "./authorization/User1.js" "isUser" 1 && - hasRef "./authorization/User1.js" "defaultUserRole" 1 && - hasRef "./authorization/User1.js" "firstUserRole" 1 && - hasRef "./authorization/User1.js" "adminUserRole" 1 && - hasRef "./authorization/User1.js" "ownerField" 1 && - hasRef "./authorization/User1.js" "roleField" 1 && - hasRef "./authorization/User1.js" "create" 1 && - hasRef "./authorization/User1.js" "read" 1 && - hasRef "./authorization/User1.js" "update" 2 && - hasRef "./authorization/User1.js" "delete" 1 && - - hasRef "./authorization/User2.js" "isUser" 1 && - hasRef "./authorization/User2.js" "defaultUserRole" 1 && - hasRef "./authorization/User2.js" "firstUserRole" 1 && - hasRef "./authorization/User2.js" "adminUserRole" 1 && - hasRef "./authorization/User2.js" "ownerField" 1 && - hasRef "./authorization/User2.js" "roleField" 1 && - hasRef "./authorization/User2.js" "create" 1 && - hasRef "./authorization/User2.js" "read" 1 && - hasRef "./authorization/User2.js" "update" 1 && - hasRef "./authorization/User2.js" "delete" 1 && - - hasRef "./authorization/Post2.js" "ownerField" 1 && - hasRef "./authorization/Post2.js" "roleField" 1 && - hasRef "./authorization/Post2.js" "create" 1 && - hasRef "./authorization/Post2.js" "read" 1 && - hasRef "./authorization/Post2.js" "update" 1 && - hasRef "./authorization/Post2.js" "delete" 1 && - - hasRef "./authorization/Post2.js" "ownerField" 1 && - hasRef "./authorization/Post2.js" "roleField" 1 && - hasRef "./authorization/Post2.js" "create" 1 && - hasRef "./authorization/Post2.js" "read" 1 && - hasRef "./authorization/Post2.js" "update" 1 && - hasRef "./authorization/Post2.js" "delete" 1 && - - hasRef "./schema/User1.graphql" "name" 3 && - hasRef "./schema/User1.graphql" "email" 3 && - hasRef "./schema/User1.graphql" "password" 2 && - hasRef "./schema/User1.graphql" "role:" 3 && - - hasRef "./schema/User2.graphql" "name" 3 && - hasRef "./schema/User2.graphql" "email" 3 && - hasRef "./schema/User2.graphql" "password" 2 && - hasRef "./schema/User2.graphql" "role:" 3 && - - hasRef "./schema/Post1.graphql" "post:" 3 && - hasRef "./schema/Post1.graphql" "owner:" 1 && - hasRef "./schema/Post1.graphql" "ownerId:" 2 && - - hasRef "./schema/Post2.graphql" "post:" 3 && - hasRef "./schema/Post2.graphql" "owner:" 1 && - hasRef "./schema/Post2.graphql" "ownerId:" 2 && - - hasRef "./authorization/index.js" "User1" 4 && - hasRef "./authorization/index.js" "User2" 4 && - hasRef "./authorization/index.js" "Post1" 4 && - hasRef "./authorization/index.js" "Post2" 4 ; then - echo "Test Passed Test1: 4 add-types" - openDevEnv -else - echo "Test Failed Test1: 4 add-types" -fi - -set +e -trap - EXIT -echo " " -echo "ALL TESTS PASSED" -echo " " \ No newline at end of file diff --git a/yarn.lock b/yarn.lock index 6161d8c..45f42dc 100644 --- a/yarn.lock +++ b/yarn.lock @@ -31,13 +31,6 @@ ajv@^4.7.0: co "^4.6.0" json-stable-stringify "^1.0.1" -ajv@^4.9.1: - version "4.11.8" - resolved "https://registry.yarnpkg.com/ajv/-/ajv-4.11.8.tgz#82ffb02b29e662ae53bdc20af15947706739c536" - dependencies: - co "^4.6.0" - json-stable-stringify "^1.0.1" - ansi-escapes@^1.1.0: version "1.4.0" resolved "https://registry.yarnpkg.com/ansi-escapes/-/ansi-escapes-1.4.0.tgz#d3a8a83b319aa67793662b13e761c7911422306e" @@ -126,10 +119,6 @@ ast-types@0.9.2: version "0.9.2" resolved "https://registry.yarnpkg.com/ast-types/-/ast-types-0.9.2.tgz#2cc19979d15c655108bf565323b8e7ee38751f6b" -ast-types@^0.9.11: - version "0.9.11" - resolved "https://registry.yarnpkg.com/ast-types/-/ast-types-0.9.11.tgz#371177bb59232ff5ceaa1d09ee5cad705b1a5aa9" - async-each@^1.0.0: version "1.0.1" resolved "https://registry.yarnpkg.com/async-each/-/async-each-1.0.1.tgz#19d386a1d9edc6e7c1c85d388aedbcc56d33602d" @@ -180,14 +169,6 @@ babel-code-frame@^6.16.0: esutils "^2.0.2" js-tokens "^2.0.0" -babel-code-frame@^6.22.0: - version "6.22.0" - resolved "https://registry.yarnpkg.com/babel-code-frame/-/babel-code-frame-6.22.0.tgz#027620bee567a88c32561574e7fd0801d33118e4" - dependencies: - chalk "^1.1.0" - esutils "^2.0.2" - js-tokens "^3.0.0" - babel-core@6.17.0, babel-core@^6.16.0: version "6.17.0" resolved "https://registry.yarnpkg.com/babel-core/-/babel-core-6.17.0.tgz#6c4576447df479e241e58c807e4bc7da4db7f425" @@ -214,14 +195,14 @@ babel-core@6.17.0, babel-core@^6.16.0: slash "^1.0.0" source-map "^0.5.0" -babel-eslint@^7.0.0: - version "7.2.3" - resolved "https://registry.yarnpkg.com/babel-eslint/-/babel-eslint-7.2.3.tgz#b2fe2d80126470f5c19442dc757253a897710827" +babel-eslint@7.0.0: + version "7.0.0" + resolved "https://registry.yarnpkg.com/babel-eslint/-/babel-eslint-7.0.0.tgz#54e51b4033f54ac81326ecea4c646a779935196d" dependencies: - babel-code-frame "^6.22.0" - babel-traverse "^6.23.1" - babel-types "^6.23.0" - babylon "^6.17.0" + babel-traverse "^6.15.0" + babel-types "^6.15.0" + babylon "^6.11.2" + lodash.pickby "^4.6.0" babel-generator@^6.17.0: version "6.18.0" @@ -362,12 +343,6 @@ babel-helpers@^6.16.0: babel-runtime "^6.0.0" babel-template "^6.16.0" -babel-messages@^6.23.0: - version "6.23.0" - resolved "https://registry.yarnpkg.com/babel-messages/-/babel-messages-6.23.0.tgz#f3cdf4703858035b2a2951c6ec5edf6c62f2630e" - dependencies: - babel-runtime "^6.22.0" - babel-messages@^6.8.0: version "6.8.0" resolved "https://registry.yarnpkg.com/babel-messages/-/babel-messages-6.8.0.tgz#bf504736ca967e6d65ef0adb5a2a5f947c8e0eb9" @@ -772,13 +747,6 @@ babel-runtime@^6.0.0, babel-runtime@^6.11.6, babel-runtime@^6.9.0, babel-runtime core-js "^2.4.0" regenerator-runtime "^0.9.5" -babel-runtime@^6.22.0: - version "6.23.0" - resolved "https://registry.yarnpkg.com/babel-runtime/-/babel-runtime-6.23.0.tgz#0a9489f144de70efb3ce4300accdb329e2fc543b" - dependencies: - core-js "^2.4.0" - regenerator-runtime "^0.10.0" - babel-template@^6.14.0, babel-template@^6.15.0, babel-template@^6.16.0, babel-template@^6.8.0: version "6.16.0" resolved "https://registry.yarnpkg.com/babel-template/-/babel-template-6.16.0.tgz#e149dd1a9f03a35f817ddbc4d0481988e7ebc8ca" @@ -789,7 +757,7 @@ babel-template@^6.14.0, babel-template@^6.15.0, babel-template@^6.16.0, babel-te babylon "^6.11.0" lodash "^4.2.0" -babel-traverse@^6.16.0: +babel-traverse@^6.15.0, babel-traverse@^6.16.0, babel-traverse@^6.18.0: version "6.18.0" resolved "https://registry.yarnpkg.com/babel-traverse/-/babel-traverse-6.18.0.tgz#5aeaa980baed2a07c8c47329cd90c3b90c80f05e" dependencies: @@ -803,30 +771,7 @@ babel-traverse@^6.16.0: invariant "^2.2.0" lodash "^4.2.0" -babel-traverse@^6.18.0, babel-traverse@^6.23.1: - version "6.24.1" - resolved "https://registry.yarnpkg.com/babel-traverse/-/babel-traverse-6.24.1.tgz#ab36673fd356f9a0948659e7b338d5feadb31695" - dependencies: - babel-code-frame "^6.22.0" - babel-messages "^6.23.0" - babel-runtime "^6.22.0" - babel-types "^6.24.1" - babylon "^6.15.0" - debug "^2.2.0" - globals "^9.0.0" - invariant "^2.2.0" - lodash "^4.2.0" - -babel-types@^6.13.0, babel-types@^6.18.0, babel-types@^6.23.0, babel-types@^6.24.1, babel-types@^6.8.0, babel-types@^6.9.0: - version "6.24.1" - resolved "https://registry.yarnpkg.com/babel-types/-/babel-types-6.24.1.tgz#a136879dc15b3606bda0d90c1fc74304c2ff0975" - dependencies: - babel-runtime "^6.22.0" - esutils "^2.0.2" - lodash "^4.2.0" - to-fast-properties "^1.0.1" - -babel-types@^6.16.0: +babel-types@^6.13.0, babel-types@^6.15.0, babel-types@^6.16.0, babel-types@^6.18.0, babel-types@^6.8.0, babel-types@^6.9.0: version "6.18.0" resolved "https://registry.yarnpkg.com/babel-types/-/babel-types-6.18.0.tgz#1f7d5a73474c59eb9151b2417bbff4e4fce7c3f8" dependencies: @@ -835,14 +780,10 @@ babel-types@^6.16.0: lodash "^4.2.0" to-fast-properties "^1.0.1" -babylon, babylon@^6.11.0: +babylon, babylon@^6.11.0, babylon@^6.11.2: version "6.14.1" resolved "https://registry.yarnpkg.com/babylon/-/babylon-6.14.1.tgz#956275fab72753ad9b3435d7afe58f8bf0a29815" -babylon@^6.15.0, babylon@^6.17.0: - version "6.17.0" - resolved "https://registry.yarnpkg.com/babylon/-/babylon-6.17.0.tgz#37da948878488b9c4e3c4038893fa3314b3fc932" - balanced-match@^0.4.1: version "0.4.2" resolved "https://registry.yarnpkg.com/balanced-match/-/balanced-match-0.4.2.tgz#cb3f3e3c732dc0f01ee70b403f302e61d7709838" @@ -853,14 +794,6 @@ bcrypt-pbkdf@^1.0.0: dependencies: tweetnacl "^0.14.3" -bcrypt@^1.0.2: - version "1.0.2" - resolved "https://registry.yarnpkg.com/bcrypt/-/bcrypt-1.0.2.tgz#d05fc5d223173e0e28ec381c0f00cc25ffaf2736" - dependencies: - bindings "1.2.1" - nan "2.5.0" - node-pre-gyp "0.6.32" - bin-version-check@^2.1.0: version "2.1.0" resolved "https://registry.yarnpkg.com/bin-version-check/-/bin-version-check-2.1.0.tgz#e4e5df290b9069f7d111324031efc13fdd11a5b0" @@ -880,10 +813,6 @@ binary-extensions@^1.0.0: version "1.7.0" resolved "https://registry.yarnpkg.com/binary-extensions/-/binary-extensions-1.7.0.tgz#6c1610db163abfb34edfe42fa423343a1e01185d" -bindings@1.2.1: - version "1.2.1" - resolved "https://registry.yarnpkg.com/bindings/-/bindings-1.2.1.tgz#14ad6113812d2d37d72e67b4cacb4bb726505f11" - block-stream@*: version "0.0.9" resolved "https://registry.yarnpkg.com/block-stream/-/block-stream-0.0.9.tgz#13ebfe778a03205cfe03751481ebb4b3300c126a" @@ -948,10 +877,6 @@ caseless@~0.11.0: version "0.11.0" resolved "https://registry.yarnpkg.com/caseless/-/caseless-0.11.0.tgz#715b96ea9841593cc33067923f5ec60ebda4f7d7" -caseless@~0.12.0: - version "0.12.0" - resolved "https://registry.yarnpkg.com/caseless/-/caseless-0.12.0.tgz#1b681c21ff84033c826543090689420d187151dc" - chai: version "3.5.0" resolved "https://registry.yarnpkg.com/chai/-/chai-3.5.0.tgz#4d02637b067fe958bdbfdd3a40ec56fef7373247" @@ -1573,19 +1498,6 @@ gauge@~2.6.0: strip-ansi "^3.0.1" wide-align "^1.1.0" -gauge@~2.7.3: - version "2.7.4" - resolved "https://registry.yarnpkg.com/gauge/-/gauge-2.7.4.tgz#2c03405c7538c39d7eb37b317022e325fb018bf7" - dependencies: - aproba "^1.0.3" - console-control-strings "^1.0.0" - has-unicode "^2.0.0" - object-assign "^4.1.0" - signal-exit "^3.0.0" - string-width "^1.0.1" - strip-ansi "^3.0.1" - wide-align "^1.1.0" - generate-function@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/generate-function/-/generate-function-2.0.0.tgz#6858fe7c0969b7d4e9093337647ac79f60dfbe74" @@ -1684,10 +1596,6 @@ growl@1.9.2: version "1.9.2" resolved "https://registry.yarnpkg.com/growl/-/growl-1.9.2.tgz#0ea7743715db8d8de2c5ede1775e1b45ac85c02f" -har-schema@^1.0.5: - version "1.0.5" - resolved "https://registry.yarnpkg.com/har-schema/-/har-schema-1.0.5.tgz#d263135f43307c02c602afc8fe95970c0151369e" - har-validator@~2.0.6: version "2.0.6" resolved "https://registry.yarnpkg.com/har-validator/-/har-validator-2.0.6.tgz#cdcbc08188265ad119b6a5a7c8ab70eecfb5d27d" @@ -1697,13 +1605,6 @@ har-validator@~2.0.6: is-my-json-valid "^2.12.4" pinkie-promise "^2.0.0" -har-validator@~4.2.1: - version "4.2.1" - resolved "https://registry.yarnpkg.com/har-validator/-/har-validator-4.2.1.tgz#33481d0f1bbff600dd203d75812a6a5fba002e2a" - dependencies: - ajv "^4.9.1" - har-schema "^1.0.5" - has-ansi@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/has-ansi/-/has-ansi-2.0.0.tgz#34f5049ce1ecdf2b0649af3ef24e45ed35416d91" @@ -1966,10 +1867,6 @@ js-tokens@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/js-tokens/-/js-tokens-2.0.0.tgz#79903f5563ee778cc1162e6dcf1a0027c97f9cb5" -js-tokens@^3.0.0: - version "3.0.1" - resolved "https://registry.yarnpkg.com/js-tokens/-/js-tokens-3.0.1.tgz#08e9f132484a2c45a30907e9dc4d5567b7f114d7" - js-yaml@^3.5.1: version "3.7.0" resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-3.7.0.tgz#5c967ddd837a9bfdca5f2de84253abe8a1c03b80" @@ -2132,6 +2029,10 @@ lodash.merge@^4.6.0: version "4.6.0" resolved "https://registry.yarnpkg.com/lodash.merge/-/lodash.merge-4.6.0.tgz#69884ba144ac33fe699737a6086deffadd0f89c5" +lodash.pickby@^4.6.0: + version "4.6.0" + resolved "https://registry.yarnpkg.com/lodash.pickby/-/lodash.pickby-4.6.0.tgz#7dea21d8c18d7703a27c704c15d3b84a67e33aff" + lodash@^4.0.0, lodash@^4.2.0, lodash@^4.3.0: version "4.16.6" resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.16.6.tgz#d22c9ac660288f3843e16ba7d2b5d06cca27d777" @@ -2258,10 +2159,6 @@ mute-stream@0.0.5: version "0.0.5" resolved "https://registry.yarnpkg.com/mute-stream/-/mute-stream-0.0.5.tgz#8fbfabb0a98a253d3184331f9e8deb7372fac6c0" -nan@2.5.0: - version "2.5.0" - resolved "https://registry.yarnpkg.com/nan/-/nan-2.5.0.tgz#aa8f1e34531d807e9e27755b234b4a6ec0c152a8" - nan@^2.3.0: version "2.4.0" resolved "https://registry.yarnpkg.com/nan/-/nan-2.4.0.tgz#fb3c59d45fe4effe215f0b890f8adf6eb32d2232" @@ -2277,20 +2174,6 @@ node-fetch: encoding "^0.1.11" is-stream "^1.0.1" -node-pre-gyp@0.6.32: - version "0.6.32" - resolved "https://registry.yarnpkg.com/node-pre-gyp/-/node-pre-gyp-0.6.32.tgz#fc452b376e7319b3d255f5f34853ef6fd8fe1fd5" - dependencies: - mkdirp "~0.5.1" - nopt "~3.0.6" - npmlog "^4.0.1" - rc "~1.1.6" - request "^2.79.0" - rimraf "~2.5.4" - semver "~5.3.0" - tar "~2.2.1" - tar-pack "~3.3.0" - node-pre-gyp@^0.6.29: version "0.6.31" resolved "https://registry.yarnpkg.com/node-pre-gyp/-/node-pre-gyp-0.6.31.tgz#d8a00ddaa301a940615dbcc8caad4024d58f6017" @@ -2337,15 +2220,6 @@ npmlog@^4.0.0: gauge "~2.6.0" set-blocking "~2.0.0" -npmlog@^4.0.1: - version "4.1.0" - resolved "https://registry.yarnpkg.com/npmlog/-/npmlog-4.1.0.tgz#dc59bee85f64f00ed424efb2af0783df25d1c0b5" - dependencies: - are-we-there-yet "~1.1.2" - console-control-strings "~1.1.0" - gauge "~2.7.3" - set-blocking "~2.0.0" - number-is-nan@^1.0.0: version "1.0.1" resolved "https://registry.yarnpkg.com/number-is-nan/-/number-is-nan-1.0.1.tgz#097b602b53422a522c1afb8790318336941a011d" @@ -2449,10 +2323,6 @@ path-type@^1.0.0: pify "^2.0.0" pinkie-promise "^2.0.0" -performance-now@^0.2.0: - version "0.2.0" - resolved "https://registry.yarnpkg.com/performance-now/-/performance-now-0.2.0.tgz#33ef30c5c77d4ea21c5a53869d91b56d8f2555e5" - pify@^2.0.0: version "2.3.0" resolved "https://registry.yarnpkg.com/pify/-/pify-2.3.0.tgz#ed141a6ac043a849ea588498e7dca8b15330e90c" @@ -2511,10 +2381,6 @@ qs@~6.3.0: version "6.3.0" resolved "https://registry.yarnpkg.com/qs/-/qs-6.3.0.tgz#f403b264f23bc01228c74131b407f18d5ea5d442" -qs@~6.4.0: - version "6.4.0" - resolved "https://registry.yarnpkg.com/qs/-/qs-6.4.0.tgz#13e26d28ad6b0ffaa91312cd3bf708ed351e7233" - randomatic@^1.1.3: version "1.1.5" resolved "https://registry.yarnpkg.com/randomatic/-/randomatic-1.1.5.tgz#5e9ef5f2d573c67bd2b8124ae90b5156e457840b" @@ -2606,10 +2472,6 @@ regenerate@^1.2.1: version "1.3.2" resolved "https://registry.yarnpkg.com/regenerate/-/regenerate-1.3.2.tgz#d1941c67bad437e1be76433add5b385f95b19260" -regenerator-runtime@^0.10.0: - version "0.10.5" - resolved "https://registry.yarnpkg.com/regenerator-runtime/-/regenerator-runtime-0.10.5.tgz#336c3efc1220adcedda2c9fab67b5a7955a33658" - regenerator-runtime@^0.9.5: version "0.9.6" resolved "https://registry.yarnpkg.com/regenerator-runtime/-/regenerator-runtime-0.9.6.tgz#d33eb95d0d2001a4be39659707c51b0cb71ce029" @@ -2678,33 +2540,6 @@ request@^2.65.0, request@^2.75.0: tough-cookie "~2.3.0" tunnel-agent "~0.4.1" -request@^2.79.0: - version "2.81.0" - resolved "https://registry.yarnpkg.com/request/-/request-2.81.0.tgz#c6928946a0e06c5f8d6f8a9333469ffda46298a0" - dependencies: - aws-sign2 "~0.6.0" - aws4 "^1.2.1" - caseless "~0.12.0" - combined-stream "~1.0.5" - extend "~3.0.0" - forever-agent "~0.6.1" - form-data "~2.1.1" - har-validator "~4.2.1" - hawk "~3.1.3" - http-signature "~1.1.0" - is-typedarray "~1.0.0" - isstream "~0.1.2" - json-stringify-safe "~5.0.1" - mime-types "~2.1.7" - oauth-sign "~0.8.1" - performance-now "^0.2.0" - qs "~6.4.0" - safe-buffer "^5.0.1" - stringstream "~0.0.4" - tough-cookie "~2.3.0" - tunnel-agent "^0.6.0" - uuid "^3.0.0" - require-uncached@^1.0.2: version "1.0.3" resolved "https://registry.yarnpkg.com/require-uncached/-/require-uncached-1.0.3.tgz#4e0d56d6c9662fd31e43011c4b95aa49955421d3" @@ -2743,10 +2578,6 @@ rx-lite@^3.1.2: version "3.1.2" resolved "https://registry.yarnpkg.com/rx-lite/-/rx-lite-3.1.2.tgz#19ce502ca572665f3b647b10939f97fd1615f102" -safe-buffer@^5.0.1: - version "5.0.1" - resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.0.1.tgz#d263ca54696cd8a306b5ca6551e92de57918fbe7" - semver-regex@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/semver-regex/-/semver-regex-1.0.0.tgz#92a4969065f9c70c694753d55248fc68f8f652c9" @@ -2959,12 +2790,6 @@ tryit@^1.0.1: version "1.0.3" resolved "https://registry.yarnpkg.com/tryit/-/tryit-1.0.3.tgz#393be730a9446fd1ead6da59a014308f36c289cb" -tunnel-agent@^0.6.0: - version "0.6.0" - resolved "https://registry.yarnpkg.com/tunnel-agent/-/tunnel-agent-0.6.0.tgz#27a5dea06b36b04a0a9966774b290868f0fc40fd" - dependencies: - safe-buffer "^5.0.1" - tunnel-agent@~0.4.1: version "0.4.3" resolved "https://registry.yarnpkg.com/tunnel-agent/-/tunnel-agent-0.4.3.tgz#6373db76909fe570e08d73583365ed828a74eeeb" @@ -3009,10 +2834,6 @@ util-deprecate@~1.0.1: version "1.0.2" resolved "https://registry.yarnpkg.com/util-deprecate/-/util-deprecate-1.0.2.tgz#450d4dc9fa70de732762fbd2d4a28981419a0ccf" -uuid@^3.0.0: - version "3.0.1" - resolved "https://registry.yarnpkg.com/uuid/-/uuid-3.0.1.tgz#6544bba2dfda8c1cf17e629a3a305e2bb1fee6c1" - v8flags@^2.0.10: version "2.0.11" resolved "https://registry.yarnpkg.com/v8flags/-/v8flags-2.0.11.tgz#bca8f30f0d6d60612cc2c00641e6962d42ae6881" From dc4d1b38a89eabc3a5427d5701b5f729814a05dd Mon Sep 17 00:00:00 2001 From: tobkle Date: Sun, 13 Aug 2017 23:30:57 +0200 Subject: [PATCH 26/69] PR adjustments + npm package --- .gitignore | 1 + README.md | 102 +- npm-debug.log | 51 + package.json | 4 + test/output-app/.gitignore | 2 +- test/output-app/README.md | 590 +++-- test/output-app/index.js | 3 +- test/output-app/model/Tweet.js | 22 +- test/output-app/model/User.js | 4 +- test/output-app/package.json | 5 +- test/output-app/server/authenticate.js | 2 +- test/output-app/server/authorize.js | 164 -- test/output-app/server/index.js | 10 +- test/output-app/server/logger.js | 65 - .../server/logs/all-logs-readable.log | 2142 ----------------- test/output-app/yarn.lock | 53 +- yarn.lock | 163 +- 17 files changed, 734 insertions(+), 2649 deletions(-) create mode 100644 npm-debug.log delete mode 100644 test/output-app/server/authorize.js delete mode 100644 test/output-app/server/logger.js delete mode 100644 test/output-app/server/logs/all-logs-readable.log diff --git a/.gitignore b/.gitignore index 4e43788..d3b3fa9 100644 --- a/.gitignore +++ b/.gitignore @@ -6,3 +6,4 @@ dev.sqlite3 db ./output dist +log/all-logs-readable.log diff --git a/README.md b/README.md index a6002d8..7f8ccde 100644 --- a/README.md +++ b/README.md @@ -151,7 +151,107 @@ class User { } ``` -### Client side code +## Authorization + +create-graphql-server can also handle authorizations. There are two ways to control authorizations: +* Authorization by User-Roles +* Authorization by Document-Roles + +**User-Roles** are stored in the User type. They group a number of users together, having all the same authorizations, defined with their role they play. Use it to define a user as a "super-administrator", "administrator", "publisher", "editor" or a "default-user". You are free to define your own names and numbers of User-Roles. + +**Document-Roles** are stored in document fields which are referencing a User._id. They are there, to define fine grained authorizations for individual documents based on single user level. Use it to define an "owner", "creator", author" or "coauthor" of a document. Define the authorization they are allowed to do with this specific document. Here, the userId will be stored in the corresponding document field instead. If a user wants the specific authorization, it is tested, if this userId is stored in the document, if so, he gains access, if not, it is not allowed. + +You can combine both models to define your authorization logic. + +Add authorization logic by using a simple @authorize directive within your type definition. Use the following syntax: +```javascript +type ... +@authorize( + : [] + : [] + : [] +) +... +: String @authRole("") // User-Role: Stores the Role name in the User type +: User @authRole("") // Document-Role: Stores Single UserId +: [User] @authRole("") // Document-Role: Stores Multiple UserIds +... +``` + +A \ can be any name, you want to use for, to describe the authorizations of a group of users. A user can be assigned this \ in a user type of any \. You have to mark the relevant field name with the directive @authRole("\"). + +A list of authorizations can be: +* create: role is authorized to create a record of this type. +* read: role is authorized to readOne and readMany of this type. + * readOne: role is authorized to only readOne of this type. + * readMany: role is authorized to readMany of this type. +* update: role is authorized to update a record of this type. +* delete: role is authorized to delete a record of this type. + +You can add any number of roles within a @authorize directive. + +There is one pre-defined User-Role called "world". The world role includes all users, signed-in and not signed-in anonymous users. Use this role to define an authorization-list valid for all users. + +#### Example on type User +```javascript +type User + +@authorize( + admin: ["create", "read", "update", "delete"] // User-Role + this: ["read", "update", "delete"] // Document-Role +) + +{ + role: String @authRole("admin") + username: String! + + bio: String + notify: Boolean + + tweets(minLikes: Int): [Tweet!] @hasMany(as: "author") + liked: [Tweet!] @belongsToMany + + following: [User!] @belongsToMany + followers: [User!] @hasAndBelongsToMany(as: "following") +} +``` + +#### Example on type Tweet + +```javascript +type Tweet + +@authorize( + admin: ["create", "read", "update", "delete"], // User-Role + world: ["read"] // User-Role + author: ["create", "read", "update", "delete"], // Document-Role + coauthors: ["read", "update"], // Document-Role +) + +{ + author: User! @unmodifiable @belongsTo @authRole("author") + coauthors: [User] @belongsTo @authRole("coauthors") + body: String! + + likers: [User!] @hasAndBelongsToMany(as: "liked") +} +``` + +If you add these types with the create-graphql-server command-line-interface: +```bash +create-graphql-server add-type path/to/input.graphql +``` + +It will add automatically the authorization code in the model/\.js files. Have a look into the generated code or in the test application: "test/output-app/model/User.js". + +You can manually change the code to protect also single fields of a type. Do it by the usage of this function: +```javascript +// userRole secretField document +docToInsert = protectFields(me, ['admin'], ['role'], docToInsert, { User: this.context.User }); +``` +By this, only a User (me) with role "admin" is allowed to access the field "docToInsert.role". For any other user, this field is removed from the docToInsert during the protectFields run. + +## Client side code To create users, simply call your generated `createUser` mutation (you may want to add authorization to the resolver, feel free to modify it). diff --git a/npm-debug.log b/npm-debug.log new file mode 100644 index 0000000..117132f --- /dev/null +++ b/npm-debug.log @@ -0,0 +1,51 @@ +0 info it worked if it ends with ok +1 verbose cli [ '/usr/local/bin/node', +1 verbose cli '/usr/local/bin/npm', +1 verbose cli 'run', +1 verbose cli 'testonly', +1 verbose cli '--', +1 verbose cli './test/output-app-end-to-end' ] +2 info using npm@3.10.8 +3 info using node@v7.0.0 +4 verbose run-script [ 'pretestonly', 'testonly', 'posttestonly' ] +5 info lifecycle create-graphql-server@0.5.3~pretestonly: create-graphql-server@0.5.3 +6 silly lifecycle create-graphql-server@0.5.3~pretestonly: no script for pretestonly, continuing +7 info lifecycle create-graphql-server@0.5.3~testonly: create-graphql-server@0.5.3 +8 verbose lifecycle create-graphql-server@0.5.3~testonly: unsafe-perm in lifecycle true +9 verbose lifecycle create-graphql-server@0.5.3~testonly: PATH: /usr/local/lib/node_modules/npm/bin/node-gyp-bin:/Users/Toby/MICRO/create-graphql-server-3/node_modules/.bin:/Users/Toby/MICRO/create-graphql-server-3/node_modules/.bin:/Users/Toby/.config/yarn/link/node_modules/.bin:/Users/Toby/MICRO/create-graphql-server-3/node_modules/.bin:/Users/Toby/.config/yarn/link/node_modules/.bin:/usr/local/Cellar/yarn/0.17.10/libexec/lib/node_modules/yarn/bin/node-gyp-bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/share/dotnet:/Library/Frameworks/Mono.framework/Versions/Current/Commands:/Users/Toby/.nvm/versions/node/v7.0.0/bin:/Library/Frameworks/Python.framework/Versions/2.7/bin:~/Library/Android/sdk/tools:~/Library/Android/sdk/platform-tools:/usr/local/terraform/bin:/Users/Toby/terraform:/Applications/MAMP/bin/php/php7.0.8/bin:/Library/Frameworks/Python.framework/Versions/3.5/bin +10 verbose lifecycle create-graphql-server@0.5.3~testonly: CWD: /Users/Toby/MICRO/create-graphql-server-3 +11 silly lifecycle create-graphql-server@0.5.3~testonly: Args: [ '-c', +11 silly lifecycle 'mocha --require babel-register "./test/output-app-end-to-end"' ] +12 silly lifecycle create-graphql-server@0.5.3~testonly: Returned: code: 3 signal: null +13 info lifecycle create-graphql-server@0.5.3~testonly: Failed to exec testonly script +14 verbose stack Error: create-graphql-server@0.5.3 testonly: `mocha --require babel-register "./test/output-app-end-to-end"` +14 verbose stack Exit status 3 +14 verbose stack at EventEmitter. (/usr/local/lib/node_modules/npm/lib/utils/lifecycle.js:255:16) +14 verbose stack at emitTwo (events.js:106:13) +14 verbose stack at EventEmitter.emit (events.js:191:7) +14 verbose stack at ChildProcess. (/usr/local/lib/node_modules/npm/lib/utils/spawn.js:40:14) +14 verbose stack at emitTwo (events.js:106:13) +14 verbose stack at ChildProcess.emit (events.js:191:7) +14 verbose stack at maybeClose (internal/child_process.js:877:16) +14 verbose stack at Process.ChildProcess._handle.onexit (internal/child_process.js:226:5) +15 verbose pkgid create-graphql-server@0.5.3 +16 verbose cwd /Users/Toby/MICRO/create-graphql-server-3 +17 error Darwin 16.7.0 +18 error argv "/usr/local/bin/node" "/usr/local/bin/npm" "run" "testonly" "--" "./test/output-app-end-to-end" +19 error node v7.0.0 +20 error npm v3.10.8 +21 error code ELIFECYCLE +22 error create-graphql-server@0.5.3 testonly: `mocha --require babel-register "./test/output-app-end-to-end"` +22 error Exit status 3 +23 error Failed at the create-graphql-server@0.5.3 testonly script 'mocha --require babel-register "./test/output-app-end-to-end"'. +23 error Make sure you have the latest version of node.js and npm installed. +23 error If you do, this is most likely a problem with the create-graphql-server package, +23 error not with npm itself. +23 error Tell the author that this fails on your system: +23 error mocha --require babel-register "./test/output-app-end-to-end" +23 error You can get information on how to open an issue for this project with: +23 error npm bugs create-graphql-server +23 error Or if that isn't available, you can get their info via: +23 error npm owner ls create-graphql-server +23 error There is likely additional logging output above. +24 verbose exit [ 1, true ] diff --git a/package.json b/package.json index 1dc3327..e640b2f 100644 --- a/package.json +++ b/package.json @@ -22,6 +22,9 @@ "build": "npm run clean && babel bin --out-dir dist/bin && babel generate -D --out-dir dist/generate && cp -r skel dist", "prepublish": "npm run build" }, + "config": { + "logfile": "log/all-logs-readable.log" + }, "author": "Tom Coleman", "license": "MIT", "devDependencies": { @@ -47,6 +50,7 @@ "babylon": "^6.14.1", "chalk": "^1.1.3", "cpr": "^2.0.0", + "create-graphql-server-authorization": "^0.0.12", "denodeify": "^1.2.1", "escape-string-regexp": "^1.0.5", "global": "^4.3.2", diff --git a/test/output-app/.gitignore b/test/output-app/.gitignore index 5b29f10..7866035 100644 --- a/test/output-app/.gitignore +++ b/test/output-app/.gitignore @@ -1,4 +1,4 @@ node_modules /db /input -server/logs/all-logs.log +log/all-logs-readable.log diff --git a/test/output-app/README.md b/test/output-app/README.md index efe47d8..cad206d 100644 --- a/test/output-app/README.md +++ b/test/output-app/README.md @@ -7,13 +7,13 @@ This is a generated create-graphql-server app. ## Implementing Authentication The authentication is performed in those locations: * ./server/index.js -* ./model/index.js * ./server/authenticate.js +* ./model/index.js ### ./server/index.js -In the server, the database is started, and the UserCollection is defined. That's who the server accesses the user documents in the database. +In the server, the database is started, and the UserCollection is defined. That's where the server accesses the user documents in the database. -In ```js authenticate(app, UserCollection)``` the authentication is prepared and processed. Later if a user sends a 'graphql' request, the user is determined with ```js passport.authenticate(...)```. After that, the user is whether an anonymous user or an authenticated user. You find the identified user in the object "me". Then the type models have to be initialized with the user "me" authorizations: ```js req.context = addModelsToContext({... me ...})```. +In ```js authenticate(app, UserCollection)``` the authentication is prepared and processed. Later, if a user sends a 'graphql' request, the user is determined with ```js passport.authenticate(...)```. After that, the user is whether an anonymous user or an authenticated user. You find the identified user in the object "me". Then the type models have to be initialized with the user "me" authorizations: ```js req.context = addModelsToContext({... me ...})```. ```javascript ... @@ -52,8 +52,8 @@ async function startServer() { context: Object.assign({ me }, req.context), debug: true, formatError(e) { - console.log(e); - return e; + console.log(e); + return e; }, }; })(req, res, next); @@ -63,8 +63,17 @@ async function startServer() { } ``` +By-the-way: The server/index.js is able to access the User collection directly by the following two lines. This is used in the server/authenticate.js during authenticate. +```js +... +const UserCollection = db.collection('user'); +... +authenticate(app, UserCollection); +... +``` + ### ./model/index.js -If there is a User model generated, then we load it as the first model. It defines the model, which will be used in the other models as well, to perform the authorization checks. +If there is a User model generated, then we load it as the first model. It defines the model, which will be used in the other models as well, to perform the authorization checks. ```javascript const models = {}; @@ -91,7 +100,7 @@ models.User = User; ``` ### ./server/authenticate.js -Here the real identification of an user is performed. After a user requested a '/login' with user and password. The user's email is searched in the database. If it is there, it checks if the user's encrypted hash is equal to the encrypted password, if so, a user is identified and a JWT token is generated and transfered back to the requesting user. With all the next requests of that user, he sends an header like... +Here, the real identification of an user is performed. After a user requested a '/login' url with user and password. The user's email is searched in the database. If it is there, it checks if the user's encrypted hash is equal to the encrypted password. If so, a user is identified and a JWT token is generated and transfered back to the requesting user. This JWT token is usually stored in the client's browsers local storage and added to the next call in the Authorization header. With all the next requests of that user, he sends an header like... ```javacript authorization JWT calculated.JWT.token ``` @@ -105,7 +114,7 @@ import { ObjectId } from 'mongodb'; import nodeify from 'nodeify'; import bcrypt from 'bcrypt'; import DataLoader from 'dataloader'; -import { findByIds } from './authorize'; +import { findByIds } from 'create-graphql-server-authorization'; const KEY = 'test-key'; let Loader; @@ -162,9 +171,6 @@ Use the @authorize directive in a \.graphql input file, to define which a * user-roles: e.g. User.role = "admin", all admins are allowed to do create, read, update, delete,... * document-roles: e.g. Tweet.authorId = User._id, only authors are allowed to create, update, delete a document -On field level you can control access also by the @authorize directive -e.g. updating the User with set role = "admin", shouldn't be allowed by for all users. So we need a way to restrict the create, read, update, delete operations also on field level if required. - Use the following syntax for the Tweet.graphql input file:: ```javascript type Tweet @@ -184,17 +190,17 @@ type Tweet likers: [User!] @hasAndBelongsToMany(as: "liked") } ``` + This has the following meaning: -* user-roles: "admin", "world" are created (user roles don't have own fields of type User or [User] in the document) - This will check, if the logged in user has a role "admin". Or if there is a special role "world", which just means every known or unknown user, for "world" you don't have to be logged in. +* user-roles: "admin", "world" are created. (user-roles don't have own fields of type User or [User] in the document). + Thus it will check, if the logged in user has a role "admin". Or if there is a special role "world", which just means every known or unknown user is allowed. For "world" authorization you don't have to be logged in. So each "admin" user will be able to create, read, update or delete the Tweet document. Everyone ("world") will be allowed to read all Tweets. -* document-roles: "author", "coauthors" are created (document roles have fields in the document) +* document-roles: "author", "coauthors" are created. (Document-roles have a corresponding field in the document.) Look for the fields with the directive @authRole("...") Only the author of a Tweet is allowed to create, read, update, delete its single Tweet. Only a coauthor of a Tweet is allowed to read and update a Tweet, but he is not allowed to create a Tweet for a different author, and also not to delete a tweet of a different user. - and for the User.graphql input file: ```javascript type User @@ -220,60 +226,62 @@ type User ``` This has the following meaning: -* user-role: "admin", is created (user roles don't have own fields of type User or [User] in the document) +* user-role: "admin", is created. (user roles don't have own fields of type User or [User] in the document) It is a String field with: **role: String! @authRole("admin")** This will check, if the logged in user has a role "admin". So each "admin" user will be able to create, read, update or delete any User document. * document-role: "this", is created (document roles have own fields in the document, but this is a special case for the field _id, which is not shown in the input type, but will be generated in the later schema file.) Only the user id of "this" meaning _id is allowed to readOne, update, delete its single User document. -Use create-graphql-server cli to generate the according schema, resolver, model files with the create-graphql-server command line interface. After its generation, you will find the generated files in the sub folders: schema, resolvers, model folders. The generated model files will use the following functions to implement the authorization logic. +Use create-graphql-server command to generate the according schema, resolver, model files with the create-graphql-server command line interface. After its generation, you will find the generated files in the sub folders: schema, resolvers, model. The generated model files will use the following functions to implement the authorization logic. ### model.js This is an example of a database model of type . ```javascript import DataLoader from 'dataloader'; -import { queryForRoles, findByIds } from '../server/authorize'; +import { findByIds, queryForRoles, getLogFilename, logger, authlog, checkAuthDoc } from 'create-graphql-server-authorization'; +const log = logger(getLogFilename()); export default class { - constructor(context) { - ... - let authQuery; - try { - const { me, User } = context; - authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User }, authlog('tweet findOneById', 'readOne', me)); - } catch (err) { - log.error(err.message); - authQuery = {_id: false}; // otherwise admin access - } - this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); - } -... -async findOneById(id, me, resolver) { - try { - return await this.authorizedLoader.load(id); - } catch (err) { log.error(err.message); } -} + constructor(context) { + this.context = context; + this.collection = context.db.collection(''); + this.pubsub = context.pubsub; + let authQuery; + try { + const { me, User } = context; + authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User }, authlog(' findOneById', 'readOne', me)); + } catch (err) { + log.error(err.message); + authQuery = {_id: false}; // otherwise admin access + } + this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); + } -find({ lastCreatedAt = 0, limit = 10, baseQuery = { createdAt: { $gt: lastCreatedAt } } }, me, resolver) { - try { - const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); - const finalQuery = {...baseQuery, ...authQuery}; - return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); - } catch (err){ log.error(err.message); } -} + async findOneById(id, me, resolver) { + try { + return await this.authorizedLoader.load(id); + } catch (err) { log.error(err.message); } + } + + find({ lastCreatedAt = 0, limit = 10, baseQuery = {} }, me, resolver) { + try { + const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); + const finalQuery = {...baseQuery, ...authQuery, createdAt: { $gt: lastCreatedAt }}; + return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + } catch (err){ log.error(err.message); } + } ... } ``` ### ./model/Tweet.js -generated model file for the above input type Tweet.graphql: -this.auth is generated by the @authorize directive. You can see, the directive argument "read" is used to express "readOne" and "readMany" at the same time. Instead you can use "readOne" and "readMany" for fine grained control on read operations, to allow access to just one record or many records. +generated model file for the above input type Tweet.graphql considering the @authorize directive. You can see, the directive argument "read" is used to express "readOne" and "readMany" at the same time. Instead you can use "readOne" and "readMany" for fine grained control on read operations, to allow access to just one record or many records. ```javascript -import log from '../server/logger'; import DataLoader from 'dataloader'; -import { findByIds, queryForRoles, authlog, checkAuthDoc } from '../server/authorize'; +import { findByIds, queryForRoles, getLogFilename, logger, authlog, checkAuthDoc } from 'create-graphql-server-authorization'; +const log = logger(getLogFilename()); export default class Tweet { constructor(context) { @@ -297,10 +305,10 @@ export default class Tweet { } catch (err) { log.error(err.message); } } - find({ lastCreatedAt = 0, limit = 10, baseQuery = { createdAt: { $gt: lastCreatedAt } } }, me, resolver) { + find({ lastCreatedAt = 0, limit = 10, baseQuery = {} }, me, resolver) { try { const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); - const finalQuery = {...baseQuery, ...authQuery}; + const finalQuery = {...baseQuery, ...authQuery, createdAt: { $gt: lastCreatedAt }}; return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } catch (err){ log.error(err.message); } } @@ -318,7 +326,7 @@ export default class Tweet { } coauthors(tweet, { lastCreatedAt = 0, limit = 10 }, me, resolver) { - const baseQuery = {_id: { $in: tweet.coauthorsIds }, createdAt: { $gt: lastCreatedAt } }; + const baseQuery = {_id: { $in: tweet.coauthorsIds } }; return this.context.User.find({ lastCreatedAt, limit, baseQuery }, me, resolver); } @@ -329,6 +337,7 @@ export default class Tweet { async insert(doc, me, resolver) { try { + let docToInsert = Object.assign({}, doc, { createdAt: Date.now(), updatedAt: Date.now(), @@ -336,25 +345,29 @@ export default class Tweet { updatedById: (me && me._id) ? me._id : 'unknown', }); log.debug(JSON.stringify(docToInsert, null, 2)); - // const authQuery = queryForRoles(me, ['admin'], ['authorId'], { User: this.context.User }, authlog(resolver, 'create', me)); + checkAuthDoc(docToInsert, me, ['admin'], ['authorId'], { User: this.context.User }, authlog(resolver, 'create', me)); const id = (await this.collection.insertOne(docToInsert)).insertedId; if (!id) { throw new Error(`insert tweet not possible.`); } + log.debug(`inserted tweet ${id}.`); const insertedDoc = this.findOneById(id, me, 'pubsub tweetInserted'); this.pubsub.publish('tweetInserted', insertedDoc); return insertedDoc; + } catch (err){ log.error(err.message); } } async updateById(id, doc, me, resolver) { try { + let docToUpdate = {$set: Object.assign({}, doc, { updatedAt: Date.now(), updatedById: (me && me._id) ? me._id : 'unknown', })}; + const baseQuery = {_id: id}; const authQuery = queryForRoles(me, ['admin'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'update', me)); const finalQuery = {...baseQuery, ...authQuery}; @@ -362,16 +375,19 @@ export default class Tweet { if (result.result.ok !== 1 || result.result.n !== 1){ throw new Error(`update tweet not possible for ${id}.`); } + log.debug(`updated tweet ${id}.`); this.authorizedLoader.clear(id); const updatedDoc = this.findOneById(id, me, 'pubsub tweetUpdated'); this.pubsub.publish('tweetUpdated', updatedDoc); return updatedDoc; + } catch (err){ log.error(err.message); } } async removeById(id, me, resolver) { try { + const baseQuery = {_id: id}; const authQuery = queryForRoles(me, ['admin'], ['authorId'], { User: this.context.User }, authlog(resolver, 'delete', me)); const finalQuery = {...baseQuery, ...authQuery}; @@ -379,24 +395,23 @@ export default class Tweet { if (result.result.ok !== 1 || result.result.n !== 1){ throw new Error(`remove tweet not possible for ${id}.`); } + log.debug(`removed tweet ${id}.`); this.authorizedLoader.clear(id); this.pubsub.publish('tweetRemoved', id); return result; + } catch (err){ log.error(err.message); } } } - ``` ### ./model/User.js -generated model file for the above input type User.graphql: -this.auth is generated by the @authorize directive. Here also with field authorizations. - +generated model file for the above input type User.graphql considering the @authorize directive. ```javascript -import log from '../server/logger'; import DataLoader from 'dataloader'; -import { findByIds, queryForRoles, authlog, checkAuthDoc, protectFields } from '../server/authorize'; +import { findByIds, queryForRoles, getLogFilename, logger, authlog, checkAuthDoc, protectFields } from 'create-graphql-server-authorization'; +const log = logger(getLogFilename()); export default class User { constructor(context) { @@ -470,7 +485,7 @@ export default class User { updatedById: (me && me._id) ? me._id : 'unknown', }); checkAuthDoc(docToInsert, me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'create', me)); - docToInsert = this.protectFields(me, ['admin'], ['role'], docToInsert, { User: this.context.User }); + docToInsert = protectFields(me, ['admin'], ['role'], docToInsert, { User: this.context.User }); const id = (await this.collection.insertOne(docToInsert)).insertedId; if (!id) { throw new Error(`insert user not possible.`); @@ -491,7 +506,7 @@ export default class User { const baseQuery = {_id: id}; const authQuery = queryForRoles(me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'update', me)); const finalQuery = {...baseQuery, ...authQuery}; - docToUpdate.$set = this.protectFields(me, ['admin'], ['role'], docToUpdate.$set, { User: this.context.User }); + docToUpdate.$set = protectFields(me, ['admin'], ['role'], docToUpdate.$set, { User: this.context.User }); const result = await this.collection.updateOne(finalQuery, docToUpdate); if (result.result.ok !== 1 || result.result.n !== 1){ throw new Error(`update user not possible for ${id}.`); @@ -522,16 +537,51 @@ export default class User { } ``` +As you can see in both model header lines, we are using a specialized npm package "create-graphql-server-authorization". + +## create-graphql-server-authorization +Install it with: +```bash +npm install create-graphql-server-authorization +``` +[Github: create-graphql-server-authorization](https://github.com/tobkle/create-graphql-server-authorization) + +This uses the following functions from that module: + ### function authlog A logging function that understands "resolvers", "modes" and "users". Simple wrapper around whatever logging function we use. ```javascript -// central logger for authorization checks -export function authlog(resolver = '', mode = '', me = {}) { - const makeMessage = (message) => `Authorize ${mode} "${resolver}" with user "${me.username ? me.username : ''}" ${message}`; +/* + * Central logger for authorization checks + * @param {string} resolver + * @param {string} mode + * @param {object} me + * @return { + * debug {function}, + * error {function} + * } + */ +function authlog(resolver = "", mode = "", me = {}) { + const logFilename = getLogFilename(); + const log = logger(logFilename); + + const makeMessage = message => + `Authorize ${mode} "${resolver}" with user "${me.username + ? me.username + : ""}" ${message}`; + return { - debug: (message) => log.debug(makeMessage(message)), - error: (message) => {throw new Error(makeMessage(message))}, + debug: message => { + const resultMessage = makeMessage(message); + log.debug(resultMessage); + return resultMessage; + }, + error: message => { + const resultMessage = makeMessage(message); + log.error(resultMessage); + throw new Error(makeMessage(message)); + } }; } ``` @@ -540,33 +590,62 @@ export function authlog(resolver = '', mode = '', me = {}) { This is an extended version of [mongo-find-by-ids](https://github.com/tmeasday/mongo-find-by-ids). The enhancement is only to provide an additional authQuery object, to extend the query to meet additional authorizations. ```javascript -// returns the record, cached if already read, checks authorization if set -// enhancement of tmeasday'findByIds -export function findByIds(collection, ids = [], authQuery) { - const baseQuery = { _id: { $in: ids } }; - const finalQuery = {...baseQuery, ...authQuery}; - return collection.find(finalQuery).toArray().then(docs => { - const idMap = {}; - docs.forEach(d => { idMap[d._id] = d; }); - return ids.map(id => idMap[id]); - }); +/* + * find a record by id (cached with dataloader) + * returns the record, cached if already read, checks authorization if set + * enhancement of tmeasday'findByIds + * @param {string, array} docRoleField + * @param {object} userId + * @return {boolean} foundUserId + */ +function findByIds(collection, ids = [], authQuery) { + const baseQuery = { _id: { $in: ids } }; + const finalQuery = { ...baseQuery, ...authQuery }; + return collection.find(finalQuery).toArray().then(docs => { + const idMap = {}; + docs.forEach(d => { + idMap[d._id] = d; + }); + return ids.map(id => idMap[id]); + }); } + +module.exports = findByIds; ``` ### function protectFields Use function protectFields to protect single fields from access. Provide signed in user in "me", the authorized User roles for the protected field(s) - meaning the user who is allowed to access the field -, provide an array with protected fields, and the current document object, which is to be checked for protected fields and the User model context. ```javascript -// returns whether the authorized record, or the record without not authorized field(s) -export function protectFields(me, authorizedUserRoles, protectedFields, inputObject, { User }){ +/* + * Protects a field based on authorizations + * @param {object} me + * @param {array} authorizedUserRoles + * @param {array} protectedFields + * @param {object} inputObject + * @param {object} User + * @return {object} result + */ +function protectFields( + me = {}, + authorizedUserRoles = [], + protectedFields = [], + inputObject = {}, + { User } = { User: dummyUserContext } +) { + // pure function const result = Object.assign({}, inputObject); + + // getting role of current User const role = User.authRole(me); + // if user is not allowed to access specific fields, remove field from object... - if (!authorizedUserRoles.includes(role)){ - protectedFields.every(protectedField => { + if (!authorizedUserRoles.includes(role)) { + protectedFields.forEach(protectedField => { if (result[protectedField]) delete result[protectedField]; }); } + return result; } ``` @@ -575,28 +654,53 @@ export function protectFields(me, authorizedUserRoles, protectedFields, inputObj Use function checkAuthDoc to check and get back the document. Especially used in insert operations, to figure out, if the toBeInsertedDoc is valid to be added by this userRole, docRole and action. ```javascript -export function checkAuthDoc(doc, me, userRoles, docRoles, { User }, logger){ +/* + * Returns an authorized document + * @param {object} doc + * @param {object} me + * @param {array} userRoles + * @param {array} docRoles + * @param {object} User + * @param {function} logger + * @return {object} doc + */ + +function checkAuthDoc( + doc = {}, + me = {}, + userRoles = [], + docRoles = [], + { User }, + logger = defaultLogger +) { + let resultDoc = Object.assign({}, doc); + + // get the User's role const role = User.authRole(me); // check if userRole entitles current user for this action if (userRoleAuthorized(me, userRoles, { User }, logger)) { logger.debug(`and role: "${role}" is authorized by userRole.`); - return doc; + return resultDoc; } // check if docRole entitles current user for this document and action let authorized = false; docRoles.every(field => { - if (fieldContainsUserId(doc[field], me._id)){ + if ( + resultDoc[field] && + me._id && + fieldContainsUserId(resultDoc[field], me._id) + ) { authorized = true; } - }) + }); if (authorized) { logger.debug(`and role: "${role}" is authorized by docRole.`); - return doc; + return resultDoc; } - // Not Authorized + // Not Authorized, throw exception in logger.error logger.error(`and role: "${role}" is not authorized.`); } ``` @@ -606,9 +710,14 @@ export function checkAuthDoc(doc, me, userRoles, docRoles, { User }, logger){ Use function loggedIn, to check if a user is logged in. ```javascript -// returns true, if user is logged in -export function loggedIn(me) { - if(me && me._id && me._id.toString() !== '') { +/* + * Checks if an user is logged in + * @param {object} me + * @return {boolean} loggedIn + */ + +function loggedIn(me) { + if (me && me._id && me._id.toString() !== "") { return true; } return false; @@ -620,35 +729,77 @@ Use function queryForRoles to generate an authQuery object. It expects the following arguments: ```javascript -// creates an authQuery object with additional query arguments, to implement authorization restrictions for mongodb access -export function queryForRoles(me = {}, userRoles = [], docRoles = [], { User }, logger) { +/* + * Prepare a query object for mongodb operations with authorization queries + * creates an authQuery object with additional query arguments, to implement authorization restrictions for mongodb access + * @param {object} me + * @param {array} userRoles + * @param {array} docRoles + * @param {object} inputObject + * @param {object} User + * @param {object} logger + * @return {object, exception} queryObject + * + * @example: const authQuery = queryForRoles(me, userRoles, docRoles, { User }, authlog(resolver, mode, me ) ); + */ +function queryForRoles( + me = {}, + userRoles = [], + docRoles = [], + { User } = { User: dummyUserContext }, + logger = defaultLogger +) { + // on insufficient authorization data, it cannot be authorized, throws exception + if (!User || !User.authRole || !me || (!userRoles && !docRoles)) + logger.error(` is not authorized, due to authorization data.`); + + // get current User's role const role = User.authRole(me); // Build query for the case: The logged in user's role is authorized if (userRoleAuthorized(me, userRoles, { User }, logger)) { - return {}; // empty authQuery means, do operation with no access restrictions + return {}; // empty authQuery means, do operation with no access restrictions } // Build query for the case: The user is listed in any document field const query = { $or: [] }; - if (loggedIn(me)){ - docRoles.forEach(docRole => query.$or.push( { [docRole]: me._id } ) ); - logger.debug(`and role: "${role ? role : ''}" with \nauthQuery: ${JSON.stringify(query, null, 2)}`); - if (query.$or.length > 0) return query; + // makes only sense, if user is logged in - otherwise no userId + if (loggedIn(me)) { + // prepare selection criterias as "authQuery" object + // for later mongodb "find(...baseQuery, ...authQuery)" + // ... AND ...{ field1 OR field2} + // which will be also considered during the database access + // as an "$or: [ { field1: userId}, { field2: userId} ]" + // with all document roles as fields for the later selection. + // At least one of those fields must match the userId, + // otherwise, whether no data found or not authorized to access data + docRoles.forEach(docRole => query.$or.push({ [docRole]: me._id })); + // return this authQuery only, if there was at least 1 field added + // otherwise it will result in an unlimited access + if (query.$or.length > 0) { + // for easier debugging write into the authorzation logs + logger.debug( + `and role: "${role ? role : ""}" with + authQuery: ${JSON.stringify(query, null, 2)}` + ); + // return the query as authQuery for later selection + return query; + } } - // Not Authorized + // Not Authorized - throw exception in logger.error const message = `and role: "${role}" is not authorized.`; logger.error(message); } ``` It expects the following arguments with the meanings: -* **user:** this is the logged in user object out of the resolver's context +* **me:** this is the logged in user object out of the resolver's context * **userRoles:** an array with userRoles, which was generated by the @authorize directives in the .graphql file * **docRoles:** an array with docRoles, which was generated by the @authorize directives in the .graphql file * **User:** User context to access the User model -* **logger:** logging function e.g. authlog(resolver, mode, me) +* **logger:** logging function e.g. ```js authlog(resolver, mode, me) ``` + * **resolver:** this is a string with the resolver's name, optional, only for easier debugging * **mode:** this is the current mode of operation: * **create:** insert a record to the database * **read:** read a record or many records from the database @@ -656,22 +807,48 @@ It expects the following arguments with the meanings: * **readMany:** read many records from the the database * **update:** update a record in the database * **delete:** remove a record from the database - * **resolver:** this is a string with the resolver's name, optional, only for easier debugging * **me:** the user object, who is executing the request, and who is checked for authorization ### function userRoleAuthorized This helper function is used by queryForRoles, and decides, if a user gains the authorization by its role. For example: If a user has a field "role" in his user document and it contains the value "admin". So it checks if a user's role is admin, and allows all operations for admins. ```javascript +/* + * Is a user's role authorized for a document + * @param {object} me + * @param {array} userRoles + * @param {object} User + * @param {object} logger + * @return {boolean} authorized + */ + // returns true, if the user's role is authorized for a document -export function userRoleAuthorized(me = {}, userRoles = [], { User }, logger){ +function userRoleAuthorized( + me = {}, + userRoles = [], + { User } = { User: dummyUserContext }, + logger = defaultLogger +) { + // on insufficient authorization data, it cannot be authorized + if (!User || !User.authRole || !me || !userRoles) return false; + + // get current User's role const role = User.authRole(me); - if ( userRoles.includes('world') || role && userRoles.length > 0 && userRoles.includes(role) ) { - logger.debug(`and role "${role ? role : ''}" is authorized`); + // determine, if the given userRoles authorize the current User by its role + if ( + // userRole: "world" should authorize everyone - known and unknown users + userRoles.includes("world") || + // or there must be a userRole given, and current user must have a role + // and the current user's role must be in the given userRoles + (role && role !== "" && userRoles.length > 0 && userRoles.includes(role)) + ) { + // => authorized + logger.debug(`and role "${role ? role : ""}" is authorized`); return true; } + // => not authorized return false; } ``` @@ -679,65 +856,66 @@ export function userRoleAuthorized(me = {}, userRoles = [], { User }, logger){ ### function fieldContainsUserId This helper function is used in the models and checks, if the provided field of types: array, object or string contains the userId. ```javascript -// returns true, if a field of type array/object/string contains the userId -export function fieldContainsUserId(docRoleField, userId) { +/* + * checks, if a field contains a user's id + * returns true, if a field of type array/object/string contains the userId + * @param {string, object, array} docRoleField + * @param {string, object} userId + * @return {boolean} foundUserId + */ +function fieldContainsUserId(docRoleField, compressedUserId) { let found = false; - // empty userId is not a valid userId - if (userId.toString() === '') return false; + // empty docRoleField is not a valid docRoleField + if (!docRoleField || docRoleField === "" || docRoleField.length === 0) + return false; - // handle a simple id field - if (docRoleField.toString() === userId.toString()){ - return true; - } + // empty (compressed) userId is not a valid userId + if ( + !compressedUserId || + compressedUserId === "" || + compressedUserId.toString() === "" + ) + return false; - // handle an array - if (_.isArray(docRoleField)){ - docRoleField.every(field => { - if (fieldContainsUserId(field, userId)) { + // extract userId, if it is a mongoID field + const userId = extractUserId(compressedUserId); + + // empty (uncompressed) userId is not a valid userId + if (!userId || userId === "") return false; + + // docRoleField of type Array + if (_.isArray(docRoleField)) { + docRoleField.forEach(field => { + if (fieldContainsUserId(field, userId)) { found = true; - return true; - } + } }); if (found) return true; + return false; } - // handle an object - if (_.isObject(docRoleField)){ - Object.keys(docRoleField).every(field => { - - // handle a field - if (docRoleField[field] && docRoleField[field].toString() === userId.toString()){ + // docRoleField of type Object + if (_.isObject(docRoleField)) { + // For each field in the object + Object.keys(docRoleField).forEach(field => { + if ( + fieldContainsUserId(docRoleField[field], userId) || + fieldContainsUserId(field, userId) + ) { found = true; - return true; - } - - // handle an array - if (_.isArray(docRoleField[field])){ - docRoleField[field].every(innerField => { - if (fieldContainsUserId(innerField, userId)) { - found = true; - return true; - } - }) - if (found) return true; } - - // handle an object - if (_.isObject(docRoleField[field])){ - Object.keys(docRoleField[field]).every(innerField => { - if (fieldContainsUserId(docRoleField[field][innerField], userId)) { - found = true; - return true; - } - }); - if (found) return true; - } - }); + if (found) return true; + return false; + } + // docRoleField of type field + if (docRoleField.toString() === userId.toString()) { + return true; } - return found; + + return false; } ``` @@ -750,66 +928,66 @@ In the resolver interfaces, there are different objects: * the last argument in the resolver function is the resolver's name, which is optional and only to enhance the logging in debugging mode by additional information. If you have to analyze authorization outcomes, this helps a lot to figure out, which resolvers authorization rule fired. ```javascript - const resolvers = { - User: { - id(user) { - return user._id; - }, - - createdBy(user, args, { User, me }) { - return User.createdBy(user, me, 'user createdBy'); - }, - - updatedBy(user, args, { User, me }) { - return User.updatedBy(user, me, 'user updatedBy'); - }, - - tweets(user, { minLikes, lastCreatedAt, limit }, { User, me }) { - return User.tweets(user, { minLikes, lastCreatedAt, limit }, me, 'user tweets'); - }, - - liked(user, { lastCreatedAt, limit }, { User, me }) { - return User.liked(user, { lastCreatedAt, limit }, me, 'user liked'); - }, - - following(user, { lastCreatedAt, limit }, { User, me }) { - return User.following(user, { lastCreatedAt, limit }, me, 'user following'); - }, - - followers(user, { lastCreatedAt, limit }, { User, me }) { - return User.followers(user, { lastCreatedAt, limit }, me, 'user followers'); - }, - }, - Query: { - users(root, { lastCreatedAt, limit }, { User, me }) { - return User.find({ lastCreatedAt, limit }, me, 'users'); - }, - - user(root, { id }, { User, me }) { - return User.findOneById(id, me, 'user'); - }, - }, - Mutation: { - async createUser(root, { input }, { User, me }) { - return await User.insert(input, me, 'createUser'); - }, - - async updateUser(root, { id, input }, { User, me }) { - return await User.updateById(id, input, me, 'updateUser'); - }, - - async removeUser(root, { id }, { User, me }) { - return await User.removeById(id, me, 'removeUser'); - }, - }, - Subscription: { - userCreated: user => user, - userUpdated: user => user, - userRemoved: id => id, - }, - }; - - export default resolvers; + const resolvers = { + User: { + id(user) { + return user._id; + }, + + createdBy(user, args, { User, me }) { + return User.createdBy(user, me, 'user createdBy'); + }, + + updatedBy(user, args, { User, me }) { + return User.updatedBy(user, me, 'user updatedBy'); + }, + + tweets(user, { minLikes, lastCreatedAt, limit }, { User, me }) { + return User.tweets(user, { minLikes, lastCreatedAt, limit }, me, 'user tweets'); + }, + + liked(user, { lastCreatedAt, limit }, { User, me }) { + return User.liked(user, { lastCreatedAt, limit }, me, 'user liked'); + }, + + following(user, { lastCreatedAt, limit }, { User, me }) { + return User.following(user, { lastCreatedAt, limit }, me, 'user following'); + }, + + followers(user, { lastCreatedAt, limit }, { User, me }) { + return User.followers(user, { lastCreatedAt, limit }, me, 'user followers'); + }, + }, + Query: { + users(root, { lastCreatedAt, limit }, { User, me }) { + return User.find({ lastCreatedAt, limit }, me, 'users'); + }, + + user(root, { id }, { User, me }) { + return User.findOneById(id, me, 'user'); + }, + }, + Mutation: { + async createUser(root, { input }, { User, me }) { + return await User.insert(input, me, 'createUser'); + }, + + async updateUser(root, { id, input }, { User, me }) { + return await User.updateById(id, input, me, 'updateUser'); + }, + + async removeUser(root, { id }, { User, me }) { + return await User.removeById(id, me, 'removeUser'); + }, + }, + Subscription: { + userCreated: user => user, + userUpdated: user => user, + userRemoved: id => id, + }, + }; + + export default resolvers; ``` ### ./resolver/Tweet.js diff --git a/test/output-app/index.js b/test/output-app/index.js index 588f13f..0035126 100644 --- a/test/output-app/index.js +++ b/test/output-app/index.js @@ -102,8 +102,7 @@ if (!MONGO_URL) { nodemon({ script: path.join('server', 'index.js'), ext: 'js graphql', - exec: 'babel-node --inspect', // with debugger - // exec: 'babel-node', // without debugger + exec: 'babel-node', }).on('restart', () => console.log('Restarting server due to file change\n')); diff --git a/test/output-app/model/Tweet.js b/test/output-app/model/Tweet.js index e2c19bc..4c16217 100644 --- a/test/output-app/model/Tweet.js +++ b/test/output-app/model/Tweet.js @@ -1,6 +1,6 @@ -import log from '../server/logger'; import DataLoader from 'dataloader'; -import { findByIds, queryForRoles, authlog, checkAuthDoc } from '../server/authorize'; +import { findByIds, queryForRoles, getLogFilename, logger, authlog, checkAuthDoc } from 'create-graphql-server-authorization'; +const log = logger(getLogFilename()); export default class Tweet { constructor(context) { @@ -24,10 +24,10 @@ export default class Tweet { } catch (err) { log.error(err.message); } } - find({ lastCreatedAt = 0, limit = 10, baseQuery = { createdAt: { $gt: lastCreatedAt } } }, me, resolver) { + find({ lastCreatedAt = 0, limit = 10, baseQuery = {} }, me, resolver) { try { const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); - const finalQuery = {...baseQuery, ...authQuery}; + const finalQuery = {...baseQuery, ...authQuery, createdAt: { $gt: lastCreatedAt }}; return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } catch (err){ log.error(err.message); } } @@ -45,7 +45,7 @@ export default class Tweet { } coauthors(tweet, { lastCreatedAt = 0, limit = 10 }, me, resolver) { - const baseQuery = {_id: { $in: tweet.coauthorsIds }, createdAt: { $gt: lastCreatedAt } }; + const baseQuery = {_id: { $in: tweet.coauthorsIds } }; return this.context.User.find({ lastCreatedAt, limit, baseQuery }, me, resolver); } @@ -56,6 +56,7 @@ export default class Tweet { async insert(doc, me, resolver) { try { + let docToInsert = Object.assign({}, doc, { createdAt: Date.now(), updatedAt: Date.now(), @@ -63,25 +64,29 @@ export default class Tweet { updatedById: (me && me._id) ? me._id : 'unknown', }); log.debug(JSON.stringify(docToInsert, null, 2)); - // const authQuery = queryForRoles(me, ['admin'], ['authorId'], { User: this.context.User }, authlog(resolver, 'create', me)); + checkAuthDoc(docToInsert, me, ['admin'], ['authorId'], { User: this.context.User }, authlog(resolver, 'create', me)); const id = (await this.collection.insertOne(docToInsert)).insertedId; if (!id) { throw new Error(`insert tweet not possible.`); } + log.debug(`inserted tweet ${id}.`); const insertedDoc = this.findOneById(id, me, 'pubsub tweetInserted'); this.pubsub.publish('tweetInserted', insertedDoc); return insertedDoc; + } catch (err){ log.error(err.message); } } async updateById(id, doc, me, resolver) { try { + let docToUpdate = {$set: Object.assign({}, doc, { updatedAt: Date.now(), updatedById: (me && me._id) ? me._id : 'unknown', })}; + const baseQuery = {_id: id}; const authQuery = queryForRoles(me, ['admin'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'update', me)); const finalQuery = {...baseQuery, ...authQuery}; @@ -89,16 +94,19 @@ export default class Tweet { if (result.result.ok !== 1 || result.result.n !== 1){ throw new Error(`update tweet not possible for ${id}.`); } + log.debug(`updated tweet ${id}.`); this.authorizedLoader.clear(id); const updatedDoc = this.findOneById(id, me, 'pubsub tweetUpdated'); this.pubsub.publish('tweetUpdated', updatedDoc); return updatedDoc; + } catch (err){ log.error(err.message); } } async removeById(id, me, resolver) { try { + const baseQuery = {_id: id}; const authQuery = queryForRoles(me, ['admin'], ['authorId'], { User: this.context.User }, authlog(resolver, 'delete', me)); const finalQuery = {...baseQuery, ...authQuery}; @@ -106,10 +114,12 @@ export default class Tweet { if (result.result.ok !== 1 || result.result.n !== 1){ throw new Error(`remove tweet not possible for ${id}.`); } + log.debug(`removed tweet ${id}.`); this.authorizedLoader.clear(id); this.pubsub.publish('tweetRemoved', id); return result; + } catch (err){ log.error(err.message); } } } diff --git a/test/output-app/model/User.js b/test/output-app/model/User.js index 7c6b165..45eb645 100644 --- a/test/output-app/model/User.js +++ b/test/output-app/model/User.js @@ -1,6 +1,6 @@ -import log from '../server/logger'; import DataLoader from 'dataloader'; -import { findByIds, queryForRoles, authlog, checkAuthDoc, protectFields } from '../server/authorize'; +import { findByIds, queryForRoles, getLogFilename, logger, authlog, checkAuthDoc, protectFields } from 'create-graphql-server-authorization'; +const log = logger(getLogFilename()); export default class User { constructor(context) { diff --git a/test/output-app/package.json b/test/output-app/package.json index debfa7c..6695148 100644 --- a/test/output-app/package.json +++ b/test/output-app/package.json @@ -5,6 +5,9 @@ "scripts": { "start": "babel-node index.js" }, + "config": { + "logfile": "log/all-logs-readable.log" + }, "private": true, "author": "", "license": "MIT", @@ -33,7 +36,7 @@ "bcrypt": "^1.0.2", "body-parser": "1.15.2", "cors": "^2.8.1", - "create-graphql-server-authorization": "^0.0.2", + "create-graphql-server-authorization": "^0.0.14", "dataloader": "^1.2.0", "denodeify": "^1.2.1", "dotenv": "2.0.0", diff --git a/test/output-app/server/authenticate.js b/test/output-app/server/authenticate.js index 5ea4d39..283964a 100644 --- a/test/output-app/server/authenticate.js +++ b/test/output-app/server/authenticate.js @@ -5,7 +5,7 @@ import { ObjectId } from 'mongodb'; import nodeify from 'nodeify'; import bcrypt from 'bcrypt'; import DataLoader from 'dataloader'; -import { findByIds } from './authorize'; +import { findByIds } from 'create-graphql-server-authorization'; const KEY = 'test-key'; let Loader; diff --git a/test/output-app/server/authorize.js b/test/output-app/server/authorize.js deleted file mode 100644 index f8d8ef8..0000000 --- a/test/output-app/server/authorize.js +++ /dev/null @@ -1,164 +0,0 @@ -import _ from 'lodash'; -import log from '../server/logger'; - -// central logger for authorization checks -export function authlog(resolver = '', mode = '', me = {}) { - const makeMessage = (message) => `Authorize ${mode} "${resolver}" with user "${me.username ? me.username : ''}" ${message}`; - return { - debug: (message) => log.debug(makeMessage(message)), - error: (message) => {throw new Error(makeMessage(message))}, - }; -} - -// returns the record, cached if already read, checks authorization if set -// enhancement of tmeasday'findByIds -export function findByIds(collection, ids = [], authQuery) { - const baseQuery = { _id: { $in: ids } }; - const finalQuery = {...baseQuery, ...authQuery}; - return collection.find(finalQuery).toArray().then(docs => { - const idMap = {}; - docs.forEach(d => { idMap[d._id] = d; }); - return ids.map(id => idMap[id]); - }); -} - -// returns whether the authorized record, or the record without not authorized field(s) -export function protectFields(me, authorizedUserRoles, protectedFields, inputObject, { User }){ - const result = Object.assign({}, inputObject); - const role = User.authRole(me); - // if user is not allowed to access specific fields, remove field from object... - if (!authorizedUserRoles.includes(role)){ - protectedFields.every(protectedField => { - if (result[protectedField]) delete result[protectedField]; - }); - } - return result; -} - -export function checkAuthDoc(doc, me, userRoles, docRoles, { User }, logger){ - const role = User.authRole(me); - - // check if userRole entitles current user for this action - if (userRoleAuthorized(me, userRoles, { User }, logger)) { - logger.debug(`and role: "${role}" is authorized by userRole.`); - return doc; - } - - // check if docRole entitles current user for this document and action - let authorized = false; - docRoles.every(field => { - if (fieldContainsUserId(doc[field], me._id)){ - authorized = true; - } - }) - if (authorized) { - logger.debug(`and role: "${role}" is authorized by docRole.`); - return doc; - } - - // Not Authorized - logger.error(`and role: "${role}" is not authorized.`); -} - -// returns true, if user is logged in -export function loggedIn(me) { - if(me && me._id && me._id.toString() !== '') { - return true; - } - return false; -} - -// creates an authQuery object with additional query arguments, to implement authorization restrictions for mongodb access -export function queryForRoles(me = {}, userRoles = [], docRoles = [], { User }, logger) { - const role = User.authRole(me); - - // Build query for the case: The logged in user's role is authorized - if (userRoleAuthorized(me, userRoles, { User }, logger)) { - return {}; // empty authQuery means, do operation with no access restrictions - } - - // Build query for the case: The user is listed in any document field - const query = { $or: [] }; - if (loggedIn(me)){ - docRoles.forEach(docRole => query.$or.push( { [docRole]: me._id } ) ); - logger.debug(`and role: "${role ? role : ''}" with \nauthQuery: ${JSON.stringify(query, null, 2)}`); - if (query.$or.length > 0) return query; - } - - // Not Authorized - const message = `and role: "${role}" is not authorized.`; - logger.error(message); -} - -// returns true, if the user's role is authorized for a document -export function userRoleAuthorized(me = {}, userRoles = [], { User }, logger){ - const role = User.authRole(me); - - if ( userRoles.includes('world') || role && userRoles.length > 0 && userRoles.includes(role) ) { - logger.debug(`and role "${role ? role : ''}" is authorized`); - return true; - } - - return false; -} - -// returns true, if a field of type array/object/string contains the userId -export function fieldContainsUserId(docRoleField, userId) { - let found = false; - - // empty userId is not a valid userId - if (userId.toString() === '') return false; - - // handle a simple id field - if (docRoleField.toString() === userId.toString()){ - return true; - } - - // handle an array - if (_.isArray(docRoleField)){ - docRoleField.every(field => { - if (fieldContainsUserId(field, userId)) { - found = true; - return true; - } - }); - if (found) return true; - } - - // handle an object - if (_.isObject(docRoleField)){ - Object.keys(docRoleField).every(field => { - - // handle a field - if (docRoleField[field] && docRoleField[field].toString() === userId.toString()){ - found = true; - return true; - } - - // handle an array - if (_.isArray(docRoleField[field])){ - docRoleField[field].every(innerField => { - if (fieldContainsUserId(innerField, userId)) { - found = true; - return true; - } - }) - if (found) return true; - } - - // handle an object - if (_.isObject(docRoleField[field])){ - Object.keys(docRoleField[field]).every(innerField => { - if (fieldContainsUserId(docRoleField[field][innerField], userId)) { - found = true; - return true; - } - }); - if (found) return true; - } - - }); - - } - return found; -} diff --git a/test/output-app/server/index.js b/test/output-app/server/index.js index 0b9bcd0..686e6f1 100644 --- a/test/output-app/server/index.js +++ b/test/output-app/server/index.js @@ -8,16 +8,20 @@ import { MongoClient } from 'mongodb'; import cors from 'cors'; import passport from 'passport'; import morgan from 'morgan'; -import log, { stream } from './logger'; - +import { getLogFilename, logger } from 'create-graphql-server-authorization'; import typeDefs from '../schema'; import resolvers from '../resolvers'; import addModelsToContext from '../model'; import authenticate from './authenticate'; import { parse, print } from 'graphql'; - import { pubsub, subscriptionManager } from './subscriptions'; +const log = logger(getLogFilename()); +const stream = { + write: function(message, encoding) { + // log.debug(message); + } +}; const schema = makeExecutableSchema({ typeDefs, resolvers }); const { diff --git a/test/output-app/server/logger.js b/test/output-app/server/logger.js deleted file mode 100644 index c29154a..0000000 --- a/test/output-app/server/logger.js +++ /dev/null @@ -1,65 +0,0 @@ -import winston from 'winston'; - -winston.emitErrs = true; - -const timestamp = function() { - return new Date(Date.now()).toLocaleString(); -}; - -const formatter = function(options) { - return options.timestamp() + - ' ' + - (options.level === 'error' ? ' ' + options.level.toUpperCase() : '' ) + - ' ' + - (options.message ? options.message : '') + - (options.meta && Object.keys(options.meta).length ? '\n\t'+ JSON.stringify(options.meta) : '' ) - ; -} - -const logger = new winston.Logger({ - transports: [ - - // new winston.transports.File({ - // level: 'debug', - // filename: './server/logs/all-logs.log', - // handleExceptions: true, - // json: true, - // maxsize: 5242880, //5MB - // maxFiles: 5, - // colorize: false - // }), - - new winston.transports.File({ - level: 'debug', - filename: './server/logs/all-logs-readable.log', - handleExceptions: true, - json: false, - maxsize: 5242880, //5MB - maxFiles: 5, - colorize: false, - timestamp: timestamp, - formatter: formatter - }), - - new winston.transports.Console({ - level: 'debug', - handleExceptions: true, - json: false, - colorize: true, - timestamp: timestamp, - formatter: formatter - }) - - ], - - exitOnError: false - -}); - -export default logger; - -export const stream = { - write: function(message, encoding) { - // logger.debug(message); - } -}; diff --git a/test/output-app/server/logs/all-logs-readable.log b/test/output-app/server/logs/all-logs-readable.log deleted file mode 100644 index e310730..0000000 --- a/test/output-app/server/logs/all-logs-readable.log +++ /dev/null @@ -1,2142 +0,0 @@ -2017-08-03 19:11:27 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:27 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:27 -------------------------------------------------------------------------------- -2017-08-03 19:11:27 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - role - username - } -} - -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - role - username - } -} - -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca2") { - role - username - } -} - -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - id - username - bio - } -} - -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users { - username - createdAt - } -} - -2017-08-03 19:11:36 Authorize readMany "users" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(limit: 1) { - username - createdAt - } -} - -2017-08-03 19:11:36 Authorize readMany "users" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993) { - username - createdAt - } -} - -2017-08-03 19:11:36 Authorize readMany "users" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } -} - -2017-08-03 19:11:36 Authorize readMany "users" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers { - username - createdAt - } - } -} - -2017-08-03 19:11:36 Authorize readMany "user followers" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(limit: 1) { - username - createdAt - } - } -} - -2017-08-03 19:11:36 Authorize readMany "user followers" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-08-03 19:11:36 Authorize readMany "user followers" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-08-03 19:11:36 Authorize readMany "user followers" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following { - username - createdAt - } - } -} - -2017-08-03 19:11:36 Authorize readMany "user following" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(limit: 1) { - username - createdAt - } - } -} - -2017-08-03 19:11:36 Authorize readMany "user following" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-08-03 19:11:36 Authorize readMany "user following" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-08-03 19:11:36 Authorize readMany "user following" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets { - id - createdAt - } - } -} - -2017-08-03 19:11:36 Authorize readMany "user tweets" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(limit: 1) { - id - createdAt - } - } -} - -2017-08-03 19:11:36 Authorize readMany "user tweets" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } - } -} - -2017-08-03 19:11:36 Authorize readMany "user tweets" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } - } -} - -2017-08-03 19:11:36 Authorize readMany "user tweets" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked { - id - createdAt - } - } -} - -2017-08-03 19:11:36 Authorize readMany "user liked" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(limit: 1) { - id - createdAt - } - } -} - -2017-08-03 19:11:36 Authorize readMany "user liked" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334) { - id - createdAt - } - } -} - -2017-08-03 19:11:36 Authorize readMany "user liked" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334, limit: 1) { - id - createdAt - } - } -} - -2017-08-03 19:11:36 Authorize readMany "user liked" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - id - body - } -} - -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - author { - username - } - } -} - -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets { - id - createdAt - } -} - -2017-08-03 19:11:36 Authorize readMany "tweets" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(limit: 1) { - id - createdAt - } -} - -2017-08-03 19:11:36 Authorize readMany "tweets" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } -} - -2017-08-03 19:11:36 Authorize readMany "tweets" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } -} - -2017-08-03 19:11:36 Authorize readMany "tweets" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers { - username - createdAt - } - } -} - -2017-08-03 19:11:36 Authorize readMany "tweet likers" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(limit: 1) { - username - createdAt - } - } -} - -2017-08-03 19:11:36 Authorize readMany "tweet likers" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993) { - username - createdAt - } - } -} - -2017-08-03 19:11:36 Authorize readMany "tweet likers" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } - } -} - -2017-08-03 19:11:36 Authorize readMany "tweet likers" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { - id - role - } -} - -2017-08-03 19:11:36 Authorize create "createUser" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize create "createUser" with user "stubailo" and role: "admin" is authorized by userRole. -2017-08-03 19:11:36 inserted user 59835948075def94489f4100. -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "tobkle", role: "admin", id: "59835948075def94489f4100", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-03 19:11:36 Authorize create "createUser" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 Authorize create "createUser" with user "tobkle" and role: "admin" is authorized by userRole. -2017-08-03 19:11:36 inserted user 59835948075def94489f4101. -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "tobkle", role: "admin", id: "59835948075def94489f4100", -Operation: "", variables: "", -Query: -{ - user(id: "59835948075def94489f4101") { - username - bio - role - } -} - -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "tobkle", role: "admin", id: "59835948075def94489f4100", -Operation: "", variables: "", -Query: -{ - user(id: "59835948075def94489f4100") { - username - role - } -} - -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "tobkle", role: "admin", id: "59835948075def94489f4100", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59835948075def94489f4101", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-03 19:11:36 Authorize update "updateUser" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 updated user 59835948075def94489f4101. -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "tobkle", role: "admin", id: "59835948075def94489f4100", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59835948075def94489f4100", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-03 19:11:36 Authorize update "updateUser" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 updated user 59835948075def94489f4100. -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "tobkle", role: "admin", id: "59835948075def94489f4100", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59835948075def94489f4101", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { - username - bio - role - } -} - -2017-08-03 19:11:36 Authorize update "updateUser" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 updated user 59835948075def94489f4101. -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "tobkle", role: "admin", id: "59835948075def94489f4100", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59835948075def94489f4100", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-03 19:11:36 Authorize update "updateUser" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 updated user 59835948075def94489f4100. -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role: "editor" with -authQuery: { - "$or": [ - { - "_id": "59835948075def94489f4100" - } - ] -} -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "editor" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "tobkle", role: "editor", id: "59835948075def94489f4100", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59835948075def94489f4100", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-03 19:11:36 Authorize update "updateUser" with user "tobkle" and role: "editor" with -authQuery: { - "$or": [ - { - "_id": "59835948075def94489f4100" - } - ] -} -2017-08-03 19:11:36 updated user 59835948075def94489f4100. -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "zoltan" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "zoltan" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "zoltan", role: "admin", id: "59835948075def94489f4101", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59835948075def94489f4100", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-03 19:11:36 Authorize update "updateUser" with user "zoltan" and role "admin" is authorized -2017-08-03 19:11:36 updated user 59835948075def94489f4100. -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "tobkle", role: "admin", id: "59835948075def94489f4100", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59835948075def94489f4101") -} - -2017-08-03 19:11:36 Authorize delete "removeUser" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 removed user 59835948075def94489f4101. -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "tobkle", role: "admin", id: "59835948075def94489f4100", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59835948075def94489f4100", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-03 19:11:36 { - "authorId": "59835948075def94489f4100", - "body": "This is a test tweet of user tobkle", - "coauthorsIds": [], - "createdAt": 1501780296690, - "updatedAt": 1501780296690, - "createdById": "59835948075def94489f4100", - "updatedById": "59835948075def94489f4100" -} -2017-08-03 19:11:36 Authorize create "createTweet" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 Authorize create "createTweet" with user "tobkle" and role: "admin" is authorized by userRole. -2017-08-03 19:11:36 inserted tweet 59835948075def94489f4102. -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "tobkle", role: "admin", id: "59835948075def94489f4100", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-03 19:11:36 { - "authorId": "583291a1638566b3c5a92ca1", - "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", - "coauthorsIds": [], - "createdAt": 1501780296700, - "updatedAt": 1501780296700, - "createdById": "59835948075def94489f4100", - "updatedById": "59835948075def94489f4100" -} -2017-08-03 19:11:36 Authorize create "createTweet" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 Authorize create "createTweet" with user "tobkle" and role: "admin" is authorized by userRole. -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "tobkle", role: "admin", id: "59835948075def94489f4100", -Operation: "", variables: "", -Query: -{ - tweet(id: "59835948075def94489f4102") { - author { - id - } - body - } -} - -2017-08-03 19:11:36 inserted tweet 59835948075def94489f4103. -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "tobkle", role: "admin", id: "59835948075def94489f4100", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "tobkle", role: "admin", id: "59835948075def94489f4100", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59835948075def94489f4102", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-03 19:11:36 Authorize update "updateTweet" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 updated tweet 59835948075def94489f4102. -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "tobkle", role: "admin", id: "59835948075def94489f4100", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59835948075def94489f4103", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-03 19:11:36 Authorize update "updateTweet" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 updated tweet 59835948075def94489f4103. -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "tobkle", role: "admin", id: "59835948075def94489f4100", -Operation: "", variables: "", -Query: -{ - tweet(id: "59835948075def94489f4102") { - body - } -} - -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "tobkle", role: "admin", id: "59835948075def94489f4100", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59835948075def94489f4102") -} - -2017-08-03 19:11:36 Authorize delete "removeTweet" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 removed tweet 59835948075def94489f4102. -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "tobkle", role: "admin", id: "59835948075def94489f4100", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59835948075def94489f4103") -} - -2017-08-03 19:11:36 Authorize delete "removeTweet" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 removed tweet 59835948075def94489f4103. -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "tobkle", role: "admin", id: "59835948075def94489f4100", -Operation: "", variables: "", -Query: -{ - tweet(id: "59835948075def94489f4102") { - body - } -} - -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "tobkle", role: "admin", id: "59835948075def94489f4100", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59835948075def94489f4100") -} - -2017-08-03 19:11:36 Authorize delete "removeUser" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 removed user 59835948075def94489f4100. -2017-08-03 19:11:36 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "" and role "" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59835948075def94489f4100") { - username - bio - role - } -} - -2017-08-03 19:11:36 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "" and role "" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-08-03 19:11:36 ERROR Cannot read property 'toString' of undefined -2017-08-03 19:11:36 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "" and role "" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-03 19:11:36 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "" and role "" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-03 19:11:36 ERROR Authorize update "updateUser" with user "" and role: "null" is not authorized. -2017-08-03 19:11:36 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "" and role "" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-03 19:11:36 ERROR Authorize delete "removeUser" with user "" and role: "null" is not authorized. -2017-08-03 19:11:36 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "" and role "" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-03 19:11:36 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "" and role "" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-03 19:11:36 { - "authorId": "583291a1638566b3c5a92ca1", - "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", - "coauthorsIds": [], - "createdAt": 1501780296965, - "updatedAt": 1501780296965, - "createdById": "unknown", - "updatedById": "unknown" -} -2017-08-03 19:11:36 ERROR Cannot read property 'toString' of undefined -2017-08-03 19:11:36 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "" and role "" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-03 19:11:36 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "" and role "" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-03 19:11:37 ERROR Authorize update "updateTweet" with user "" and role: "null" is not authorized. -2017-08-03 19:11:37 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "" and role "" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-03 19:11:37 ERROR Authorize update "updateTweet" with user "" and role: "null" is not authorized. -2017-08-03 19:11:37 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "" and role "" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-03 19:11:37 ERROR Authorize delete "removeTweet" with user "" and role: "null" is not authorized. -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { - id - role - } -} - -2017-08-03 19:11:37 Authorize create "createUser" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:37 Authorize create "createUser" with user "stubailo" and role: "admin" is authorized by userRole. -2017-08-03 19:11:37 inserted user 59835949075def94489f4104. -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tobkle", role: "user", id: "59835949075def94489f4104", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-08-03 19:11:37 ERROR Cannot read property 'toString' of undefined -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tobkle", role: "user", id: "59835949075def94489f4104", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tobkle", role: "user", id: "59835949075def94489f4104", -Operation: "", variables: "", -Query: -{ - user(id: "59835949075def94489f4104") { - username - } -} - -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tobkle", role: "user", id: "59835949075def94489f4104", -Operation: "", variables: "", -Query: -{ - user(id: "59835949075def94489f4104") { - username - role - } -} - -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tobkle", role: "user", id: "59835949075def94489f4104", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-03 19:11:37 Authorize update "updateUser" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 ERROR update user not possible for 583291a1638566b3c5a92ca1. -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tobkle", role: "user", id: "59835949075def94489f4104", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59835949075def94489f4104", input: {username: "tobkle", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-08-03 19:11:37 Authorize update "updateUser" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 updated user 59835949075def94489f4104. -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tobkle", role: "user", id: "59835949075def94489f4104", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59835949075def94489f4104", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-03 19:11:37 Authorize update "updateUser" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 updated user 59835949075def94489f4104. -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tobkle", role: "user", id: "59835949075def94489f4104", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-03 19:11:37 Authorize delete "removeUser" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tobkle", role: "user", id: "59835949075def94489f4104", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59835949075def94489f4104", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-03 19:11:37 { - "authorId": "59835949075def94489f4104", - "body": "This is a test tweet of user tobkle", - "coauthorsIds": [], - "createdAt": 1501780297175, - "updatedAt": 1501780297175, - "createdById": "59835949075def94489f4104", - "updatedById": "59835949075def94489f4104" -} -2017-08-03 19:11:37 Authorize create "createTweet" with user "tobkle" and role: "user" is authorized by docRole. -2017-08-03 19:11:37 inserted tweet 59835949075def94489f4105. -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tobkle", role: "user", id: "59835949075def94489f4104", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-03 19:11:37 { - "authorId": "583291a1638566b3c5a92ca1", - "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", - "coauthorsIds": [], - "createdAt": 1501780297182, - "updatedAt": 1501780297182, - "createdById": "59835949075def94489f4104", - "updatedById": "59835949075def94489f4104" -} -2017-08-03 19:11:37 ERROR Authorize create "createTweet" with user "tobkle" and role: "user" is not authorized. -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tobkle", role: "user", id: "59835949075def94489f4104", -Operation: "", variables: "", -Query: -{ - tweet(id: "59835949075def94489f4105") { - author { - id - } - body - } -} - -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tobkle", role: "user", id: "59835949075def94489f4104", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tobkle", role: "user", id: "59835949075def94489f4104", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59835949075def94489f4105", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-03 19:11:37 Authorize update "updateTweet" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "authorId": "59835949075def94489f4104" - }, - { - "coauthorsIds": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 updated tweet 59835949075def94489f4105. -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tobkle", role: "user", id: "59835949075def94489f4104", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-03 19:11:37 Authorize update "updateTweet" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "authorId": "59835949075def94489f4104" - }, - { - "coauthorsIds": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 ERROR update tweet not possible for 583676d3618530145474e352. -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tobkle", role: "user", id: "59835949075def94489f4104", -Operation: "", variables: "", -Query: -{ - tweet(id: "59835949075def94489f4105") { - body - } -} - -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tobkle", role: "user", id: "59835949075def94489f4104", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59835949075def94489f4105") -} - -2017-08-03 19:11:37 Authorize delete "removeTweet" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "authorId": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 removed tweet 59835949075def94489f4105. -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tobkle", role: "user", id: "59835949075def94489f4104", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-03 19:11:37 Authorize delete "removeTweet" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "authorId": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tobkle", role: "user", id: "59835949075def94489f4104", -Operation: "", variables: "", -Query: -{ - tweet(id: "59835949075def94489f4105") { - body - } -} - -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tobkle", role: "user", id: "59835949075def94489f4104", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59835949075def94489f4104") -} - -2017-08-03 19:11:37 Authorize delete "removeUser" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 removed user 59835949075def94489f4104. -2017-08-03 19:11:37 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "" and role "" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59835949075def94489f4104") { - username - bio - role - } -} - -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { - id - role - } -} - -2017-08-03 19:11:37 Authorize create "createUser" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:37 Authorize create "createUser" with user "stubailo" and role: "admin" is authorized by userRole. -2017-08-03 19:11:37 inserted user 59835949075def94489f4106. -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "editor" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "editor" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tobkle", role: "editor", id: "59835949075def94489f4106", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-03 19:11:37 ERROR Cannot read property 'toString' of undefined -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "editor" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "editor" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tobkle", role: "editor", id: "59835949075def94489f4106", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "editor" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "editor" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tobkle", role: "editor", id: "59835949075def94489f4106", -Operation: "", variables: "", -Query: -{ - user(id: "59835949075def94489f4106") { - username - role - } -} - -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "editor" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "editor" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tobkle", role: "editor", id: "59835949075def94489f4106", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-03 19:11:37 Authorize update "updateUser" with user "tobkle" and role: "editor" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 ERROR update user not possible for 583291a1638566b3c5a92ca1. -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "editor" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "editor" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tobkle", role: "editor", id: "59835949075def94489f4106", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59835949075def94489f4106", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-08-03 19:11:37 Authorize update "updateUser" with user "tobkle" and role: "editor" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 updated user 59835949075def94489f4106. -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tmeasday", role: "editor", id: "59835949075def94489f4106", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59835949075def94489f4106", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-03 19:11:37 Authorize update "updateUser" with user "tmeasday" and role: "editor" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 updated user 59835949075def94489f4106. -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tmeasday", role: "editor", id: "59835949075def94489f4106", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-03 19:11:37 Authorize delete "removeUser" with user "tmeasday" and role: "editor" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tmeasday", role: "editor", id: "59835949075def94489f4106", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59835949075def94489f4106", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-03 19:11:37 { - "authorId": "59835949075def94489f4106", - "body": "This is a test tweet of user tobkle", - "coauthorsIds": [], - "createdAt": 1501780297472, - "updatedAt": 1501780297472, - "createdById": "59835949075def94489f4106", - "updatedById": "59835949075def94489f4106" -} -2017-08-03 19:11:37 Authorize create "createTweet" with user "tmeasday" and role: "editor" is authorized by docRole. -2017-08-03 19:11:37 inserted tweet 59835949075def94489f4107. -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tmeasday", role: "editor", id: "59835949075def94489f4106", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-03 19:11:37 { - "authorId": "583291a1638566b3c5a92ca1", - "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", - "coauthorsIds": [], - "createdAt": 1501780297510, - "updatedAt": 1501780297510, - "createdById": "59835949075def94489f4106", - "updatedById": "59835949075def94489f4106" -} -2017-08-03 19:11:37 ERROR Authorize create "createTweet" with user "tmeasday" and role: "editor" is not authorized. -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tmeasday", role: "editor", id: "59835949075def94489f4106", -Operation: "", variables: "", -Query: -{ - tweet(id: "59835949075def94489f4107") { - author { - id - } - body - } -} - -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tmeasday", role: "editor", id: "59835949075def94489f4106", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tmeasday", role: "editor", id: "59835949075def94489f4106", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59835949075def94489f4107", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-03 19:11:37 Authorize update "updateTweet" with user "tmeasday" and role: "editor" with -authQuery: { - "$or": [ - { - "authorId": "59835949075def94489f4106" - }, - { - "coauthorsIds": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 updated tweet 59835949075def94489f4107. -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tmeasday", role: "editor", id: "59835949075def94489f4106", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-03 19:11:37 Authorize update "updateTweet" with user "tmeasday" and role: "editor" with -authQuery: { - "$or": [ - { - "authorId": "59835949075def94489f4106" - }, - { - "coauthorsIds": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 ERROR update tweet not possible for 583676d3618530145474e352. -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tmeasday", role: "editor", id: "59835949075def94489f4106", -Operation: "", variables: "", -Query: -{ - tweet(id: "59835949075def94489f4107") { - body - } -} - -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tmeasday", role: "editor", id: "59835949075def94489f4106", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59835949075def94489f4107") -} - -2017-08-03 19:11:37 Authorize delete "removeTweet" with user "tmeasday" and role: "editor" with -authQuery: { - "$or": [ - { - "authorId": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 removed tweet 59835949075def94489f4107. -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tmeasday", role: "editor", id: "59835949075def94489f4106", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-03 19:11:37 Authorize delete "removeTweet" with user "tmeasday" and role: "editor" with -authQuery: { - "$or": [ - { - "authorId": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tmeasday", role: "editor", id: "59835949075def94489f4106", -Operation: "", variables: "", -Query: -{ - tweet(id: "59835949075def94489f4107") { - body - } -} - -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tmeasday", role: "editor", id: "59835949075def94489f4106", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59835949075def94489f4106") -} - -2017-08-03 19:11:37 Authorize delete "removeUser" with user "tmeasday" and role: "editor" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 removed user 59835949075def94489f4106. -2017-08-03 19:11:37 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "" and role "" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59835949075def94489f4106") { - username - bio - role - } -} - diff --git a/test/output-app/yarn.lock b/test/output-app/yarn.lock index 67d8e74..f951766 100644 --- a/test/output-app/yarn.lock +++ b/test/output-app/yarn.lock @@ -956,6 +956,10 @@ bson@~1.0.0: version "1.0.1" resolved "https://registry.yarnpkg.com/bson/-/bson-1.0.1.tgz#3a5addb0f2ff88bc3436e708e4bdb8637602d72d" +bson@~1.0.4: + version "1.0.4" + resolved "https://registry.yarnpkg.com/bson/-/bson-1.0.4.tgz#93c10d39eaa5b58415cbc4052f3e53e562b0b72c" + buffer-crc32@~0.2.3: version "0.2.13" resolved "https://registry.yarnpkg.com/buffer-crc32/-/buffer-crc32-0.2.13.tgz#0d333e3f00eac50aa1454abd30ef8c2a5d9a7242" @@ -964,7 +968,7 @@ buffer-equal-constant-time@1.0.1: version "1.0.1" resolved "https://registry.yarnpkg.com/buffer-equal-constant-time/-/buffer-equal-constant-time-1.0.1.tgz#f8e71132f7ffe6e01a5c9697a4c6f3e48d5cc819" -buffer-shims@^1.0.0: +buffer-shims@^1.0.0, buffer-shims@~1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/buffer-shims/-/buffer-shims-1.0.0.tgz#9978ce317388c649ad8793028c3477ef044a8b51" @@ -1188,9 +1192,13 @@ crc@3.4.0: version "3.4.0" resolved "https://registry.yarnpkg.com/crc/-/crc-3.4.0.tgz#4258e351613a74ef1153dfcb05e820c3e9715d7f" -create-graphql-server-authorization@^0.0.2: - version "0.0.2" - resolved "https://registry.yarnpkg.com/create-graphql-server-authorization/-/create-graphql-server-authorization-0.0.2.tgz#6449d9e32eeea8191bdd0e72a47dda78a696835f" +create-graphql-server-authorization@^0.0.14: + version "0.0.14" + resolved "https://registry.yarnpkg.com/create-graphql-server-authorization/-/create-graphql-server-authorization-0.0.14.tgz#26bd07dc0775a0e74a07fcc5a99daa046099e216" + dependencies: + lodash "4.16.4" + mongodb "^2.2.31" + winston "^2.3.1" cryptiles@2.x.x: version "2.0.5" @@ -2888,6 +2896,13 @@ mongodb-core@2.1.0: bson "~1.0.0" require_optional "~1.0.0" +mongodb-core@2.1.15: + version "2.1.15" + resolved "https://registry.yarnpkg.com/mongodb-core/-/mongodb-core-2.1.15.tgz#841f53b87ffff4c7458189c35c8ae827e1169764" + dependencies: + bson "~1.0.4" + require_optional "~1.0.0" + mongodb-download@^1.3.2: version "1.3.2" resolved "https://registry.yarnpkg.com/mongodb-download/-/mongodb-download-1.3.2.tgz#0a2e8868eaea6c18e2a7f7cb7c8048ff10809337" @@ -2915,6 +2930,14 @@ mongodb@^2.2.11: mongodb-core "2.1.0" readable-stream "2.1.5" +mongodb@^2.2.31: + version "2.2.31" + resolved "https://registry.yarnpkg.com/mongodb/-/mongodb-2.2.31.tgz#1940445c661e19217bb3bf8245d9854aaef548db" + dependencies: + es6-promise "3.2.1" + mongodb-core "2.1.15" + readable-stream "2.2.7" + morgan@^1.8.2: version "1.8.2" resolved "https://registry.yarnpkg.com/morgan/-/morgan-1.8.2.tgz#784ac7734e4a453a9c6e6e8680a9329275c8b687" @@ -3387,6 +3410,18 @@ readable-stream@2.1.5, readable-stream@^2.0.0, "readable-stream@^2.0.0 || ^1.1.1 string_decoder "~0.10.x" util-deprecate "~1.0.1" +readable-stream@2.2.7: + version "2.2.7" + resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.2.7.tgz#07057acbe2467b22042d36f98c5ad507054e95b1" + dependencies: + buffer-shims "~1.0.0" + core-util-is "~1.0.0" + inherits "~2.0.1" + isarray "~1.0.0" + process-nextick-args "~1.0.6" + string_decoder "~1.0.0" + util-deprecate "~1.0.1" + "readable-stream@>=1.0.33-1 <1.1.0-0": version "1.0.34" resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-1.0.34.tgz#125820e34bc842d2f2aaafafe4c2916ee32c157c" @@ -3572,6 +3607,10 @@ safe-buffer@^5.0.1: version "5.0.1" resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.0.1.tgz#d263ca54696cd8a306b5ca6551e92de57918fbe7" +safe-buffer@~5.1.0: + version "5.1.1" + resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.1.1.tgz#893312af69b2123def71f57889001671eeb2c853" + seek-bzip@^1.0.3: version "1.0.5" resolved "https://registry.yarnpkg.com/seek-bzip/-/seek-bzip-1.0.5.tgz#cfe917cb3d274bcffac792758af53173eb1fabdc" @@ -3785,6 +3824,12 @@ string_decoder@~0.10.x: version "0.10.31" resolved "https://registry.yarnpkg.com/string_decoder/-/string_decoder-0.10.31.tgz#62e203bc41766c6c28c9fc84301dab1c5310fa94" +string_decoder@~1.0.0: + version "1.0.3" + resolved "https://registry.yarnpkg.com/string_decoder/-/string_decoder-1.0.3.tgz#0fc67d7c141825de94282dd536bec6b9bce860ab" + dependencies: + safe-buffer "~5.1.0" + stringstream@~0.0.4: version "0.0.5" resolved "https://registry.yarnpkg.com/stringstream/-/stringstream-0.0.5.tgz#4e484cd4de5a0bbbee18e46307710a8a81621878" diff --git a/yarn.lock b/yarn.lock index 830cd5d..92a1023 100644 --- a/yarn.lock +++ b/yarn.lock @@ -123,6 +123,10 @@ async-each@^1.0.0: version "1.0.1" resolved "https://registry.yarnpkg.com/async-each/-/async-each-1.0.1.tgz#19d386a1d9edc6e7c1c85d388aedbcc56d33602d" +async@~1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/async/-/async-1.0.0.tgz#f8fc04ca3a13784ade9e1641af98578cfbd647a9" + asynckit@^0.4.0: version "0.4.0" resolved "https://registry.yarnpkg.com/asynckit/-/asynckit-0.4.0.tgz#c79ed97f7f34cb8f2ba1bc9790bcc366474b4b79" @@ -903,7 +907,11 @@ browser-stdout@1.3.0: version "1.3.0" resolved "https://registry.yarnpkg.com/browser-stdout/-/browser-stdout-1.3.0.tgz#f351d32969d32fa5d7a5567154263d928ae3bd1f" -buffer-shims@^1.0.0: +bson@~1.0.4: + version "1.0.4" + resolved "https://registry.yarnpkg.com/bson/-/bson-1.0.4.tgz#93c10d39eaa5b58415cbc4052f3e53e562b0b72c" + +buffer-shims@^1.0.0, buffer-shims@~1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/buffer-shims/-/buffer-shims-1.0.0.tgz#9978ce317388c649ad8793028c3477ef044a8b51" @@ -1011,6 +1019,10 @@ code-point-at@^1.0.0: version "1.1.0" resolved "https://registry.yarnpkg.com/code-point-at/-/code-point-at-1.1.0.tgz#0d070b4d043a5bea33a2f1a40e2edb3d9a4ccf77" +colors@1.0.x: + version "1.0.3" + resolved "https://registry.yarnpkg.com/colors/-/colors-1.0.3.tgz#0433f44d809680fdeb60ed260f1b0c262e82a40b" + combined-stream@^1.0.5, combined-stream@~1.0.5: version "1.0.5" resolved "https://registry.yarnpkg.com/combined-stream/-/combined-stream-1.0.5.tgz#938370a57b4a51dea2c77c15d5c5fdf895164009" @@ -1064,6 +1076,14 @@ cpr: mkdirp "~0.5.1" rimraf "^2.5.4" +create-graphql-server-authorization@^0.0.12: + version "0.0.12" + resolved "https://registry.yarnpkg.com/create-graphql-server-authorization/-/create-graphql-server-authorization-0.0.12.tgz#df00e443b13622d14dd53b588e1f44ef990763e2" + dependencies: + lodash "4.16.4" + mongodb "^2.2.31" + winston "^2.3.1" + crypt@~0.0.1: version "0.0.2" resolved "https://registry.yarnpkg.com/crypt/-/crypt-0.0.2.tgz#88d7ff7ec0dfb86f713dc87bbb42d044d3e6c41b" @@ -1080,6 +1100,10 @@ currently-unhandled@^0.4.1: dependencies: array-find-index "^1.0.1" +cycle@1.0.x: + version "1.0.3" + resolved "https://registry.yarnpkg.com/cycle/-/cycle-1.0.3.tgz#21e80b2be8580f98b468f379430662b046c34ad2" + d@^0.1.1, d@~0.1.1: version "0.1.1" resolved "https://registry.yarnpkg.com/d/-/d-0.1.1.tgz#da184c535d18d8ee7ba2aa229b914009fae11309" @@ -1102,13 +1126,13 @@ debug@2.2.0, debug@~2.2.0: dependencies: ms "0.7.1" -debug@^2.1.1, debug@^2.2.0: +debug@^2.1.1: version "2.3.2" resolved "https://registry.yarnpkg.com/debug/-/debug-2.3.2.tgz#94cb466ef7d6d2c7e5245cdd6e4104f2d0d70d30" dependencies: ms "0.7.2" -debug@^2.6.8: +debug@^2.2.0, debug@^2.6.8: version "2.6.8" resolved "https://registry.yarnpkg.com/debug/-/debug-2.6.8.tgz#e731531ca2ede27d188222427da17821d68ff4fc" dependencies: @@ -1232,6 +1256,10 @@ es6-map@^0.1.3: es6-symbol "~3.1.0" event-emitter "~0.3.4" +es6-promise@3.2.1: + version "3.2.1" + resolved "https://registry.yarnpkg.com/es6-promise/-/es6-promise-3.2.1.tgz#ec56233868032909207170c39448e24449dd1fc4" + es6-set@^0.1.4, es6-set@~0.1.3: version "0.1.4" resolved "https://registry.yarnpkg.com/es6-set/-/es6-set-0.1.4.tgz#9516b6761c2964b92ff479456233a247dc707ce8" @@ -1432,6 +1460,10 @@ extsprintf@1.0.2: version "1.0.2" resolved "https://registry.yarnpkg.com/extsprintf/-/extsprintf-1.0.2.tgz#e1080e0658e300b06294990cc70e1502235fd550" +eyes@0.1.x: + version "0.1.8" + resolved "https://registry.yarnpkg.com/eyes/-/eyes-0.1.8.tgz#62cf120234c683785d902348a800ef3e0cc20bc0" + fast-levenshtein@~2.0.4: version "2.0.5" resolved "https://registry.yarnpkg.com/fast-levenshtein/-/fast-levenshtein-2.0.5.tgz#bd33145744519ab1c36c3ee9f31f08e9079b67f2" @@ -1614,25 +1646,25 @@ glob@^5.0.5: once "^1.3.0" path-is-absolute "^1.0.0" -glob@^7.0.3, glob@^7.0.5: - version "7.1.1" - resolved "https://registry.yarnpkg.com/glob/-/glob-7.1.1.tgz#805211df04faaf1c63a3600306cdf5ade50b2ec8" +glob@^7.0.3, glob@^7.1.2: + version "7.1.2" + resolved "https://registry.yarnpkg.com/glob/-/glob-7.1.2.tgz#c19c9df9a028702d678612384a6552404c636d15" dependencies: fs.realpath "^1.0.0" inflight "^1.0.4" inherits "2" - minimatch "^3.0.2" + minimatch "^3.0.4" once "^1.3.0" path-is-absolute "^1.0.0" -glob@^7.1.2: - version "7.1.2" - resolved "https://registry.yarnpkg.com/glob/-/glob-7.1.2.tgz#c19c9df9a028702d678612384a6552404c636d15" +glob@^7.0.5: + version "7.1.1" + resolved "https://registry.yarnpkg.com/glob/-/glob-7.1.1.tgz#805211df04faaf1c63a3600306cdf5ade50b2ec8" dependencies: fs.realpath "^1.0.0" inflight "^1.0.4" inherits "2" - minimatch "^3.0.4" + minimatch "^3.0.2" once "^1.3.0" path-is-absolute "^1.0.0" @@ -1643,11 +1675,7 @@ global@^4.3.2: min-document "^2.19.0" process "~0.5.1" -globals@^9.0.0: - version "9.13.0" - resolved "https://registry.yarnpkg.com/globals/-/globals-9.13.0.tgz#d97706b61600d8dbe94708c367d3fdcf48470b8f" - -globals@^9.17.0: +globals@^9.0.0, globals@^9.17.0: version "9.18.0" resolved "https://registry.yarnpkg.com/globals/-/globals-9.18.0.tgz#aa3896b3e69b487f17e31ed2143d69a8e30c2d8a" @@ -1867,16 +1895,7 @@ is-glob@^2.0.0, is-glob@^2.0.1: dependencies: is-extglob "^1.0.0" -is-my-json-valid@^2.12.4: - version "2.15.0" - resolved "https://registry.yarnpkg.com/is-my-json-valid/-/is-my-json-valid-2.15.0.tgz#936edda3ca3c211fd98f3b2d3e08da43f7b2915b" - dependencies: - generate-function "^2.0.0" - generate-object-property "^1.1.0" - jsonpointer "^4.0.0" - xtend "^4.0.0" - -is-my-json-valid@^2.16.0: +is-my-json-valid@^2.12.4, is-my-json-valid@^2.16.0: version "2.16.0" resolved "https://registry.yarnpkg.com/is-my-json-valid/-/is-my-json-valid-2.16.0.tgz#f079dd9bfdae65ee2038aae8acbc86ab109e3693" dependencies: @@ -1951,7 +1970,7 @@ isobject@^2.0.0: dependencies: isarray "1.0.0" -isstream@~0.1.2: +isstream@0.1.x, isstream@~0.1.2: version "0.1.2" resolved "https://registry.yarnpkg.com/isstream/-/isstream-0.1.2.tgz#47e63f7af55afa6f92e1500e690eb8b8529c099a" @@ -2139,11 +2158,15 @@ lodash.merge@^4.6.0: version "4.6.0" resolved "https://registry.yarnpkg.com/lodash.merge/-/lodash.merge-4.6.0.tgz#69884ba144ac33fe699737a6086deffadd0f89c5" -lodash@^4.0.0, lodash@^4.17.4: +lodash@4.16.4: + version "4.16.4" + resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.16.4.tgz#01ce306b9bad1319f2a5528674f88297aeb70127" + +lodash@^4.0.0, lodash@^4.17.4, lodash@^4.3.0: version "4.17.4" resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.4.tgz#78203a4d1c328ae1d86dca6460e369b57f4055ae" -lodash@^4.2.0, lodash@^4.3.0: +lodash@^4.2.0: version "4.16.6" resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.16.6.tgz#d22c9ac660288f3843e16ba7d2b5d06cca27d777" @@ -2231,13 +2254,13 @@ min-document@^2.19.0: dependencies: dom-walk "^0.1.0" -"minimatch@2 || 3", minimatch@^3.0.0, minimatch@^3.0.2, minimatch@^3.0.3: +"minimatch@2 || 3", minimatch@^3.0.2, minimatch@^3.0.3: version "3.0.3" resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-3.0.3.tgz#2a4e4090b96b2db06a9d7df01055a62a77c9b774" dependencies: brace-expansion "^1.0.0" -minimatch@^3.0.4: +minimatch@^3.0.0, minimatch@^3.0.4: version "3.0.4" resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-3.0.4.tgz#5166e286457f03306064be5497e8dbb0c3d32083" dependencies: @@ -2273,6 +2296,21 @@ mocha: mkdirp "0.5.1" supports-color "3.1.2" +mongodb-core@2.1.15: + version "2.1.15" + resolved "https://registry.yarnpkg.com/mongodb-core/-/mongodb-core-2.1.15.tgz#841f53b87ffff4c7458189c35c8ae827e1169764" + dependencies: + bson "~1.0.4" + require_optional "~1.0.0" + +mongodb@^2.2.31: + version "2.2.31" + resolved "https://registry.yarnpkg.com/mongodb/-/mongodb-2.2.31.tgz#1940445c661e19217bb3bf8245d9854aaef548db" + dependencies: + es6-promise "3.2.1" + mongodb-core "2.1.15" + readable-stream "2.2.7" + ms@0.7.1: version "0.7.1" resolved "https://registry.yarnpkg.com/ms/-/ms-0.7.1.tgz#9cd13c03adbff25b65effde7ce864ee952017098" @@ -2544,39 +2582,40 @@ read-pkg@^1.0.0: normalize-package-data "^2.3.2" path-type "^1.0.0" -"readable-stream@^2.0.0 || ^1.1.13", readable-stream@~2.1.4: - version "2.1.5" - resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.1.5.tgz#66fa8b720e1438b364681f2ad1a63c618448c9d0" +readable-stream@2.2.7: + version "2.2.7" + resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.2.7.tgz#07057acbe2467b22042d36f98c5ad507054e95b1" dependencies: - buffer-shims "^1.0.0" + buffer-shims "~1.0.0" core-util-is "~1.0.0" inherits "~2.0.1" isarray "~1.0.0" process-nextick-args "~1.0.6" - string_decoder "~0.10.x" + string_decoder "~1.0.0" util-deprecate "~1.0.1" -readable-stream@^2.0.2: - version "2.0.6" - resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.0.6.tgz#8f90341e68a53ccc928788dacfcd11b36eb9b78e" +"readable-stream@^2.0.0 || ^1.1.13", readable-stream@^2.0.2, readable-stream@^2.2.2: + version "2.2.11" + resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.2.11.tgz#0796b31f8d7688007ff0b93a8088d34aa17c0f72" dependencies: core-util-is "~1.0.0" inherits "~2.0.1" isarray "~1.0.0" process-nextick-args "~1.0.6" - string_decoder "~0.10.x" + safe-buffer "~5.0.1" + string_decoder "~1.0.0" util-deprecate "~1.0.1" -readable-stream@^2.2.2: - version "2.2.11" - resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.2.11.tgz#0796b31f8d7688007ff0b93a8088d34aa17c0f72" +readable-stream@~2.1.4: + version "2.1.5" + resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.1.5.tgz#66fa8b720e1438b364681f2ad1a63c618448c9d0" dependencies: + buffer-shims "^1.0.0" core-util-is "~1.0.0" inherits "~2.0.1" isarray "~1.0.0" process-nextick-args "~1.0.6" - safe-buffer "~5.0.1" - string_decoder "~1.0.0" + string_decoder "~0.10.x" util-deprecate "~1.0.1" readdirp@^2.0.0: @@ -2687,10 +2726,21 @@ require-uncached@^1.0.3: caller-path "^0.1.0" resolve-from "^1.0.0" +require_optional@~1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/require_optional/-/require_optional-1.0.1.tgz#4cf35a4247f64ca3df8c2ef208cc494b1ca8fc2e" + dependencies: + resolve-from "^2.0.0" + semver "^5.1.0" + resolve-from@^1.0.0: version "1.0.1" resolved "https://registry.yarnpkg.com/resolve-from/-/resolve-from-1.0.1.tgz#26cbfe935d1aeeeabb29bc3fe5aeb01e93d44226" +resolve-from@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/resolve-from/-/resolve-from-2.0.0.tgz#9480ab20e94ffa1d9e80a804c7ea147611966b57" + resolve@^1.1.6: version "1.1.7" resolved "https://registry.yarnpkg.com/resolve/-/resolve-1.1.7.tgz#203114d82ad2c5ed9e8e0411b3932875e889e97b" @@ -2738,7 +2788,7 @@ semver-truncate@^1.0.0: dependencies: semver "^5.3.0" -"semver@2 || 3 || 4 || 5", semver@^5.3.0, semver@~5.3.0: +"semver@2 || 3 || 4 || 5", semver@^5.1.0, semver@^5.3.0, semver@~5.3.0: version "5.3.0" resolved "https://registry.yarnpkg.com/semver/-/semver-5.3.0.tgz#9b2ce5d3de02d17c6012ad326aa6b4d0cf54f94f" @@ -2758,11 +2808,7 @@ shebang-regex@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/shebang-regex/-/shebang-regex-1.0.0.tgz#da42f49740c0b42db2ca9728571cb190c98efea3" -signal-exit@^3.0.0: - version "3.0.1" - resolved "https://registry.yarnpkg.com/signal-exit/-/signal-exit-3.0.1.tgz#5a4c884992b63a7acd9badb7894c3ee9cfccad81" - -signal-exit@^3.0.2: +signal-exit@^3.0.0, signal-exit@^3.0.2: version "3.0.2" resolved "https://registry.yarnpkg.com/signal-exit/-/signal-exit-3.0.2.tgz#b5fdc08f1287ea1178628e415e25132b73646c6d" @@ -2823,6 +2869,10 @@ sshpk@^1.7.0: jsbn "~0.1.0" tweetnacl "~0.14.0" +stack-trace@0.0.x: + version "0.0.10" + resolved "https://registry.yarnpkg.com/stack-trace/-/stack-trace-0.0.10.tgz#547c70b347e8d32b4e108ea1a2a159e5fdde19c0" + string-width@^1.0.1: version "1.0.2" resolved "https://registry.yarnpkg.com/string-width/-/string-width-1.0.2.tgz#118bdf5b8cdc51a2a7e70d211e07e2b0b9b107d3" @@ -3015,6 +3065,17 @@ wide-align@^1.1.0: dependencies: string-width "^1.0.1" +winston@^2.3.1: + version "2.3.1" + resolved "https://registry.yarnpkg.com/winston/-/winston-2.3.1.tgz#0b48420d978c01804cf0230b648861598225a119" + dependencies: + async "~1.0.0" + colors "1.0.x" + cycle "1.0.x" + eyes "0.1.x" + isstream "0.1.x" + stack-trace "0.0.x" + wordwrap@~1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/wordwrap/-/wordwrap-1.0.0.tgz#27584810891456a4171c8d0226441ade90cbcaeb" From a1f0e4095300dee0c01722b9f7a8da304a4f700a Mon Sep 17 00:00:00 2001 From: tobkle Date: Fri, 18 Aug 2017 17:48:47 +0200 Subject: [PATCH 27/69] harden --- npm-debug.log | 51 - package.json | 1 - test/output-app/.gitignore | 2 + test/output-app/model/Tweet.js | 10 +- test/output-app/model/User.js | 10 +- test/output-app/package.json | 2 +- test/output-app/yarn-error.log | 4331 ++++++++++++++++++++++++++++++++ test/output-app/yarn.lock | 67 +- yarn.lock | 95 +- 9 files changed, 4376 insertions(+), 193 deletions(-) delete mode 100644 npm-debug.log create mode 100644 test/output-app/yarn-error.log diff --git a/npm-debug.log b/npm-debug.log deleted file mode 100644 index 117132f..0000000 --- a/npm-debug.log +++ /dev/null @@ -1,51 +0,0 @@ -0 info it worked if it ends with ok -1 verbose cli [ '/usr/local/bin/node', -1 verbose cli '/usr/local/bin/npm', -1 verbose cli 'run', -1 verbose cli 'testonly', -1 verbose cli '--', -1 verbose cli './test/output-app-end-to-end' ] -2 info using npm@3.10.8 -3 info using node@v7.0.0 -4 verbose run-script [ 'pretestonly', 'testonly', 'posttestonly' ] -5 info lifecycle create-graphql-server@0.5.3~pretestonly: create-graphql-server@0.5.3 -6 silly lifecycle create-graphql-server@0.5.3~pretestonly: no script for pretestonly, continuing -7 info lifecycle create-graphql-server@0.5.3~testonly: create-graphql-server@0.5.3 -8 verbose lifecycle create-graphql-server@0.5.3~testonly: unsafe-perm in lifecycle true -9 verbose lifecycle create-graphql-server@0.5.3~testonly: PATH: /usr/local/lib/node_modules/npm/bin/node-gyp-bin:/Users/Toby/MICRO/create-graphql-server-3/node_modules/.bin:/Users/Toby/MICRO/create-graphql-server-3/node_modules/.bin:/Users/Toby/.config/yarn/link/node_modules/.bin:/Users/Toby/MICRO/create-graphql-server-3/node_modules/.bin:/Users/Toby/.config/yarn/link/node_modules/.bin:/usr/local/Cellar/yarn/0.17.10/libexec/lib/node_modules/yarn/bin/node-gyp-bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/share/dotnet:/Library/Frameworks/Mono.framework/Versions/Current/Commands:/Users/Toby/.nvm/versions/node/v7.0.0/bin:/Library/Frameworks/Python.framework/Versions/2.7/bin:~/Library/Android/sdk/tools:~/Library/Android/sdk/platform-tools:/usr/local/terraform/bin:/Users/Toby/terraform:/Applications/MAMP/bin/php/php7.0.8/bin:/Library/Frameworks/Python.framework/Versions/3.5/bin -10 verbose lifecycle create-graphql-server@0.5.3~testonly: CWD: /Users/Toby/MICRO/create-graphql-server-3 -11 silly lifecycle create-graphql-server@0.5.3~testonly: Args: [ '-c', -11 silly lifecycle 'mocha --require babel-register "./test/output-app-end-to-end"' ] -12 silly lifecycle create-graphql-server@0.5.3~testonly: Returned: code: 3 signal: null -13 info lifecycle create-graphql-server@0.5.3~testonly: Failed to exec testonly script -14 verbose stack Error: create-graphql-server@0.5.3 testonly: `mocha --require babel-register "./test/output-app-end-to-end"` -14 verbose stack Exit status 3 -14 verbose stack at EventEmitter. (/usr/local/lib/node_modules/npm/lib/utils/lifecycle.js:255:16) -14 verbose stack at emitTwo (events.js:106:13) -14 verbose stack at EventEmitter.emit (events.js:191:7) -14 verbose stack at ChildProcess. (/usr/local/lib/node_modules/npm/lib/utils/spawn.js:40:14) -14 verbose stack at emitTwo (events.js:106:13) -14 verbose stack at ChildProcess.emit (events.js:191:7) -14 verbose stack at maybeClose (internal/child_process.js:877:16) -14 verbose stack at Process.ChildProcess._handle.onexit (internal/child_process.js:226:5) -15 verbose pkgid create-graphql-server@0.5.3 -16 verbose cwd /Users/Toby/MICRO/create-graphql-server-3 -17 error Darwin 16.7.0 -18 error argv "/usr/local/bin/node" "/usr/local/bin/npm" "run" "testonly" "--" "./test/output-app-end-to-end" -19 error node v7.0.0 -20 error npm v3.10.8 -21 error code ELIFECYCLE -22 error create-graphql-server@0.5.3 testonly: `mocha --require babel-register "./test/output-app-end-to-end"` -22 error Exit status 3 -23 error Failed at the create-graphql-server@0.5.3 testonly script 'mocha --require babel-register "./test/output-app-end-to-end"'. -23 error Make sure you have the latest version of node.js and npm installed. -23 error If you do, this is most likely a problem with the create-graphql-server package, -23 error not with npm itself. -23 error Tell the author that this fails on your system: -23 error mocha --require babel-register "./test/output-app-end-to-end" -23 error You can get information on how to open an issue for this project with: -23 error npm bugs create-graphql-server -23 error Or if that isn't available, you can get their info via: -23 error npm owner ls create-graphql-server -23 error There is likely additional logging output above. -24 verbose exit [ 1, true ] diff --git a/package.json b/package.json index e640b2f..105db52 100644 --- a/package.json +++ b/package.json @@ -50,7 +50,6 @@ "babylon": "^6.14.1", "chalk": "^1.1.3", "cpr": "^2.0.0", - "create-graphql-server-authorization": "^0.0.12", "denodeify": "^1.2.1", "escape-string-regexp": "^1.0.5", "global": "^4.3.2", diff --git a/test/output-app/.gitignore b/test/output-app/.gitignore index 7866035..69edd69 100644 --- a/test/output-app/.gitignore +++ b/test/output-app/.gitignore @@ -2,3 +2,5 @@ node_modules /db /input log/all-logs-readable.log +.DS_Store +log/ diff --git a/test/output-app/model/Tweet.js b/test/output-app/model/Tweet.js index 4c16217..1552b0e 100644 --- a/test/output-app/model/Tweet.js +++ b/test/output-app/model/Tweet.js @@ -7,15 +7,11 @@ export default class Tweet { this.context = context; this.collection = context.db.collection('tweet'); this.pubsub = context.pubsub; - let authQuery; try { const { me, User } = context; - authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User }, authlog('tweet findOneById', 'readOne', me)); - } catch (err) { - log.error(err.message); - authQuery = {_id: false}; // otherwise admin access - } - this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); + const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User }, authlog('tweet findOneById', 'readOne', me)); + this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); + } catch (err) { log.error(err.message); } } async findOneById(id, me, resolver) { diff --git a/test/output-app/model/User.js b/test/output-app/model/User.js index 45eb645..de5c96d 100644 --- a/test/output-app/model/User.js +++ b/test/output-app/model/User.js @@ -8,15 +8,11 @@ export default class User { this.collection = context.db.collection('user'); this.pubsub = context.pubsub; this.authRole = User.authRole; - let authQuery; try { const { me } = context; - authQuery = queryForRoles(me, ['admin'], ['_id'], { User }, authlog('user findOneById', 'readOne', me)); - } catch (err) { - log.error(err.message); - authQuery = {_id: false}; // otherwise admin access - } - this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); + const authQuery = queryForRoles(me, ['admin'], ['_id'], { User }, authlog('user findOneById', 'readOne', me)); + this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); + } catch (err) { log.error(err.message); } } static authRole(user){ diff --git a/test/output-app/package.json b/test/output-app/package.json index 6695148..596fe1c 100644 --- a/test/output-app/package.json +++ b/test/output-app/package.json @@ -36,7 +36,7 @@ "bcrypt": "^1.0.2", "body-parser": "1.15.2", "cors": "^2.8.1", - "create-graphql-server-authorization": "^0.0.14", + "create-graphql-server-authorization": "^0.0.27", "dataloader": "^1.2.0", "denodeify": "^1.2.1", "dotenv": "2.0.0", diff --git a/test/output-app/yarn-error.log b/test/output-app/yarn-error.log new file mode 100644 index 0000000..f92ff39 --- /dev/null +++ b/test/output-app/yarn-error.log @@ -0,0 +1,4331 @@ +Arguments: + /usr/local/bin/node /usr/local/bin/yarn add create-graphql-server-authorization + +PATH: + /usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/share/dotnet:/Library/Frameworks/Mono.framework/Versions/Current/Commands:/Users/Toby/.nvm/versions/node/v7.0.0/bin:/Library/Frameworks/Python.framework/Versions/2.7/bin:~/Library/Android/sdk/tools:~/Library/Android/sdk/platform-tools:/usr/local/terraform/bin:/Users/Toby/terraform:/Applications/MAMP/bin/php/php7.0.8/bin:/Library/Frameworks/Python.framework/Versions/3.5/bin + +Yarn version: + 0.17.10 + +Node version: + 7.0.0 + +Platform: + darwin x64 + +npm manifest: + { + "name": "output-app", + "version": "1.0.0", + "description": "output-app GraphQL Server", + "scripts": { + "start": "babel-node index.js" + }, + "config": { + "logfile": "log/all-logs-readable.log" + }, + "private": true, + "author": "", + "license": "MIT", + "devDependencies": { + "babel-cli": "6.16.0", + "babel-core": "6.17.0", + "babel-eslint": "7.0.0", + "babel-preset-es2015": "6.16.0", + "babel-preset-react": "6.16.0", + "babel-preset-stage-2": "6.17.0", + "babel-register": "6.16.3", + "chai": "^3.5.0", + "eslint": "3.8.1", + "eslint-config-react-app": "^0.4.0", + "eslint-plugin-babel": "3.3.0", + "eslint-plugin-flowtype": "2.21.0", + "eslint-plugin-import": "2.0.1", + "eslint-plugin-jsx-a11y": "2.2.3", + "eslint-plugin-react": "6.4.1", + "mocha": "^3.1.2", + "mongodb-prebuilt": "^5.0.7", + "node-fetch": "^1.6.3", + "nodemon": "1.11.0" + }, + "dependencies": { + "bcrypt": "^1.0.2", + "body-parser": "1.15.2", + "cors": "^2.8.1", + "dataloader": "^1.2.0", + "denodeify": "^1.2.1", + "dotenv": "2.0.0", + "express": "4.14.0", + "express-session": "1.14.1", + "graphql": "0.7.2", + "graphql-server": "^0.3.2", + "graphql-server-express": "^0.4.3", + "graphql-subscriptions": "0.2.0", + "graphql-tools": "^0.8.2", + "jwt-simple": "^0.5.1", + "lodash": "4.16.4", + "mongo-find-by-ids": "^1.0.0", + "mongodb": "^2.2.11", + "morgan": "^1.8.2", + "nodeify": "^1.0.1", + "passport": "^0.3.2", + "passport-jwt": "^2.2.1", + "subscriptions-transport-ws": "0.2.6", + "winston": "^2.3.1" + } + } + +yarn manifest: + No manifest + +Lockfile: + # THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY. + # yarn lockfile v1 + + + "@types/express-serve-static-core@*": + version "4.0.39" + resolved "https://registry.yarnpkg.com/@types/express-serve-static-core/-/express-serve-static-core-4.0.39.tgz#45157f96480d46f254648f45b2c6d70bd9fc9f54" + dependencies: + "@types/node" "*" + + "@types/express@^4.0.33": + version "4.0.34" + resolved "https://registry.yarnpkg.com/@types/express/-/express-4.0.34.tgz#cdc0afd69d70d2295b81b3aa47f26f672afcde1c" + dependencies: + "@types/express-serve-static-core" "*" + "@types/serve-static" "*" + + "@types/mime@*": + version "0.0.29" + resolved "https://registry.yarnpkg.com/@types/mime/-/mime-0.0.29.tgz#fbcfd330573b912ef59eeee14602bface630754b" + + "@types/node@*", "@types/node@^6.0.38": + version "6.0.51" + resolved "https://registry.yarnpkg.com/@types/node/-/node-6.0.51.tgz#84cbf25111516ec9304d0b61469dc0fa9d12ba32" + + "@types/serve-static@*": + version "1.7.31" + resolved "https://registry.yarnpkg.com/@types/serve-static/-/serve-static-1.7.31.tgz#15456de8d98d6b4cff31be6c6af7492ae63f521a" + dependencies: + "@types/express-serve-static-core" "*" + "@types/mime" "*" + + abbrev@1: + version "1.0.9" + resolved "https://registry.yarnpkg.com/abbrev/-/abbrev-1.0.9.tgz#91b4792588a7738c25f35dd6f63752a2f8776135" + + accepts@~1.3.3: + version "1.3.3" + resolved "https://registry.yarnpkg.com/accepts/-/accepts-1.3.3.tgz#c3ca7434938648c3e0d9c1e328dd68b622c284ca" + dependencies: + mime-types "~2.1.11" + negotiator "0.6.1" + + acorn-jsx@^3.0.0, acorn-jsx@^3.0.1: + version "3.0.1" + resolved "https://registry.yarnpkg.com/acorn-jsx/-/acorn-jsx-3.0.1.tgz#afdf9488fb1ecefc8348f6fb22f464e32a58b36b" + dependencies: + acorn "^3.0.4" + + acorn@^3.0.4: + version "3.3.0" + resolved "https://registry.yarnpkg.com/acorn/-/acorn-3.3.0.tgz#45e37fb39e8da3f25baee3ff5369e2bb5f22017a" + + acorn@^4.0.1: + version "4.0.3" + resolved "https://registry.yarnpkg.com/acorn/-/acorn-4.0.3.tgz#1a3e850b428e73ba6b09d1cc527f5aaad4d03ef1" + + agent-base@2: + version "2.0.1" + resolved "https://registry.yarnpkg.com/agent-base/-/agent-base-2.0.1.tgz#bd8f9e86a8eb221fffa07bd14befd55df142815e" + dependencies: + extend "~3.0.0" + semver "~5.0.1" + + ajv-keywords@^1.0.0: + version "1.2.0" + resolved "https://registry.yarnpkg.com/ajv-keywords/-/ajv-keywords-1.2.0.tgz#676c4f087bfe1e8b12dca6fda2f3c74f417b099c" + + ajv@^4.7.0: + version "4.9.2" + resolved "https://registry.yarnpkg.com/ajv/-/ajv-4.9.2.tgz#3f7dcda95b0c34bceb2d69945117d146219f1a2c" + dependencies: + co "^4.6.0" + json-stable-stringify "^1.0.1" + + ansi-escapes@^1.1.0: + version "1.4.0" + resolved "https://registry.yarnpkg.com/ansi-escapes/-/ansi-escapes-1.4.0.tgz#d3a8a83b319aa67793662b13e761c7911422306e" + + ansi-regex@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/ansi-regex/-/ansi-regex-2.0.0.tgz#c5061b6e0ef8a81775e50f5d66151bf6bf371107" + + ansi-styles@^2.1.0, ansi-styles@^2.2.1: + version "2.2.1" + resolved "https://registry.yarnpkg.com/ansi-styles/-/ansi-styles-2.2.1.tgz#b432dd3358b634cf75e1e4664368240533c1ddbe" + + anymatch@^1.3.0: + version "1.3.0" + resolved "https://registry.yarnpkg.com/anymatch/-/anymatch-1.3.0.tgz#a3e52fa39168c825ff57b0248126ce5a8ff95507" + dependencies: + arrify "^1.0.0" + micromatch "^2.1.5" + + aproba@^1.0.3: + version "1.0.4" + resolved "https://registry.yarnpkg.com/aproba/-/aproba-1.0.4.tgz#2713680775e7614c8ba186c065d4e2e52d1072c0" + + are-we-there-yet@~1.1.2: + version "1.1.2" + resolved "https://registry.yarnpkg.com/are-we-there-yet/-/are-we-there-yet-1.1.2.tgz#80e470e95a084794fe1899262c5667c6e88de1b3" + dependencies: + delegates "^1.0.0" + readable-stream "^2.0.0 || ^1.1.13" + + argparse@^1.0.7: + version "1.0.9" + resolved "https://registry.yarnpkg.com/argparse/-/argparse-1.0.9.tgz#73d83bc263f86e97f8cc4f6bae1b0e90a7d22c86" + dependencies: + sprintf-js "~1.0.2" + + arr-diff@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/arr-diff/-/arr-diff-2.0.0.tgz#8f3b827f955a8bd669697e4a4256ac3ceae356cf" + dependencies: + arr-flatten "^1.0.1" + + arr-flatten@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/arr-flatten/-/arr-flatten-1.0.1.tgz#e5ffe54d45e19f32f216e91eb99c8ce892bb604b" + + array-find-index@^1.0.1: + version "1.0.2" + resolved "https://registry.yarnpkg.com/array-find-index/-/array-find-index-1.0.2.tgz#df010aa1287e164bbda6f9723b0a96a1ec4187a1" + + array-flatten@1.1.1: + version "1.1.1" + resolved "https://registry.yarnpkg.com/array-flatten/-/array-flatten-1.1.1.tgz#9a5f699051b1e7073328f2a008968b64ea2955d2" + + array-union@^1.0.1: + version "1.0.2" + resolved "https://registry.yarnpkg.com/array-union/-/array-union-1.0.2.tgz#9a34410e4f4e3da23dea375be5be70f24778ec39" + dependencies: + array-uniq "^1.0.1" + + array-uniq@^1.0.0, array-uniq@^1.0.1: + version "1.0.3" + resolved "https://registry.yarnpkg.com/array-uniq/-/array-uniq-1.0.3.tgz#af6ac877a25cc7f74e058894753858dfdb24fdb6" + + array-unique@^0.2.1: + version "0.2.1" + resolved "https://registry.yarnpkg.com/array-unique/-/array-unique-0.2.1.tgz#a1d97ccafcbc2625cc70fadceb36a50c58b01a53" + + arrify@^1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/arrify/-/arrify-1.0.1.tgz#898508da2226f380df904728456849c1501a4b0d" + + asn1@~0.2.3: + version "0.2.3" + resolved "https://registry.yarnpkg.com/asn1/-/asn1-0.2.3.tgz#dac8787713c9966849fc8180777ebe9c1ddf3b86" + + assert-plus@^0.2.0: + version "0.2.0" + resolved "https://registry.yarnpkg.com/assert-plus/-/assert-plus-0.2.0.tgz#d74e1b87e7affc0db8aadb7021f3fe48101ab234" + + assert-plus@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/assert-plus/-/assert-plus-1.0.0.tgz#f12e0f3c5d77b0b1cdd9146942e4e96c1e4dd525" + + assertion-error@^1.0.1: + version "1.0.2" + resolved "https://registry.yarnpkg.com/assertion-error/-/assertion-error-1.0.2.tgz#13ca515d86206da0bac66e834dd397d87581094c" + + async-each@^1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/async-each/-/async-each-1.0.1.tgz#19d386a1d9edc6e7c1c85d388aedbcc56d33602d" + + async@2.0.1: + version "2.0.1" + resolved "https://registry.yarnpkg.com/async/-/async-2.0.1.tgz#b709cc0280a9c36f09f4536be823c838a9049e25" + dependencies: + lodash "^4.8.0" + + async@~1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/async/-/async-1.0.0.tgz#f8fc04ca3a13784ade9e1641af98578cfbd647a9" + + asynckit@^0.4.0: + version "0.4.0" + resolved "https://registry.yarnpkg.com/asynckit/-/asynckit-0.4.0.tgz#c79ed97f7f34cb8f2ba1bc9790bcc366474b4b79" + + aws-sign2@~0.6.0: + version "0.6.0" + resolved "https://registry.yarnpkg.com/aws-sign2/-/aws-sign2-0.6.0.tgz#14342dd38dbcc94d0e5b87d763cd63612c0e794f" + + aws4@^1.2.1: + version "1.5.0" + resolved "https://registry.yarnpkg.com/aws4/-/aws4-1.5.0.tgz#0a29ffb79c31c9e712eeb087e8e7a64b4a56d755" + + babel-cli@6.16.0: + version "6.16.0" + resolved "https://registry.yarnpkg.com/babel-cli/-/babel-cli-6.16.0.tgz#4e0d1cf40442ef78330f7fef88eb3a0a1b16bd37" + dependencies: + babel-core "^6.16.0" + babel-polyfill "^6.16.0" + babel-register "^6.16.0" + babel-runtime "^6.9.0" + bin-version-check "^2.1.0" + chalk "1.1.1" + commander "^2.8.1" + convert-source-map "^1.1.0" + fs-readdir-recursive "^0.1.0" + glob "^5.0.5" + lodash "^4.2.0" + log-symbols "^1.0.2" + output-file-sync "^1.1.0" + path-exists "^1.0.0" + path-is-absolute "^1.0.0" + request "^2.65.0" + slash "^1.0.0" + source-map "^0.5.0" + v8flags "^2.0.10" + optionalDependencies: + chokidar "^1.0.0" + + babel-code-frame@^6.16.0: + version "6.16.0" + resolved "https://registry.yarnpkg.com/babel-code-frame/-/babel-code-frame-6.16.0.tgz#f90e60da0862909d3ce098733b5d3987c97cb8de" + dependencies: + chalk "^1.1.0" + esutils "^2.0.2" + js-tokens "^2.0.0" + + babel-core@6.17.0, babel-core@^6.16.0: + version "6.17.0" + resolved "https://registry.yarnpkg.com/babel-core/-/babel-core-6.17.0.tgz#6c4576447df479e241e58c807e4bc7da4db7f425" + dependencies: + babel-code-frame "^6.16.0" + babel-generator "^6.17.0" + babel-helpers "^6.16.0" + babel-messages "^6.8.0" + babel-register "^6.16.0" + babel-runtime "^6.9.1" + babel-template "^6.16.0" + babel-traverse "^6.16.0" + babel-types "^6.16.0" + babylon "^6.11.0" + convert-source-map "^1.1.0" + debug "^2.1.1" + json5 "^0.4.0" + lodash "^4.2.0" + minimatch "^3.0.2" + path-exists "^1.0.0" + path-is-absolute "^1.0.0" + private "^0.1.6" + shebang-regex "^1.0.0" + slash "^1.0.0" + source-map "^0.5.0" + + babel-eslint@7.0.0: + version "7.0.0" + resolved "https://registry.yarnpkg.com/babel-eslint/-/babel-eslint-7.0.0.tgz#54e51b4033f54ac81326ecea4c646a779935196d" + dependencies: + babel-traverse "^6.15.0" + babel-types "^6.15.0" + babylon "^6.11.2" + lodash.pickby "^4.6.0" + + babel-generator@^6.17.0: + version "6.19.0" + resolved "https://registry.yarnpkg.com/babel-generator/-/babel-generator-6.19.0.tgz#9b2f244204777a3d6810ec127c673c87b349fac5" + dependencies: + babel-messages "^6.8.0" + babel-runtime "^6.9.0" + babel-types "^6.19.0" + detect-indent "^4.0.0" + jsesc "^1.3.0" + lodash "^4.2.0" + source-map "^0.5.0" + + babel-helper-bindify-decorators@^6.18.0: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-helper-bindify-decorators/-/babel-helper-bindify-decorators-6.18.0.tgz#fc00c573676a6e702fffa00019580892ec8780a5" + dependencies: + babel-runtime "^6.0.0" + babel-traverse "^6.18.0" + babel-types "^6.18.0" + + babel-helper-builder-binary-assignment-operator-visitor@^6.8.0: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-helper-builder-binary-assignment-operator-visitor/-/babel-helper-builder-binary-assignment-operator-visitor-6.18.0.tgz#8ae814989f7a53682152e3401a04fabd0bb333a6" + dependencies: + babel-helper-explode-assignable-expression "^6.18.0" + babel-runtime "^6.0.0" + babel-types "^6.18.0" + + babel-helper-builder-react-jsx@^6.8.0: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-helper-builder-react-jsx/-/babel-helper-builder-react-jsx-6.18.0.tgz#ab02f19a2eb7ace936dd87fa55896d02be59bf71" + dependencies: + babel-runtime "^6.9.0" + babel-types "^6.18.0" + esutils "^2.0.0" + lodash "^4.2.0" + + babel-helper-call-delegate@^6.18.0: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-helper-call-delegate/-/babel-helper-call-delegate-6.18.0.tgz#05b14aafa430884b034097ef29e9f067ea4133bd" + dependencies: + babel-helper-hoist-variables "^6.18.0" + babel-runtime "^6.0.0" + babel-traverse "^6.18.0" + babel-types "^6.18.0" + + babel-helper-define-map@^6.18.0, babel-helper-define-map@^6.8.0: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-helper-define-map/-/babel-helper-define-map-6.18.0.tgz#8d6c85dc7fbb4c19be3de40474d18e97c3676ec2" + dependencies: + babel-helper-function-name "^6.18.0" + babel-runtime "^6.9.0" + babel-types "^6.18.0" + lodash "^4.2.0" + + babel-helper-explode-assignable-expression@^6.18.0: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-helper-explode-assignable-expression/-/babel-helper-explode-assignable-expression-6.18.0.tgz#14b8e8c2d03ad735d4b20f1840b24cd1f65239fe" + dependencies: + babel-runtime "^6.0.0" + babel-traverse "^6.18.0" + babel-types "^6.18.0" + + babel-helper-explode-class@^6.8.0: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-helper-explode-class/-/babel-helper-explode-class-6.18.0.tgz#c44f76f4fa23b9c5d607cbac5d4115e7a76f62cb" + dependencies: + babel-helper-bindify-decorators "^6.18.0" + babel-runtime "^6.0.0" + babel-traverse "^6.18.0" + babel-types "^6.18.0" + + babel-helper-function-name@^6.18.0, babel-helper-function-name@^6.8.0: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-helper-function-name/-/babel-helper-function-name-6.18.0.tgz#68ec71aeba1f3e28b2a6f0730190b754a9bf30e6" + dependencies: + babel-helper-get-function-arity "^6.18.0" + babel-runtime "^6.0.0" + babel-template "^6.8.0" + babel-traverse "^6.18.0" + babel-types "^6.18.0" + + babel-helper-get-function-arity@^6.18.0: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-helper-get-function-arity/-/babel-helper-get-function-arity-6.18.0.tgz#a5b19695fd3f9cdfc328398b47dafcd7094f9f24" + dependencies: + babel-runtime "^6.0.0" + babel-types "^6.18.0" + + babel-helper-hoist-variables@^6.18.0: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-helper-hoist-variables/-/babel-helper-hoist-variables-6.18.0.tgz#a835b5ab8b46d6de9babefae4d98ea41e866b82a" + dependencies: + babel-runtime "^6.0.0" + babel-types "^6.18.0" + + babel-helper-optimise-call-expression@^6.18.0: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-helper-optimise-call-expression/-/babel-helper-optimise-call-expression-6.18.0.tgz#9261d0299ee1a4f08a6dd28b7b7c777348fd8f0f" + dependencies: + babel-runtime "^6.0.0" + babel-types "^6.18.0" + + babel-helper-regex@^6.8.0: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-helper-regex/-/babel-helper-regex-6.18.0.tgz#ae0ebfd77de86cb2f1af258e2cc20b5fe893ecc6" + dependencies: + babel-runtime "^6.9.0" + babel-types "^6.18.0" + lodash "^4.2.0" + + babel-helper-remap-async-to-generator@^6.16.0, babel-helper-remap-async-to-generator@^6.16.2: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-helper-remap-async-to-generator/-/babel-helper-remap-async-to-generator-6.18.0.tgz#336cdf3cab650bb191b02fc16a3708e7be7f9ce5" + dependencies: + babel-helper-function-name "^6.18.0" + babel-runtime "^6.0.0" + babel-template "^6.16.0" + babel-traverse "^6.18.0" + babel-types "^6.18.0" + + babel-helper-replace-supers@^6.18.0, babel-helper-replace-supers@^6.8.0: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-helper-replace-supers/-/babel-helper-replace-supers-6.18.0.tgz#28ec69877be4144dbd64f4cc3a337e89f29a924e" + dependencies: + babel-helper-optimise-call-expression "^6.18.0" + babel-messages "^6.8.0" + babel-runtime "^6.0.0" + babel-template "^6.16.0" + babel-traverse "^6.18.0" + babel-types "^6.18.0" + + babel-helpers@^6.16.0: + version "6.16.0" + resolved "https://registry.yarnpkg.com/babel-helpers/-/babel-helpers-6.16.0.tgz#1095ec10d99279460553e67eb3eee9973d3867e3" + dependencies: + babel-runtime "^6.0.0" + babel-template "^6.16.0" + + babel-messages@^6.8.0: + version "6.8.0" + resolved "https://registry.yarnpkg.com/babel-messages/-/babel-messages-6.8.0.tgz#bf504736ca967e6d65ef0adb5a2a5f947c8e0eb9" + dependencies: + babel-runtime "^6.0.0" + + babel-plugin-check-es2015-constants@^6.3.13: + version "6.8.0" + resolved "https://registry.yarnpkg.com/babel-plugin-check-es2015-constants/-/babel-plugin-check-es2015-constants-6.8.0.tgz#dbf024c32ed37bfda8dee1e76da02386a8d26fe7" + dependencies: + babel-runtime "^6.0.0" + + babel-plugin-syntax-async-functions@^6.8.0: + version "6.13.0" + resolved "https://registry.yarnpkg.com/babel-plugin-syntax-async-functions/-/babel-plugin-syntax-async-functions-6.13.0.tgz#cad9cad1191b5ad634bf30ae0872391e0647be95" + + babel-plugin-syntax-async-generators@^6.5.0: + version "6.13.0" + resolved "https://registry.yarnpkg.com/babel-plugin-syntax-async-generators/-/babel-plugin-syntax-async-generators-6.13.0.tgz#6bc963ebb16eccbae6b92b596eb7f35c342a8b9a" + + babel-plugin-syntax-class-properties@^6.8.0: + version "6.13.0" + resolved "https://registry.yarnpkg.com/babel-plugin-syntax-class-properties/-/babel-plugin-syntax-class-properties-6.13.0.tgz#d7eb23b79a317f8543962c505b827c7d6cac27de" + + babel-plugin-syntax-decorators@^6.13.0: + version "6.13.0" + resolved "https://registry.yarnpkg.com/babel-plugin-syntax-decorators/-/babel-plugin-syntax-decorators-6.13.0.tgz#312563b4dbde3cc806cee3e416cceeaddd11ac0b" + + babel-plugin-syntax-exponentiation-operator@^6.8.0: + version "6.13.0" + resolved "https://registry.yarnpkg.com/babel-plugin-syntax-exponentiation-operator/-/babel-plugin-syntax-exponentiation-operator-6.13.0.tgz#9ee7e8337290da95288201a6a57f4170317830de" + + babel-plugin-syntax-flow@^6.18.0, babel-plugin-syntax-flow@^6.3.13: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-plugin-syntax-flow/-/babel-plugin-syntax-flow-6.18.0.tgz#4c3ab20a2af26aa20cd25995c398c4eb70310c8d" + + babel-plugin-syntax-jsx@^6.3.13, babel-plugin-syntax-jsx@^6.8.0: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-plugin-syntax-jsx/-/babel-plugin-syntax-jsx-6.18.0.tgz#0af32a9a6e13ca7a3fd5069e62d7b0f58d0d8946" + + babel-plugin-syntax-object-rest-spread@^6.8.0: + version "6.13.0" + resolved "https://registry.yarnpkg.com/babel-plugin-syntax-object-rest-spread/-/babel-plugin-syntax-object-rest-spread-6.13.0.tgz#fd6536f2bce13836ffa3a5458c4903a597bb3bf5" + + babel-plugin-syntax-trailing-function-commas@^6.3.13: + version "6.13.0" + resolved "https://registry.yarnpkg.com/babel-plugin-syntax-trailing-function-commas/-/babel-plugin-syntax-trailing-function-commas-6.13.0.tgz#2b84b7d53dd744f94ff1fad7669406274b23f541" + + babel-plugin-transform-async-generator-functions@^6.17.0: + version "6.17.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-async-generator-functions/-/babel-plugin-transform-async-generator-functions-6.17.0.tgz#d0b5a2b2f0940f2b245fa20a00519ed7bc6cae54" + dependencies: + babel-helper-remap-async-to-generator "^6.16.2" + babel-plugin-syntax-async-generators "^6.5.0" + babel-runtime "^6.0.0" + + babel-plugin-transform-async-to-generator@^6.16.0: + version "6.16.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-async-to-generator/-/babel-plugin-transform-async-to-generator-6.16.0.tgz#19ec36cb1486b59f9f468adfa42ce13908ca2999" + dependencies: + babel-helper-remap-async-to-generator "^6.16.0" + babel-plugin-syntax-async-functions "^6.8.0" + babel-runtime "^6.0.0" + + babel-plugin-transform-class-properties@^6.16.0: + version "6.19.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-class-properties/-/babel-plugin-transform-class-properties-6.19.0.tgz#1274b349abaadc835164e2004f4a2444a2788d5f" + dependencies: + babel-helper-function-name "^6.18.0" + babel-plugin-syntax-class-properties "^6.8.0" + babel-runtime "^6.9.1" + babel-template "^6.15.0" + + babel-plugin-transform-decorators@^6.13.0: + version "6.13.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-decorators/-/babel-plugin-transform-decorators-6.13.0.tgz#82d65c1470ae83e2d13eebecb0a1c2476d62da9d" + dependencies: + babel-helper-define-map "^6.8.0" + babel-helper-explode-class "^6.8.0" + babel-plugin-syntax-decorators "^6.13.0" + babel-runtime "^6.0.0" + babel-template "^6.8.0" + babel-types "^6.13.0" + + babel-plugin-transform-es2015-arrow-functions@^6.3.13: + version "6.8.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-arrow-functions/-/babel-plugin-transform-es2015-arrow-functions-6.8.0.tgz#5b63afc3181bdc9a8c4d481b5a4f3f7d7fef3d9d" + dependencies: + babel-runtime "^6.0.0" + + babel-plugin-transform-es2015-block-scoped-functions@^6.3.13: + version "6.8.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-block-scoped-functions/-/babel-plugin-transform-es2015-block-scoped-functions-6.8.0.tgz#ed95d629c4b5a71ae29682b998f70d9833eb366d" + dependencies: + babel-runtime "^6.0.0" + + babel-plugin-transform-es2015-block-scoping@^6.14.0: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-block-scoping/-/babel-plugin-transform-es2015-block-scoping-6.18.0.tgz#3bfdcfec318d46df22525cdea88f1978813653af" + dependencies: + babel-runtime "^6.9.0" + babel-template "^6.15.0" + babel-traverse "^6.18.0" + babel-types "^6.18.0" + lodash "^4.2.0" + + babel-plugin-transform-es2015-classes@^6.14.0: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-classes/-/babel-plugin-transform-es2015-classes-6.18.0.tgz#ffe7a17321bf83e494dcda0ae3fc72df48ffd1d9" + dependencies: + babel-helper-define-map "^6.18.0" + babel-helper-function-name "^6.18.0" + babel-helper-optimise-call-expression "^6.18.0" + babel-helper-replace-supers "^6.18.0" + babel-messages "^6.8.0" + babel-runtime "^6.9.0" + babel-template "^6.14.0" + babel-traverse "^6.18.0" + babel-types "^6.18.0" + + babel-plugin-transform-es2015-computed-properties@^6.3.13: + version "6.8.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-computed-properties/-/babel-plugin-transform-es2015-computed-properties-6.8.0.tgz#f51010fd61b3bd7b6b60a5fdfd307bb7a5279870" + dependencies: + babel-helper-define-map "^6.8.0" + babel-runtime "^6.0.0" + babel-template "^6.8.0" + + babel-plugin-transform-es2015-destructuring@^6.16.0: + version "6.19.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-destructuring/-/babel-plugin-transform-es2015-destructuring-6.19.0.tgz#ff1d911c4b3f4cab621bd66702a869acd1900533" + dependencies: + babel-runtime "^6.9.0" + + babel-plugin-transform-es2015-duplicate-keys@^6.6.0: + version "6.8.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-duplicate-keys/-/babel-plugin-transform-es2015-duplicate-keys-6.8.0.tgz#fd8f7f7171fc108cc1c70c3164b9f15a81c25f7d" + dependencies: + babel-runtime "^6.0.0" + babel-types "^6.8.0" + + babel-plugin-transform-es2015-for-of@^6.6.0: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-for-of/-/babel-plugin-transform-es2015-for-of-6.18.0.tgz#4c517504db64bf8cfc119a6b8f177211f2028a70" + dependencies: + babel-runtime "^6.0.0" + + babel-plugin-transform-es2015-function-name@^6.9.0: + version "6.9.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-function-name/-/babel-plugin-transform-es2015-function-name-6.9.0.tgz#8c135b17dbd064e5bba56ec511baaee2fca82719" + dependencies: + babel-helper-function-name "^6.8.0" + babel-runtime "^6.9.0" + babel-types "^6.9.0" + + babel-plugin-transform-es2015-literals@^6.3.13: + version "6.8.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-literals/-/babel-plugin-transform-es2015-literals-6.8.0.tgz#50aa2e5c7958fc2ab25d74ec117e0cc98f046468" + dependencies: + babel-runtime "^6.0.0" + + babel-plugin-transform-es2015-modules-amd@^6.18.0, babel-plugin-transform-es2015-modules-amd@^6.8.0: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-modules-amd/-/babel-plugin-transform-es2015-modules-amd-6.18.0.tgz#49a054cbb762bdf9ae2d8a807076cfade6141e40" + dependencies: + babel-plugin-transform-es2015-modules-commonjs "^6.18.0" + babel-runtime "^6.0.0" + babel-template "^6.8.0" + + babel-plugin-transform-es2015-modules-commonjs@^6.16.0, babel-plugin-transform-es2015-modules-commonjs@^6.18.0: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-modules-commonjs/-/babel-plugin-transform-es2015-modules-commonjs-6.18.0.tgz#c15ae5bb11b32a0abdcc98a5837baa4ee8d67bcc" + dependencies: + babel-plugin-transform-strict-mode "^6.18.0" + babel-runtime "^6.0.0" + babel-template "^6.16.0" + babel-types "^6.18.0" + + babel-plugin-transform-es2015-modules-systemjs@^6.14.0: + version "6.19.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-modules-systemjs/-/babel-plugin-transform-es2015-modules-systemjs-6.19.0.tgz#50438136eba74527efa00a5b0fefaf1dc4071da6" + dependencies: + babel-helper-hoist-variables "^6.18.0" + babel-runtime "^6.11.6" + babel-template "^6.14.0" + + babel-plugin-transform-es2015-modules-umd@^6.12.0: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-modules-umd/-/babel-plugin-transform-es2015-modules-umd-6.18.0.tgz#23351770ece5c1f8e83ed67cb1d7992884491e50" + dependencies: + babel-plugin-transform-es2015-modules-amd "^6.18.0" + babel-runtime "^6.0.0" + babel-template "^6.8.0" + + babel-plugin-transform-es2015-object-super@^6.3.13: + version "6.8.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-object-super/-/babel-plugin-transform-es2015-object-super-6.8.0.tgz#1b858740a5a4400887c23dcff6f4d56eea4a24c5" + dependencies: + babel-helper-replace-supers "^6.8.0" + babel-runtime "^6.0.0" + + babel-plugin-transform-es2015-parameters@^6.16.0: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-parameters/-/babel-plugin-transform-es2015-parameters-6.18.0.tgz#9b2cfe238c549f1635ba27fc1daa858be70608b1" + dependencies: + babel-helper-call-delegate "^6.18.0" + babel-helper-get-function-arity "^6.18.0" + babel-runtime "^6.9.0" + babel-template "^6.16.0" + babel-traverse "^6.18.0" + babel-types "^6.18.0" + + babel-plugin-transform-es2015-shorthand-properties@^6.3.13: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-shorthand-properties/-/babel-plugin-transform-es2015-shorthand-properties-6.18.0.tgz#e2ede3b7df47bf980151926534d1dd0cbea58f43" + dependencies: + babel-runtime "^6.0.0" + babel-types "^6.18.0" + + babel-plugin-transform-es2015-spread@^6.3.13: + version "6.8.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-spread/-/babel-plugin-transform-es2015-spread-6.8.0.tgz#0217f737e3b821fa5a669f187c6ed59205f05e9c" + dependencies: + babel-runtime "^6.0.0" + + babel-plugin-transform-es2015-sticky-regex@^6.3.13: + version "6.8.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-sticky-regex/-/babel-plugin-transform-es2015-sticky-regex-6.8.0.tgz#e73d300a440a35d5c64f5c2a344dc236e3df47be" + dependencies: + babel-helper-regex "^6.8.0" + babel-runtime "^6.0.0" + babel-types "^6.8.0" + + babel-plugin-transform-es2015-template-literals@^6.6.0: + version "6.8.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-template-literals/-/babel-plugin-transform-es2015-template-literals-6.8.0.tgz#86eb876d0a2c635da4ec048b4f7de9dfc897e66b" + dependencies: + babel-runtime "^6.0.0" + + babel-plugin-transform-es2015-typeof-symbol@^6.6.0: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-typeof-symbol/-/babel-plugin-transform-es2015-typeof-symbol-6.18.0.tgz#0b14c48629c90ff47a0650077f6aa699bee35798" + dependencies: + babel-runtime "^6.0.0" + + babel-plugin-transform-es2015-unicode-regex@^6.3.13: + version "6.11.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-unicode-regex/-/babel-plugin-transform-es2015-unicode-regex-6.11.0.tgz#6298ceabaad88d50a3f4f392d8de997260f6ef2c" + dependencies: + babel-helper-regex "^6.8.0" + babel-runtime "^6.0.0" + regexpu-core "^2.0.0" + + babel-plugin-transform-exponentiation-operator@^6.3.13: + version "6.8.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-exponentiation-operator/-/babel-plugin-transform-exponentiation-operator-6.8.0.tgz#db25742e9339eade676ca9acec46f955599a68a4" + dependencies: + babel-helper-builder-binary-assignment-operator-visitor "^6.8.0" + babel-plugin-syntax-exponentiation-operator "^6.8.0" + babel-runtime "^6.0.0" + + babel-plugin-transform-flow-strip-types@^6.3.13: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-flow-strip-types/-/babel-plugin-transform-flow-strip-types-6.18.0.tgz#4d3e642158661e9b40db457c004a30817fa32592" + dependencies: + babel-plugin-syntax-flow "^6.18.0" + babel-runtime "^6.0.0" + + babel-plugin-transform-object-rest-spread@^6.16.0: + version "6.19.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-object-rest-spread/-/babel-plugin-transform-object-rest-spread-6.19.0.tgz#f6ac428ee3cb4c6aa00943ed1422ce813603b34c" + dependencies: + babel-plugin-syntax-object-rest-spread "^6.8.0" + babel-runtime "^6.0.0" + + babel-plugin-transform-react-display-name@^6.3.13: + version "6.8.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-react-display-name/-/babel-plugin-transform-react-display-name-6.8.0.tgz#f7a084977383d728bdbdc2835bba0159577f660e" + dependencies: + babel-runtime "^6.0.0" + + babel-plugin-transform-react-jsx-self@^6.11.0: + version "6.11.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-react-jsx-self/-/babel-plugin-transform-react-jsx-self-6.11.0.tgz#605c9450c1429f97a930f7e1dfe3f0d9d0dbd0f4" + dependencies: + babel-plugin-syntax-jsx "^6.8.0" + babel-runtime "^6.9.0" + + babel-plugin-transform-react-jsx-source@^6.3.13: + version "6.9.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-react-jsx-source/-/babel-plugin-transform-react-jsx-source-6.9.0.tgz#af684a05c2067a86e0957d4f343295ccf5dccf00" + dependencies: + babel-plugin-syntax-jsx "^6.8.0" + babel-runtime "^6.9.0" + + babel-plugin-transform-react-jsx@^6.3.13: + version "6.8.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-react-jsx/-/babel-plugin-transform-react-jsx-6.8.0.tgz#94759942f70af18c617189aa7f3593f1644a71ab" + dependencies: + babel-helper-builder-react-jsx "^6.8.0" + babel-plugin-syntax-jsx "^6.8.0" + babel-runtime "^6.0.0" + + babel-plugin-transform-regenerator@^6.16.0: + version "6.16.1" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-regenerator/-/babel-plugin-transform-regenerator-6.16.1.tgz#a75de6b048a14154aae14b0122756c5bed392f59" + dependencies: + babel-runtime "^6.9.0" + babel-types "^6.16.0" + private "~0.1.5" + + babel-plugin-transform-strict-mode@^6.18.0: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-strict-mode/-/babel-plugin-transform-strict-mode-6.18.0.tgz#df7cf2991fe046f44163dcd110d5ca43bc652b9d" + dependencies: + babel-runtime "^6.0.0" + babel-types "^6.18.0" + + babel-polyfill@^6.16.0: + version "6.16.0" + resolved "https://registry.yarnpkg.com/babel-polyfill/-/babel-polyfill-6.16.0.tgz#2d45021df87e26a374b6d4d1a9c65964d17f2422" + dependencies: + babel-runtime "^6.9.1" + core-js "^2.4.0" + regenerator-runtime "^0.9.5" + + babel-preset-es2015@6.16.0: + version "6.16.0" + resolved "https://registry.yarnpkg.com/babel-preset-es2015/-/babel-preset-es2015-6.16.0.tgz#59acecd1efbebaf48f89404840f2fe78c4d2ad5c" + dependencies: + babel-plugin-check-es2015-constants "^6.3.13" + babel-plugin-transform-es2015-arrow-functions "^6.3.13" + babel-plugin-transform-es2015-block-scoped-functions "^6.3.13" + babel-plugin-transform-es2015-block-scoping "^6.14.0" + babel-plugin-transform-es2015-classes "^6.14.0" + babel-plugin-transform-es2015-computed-properties "^6.3.13" + babel-plugin-transform-es2015-destructuring "^6.16.0" + babel-plugin-transform-es2015-duplicate-keys "^6.6.0" + babel-plugin-transform-es2015-for-of "^6.6.0" + babel-plugin-transform-es2015-function-name "^6.9.0" + babel-plugin-transform-es2015-literals "^6.3.13" + babel-plugin-transform-es2015-modules-amd "^6.8.0" + babel-plugin-transform-es2015-modules-commonjs "^6.16.0" + babel-plugin-transform-es2015-modules-systemjs "^6.14.0" + babel-plugin-transform-es2015-modules-umd "^6.12.0" + babel-plugin-transform-es2015-object-super "^6.3.13" + babel-plugin-transform-es2015-parameters "^6.16.0" + babel-plugin-transform-es2015-shorthand-properties "^6.3.13" + babel-plugin-transform-es2015-spread "^6.3.13" + babel-plugin-transform-es2015-sticky-regex "^6.3.13" + babel-plugin-transform-es2015-template-literals "^6.6.0" + babel-plugin-transform-es2015-typeof-symbol "^6.6.0" + babel-plugin-transform-es2015-unicode-regex "^6.3.13" + babel-plugin-transform-regenerator "^6.16.0" + + babel-preset-react@6.16.0: + version "6.16.0" + resolved "https://registry.yarnpkg.com/babel-preset-react/-/babel-preset-react-6.16.0.tgz#aa117d60de0928607e343c4828906e4661824316" + dependencies: + babel-plugin-syntax-flow "^6.3.13" + babel-plugin-syntax-jsx "^6.3.13" + babel-plugin-transform-flow-strip-types "^6.3.13" + babel-plugin-transform-react-display-name "^6.3.13" + babel-plugin-transform-react-jsx "^6.3.13" + babel-plugin-transform-react-jsx-self "^6.11.0" + babel-plugin-transform-react-jsx-source "^6.3.13" + + babel-preset-stage-2@6.17.0: + version "6.17.0" + resolved "https://registry.yarnpkg.com/babel-preset-stage-2/-/babel-preset-stage-2-6.17.0.tgz#dc4f84582781353cef36c41247eae5e36c4cae0d" + dependencies: + babel-plugin-transform-class-properties "^6.16.0" + babel-plugin-transform-decorators "^6.13.0" + babel-preset-stage-3 "^6.17.0" + + babel-preset-stage-3@^6.17.0: + version "6.17.0" + resolved "https://registry.yarnpkg.com/babel-preset-stage-3/-/babel-preset-stage-3-6.17.0.tgz#b6638e46db6e91e3f889013d8ce143917c685e39" + dependencies: + babel-plugin-syntax-trailing-function-commas "^6.3.13" + babel-plugin-transform-async-generator-functions "^6.17.0" + babel-plugin-transform-async-to-generator "^6.16.0" + babel-plugin-transform-exponentiation-operator "^6.3.13" + babel-plugin-transform-object-rest-spread "^6.16.0" + + babel-register@6.16.3, babel-register@^6.16.0: + version "6.16.3" + resolved "https://registry.yarnpkg.com/babel-register/-/babel-register-6.16.3.tgz#7b0c0ca7bfdeb9188ba4c27e5fcb7599a497c624" + dependencies: + babel-core "^6.16.0" + babel-runtime "^6.11.6" + core-js "^2.4.0" + home-or-tmp "^1.0.0" + lodash "^4.2.0" + mkdirp "^0.5.1" + path-exists "^1.0.0" + source-map-support "^0.4.2" + + babel-runtime@^6.0.0, babel-runtime@^6.11.6, babel-runtime@^6.9.0, babel-runtime@^6.9.1: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-runtime/-/babel-runtime-6.18.0.tgz#0f4177ffd98492ef13b9f823e9994a02584c9078" + dependencies: + core-js "^2.4.0" + regenerator-runtime "^0.9.5" + + babel-template@^6.14.0, babel-template@^6.15.0, babel-template@^6.16.0, babel-template@^6.8.0: + version "6.16.0" + resolved "https://registry.yarnpkg.com/babel-template/-/babel-template-6.16.0.tgz#e149dd1a9f03a35f817ddbc4d0481988e7ebc8ca" + dependencies: + babel-runtime "^6.9.0" + babel-traverse "^6.16.0" + babel-types "^6.16.0" + babylon "^6.11.0" + lodash "^4.2.0" + + babel-traverse@^6.15.0, babel-traverse@^6.16.0, babel-traverse@^6.18.0: + version "6.19.0" + resolved "https://registry.yarnpkg.com/babel-traverse/-/babel-traverse-6.19.0.tgz#68363fb821e26247d52a519a84b2ceab8df4f55a" + dependencies: + babel-code-frame "^6.16.0" + babel-messages "^6.8.0" + babel-runtime "^6.9.0" + babel-types "^6.19.0" + babylon "^6.11.0" + debug "^2.2.0" + globals "^9.0.0" + invariant "^2.2.0" + lodash "^4.2.0" + + babel-types@^6.13.0, babel-types@^6.15.0, babel-types@^6.16.0, babel-types@^6.18.0, babel-types@^6.19.0, babel-types@^6.8.0, babel-types@^6.9.0: + version "6.19.0" + resolved "https://registry.yarnpkg.com/babel-types/-/babel-types-6.19.0.tgz#8db2972dbed01f1192a8b602ba1e1e4c516240b9" + dependencies: + babel-runtime "^6.9.1" + esutils "^2.0.2" + lodash "^4.2.0" + to-fast-properties "^1.0.1" + + babylon@^6.11.0, babylon@^6.11.2: + version "6.14.1" + resolved "https://registry.yarnpkg.com/babylon/-/babylon-6.14.1.tgz#956275fab72753ad9b3435d7afe58f8bf0a29815" + + backo2@^1.0.2: + version "1.0.2" + resolved "https://registry.yarnpkg.com/backo2/-/backo2-1.0.2.tgz#31ab1ac8b129363463e35b3ebb69f4dfcfba7947" + + balanced-match@^0.4.1: + version "0.4.2" + resolved "https://registry.yarnpkg.com/balanced-match/-/balanced-match-0.4.2.tgz#cb3f3e3c732dc0f01ee70b403f302e61d7709838" + + base64-url@1.3.3: + version "1.3.3" + resolved "https://registry.yarnpkg.com/base64-url/-/base64-url-1.3.3.tgz#f8b6c537f09a4fc58c99cb86e0b0e9c61461a20f" + + base64url@2.0.0, base64url@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/base64url/-/base64url-2.0.0.tgz#eac16e03ea1438eff9423d69baa36262ed1f70bb" + + basic-auth@~1.1.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/basic-auth/-/basic-auth-1.1.0.tgz#45221ee429f7ee1e5035be3f51533f1cdfd29884" + + bcrypt-pbkdf@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.0.tgz#3ca76b85241c7170bf7d9703e7b9aa74630040d4" + dependencies: + tweetnacl "^0.14.3" + + bcrypt@^1.0.2: + version "1.0.2" + resolved "https://registry.yarnpkg.com/bcrypt/-/bcrypt-1.0.2.tgz#d05fc5d223173e0e28ec381c0f00cc25ffaf2736" + dependencies: + bindings "1.2.1" + nan "2.5.0" + node-pre-gyp "0.6.32" + + bin-version-check@^2.1.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/bin-version-check/-/bin-version-check-2.1.0.tgz#e4e5df290b9069f7d111324031efc13fdd11a5b0" + dependencies: + bin-version "^1.0.0" + minimist "^1.1.0" + semver "^4.0.3" + semver-truncate "^1.0.0" + + bin-version@^1.0.0: + version "1.0.4" + resolved "https://registry.yarnpkg.com/bin-version/-/bin-version-1.0.4.tgz#9eb498ee6fd76f7ab9a7c160436f89579435d78e" + dependencies: + find-versions "^1.0.0" + + binary-extensions@^1.0.0: + version "1.8.0" + resolved "https://registry.yarnpkg.com/binary-extensions/-/binary-extensions-1.8.0.tgz#48ec8d16df4377eae5fa5884682480af4d95c774" + + bindings@1.2.1: + version "1.2.1" + resolved "https://registry.yarnpkg.com/bindings/-/bindings-1.2.1.tgz#14ad6113812d2d37d72e67b4cacb4bb726505f11" + + bl@^1.0.0: + version "1.1.2" + resolved "https://registry.yarnpkg.com/bl/-/bl-1.1.2.tgz#fdca871a99713aa00d19e3bbba41c44787a65398" + dependencies: + readable-stream "~2.0.5" + + block-stream@*: + version "0.0.9" + resolved "https://registry.yarnpkg.com/block-stream/-/block-stream-0.0.9.tgz#13ebfe778a03205cfe03751481ebb4b3300c126a" + dependencies: + inherits "~2.0.0" + + body-parser@1.15.2: + version "1.15.2" + resolved "https://registry.yarnpkg.com/body-parser/-/body-parser-1.15.2.tgz#d7578cf4f1d11d5f6ea804cef35dc7a7ff6dae67" + dependencies: + bytes "2.4.0" + content-type "~1.0.2" + debug "~2.2.0" + depd "~1.1.0" + http-errors "~1.5.0" + iconv-lite "0.4.13" + on-finished "~2.3.0" + qs "6.2.0" + raw-body "~2.1.7" + type-is "~1.6.13" + + boom@2.x.x: + version "2.10.1" + resolved "https://registry.yarnpkg.com/boom/-/boom-2.10.1.tgz#39c8918ceff5799f83f9492a848f625add0c766f" + dependencies: + hoek "2.x.x" + + boom@^4.0.0: + version "4.3.0" + resolved "https://registry.yarnpkg.com/boom/-/boom-4.3.0.tgz#1ed1b4b8cd6891b602910debe33e1d511531b847" + dependencies: + hoek "4.x.x" + + brace-expansion@^1.0.0: + version "1.1.6" + resolved "https://registry.yarnpkg.com/brace-expansion/-/brace-expansion-1.1.6.tgz#7197d7eaa9b87e648390ea61fc66c84427420df9" + dependencies: + balanced-match "^0.4.1" + concat-map "0.0.1" + + braces@^1.8.2: + version "1.8.5" + resolved "https://registry.yarnpkg.com/braces/-/braces-1.8.5.tgz#ba77962e12dff969d6b76711e914b737857bf6a7" + dependencies: + expand-range "^1.8.1" + preserve "^0.2.0" + repeat-element "^1.1.2" + + browser-stdout@1.3.0: + version "1.3.0" + resolved "https://registry.yarnpkg.com/browser-stdout/-/browser-stdout-1.3.0.tgz#f351d32969d32fa5d7a5567154263d928ae3bd1f" + + bson@~1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/bson/-/bson-1.0.1.tgz#3a5addb0f2ff88bc3436e708e4bdb8637602d72d" + + buffer-crc32@~0.2.3: + version "0.2.13" + resolved "https://registry.yarnpkg.com/buffer-crc32/-/buffer-crc32-0.2.13.tgz#0d333e3f00eac50aa1454abd30ef8c2a5d9a7242" + + buffer-equal-constant-time@1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/buffer-equal-constant-time/-/buffer-equal-constant-time-1.0.1.tgz#f8e71132f7ffe6e01a5c9697a4c6f3e48d5cc819" + + buffer-shims@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/buffer-shims/-/buffer-shims-1.0.0.tgz#9978ce317388c649ad8793028c3477ef044a8b51" + + buffer-to-vinyl@^1.0.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/buffer-to-vinyl/-/buffer-to-vinyl-1.1.0.tgz#00f15faee3ab7a1dda2cde6d9121bffdd07b2262" + dependencies: + file-type "^3.1.0" + readable-stream "^2.0.2" + uuid "^2.0.1" + vinyl "^1.0.0" + + builtin-modules@^1.0.0, builtin-modules@^1.1.1: + version "1.1.1" + resolved "https://registry.yarnpkg.com/builtin-modules/-/builtin-modules-1.1.1.tgz#270f076c5a72c02f5b65a47df94c5fe3a278892f" + + bytes@2.4.0: + version "2.4.0" + resolved "https://registry.yarnpkg.com/bytes/-/bytes-2.4.0.tgz#7d97196f9d5baf7f6935e25985549edd2a6c2339" + + caller-path@^0.1.0: + version "0.1.0" + resolved "https://registry.yarnpkg.com/caller-path/-/caller-path-0.1.0.tgz#94085ef63581ecd3daa92444a8fe94e82577751f" + dependencies: + callsites "^0.2.0" + + callsites@^0.2.0: + version "0.2.0" + resolved "https://registry.yarnpkg.com/callsites/-/callsites-0.2.0.tgz#afab96262910a7f33c19a5775825c69f34e350ca" + + camelcase-keys@^2.0.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/camelcase-keys/-/camelcase-keys-2.1.0.tgz#308beeaffdf28119051efa1d932213c91b8f92e7" + dependencies: + camelcase "^2.0.0" + map-obj "^1.0.0" + + camelcase@^2.0.0, camelcase@^2.0.1: + version "2.1.1" + resolved "https://registry.yarnpkg.com/camelcase/-/camelcase-2.1.1.tgz#7c1d16d679a1bbe59ca02cacecfb011e201f5a1f" + + caseless@~0.11.0: + version "0.11.0" + resolved "https://registry.yarnpkg.com/caseless/-/caseless-0.11.0.tgz#715b96ea9841593cc33067923f5ec60ebda4f7d7" + + chai@^3.5.0: + version "3.5.0" + resolved "https://registry.yarnpkg.com/chai/-/chai-3.5.0.tgz#4d02637b067fe958bdbfdd3a40ec56fef7373247" + dependencies: + assertion-error "^1.0.1" + deep-eql "^0.1.3" + type-detect "^1.0.0" + + chalk@1.1.1: + version "1.1.1" + resolved "https://registry.yarnpkg.com/chalk/-/chalk-1.1.1.tgz#509afb67066e7499f7eb3535c77445772ae2d019" + dependencies: + ansi-styles "^2.1.0" + escape-string-regexp "^1.0.2" + has-ansi "^2.0.0" + strip-ansi "^3.0.0" + supports-color "^2.0.0" + + chalk@^1.0.0, chalk@^1.1.0, chalk@^1.1.1, chalk@^1.1.3: + version "1.1.3" + resolved "https://registry.yarnpkg.com/chalk/-/chalk-1.1.3.tgz#a8115c55e4a702fe4d150abd3872822a7e09fc98" + dependencies: + ansi-styles "^2.2.1" + escape-string-regexp "^1.0.2" + has-ansi "^2.0.0" + strip-ansi "^3.0.0" + supports-color "^2.0.0" + + chokidar@^1.0.0, chokidar@^1.4.3: + version "1.6.1" + resolved "https://registry.yarnpkg.com/chokidar/-/chokidar-1.6.1.tgz#2f4447ab5e96e50fb3d789fd90d4c72e0e4c70c2" + dependencies: + anymatch "^1.3.0" + async-each "^1.0.0" + glob-parent "^2.0.0" + inherits "^2.0.1" + is-binary-path "^1.0.0" + is-glob "^2.0.0" + path-is-absolute "^1.0.0" + readdirp "^2.0.0" + optionalDependencies: + fsevents "^1.0.0" + + circular-json@^0.3.0: + version "0.3.1" + resolved "https://registry.yarnpkg.com/circular-json/-/circular-json-0.3.1.tgz#be8b36aefccde8b3ca7aa2d6afc07a37242c0d2d" + + cli-cursor@^1.0.1: + version "1.0.2" + resolved "https://registry.yarnpkg.com/cli-cursor/-/cli-cursor-1.0.2.tgz#64da3f7d56a54412e59794bd62dc35295e8f2987" + dependencies: + restore-cursor "^1.0.1" + + cli-width@^2.0.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/cli-width/-/cli-width-2.1.0.tgz#b234ca209b29ef66fc518d9b98d5847b00edf00a" + + cliui@^3.0.3: + version "3.2.0" + resolved "https://registry.yarnpkg.com/cliui/-/cliui-3.2.0.tgz#120601537a916d29940f934da3b48d585a39213d" + dependencies: + string-width "^1.0.1" + strip-ansi "^3.0.1" + wrap-ansi "^2.0.0" + + clone-stats@^0.0.1: + version "0.0.1" + resolved "https://registry.yarnpkg.com/clone-stats/-/clone-stats-0.0.1.tgz#b88f94a82cf38b8791d58046ea4029ad88ca99d1" + + clone@^0.2.0: + version "0.2.0" + resolved "https://registry.yarnpkg.com/clone/-/clone-0.2.0.tgz#c6126a90ad4f72dbf5acdb243cc37724fe93fc1f" + + clone@^1.0.0: + version "1.0.2" + resolved "https://registry.yarnpkg.com/clone/-/clone-1.0.2.tgz#260b7a99ebb1edfe247538175f783243cb19d149" + + co@^4.6.0: + version "4.6.0" + resolved "https://registry.yarnpkg.com/co/-/co-4.6.0.tgz#6ea6bdf3d853ae54ccb8e47bfa0bf3f9031fb184" + + code-point-at@^1.0.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/code-point-at/-/code-point-at-1.1.0.tgz#0d070b4d043a5bea33a2f1a40e2edb3d9a4ccf77" + + colors@1.0.x: + version "1.0.3" + resolved "https://registry.yarnpkg.com/colors/-/colors-1.0.3.tgz#0433f44d809680fdeb60ed260f1b0c262e82a40b" + + combined-stream@^1.0.5, combined-stream@~1.0.5: + version "1.0.5" + resolved "https://registry.yarnpkg.com/combined-stream/-/combined-stream-1.0.5.tgz#938370a57b4a51dea2c77c15d5c5fdf895164009" + dependencies: + delayed-stream "~1.0.0" + + commander@2.9.0, commander@^2.8.1, commander@^2.9.0: + version "2.9.0" + resolved "https://registry.yarnpkg.com/commander/-/commander-2.9.0.tgz#9c99094176e12240cb22d6c5146098400fe0f7d4" + dependencies: + graceful-readlink ">= 1.0.0" + + commander@~2.8.1: + version "2.8.1" + resolved "https://registry.yarnpkg.com/commander/-/commander-2.8.1.tgz#06be367febfda0c330aa1e2a072d3dc9762425d4" + dependencies: + graceful-readlink ">= 1.0.0" + + concat-map@0.0.1: + version "0.0.1" + resolved "https://registry.yarnpkg.com/concat-map/-/concat-map-0.0.1.tgz#d8a96bd77fd68df7793a73036a3ba0d5405d477b" + + concat-stream@^1.4.6, concat-stream@^1.4.7: + version "1.5.2" + resolved "https://registry.yarnpkg.com/concat-stream/-/concat-stream-1.5.2.tgz#708978624d856af41a5a741defdd261da752c266" + dependencies: + inherits "~2.0.1" + readable-stream "~2.0.0" + typedarray "~0.0.5" + + configstore@^1.0.0: + version "1.4.0" + resolved "https://registry.yarnpkg.com/configstore/-/configstore-1.4.0.tgz#c35781d0501d268c25c54b8b17f6240e8a4fb021" + dependencies: + graceful-fs "^4.1.2" + mkdirp "^0.5.0" + object-assign "^4.0.1" + os-tmpdir "^1.0.0" + osenv "^0.1.0" + uuid "^2.0.1" + write-file-atomic "^1.1.2" + xdg-basedir "^2.0.0" + + console-control-strings@^1.0.0, console-control-strings@~1.1.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/console-control-strings/-/console-control-strings-1.1.0.tgz#3d7cf4464db6446ea644bf4b39507f9851008e8e" + + contains-path@^0.1.0: + version "0.1.0" + resolved "https://registry.yarnpkg.com/contains-path/-/contains-path-0.1.0.tgz#fe8cf184ff6670b6baef01a9d4861a5cbec4120a" + + content-disposition@0.5.1: + version "0.5.1" + resolved "https://registry.yarnpkg.com/content-disposition/-/content-disposition-0.5.1.tgz#87476c6a67c8daa87e32e87616df883ba7fb071b" + + content-type@~1.0.2: + version "1.0.2" + resolved "https://registry.yarnpkg.com/content-type/-/content-type-1.0.2.tgz#b7d113aee7a8dd27bd21133c4dc2529df1721eed" + + convert-source-map@^1.1.0, convert-source-map@^1.1.1: + version "1.3.0" + resolved "https://registry.yarnpkg.com/convert-source-map/-/convert-source-map-1.3.0.tgz#e9f3e9c6e2728efc2676696a70eb382f73106a67" + + cookie-signature@1.0.6: + version "1.0.6" + resolved "https://registry.yarnpkg.com/cookie-signature/-/cookie-signature-1.0.6.tgz#e303a882b342cc3ee8ca513a79999734dab3ae2c" + + cookie@0.3.1: + version "0.3.1" + resolved "https://registry.yarnpkg.com/cookie/-/cookie-0.3.1.tgz#e7e0a1f9ef43b4c8ba925c5c5a96e806d16873bb" + + core-js@^2.4.0: + version "2.4.1" + resolved "https://registry.yarnpkg.com/core-js/-/core-js-2.4.1.tgz#4de911e667b0eae9124e34254b53aea6fc618d3e" + + core-util-is@~1.0.0: + version "1.0.2" + resolved "https://registry.yarnpkg.com/core-util-is/-/core-util-is-1.0.2.tgz#b5fd54220aa2bc5ab57aab7140c940754503c1a7" + + cors: + version "2.8.1" + resolved "https://registry.yarnpkg.com/cors/-/cors-2.8.1.tgz#6181aa56abb45a2825be3304703747ae4e9d2383" + dependencies: + vary "^1" + + crc@3.4.0: + version "3.4.0" + resolved "https://registry.yarnpkg.com/crc/-/crc-3.4.0.tgz#4258e351613a74ef1153dfcb05e820c3e9715d7f" + + cryptiles@2.x.x: + version "2.0.5" + resolved "https://registry.yarnpkg.com/cryptiles/-/cryptiles-2.0.5.tgz#3bdfecdc608147c1c67202fa291e7dca59eaa3b8" + dependencies: + boom "2.x.x" + + currently-unhandled@^0.4.1: + version "0.4.1" + resolved "https://registry.yarnpkg.com/currently-unhandled/-/currently-unhandled-0.4.1.tgz#988df33feab191ef799a61369dd76c17adf957ea" + dependencies: + array-find-index "^1.0.1" + + cycle@1.0.x: + version "1.0.3" + resolved "https://registry.yarnpkg.com/cycle/-/cycle-1.0.3.tgz#21e80b2be8580f98b468f379430662b046c34ad2" + + d@^0.1.1, d@~0.1.1: + version "0.1.1" + resolved "https://registry.yarnpkg.com/d/-/d-0.1.1.tgz#da184c535d18d8ee7ba2aa229b914009fae11309" + dependencies: + es5-ext "~0.10.2" + + damerau-levenshtein@^1.0.0: + version "1.0.3" + resolved "https://registry.yarnpkg.com/damerau-levenshtein/-/damerau-levenshtein-1.0.3.tgz#ae4f4ce0b62acae10ff63a01bb08f652f5213af2" + + dashdash@^1.12.0: + version "1.14.1" + resolved "https://registry.yarnpkg.com/dashdash/-/dashdash-1.14.1.tgz#853cfa0f7cbe2fed5de20326b8dd581035f6e2f0" + dependencies: + assert-plus "^1.0.0" + + dataloader@^1.2.0: + version "1.2.0" + resolved "https://registry.yarnpkg.com/dataloader/-/dataloader-1.2.0.tgz#3f73ea657c492c860c1633348adc55ca9bf2107e" + + debug@2, debug@2.6.8, debug@^2.1.1, debug@^2.2.0: + version "2.6.8" + resolved "https://registry.yarnpkg.com/debug/-/debug-2.6.8.tgz#e731531ca2ede27d188222427da17821d68ff4fc" + dependencies: + ms "2.0.0" + + debug@2.2.0, debug@~2.2.0: + version "2.2.0" + resolved "https://registry.yarnpkg.com/debug/-/debug-2.2.0.tgz#f87057e995b1a1f6ae6a4960664137bc56f039da" + dependencies: + ms "0.7.1" + + decamelize@^1.1.1, decamelize@^1.1.2: + version "1.2.0" + resolved "https://registry.yarnpkg.com/decamelize/-/decamelize-1.2.0.tgz#f6534d15148269b20352e7bee26f501f9a191290" + + decompress-tar@^3.0.0: + version "3.1.0" + resolved "https://registry.yarnpkg.com/decompress-tar/-/decompress-tar-3.1.0.tgz#217c789f9b94450efaadc5c5e537978fc333c466" + dependencies: + is-tar "^1.0.0" + object-assign "^2.0.0" + strip-dirs "^1.0.0" + tar-stream "^1.1.1" + through2 "^0.6.1" + vinyl "^0.4.3" + + decompress-tarbz2@^3.0.0: + version "3.1.0" + resolved "https://registry.yarnpkg.com/decompress-tarbz2/-/decompress-tarbz2-3.1.0.tgz#8b23935681355f9f189d87256a0f8bdd96d9666d" + dependencies: + is-bzip2 "^1.0.0" + object-assign "^2.0.0" + seek-bzip "^1.0.3" + strip-dirs "^1.0.0" + tar-stream "^1.1.1" + through2 "^0.6.1" + vinyl "^0.4.3" + + decompress-targz@^3.0.0: + version "3.1.0" + resolved "https://registry.yarnpkg.com/decompress-targz/-/decompress-targz-3.1.0.tgz#b2c13df98166268991b715d6447f642e9696f5a0" + dependencies: + is-gzip "^1.0.0" + object-assign "^2.0.0" + strip-dirs "^1.0.0" + tar-stream "^1.1.1" + through2 "^0.6.1" + vinyl "^0.4.3" + + decompress-unzip@^3.0.0: + version "3.4.0" + resolved "https://registry.yarnpkg.com/decompress-unzip/-/decompress-unzip-3.4.0.tgz#61475b4152066bbe3fee12f9d629d15fe6478eeb" + dependencies: + is-zip "^1.0.0" + read-all-stream "^3.0.0" + stat-mode "^0.2.0" + strip-dirs "^1.0.0" + through2 "^2.0.0" + vinyl "^1.0.0" + yauzl "^2.2.1" + + decompress@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/decompress/-/decompress-3.0.0.tgz#af1dd50d06e3bfc432461d37de11b38c0d991bed" + dependencies: + buffer-to-vinyl "^1.0.0" + concat-stream "^1.4.6" + decompress-tar "^3.0.0" + decompress-tarbz2 "^3.0.0" + decompress-targz "^3.0.0" + decompress-unzip "^3.0.0" + stream-combiner2 "^1.1.1" + vinyl-assign "^1.0.1" + vinyl-fs "^2.2.0" + + deep-eql@^0.1.3: + version "0.1.3" + resolved "https://registry.yarnpkg.com/deep-eql/-/deep-eql-0.1.3.tgz#ef558acab8de25206cd713906d74e56930eb69f2" + dependencies: + type-detect "0.1.1" + + deep-extend@~0.4.0: + version "0.4.1" + resolved "https://registry.yarnpkg.com/deep-extend/-/deep-extend-0.4.1.tgz#efe4113d08085f4e6f9687759810f807469e2253" + + deep-is@~0.1.3: + version "0.1.3" + resolved "https://registry.yarnpkg.com/deep-is/-/deep-is-0.1.3.tgz#b369d6fb5dbc13eecf524f91b070feedc357cf34" + + del@^2.0.2: + version "2.2.2" + resolved "https://registry.yarnpkg.com/del/-/del-2.2.2.tgz#c12c981d067846c84bcaf862cff930d907ffd1a8" + dependencies: + globby "^5.0.0" + is-path-cwd "^1.0.0" + is-path-in-cwd "^1.0.0" + object-assign "^4.0.1" + pify "^2.0.0" + pinkie-promise "^2.0.0" + rimraf "^2.2.8" + + delayed-stream@~1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/delayed-stream/-/delayed-stream-1.0.0.tgz#df3ae199acadfb7d440aaae0b29e2272b24ec619" + + delegates@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/delegates/-/delegates-1.0.0.tgz#84c6e159b81904fdca59a0ef44cd870d31250f9a" + + denodeify@^1.2.1: + version "1.2.1" + resolved "https://registry.yarnpkg.com/denodeify/-/denodeify-1.2.1.tgz#3a36287f5034e699e7577901052c2e6c94251631" + + depd@~1.1.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/depd/-/depd-1.1.0.tgz#e1bd82c6aab6ced965b97b88b17ed3e528ca18c3" + + deprecated-decorator@^0.1.6: + version "0.1.6" + resolved "https://registry.yarnpkg.com/deprecated-decorator/-/deprecated-decorator-0.1.6.tgz#00966317b7a12fe92f3cc831f7583af329b86c37" + + destroy@~1.0.4: + version "1.0.4" + resolved "https://registry.yarnpkg.com/destroy/-/destroy-1.0.4.tgz#978857442c44749e4206613e37946205826abd80" + + detect-indent@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/detect-indent/-/detect-indent-4.0.0.tgz#f76d064352cdf43a1cb6ce619c4ee3a9475de208" + dependencies: + repeating "^2.0.0" + + diff@1.4.0: + version "1.4.0" + resolved "https://registry.yarnpkg.com/diff/-/diff-1.4.0.tgz#7f28d2eb9ee7b15a97efd89ce63dcfdaa3ccbabf" + + doctrine@1.3.x: + version "1.3.0" + resolved "https://registry.yarnpkg.com/doctrine/-/doctrine-1.3.0.tgz#13e75682b55518424276f7c173783456ef913d26" + dependencies: + esutils "^2.0.2" + isarray "^1.0.0" + + doctrine@^1.2.2: + version "1.5.0" + resolved "https://registry.yarnpkg.com/doctrine/-/doctrine-1.5.0.tgz#379dce730f6166f76cefa4e6707a159b02c5a6fa" + dependencies: + esutils "^2.0.2" + isarray "^1.0.0" + + dotenv@2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/dotenv/-/dotenv-2.0.0.tgz#bd759c357aaa70365e01c96b7b0bec08a6e0d949" + + duplexer2@~0.1.0: + version "0.1.4" + resolved "https://registry.yarnpkg.com/duplexer2/-/duplexer2-0.1.4.tgz#8b12dab878c0d69e3e7891051662a32fc6bddcc1" + dependencies: + readable-stream "^2.0.2" + + duplexer@~0.1.1: + version "0.1.1" + resolved "https://registry.yarnpkg.com/duplexer/-/duplexer-0.1.1.tgz#ace6ff808c1ce66b57d1ebf97977acb02334cfc1" + + duplexify@^3.2.0: + version "3.5.0" + resolved "https://registry.yarnpkg.com/duplexify/-/duplexify-3.5.0.tgz#1aa773002e1578457e9d9d4a50b0ccaaebcbd604" + dependencies: + end-of-stream "1.0.0" + inherits "^2.0.1" + readable-stream "^2.0.0" + stream-shift "^1.0.0" + + ecc-jsbn@~0.1.1: + version "0.1.1" + resolved "https://registry.yarnpkg.com/ecc-jsbn/-/ecc-jsbn-0.1.1.tgz#0fc73a9ed5f0d53c38193398523ef7e543777505" + dependencies: + jsbn "~0.1.0" + + ecdsa-sig-formatter@1.0.9: + version "1.0.9" + resolved "https://registry.yarnpkg.com/ecdsa-sig-formatter/-/ecdsa-sig-formatter-1.0.9.tgz#4bc926274ec3b5abb5016e7e1d60921ac262b2a1" + dependencies: + base64url "^2.0.0" + safe-buffer "^5.0.1" + + ee-first@1.1.1: + version "1.1.1" + resolved "https://registry.yarnpkg.com/ee-first/-/ee-first-1.1.1.tgz#590c61156b0ae2f4f0255732a158b266bc56b21d" + + encodeurl@~1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/encodeurl/-/encodeurl-1.0.1.tgz#79e3d58655346909fe6f0f45a5de68103b294d20" + + encoding@^0.1.11: + version "0.1.12" + resolved "https://registry.yarnpkg.com/encoding/-/encoding-0.1.12.tgz#538b66f3ee62cd1ab51ec323829d1f9480c74beb" + dependencies: + iconv-lite "~0.4.13" + + end-of-stream@1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/end-of-stream/-/end-of-stream-1.0.0.tgz#d4596e702734a93e40e9af864319eabd99ff2f0e" + dependencies: + once "~1.3.0" + + end-of-stream@^1.0.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/end-of-stream/-/end-of-stream-1.1.0.tgz#e9353258baa9108965efc41cb0ef8ade2f3cfb07" + dependencies: + once "~1.3.0" + + error-ex@^1.2.0: + version "1.3.0" + resolved "https://registry.yarnpkg.com/error-ex/-/error-ex-1.3.0.tgz#e67b43f3e82c96ea3a584ffee0b9fc3325d802d9" + dependencies: + is-arrayish "^0.2.1" + + es5-ext@^0.10.7, es5-ext@^0.10.8, es5-ext@~0.10.11, es5-ext@~0.10.2, es5-ext@~0.10.7: + version "0.10.12" + resolved "https://registry.yarnpkg.com/es5-ext/-/es5-ext-0.10.12.tgz#aa84641d4db76b62abba5e45fd805ecbab140047" + dependencies: + es6-iterator "2" + es6-symbol "~3.1" + + es6-iterator@2: + version "2.0.0" + resolved "https://registry.yarnpkg.com/es6-iterator/-/es6-iterator-2.0.0.tgz#bd968567d61635e33c0b80727613c9cb4b096bac" + dependencies: + d "^0.1.1" + es5-ext "^0.10.7" + es6-symbol "3" + + es6-map@^0.1.3: + version "0.1.4" + resolved "https://registry.yarnpkg.com/es6-map/-/es6-map-0.1.4.tgz#a34b147be224773a4d7da8072794cefa3632b897" + dependencies: + d "~0.1.1" + es5-ext "~0.10.11" + es6-iterator "2" + es6-set "~0.1.3" + es6-symbol "~3.1.0" + event-emitter "~0.3.4" + + es6-promise@3.2.1: + version "3.2.1" + resolved "https://registry.yarnpkg.com/es6-promise/-/es6-promise-3.2.1.tgz#ec56233868032909207170c39448e24449dd1fc4" + + es6-promise@^3.0.2, es6-promise@^3.2.1: + version "3.3.1" + resolved "https://registry.yarnpkg.com/es6-promise/-/es6-promise-3.3.1.tgz#a08cdde84ccdbf34d027a1451bc91d4bcd28a613" + + es6-set@~0.1.3: + version "0.1.4" + resolved "https://registry.yarnpkg.com/es6-set/-/es6-set-0.1.4.tgz#9516b6761c2964b92ff479456233a247dc707ce8" + dependencies: + d "~0.1.1" + es5-ext "~0.10.11" + es6-iterator "2" + es6-symbol "3" + event-emitter "~0.3.4" + + es6-symbol@3, es6-symbol@~3.1, es6-symbol@~3.1.0: + version "3.1.0" + resolved "https://registry.yarnpkg.com/es6-symbol/-/es6-symbol-3.1.0.tgz#94481c655e7a7cad82eba832d97d5433496d7ffa" + dependencies: + d "~0.1.1" + es5-ext "~0.10.11" + + es6-weak-map@^2.0.1: + version "2.0.1" + resolved "https://registry.yarnpkg.com/es6-weak-map/-/es6-weak-map-2.0.1.tgz#0d2bbd8827eb5fb4ba8f97fbfea50d43db21ea81" + dependencies: + d "^0.1.1" + es5-ext "^0.10.8" + es6-iterator "2" + es6-symbol "3" + + escape-html@~1.0.3: + version "1.0.3" + resolved "https://registry.yarnpkg.com/escape-html/-/escape-html-1.0.3.tgz#0258eae4d3d0c0974de1c169188ef0051d1d1988" + + escape-string-regexp@1.0.5, escape-string-regexp@^1.0.2, escape-string-regexp@^1.0.5: + version "1.0.5" + resolved "https://registry.yarnpkg.com/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz#1b61c0562190a8dff6ae3bb2cf0200ca130b86d4" + + escope@^3.6.0: + version "3.6.0" + resolved "https://registry.yarnpkg.com/escope/-/escope-3.6.0.tgz#e01975e812781a163a6dadfdd80398dc64c889c3" + dependencies: + es6-map "^0.1.3" + es6-weak-map "^2.0.1" + esrecurse "^4.1.0" + estraverse "^4.1.1" + + eslint-config-react-app@^0.4.0: + version "0.4.0" + resolved "https://registry.yarnpkg.com/eslint-config-react-app/-/eslint-config-react-app-0.4.0.tgz#7f87bfd2a35ed7aa17860b6b002b4197fea385d0" + + eslint-import-resolver-node@^0.2.0: + version "0.2.3" + resolved "https://registry.yarnpkg.com/eslint-import-resolver-node/-/eslint-import-resolver-node-0.2.3.tgz#5add8106e8c928db2cba232bcd9efa846e3da16c" + dependencies: + debug "^2.2.0" + object-assign "^4.0.1" + resolve "^1.1.6" + + eslint-module-utils@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/eslint-module-utils/-/eslint-module-utils-1.0.0.tgz#c4a57fd3a53efd8426cc2d5550aadab9bbd05fd0" + dependencies: + debug "2.2.0" + pkg-dir "^1.0.0" + + eslint-plugin-babel@3.3.0: + version "3.3.0" + resolved "https://registry.yarnpkg.com/eslint-plugin-babel/-/eslint-plugin-babel-3.3.0.tgz#2f494aedcf6f4aa4e75b9155980837bc1fbde193" + + eslint-plugin-flowtype@2.21.0: + version "2.21.0" + resolved "https://registry.yarnpkg.com/eslint-plugin-flowtype/-/eslint-plugin-flowtype-2.21.0.tgz#a47e85abcdd181d37a336054bd552149ae387d9c" + dependencies: + lodash "^4.15.0" + + eslint-plugin-import@2.0.1: + version "2.0.1" + resolved "https://registry.yarnpkg.com/eslint-plugin-import/-/eslint-plugin-import-2.0.1.tgz#dcfe96357d476b3f822570d42c29bec66f5d9c5c" + dependencies: + builtin-modules "^1.1.1" + contains-path "^0.1.0" + debug "^2.2.0" + doctrine "1.3.x" + eslint-import-resolver-node "^0.2.0" + eslint-module-utils "^1.0.0" + has "^1.0.1" + lodash.cond "^4.3.0" + minimatch "^3.0.3" + pkg-up "^1.0.0" + + eslint-plugin-jsx-a11y@2.2.3: + version "2.2.3" + resolved "https://registry.yarnpkg.com/eslint-plugin-jsx-a11y/-/eslint-plugin-jsx-a11y-2.2.3.tgz#4e35cb71b8a7db702ac415c806eb8e8d9ea6c65d" + dependencies: + damerau-levenshtein "^1.0.0" + jsx-ast-utils "^1.0.0" + object-assign "^4.0.1" + + eslint-plugin-react@6.4.1: + version "6.4.1" + resolved "https://registry.yarnpkg.com/eslint-plugin-react/-/eslint-plugin-react-6.4.1.tgz#7d1aade747db15892f71eee1fea4addf97bcfa2b" + dependencies: + doctrine "^1.2.2" + jsx-ast-utils "^1.3.1" + + eslint@3.8.1: + version "3.8.1" + resolved "https://registry.yarnpkg.com/eslint/-/eslint-3.8.1.tgz#7d02db44cd5aaf4fa7aa489e1f083baa454342ba" + dependencies: + chalk "^1.1.3" + concat-stream "^1.4.6" + debug "^2.1.1" + doctrine "^1.2.2" + escope "^3.6.0" + espree "^3.3.1" + estraverse "^4.2.0" + esutils "^2.0.2" + file-entry-cache "^2.0.0" + glob "^7.0.3" + globals "^9.2.0" + ignore "^3.1.5" + imurmurhash "^0.1.4" + inquirer "^0.12.0" + is-my-json-valid "^2.10.0" + is-resolvable "^1.0.0" + js-yaml "^3.5.1" + json-stable-stringify "^1.0.0" + levn "^0.3.0" + lodash "^4.0.0" + mkdirp "^0.5.0" + natural-compare "^1.4.0" + optionator "^0.8.2" + path-is-inside "^1.0.1" + pluralize "^1.2.1" + progress "^1.1.8" + require-uncached "^1.0.2" + shelljs "^0.6.0" + strip-bom "^3.0.0" + strip-json-comments "~1.0.1" + table "^3.7.8" + text-table "~0.2.0" + user-home "^2.0.0" + + espree@^3.3.1: + version "3.3.2" + resolved "https://registry.yarnpkg.com/espree/-/espree-3.3.2.tgz#dbf3fadeb4ecb4d4778303e50103b3d36c88b89c" + dependencies: + acorn "^4.0.1" + acorn-jsx "^3.0.0" + + esprima@^2.6.0: + version "2.7.3" + resolved "https://registry.yarnpkg.com/esprima/-/esprima-2.7.3.tgz#96e3b70d5779f6ad49cd032673d1c312767ba581" + + esrecurse@^4.1.0: + version "4.1.0" + resolved "https://registry.yarnpkg.com/esrecurse/-/esrecurse-4.1.0.tgz#4713b6536adf7f2ac4f327d559e7756bff648220" + dependencies: + estraverse "~4.1.0" + object-assign "^4.0.1" + + estraverse@^4.1.1, estraverse@^4.2.0: + version "4.2.0" + resolved "https://registry.yarnpkg.com/estraverse/-/estraverse-4.2.0.tgz#0dee3fed31fcd469618ce7342099fc1afa0bdb13" + + estraverse@~4.1.0: + version "4.1.1" + resolved "https://registry.yarnpkg.com/estraverse/-/estraverse-4.1.1.tgz#f6caca728933a850ef90661d0e17982ba47111a2" + + esutils@^2.0.0, esutils@^2.0.2: + version "2.0.2" + resolved "https://registry.yarnpkg.com/esutils/-/esutils-2.0.2.tgz#0abf4f1caa5bcb1f7a9d8acc6dea4faaa04bac9b" + + etag@~1.7.0: + version "1.7.0" + resolved "https://registry.yarnpkg.com/etag/-/etag-1.7.0.tgz#03d30b5f67dd6e632d2945d30d6652731a34d5d8" + + event-emitter@~0.3.4: + version "0.3.4" + resolved "https://registry.yarnpkg.com/event-emitter/-/event-emitter-0.3.4.tgz#8d63ddfb4cfe1fae3b32ca265c4c720222080bb5" + dependencies: + d "~0.1.1" + es5-ext "~0.10.7" + + event-stream@~3.3.0: + version "3.3.4" + resolved "https://registry.yarnpkg.com/event-stream/-/event-stream-3.3.4.tgz#4ab4c9a0f5a54db9338b4c34d86bfce8f4b35571" + dependencies: + duplexer "~0.1.1" + from "~0" + map-stream "~0.1.0" + pause-stream "0.0.11" + split "0.3" + stream-combiner "~0.0.4" + through "~2.3.1" + + exit-hook@^1.0.0: + version "1.1.1" + resolved "https://registry.yarnpkg.com/exit-hook/-/exit-hook-1.1.1.tgz#f05ca233b48c05d54fff07765df8507e95c02ff8" + + expand-brackets@^0.1.4: + version "0.1.5" + resolved "https://registry.yarnpkg.com/expand-brackets/-/expand-brackets-0.1.5.tgz#df07284e342a807cd733ac5af72411e581d1177b" + dependencies: + is-posix-bracket "^0.1.0" + + expand-range@^1.8.1: + version "1.8.2" + resolved "https://registry.yarnpkg.com/expand-range/-/expand-range-1.8.2.tgz#a299effd335fe2721ebae8e257ec79644fc85337" + dependencies: + fill-range "^2.1.0" + + express-session@1.14.1: + version "1.14.1" + resolved "https://registry.yarnpkg.com/express-session/-/express-session-1.14.1.tgz#600364f0f6bf5dce32649e006770bdeee80aec99" + dependencies: + cookie "0.3.1" + cookie-signature "1.0.6" + crc "3.4.0" + debug "~2.2.0" + depd "~1.1.0" + on-headers "~1.0.1" + parseurl "~1.3.1" + uid-safe "~2.1.2" + utils-merge "1.0.0" + + express@4.14.0: + version "4.14.0" + resolved "https://registry.yarnpkg.com/express/-/express-4.14.0.tgz#c1ee3f42cdc891fb3dc650a8922d51ec847d0d66" + dependencies: + accepts "~1.3.3" + array-flatten "1.1.1" + content-disposition "0.5.1" + content-type "~1.0.2" + cookie "0.3.1" + cookie-signature "1.0.6" + debug "~2.2.0" + depd "~1.1.0" + encodeurl "~1.0.1" + escape-html "~1.0.3" + etag "~1.7.0" + finalhandler "0.5.0" + fresh "0.3.0" + merge-descriptors "1.0.1" + methods "~1.1.2" + on-finished "~2.3.0" + parseurl "~1.3.1" + path-to-regexp "0.1.7" + proxy-addr "~1.1.2" + qs "6.2.0" + range-parser "~1.2.0" + send "0.14.1" + serve-static "~1.11.1" + type-is "~1.6.13" + utils-merge "1.0.0" + vary "~1.1.0" + + extend-shallow@^2.0.1: + version "2.0.1" + resolved "https://registry.yarnpkg.com/extend-shallow/-/extend-shallow-2.0.1.tgz#51af7d614ad9a9f610ea1bafbb989d6b1c56890f" + dependencies: + is-extendable "^0.1.0" + + extend@3, extend@^3.0.0, extend@~3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/extend/-/extend-3.0.0.tgz#5a474353b9f3353ddd8176dfd37b91c83a46f1d4" + + extglob@^0.3.1: + version "0.3.2" + resolved "https://registry.yarnpkg.com/extglob/-/extglob-0.3.2.tgz#2e18ff3d2f49ab2765cec9023f011daa8d8349a1" + dependencies: + is-extglob "^1.0.0" + + extsprintf@1.0.2: + version "1.0.2" + resolved "https://registry.yarnpkg.com/extsprintf/-/extsprintf-1.0.2.tgz#e1080e0658e300b06294990cc70e1502235fd550" + + eyes@0.1.x: + version "0.1.8" + resolved "https://registry.yarnpkg.com/eyes/-/eyes-0.1.8.tgz#62cf120234c683785d902348a800ef3e0cc20bc0" + + fast-levenshtein@~2.0.4: + version "2.0.5" + resolved "https://registry.yarnpkg.com/fast-levenshtein/-/fast-levenshtein-2.0.5.tgz#bd33145744519ab1c36c3ee9f31f08e9079b67f2" + + fd-slicer@~1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/fd-slicer/-/fd-slicer-1.0.1.tgz#8b5bcbd9ec327c5041bf9ab023fd6750f1177e65" + dependencies: + pend "~1.2.0" + + figures@^1.3.5: + version "1.7.0" + resolved "https://registry.yarnpkg.com/figures/-/figures-1.7.0.tgz#cbe1e3affcf1cd44b80cadfed28dc793a9701d2e" + dependencies: + escape-string-regexp "^1.0.5" + object-assign "^4.1.0" + + file-entry-cache@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/file-entry-cache/-/file-entry-cache-2.0.0.tgz#c392990c3e684783d838b8c84a45d8a048458361" + dependencies: + flat-cache "^1.2.1" + object-assign "^4.0.1" + + file-type@^3.1.0: + version "3.9.0" + resolved "https://registry.yarnpkg.com/file-type/-/file-type-3.9.0.tgz#257a078384d1db8087bc449d107d52a52672b9e9" + + filename-regex@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/filename-regex/-/filename-regex-2.0.0.tgz#996e3e80479b98b9897f15a8a58b3d084e926775" + + fill-range@^2.1.0: + version "2.2.3" + resolved "https://registry.yarnpkg.com/fill-range/-/fill-range-2.2.3.tgz#50b77dfd7e469bc7492470963699fe7a8485a723" + dependencies: + is-number "^2.1.0" + isobject "^2.0.0" + randomatic "^1.1.3" + repeat-element "^1.1.2" + repeat-string "^1.5.2" + + finalhandler@0.5.0: + version "0.5.0" + resolved "https://registry.yarnpkg.com/finalhandler/-/finalhandler-0.5.0.tgz#e9508abece9b6dba871a6942a1d7911b91911ac7" + dependencies: + debug "~2.2.0" + escape-html "~1.0.3" + on-finished "~2.3.0" + statuses "~1.3.0" + unpipe "~1.0.0" + + find-up@^1.0.0: + version "1.1.2" + resolved "https://registry.yarnpkg.com/find-up/-/find-up-1.1.2.tgz#6b2e9822b1a2ce0a60ab64d610eccad53cb24d0f" + dependencies: + path-exists "^2.0.0" + pinkie-promise "^2.0.0" + + find-versions@^1.0.0: + version "1.2.1" + resolved "https://registry.yarnpkg.com/find-versions/-/find-versions-1.2.1.tgz#cbde9f12e38575a0af1be1b9a2c5d5fd8f186b62" + dependencies: + array-uniq "^1.0.0" + get-stdin "^4.0.1" + meow "^3.5.0" + semver-regex "^1.0.0" + + first-chunk-stream@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/first-chunk-stream/-/first-chunk-stream-1.0.0.tgz#59bfb50cd905f60d7c394cd3d9acaab4e6ad934e" + + flat-cache@^1.2.1: + version "1.2.1" + resolved "https://registry.yarnpkg.com/flat-cache/-/flat-cache-1.2.1.tgz#6c837d6225a7de5659323740b36d5361f71691ff" + dependencies: + circular-json "^0.3.0" + del "^2.0.2" + graceful-fs "^4.1.2" + write "^0.2.1" + + for-in@^0.1.5: + version "0.1.6" + resolved "https://registry.yarnpkg.com/for-in/-/for-in-0.1.6.tgz#c9f96e89bfad18a545af5ec3ed352a1d9e5b4dc8" + + for-own@^0.1.4: + version "0.1.4" + resolved "https://registry.yarnpkg.com/for-own/-/for-own-0.1.4.tgz#0149b41a39088c7515f51ebe1c1386d45f935072" + dependencies: + for-in "^0.1.5" + + forever-agent@~0.6.1: + version "0.6.1" + resolved "https://registry.yarnpkg.com/forever-agent/-/forever-agent-0.6.1.tgz#fbc71f0c41adeb37f96c577ad1ed42d8fdacca91" + + form-data@~2.1.1: + version "2.1.2" + resolved "https://registry.yarnpkg.com/form-data/-/form-data-2.1.2.tgz#89c3534008b97eada4cbb157d58f6f5df025eae4" + dependencies: + asynckit "^0.4.0" + combined-stream "^1.0.5" + mime-types "^2.1.12" + + forwarded@~0.1.0: + version "0.1.0" + resolved "https://registry.yarnpkg.com/forwarded/-/forwarded-0.1.0.tgz#19ef9874c4ae1c297bcf078fde63a09b66a84363" + + fresh@0.3.0: + version "0.3.0" + resolved "https://registry.yarnpkg.com/fresh/-/fresh-0.3.0.tgz#651f838e22424e7566de161d8358caa199f83d4f" + + from@~0: + version "0.1.3" + resolved "https://registry.yarnpkg.com/from/-/from-0.1.3.tgz#ef63ac2062ac32acf7862e0d40b44b896f22f3bc" + + fs-readdir-recursive@^0.1.0: + version "0.1.2" + resolved "https://registry.yarnpkg.com/fs-readdir-recursive/-/fs-readdir-recursive-0.1.2.tgz#315b4fb8c1ca5b8c47defef319d073dad3568059" + + fs.realpath@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/fs.realpath/-/fs.realpath-1.0.0.tgz#1504ad2523158caa40db4a2787cb01411994ea4f" + + fsevents@^1.0.0: + version "1.0.15" + resolved "https://registry.yarnpkg.com/fsevents/-/fsevents-1.0.15.tgz#fa63f590f3c2ad91275e4972a6cea545fb0aae44" + dependencies: + nan "^2.3.0" + node-pre-gyp "^0.6.29" + + fstream-ignore@~1.0.5: + version "1.0.5" + resolved "https://registry.yarnpkg.com/fstream-ignore/-/fstream-ignore-1.0.5.tgz#9c31dae34767018fe1d249b24dada67d092da105" + dependencies: + fstream "^1.0.0" + inherits "2" + minimatch "^3.0.0" + + fstream@^1.0.0, fstream@^1.0.2, fstream@~1.0.10: + version "1.0.10" + resolved "https://registry.yarnpkg.com/fstream/-/fstream-1.0.10.tgz#604e8a92fe26ffd9f6fae30399d4984e1ab22822" + dependencies: + graceful-fs "^4.1.2" + inherits "~2.0.0" + mkdirp ">=0.5 0" + rimraf "2" + + function-bind@^1.0.2: + version "1.1.0" + resolved "https://registry.yarnpkg.com/function-bind/-/function-bind-1.1.0.tgz#16176714c801798e4e8f2cf7f7529467bb4a5771" + + gauge@~2.7.1: + version "2.7.2" + resolved "https://registry.yarnpkg.com/gauge/-/gauge-2.7.2.tgz#15cecc31b02d05345a5d6b0e171cdb3ad2307774" + dependencies: + aproba "^1.0.3" + console-control-strings "^1.0.0" + has-unicode "^2.0.0" + object-assign "^4.1.0" + signal-exit "^3.0.0" + string-width "^1.0.1" + strip-ansi "^3.0.1" + supports-color "^0.2.0" + wide-align "^1.1.0" + + generate-function@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/generate-function/-/generate-function-2.0.0.tgz#6858fe7c0969b7d4e9093337647ac79f60dfbe74" + + generate-object-property@^1.1.0: + version "1.2.0" + resolved "https://registry.yarnpkg.com/generate-object-property/-/generate-object-property-1.2.0.tgz#9c0e1c40308ce804f4783618b937fa88f99d50d0" + dependencies: + is-property "^1.0.0" + + get-stdin@^4.0.1: + version "4.0.1" + resolved "https://registry.yarnpkg.com/get-stdin/-/get-stdin-4.0.1.tgz#b968c6b0a04384324902e8bf1a5df32579a450fe" + + getos@^2.7.0: + version "2.8.2" + resolved "https://registry.yarnpkg.com/getos/-/getos-2.8.2.tgz#365e7e3b2cf74cb85ebb6d1d8c76633580cee534" + dependencies: + async "2.0.1" + + getpass@^0.1.1: + version "0.1.6" + resolved "https://registry.yarnpkg.com/getpass/-/getpass-0.1.6.tgz#283ffd9fc1256840875311c1b60e8c40187110e6" + dependencies: + assert-plus "^1.0.0" + + glob-base@^0.3.0: + version "0.3.0" + resolved "https://registry.yarnpkg.com/glob-base/-/glob-base-0.3.0.tgz#dbb164f6221b1c0b1ccf82aea328b497df0ea3c4" + dependencies: + glob-parent "^2.0.0" + is-glob "^2.0.0" + + glob-parent@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/glob-parent/-/glob-parent-2.0.0.tgz#81383d72db054fcccf5336daa902f182f6edbb28" + dependencies: + is-glob "^2.0.0" + + glob-parent@^3.0.0: + version "3.0.1" + resolved "https://registry.yarnpkg.com/glob-parent/-/glob-parent-3.0.1.tgz#60021327cc963ddc3b5f085764f500479ecd82ff" + dependencies: + is-glob "^3.1.0" + path-dirname "^1.0.0" + + glob-stream@^5.3.2: + version "5.3.5" + resolved "https://registry.yarnpkg.com/glob-stream/-/glob-stream-5.3.5.tgz#a55665a9a8ccdc41915a87c701e32d4e016fad22" + dependencies: + extend "^3.0.0" + glob "^5.0.3" + glob-parent "^3.0.0" + micromatch "^2.3.7" + ordered-read-streams "^0.3.0" + through2 "^0.6.0" + to-absolute-glob "^0.1.1" + unique-stream "^2.0.2" + + glob@7.0.5: + version "7.0.5" + resolved "https://registry.yarnpkg.com/glob/-/glob-7.0.5.tgz#b4202a69099bbb4d292a7c1b95b6682b67ebdc95" + dependencies: + fs.realpath "^1.0.0" + inflight "^1.0.4" + inherits "2" + minimatch "^3.0.2" + once "^1.3.0" + path-is-absolute "^1.0.0" + + glob@^5.0.3, glob@^5.0.5: + version "5.0.15" + resolved "https://registry.yarnpkg.com/glob/-/glob-5.0.15.tgz#1bc936b9e02f4a603fcc222ecf7633d30b8b93b1" + dependencies: + inflight "^1.0.4" + inherits "2" + minimatch "2 || 3" + once "^1.3.0" + path-is-absolute "^1.0.0" + + glob@^7.0.3, glob@^7.0.5: + version "7.1.1" + resolved "https://registry.yarnpkg.com/glob/-/glob-7.1.1.tgz#805211df04faaf1c63a3600306cdf5ade50b2ec8" + dependencies: + fs.realpath "^1.0.0" + inflight "^1.0.4" + inherits "2" + minimatch "^3.0.2" + once "^1.3.0" + path-is-absolute "^1.0.0" + + globals@^9.0.0, globals@^9.2.0: + version "9.14.0" + resolved "https://registry.yarnpkg.com/globals/-/globals-9.14.0.tgz#8859936af0038741263053b39d0e76ca241e4034" + + globby@^5.0.0: + version "5.0.0" + resolved "https://registry.yarnpkg.com/globby/-/globby-5.0.0.tgz#ebd84667ca0dbb330b99bcfc68eac2bc54370e0d" + dependencies: + array-union "^1.0.1" + arrify "^1.0.0" + glob "^7.0.3" + object-assign "^4.0.1" + pify "^2.0.0" + pinkie-promise "^2.0.0" + + got@^3.2.0: + version "3.3.1" + resolved "https://registry.yarnpkg.com/got/-/got-3.3.1.tgz#e5d0ed4af55fc3eef4d56007769d98192bcb2eca" + dependencies: + duplexify "^3.2.0" + infinity-agent "^2.0.0" + is-redirect "^1.0.0" + is-stream "^1.0.0" + lowercase-keys "^1.0.0" + nested-error-stacks "^1.0.0" + object-assign "^3.0.0" + prepend-http "^1.0.0" + read-all-stream "^3.0.0" + timed-out "^2.0.0" + + graceful-fs@^4.0.0, graceful-fs@^4.1.2, graceful-fs@^4.1.4: + version "4.1.11" + resolved "https://registry.yarnpkg.com/graceful-fs/-/graceful-fs-4.1.11.tgz#0e8bdfe4d1ddb8854d64e04ea7c00e2a026e5658" + + "graceful-readlink@>= 1.0.0": + version "1.0.1" + resolved "https://registry.yarnpkg.com/graceful-readlink/-/graceful-readlink-1.0.1.tgz#4cafad76bc62f02fa039b2f94e9a3dd3a391a725" + + graphql-server-core@^0.4.3: + version "0.4.3" + resolved "https://registry.yarnpkg.com/graphql-server-core/-/graphql-server-core-0.4.3.tgz#3198832ce8703388713f012da023b33a3823be98" + optionalDependencies: + typed-graphql "^1.0.2" + + graphql-server-express@^0.4.3: + version "0.4.3" + resolved "https://registry.yarnpkg.com/graphql-server-express/-/graphql-server-express-0.4.3.tgz#198674e6db4949c060b9959554d3dc4e9cc4ed9b" + dependencies: + graphql-server-core "^0.4.3" + graphql-server-module-graphiql "^0.4.3" + optionalDependencies: + "@types/express" "^4.0.33" + + graphql-server-module-graphiql@^0.4.3: + version "0.4.3" + resolved "https://registry.yarnpkg.com/graphql-server-module-graphiql/-/graphql-server-module-graphiql-0.4.3.tgz#f82b92b99bb1e1b4b285c86bf6fcfa60b3a7a805" + + graphql-server@^0.3.2: + version "0.3.2" + resolved "https://registry.yarnpkg.com/graphql-server/-/graphql-server-0.3.2.tgz#ac3299963221be784fc78a22784d2d9ab7116e5e" + dependencies: + boom "^4.0.0" + http-errors "^1.5.0" + source-map-support "^0.4.2" + + graphql-subscriptions@0.2.0: + version "0.2.0" + resolved "https://registry.yarnpkg.com/graphql-subscriptions/-/graphql-subscriptions-0.2.0.tgz#9aebf19283f797354615b263090e15246a4c6c8d" + dependencies: + es6-promise "^3.2.1" + graphql "^0.7.0" + + graphql-subscriptions@^0.1.3: + version "0.1.5" + resolved "https://registry.yarnpkg.com/graphql-subscriptions/-/graphql-subscriptions-0.1.5.tgz#603422c0a7ea3818b630751d1c9798bfa1a820ee" + dependencies: + es6-promise "^3.2.1" + graphql "^0.7.0" + + graphql-tools@^0.8.2: + version "0.8.3" + resolved "https://registry.yarnpkg.com/graphql-tools/-/graphql-tools-0.8.3.tgz#7766ec1d1cc716dde331bd7813267bda44aefa08" + dependencies: + deprecated-decorator "^0.1.6" + lodash "^4.3.0" + node-uuid "^1.4.7" + optionalDependencies: + typed-graphql "^1.0.2" + + graphql@0.7.2, graphql@^0.7.0: + version "0.7.2" + resolved "https://registry.yarnpkg.com/graphql/-/graphql-0.7.2.tgz#cc894a32823399b8a0cb012b9e9ecad35cd00f72" + dependencies: + iterall "1.0.2" + + growl@1.9.2: + version "1.9.2" + resolved "https://registry.yarnpkg.com/growl/-/growl-1.9.2.tgz#0ea7743715db8d8de2c5ede1775e1b45ac85c02f" + + gulp-sourcemaps@1.6.0: + version "1.6.0" + resolved "https://registry.yarnpkg.com/gulp-sourcemaps/-/gulp-sourcemaps-1.6.0.tgz#b86ff349d801ceb56e1d9e7dc7bbcb4b7dee600c" + dependencies: + convert-source-map "^1.1.1" + graceful-fs "^4.1.2" + strip-bom "^2.0.0" + through2 "^2.0.0" + vinyl "^1.0.0" + + har-validator@~2.0.6: + version "2.0.6" + resolved "https://registry.yarnpkg.com/har-validator/-/har-validator-2.0.6.tgz#cdcbc08188265ad119b6a5a7c8ab70eecfb5d27d" + dependencies: + chalk "^1.1.1" + commander "^2.9.0" + is-my-json-valid "^2.12.4" + pinkie-promise "^2.0.0" + + has-ansi@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/has-ansi/-/has-ansi-2.0.0.tgz#34f5049ce1ecdf2b0649af3ef24e45ed35416d91" + dependencies: + ansi-regex "^2.0.0" + + has-flag@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/has-flag/-/has-flag-1.0.0.tgz#9d9e793165ce017a00f00418c43f942a7b1d11fa" + + has-unicode@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/has-unicode/-/has-unicode-2.0.1.tgz#e0e6fe6a28cf51138855e086d1691e771de2a8b9" + + has@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/has/-/has-1.0.1.tgz#8461733f538b0837c9361e39a9ab9e9704dc2f28" + dependencies: + function-bind "^1.0.2" + + hawk@~3.1.3: + version "3.1.3" + resolved "https://registry.yarnpkg.com/hawk/-/hawk-3.1.3.tgz#078444bd7c1640b0fe540d2c9b73d59678e8e1c4" + dependencies: + boom "2.x.x" + cryptiles "2.x.x" + hoek "2.x.x" + sntp "1.x.x" + + hoek@2.x.x: + version "2.16.3" + resolved "https://registry.yarnpkg.com/hoek/-/hoek-2.16.3.tgz#20bb7403d3cea398e91dc4710a8ff1b8274a25ed" + + hoek@4.x.x: + version "4.1.0" + resolved "https://registry.yarnpkg.com/hoek/-/hoek-4.1.0.tgz#4a4557460f69842ed463aa00628cc26d2683afa7" + + home-or-tmp@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/home-or-tmp/-/home-or-tmp-1.0.0.tgz#4b9f1e40800c3e50c6c27f781676afcce71f3985" + dependencies: + os-tmpdir "^1.0.1" + user-home "^1.1.1" + + hosted-git-info@^2.1.4: + version "2.1.5" + resolved "https://registry.yarnpkg.com/hosted-git-info/-/hosted-git-info-2.1.5.tgz#0ba81d90da2e25ab34a332e6ec77936e1598118b" + + http-errors@^1.5.0, http-errors@~1.5.0: + version "1.5.1" + resolved "https://registry.yarnpkg.com/http-errors/-/http-errors-1.5.1.tgz#788c0d2c1de2c81b9e6e8c01843b6b97eb920750" + dependencies: + inherits "2.0.3" + setprototypeof "1.0.2" + statuses ">= 1.3.1 < 2" + + http-signature@~1.1.0: + version "1.1.1" + resolved "https://registry.yarnpkg.com/http-signature/-/http-signature-1.1.1.tgz#df72e267066cd0ac67fb76adf8e134a8fbcf91bf" + dependencies: + assert-plus "^0.2.0" + jsprim "^1.2.2" + sshpk "^1.7.0" + + https-proxy-agent@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/https-proxy-agent/-/https-proxy-agent-1.0.0.tgz#35f7da6c48ce4ddbfa264891ac593ee5ff8671e6" + dependencies: + agent-base "2" + debug "2" + extend "3" + + iconv-lite@0.4.13, iconv-lite@~0.4.13: + version "0.4.13" + resolved "https://registry.yarnpkg.com/iconv-lite/-/iconv-lite-0.4.13.tgz#1f88aba4ab0b1508e8312acc39345f36e992e2f2" + + ignore-by-default@^1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/ignore-by-default/-/ignore-by-default-1.0.1.tgz#48ca6d72f6c6a3af00a9ad4ae6876be3889e2b09" + + ignore@^3.1.5: + version "3.2.0" + resolved "https://registry.yarnpkg.com/ignore/-/ignore-3.2.0.tgz#8d88f03c3002a0ac52114db25d2c673b0bf1e435" + + imurmurhash@^0.1.4: + version "0.1.4" + resolved "https://registry.yarnpkg.com/imurmurhash/-/imurmurhash-0.1.4.tgz#9218b9b2b928a238b13dc4fb6b6d576f231453ea" + + indent-string@^2.1.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/indent-string/-/indent-string-2.1.0.tgz#8e2d48348742121b4a8218b7a137e9a52049dc80" + dependencies: + repeating "^2.0.0" + + infinity-agent@^2.0.0: + version "2.0.3" + resolved "https://registry.yarnpkg.com/infinity-agent/-/infinity-agent-2.0.3.tgz#45e0e2ff7a9eb030b27d62b74b3744b7a7ac4216" + + inflight@^1.0.4: + version "1.0.6" + resolved "https://registry.yarnpkg.com/inflight/-/inflight-1.0.6.tgz#49bd6331d7d02d0c09bc910a1075ba8165b56df9" + dependencies: + once "^1.3.0" + wrappy "1" + + inherits@2, inherits@2.0.3, inherits@^2.0.1, inherits@~2.0.0, inherits@~2.0.1: + version "2.0.3" + resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.3.tgz#633c2c83e3da42a502f52466022480f4208261de" + + ini@~1.3.0: + version "1.3.4" + resolved "https://registry.yarnpkg.com/ini/-/ini-1.3.4.tgz#0537cb79daf59b59a1a517dff706c86ec039162e" + + inquirer@^0.12.0: + version "0.12.0" + resolved "https://registry.yarnpkg.com/inquirer/-/inquirer-0.12.0.tgz#1ef2bfd63504df0bc75785fff8c2c41df12f077e" + dependencies: + ansi-escapes "^1.1.0" + ansi-regex "^2.0.0" + chalk "^1.0.0" + cli-cursor "^1.0.1" + cli-width "^2.0.0" + figures "^1.3.5" + lodash "^4.3.0" + readline2 "^1.0.1" + run-async "^0.1.0" + rx-lite "^3.1.2" + string-width "^1.0.1" + strip-ansi "^3.0.0" + through "^2.3.6" + + invariant@^2.2.0: + version "2.2.2" + resolved "https://registry.yarnpkg.com/invariant/-/invariant-2.2.2.tgz#9e1f56ac0acdb6bf303306f338be3b204ae60360" + dependencies: + loose-envify "^1.0.0" + + invert-kv@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/invert-kv/-/invert-kv-1.0.0.tgz#104a8e4aaca6d3d8cd157a8ef8bfab2d7a3ffdb6" + + ipaddr.js@1.1.1: + version "1.1.1" + resolved "https://registry.yarnpkg.com/ipaddr.js/-/ipaddr.js-1.1.1.tgz#c791d95f52b29c1247d5df80ada39b8a73647230" + + is-absolute@^0.1.5: + version "0.1.7" + resolved "https://registry.yarnpkg.com/is-absolute/-/is-absolute-0.1.7.tgz#847491119fccb5fb436217cc737f7faad50f603f" + dependencies: + is-relative "^0.1.0" + + is-arrayish@^0.2.1: + version "0.2.1" + resolved "https://registry.yarnpkg.com/is-arrayish/-/is-arrayish-0.2.1.tgz#77c99840527aa8ecb1a8ba697b80645a7a926a9d" + + is-binary-path@^1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/is-binary-path/-/is-binary-path-1.0.1.tgz#75f16642b480f187a711c814161fd3a4a7655898" + dependencies: + binary-extensions "^1.0.0" + + is-buffer@^1.0.2: + version "1.1.4" + resolved "https://registry.yarnpkg.com/is-buffer/-/is-buffer-1.1.4.tgz#cfc86ccd5dc5a52fa80489111c6920c457e2d98b" + + is-builtin-module@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-builtin-module/-/is-builtin-module-1.0.0.tgz#540572d34f7ac3119f8f76c30cbc1b1e037affbe" + dependencies: + builtin-modules "^1.0.0" + + is-bzip2@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-bzip2/-/is-bzip2-1.0.0.tgz#5ee58eaa5a2e9c80e21407bedf23ae5ac091b3fc" + + is-dotfile@^1.0.0: + version "1.0.2" + resolved "https://registry.yarnpkg.com/is-dotfile/-/is-dotfile-1.0.2.tgz#2c132383f39199f8edc268ca01b9b007d205cc4d" + + is-equal-shallow@^0.1.3: + version "0.1.3" + resolved "https://registry.yarnpkg.com/is-equal-shallow/-/is-equal-shallow-0.1.3.tgz#2238098fc221de0bcfa5d9eac4c45d638aa1c534" + dependencies: + is-primitive "^2.0.0" + + is-extendable@^0.1.0, is-extendable@^0.1.1: + version "0.1.1" + resolved "https://registry.yarnpkg.com/is-extendable/-/is-extendable-0.1.1.tgz#62b110e289a471418e3ec36a617d472e301dfc89" + + is-extglob@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-extglob/-/is-extglob-1.0.0.tgz#ac468177c4943405a092fc8f29760c6ffc6206c0" + + is-extglob@^2.1.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/is-extglob/-/is-extglob-2.1.0.tgz#33411a482b046bf95e6b0cb27ee2711af4cf15ad" + + is-finite@^1.0.0: + version "1.0.2" + resolved "https://registry.yarnpkg.com/is-finite/-/is-finite-1.0.2.tgz#cc6677695602be550ef11e8b4aa6305342b6d0aa" + dependencies: + number-is-nan "^1.0.0" + + is-fullwidth-code-point@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-fullwidth-code-point/-/is-fullwidth-code-point-1.0.0.tgz#ef9e31386f031a7f0d643af82fde50c457ef00cb" + dependencies: + number-is-nan "^1.0.0" + + is-fullwidth-code-point@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/is-fullwidth-code-point/-/is-fullwidth-code-point-2.0.0.tgz#a3b30a5c4f199183167aaab93beefae3ddfb654f" + + is-glob@^2.0.0, is-glob@^2.0.1: + version "2.0.1" + resolved "https://registry.yarnpkg.com/is-glob/-/is-glob-2.0.1.tgz#d096f926a3ded5600f3fdfd91198cb0888c2d863" + dependencies: + is-extglob "^1.0.0" + + is-glob@^3.1.0: + version "3.1.0" + resolved "https://registry.yarnpkg.com/is-glob/-/is-glob-3.1.0.tgz#7ba5ae24217804ac70707b96922567486cc3e84a" + dependencies: + is-extglob "^2.1.0" + + is-gzip@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-gzip/-/is-gzip-1.0.0.tgz#6ca8b07b99c77998025900e555ced8ed80879a83" + + is-my-json-valid@^2.10.0, is-my-json-valid@^2.12.4: + version "2.15.0" + resolved "https://registry.yarnpkg.com/is-my-json-valid/-/is-my-json-valid-2.15.0.tgz#936edda3ca3c211fd98f3b2d3e08da43f7b2915b" + dependencies: + generate-function "^2.0.0" + generate-object-property "^1.1.0" + jsonpointer "^4.0.0" + xtend "^4.0.0" + + is-natural-number@^2.0.0: + version "2.1.1" + resolved "https://registry.yarnpkg.com/is-natural-number/-/is-natural-number-2.1.1.tgz#7d4c5728377ef386c3e194a9911bf57c6dc335e7" + + is-npm@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-npm/-/is-npm-1.0.0.tgz#f2fb63a65e4905b406c86072765a1a4dc793b9f4" + + is-number@^2.0.2, is-number@^2.1.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/is-number/-/is-number-2.1.0.tgz#01fcbbb393463a548f2f466cce16dece49db908f" + dependencies: + kind-of "^3.0.2" + + is-path-cwd@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-path-cwd/-/is-path-cwd-1.0.0.tgz#d225ec23132e89edd38fda767472e62e65f1106d" + + is-path-in-cwd@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-path-in-cwd/-/is-path-in-cwd-1.0.0.tgz#6477582b8214d602346094567003be8a9eac04dc" + dependencies: + is-path-inside "^1.0.0" + + is-path-inside@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-path-inside/-/is-path-inside-1.0.0.tgz#fc06e5a1683fbda13de667aff717bbc10a48f37f" + dependencies: + path-is-inside "^1.0.1" + + is-posix-bracket@^0.1.0: + version "0.1.1" + resolved "https://registry.yarnpkg.com/is-posix-bracket/-/is-posix-bracket-0.1.1.tgz#3334dc79774368e92f016e6fbc0a88f5cd6e6bc4" + + is-primitive@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/is-primitive/-/is-primitive-2.0.0.tgz#207bab91638499c07b2adf240a41a87210034575" + + is-promise@~1, is-promise@~1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/is-promise/-/is-promise-1.0.1.tgz#31573761c057e33c2e91aab9e96da08cefbe76e5" + + is-property@^1.0.0: + version "1.0.2" + resolved "https://registry.yarnpkg.com/is-property/-/is-property-1.0.2.tgz#57fe1c4e48474edd65b09911f26b1cd4095dda84" + + is-redirect@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-redirect/-/is-redirect-1.0.0.tgz#1d03dded53bd8db0f30c26e4f95d36fc7c87dc24" + + is-relative@^0.1.0: + version "0.1.3" + resolved "https://registry.yarnpkg.com/is-relative/-/is-relative-0.1.3.tgz#905fee8ae86f45b3ec614bc3c15c869df0876e82" + + is-resolvable@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-resolvable/-/is-resolvable-1.0.0.tgz#8df57c61ea2e3c501408d100fb013cf8d6e0cc62" + dependencies: + tryit "^1.0.1" + + is-stream@^1.0.0, is-stream@^1.0.1: + version "1.1.0" + resolved "https://registry.yarnpkg.com/is-stream/-/is-stream-1.1.0.tgz#12d4a3dd4e68e0b79ceb8dbc84173ae80d91ca44" + + is-tar@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-tar/-/is-tar-1.0.0.tgz#2f6b2e1792c1f5bb36519acaa9d65c0d26fe853d" + + is-typedarray@^1.0.0, is-typedarray@~1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-typedarray/-/is-typedarray-1.0.0.tgz#e479c80858df0c1b11ddda6940f96011fcda4a9a" + + is-utf8@^0.2.0: + version "0.2.1" + resolved "https://registry.yarnpkg.com/is-utf8/-/is-utf8-0.2.1.tgz#4b0da1442104d1b336340e80797e865cf39f7d72" + + is-valid-glob@^0.3.0: + version "0.3.0" + resolved "https://registry.yarnpkg.com/is-valid-glob/-/is-valid-glob-0.3.0.tgz#d4b55c69f51886f9b65c70d6c2622d37e29f48fe" + + is-zip@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-zip/-/is-zip-1.0.0.tgz#47b0a8ff4d38a76431ccfd99a8e15a4c86ba2325" + + isarray@0.0.1: + version "0.0.1" + resolved "https://registry.yarnpkg.com/isarray/-/isarray-0.0.1.tgz#8a18acfca9a8f4177e09abfc6038939b05d1eedf" + + isarray@1.0.0, isarray@^1.0.0, isarray@~1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/isarray/-/isarray-1.0.0.tgz#bb935d48582cba168c06834957a54a3e07124f11" + + isemail@1.x.x: + version "1.2.0" + resolved "https://registry.yarnpkg.com/isemail/-/isemail-1.2.0.tgz#be03df8cc3e29de4d2c5df6501263f1fa4595e9a" + + isobject@^2.0.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/isobject/-/isobject-2.1.0.tgz#f065561096a3f1da2ef46272f815c840d87e0c89" + dependencies: + isarray "1.0.0" + + isstream@0.1.x, isstream@~0.1.2: + version "0.1.2" + resolved "https://registry.yarnpkg.com/isstream/-/isstream-0.1.2.tgz#47e63f7af55afa6f92e1500e690eb8b8529c099a" + + iterall@1.0.2: + version "1.0.2" + resolved "https://registry.yarnpkg.com/iterall/-/iterall-1.0.2.tgz#41a2e96ce9eda5e61c767ee5dc312373bb046e91" + + jodid25519@^1.0.0: + version "1.0.2" + resolved "https://registry.yarnpkg.com/jodid25519/-/jodid25519-1.0.2.tgz#06d4912255093419477d425633606e0e90782967" + dependencies: + jsbn "~0.1.0" + + joi@^6.10.1: + version "6.10.1" + resolved "https://registry.yarnpkg.com/joi/-/joi-6.10.1.tgz#4d50c318079122000fe5f16af1ff8e1917b77e06" + dependencies: + hoek "2.x.x" + isemail "1.x.x" + moment "2.x.x" + topo "1.x.x" + + js-tokens@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/js-tokens/-/js-tokens-2.0.0.tgz#79903f5563ee778cc1162e6dcf1a0027c97f9cb5" + + js-yaml@^3.5.1: + version "3.7.0" + resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-3.7.0.tgz#5c967ddd837a9bfdca5f2de84253abe8a1c03b80" + dependencies: + argparse "^1.0.7" + esprima "^2.6.0" + + jsbn@~0.1.0: + version "0.1.0" + resolved "https://registry.yarnpkg.com/jsbn/-/jsbn-0.1.0.tgz#650987da0dd74f4ebf5a11377a2aa2d273e97dfd" + + jsesc@^1.3.0: + version "1.3.0" + resolved "https://registry.yarnpkg.com/jsesc/-/jsesc-1.3.0.tgz#46c3fec8c1892b12b0833db9bc7622176dbab34b" + + jsesc@~0.5.0: + version "0.5.0" + resolved "https://registry.yarnpkg.com/jsesc/-/jsesc-0.5.0.tgz#e7dee66e35d6fc16f710fe91d5cf69f70f08911d" + + json-schema@0.2.3: + version "0.2.3" + resolved "https://registry.yarnpkg.com/json-schema/-/json-schema-0.2.3.tgz#b480c892e59a2f05954ce727bd3f2a4e882f9e13" + + json-stable-stringify@^1.0.0, json-stable-stringify@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/json-stable-stringify/-/json-stable-stringify-1.0.1.tgz#9a759d39c5f2ff503fd5300646ed445f88c4f9af" + dependencies: + jsonify "~0.0.0" + + json-stringify-safe@~5.0.1: + version "5.0.1" + resolved "https://registry.yarnpkg.com/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz#1296a2d58fd45f19a0f6ce01d65701e2c735b6eb" + + json3@3.3.2: + version "3.3.2" + resolved "https://registry.yarnpkg.com/json3/-/json3-3.3.2.tgz#3c0434743df93e2f5c42aee7b19bcb483575f4e1" + + json5@^0.4.0: + version "0.4.0" + resolved "https://registry.yarnpkg.com/json5/-/json5-0.4.0.tgz#054352e4c4c80c86c0923877d449de176a732c8d" + + jsonify@~0.0.0: + version "0.0.0" + resolved "https://registry.yarnpkg.com/jsonify/-/jsonify-0.0.0.tgz#2c74b6ee41d93ca51b7b5aaee8f503631d252a73" + + jsonpointer@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/jsonpointer/-/jsonpointer-4.0.0.tgz#6661e161d2fc445f19f98430231343722e1fcbd5" + + jsonwebtoken@^7.0.0: + version "7.3.0" + resolved "https://registry.yarnpkg.com/jsonwebtoken/-/jsonwebtoken-7.3.0.tgz#85118d6a70e3fccdf14389f4e7a1c3f9c8a9fbba" + dependencies: + joi "^6.10.1" + jws "^3.1.4" + lodash.once "^4.0.0" + ms "^0.7.1" + xtend "^4.0.1" + + jsprim@^1.2.2: + version "1.3.1" + resolved "https://registry.yarnpkg.com/jsprim/-/jsprim-1.3.1.tgz#2a7256f70412a29ee3670aaca625994c4dcff252" + dependencies: + extsprintf "1.0.2" + json-schema "0.2.3" + verror "1.3.6" + + jsx-ast-utils@^1.0.0, jsx-ast-utils@^1.3.1: + version "1.3.4" + resolved "https://registry.yarnpkg.com/jsx-ast-utils/-/jsx-ast-utils-1.3.4.tgz#0257ed1cc4b1e65b39d7d9940f9fb4f20f7ba0a9" + dependencies: + acorn-jsx "^3.0.1" + object-assign "^4.1.0" + + jwa@^1.1.4: + version "1.1.5" + resolved "https://registry.yarnpkg.com/jwa/-/jwa-1.1.5.tgz#a0552ce0220742cd52e153774a32905c30e756e5" + dependencies: + base64url "2.0.0" + buffer-equal-constant-time "1.0.1" + ecdsa-sig-formatter "1.0.9" + safe-buffer "^5.0.1" + + jws@^3.1.4: + version "3.1.4" + resolved "https://registry.yarnpkg.com/jws/-/jws-3.1.4.tgz#f9e8b9338e8a847277d6444b1464f61880e050a2" + dependencies: + base64url "^2.0.0" + jwa "^1.1.4" + safe-buffer "^5.0.1" + + jwt-simple@^0.5.1: + version "0.5.1" + resolved "https://registry.yarnpkg.com/jwt-simple/-/jwt-simple-0.5.1.tgz#79ea01891b61de6b68e13e67c0b4b5bda937b294" + + kind-of@^3.0.2: + version "3.1.0" + resolved "https://registry.yarnpkg.com/kind-of/-/kind-of-3.1.0.tgz#475d698a5e49ff5e53d14e3e732429dc8bf4cf47" + dependencies: + is-buffer "^1.0.2" + + latest-version@^1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/latest-version/-/latest-version-1.0.1.tgz#72cfc46e3e8d1be651e1ebb54ea9f6ea96f374bb" + dependencies: + package-json "^1.0.0" + + lazystream@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/lazystream/-/lazystream-1.0.0.tgz#f6995fe0f820392f61396be89462407bb77168e4" + dependencies: + readable-stream "^2.0.5" + + lcid@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/lcid/-/lcid-1.0.0.tgz#308accafa0bc483a3867b4b6f2b9506251d1b835" + dependencies: + invert-kv "^1.0.0" + + levn@^0.3.0, levn@~0.3.0: + version "0.3.0" + resolved "https://registry.yarnpkg.com/levn/-/levn-0.3.0.tgz#3b09924edf9f083c0490fdd4c0bc4421e04764ee" + dependencies: + prelude-ls "~1.1.2" + type-check "~0.3.2" + + load-json-file@^1.0.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/load-json-file/-/load-json-file-1.1.0.tgz#956905708d58b4bab4c2261b04f59f31c99374c0" + dependencies: + graceful-fs "^4.1.2" + parse-json "^2.2.0" + pify "^2.0.0" + pinkie-promise "^2.0.0" + strip-bom "^2.0.0" + + lodash._baseassign@^3.0.0: + version "3.2.0" + resolved "https://registry.yarnpkg.com/lodash._baseassign/-/lodash._baseassign-3.2.0.tgz#8c38a099500f215ad09e59f1722fd0c52bfe0a4e" + dependencies: + lodash._basecopy "^3.0.0" + lodash.keys "^3.0.0" + + lodash._basecopy@^3.0.0: + version "3.0.1" + resolved "https://registry.yarnpkg.com/lodash._basecopy/-/lodash._basecopy-3.0.1.tgz#8da0e6a876cf344c0ad8a54882111dd3c5c7ca36" + + lodash._basecreate@^3.0.0: + version "3.0.3" + resolved "https://registry.yarnpkg.com/lodash._basecreate/-/lodash._basecreate-3.0.3.tgz#1bc661614daa7fc311b7d03bf16806a0213cf821" + + lodash._bindcallback@^3.0.0: + version "3.0.1" + resolved "https://registry.yarnpkg.com/lodash._bindcallback/-/lodash._bindcallback-3.0.1.tgz#e531c27644cf8b57a99e17ed95b35c748789392e" + + lodash._createassigner@^3.0.0: + version "3.1.1" + resolved "https://registry.yarnpkg.com/lodash._createassigner/-/lodash._createassigner-3.1.1.tgz#838a5bae2fdaca63ac22dee8e19fa4e6d6970b11" + dependencies: + lodash._bindcallback "^3.0.0" + lodash._isiterateecall "^3.0.0" + lodash.restparam "^3.0.0" + + lodash._getnative@^3.0.0: + version "3.9.1" + resolved "https://registry.yarnpkg.com/lodash._getnative/-/lodash._getnative-3.9.1.tgz#570bc7dede46d61cdcde687d65d3eecbaa3aaff5" + + lodash._isiterateecall@^3.0.0: + version "3.0.9" + resolved "https://registry.yarnpkg.com/lodash._isiterateecall/-/lodash._isiterateecall-3.0.9.tgz#5203ad7ba425fae842460e696db9cf3e6aac057c" + + lodash.assign@^3.0.0: + version "3.2.0" + resolved "https://registry.yarnpkg.com/lodash.assign/-/lodash.assign-3.2.0.tgz#3ce9f0234b4b2223e296b8fa0ac1fee8ebca64fa" + dependencies: + lodash._baseassign "^3.0.0" + lodash._createassigner "^3.0.0" + lodash.keys "^3.0.0" + + lodash.cond@^4.3.0: + version "4.5.2" + resolved "https://registry.yarnpkg.com/lodash.cond/-/lodash.cond-4.5.2.tgz#f471a1da486be60f6ab955d17115523dd1d255d5" + + lodash.create@3.1.1: + version "3.1.1" + resolved "https://registry.yarnpkg.com/lodash.create/-/lodash.create-3.1.1.tgz#d7f2849f0dbda7e04682bb8cd72ab022461debe7" + dependencies: + lodash._baseassign "^3.0.0" + lodash._basecreate "^3.0.0" + lodash._isiterateecall "^3.0.0" + + lodash.defaults@^3.1.2: + version "3.1.2" + resolved "https://registry.yarnpkg.com/lodash.defaults/-/lodash.defaults-3.1.2.tgz#c7308b18dbf8bc9372d701a73493c61192bd2e2c" + dependencies: + lodash.assign "^3.0.0" + lodash.restparam "^3.0.0" + + lodash.isarguments@^3.0.0: + version "3.1.0" + resolved "https://registry.yarnpkg.com/lodash.isarguments/-/lodash.isarguments-3.1.0.tgz#2f573d85c6a24289ff00663b491c1d338ff3458a" + + lodash.isarray@^3.0.0: + version "3.0.4" + resolved "https://registry.yarnpkg.com/lodash.isarray/-/lodash.isarray-3.0.4.tgz#79e4eb88c36a8122af86f844aa9bcd851b5fbb55" + + lodash.isequal@^4.0.0: + version "4.4.0" + resolved "https://registry.yarnpkg.com/lodash.isequal/-/lodash.isequal-4.4.0.tgz#6295768e98e14dc15ce8d362ef6340db82852031" + + lodash.isobject@^3.0.2: + version "3.0.2" + resolved "https://registry.yarnpkg.com/lodash.isobject/-/lodash.isobject-3.0.2.tgz#3c8fb8d5b5bf4bf90ae06e14f2a530a4ed935e1d" + + lodash.isstring@^4.0.1: + version "4.0.1" + resolved "https://registry.yarnpkg.com/lodash.isstring/-/lodash.isstring-4.0.1.tgz#d527dfb5456eca7cc9bb95d5daeaf88ba54a5451" + + lodash.keys@^3.0.0: + version "3.1.2" + resolved "https://registry.yarnpkg.com/lodash.keys/-/lodash.keys-3.1.2.tgz#4dbc0472b156be50a0b286855d1bd0b0c656098a" + dependencies: + lodash._getnative "^3.0.0" + lodash.isarguments "^3.0.0" + lodash.isarray "^3.0.0" + + lodash.once@^4.0.0: + version "4.1.1" + resolved "https://registry.yarnpkg.com/lodash.once/-/lodash.once-4.1.1.tgz#0dd3971213c7c56df880977d504c88fb471a97ac" + + lodash.pickby@^4.6.0: + version "4.6.0" + resolved "https://registry.yarnpkg.com/lodash.pickby/-/lodash.pickby-4.6.0.tgz#7dea21d8c18d7703a27c704c15d3b84a67e33aff" + + lodash.restparam@^3.0.0: + version "3.6.1" + resolved "https://registry.yarnpkg.com/lodash.restparam/-/lodash.restparam-3.6.1.tgz#936a4e309ef330a7645ed4145986c85ae5b20805" + + lodash@4.16.4, lodash@^4.0.0, lodash@^4.15.0, lodash@^4.2.0, lodash@^4.3.0, lodash@^4.8.0: + version "4.16.4" + resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.16.4.tgz#01ce306b9bad1319f2a5528674f88297aeb70127" + + log-symbols@^1.0.2: + version "1.0.2" + resolved "https://registry.yarnpkg.com/log-symbols/-/log-symbols-1.0.2.tgz#376ff7b58ea3086a0f09facc74617eca501e1a18" + dependencies: + chalk "^1.0.0" + + loose-envify@^1.0.0: + version "1.3.0" + resolved "https://registry.yarnpkg.com/loose-envify/-/loose-envify-1.3.0.tgz#6b26248c42f6d4fa4b0d8542f78edfcde35642a8" + dependencies: + js-tokens "^2.0.0" + + loud-rejection@^1.0.0: + version "1.6.0" + resolved "https://registry.yarnpkg.com/loud-rejection/-/loud-rejection-1.6.0.tgz#5b46f80147edee578870f086d04821cf998e551f" + dependencies: + currently-unhandled "^0.4.1" + signal-exit "^3.0.0" + + lowercase-keys@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/lowercase-keys/-/lowercase-keys-1.0.0.tgz#4e3366b39e7f5457e35f1324bdf6f88d0bfc7306" + + map-obj@^1.0.0, map-obj@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/map-obj/-/map-obj-1.0.1.tgz#d933ceb9205d82bdcf4886f6742bdc2b4dea146d" + + map-stream@~0.1.0: + version "0.1.0" + resolved "https://registry.yarnpkg.com/map-stream/-/map-stream-0.1.0.tgz#e56aa94c4c8055a16404a0674b78f215f7c8e194" + + media-typer@0.3.0: + version "0.3.0" + resolved "https://registry.yarnpkg.com/media-typer/-/media-typer-0.3.0.tgz#8710d7af0aa626f8fffa1ce00168545263255748" + + meow@^3.5.0: + version "3.7.0" + resolved "https://registry.yarnpkg.com/meow/-/meow-3.7.0.tgz#72cb668b425228290abbfa856892587308a801fb" + dependencies: + camelcase-keys "^2.0.0" + decamelize "^1.1.2" + loud-rejection "^1.0.0" + map-obj "^1.0.1" + minimist "^1.1.3" + normalize-package-data "^2.3.4" + object-assign "^4.0.1" + read-pkg-up "^1.0.1" + redent "^1.0.0" + trim-newlines "^1.0.0" + + merge-descriptors@1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/merge-descriptors/-/merge-descriptors-1.0.1.tgz#b00aaa556dd8b44568150ec9d1b953f3f90cbb61" + + merge-stream@^1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/merge-stream/-/merge-stream-1.0.1.tgz#4041202d508a342ba00174008df0c251b8c135e1" + dependencies: + readable-stream "^2.0.1" + + methods@~1.1.2: + version "1.1.2" + resolved "https://registry.yarnpkg.com/methods/-/methods-1.1.2.tgz#5529a4d67654134edcc5266656835b0f851afcee" + + micromatch@^2.1.5, micromatch@^2.3.7: + version "2.3.11" + resolved "https://registry.yarnpkg.com/micromatch/-/micromatch-2.3.11.tgz#86677c97d1720b363431d04d0d15293bd38c1565" + dependencies: + arr-diff "^2.0.0" + array-unique "^0.2.1" + braces "^1.8.2" + expand-brackets "^0.1.4" + extglob "^0.3.1" + filename-regex "^2.0.0" + is-extglob "^1.0.0" + is-glob "^2.0.1" + kind-of "^3.0.2" + normalize-path "^2.0.1" + object.omit "^2.0.0" + parse-glob "^3.0.4" + regex-cache "^0.4.2" + + mime-db@~1.25.0: + version "1.25.0" + resolved "https://registry.yarnpkg.com/mime-db/-/mime-db-1.25.0.tgz#c18dbd7c73a5dbf6f44a024dc0d165a1e7b1c392" + + mime-types@^2.1.12, mime-types@~2.1.11, mime-types@~2.1.13, mime-types@~2.1.7: + version "2.1.13" + resolved "https://registry.yarnpkg.com/mime-types/-/mime-types-2.1.13.tgz#e07aaa9c6c6b9a7ca3012c69003ad25a39e92a88" + dependencies: + mime-db "~1.25.0" + + mime@1.3.4: + version "1.3.4" + resolved "https://registry.yarnpkg.com/mime/-/mime-1.3.4.tgz#115f9e3b6b3daf2959983cb38f149a2d40eb5d53" + + "minimatch@2 || 3", minimatch@^3.0.0, minimatch@^3.0.2, minimatch@^3.0.3: + version "3.0.3" + resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-3.0.3.tgz#2a4e4090b96b2db06a9d7df01055a62a77c9b774" + dependencies: + brace-expansion "^1.0.0" + + minimist@0.0.8: + version "0.0.8" + resolved "https://registry.yarnpkg.com/minimist/-/minimist-0.0.8.tgz#857fcabfc3397d2625b8228262e86aa7a011b05d" + + minimist@^1.1.0, minimist@^1.1.3, minimist@^1.2.0: + version "1.2.0" + resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.0.tgz#a35008b20f41383eec1fb914f4cd5df79a264284" + + mkdirp@0.5.1, "mkdirp@>=0.5 0", mkdirp@^0.5.0, mkdirp@^0.5.1, mkdirp@~0.5.1: + version "0.5.1" + resolved "https://registry.yarnpkg.com/mkdirp/-/mkdirp-0.5.1.tgz#30057438eac6cf7f8c4767f38648d6697d75c903" + dependencies: + minimist "0.0.8" + + mocha@^3.1.2: + version "3.2.0" + resolved "https://registry.yarnpkg.com/mocha/-/mocha-3.2.0.tgz#7dc4f45e5088075171a68896814e6ae9eb7a85e3" + dependencies: + browser-stdout "1.3.0" + commander "2.9.0" + debug "2.2.0" + diff "1.4.0" + escape-string-regexp "1.0.5" + glob "7.0.5" + growl "1.9.2" + json3 "3.3.2" + lodash.create "3.1.1" + mkdirp "0.5.1" + supports-color "3.1.2" + + moment@2.x.x: + version "2.17.1" + resolved "https://registry.yarnpkg.com/moment/-/moment-2.17.1.tgz#fed9506063f36b10f066c8b59a144d7faebe1d82" + + mongo-find-by-ids@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/mongo-find-by-ids/-/mongo-find-by-ids-1.0.0.tgz#c4e7a108e2b9fb98f59eb8be5d3801b2bfb52222" + + mongodb-core@2.1.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/mongodb-core/-/mongodb-core-2.1.0.tgz#49a5edf476f6cc16c4ff7d423802a88080d992fb" + dependencies: + bson "~1.0.0" + require_optional "~1.0.0" + + mongodb-download@^1.3.2: + version "1.3.2" + resolved "https://registry.yarnpkg.com/mongodb-download/-/mongodb-download-1.3.2.tgz#0a2e8868eaea6c18e2a7f7cb7c8048ff10809337" + dependencies: + debug "^2.2.0" + getos "^2.7.0" + yargs "^3.26.0" + + mongodb-prebuilt@^5.0.7: + version "5.0.8" + resolved "https://registry.yarnpkg.com/mongodb-prebuilt/-/mongodb-prebuilt-5.0.8.tgz#82eb96336688888c3a614efbf6c5613fb656fbed" + dependencies: + debug "^2.2.0" + decompress "^3.0.0" + https-proxy-agent "^1.0.0" + mongodb-download "^1.3.2" + spawn-sync "1.0.15" + yargs "^3.26.0" + + mongodb@^2.2.11: + version "2.2.13" + resolved "https://registry.yarnpkg.com/mongodb/-/mongodb-2.2.13.tgz#f74315fbf64450265f920481fc7f17491b056b8a" + dependencies: + es6-promise "3.2.1" + mongodb-core "2.1.0" + readable-stream "2.1.5" + + morgan@^1.8.2: + version "1.8.2" + resolved "https://registry.yarnpkg.com/morgan/-/morgan-1.8.2.tgz#784ac7734e4a453a9c6e6e8680a9329275c8b687" + dependencies: + basic-auth "~1.1.0" + debug "2.6.8" + depd "~1.1.0" + on-finished "~2.3.0" + on-headers "~1.0.1" + + ms@0.7.1, ms@^0.7.1: + version "0.7.1" + resolved "https://registry.yarnpkg.com/ms/-/ms-0.7.1.tgz#9cd13c03adbff25b65effde7ce864ee952017098" + + ms@2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/ms/-/ms-2.0.0.tgz#5608aeadfc00be6c2901df5f9861788de0d597c8" + + mute-stream@0.0.5: + version "0.0.5" + resolved "https://registry.yarnpkg.com/mute-stream/-/mute-stream-0.0.5.tgz#8fbfabb0a98a253d3184331f9e8deb7372fac6c0" + + nan@2.5.0, nan@^2.3.0, nan@^2.3.3: + version "2.5.0" + resolved "https://registry.yarnpkg.com/nan/-/nan-2.5.0.tgz#aa8f1e34531d807e9e27755b234b4a6ec0c152a8" + + natural-compare@^1.4.0: + version "1.4.0" + resolved "https://registry.yarnpkg.com/natural-compare/-/natural-compare-1.4.0.tgz#4abebfeed7541f2c27acfb29bdbbd15c8d5ba4f7" + + negotiator@0.6.1: + version "0.6.1" + resolved "https://registry.yarnpkg.com/negotiator/-/negotiator-0.6.1.tgz#2b327184e8992101177b28563fb5e7102acd0ca9" + + nested-error-stacks@^1.0.0: + version "1.0.2" + resolved "https://registry.yarnpkg.com/nested-error-stacks/-/nested-error-stacks-1.0.2.tgz#19f619591519f096769a5ba9a86e6eeec823c3cf" + dependencies: + inherits "~2.0.1" + + node-fetch@^1.6.3: + version "1.6.3" + resolved "https://registry.yarnpkg.com/node-fetch/-/node-fetch-1.6.3.tgz#dc234edd6489982d58e8f0db4f695029abcd8c04" + dependencies: + encoding "^0.1.11" + is-stream "^1.0.1" + + node-pre-gyp@0.6.32, node-pre-gyp@^0.6.29: + version "0.6.32" + resolved "https://registry.yarnpkg.com/node-pre-gyp/-/node-pre-gyp-0.6.32.tgz#fc452b376e7319b3d255f5f34853ef6fd8fe1fd5" + dependencies: + mkdirp "~0.5.1" + nopt "~3.0.6" + npmlog "^4.0.1" + rc "~1.1.6" + request "^2.79.0" + rimraf "~2.5.4" + semver "~5.3.0" + tar "~2.2.1" + tar-pack "~3.3.0" + + node-static@0.5.9: + version "0.5.9" + resolved "https://registry.yarnpkg.com/node-static/-/node-static-0.5.9.tgz#2f5bf30949e1735958266c269413aebce8cbe899" + + node-uuid@^1.4.7: + version "1.4.7" + resolved "https://registry.yarnpkg.com/node-uuid/-/node-uuid-1.4.7.tgz#6da5a17668c4b3dd59623bda11cf7fa4c1f60a6f" + + nodeify@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/nodeify/-/nodeify-1.0.1.tgz#64ab69a7bdbaf03ce107b4f0335c87c0b9e91b1d" + dependencies: + is-promise "~1.0.0" + promise "~1.3.0" + + nodemon@1.11.0: + version "1.11.0" + resolved "https://registry.yarnpkg.com/nodemon/-/nodemon-1.11.0.tgz#226c562bd2a7b13d3d7518b49ad4828a3623d06c" + dependencies: + chokidar "^1.4.3" + debug "^2.2.0" + es6-promise "^3.0.2" + ignore-by-default "^1.0.0" + lodash.defaults "^3.1.2" + minimatch "^3.0.0" + ps-tree "^1.0.1" + touch "1.0.0" + undefsafe "0.0.3" + update-notifier "0.5.0" + + nopt@~1.0.10: + version "1.0.10" + resolved "https://registry.yarnpkg.com/nopt/-/nopt-1.0.10.tgz#6ddd21bd2a31417b92727dd585f8a6f37608ebee" + dependencies: + abbrev "1" + + nopt@~3.0.6: + version "3.0.6" + resolved "https://registry.yarnpkg.com/nopt/-/nopt-3.0.6.tgz#c6465dbf08abcd4db359317f79ac68a646b28ff9" + dependencies: + abbrev "1" + + normalize-package-data@^2.3.2, normalize-package-data@^2.3.4: + version "2.3.5" + resolved "https://registry.yarnpkg.com/normalize-package-data/-/normalize-package-data-2.3.5.tgz#8d924f142960e1777e7ffe170543631cc7cb02df" + dependencies: + hosted-git-info "^2.1.4" + is-builtin-module "^1.0.0" + semver "2 || 3 || 4 || 5" + validate-npm-package-license "^3.0.1" + + normalize-path@^2.0.1: + version "2.0.1" + resolved "https://registry.yarnpkg.com/normalize-path/-/normalize-path-2.0.1.tgz#47886ac1662760d4261b7d979d241709d3ce3f7a" + + npmlog@^4.0.1: + version "4.0.1" + resolved "https://registry.yarnpkg.com/npmlog/-/npmlog-4.0.1.tgz#d14f503b4cd79710375553004ba96e6662fbc0b8" + dependencies: + are-we-there-yet "~1.1.2" + console-control-strings "~1.1.0" + gauge "~2.7.1" + set-blocking "~2.0.0" + + number-is-nan@^1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/number-is-nan/-/number-is-nan-1.0.1.tgz#097b602b53422a522c1afb8790318336941a011d" + + oauth-sign@~0.8.1: + version "0.8.2" + resolved "https://registry.yarnpkg.com/oauth-sign/-/oauth-sign-0.8.2.tgz#46a6ab7f0aead8deae9ec0565780b7d4efeb9d43" + + object-assign@^2.0.0: + version "2.1.1" + resolved "https://registry.yarnpkg.com/object-assign/-/object-assign-2.1.1.tgz#43c36e5d569ff8e4816c4efa8be02d26967c18aa" + + object-assign@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/object-assign/-/object-assign-3.0.0.tgz#9bedd5ca0897949bca47e7ff408062d549f587f2" + + object-assign@^4.0.0, object-assign@^4.0.1, object-assign@^4.1.0: + version "4.1.0" + resolved "https://registry.yarnpkg.com/object-assign/-/object-assign-4.1.0.tgz#7a3b3d0e98063d43f4c03f2e8ae6cd51a86883a0" + + object.omit@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/object.omit/-/object.omit-2.0.1.tgz#1a9c744829f39dbb858c76ca3579ae2a54ebd1fa" + dependencies: + for-own "^0.1.4" + is-extendable "^0.1.1" + + on-finished@~2.3.0: + version "2.3.0" + resolved "https://registry.yarnpkg.com/on-finished/-/on-finished-2.3.0.tgz#20f1336481b083cd75337992a16971aa2d906947" + dependencies: + ee-first "1.1.1" + + on-headers@~1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/on-headers/-/on-headers-1.0.1.tgz#928f5d0f470d49342651ea6794b0857c100693f7" + + once@^1.3.0: + version "1.4.0" + resolved "https://registry.yarnpkg.com/once/-/once-1.4.0.tgz#583b1aa775961d4b113ac17d9c50baef9dd76bd1" + dependencies: + wrappy "1" + + once@~1.3.0, once@~1.3.3: + version "1.3.3" + resolved "https://registry.yarnpkg.com/once/-/once-1.3.3.tgz#b2e261557ce4c314ec8304f3fa82663e4297ca20" + dependencies: + wrappy "1" + + onetime@^1.0.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/onetime/-/onetime-1.1.0.tgz#a1f7838f8314c516f05ecefcbc4ccfe04b4ed789" + + optionator@^0.8.2: + version "0.8.2" + resolved "https://registry.yarnpkg.com/optionator/-/optionator-0.8.2.tgz#364c5e409d3f4d6301d6c0b4c05bba50180aeb64" + dependencies: + deep-is "~0.1.3" + fast-levenshtein "~2.0.4" + levn "~0.3.0" + prelude-ls "~1.1.2" + type-check "~0.3.2" + wordwrap "~1.0.0" + + ordered-read-streams@^0.3.0: + version "0.3.0" + resolved "https://registry.yarnpkg.com/ordered-read-streams/-/ordered-read-streams-0.3.0.tgz#7137e69b3298bb342247a1bbee3881c80e2fd78b" + dependencies: + is-stream "^1.0.1" + readable-stream "^2.0.1" + + os-homedir@^1.0.0: + version "1.0.2" + resolved "https://registry.yarnpkg.com/os-homedir/-/os-homedir-1.0.2.tgz#ffbc4988336e0e833de0c168c7ef152121aa7fb3" + + os-locale@^1.4.0: + version "1.4.0" + resolved "https://registry.yarnpkg.com/os-locale/-/os-locale-1.4.0.tgz#20f9f17ae29ed345e8bde583b13d2009803c14d9" + dependencies: + lcid "^1.0.0" + + os-shim@^0.1.2: + version "0.1.3" + resolved "https://registry.yarnpkg.com/os-shim/-/os-shim-0.1.3.tgz#6b62c3791cf7909ea35ed46e17658bb417cb3917" + + os-tmpdir@^1.0.0, os-tmpdir@^1.0.1: + version "1.0.2" + resolved "https://registry.yarnpkg.com/os-tmpdir/-/os-tmpdir-1.0.2.tgz#bbe67406c79aa85c5cfec766fe5734555dfa1274" + + osenv@^0.1.0: + version "0.1.3" + resolved "https://registry.yarnpkg.com/osenv/-/osenv-0.1.3.tgz#83cf05c6d6458fc4d5ac6362ea325d92f2754217" + dependencies: + os-homedir "^1.0.0" + os-tmpdir "^1.0.0" + + output-file-sync@^1.1.0: + version "1.1.2" + resolved "https://registry.yarnpkg.com/output-file-sync/-/output-file-sync-1.1.2.tgz#d0a33eefe61a205facb90092e826598d5245ce76" + dependencies: + graceful-fs "^4.1.4" + mkdirp "^0.5.1" + object-assign "^4.1.0" + + package-json@^1.0.0: + version "1.2.0" + resolved "https://registry.yarnpkg.com/package-json/-/package-json-1.2.0.tgz#c8ecac094227cdf76a316874ed05e27cc939a0e0" + dependencies: + got "^3.2.0" + registry-url "^3.0.0" + + parse-glob@^3.0.4: + version "3.0.4" + resolved "https://registry.yarnpkg.com/parse-glob/-/parse-glob-3.0.4.tgz#b2c376cfb11f35513badd173ef0bb6e3a388391c" + dependencies: + glob-base "^0.3.0" + is-dotfile "^1.0.0" + is-extglob "^1.0.0" + is-glob "^2.0.0" + + parse-json@^2.2.0: + version "2.2.0" + resolved "https://registry.yarnpkg.com/parse-json/-/parse-json-2.2.0.tgz#f480f40434ef80741f8469099f8dea18f55a4dc9" + dependencies: + error-ex "^1.2.0" + + parseurl@~1.3.1: + version "1.3.1" + resolved "https://registry.yarnpkg.com/parseurl/-/parseurl-1.3.1.tgz#c8ab8c9223ba34888aa64a297b28853bec18da56" + + passport-jwt@^2.2.1: + version "2.2.1" + resolved "https://registry.yarnpkg.com/passport-jwt/-/passport-jwt-2.2.1.tgz#0e004c94071319d673d9d9bcfd1574a868011527" + dependencies: + jsonwebtoken "^7.0.0" + passport-strategy "^1.0.0" + + passport-strategy@1.x.x, passport-strategy@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/passport-strategy/-/passport-strategy-1.0.0.tgz#b5539aa8fc225a3d1ad179476ddf236b440f52e4" + + passport@^0.3.2: + version "0.3.2" + resolved "https://registry.yarnpkg.com/passport/-/passport-0.3.2.tgz#9dd009f915e8fe095b0124a01b8f82da07510102" + dependencies: + passport-strategy "1.x.x" + pause "0.0.1" + + path-dirname@^1.0.0: + version "1.0.2" + resolved "https://registry.yarnpkg.com/path-dirname/-/path-dirname-1.0.2.tgz#cc33d24d525e099a5388c0336c6e32b9160609e0" + + path-exists@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/path-exists/-/path-exists-1.0.0.tgz#d5a8998eb71ef37a74c34eb0d9eba6e878eea081" + + path-exists@^2.0.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/path-exists/-/path-exists-2.1.0.tgz#0feb6c64f0fc518d9a754dd5efb62c7022761f4b" + dependencies: + pinkie-promise "^2.0.0" + + path-is-absolute@^1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/path-is-absolute/-/path-is-absolute-1.0.1.tgz#174b9268735534ffbc7ace6bf53a5a9e1b5c5f5f" + + path-is-inside@^1.0.1: + version "1.0.2" + resolved "https://registry.yarnpkg.com/path-is-inside/-/path-is-inside-1.0.2.tgz#365417dede44430d1c11af61027facf074bdfc53" + + path-to-regexp@0.1.7: + version "0.1.7" + resolved "https://registry.yarnpkg.com/path-to-regexp/-/path-to-regexp-0.1.7.tgz#df604178005f522f15eb4490e7247a1bfaa67f8c" + + path-type@^1.0.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/path-type/-/path-type-1.1.0.tgz#59c44f7ee491da704da415da5a4070ba4f8fe441" + dependencies: + graceful-fs "^4.1.2" + pify "^2.0.0" + pinkie-promise "^2.0.0" + + pause-stream@0.0.11: + version "0.0.11" + resolved "https://registry.yarnpkg.com/pause-stream/-/pause-stream-0.0.11.tgz#fe5a34b0cbce12b5aa6a2b403ee2e73b602f1445" + dependencies: + through "~2.3" + + pause@0.0.1: + version "0.0.1" + resolved "https://registry.yarnpkg.com/pause/-/pause-0.0.1.tgz#1d408b3fdb76923b9543d96fb4c9dfd535d9cb5d" + + pend@~1.2.0: + version "1.2.0" + resolved "https://registry.yarnpkg.com/pend/-/pend-1.2.0.tgz#7a57eb550a6783f9115331fcf4663d5c8e007a50" + + pify@^2.0.0: + version "2.3.0" + resolved "https://registry.yarnpkg.com/pify/-/pify-2.3.0.tgz#ed141a6ac043a849ea588498e7dca8b15330e90c" + + pinkie-promise@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/pinkie-promise/-/pinkie-promise-2.0.1.tgz#2135d6dfa7a358c069ac9b178776288228450ffa" + dependencies: + pinkie "^2.0.0" + + pinkie@^2.0.0: + version "2.0.4" + resolved "https://registry.yarnpkg.com/pinkie/-/pinkie-2.0.4.tgz#72556b80cfa0d48a974e80e77248e80ed4f7f870" + + pkg-dir@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/pkg-dir/-/pkg-dir-1.0.0.tgz#7a4b508a8d5bb2d629d447056ff4e9c9314cf3d4" + dependencies: + find-up "^1.0.0" + + pkg-up@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/pkg-up/-/pkg-up-1.0.0.tgz#3e08fb461525c4421624a33b9f7e6d0af5b05a26" + dependencies: + find-up "^1.0.0" + + pluralize@^1.2.1: + version "1.2.1" + resolved "https://registry.yarnpkg.com/pluralize/-/pluralize-1.2.1.tgz#d1a21483fd22bb41e58a12fa3421823140897c45" + + prelude-ls@~1.1.2: + version "1.1.2" + resolved "https://registry.yarnpkg.com/prelude-ls/-/prelude-ls-1.1.2.tgz#21932a549f5e52ffd9a827f570e04be62a97da54" + + prepend-http@^1.0.0: + version "1.0.4" + resolved "https://registry.yarnpkg.com/prepend-http/-/prepend-http-1.0.4.tgz#d4f4562b0ce3696e41ac52d0e002e57a635dc6dc" + + preserve@^0.2.0: + version "0.2.0" + resolved "https://registry.yarnpkg.com/preserve/-/preserve-0.2.0.tgz#815ed1f6ebc65926f865b310c0713bcb3315ce4b" + + private@^0.1.6, private@~0.1.5: + version "0.1.6" + resolved "https://registry.yarnpkg.com/private/-/private-0.1.6.tgz#55c6a976d0f9bafb9924851350fe47b9b5fbb7c1" + + process-nextick-args@~1.0.6: + version "1.0.7" + resolved "https://registry.yarnpkg.com/process-nextick-args/-/process-nextick-args-1.0.7.tgz#150e20b756590ad3f91093f25a4f2ad8bff30ba3" + + progress@^1.1.8: + version "1.1.8" + resolved "https://registry.yarnpkg.com/progress/-/progress-1.1.8.tgz#e260c78f6161cdd9b0e56cc3e0a85de17c7a57be" + + promise@~1.3.0: + version "1.3.0" + resolved "https://registry.yarnpkg.com/promise/-/promise-1.3.0.tgz#e5cc9a4c8278e4664ffedc01c7da84842b040175" + dependencies: + is-promise "~1" + + proxy-addr@~1.1.2: + version "1.1.2" + resolved "https://registry.yarnpkg.com/proxy-addr/-/proxy-addr-1.1.2.tgz#b4cc5f22610d9535824c123aef9d3cf73c40ba37" + dependencies: + forwarded "~0.1.0" + ipaddr.js "1.1.1" + + ps-tree@^1.0.1: + version "1.1.0" + resolved "https://registry.yarnpkg.com/ps-tree/-/ps-tree-1.1.0.tgz#b421b24140d6203f1ed3c76996b4427b08e8c014" + dependencies: + event-stream "~3.3.0" + + punycode@^1.4.1: + version "1.4.1" + resolved "https://registry.yarnpkg.com/punycode/-/punycode-1.4.1.tgz#c0d5a63b2718800ad8e1eb0fa5269c84dd41845e" + + qs@6.2.0: + version "6.2.0" + resolved "https://registry.yarnpkg.com/qs/-/qs-6.2.0.tgz#3b7848c03c2dece69a9522b0fae8c4126d745f3b" + + qs@~6.3.0: + version "6.3.0" + resolved "https://registry.yarnpkg.com/qs/-/qs-6.3.0.tgz#f403b264f23bc01228c74131b407f18d5ea5d442" + + random-bytes@~1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/random-bytes/-/random-bytes-1.0.0.tgz#4f68a1dc0ae58bd3fb95848c30324db75d64360b" + + randomatic@^1.1.3: + version "1.1.6" + resolved "https://registry.yarnpkg.com/randomatic/-/randomatic-1.1.6.tgz#110dcabff397e9dcff7c0789ccc0a49adf1ec5bb" + dependencies: + is-number "^2.0.2" + kind-of "^3.0.2" + + range-parser@~1.2.0: + version "1.2.0" + resolved "https://registry.yarnpkg.com/range-parser/-/range-parser-1.2.0.tgz#f49be6b487894ddc40dcc94a322f611092e00d5e" + + raw-body@~2.1.7: + version "2.1.7" + resolved "https://registry.yarnpkg.com/raw-body/-/raw-body-2.1.7.tgz#adfeace2e4fb3098058014d08c072dcc59758774" + dependencies: + bytes "2.4.0" + iconv-lite "0.4.13" + unpipe "1.0.0" + + rc@^1.0.1, rc@~1.1.6: + version "1.1.6" + resolved "https://registry.yarnpkg.com/rc/-/rc-1.1.6.tgz#43651b76b6ae53b5c802f1151fa3fc3b059969c9" + dependencies: + deep-extend "~0.4.0" + ini "~1.3.0" + minimist "^1.2.0" + strip-json-comments "~1.0.4" + + read-all-stream@^3.0.0: + version "3.1.0" + resolved "https://registry.yarnpkg.com/read-all-stream/-/read-all-stream-3.1.0.tgz#35c3e177f2078ef789ee4bfafa4373074eaef4fa" + dependencies: + pinkie-promise "^2.0.0" + readable-stream "^2.0.0" + + read-pkg-up@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/read-pkg-up/-/read-pkg-up-1.0.1.tgz#9d63c13276c065918d57f002a57f40a1b643fb02" + dependencies: + find-up "^1.0.0" + read-pkg "^1.0.0" + + read-pkg@^1.0.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/read-pkg/-/read-pkg-1.1.0.tgz#f5ffaa5ecd29cb31c0474bca7d756b6bb29e3f28" + dependencies: + load-json-file "^1.0.0" + normalize-package-data "^2.3.2" + path-type "^1.0.0" + + readable-stream@2.1.5, readable-stream@^2.0.0, "readable-stream@^2.0.0 || ^1.1.13", readable-stream@^2.0.1, readable-stream@^2.0.2, readable-stream@^2.0.4, readable-stream@^2.0.5, readable-stream@^2.1.5, readable-stream@~2.1.4: + version "2.1.5" + resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.1.5.tgz#66fa8b720e1438b364681f2ad1a63c618448c9d0" + dependencies: + buffer-shims "^1.0.0" + core-util-is "~1.0.0" + inherits "~2.0.1" + isarray "~1.0.0" + process-nextick-args "~1.0.6" + string_decoder "~0.10.x" + util-deprecate "~1.0.1" + + "readable-stream@>=1.0.33-1 <1.1.0-0": + version "1.0.34" + resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-1.0.34.tgz#125820e34bc842d2f2aaafafe4c2916ee32c157c" + dependencies: + core-util-is "~1.0.0" + inherits "~2.0.1" + isarray "0.0.1" + string_decoder "~0.10.x" + + readable-stream@~2.0.0, readable-stream@~2.0.5: + version "2.0.6" + resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.0.6.tgz#8f90341e68a53ccc928788dacfcd11b36eb9b78e" + dependencies: + core-util-is "~1.0.0" + inherits "~2.0.1" + isarray "~1.0.0" + process-nextick-args "~1.0.6" + string_decoder "~0.10.x" + util-deprecate "~1.0.1" + + readdirp@^2.0.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/readdirp/-/readdirp-2.1.0.tgz#4ed0ad060df3073300c48440373f72d1cc642d78" + dependencies: + graceful-fs "^4.1.2" + minimatch "^3.0.2" + readable-stream "^2.0.2" + set-immediate-shim "^1.0.1" + + readline2@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/readline2/-/readline2-1.0.1.tgz#41059608ffc154757b715d9989d199ffbf372e35" + dependencies: + code-point-at "^1.0.0" + is-fullwidth-code-point "^1.0.0" + mute-stream "0.0.5" + + redent@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/redent/-/redent-1.0.0.tgz#cf916ab1fd5f1f16dfb20822dd6ec7f730c2afde" + dependencies: + indent-string "^2.1.0" + strip-indent "^1.0.1" + + regenerate@^1.2.1: + version "1.3.2" + resolved "https://registry.yarnpkg.com/regenerate/-/regenerate-1.3.2.tgz#d1941c67bad437e1be76433add5b385f95b19260" + + regenerator-runtime@^0.9.5: + version "0.9.6" + resolved "https://registry.yarnpkg.com/regenerator-runtime/-/regenerator-runtime-0.9.6.tgz#d33eb95d0d2001a4be39659707c51b0cb71ce029" + + regex-cache@^0.4.2: + version "0.4.3" + resolved "https://registry.yarnpkg.com/regex-cache/-/regex-cache-0.4.3.tgz#9b1a6c35d4d0dfcef5711ae651e8e9d3d7114145" + dependencies: + is-equal-shallow "^0.1.3" + is-primitive "^2.0.0" + + regexpu-core@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/regexpu-core/-/regexpu-core-2.0.0.tgz#49d038837b8dcf8bfa5b9a42139938e6ea2ae240" + dependencies: + regenerate "^1.2.1" + regjsgen "^0.2.0" + regjsparser "^0.1.4" + + registry-url@^3.0.0: + version "3.1.0" + resolved "https://registry.yarnpkg.com/registry-url/-/registry-url-3.1.0.tgz#3d4ef870f73dde1d77f0cf9a381432444e174942" + dependencies: + rc "^1.0.1" + + regjsgen@^0.2.0: + version "0.2.0" + resolved "https://registry.yarnpkg.com/regjsgen/-/regjsgen-0.2.0.tgz#6c016adeac554f75823fe37ac05b92d5a4edb1f7" + + regjsparser@^0.1.4: + version "0.1.5" + resolved "https://registry.yarnpkg.com/regjsparser/-/regjsparser-0.1.5.tgz#7ee8f84dc6fa792d3fd0ae228d24bd949ead205c" + dependencies: + jsesc "~0.5.0" + + repeat-element@^1.1.2: + version "1.1.2" + resolved "https://registry.yarnpkg.com/repeat-element/-/repeat-element-1.1.2.tgz#ef089a178d1483baae4d93eb98b4f9e4e11d990a" + + repeat-string@^1.5.2: + version "1.6.1" + resolved "https://registry.yarnpkg.com/repeat-string/-/repeat-string-1.6.1.tgz#8dcae470e1c88abc2d600fff4a776286da75e637" + + repeating@^1.1.2: + version "1.1.3" + resolved "https://registry.yarnpkg.com/repeating/-/repeating-1.1.3.tgz#3d4114218877537494f97f77f9785fab810fa4ac" + dependencies: + is-finite "^1.0.0" + + repeating@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/repeating/-/repeating-2.0.1.tgz#5214c53a926d3552707527fbab415dbc08d06dda" + dependencies: + is-finite "^1.0.0" + + replace-ext@0.0.1: + version "0.0.1" + resolved "https://registry.yarnpkg.com/replace-ext/-/replace-ext-0.0.1.tgz#29bbd92078a739f0bcce2b4ee41e837953522924" + + request@^2.65.0, request@^2.79.0: + version "2.79.0" + resolved "https://registry.yarnpkg.com/request/-/request-2.79.0.tgz#4dfe5bf6be8b8cdc37fcf93e04b65577722710de" + dependencies: + aws-sign2 "~0.6.0" + aws4 "^1.2.1" + caseless "~0.11.0" + combined-stream "~1.0.5" + extend "~3.0.0" + forever-agent "~0.6.1" + form-data "~2.1.1" + har-validator "~2.0.6" + hawk "~3.1.3" + http-signature "~1.1.0" + is-typedarray "~1.0.0" + isstream "~0.1.2" + json-stringify-safe "~5.0.1" + mime-types "~2.1.7" + oauth-sign "~0.8.1" + qs "~6.3.0" + stringstream "~0.0.4" + tough-cookie "~2.3.0" + tunnel-agent "~0.4.1" + uuid "^3.0.0" + + require-uncached@^1.0.2: + version "1.0.3" + resolved "https://registry.yarnpkg.com/require-uncached/-/require-uncached-1.0.3.tgz#4e0d56d6c9662fd31e43011c4b95aa49955421d3" + dependencies: + caller-path "^0.1.0" + resolve-from "^1.0.0" + + require_optional@~1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/require_optional/-/require_optional-1.0.0.tgz#52a86137a849728eb60a55533617f8f914f59abf" + dependencies: + resolve-from "^2.0.0" + semver "^5.1.0" + + resolve-from@^1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/resolve-from/-/resolve-from-1.0.1.tgz#26cbfe935d1aeeeabb29bc3fe5aeb01e93d44226" + + resolve-from@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/resolve-from/-/resolve-from-2.0.0.tgz#9480ab20e94ffa1d9e80a804c7ea147611966b57" + + resolve@^1.1.6: + version "1.1.7" + resolved "https://registry.yarnpkg.com/resolve/-/resolve-1.1.7.tgz#203114d82ad2c5ed9e8e0411b3932875e889e97b" + + restore-cursor@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/restore-cursor/-/restore-cursor-1.0.1.tgz#34661f46886327fed2991479152252df92daa541" + dependencies: + exit-hook "^1.0.0" + onetime "^1.0.0" + + rimraf@2, rimraf@^2.2.8, rimraf@~2.5.1, rimraf@~2.5.4: + version "2.5.4" + resolved "https://registry.yarnpkg.com/rimraf/-/rimraf-2.5.4.tgz#96800093cbf1a0c86bd95b4625467535c29dfa04" + dependencies: + glob "^7.0.5" + + run-async@^0.1.0: + version "0.1.0" + resolved "https://registry.yarnpkg.com/run-async/-/run-async-0.1.0.tgz#c8ad4a5e110661e402a7d21b530e009f25f8e389" + dependencies: + once "^1.3.0" + + rx-lite@^3.1.2: + version "3.1.2" + resolved "https://registry.yarnpkg.com/rx-lite/-/rx-lite-3.1.2.tgz#19ce502ca572665f3b647b10939f97fd1615f102" + + safe-buffer@^5.0.1: + version "5.0.1" + resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.0.1.tgz#d263ca54696cd8a306b5ca6551e92de57918fbe7" + + seek-bzip@^1.0.3: + version "1.0.5" + resolved "https://registry.yarnpkg.com/seek-bzip/-/seek-bzip-1.0.5.tgz#cfe917cb3d274bcffac792758af53173eb1fabdc" + dependencies: + commander "~2.8.1" + + semver-diff@^2.0.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/semver-diff/-/semver-diff-2.1.0.tgz#4bbb8437c8d37e4b0cf1a68fd726ec6d645d6d36" + dependencies: + semver "^5.0.3" + + semver-regex@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/semver-regex/-/semver-regex-1.0.0.tgz#92a4969065f9c70c694753d55248fc68f8f652c9" + + semver-truncate@^1.0.0: + version "1.1.2" + resolved "https://registry.yarnpkg.com/semver-truncate/-/semver-truncate-1.1.2.tgz#57f41de69707a62709a7e0104ba2117109ea47e8" + dependencies: + semver "^5.3.0" + + "semver@2 || 3 || 4 || 5", semver@^5.0.3, semver@^5.1.0, semver@^5.3.0, semver@~5.3.0: + version "5.3.0" + resolved "https://registry.yarnpkg.com/semver/-/semver-5.3.0.tgz#9b2ce5d3de02d17c6012ad326aa6b4d0cf54f94f" + + semver@^4.0.3: + version "4.3.6" + resolved "https://registry.yarnpkg.com/semver/-/semver-4.3.6.tgz#300bc6e0e86374f7ba61068b5b1ecd57fc6532da" + + semver@~5.0.1: + version "5.0.3" + resolved "https://registry.yarnpkg.com/semver/-/semver-5.0.3.tgz#77466de589cd5d3c95f138aa78bc569a3cb5d27a" + + send@0.14.1: + version "0.14.1" + resolved "https://registry.yarnpkg.com/send/-/send-0.14.1.tgz#a954984325392f51532a7760760e459598c89f7a" + dependencies: + debug "~2.2.0" + depd "~1.1.0" + destroy "~1.0.4" + encodeurl "~1.0.1" + escape-html "~1.0.3" + etag "~1.7.0" + fresh "0.3.0" + http-errors "~1.5.0" + mime "1.3.4" + ms "0.7.1" + on-finished "~2.3.0" + range-parser "~1.2.0" + statuses "~1.3.0" + + serve-static@~1.11.1: + version "1.11.1" + resolved "https://registry.yarnpkg.com/serve-static/-/serve-static-1.11.1.tgz#d6cce7693505f733c759de57befc1af76c0f0805" + dependencies: + encodeurl "~1.0.1" + escape-html "~1.0.3" + parseurl "~1.3.1" + send "0.14.1" + + set-blocking@~2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/set-blocking/-/set-blocking-2.0.0.tgz#045f9782d011ae9a6803ddd382b24392b3d890f7" + + set-immediate-shim@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/set-immediate-shim/-/set-immediate-shim-1.0.1.tgz#4b2b1b27eb808a9f8dcc481a58e5e56f599f3f61" + + setprototypeof@1.0.2: + version "1.0.2" + resolved "https://registry.yarnpkg.com/setprototypeof/-/setprototypeof-1.0.2.tgz#81a552141ec104b88e89ce383103ad5c66564d08" + + shebang-regex@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/shebang-regex/-/shebang-regex-1.0.0.tgz#da42f49740c0b42db2ca9728571cb190c98efea3" + + shelljs@^0.6.0: + version "0.6.1" + resolved "https://registry.yarnpkg.com/shelljs/-/shelljs-0.6.1.tgz#ec6211bed1920442088fe0f70b2837232ed2c8a8" + + signal-exit@^3.0.0: + version "3.0.2" + resolved "https://registry.yarnpkg.com/signal-exit/-/signal-exit-3.0.2.tgz#b5fdc08f1287ea1178628e415e25132b73646c6d" + + slash@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/slash/-/slash-1.0.0.tgz#c41f2f6c39fc16d1cd17ad4b5d896114ae470d55" + + slice-ansi@0.0.4: + version "0.0.4" + resolved "https://registry.yarnpkg.com/slice-ansi/-/slice-ansi-0.0.4.tgz#edbf8903f66f7ce2f8eafd6ceed65e264c831b35" + + slide@^1.1.5: + version "1.1.6" + resolved "https://registry.yarnpkg.com/slide/-/slide-1.1.6.tgz#56eb027d65b4d2dce6cb2e2d32c4d4afc9e1d707" + + sntp@1.x.x: + version "1.0.9" + resolved "https://registry.yarnpkg.com/sntp/-/sntp-1.0.9.tgz#6541184cc90aeea6c6e7b35e2659082443c66198" + dependencies: + hoek "2.x.x" + + source-map-support@^0.4.2: + version "0.4.6" + resolved "https://registry.yarnpkg.com/source-map-support/-/source-map-support-0.4.6.tgz#32552aa64b458392a85eab3b0b5ee61527167aeb" + dependencies: + source-map "^0.5.3" + + source-map@^0.5.0, source-map@^0.5.3: + version "0.5.6" + resolved "https://registry.yarnpkg.com/source-map/-/source-map-0.5.6.tgz#75ce38f52bf0733c5a7f0c118d81334a2bb5f412" + + spawn-sync@1.0.15: + version "1.0.15" + resolved "https://registry.yarnpkg.com/spawn-sync/-/spawn-sync-1.0.15.tgz#b00799557eb7fb0c8376c29d44e8a1ea67e57476" + dependencies: + concat-stream "^1.4.7" + os-shim "^0.1.2" + + spdx-correct@~1.0.0: + version "1.0.2" + resolved "https://registry.yarnpkg.com/spdx-correct/-/spdx-correct-1.0.2.tgz#4b3073d933ff51f3912f03ac5519498a4150db40" + dependencies: + spdx-license-ids "^1.0.2" + + spdx-expression-parse@~1.0.0: + version "1.0.4" + resolved "https://registry.yarnpkg.com/spdx-expression-parse/-/spdx-expression-parse-1.0.4.tgz#9bdf2f20e1f40ed447fbe273266191fced51626c" + + spdx-license-ids@^1.0.2: + version "1.2.2" + resolved "https://registry.yarnpkg.com/spdx-license-ids/-/spdx-license-ids-1.2.2.tgz#c9df7a3424594ade6bd11900d596696dc06bac57" + + split@0.3: + version "0.3.3" + resolved "https://registry.yarnpkg.com/split/-/split-0.3.3.tgz#cd0eea5e63a211dfff7eb0f091c4133e2d0dd28f" + dependencies: + through "2" + + sprintf-js@~1.0.2: + version "1.0.3" + resolved "https://registry.yarnpkg.com/sprintf-js/-/sprintf-js-1.0.3.tgz#04e6926f662895354f3dd015203633b857297e2c" + + sshpk@^1.7.0: + version "1.10.1" + resolved "https://registry.yarnpkg.com/sshpk/-/sshpk-1.10.1.tgz#30e1a5d329244974a1af61511339d595af6638b0" + dependencies: + asn1 "~0.2.3" + assert-plus "^1.0.0" + dashdash "^1.12.0" + getpass "^0.1.1" + optionalDependencies: + bcrypt-pbkdf "^1.0.0" + ecc-jsbn "~0.1.1" + jodid25519 "^1.0.0" + jsbn "~0.1.0" + tweetnacl "~0.14.0" + + stack-trace@0.0.x: + version "0.0.10" + resolved "https://registry.yarnpkg.com/stack-trace/-/stack-trace-0.0.10.tgz#547c70b347e8d32b4e108ea1a2a159e5fdde19c0" + + stat-mode@^0.2.0: + version "0.2.2" + resolved "https://registry.yarnpkg.com/stat-mode/-/stat-mode-0.2.2.tgz#e6c80b623123d7d80cf132ce538f346289072502" + + "statuses@>= 1.3.1 < 2", statuses@~1.3.0: + version "1.3.1" + resolved "https://registry.yarnpkg.com/statuses/-/statuses-1.3.1.tgz#faf51b9eb74aaef3b3acf4ad5f61abf24cb7b93e" + + stream-combiner2@^1.1.1: + version "1.1.1" + resolved "https://registry.yarnpkg.com/stream-combiner2/-/stream-combiner2-1.1.1.tgz#fb4d8a1420ea362764e21ad4780397bebcb41cbe" + dependencies: + duplexer2 "~0.1.0" + readable-stream "^2.0.2" + + stream-combiner@~0.0.4: + version "0.0.4" + resolved "https://registry.yarnpkg.com/stream-combiner/-/stream-combiner-0.0.4.tgz#4d5e433c185261dde623ca3f44c586bcf5c4ad14" + dependencies: + duplexer "~0.1.1" + + stream-shift@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/stream-shift/-/stream-shift-1.0.0.tgz#d5c752825e5367e786f78e18e445ea223a155952" + + string-length@^1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/string-length/-/string-length-1.0.1.tgz#56970fb1c38558e9e70b728bf3de269ac45adfac" + dependencies: + strip-ansi "^3.0.0" + + string-width@^1.0.1: + version "1.0.2" + resolved "https://registry.yarnpkg.com/string-width/-/string-width-1.0.2.tgz#118bdf5b8cdc51a2a7e70d211e07e2b0b9b107d3" + dependencies: + code-point-at "^1.0.0" + is-fullwidth-code-point "^1.0.0" + strip-ansi "^3.0.0" + + string-width@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/string-width/-/string-width-2.0.0.tgz#635c5436cc72a6e0c387ceca278d4e2eec52687e" + dependencies: + is-fullwidth-code-point "^2.0.0" + strip-ansi "^3.0.0" + + string_decoder@~0.10.x: + version "0.10.31" + resolved "https://registry.yarnpkg.com/string_decoder/-/string_decoder-0.10.31.tgz#62e203bc41766c6c28c9fc84301dab1c5310fa94" + + stringstream@~0.0.4: + version "0.0.5" + resolved "https://registry.yarnpkg.com/stringstream/-/stringstream-0.0.5.tgz#4e484cd4de5a0bbbee18e46307710a8a81621878" + + strip-ansi@^3.0.0, strip-ansi@^3.0.1: + version "3.0.1" + resolved "https://registry.yarnpkg.com/strip-ansi/-/strip-ansi-3.0.1.tgz#6a385fb8853d952d5ff05d0e8aaf94278dc63dcf" + dependencies: + ansi-regex "^2.0.0" + + strip-bom-stream@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/strip-bom-stream/-/strip-bom-stream-1.0.0.tgz#e7144398577d51a6bed0fa1994fa05f43fd988ee" + dependencies: + first-chunk-stream "^1.0.0" + strip-bom "^2.0.0" + + strip-bom@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/strip-bom/-/strip-bom-2.0.0.tgz#6219a85616520491f35788bdbf1447a99c7e6b0e" + dependencies: + is-utf8 "^0.2.0" + + strip-bom@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/strip-bom/-/strip-bom-3.0.0.tgz#2334c18e9c759f7bdd56fdef7e9ae3d588e68ed3" + + strip-dirs@^1.0.0: + version "1.1.1" + resolved "https://registry.yarnpkg.com/strip-dirs/-/strip-dirs-1.1.1.tgz#960bbd1287844f3975a4558aa103a8255e2456a0" + dependencies: + chalk "^1.0.0" + get-stdin "^4.0.1" + is-absolute "^0.1.5" + is-natural-number "^2.0.0" + minimist "^1.1.0" + sum-up "^1.0.1" + + strip-indent@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/strip-indent/-/strip-indent-1.0.1.tgz#0c7962a6adefa7bbd4ac366460a638552ae1a0a2" + dependencies: + get-stdin "^4.0.1" + + strip-json-comments@~1.0.1, strip-json-comments@~1.0.4: + version "1.0.4" + resolved "https://registry.yarnpkg.com/strip-json-comments/-/strip-json-comments-1.0.4.tgz#1e15fbcac97d3ee99bf2d73b4c656b082bbafb91" + + subscriptions-transport-ws@0.2.6: + version "0.2.6" + resolved "https://registry.yarnpkg.com/subscriptions-transport-ws/-/subscriptions-transport-ws-0.2.6.tgz#433861167c25ef9a2b8697e9403afa2a77656cb3" + dependencies: + "@types/node" "^6.0.38" + backo2 "^1.0.2" + es6-promise "^3.2.1" + graphql-subscriptions "^0.1.3" + lodash.isobject "^3.0.2" + lodash.isstring "^4.0.1" + node-static "0.5.9" + websocket "^1.0.23" + + sum-up@^1.0.1: + version "1.0.3" + resolved "https://registry.yarnpkg.com/sum-up/-/sum-up-1.0.3.tgz#1c661f667057f63bcb7875aa1438bc162525156e" + dependencies: + chalk "^1.0.0" + + supports-color@3.1.2: + version "3.1.2" + resolved "https://registry.yarnpkg.com/supports-color/-/supports-color-3.1.2.tgz#72a262894d9d408b956ca05ff37b2ed8a6e2a2d5" + dependencies: + has-flag "^1.0.0" + + supports-color@^0.2.0: + version "0.2.0" + resolved "https://registry.yarnpkg.com/supports-color/-/supports-color-0.2.0.tgz#d92de2694eb3f67323973d7ae3d8b55b4c22190a" + + supports-color@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/supports-color/-/supports-color-2.0.0.tgz#535d045ce6b6363fa40117084629995e9df324c7" + + table@^3.7.8: + version "3.8.3" + resolved "https://registry.yarnpkg.com/table/-/table-3.8.3.tgz#2bbc542f0fda9861a755d3947fefd8b3f513855f" + dependencies: + ajv "^4.7.0" + ajv-keywords "^1.0.0" + chalk "^1.1.1" + lodash "^4.0.0" + slice-ansi "0.0.4" + string-width "^2.0.0" + + tar-pack@~3.3.0: + version "3.3.0" + resolved "https://registry.yarnpkg.com/tar-pack/-/tar-pack-3.3.0.tgz#30931816418f55afc4d21775afdd6720cee45dae" + dependencies: + debug "~2.2.0" + fstream "~1.0.10" + fstream-ignore "~1.0.5" + once "~1.3.3" + readable-stream "~2.1.4" + rimraf "~2.5.1" + tar "~2.2.1" + uid-number "~0.0.6" + + tar-stream@^1.1.1: + version "1.5.2" + resolved "https://registry.yarnpkg.com/tar-stream/-/tar-stream-1.5.2.tgz#fbc6c6e83c1a19d4cb48c7d96171fc248effc7bf" + dependencies: + bl "^1.0.0" + end-of-stream "^1.0.0" + readable-stream "^2.0.0" + xtend "^4.0.0" + + tar@~2.2.1: + version "2.2.1" + resolved "https://registry.yarnpkg.com/tar/-/tar-2.2.1.tgz#8e4d2a256c0e2185c6b18ad694aec968b83cb1d1" + dependencies: + block-stream "*" + fstream "^1.0.2" + inherits "2" + + text-table@~0.2.0: + version "0.2.0" + resolved "https://registry.yarnpkg.com/text-table/-/text-table-0.2.0.tgz#7f5ee823ae805207c00af2df4a84ec3fcfa570b4" + + through2-filter@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/through2-filter/-/through2-filter-2.0.0.tgz#60bc55a0dacb76085db1f9dae99ab43f83d622ec" + dependencies: + through2 "~2.0.0" + xtend "~4.0.0" + + through2@^0.6.0, through2@^0.6.1: + version "0.6.5" + resolved "https://registry.yarnpkg.com/through2/-/through2-0.6.5.tgz#41ab9c67b29d57209071410e1d7a7a968cd3ad48" + dependencies: + readable-stream ">=1.0.33-1 <1.1.0-0" + xtend ">=4.0.0 <4.1.0-0" + + through2@^2.0.0, through2@~2.0.0: + version "2.0.3" + resolved "https://registry.yarnpkg.com/through2/-/through2-2.0.3.tgz#0004569b37c7c74ba39c43f3ced78d1ad94140be" + dependencies: + readable-stream "^2.1.5" + xtend "~4.0.1" + + through@2, through@^2.3.6, through@~2.3, through@~2.3.1: + version "2.3.8" + resolved "https://registry.yarnpkg.com/through/-/through-2.3.8.tgz#0dd4c9ffaabc357960b1b724115d7e0e86a2e1f5" + + timed-out@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/timed-out/-/timed-out-2.0.0.tgz#f38b0ae81d3747d628001f41dafc652ace671c0a" + + to-absolute-glob@^0.1.1: + version "0.1.1" + resolved "https://registry.yarnpkg.com/to-absolute-glob/-/to-absolute-glob-0.1.1.tgz#1cdfa472a9ef50c239ee66999b662ca0eb39937f" + dependencies: + extend-shallow "^2.0.1" + + to-fast-properties@^1.0.1: + version "1.0.2" + resolved "https://registry.yarnpkg.com/to-fast-properties/-/to-fast-properties-1.0.2.tgz#f3f5c0c3ba7299a7ef99427e44633257ade43320" + + topo@1.x.x: + version "1.1.0" + resolved "https://registry.yarnpkg.com/topo/-/topo-1.1.0.tgz#e9d751615d1bb87dc865db182fa1ca0a5ef536d5" + dependencies: + hoek "2.x.x" + + touch@1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/touch/-/touch-1.0.0.tgz#449cbe2dbae5a8c8038e30d71fa0ff464947c4de" + dependencies: + nopt "~1.0.10" + + tough-cookie@~2.3.0: + version "2.3.2" + resolved "https://registry.yarnpkg.com/tough-cookie/-/tough-cookie-2.3.2.tgz#f081f76e4c85720e6c37a5faced737150d84072a" + dependencies: + punycode "^1.4.1" + + trim-newlines@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/trim-newlines/-/trim-newlines-1.0.0.tgz#5887966bb582a4503a41eb524f7d35011815a613" + + tryit@^1.0.1: + version "1.0.3" + resolved "https://registry.yarnpkg.com/tryit/-/tryit-1.0.3.tgz#393be730a9446fd1ead6da59a014308f36c289cb" + + tunnel-agent@~0.4.1: + version "0.4.3" + resolved "https://registry.yarnpkg.com/tunnel-agent/-/tunnel-agent-0.4.3.tgz#6373db76909fe570e08d73583365ed828a74eeeb" + + tweetnacl@^0.14.3, tweetnacl@~0.14.0: + version "0.14.4" + resolved "https://registry.yarnpkg.com/tweetnacl/-/tweetnacl-0.14.4.tgz#8c9dbfb52795686f166cd2023794bcf103d13c2b" + + type-check@~0.3.2: + version "0.3.2" + resolved "https://registry.yarnpkg.com/type-check/-/type-check-0.3.2.tgz#5884cab512cf1d355e3fb784f30804b2b520db72" + dependencies: + prelude-ls "~1.1.2" + + type-detect@0.1.1: + version "0.1.1" + resolved "https://registry.yarnpkg.com/type-detect/-/type-detect-0.1.1.tgz#0ba5ec2a885640e470ea4e8505971900dac58822" + + type-detect@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/type-detect/-/type-detect-1.0.0.tgz#762217cc06db258ec48908a1298e8b95121e8ea2" + + type-is@~1.6.13: + version "1.6.14" + resolved "https://registry.yarnpkg.com/type-is/-/type-is-1.6.14.tgz#e219639c17ded1ca0789092dd54a03826b817cb2" + dependencies: + media-typer "0.3.0" + mime-types "~2.1.13" + + typed-graphql@^1.0.2: + version "1.0.2" + resolved "https://registry.yarnpkg.com/typed-graphql/-/typed-graphql-1.0.2.tgz#4c0f788775d552df4d4ec3d73f25469252f40fb8" + + typedarray-to-buffer@^3.1.2: + version "3.1.2" + resolved "https://registry.yarnpkg.com/typedarray-to-buffer/-/typedarray-to-buffer-3.1.2.tgz#1017b32d984ff556eba100f501589aba1ace2e04" + dependencies: + is-typedarray "^1.0.0" + + typedarray@~0.0.5: + version "0.0.6" + resolved "https://registry.yarnpkg.com/typedarray/-/typedarray-0.0.6.tgz#867ac74e3864187b1d3d47d996a78ec5c8830777" + + uid-number@~0.0.6: + version "0.0.6" + resolved "https://registry.yarnpkg.com/uid-number/-/uid-number-0.0.6.tgz#0ea10e8035e8eb5b8e4449f06da1c730663baa81" + + uid-safe@~2.1.2: + version "2.1.3" + resolved "https://registry.yarnpkg.com/uid-safe/-/uid-safe-2.1.3.tgz#077e264a00b3187936b270bb7376a26473631071" + dependencies: + base64-url "1.3.3" + random-bytes "~1.0.0" + + undefsafe@0.0.3: + version "0.0.3" + resolved "https://registry.yarnpkg.com/undefsafe/-/undefsafe-0.0.3.tgz#ecca3a03e56b9af17385baac812ac83b994a962f" + + unique-stream@^2.0.2: + version "2.2.1" + resolved "https://registry.yarnpkg.com/unique-stream/-/unique-stream-2.2.1.tgz#5aa003cfbe94c5ff866c4e7d668bb1c4dbadb369" + dependencies: + json-stable-stringify "^1.0.0" + through2-filter "^2.0.0" + + unpipe@1.0.0, unpipe@~1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/unpipe/-/unpipe-1.0.0.tgz#b2bf4ee8514aae6165b4817829d21b2ef49904ec" + + update-notifier@0.5.0: + version "0.5.0" + resolved "https://registry.yarnpkg.com/update-notifier/-/update-notifier-0.5.0.tgz#07b5dc2066b3627ab3b4f530130f7eddda07a4cc" + dependencies: + chalk "^1.0.0" + configstore "^1.0.0" + is-npm "^1.0.0" + latest-version "^1.0.0" + repeating "^1.1.2" + semver-diff "^2.0.0" + string-length "^1.0.0" + + user-home@^1.1.1: + version "1.1.1" + resolved "https://registry.yarnpkg.com/user-home/-/user-home-1.1.1.tgz#2b5be23a32b63a7c9deb8d0f28d485724a3df190" + + user-home@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/user-home/-/user-home-2.0.0.tgz#9c70bfd8169bc1dcbf48604e0f04b8b49cde9e9f" + dependencies: + os-homedir "^1.0.0" + + util-deprecate@~1.0.1: + version "1.0.2" + resolved "https://registry.yarnpkg.com/util-deprecate/-/util-deprecate-1.0.2.tgz#450d4dc9fa70de732762fbd2d4a28981419a0ccf" + + utils-merge@1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/utils-merge/-/utils-merge-1.0.0.tgz#0294fb922bb9375153541c4f7096231f287c8af8" + + uuid@^2.0.1: + version "2.0.3" + resolved "https://registry.yarnpkg.com/uuid/-/uuid-2.0.3.tgz#67e2e863797215530dff318e5bf9dcebfd47b21a" + + uuid@^3.0.0: + version "3.0.1" + resolved "https://registry.yarnpkg.com/uuid/-/uuid-3.0.1.tgz#6544bba2dfda8c1cf17e629a3a305e2bb1fee6c1" + + v8flags@^2.0.10: + version "2.0.11" + resolved "https://registry.yarnpkg.com/v8flags/-/v8flags-2.0.11.tgz#bca8f30f0d6d60612cc2c00641e6962d42ae6881" + dependencies: + user-home "^1.1.1" + + vali-date@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/vali-date/-/vali-date-1.0.0.tgz#1b904a59609fb328ef078138420934f6b86709a6" + + validate-npm-package-license@^3.0.1: + version "3.0.1" + resolved "https://registry.yarnpkg.com/validate-npm-package-license/-/validate-npm-package-license-3.0.1.tgz#2804babe712ad3379459acfbe24746ab2c303fbc" + dependencies: + spdx-correct "~1.0.0" + spdx-expression-parse "~1.0.0" + + vary@^1, vary@~1.1.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/vary/-/vary-1.1.0.tgz#e1e5affbbd16ae768dd2674394b9ad3022653140" + + verror@1.3.6: + version "1.3.6" + resolved "https://registry.yarnpkg.com/verror/-/verror-1.3.6.tgz#cff5df12946d297d2baaefaa2689e25be01c005c" + dependencies: + extsprintf "1.0.2" + + vinyl-assign@^1.0.1: + version "1.2.1" + resolved "https://registry.yarnpkg.com/vinyl-assign/-/vinyl-assign-1.2.1.tgz#4d198891b5515911d771a8cd9c5480a46a074a45" + dependencies: + object-assign "^4.0.1" + readable-stream "^2.0.0" + + vinyl-fs@^2.2.0: + version "2.4.4" + resolved "https://registry.yarnpkg.com/vinyl-fs/-/vinyl-fs-2.4.4.tgz#be6ff3270cb55dfd7d3063640de81f25d7532239" + dependencies: + duplexify "^3.2.0" + glob-stream "^5.3.2" + graceful-fs "^4.0.0" + gulp-sourcemaps "1.6.0" + is-valid-glob "^0.3.0" + lazystream "^1.0.0" + lodash.isequal "^4.0.0" + merge-stream "^1.0.0" + mkdirp "^0.5.0" + object-assign "^4.0.0" + readable-stream "^2.0.4" + strip-bom "^2.0.0" + strip-bom-stream "^1.0.0" + through2 "^2.0.0" + through2-filter "^2.0.0" + vali-date "^1.0.0" + vinyl "^1.0.0" + + vinyl@^0.4.3: + version "0.4.6" + resolved "https://registry.yarnpkg.com/vinyl/-/vinyl-0.4.6.tgz#2f356c87a550a255461f36bbeb2a5ba8bf784847" + dependencies: + clone "^0.2.0" + clone-stats "^0.0.1" + + vinyl@^1.0.0: + version "1.2.0" + resolved "https://registry.yarnpkg.com/vinyl/-/vinyl-1.2.0.tgz#5c88036cf565e5df05558bfc911f8656df218884" + dependencies: + clone "^1.0.0" + clone-stats "^0.0.1" + replace-ext "0.0.1" + + websocket@^1.0.23: + version "1.0.23" + resolved "https://registry.yarnpkg.com/websocket/-/websocket-1.0.23.tgz#20de8ec4a7126b09465578cd5dbb29a9c296aac6" + dependencies: + debug "^2.2.0" + nan "^2.3.3" + typedarray-to-buffer "^3.1.2" + yaeti "^0.0.4" + + wide-align@^1.1.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/wide-align/-/wide-align-1.1.0.tgz#40edde802a71fea1f070da3e62dcda2e7add96ad" + dependencies: + string-width "^1.0.1" + + window-size@^0.1.4: + version "0.1.4" + resolved "https://registry.yarnpkg.com/window-size/-/window-size-0.1.4.tgz#f8e1aa1ee5a53ec5bf151ffa09742a6ad7697876" + + winston@^2.3.1: + version "2.3.1" + resolved "https://registry.yarnpkg.com/winston/-/winston-2.3.1.tgz#0b48420d978c01804cf0230b648861598225a119" + dependencies: + async "~1.0.0" + colors "1.0.x" + cycle "1.0.x" + eyes "0.1.x" + isstream "0.1.x" + stack-trace "0.0.x" + + wordwrap@~1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/wordwrap/-/wordwrap-1.0.0.tgz#27584810891456a4171c8d0226441ade90cbcaeb" + + wrap-ansi@^2.0.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/wrap-ansi/-/wrap-ansi-2.1.0.tgz#d8fc3d284dd05794fe84973caecdd1cf824fdd85" + dependencies: + string-width "^1.0.1" + strip-ansi "^3.0.1" + + wrappy@1: + version "1.0.2" + resolved "https://registry.yarnpkg.com/wrappy/-/wrappy-1.0.2.tgz#b5243d8f3ec1aa35f1364605bc0d1036e30ab69f" + + write-file-atomic@^1.1.2: + version "1.2.0" + resolved "https://registry.yarnpkg.com/write-file-atomic/-/write-file-atomic-1.2.0.tgz#14c66d4e4cb3ca0565c28cf3b7a6f3e4d5938fab" + dependencies: + graceful-fs "^4.1.2" + imurmurhash "^0.1.4" + slide "^1.1.5" + + write@^0.2.1: + version "0.2.1" + resolved "https://registry.yarnpkg.com/write/-/write-0.2.1.tgz#5fc03828e264cea3fe91455476f7a3c566cb0757" + dependencies: + mkdirp "^0.5.1" + + xdg-basedir@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/xdg-basedir/-/xdg-basedir-2.0.0.tgz#edbc903cc385fc04523d966a335504b5504d1bd2" + dependencies: + os-homedir "^1.0.0" + + "xtend@>=4.0.0 <4.1.0-0", xtend@^4.0.0, xtend@^4.0.1, xtend@~4.0.0, xtend@~4.0.1: + version "4.0.1" + resolved "https://registry.yarnpkg.com/xtend/-/xtend-4.0.1.tgz#a5c6d532be656e23db820efb943a1f04998d63af" + + y18n@^3.2.0: + version "3.2.1" + resolved "https://registry.yarnpkg.com/y18n/-/y18n-3.2.1.tgz#6d15fba884c08679c0d77e88e7759e811e07fa41" + + yaeti@^0.0.4: + version "0.0.4" + resolved "https://registry.yarnpkg.com/yaeti/-/yaeti-0.0.4.tgz#89fe739c45ac4491028973193262a837693a66b6" + + yargs@^3.26.0: + version "3.32.0" + resolved "https://registry.yarnpkg.com/yargs/-/yargs-3.32.0.tgz#03088e9ebf9e756b69751611d2a5ef591482c995" + dependencies: + camelcase "^2.0.1" + cliui "^3.0.3" + decamelize "^1.1.1" + os-locale "^1.4.0" + string-width "^1.0.1" + window-size "^0.1.4" + y18n "^3.2.0" + + yauzl@^2.2.1: + version "2.7.0" + resolved "https://registry.yarnpkg.com/yauzl/-/yauzl-2.7.0.tgz#e21d847868b496fc29eaec23ee87fdd33e9b2bce" + dependencies: + buffer-crc32 "~0.2.3" + fd-slicer "~1.0.1" + +Trace: + Error: EEXIST: file already exists, mkdir '/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/create-graphql-server-authorization' diff --git a/test/output-app/yarn.lock b/test/output-app/yarn.lock index f951766..589f997 100644 --- a/test/output-app/yarn.lock +++ b/test/output-app/yarn.lock @@ -56,8 +56,8 @@ acorn@^4.0.1: resolved "https://registry.yarnpkg.com/acorn/-/acorn-4.0.3.tgz#1a3e850b428e73ba6b09d1cc527f5aaad4d03ef1" agent-base@2: - version "2.0.1" - resolved "https://registry.yarnpkg.com/agent-base/-/agent-base-2.0.1.tgz#bd8f9e86a8eb221fffa07bd14befd55df142815e" + version "2.1.1" + resolved "https://registry.yarnpkg.com/agent-base/-/agent-base-2.1.1.tgz#d6de10d5af6132d5bd692427d46fc538539094c7" dependencies: extend "~3.0.0" semver "~5.0.1" @@ -165,11 +165,11 @@ async-each@^1.0.0: version "1.0.1" resolved "https://registry.yarnpkg.com/async-each/-/async-each-1.0.1.tgz#19d386a1d9edc6e7c1c85d388aedbcc56d33602d" -async@2.0.1: - version "2.0.1" - resolved "https://registry.yarnpkg.com/async/-/async-2.0.1.tgz#b709cc0280a9c36f09f4536be823c838a9049e25" +async@2.1.4: + version "2.1.4" + resolved "https://registry.yarnpkg.com/async/-/async-2.1.4.tgz#2d2160c7788032e4dd6cbe2502f1f9a2c8f6cde4" dependencies: - lodash "^4.8.0" + lodash "^4.14.0" async@~1.0.0: version "1.0.0" @@ -895,10 +895,10 @@ bindings@1.2.1: resolved "https://registry.yarnpkg.com/bindings/-/bindings-1.2.1.tgz#14ad6113812d2d37d72e67b4cacb4bb726505f11" bl@^1.0.0: - version "1.1.2" - resolved "https://registry.yarnpkg.com/bl/-/bl-1.1.2.tgz#fdca871a99713aa00d19e3bbba41c44787a65398" + version "1.2.1" + resolved "https://registry.yarnpkg.com/bl/-/bl-1.2.1.tgz#cac328f7bee45730d404b692203fcb590e172d5e" dependencies: - readable-stream "~2.0.5" + readable-stream "^2.0.5" block-stream@*: version "0.0.9" @@ -1192,10 +1192,11 @@ crc@3.4.0: version "3.4.0" resolved "https://registry.yarnpkg.com/crc/-/crc-3.4.0.tgz#4258e351613a74ef1153dfcb05e820c3e9715d7f" -create-graphql-server-authorization@^0.0.14: - version "0.0.14" - resolved "https://registry.yarnpkg.com/create-graphql-server-authorization/-/create-graphql-server-authorization-0.0.14.tgz#26bd07dc0775a0e74a07fcc5a99daa046099e216" +create-graphql-server-authorization@^0.0.27: + version "0.0.27" + resolved "https://registry.yarnpkg.com/create-graphql-server-authorization/-/create-graphql-server-authorization-0.0.27.tgz#c46f465483193e59514a918c1678880ddd24600f" dependencies: + iterall "^1.1.0" lodash "4.16.4" mongodb "^2.2.31" winston "^2.3.1" @@ -1436,18 +1437,12 @@ encoding@^0.1.11: dependencies: iconv-lite "~0.4.13" -end-of-stream@1.0.0: +end-of-stream@1.0.0, end-of-stream@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/end-of-stream/-/end-of-stream-1.0.0.tgz#d4596e702734a93e40e9af864319eabd99ff2f0e" dependencies: once "~1.3.0" -end-of-stream@^1.0.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/end-of-stream/-/end-of-stream-1.1.0.tgz#e9353258baa9108965efc41cb0ef8ade2f3cfb07" - dependencies: - once "~1.3.0" - error-ex@^1.2.0: version "1.3.0" resolved "https://registry.yarnpkg.com/error-ex/-/error-ex-1.3.0.tgz#e67b43f3e82c96ea3a584ffee0b9fc3325d802d9" @@ -1946,10 +1941,10 @@ get-stdin@^4.0.1: resolved "https://registry.yarnpkg.com/get-stdin/-/get-stdin-4.0.1.tgz#b968c6b0a04384324902e8bf1a5df32579a450fe" getos@^2.7.0: - version "2.8.2" - resolved "https://registry.yarnpkg.com/getos/-/getos-2.8.2.tgz#365e7e3b2cf74cb85ebb6d1d8c76633580cee534" + version "2.8.4" + resolved "https://registry.yarnpkg.com/getos/-/getos-2.8.4.tgz#7b8603d3619c28e38cb0fe7a4f63c3acb80d5163" dependencies: - async "2.0.1" + async "2.1.4" getpass@^0.1.1: version "0.1.6" @@ -1971,8 +1966,8 @@ glob-parent@^2.0.0: is-glob "^2.0.0" glob-parent@^3.0.0: - version "3.0.1" - resolved "https://registry.yarnpkg.com/glob-parent/-/glob-parent-3.0.1.tgz#60021327cc963ddc3b5f085764f500479ecd82ff" + version "3.1.0" + resolved "https://registry.yarnpkg.com/glob-parent/-/glob-parent-3.1.0.tgz#9e6af6299d8d3bd2bd40430832bd113df906c5ae" dependencies: is-glob "^3.1.0" path-dirname "^1.0.0" @@ -2334,8 +2329,8 @@ is-extglob@^1.0.0: resolved "https://registry.yarnpkg.com/is-extglob/-/is-extglob-1.0.0.tgz#ac468177c4943405a092fc8f29760c6ffc6206c0" is-extglob@^2.1.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/is-extglob/-/is-extglob-2.1.0.tgz#33411a482b046bf95e6b0cb27ee2711af4cf15ad" + version "2.1.1" + resolved "https://registry.yarnpkg.com/is-extglob/-/is-extglob-2.1.1.tgz#a88c02535791f02ed37c76a1b9ea9773c833f8c2" is-finite@^1.0.0: version "1.0.2" @@ -2488,6 +2483,10 @@ iterall@1.0.2: version "1.0.2" resolved "https://registry.yarnpkg.com/iterall/-/iterall-1.0.2.tgz#41a2e96ce9eda5e61c767ee5dc312373bb046e91" +iterall@^1.1.0: + version "1.1.1" + resolved "https://registry.yarnpkg.com/iterall/-/iterall-1.1.1.tgz#f7f0af11e9a04ec6426260f5019d9fcca4d50214" + jodid25519@^1.0.0: version "1.0.2" resolved "https://registry.yarnpkg.com/jodid25519/-/jodid25519-1.0.2.tgz#06d4912255093419477d425633606e0e90782967" @@ -2714,8 +2713,8 @@ lodash.isarray@^3.0.0: resolved "https://registry.yarnpkg.com/lodash.isarray/-/lodash.isarray-3.0.4.tgz#79e4eb88c36a8122af86f844aa9bcd851b5fbb55" lodash.isequal@^4.0.0: - version "4.4.0" - resolved "https://registry.yarnpkg.com/lodash.isequal/-/lodash.isequal-4.4.0.tgz#6295768e98e14dc15ce8d362ef6340db82852031" + version "4.5.0" + resolved "https://registry.yarnpkg.com/lodash.isequal/-/lodash.isequal-4.5.0.tgz#415c4478f2bcc30120c22ce10ed3226f7d3e18e0" lodash.isobject@^3.0.2: version "3.0.2" @@ -2745,7 +2744,7 @@ lodash.restparam@^3.0.0: version "3.6.1" resolved "https://registry.yarnpkg.com/lodash.restparam/-/lodash.restparam-3.6.1.tgz#936a4e309ef330a7645ed4145986c85ae5b20805" -lodash@4.16.4, lodash@^4.0.0, lodash@^4.15.0, lodash@^4.2.0, lodash@^4.3.0, lodash@^4.8.0: +lodash@4.16.4, lodash@^4.0.0, lodash@^4.14.0, lodash@^4.15.0, lodash@^4.2.0, lodash@^4.3.0: version "4.16.4" resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.16.4.tgz#01ce306b9bad1319f2a5528674f88297aeb70127" @@ -3431,7 +3430,7 @@ readable-stream@2.2.7: isarray "0.0.1" string_decoder "~0.10.x" -readable-stream@~2.0.0, readable-stream@~2.0.5: +readable-stream@~2.0.0: version "2.0.6" resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.0.6.tgz#8f90341e68a53ccc928788dacfcd11b36eb9b78e" dependencies: @@ -3936,8 +3935,8 @@ tar-pack@~3.3.0: uid-number "~0.0.6" tar-stream@^1.1.1: - version "1.5.2" - resolved "https://registry.yarnpkg.com/tar-stream/-/tar-stream-1.5.2.tgz#fbc6c6e83c1a19d4cb48c7d96171fc248effc7bf" + version "1.5.4" + resolved "https://registry.yarnpkg.com/tar-stream/-/tar-stream-1.5.4.tgz#36549cf04ed1aee9b2a30c0143252238daf94016" dependencies: bl "^1.0.0" end-of-stream "^1.0.0" @@ -4289,8 +4288,8 @@ yargs@^3.26.0: y18n "^3.2.0" yauzl@^2.2.1: - version "2.7.0" - resolved "https://registry.yarnpkg.com/yauzl/-/yauzl-2.7.0.tgz#e21d847868b496fc29eaec23ee87fdd33e9b2bce" + version "2.8.0" + resolved "https://registry.yarnpkg.com/yauzl/-/yauzl-2.8.0.tgz#79450aff22b2a9c5a41ef54e02db907ccfbf9ee2" dependencies: buffer-crc32 "~0.2.3" fd-slicer "~1.0.1" diff --git a/yarn.lock b/yarn.lock index 92a1023..6b53c93 100644 --- a/yarn.lock +++ b/yarn.lock @@ -123,10 +123,6 @@ async-each@^1.0.0: version "1.0.1" resolved "https://registry.yarnpkg.com/async-each/-/async-each-1.0.1.tgz#19d386a1d9edc6e7c1c85d388aedbcc56d33602d" -async@~1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/async/-/async-1.0.0.tgz#f8fc04ca3a13784ade9e1641af98578cfbd647a9" - asynckit@^0.4.0: version "0.4.0" resolved "https://registry.yarnpkg.com/asynckit/-/asynckit-0.4.0.tgz#c79ed97f7f34cb8f2ba1bc9790bcc366474b4b79" @@ -907,11 +903,7 @@ browser-stdout@1.3.0: version "1.3.0" resolved "https://registry.yarnpkg.com/browser-stdout/-/browser-stdout-1.3.0.tgz#f351d32969d32fa5d7a5567154263d928ae3bd1f" -bson@~1.0.4: - version "1.0.4" - resolved "https://registry.yarnpkg.com/bson/-/bson-1.0.4.tgz#93c10d39eaa5b58415cbc4052f3e53e562b0b72c" - -buffer-shims@^1.0.0, buffer-shims@~1.0.0: +buffer-shims@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/buffer-shims/-/buffer-shims-1.0.0.tgz#9978ce317388c649ad8793028c3477ef044a8b51" @@ -1019,10 +1011,6 @@ code-point-at@^1.0.0: version "1.1.0" resolved "https://registry.yarnpkg.com/code-point-at/-/code-point-at-1.1.0.tgz#0d070b4d043a5bea33a2f1a40e2edb3d9a4ccf77" -colors@1.0.x: - version "1.0.3" - resolved "https://registry.yarnpkg.com/colors/-/colors-1.0.3.tgz#0433f44d809680fdeb60ed260f1b0c262e82a40b" - combined-stream@^1.0.5, combined-stream@~1.0.5: version "1.0.5" resolved "https://registry.yarnpkg.com/combined-stream/-/combined-stream-1.0.5.tgz#938370a57b4a51dea2c77c15d5c5fdf895164009" @@ -1076,14 +1064,6 @@ cpr: mkdirp "~0.5.1" rimraf "^2.5.4" -create-graphql-server-authorization@^0.0.12: - version "0.0.12" - resolved "https://registry.yarnpkg.com/create-graphql-server-authorization/-/create-graphql-server-authorization-0.0.12.tgz#df00e443b13622d14dd53b588e1f44ef990763e2" - dependencies: - lodash "4.16.4" - mongodb "^2.2.31" - winston "^2.3.1" - crypt@~0.0.1: version "0.0.2" resolved "https://registry.yarnpkg.com/crypt/-/crypt-0.0.2.tgz#88d7ff7ec0dfb86f713dc87bbb42d044d3e6c41b" @@ -1100,10 +1080,6 @@ currently-unhandled@^0.4.1: dependencies: array-find-index "^1.0.1" -cycle@1.0.x: - version "1.0.3" - resolved "https://registry.yarnpkg.com/cycle/-/cycle-1.0.3.tgz#21e80b2be8580f98b468f379430662b046c34ad2" - d@^0.1.1, d@~0.1.1: version "0.1.1" resolved "https://registry.yarnpkg.com/d/-/d-0.1.1.tgz#da184c535d18d8ee7ba2aa229b914009fae11309" @@ -1256,10 +1232,6 @@ es6-map@^0.1.3: es6-symbol "~3.1.0" event-emitter "~0.3.4" -es6-promise@3.2.1: - version "3.2.1" - resolved "https://registry.yarnpkg.com/es6-promise/-/es6-promise-3.2.1.tgz#ec56233868032909207170c39448e24449dd1fc4" - es6-set@^0.1.4, es6-set@~0.1.3: version "0.1.4" resolved "https://registry.yarnpkg.com/es6-set/-/es6-set-0.1.4.tgz#9516b6761c2964b92ff479456233a247dc707ce8" @@ -1460,10 +1432,6 @@ extsprintf@1.0.2: version "1.0.2" resolved "https://registry.yarnpkg.com/extsprintf/-/extsprintf-1.0.2.tgz#e1080e0658e300b06294990cc70e1502235fd550" -eyes@0.1.x: - version "0.1.8" - resolved "https://registry.yarnpkg.com/eyes/-/eyes-0.1.8.tgz#62cf120234c683785d902348a800ef3e0cc20bc0" - fast-levenshtein@~2.0.4: version "2.0.5" resolved "https://registry.yarnpkg.com/fast-levenshtein/-/fast-levenshtein-2.0.5.tgz#bd33145744519ab1c36c3ee9f31f08e9079b67f2" @@ -1970,7 +1938,7 @@ isobject@^2.0.0: dependencies: isarray "1.0.0" -isstream@0.1.x, isstream@~0.1.2: +isstream@~0.1.2: version "0.1.2" resolved "https://registry.yarnpkg.com/isstream/-/isstream-0.1.2.tgz#47e63f7af55afa6f92e1500e690eb8b8529c099a" @@ -2158,10 +2126,6 @@ lodash.merge@^4.6.0: version "4.6.0" resolved "https://registry.yarnpkg.com/lodash.merge/-/lodash.merge-4.6.0.tgz#69884ba144ac33fe699737a6086deffadd0f89c5" -lodash@4.16.4: - version "4.16.4" - resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.16.4.tgz#01ce306b9bad1319f2a5528674f88297aeb70127" - lodash@^4.0.0, lodash@^4.17.4, lodash@^4.3.0: version "4.17.4" resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.4.tgz#78203a4d1c328ae1d86dca6460e369b57f4055ae" @@ -2296,21 +2260,6 @@ mocha: mkdirp "0.5.1" supports-color "3.1.2" -mongodb-core@2.1.15: - version "2.1.15" - resolved "https://registry.yarnpkg.com/mongodb-core/-/mongodb-core-2.1.15.tgz#841f53b87ffff4c7458189c35c8ae827e1169764" - dependencies: - bson "~1.0.4" - require_optional "~1.0.0" - -mongodb@^2.2.31: - version "2.2.31" - resolved "https://registry.yarnpkg.com/mongodb/-/mongodb-2.2.31.tgz#1940445c661e19217bb3bf8245d9854aaef548db" - dependencies: - es6-promise "3.2.1" - mongodb-core "2.1.15" - readable-stream "2.2.7" - ms@0.7.1: version "0.7.1" resolved "https://registry.yarnpkg.com/ms/-/ms-0.7.1.tgz#9cd13c03adbff25b65effde7ce864ee952017098" @@ -2582,18 +2531,6 @@ read-pkg@^1.0.0: normalize-package-data "^2.3.2" path-type "^1.0.0" -readable-stream@2.2.7: - version "2.2.7" - resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.2.7.tgz#07057acbe2467b22042d36f98c5ad507054e95b1" - dependencies: - buffer-shims "~1.0.0" - core-util-is "~1.0.0" - inherits "~2.0.1" - isarray "~1.0.0" - process-nextick-args "~1.0.6" - string_decoder "~1.0.0" - util-deprecate "~1.0.1" - "readable-stream@^2.0.0 || ^1.1.13", readable-stream@^2.0.2, readable-stream@^2.2.2: version "2.2.11" resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.2.11.tgz#0796b31f8d7688007ff0b93a8088d34aa17c0f72" @@ -2726,21 +2663,10 @@ require-uncached@^1.0.3: caller-path "^0.1.0" resolve-from "^1.0.0" -require_optional@~1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/require_optional/-/require_optional-1.0.1.tgz#4cf35a4247f64ca3df8c2ef208cc494b1ca8fc2e" - dependencies: - resolve-from "^2.0.0" - semver "^5.1.0" - resolve-from@^1.0.0: version "1.0.1" resolved "https://registry.yarnpkg.com/resolve-from/-/resolve-from-1.0.1.tgz#26cbfe935d1aeeeabb29bc3fe5aeb01e93d44226" -resolve-from@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/resolve-from/-/resolve-from-2.0.0.tgz#9480ab20e94ffa1d9e80a804c7ea147611966b57" - resolve@^1.1.6: version "1.1.7" resolved "https://registry.yarnpkg.com/resolve/-/resolve-1.1.7.tgz#203114d82ad2c5ed9e8e0411b3932875e889e97b" @@ -2788,7 +2714,7 @@ semver-truncate@^1.0.0: dependencies: semver "^5.3.0" -"semver@2 || 3 || 4 || 5", semver@^5.1.0, semver@^5.3.0, semver@~5.3.0: +"semver@2 || 3 || 4 || 5", semver@^5.3.0, semver@~5.3.0: version "5.3.0" resolved "https://registry.yarnpkg.com/semver/-/semver-5.3.0.tgz#9b2ce5d3de02d17c6012ad326aa6b4d0cf54f94f" @@ -2869,10 +2795,6 @@ sshpk@^1.7.0: jsbn "~0.1.0" tweetnacl "~0.14.0" -stack-trace@0.0.x: - version "0.0.10" - resolved "https://registry.yarnpkg.com/stack-trace/-/stack-trace-0.0.10.tgz#547c70b347e8d32b4e108ea1a2a159e5fdde19c0" - string-width@^1.0.1: version "1.0.2" resolved "https://registry.yarnpkg.com/string-width/-/string-width-1.0.2.tgz#118bdf5b8cdc51a2a7e70d211e07e2b0b9b107d3" @@ -3065,17 +2987,6 @@ wide-align@^1.1.0: dependencies: string-width "^1.0.1" -winston@^2.3.1: - version "2.3.1" - resolved "https://registry.yarnpkg.com/winston/-/winston-2.3.1.tgz#0b48420d978c01804cf0230b648861598225a119" - dependencies: - async "~1.0.0" - colors "1.0.x" - cycle "1.0.x" - eyes "0.1.x" - isstream "0.1.x" - stack-trace "0.0.x" - wordwrap@~1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/wordwrap/-/wordwrap-1.0.0.tgz#27584810891456a4171c8d0226441ade90cbcaeb" From 2e00cc6bf58d51d98e6d247205c02b290c72ec99 Mon Sep 17 00:00:00 2001 From: tobkle Date: Fri, 18 Aug 2017 17:55:41 +0200 Subject: [PATCH 28/69] prepared for generator --- .gitignore | 2 + test/output-app/.gitignore | 1 + test/output-app/yarn-error.log | 4331 -------------------------------- 3 files changed, 3 insertions(+), 4331 deletions(-) delete mode 100644 test/output-app/yarn-error.log diff --git a/.gitignore b/.gitignore index d3b3fa9..77b3da4 100644 --- a/.gitignore +++ b/.gitignore @@ -7,3 +7,5 @@ db ./output dist log/all-logs-readable.log +yarn-error.log + diff --git a/test/output-app/.gitignore b/test/output-app/.gitignore index 69edd69..04d877b 100644 --- a/test/output-app/.gitignore +++ b/test/output-app/.gitignore @@ -4,3 +4,4 @@ node_modules log/all-logs-readable.log .DS_Store log/ +yarn-error.log diff --git a/test/output-app/yarn-error.log b/test/output-app/yarn-error.log deleted file mode 100644 index f92ff39..0000000 --- a/test/output-app/yarn-error.log +++ /dev/null @@ -1,4331 +0,0 @@ -Arguments: - /usr/local/bin/node /usr/local/bin/yarn add create-graphql-server-authorization - -PATH: - /usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/share/dotnet:/Library/Frameworks/Mono.framework/Versions/Current/Commands:/Users/Toby/.nvm/versions/node/v7.0.0/bin:/Library/Frameworks/Python.framework/Versions/2.7/bin:~/Library/Android/sdk/tools:~/Library/Android/sdk/platform-tools:/usr/local/terraform/bin:/Users/Toby/terraform:/Applications/MAMP/bin/php/php7.0.8/bin:/Library/Frameworks/Python.framework/Versions/3.5/bin - -Yarn version: - 0.17.10 - -Node version: - 7.0.0 - -Platform: - darwin x64 - -npm manifest: - { - "name": "output-app", - "version": "1.0.0", - "description": "output-app GraphQL Server", - "scripts": { - "start": "babel-node index.js" - }, - "config": { - "logfile": "log/all-logs-readable.log" - }, - "private": true, - "author": "", - "license": "MIT", - "devDependencies": { - "babel-cli": "6.16.0", - "babel-core": "6.17.0", - "babel-eslint": "7.0.0", - "babel-preset-es2015": "6.16.0", - "babel-preset-react": "6.16.0", - "babel-preset-stage-2": "6.17.0", - "babel-register": "6.16.3", - "chai": "^3.5.0", - "eslint": "3.8.1", - "eslint-config-react-app": "^0.4.0", - "eslint-plugin-babel": "3.3.0", - "eslint-plugin-flowtype": "2.21.0", - "eslint-plugin-import": "2.0.1", - "eslint-plugin-jsx-a11y": "2.2.3", - "eslint-plugin-react": "6.4.1", - "mocha": "^3.1.2", - "mongodb-prebuilt": "^5.0.7", - "node-fetch": "^1.6.3", - "nodemon": "1.11.0" - }, - "dependencies": { - "bcrypt": "^1.0.2", - "body-parser": "1.15.2", - "cors": "^2.8.1", - "dataloader": "^1.2.0", - "denodeify": "^1.2.1", - "dotenv": "2.0.0", - "express": "4.14.0", - "express-session": "1.14.1", - "graphql": "0.7.2", - "graphql-server": "^0.3.2", - "graphql-server-express": "^0.4.3", - "graphql-subscriptions": "0.2.0", - "graphql-tools": "^0.8.2", - "jwt-simple": "^0.5.1", - "lodash": "4.16.4", - "mongo-find-by-ids": "^1.0.0", - "mongodb": "^2.2.11", - "morgan": "^1.8.2", - "nodeify": "^1.0.1", - "passport": "^0.3.2", - "passport-jwt": "^2.2.1", - "subscriptions-transport-ws": "0.2.6", - "winston": "^2.3.1" - } - } - -yarn manifest: - No manifest - -Lockfile: - # THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY. - # yarn lockfile v1 - - - "@types/express-serve-static-core@*": - version "4.0.39" - resolved "https://registry.yarnpkg.com/@types/express-serve-static-core/-/express-serve-static-core-4.0.39.tgz#45157f96480d46f254648f45b2c6d70bd9fc9f54" - dependencies: - "@types/node" "*" - - "@types/express@^4.0.33": - version "4.0.34" - resolved "https://registry.yarnpkg.com/@types/express/-/express-4.0.34.tgz#cdc0afd69d70d2295b81b3aa47f26f672afcde1c" - dependencies: - "@types/express-serve-static-core" "*" - "@types/serve-static" "*" - - "@types/mime@*": - version "0.0.29" - resolved "https://registry.yarnpkg.com/@types/mime/-/mime-0.0.29.tgz#fbcfd330573b912ef59eeee14602bface630754b" - - "@types/node@*", "@types/node@^6.0.38": - version "6.0.51" - resolved "https://registry.yarnpkg.com/@types/node/-/node-6.0.51.tgz#84cbf25111516ec9304d0b61469dc0fa9d12ba32" - - "@types/serve-static@*": - version "1.7.31" - resolved "https://registry.yarnpkg.com/@types/serve-static/-/serve-static-1.7.31.tgz#15456de8d98d6b4cff31be6c6af7492ae63f521a" - dependencies: - "@types/express-serve-static-core" "*" - "@types/mime" "*" - - abbrev@1: - version "1.0.9" - resolved "https://registry.yarnpkg.com/abbrev/-/abbrev-1.0.9.tgz#91b4792588a7738c25f35dd6f63752a2f8776135" - - accepts@~1.3.3: - version "1.3.3" - resolved "https://registry.yarnpkg.com/accepts/-/accepts-1.3.3.tgz#c3ca7434938648c3e0d9c1e328dd68b622c284ca" - dependencies: - mime-types "~2.1.11" - negotiator "0.6.1" - - acorn-jsx@^3.0.0, acorn-jsx@^3.0.1: - version "3.0.1" - resolved "https://registry.yarnpkg.com/acorn-jsx/-/acorn-jsx-3.0.1.tgz#afdf9488fb1ecefc8348f6fb22f464e32a58b36b" - dependencies: - acorn "^3.0.4" - - acorn@^3.0.4: - version "3.3.0" - resolved "https://registry.yarnpkg.com/acorn/-/acorn-3.3.0.tgz#45e37fb39e8da3f25baee3ff5369e2bb5f22017a" - - acorn@^4.0.1: - version "4.0.3" - resolved "https://registry.yarnpkg.com/acorn/-/acorn-4.0.3.tgz#1a3e850b428e73ba6b09d1cc527f5aaad4d03ef1" - - agent-base@2: - version "2.0.1" - resolved "https://registry.yarnpkg.com/agent-base/-/agent-base-2.0.1.tgz#bd8f9e86a8eb221fffa07bd14befd55df142815e" - dependencies: - extend "~3.0.0" - semver "~5.0.1" - - ajv-keywords@^1.0.0: - version "1.2.0" - resolved "https://registry.yarnpkg.com/ajv-keywords/-/ajv-keywords-1.2.0.tgz#676c4f087bfe1e8b12dca6fda2f3c74f417b099c" - - ajv@^4.7.0: - version "4.9.2" - resolved "https://registry.yarnpkg.com/ajv/-/ajv-4.9.2.tgz#3f7dcda95b0c34bceb2d69945117d146219f1a2c" - dependencies: - co "^4.6.0" - json-stable-stringify "^1.0.1" - - ansi-escapes@^1.1.0: - version "1.4.0" - resolved "https://registry.yarnpkg.com/ansi-escapes/-/ansi-escapes-1.4.0.tgz#d3a8a83b319aa67793662b13e761c7911422306e" - - ansi-regex@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/ansi-regex/-/ansi-regex-2.0.0.tgz#c5061b6e0ef8a81775e50f5d66151bf6bf371107" - - ansi-styles@^2.1.0, ansi-styles@^2.2.1: - version "2.2.1" - resolved "https://registry.yarnpkg.com/ansi-styles/-/ansi-styles-2.2.1.tgz#b432dd3358b634cf75e1e4664368240533c1ddbe" - - anymatch@^1.3.0: - version "1.3.0" - resolved "https://registry.yarnpkg.com/anymatch/-/anymatch-1.3.0.tgz#a3e52fa39168c825ff57b0248126ce5a8ff95507" - dependencies: - arrify "^1.0.0" - micromatch "^2.1.5" - - aproba@^1.0.3: - version "1.0.4" - resolved "https://registry.yarnpkg.com/aproba/-/aproba-1.0.4.tgz#2713680775e7614c8ba186c065d4e2e52d1072c0" - - are-we-there-yet@~1.1.2: - version "1.1.2" - resolved "https://registry.yarnpkg.com/are-we-there-yet/-/are-we-there-yet-1.1.2.tgz#80e470e95a084794fe1899262c5667c6e88de1b3" - dependencies: - delegates "^1.0.0" - readable-stream "^2.0.0 || ^1.1.13" - - argparse@^1.0.7: - version "1.0.9" - resolved "https://registry.yarnpkg.com/argparse/-/argparse-1.0.9.tgz#73d83bc263f86e97f8cc4f6bae1b0e90a7d22c86" - dependencies: - sprintf-js "~1.0.2" - - arr-diff@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/arr-diff/-/arr-diff-2.0.0.tgz#8f3b827f955a8bd669697e4a4256ac3ceae356cf" - dependencies: - arr-flatten "^1.0.1" - - arr-flatten@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/arr-flatten/-/arr-flatten-1.0.1.tgz#e5ffe54d45e19f32f216e91eb99c8ce892bb604b" - - array-find-index@^1.0.1: - version "1.0.2" - resolved "https://registry.yarnpkg.com/array-find-index/-/array-find-index-1.0.2.tgz#df010aa1287e164bbda6f9723b0a96a1ec4187a1" - - array-flatten@1.1.1: - version "1.1.1" - resolved "https://registry.yarnpkg.com/array-flatten/-/array-flatten-1.1.1.tgz#9a5f699051b1e7073328f2a008968b64ea2955d2" - - array-union@^1.0.1: - version "1.0.2" - resolved "https://registry.yarnpkg.com/array-union/-/array-union-1.0.2.tgz#9a34410e4f4e3da23dea375be5be70f24778ec39" - dependencies: - array-uniq "^1.0.1" - - array-uniq@^1.0.0, array-uniq@^1.0.1: - version "1.0.3" - resolved "https://registry.yarnpkg.com/array-uniq/-/array-uniq-1.0.3.tgz#af6ac877a25cc7f74e058894753858dfdb24fdb6" - - array-unique@^0.2.1: - version "0.2.1" - resolved "https://registry.yarnpkg.com/array-unique/-/array-unique-0.2.1.tgz#a1d97ccafcbc2625cc70fadceb36a50c58b01a53" - - arrify@^1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/arrify/-/arrify-1.0.1.tgz#898508da2226f380df904728456849c1501a4b0d" - - asn1@~0.2.3: - version "0.2.3" - resolved "https://registry.yarnpkg.com/asn1/-/asn1-0.2.3.tgz#dac8787713c9966849fc8180777ebe9c1ddf3b86" - - assert-plus@^0.2.0: - version "0.2.0" - resolved "https://registry.yarnpkg.com/assert-plus/-/assert-plus-0.2.0.tgz#d74e1b87e7affc0db8aadb7021f3fe48101ab234" - - assert-plus@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/assert-plus/-/assert-plus-1.0.0.tgz#f12e0f3c5d77b0b1cdd9146942e4e96c1e4dd525" - - assertion-error@^1.0.1: - version "1.0.2" - resolved "https://registry.yarnpkg.com/assertion-error/-/assertion-error-1.0.2.tgz#13ca515d86206da0bac66e834dd397d87581094c" - - async-each@^1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/async-each/-/async-each-1.0.1.tgz#19d386a1d9edc6e7c1c85d388aedbcc56d33602d" - - async@2.0.1: - version "2.0.1" - resolved "https://registry.yarnpkg.com/async/-/async-2.0.1.tgz#b709cc0280a9c36f09f4536be823c838a9049e25" - dependencies: - lodash "^4.8.0" - - async@~1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/async/-/async-1.0.0.tgz#f8fc04ca3a13784ade9e1641af98578cfbd647a9" - - asynckit@^0.4.0: - version "0.4.0" - resolved "https://registry.yarnpkg.com/asynckit/-/asynckit-0.4.0.tgz#c79ed97f7f34cb8f2ba1bc9790bcc366474b4b79" - - aws-sign2@~0.6.0: - version "0.6.0" - resolved "https://registry.yarnpkg.com/aws-sign2/-/aws-sign2-0.6.0.tgz#14342dd38dbcc94d0e5b87d763cd63612c0e794f" - - aws4@^1.2.1: - version "1.5.0" - resolved "https://registry.yarnpkg.com/aws4/-/aws4-1.5.0.tgz#0a29ffb79c31c9e712eeb087e8e7a64b4a56d755" - - babel-cli@6.16.0: - version "6.16.0" - resolved "https://registry.yarnpkg.com/babel-cli/-/babel-cli-6.16.0.tgz#4e0d1cf40442ef78330f7fef88eb3a0a1b16bd37" - dependencies: - babel-core "^6.16.0" - babel-polyfill "^6.16.0" - babel-register "^6.16.0" - babel-runtime "^6.9.0" - bin-version-check "^2.1.0" - chalk "1.1.1" - commander "^2.8.1" - convert-source-map "^1.1.0" - fs-readdir-recursive "^0.1.0" - glob "^5.0.5" - lodash "^4.2.0" - log-symbols "^1.0.2" - output-file-sync "^1.1.0" - path-exists "^1.0.0" - path-is-absolute "^1.0.0" - request "^2.65.0" - slash "^1.0.0" - source-map "^0.5.0" - v8flags "^2.0.10" - optionalDependencies: - chokidar "^1.0.0" - - babel-code-frame@^6.16.0: - version "6.16.0" - resolved "https://registry.yarnpkg.com/babel-code-frame/-/babel-code-frame-6.16.0.tgz#f90e60da0862909d3ce098733b5d3987c97cb8de" - dependencies: - chalk "^1.1.0" - esutils "^2.0.2" - js-tokens "^2.0.0" - - babel-core@6.17.0, babel-core@^6.16.0: - version "6.17.0" - resolved "https://registry.yarnpkg.com/babel-core/-/babel-core-6.17.0.tgz#6c4576447df479e241e58c807e4bc7da4db7f425" - dependencies: - babel-code-frame "^6.16.0" - babel-generator "^6.17.0" - babel-helpers "^6.16.0" - babel-messages "^6.8.0" - babel-register "^6.16.0" - babel-runtime "^6.9.1" - babel-template "^6.16.0" - babel-traverse "^6.16.0" - babel-types "^6.16.0" - babylon "^6.11.0" - convert-source-map "^1.1.0" - debug "^2.1.1" - json5 "^0.4.0" - lodash "^4.2.0" - minimatch "^3.0.2" - path-exists "^1.0.0" - path-is-absolute "^1.0.0" - private "^0.1.6" - shebang-regex "^1.0.0" - slash "^1.0.0" - source-map "^0.5.0" - - babel-eslint@7.0.0: - version "7.0.0" - resolved "https://registry.yarnpkg.com/babel-eslint/-/babel-eslint-7.0.0.tgz#54e51b4033f54ac81326ecea4c646a779935196d" - dependencies: - babel-traverse "^6.15.0" - babel-types "^6.15.0" - babylon "^6.11.2" - lodash.pickby "^4.6.0" - - babel-generator@^6.17.0: - version "6.19.0" - resolved "https://registry.yarnpkg.com/babel-generator/-/babel-generator-6.19.0.tgz#9b2f244204777a3d6810ec127c673c87b349fac5" - dependencies: - babel-messages "^6.8.0" - babel-runtime "^6.9.0" - babel-types "^6.19.0" - detect-indent "^4.0.0" - jsesc "^1.3.0" - lodash "^4.2.0" - source-map "^0.5.0" - - babel-helper-bindify-decorators@^6.18.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-bindify-decorators/-/babel-helper-bindify-decorators-6.18.0.tgz#fc00c573676a6e702fffa00019580892ec8780a5" - dependencies: - babel-runtime "^6.0.0" - babel-traverse "^6.18.0" - babel-types "^6.18.0" - - babel-helper-builder-binary-assignment-operator-visitor@^6.8.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-builder-binary-assignment-operator-visitor/-/babel-helper-builder-binary-assignment-operator-visitor-6.18.0.tgz#8ae814989f7a53682152e3401a04fabd0bb333a6" - dependencies: - babel-helper-explode-assignable-expression "^6.18.0" - babel-runtime "^6.0.0" - babel-types "^6.18.0" - - babel-helper-builder-react-jsx@^6.8.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-builder-react-jsx/-/babel-helper-builder-react-jsx-6.18.0.tgz#ab02f19a2eb7ace936dd87fa55896d02be59bf71" - dependencies: - babel-runtime "^6.9.0" - babel-types "^6.18.0" - esutils "^2.0.0" - lodash "^4.2.0" - - babel-helper-call-delegate@^6.18.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-call-delegate/-/babel-helper-call-delegate-6.18.0.tgz#05b14aafa430884b034097ef29e9f067ea4133bd" - dependencies: - babel-helper-hoist-variables "^6.18.0" - babel-runtime "^6.0.0" - babel-traverse "^6.18.0" - babel-types "^6.18.0" - - babel-helper-define-map@^6.18.0, babel-helper-define-map@^6.8.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-define-map/-/babel-helper-define-map-6.18.0.tgz#8d6c85dc7fbb4c19be3de40474d18e97c3676ec2" - dependencies: - babel-helper-function-name "^6.18.0" - babel-runtime "^6.9.0" - babel-types "^6.18.0" - lodash "^4.2.0" - - babel-helper-explode-assignable-expression@^6.18.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-explode-assignable-expression/-/babel-helper-explode-assignable-expression-6.18.0.tgz#14b8e8c2d03ad735d4b20f1840b24cd1f65239fe" - dependencies: - babel-runtime "^6.0.0" - babel-traverse "^6.18.0" - babel-types "^6.18.0" - - babel-helper-explode-class@^6.8.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-explode-class/-/babel-helper-explode-class-6.18.0.tgz#c44f76f4fa23b9c5d607cbac5d4115e7a76f62cb" - dependencies: - babel-helper-bindify-decorators "^6.18.0" - babel-runtime "^6.0.0" - babel-traverse "^6.18.0" - babel-types "^6.18.0" - - babel-helper-function-name@^6.18.0, babel-helper-function-name@^6.8.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-function-name/-/babel-helper-function-name-6.18.0.tgz#68ec71aeba1f3e28b2a6f0730190b754a9bf30e6" - dependencies: - babel-helper-get-function-arity "^6.18.0" - babel-runtime "^6.0.0" - babel-template "^6.8.0" - babel-traverse "^6.18.0" - babel-types "^6.18.0" - - babel-helper-get-function-arity@^6.18.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-get-function-arity/-/babel-helper-get-function-arity-6.18.0.tgz#a5b19695fd3f9cdfc328398b47dafcd7094f9f24" - dependencies: - babel-runtime "^6.0.0" - babel-types "^6.18.0" - - babel-helper-hoist-variables@^6.18.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-hoist-variables/-/babel-helper-hoist-variables-6.18.0.tgz#a835b5ab8b46d6de9babefae4d98ea41e866b82a" - dependencies: - babel-runtime "^6.0.0" - babel-types "^6.18.0" - - babel-helper-optimise-call-expression@^6.18.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-optimise-call-expression/-/babel-helper-optimise-call-expression-6.18.0.tgz#9261d0299ee1a4f08a6dd28b7b7c777348fd8f0f" - dependencies: - babel-runtime "^6.0.0" - babel-types "^6.18.0" - - babel-helper-regex@^6.8.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-regex/-/babel-helper-regex-6.18.0.tgz#ae0ebfd77de86cb2f1af258e2cc20b5fe893ecc6" - dependencies: - babel-runtime "^6.9.0" - babel-types "^6.18.0" - lodash "^4.2.0" - - babel-helper-remap-async-to-generator@^6.16.0, babel-helper-remap-async-to-generator@^6.16.2: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-remap-async-to-generator/-/babel-helper-remap-async-to-generator-6.18.0.tgz#336cdf3cab650bb191b02fc16a3708e7be7f9ce5" - dependencies: - babel-helper-function-name "^6.18.0" - babel-runtime "^6.0.0" - babel-template "^6.16.0" - babel-traverse "^6.18.0" - babel-types "^6.18.0" - - babel-helper-replace-supers@^6.18.0, babel-helper-replace-supers@^6.8.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-replace-supers/-/babel-helper-replace-supers-6.18.0.tgz#28ec69877be4144dbd64f4cc3a337e89f29a924e" - dependencies: - babel-helper-optimise-call-expression "^6.18.0" - babel-messages "^6.8.0" - babel-runtime "^6.0.0" - babel-template "^6.16.0" - babel-traverse "^6.18.0" - babel-types "^6.18.0" - - babel-helpers@^6.16.0: - version "6.16.0" - resolved "https://registry.yarnpkg.com/babel-helpers/-/babel-helpers-6.16.0.tgz#1095ec10d99279460553e67eb3eee9973d3867e3" - dependencies: - babel-runtime "^6.0.0" - babel-template "^6.16.0" - - babel-messages@^6.8.0: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-messages/-/babel-messages-6.8.0.tgz#bf504736ca967e6d65ef0adb5a2a5f947c8e0eb9" - dependencies: - babel-runtime "^6.0.0" - - babel-plugin-check-es2015-constants@^6.3.13: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-plugin-check-es2015-constants/-/babel-plugin-check-es2015-constants-6.8.0.tgz#dbf024c32ed37bfda8dee1e76da02386a8d26fe7" - dependencies: - babel-runtime "^6.0.0" - - babel-plugin-syntax-async-functions@^6.8.0: - version "6.13.0" - resolved "https://registry.yarnpkg.com/babel-plugin-syntax-async-functions/-/babel-plugin-syntax-async-functions-6.13.0.tgz#cad9cad1191b5ad634bf30ae0872391e0647be95" - - babel-plugin-syntax-async-generators@^6.5.0: - version "6.13.0" - resolved "https://registry.yarnpkg.com/babel-plugin-syntax-async-generators/-/babel-plugin-syntax-async-generators-6.13.0.tgz#6bc963ebb16eccbae6b92b596eb7f35c342a8b9a" - - babel-plugin-syntax-class-properties@^6.8.0: - version "6.13.0" - resolved "https://registry.yarnpkg.com/babel-plugin-syntax-class-properties/-/babel-plugin-syntax-class-properties-6.13.0.tgz#d7eb23b79a317f8543962c505b827c7d6cac27de" - - babel-plugin-syntax-decorators@^6.13.0: - version "6.13.0" - resolved "https://registry.yarnpkg.com/babel-plugin-syntax-decorators/-/babel-plugin-syntax-decorators-6.13.0.tgz#312563b4dbde3cc806cee3e416cceeaddd11ac0b" - - babel-plugin-syntax-exponentiation-operator@^6.8.0: - version "6.13.0" - resolved "https://registry.yarnpkg.com/babel-plugin-syntax-exponentiation-operator/-/babel-plugin-syntax-exponentiation-operator-6.13.0.tgz#9ee7e8337290da95288201a6a57f4170317830de" - - babel-plugin-syntax-flow@^6.18.0, babel-plugin-syntax-flow@^6.3.13: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-syntax-flow/-/babel-plugin-syntax-flow-6.18.0.tgz#4c3ab20a2af26aa20cd25995c398c4eb70310c8d" - - babel-plugin-syntax-jsx@^6.3.13, babel-plugin-syntax-jsx@^6.8.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-syntax-jsx/-/babel-plugin-syntax-jsx-6.18.0.tgz#0af32a9a6e13ca7a3fd5069e62d7b0f58d0d8946" - - babel-plugin-syntax-object-rest-spread@^6.8.0: - version "6.13.0" - resolved "https://registry.yarnpkg.com/babel-plugin-syntax-object-rest-spread/-/babel-plugin-syntax-object-rest-spread-6.13.0.tgz#fd6536f2bce13836ffa3a5458c4903a597bb3bf5" - - babel-plugin-syntax-trailing-function-commas@^6.3.13: - version "6.13.0" - resolved "https://registry.yarnpkg.com/babel-plugin-syntax-trailing-function-commas/-/babel-plugin-syntax-trailing-function-commas-6.13.0.tgz#2b84b7d53dd744f94ff1fad7669406274b23f541" - - babel-plugin-transform-async-generator-functions@^6.17.0: - version "6.17.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-async-generator-functions/-/babel-plugin-transform-async-generator-functions-6.17.0.tgz#d0b5a2b2f0940f2b245fa20a00519ed7bc6cae54" - dependencies: - babel-helper-remap-async-to-generator "^6.16.2" - babel-plugin-syntax-async-generators "^6.5.0" - babel-runtime "^6.0.0" - - babel-plugin-transform-async-to-generator@^6.16.0: - version "6.16.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-async-to-generator/-/babel-plugin-transform-async-to-generator-6.16.0.tgz#19ec36cb1486b59f9f468adfa42ce13908ca2999" - dependencies: - babel-helper-remap-async-to-generator "^6.16.0" - babel-plugin-syntax-async-functions "^6.8.0" - babel-runtime "^6.0.0" - - babel-plugin-transform-class-properties@^6.16.0: - version "6.19.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-class-properties/-/babel-plugin-transform-class-properties-6.19.0.tgz#1274b349abaadc835164e2004f4a2444a2788d5f" - dependencies: - babel-helper-function-name "^6.18.0" - babel-plugin-syntax-class-properties "^6.8.0" - babel-runtime "^6.9.1" - babel-template "^6.15.0" - - babel-plugin-transform-decorators@^6.13.0: - version "6.13.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-decorators/-/babel-plugin-transform-decorators-6.13.0.tgz#82d65c1470ae83e2d13eebecb0a1c2476d62da9d" - dependencies: - babel-helper-define-map "^6.8.0" - babel-helper-explode-class "^6.8.0" - babel-plugin-syntax-decorators "^6.13.0" - babel-runtime "^6.0.0" - babel-template "^6.8.0" - babel-types "^6.13.0" - - babel-plugin-transform-es2015-arrow-functions@^6.3.13: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-arrow-functions/-/babel-plugin-transform-es2015-arrow-functions-6.8.0.tgz#5b63afc3181bdc9a8c4d481b5a4f3f7d7fef3d9d" - dependencies: - babel-runtime "^6.0.0" - - babel-plugin-transform-es2015-block-scoped-functions@^6.3.13: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-block-scoped-functions/-/babel-plugin-transform-es2015-block-scoped-functions-6.8.0.tgz#ed95d629c4b5a71ae29682b998f70d9833eb366d" - dependencies: - babel-runtime "^6.0.0" - - babel-plugin-transform-es2015-block-scoping@^6.14.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-block-scoping/-/babel-plugin-transform-es2015-block-scoping-6.18.0.tgz#3bfdcfec318d46df22525cdea88f1978813653af" - dependencies: - babel-runtime "^6.9.0" - babel-template "^6.15.0" - babel-traverse "^6.18.0" - babel-types "^6.18.0" - lodash "^4.2.0" - - babel-plugin-transform-es2015-classes@^6.14.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-classes/-/babel-plugin-transform-es2015-classes-6.18.0.tgz#ffe7a17321bf83e494dcda0ae3fc72df48ffd1d9" - dependencies: - babel-helper-define-map "^6.18.0" - babel-helper-function-name "^6.18.0" - babel-helper-optimise-call-expression "^6.18.0" - babel-helper-replace-supers "^6.18.0" - babel-messages "^6.8.0" - babel-runtime "^6.9.0" - babel-template "^6.14.0" - babel-traverse "^6.18.0" - babel-types "^6.18.0" - - babel-plugin-transform-es2015-computed-properties@^6.3.13: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-computed-properties/-/babel-plugin-transform-es2015-computed-properties-6.8.0.tgz#f51010fd61b3bd7b6b60a5fdfd307bb7a5279870" - dependencies: - babel-helper-define-map "^6.8.0" - babel-runtime "^6.0.0" - babel-template "^6.8.0" - - babel-plugin-transform-es2015-destructuring@^6.16.0: - version "6.19.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-destructuring/-/babel-plugin-transform-es2015-destructuring-6.19.0.tgz#ff1d911c4b3f4cab621bd66702a869acd1900533" - dependencies: - babel-runtime "^6.9.0" - - babel-plugin-transform-es2015-duplicate-keys@^6.6.0: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-duplicate-keys/-/babel-plugin-transform-es2015-duplicate-keys-6.8.0.tgz#fd8f7f7171fc108cc1c70c3164b9f15a81c25f7d" - dependencies: - babel-runtime "^6.0.0" - babel-types "^6.8.0" - - babel-plugin-transform-es2015-for-of@^6.6.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-for-of/-/babel-plugin-transform-es2015-for-of-6.18.0.tgz#4c517504db64bf8cfc119a6b8f177211f2028a70" - dependencies: - babel-runtime "^6.0.0" - - babel-plugin-transform-es2015-function-name@^6.9.0: - version "6.9.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-function-name/-/babel-plugin-transform-es2015-function-name-6.9.0.tgz#8c135b17dbd064e5bba56ec511baaee2fca82719" - dependencies: - babel-helper-function-name "^6.8.0" - babel-runtime "^6.9.0" - babel-types "^6.9.0" - - babel-plugin-transform-es2015-literals@^6.3.13: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-literals/-/babel-plugin-transform-es2015-literals-6.8.0.tgz#50aa2e5c7958fc2ab25d74ec117e0cc98f046468" - dependencies: - babel-runtime "^6.0.0" - - babel-plugin-transform-es2015-modules-amd@^6.18.0, babel-plugin-transform-es2015-modules-amd@^6.8.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-modules-amd/-/babel-plugin-transform-es2015-modules-amd-6.18.0.tgz#49a054cbb762bdf9ae2d8a807076cfade6141e40" - dependencies: - babel-plugin-transform-es2015-modules-commonjs "^6.18.0" - babel-runtime "^6.0.0" - babel-template "^6.8.0" - - babel-plugin-transform-es2015-modules-commonjs@^6.16.0, babel-plugin-transform-es2015-modules-commonjs@^6.18.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-modules-commonjs/-/babel-plugin-transform-es2015-modules-commonjs-6.18.0.tgz#c15ae5bb11b32a0abdcc98a5837baa4ee8d67bcc" - dependencies: - babel-plugin-transform-strict-mode "^6.18.0" - babel-runtime "^6.0.0" - babel-template "^6.16.0" - babel-types "^6.18.0" - - babel-plugin-transform-es2015-modules-systemjs@^6.14.0: - version "6.19.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-modules-systemjs/-/babel-plugin-transform-es2015-modules-systemjs-6.19.0.tgz#50438136eba74527efa00a5b0fefaf1dc4071da6" - dependencies: - babel-helper-hoist-variables "^6.18.0" - babel-runtime "^6.11.6" - babel-template "^6.14.0" - - babel-plugin-transform-es2015-modules-umd@^6.12.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-modules-umd/-/babel-plugin-transform-es2015-modules-umd-6.18.0.tgz#23351770ece5c1f8e83ed67cb1d7992884491e50" - dependencies: - babel-plugin-transform-es2015-modules-amd "^6.18.0" - babel-runtime "^6.0.0" - babel-template "^6.8.0" - - babel-plugin-transform-es2015-object-super@^6.3.13: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-object-super/-/babel-plugin-transform-es2015-object-super-6.8.0.tgz#1b858740a5a4400887c23dcff6f4d56eea4a24c5" - dependencies: - babel-helper-replace-supers "^6.8.0" - babel-runtime "^6.0.0" - - babel-plugin-transform-es2015-parameters@^6.16.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-parameters/-/babel-plugin-transform-es2015-parameters-6.18.0.tgz#9b2cfe238c549f1635ba27fc1daa858be70608b1" - dependencies: - babel-helper-call-delegate "^6.18.0" - babel-helper-get-function-arity "^6.18.0" - babel-runtime "^6.9.0" - babel-template "^6.16.0" - babel-traverse "^6.18.0" - babel-types "^6.18.0" - - babel-plugin-transform-es2015-shorthand-properties@^6.3.13: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-shorthand-properties/-/babel-plugin-transform-es2015-shorthand-properties-6.18.0.tgz#e2ede3b7df47bf980151926534d1dd0cbea58f43" - dependencies: - babel-runtime "^6.0.0" - babel-types "^6.18.0" - - babel-plugin-transform-es2015-spread@^6.3.13: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-spread/-/babel-plugin-transform-es2015-spread-6.8.0.tgz#0217f737e3b821fa5a669f187c6ed59205f05e9c" - dependencies: - babel-runtime "^6.0.0" - - babel-plugin-transform-es2015-sticky-regex@^6.3.13: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-sticky-regex/-/babel-plugin-transform-es2015-sticky-regex-6.8.0.tgz#e73d300a440a35d5c64f5c2a344dc236e3df47be" - dependencies: - babel-helper-regex "^6.8.0" - babel-runtime "^6.0.0" - babel-types "^6.8.0" - - babel-plugin-transform-es2015-template-literals@^6.6.0: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-template-literals/-/babel-plugin-transform-es2015-template-literals-6.8.0.tgz#86eb876d0a2c635da4ec048b4f7de9dfc897e66b" - dependencies: - babel-runtime "^6.0.0" - - babel-plugin-transform-es2015-typeof-symbol@^6.6.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-typeof-symbol/-/babel-plugin-transform-es2015-typeof-symbol-6.18.0.tgz#0b14c48629c90ff47a0650077f6aa699bee35798" - dependencies: - babel-runtime "^6.0.0" - - babel-plugin-transform-es2015-unicode-regex@^6.3.13: - version "6.11.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-unicode-regex/-/babel-plugin-transform-es2015-unicode-regex-6.11.0.tgz#6298ceabaad88d50a3f4f392d8de997260f6ef2c" - dependencies: - babel-helper-regex "^6.8.0" - babel-runtime "^6.0.0" - regexpu-core "^2.0.0" - - babel-plugin-transform-exponentiation-operator@^6.3.13: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-exponentiation-operator/-/babel-plugin-transform-exponentiation-operator-6.8.0.tgz#db25742e9339eade676ca9acec46f955599a68a4" - dependencies: - babel-helper-builder-binary-assignment-operator-visitor "^6.8.0" - babel-plugin-syntax-exponentiation-operator "^6.8.0" - babel-runtime "^6.0.0" - - babel-plugin-transform-flow-strip-types@^6.3.13: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-flow-strip-types/-/babel-plugin-transform-flow-strip-types-6.18.0.tgz#4d3e642158661e9b40db457c004a30817fa32592" - dependencies: - babel-plugin-syntax-flow "^6.18.0" - babel-runtime "^6.0.0" - - babel-plugin-transform-object-rest-spread@^6.16.0: - version "6.19.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-object-rest-spread/-/babel-plugin-transform-object-rest-spread-6.19.0.tgz#f6ac428ee3cb4c6aa00943ed1422ce813603b34c" - dependencies: - babel-plugin-syntax-object-rest-spread "^6.8.0" - babel-runtime "^6.0.0" - - babel-plugin-transform-react-display-name@^6.3.13: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-react-display-name/-/babel-plugin-transform-react-display-name-6.8.0.tgz#f7a084977383d728bdbdc2835bba0159577f660e" - dependencies: - babel-runtime "^6.0.0" - - babel-plugin-transform-react-jsx-self@^6.11.0: - version "6.11.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-react-jsx-self/-/babel-plugin-transform-react-jsx-self-6.11.0.tgz#605c9450c1429f97a930f7e1dfe3f0d9d0dbd0f4" - dependencies: - babel-plugin-syntax-jsx "^6.8.0" - babel-runtime "^6.9.0" - - babel-plugin-transform-react-jsx-source@^6.3.13: - version "6.9.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-react-jsx-source/-/babel-plugin-transform-react-jsx-source-6.9.0.tgz#af684a05c2067a86e0957d4f343295ccf5dccf00" - dependencies: - babel-plugin-syntax-jsx "^6.8.0" - babel-runtime "^6.9.0" - - babel-plugin-transform-react-jsx@^6.3.13: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-react-jsx/-/babel-plugin-transform-react-jsx-6.8.0.tgz#94759942f70af18c617189aa7f3593f1644a71ab" - dependencies: - babel-helper-builder-react-jsx "^6.8.0" - babel-plugin-syntax-jsx "^6.8.0" - babel-runtime "^6.0.0" - - babel-plugin-transform-regenerator@^6.16.0: - version "6.16.1" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-regenerator/-/babel-plugin-transform-regenerator-6.16.1.tgz#a75de6b048a14154aae14b0122756c5bed392f59" - dependencies: - babel-runtime "^6.9.0" - babel-types "^6.16.0" - private "~0.1.5" - - babel-plugin-transform-strict-mode@^6.18.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-strict-mode/-/babel-plugin-transform-strict-mode-6.18.0.tgz#df7cf2991fe046f44163dcd110d5ca43bc652b9d" - dependencies: - babel-runtime "^6.0.0" - babel-types "^6.18.0" - - babel-polyfill@^6.16.0: - version "6.16.0" - resolved "https://registry.yarnpkg.com/babel-polyfill/-/babel-polyfill-6.16.0.tgz#2d45021df87e26a374b6d4d1a9c65964d17f2422" - dependencies: - babel-runtime "^6.9.1" - core-js "^2.4.0" - regenerator-runtime "^0.9.5" - - babel-preset-es2015@6.16.0: - version "6.16.0" - resolved "https://registry.yarnpkg.com/babel-preset-es2015/-/babel-preset-es2015-6.16.0.tgz#59acecd1efbebaf48f89404840f2fe78c4d2ad5c" - dependencies: - babel-plugin-check-es2015-constants "^6.3.13" - babel-plugin-transform-es2015-arrow-functions "^6.3.13" - babel-plugin-transform-es2015-block-scoped-functions "^6.3.13" - babel-plugin-transform-es2015-block-scoping "^6.14.0" - babel-plugin-transform-es2015-classes "^6.14.0" - babel-plugin-transform-es2015-computed-properties "^6.3.13" - babel-plugin-transform-es2015-destructuring "^6.16.0" - babel-plugin-transform-es2015-duplicate-keys "^6.6.0" - babel-plugin-transform-es2015-for-of "^6.6.0" - babel-plugin-transform-es2015-function-name "^6.9.0" - babel-plugin-transform-es2015-literals "^6.3.13" - babel-plugin-transform-es2015-modules-amd "^6.8.0" - babel-plugin-transform-es2015-modules-commonjs "^6.16.0" - babel-plugin-transform-es2015-modules-systemjs "^6.14.0" - babel-plugin-transform-es2015-modules-umd "^6.12.0" - babel-plugin-transform-es2015-object-super "^6.3.13" - babel-plugin-transform-es2015-parameters "^6.16.0" - babel-plugin-transform-es2015-shorthand-properties "^6.3.13" - babel-plugin-transform-es2015-spread "^6.3.13" - babel-plugin-transform-es2015-sticky-regex "^6.3.13" - babel-plugin-transform-es2015-template-literals "^6.6.0" - babel-plugin-transform-es2015-typeof-symbol "^6.6.0" - babel-plugin-transform-es2015-unicode-regex "^6.3.13" - babel-plugin-transform-regenerator "^6.16.0" - - babel-preset-react@6.16.0: - version "6.16.0" - resolved "https://registry.yarnpkg.com/babel-preset-react/-/babel-preset-react-6.16.0.tgz#aa117d60de0928607e343c4828906e4661824316" - dependencies: - babel-plugin-syntax-flow "^6.3.13" - babel-plugin-syntax-jsx "^6.3.13" - babel-plugin-transform-flow-strip-types "^6.3.13" - babel-plugin-transform-react-display-name "^6.3.13" - babel-plugin-transform-react-jsx "^6.3.13" - babel-plugin-transform-react-jsx-self "^6.11.0" - babel-plugin-transform-react-jsx-source "^6.3.13" - - babel-preset-stage-2@6.17.0: - version "6.17.0" - resolved "https://registry.yarnpkg.com/babel-preset-stage-2/-/babel-preset-stage-2-6.17.0.tgz#dc4f84582781353cef36c41247eae5e36c4cae0d" - dependencies: - babel-plugin-transform-class-properties "^6.16.0" - babel-plugin-transform-decorators "^6.13.0" - babel-preset-stage-3 "^6.17.0" - - babel-preset-stage-3@^6.17.0: - version "6.17.0" - resolved "https://registry.yarnpkg.com/babel-preset-stage-3/-/babel-preset-stage-3-6.17.0.tgz#b6638e46db6e91e3f889013d8ce143917c685e39" - dependencies: - babel-plugin-syntax-trailing-function-commas "^6.3.13" - babel-plugin-transform-async-generator-functions "^6.17.0" - babel-plugin-transform-async-to-generator "^6.16.0" - babel-plugin-transform-exponentiation-operator "^6.3.13" - babel-plugin-transform-object-rest-spread "^6.16.0" - - babel-register@6.16.3, babel-register@^6.16.0: - version "6.16.3" - resolved "https://registry.yarnpkg.com/babel-register/-/babel-register-6.16.3.tgz#7b0c0ca7bfdeb9188ba4c27e5fcb7599a497c624" - dependencies: - babel-core "^6.16.0" - babel-runtime "^6.11.6" - core-js "^2.4.0" - home-or-tmp "^1.0.0" - lodash "^4.2.0" - mkdirp "^0.5.1" - path-exists "^1.0.0" - source-map-support "^0.4.2" - - babel-runtime@^6.0.0, babel-runtime@^6.11.6, babel-runtime@^6.9.0, babel-runtime@^6.9.1: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-runtime/-/babel-runtime-6.18.0.tgz#0f4177ffd98492ef13b9f823e9994a02584c9078" - dependencies: - core-js "^2.4.0" - regenerator-runtime "^0.9.5" - - babel-template@^6.14.0, babel-template@^6.15.0, babel-template@^6.16.0, babel-template@^6.8.0: - version "6.16.0" - resolved "https://registry.yarnpkg.com/babel-template/-/babel-template-6.16.0.tgz#e149dd1a9f03a35f817ddbc4d0481988e7ebc8ca" - dependencies: - babel-runtime "^6.9.0" - babel-traverse "^6.16.0" - babel-types "^6.16.0" - babylon "^6.11.0" - lodash "^4.2.0" - - babel-traverse@^6.15.0, babel-traverse@^6.16.0, babel-traverse@^6.18.0: - version "6.19.0" - resolved "https://registry.yarnpkg.com/babel-traverse/-/babel-traverse-6.19.0.tgz#68363fb821e26247d52a519a84b2ceab8df4f55a" - dependencies: - babel-code-frame "^6.16.0" - babel-messages "^6.8.0" - babel-runtime "^6.9.0" - babel-types "^6.19.0" - babylon "^6.11.0" - debug "^2.2.0" - globals "^9.0.0" - invariant "^2.2.0" - lodash "^4.2.0" - - babel-types@^6.13.0, babel-types@^6.15.0, babel-types@^6.16.0, babel-types@^6.18.0, babel-types@^6.19.0, babel-types@^6.8.0, babel-types@^6.9.0: - version "6.19.0" - resolved "https://registry.yarnpkg.com/babel-types/-/babel-types-6.19.0.tgz#8db2972dbed01f1192a8b602ba1e1e4c516240b9" - dependencies: - babel-runtime "^6.9.1" - esutils "^2.0.2" - lodash "^4.2.0" - to-fast-properties "^1.0.1" - - babylon@^6.11.0, babylon@^6.11.2: - version "6.14.1" - resolved "https://registry.yarnpkg.com/babylon/-/babylon-6.14.1.tgz#956275fab72753ad9b3435d7afe58f8bf0a29815" - - backo2@^1.0.2: - version "1.0.2" - resolved "https://registry.yarnpkg.com/backo2/-/backo2-1.0.2.tgz#31ab1ac8b129363463e35b3ebb69f4dfcfba7947" - - balanced-match@^0.4.1: - version "0.4.2" - resolved "https://registry.yarnpkg.com/balanced-match/-/balanced-match-0.4.2.tgz#cb3f3e3c732dc0f01ee70b403f302e61d7709838" - - base64-url@1.3.3: - version "1.3.3" - resolved "https://registry.yarnpkg.com/base64-url/-/base64-url-1.3.3.tgz#f8b6c537f09a4fc58c99cb86e0b0e9c61461a20f" - - base64url@2.0.0, base64url@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/base64url/-/base64url-2.0.0.tgz#eac16e03ea1438eff9423d69baa36262ed1f70bb" - - basic-auth@~1.1.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/basic-auth/-/basic-auth-1.1.0.tgz#45221ee429f7ee1e5035be3f51533f1cdfd29884" - - bcrypt-pbkdf@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.0.tgz#3ca76b85241c7170bf7d9703e7b9aa74630040d4" - dependencies: - tweetnacl "^0.14.3" - - bcrypt@^1.0.2: - version "1.0.2" - resolved "https://registry.yarnpkg.com/bcrypt/-/bcrypt-1.0.2.tgz#d05fc5d223173e0e28ec381c0f00cc25ffaf2736" - dependencies: - bindings "1.2.1" - nan "2.5.0" - node-pre-gyp "0.6.32" - - bin-version-check@^2.1.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/bin-version-check/-/bin-version-check-2.1.0.tgz#e4e5df290b9069f7d111324031efc13fdd11a5b0" - dependencies: - bin-version "^1.0.0" - minimist "^1.1.0" - semver "^4.0.3" - semver-truncate "^1.0.0" - - bin-version@^1.0.0: - version "1.0.4" - resolved "https://registry.yarnpkg.com/bin-version/-/bin-version-1.0.4.tgz#9eb498ee6fd76f7ab9a7c160436f89579435d78e" - dependencies: - find-versions "^1.0.0" - - binary-extensions@^1.0.0: - version "1.8.0" - resolved "https://registry.yarnpkg.com/binary-extensions/-/binary-extensions-1.8.0.tgz#48ec8d16df4377eae5fa5884682480af4d95c774" - - bindings@1.2.1: - version "1.2.1" - resolved "https://registry.yarnpkg.com/bindings/-/bindings-1.2.1.tgz#14ad6113812d2d37d72e67b4cacb4bb726505f11" - - bl@^1.0.0: - version "1.1.2" - resolved "https://registry.yarnpkg.com/bl/-/bl-1.1.2.tgz#fdca871a99713aa00d19e3bbba41c44787a65398" - dependencies: - readable-stream "~2.0.5" - - block-stream@*: - version "0.0.9" - resolved "https://registry.yarnpkg.com/block-stream/-/block-stream-0.0.9.tgz#13ebfe778a03205cfe03751481ebb4b3300c126a" - dependencies: - inherits "~2.0.0" - - body-parser@1.15.2: - version "1.15.2" - resolved "https://registry.yarnpkg.com/body-parser/-/body-parser-1.15.2.tgz#d7578cf4f1d11d5f6ea804cef35dc7a7ff6dae67" - dependencies: - bytes "2.4.0" - content-type "~1.0.2" - debug "~2.2.0" - depd "~1.1.0" - http-errors "~1.5.0" - iconv-lite "0.4.13" - on-finished "~2.3.0" - qs "6.2.0" - raw-body "~2.1.7" - type-is "~1.6.13" - - boom@2.x.x: - version "2.10.1" - resolved "https://registry.yarnpkg.com/boom/-/boom-2.10.1.tgz#39c8918ceff5799f83f9492a848f625add0c766f" - dependencies: - hoek "2.x.x" - - boom@^4.0.0: - version "4.3.0" - resolved "https://registry.yarnpkg.com/boom/-/boom-4.3.0.tgz#1ed1b4b8cd6891b602910debe33e1d511531b847" - dependencies: - hoek "4.x.x" - - brace-expansion@^1.0.0: - version "1.1.6" - resolved "https://registry.yarnpkg.com/brace-expansion/-/brace-expansion-1.1.6.tgz#7197d7eaa9b87e648390ea61fc66c84427420df9" - dependencies: - balanced-match "^0.4.1" - concat-map "0.0.1" - - braces@^1.8.2: - version "1.8.5" - resolved "https://registry.yarnpkg.com/braces/-/braces-1.8.5.tgz#ba77962e12dff969d6b76711e914b737857bf6a7" - dependencies: - expand-range "^1.8.1" - preserve "^0.2.0" - repeat-element "^1.1.2" - - browser-stdout@1.3.0: - version "1.3.0" - resolved "https://registry.yarnpkg.com/browser-stdout/-/browser-stdout-1.3.0.tgz#f351d32969d32fa5d7a5567154263d928ae3bd1f" - - bson@~1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/bson/-/bson-1.0.1.tgz#3a5addb0f2ff88bc3436e708e4bdb8637602d72d" - - buffer-crc32@~0.2.3: - version "0.2.13" - resolved "https://registry.yarnpkg.com/buffer-crc32/-/buffer-crc32-0.2.13.tgz#0d333e3f00eac50aa1454abd30ef8c2a5d9a7242" - - buffer-equal-constant-time@1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/buffer-equal-constant-time/-/buffer-equal-constant-time-1.0.1.tgz#f8e71132f7ffe6e01a5c9697a4c6f3e48d5cc819" - - buffer-shims@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/buffer-shims/-/buffer-shims-1.0.0.tgz#9978ce317388c649ad8793028c3477ef044a8b51" - - buffer-to-vinyl@^1.0.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/buffer-to-vinyl/-/buffer-to-vinyl-1.1.0.tgz#00f15faee3ab7a1dda2cde6d9121bffdd07b2262" - dependencies: - file-type "^3.1.0" - readable-stream "^2.0.2" - uuid "^2.0.1" - vinyl "^1.0.0" - - builtin-modules@^1.0.0, builtin-modules@^1.1.1: - version "1.1.1" - resolved "https://registry.yarnpkg.com/builtin-modules/-/builtin-modules-1.1.1.tgz#270f076c5a72c02f5b65a47df94c5fe3a278892f" - - bytes@2.4.0: - version "2.4.0" - resolved "https://registry.yarnpkg.com/bytes/-/bytes-2.4.0.tgz#7d97196f9d5baf7f6935e25985549edd2a6c2339" - - caller-path@^0.1.0: - version "0.1.0" - resolved "https://registry.yarnpkg.com/caller-path/-/caller-path-0.1.0.tgz#94085ef63581ecd3daa92444a8fe94e82577751f" - dependencies: - callsites "^0.2.0" - - callsites@^0.2.0: - version "0.2.0" - resolved "https://registry.yarnpkg.com/callsites/-/callsites-0.2.0.tgz#afab96262910a7f33c19a5775825c69f34e350ca" - - camelcase-keys@^2.0.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/camelcase-keys/-/camelcase-keys-2.1.0.tgz#308beeaffdf28119051efa1d932213c91b8f92e7" - dependencies: - camelcase "^2.0.0" - map-obj "^1.0.0" - - camelcase@^2.0.0, camelcase@^2.0.1: - version "2.1.1" - resolved "https://registry.yarnpkg.com/camelcase/-/camelcase-2.1.1.tgz#7c1d16d679a1bbe59ca02cacecfb011e201f5a1f" - - caseless@~0.11.0: - version "0.11.0" - resolved "https://registry.yarnpkg.com/caseless/-/caseless-0.11.0.tgz#715b96ea9841593cc33067923f5ec60ebda4f7d7" - - chai@^3.5.0: - version "3.5.0" - resolved "https://registry.yarnpkg.com/chai/-/chai-3.5.0.tgz#4d02637b067fe958bdbfdd3a40ec56fef7373247" - dependencies: - assertion-error "^1.0.1" - deep-eql "^0.1.3" - type-detect "^1.0.0" - - chalk@1.1.1: - version "1.1.1" - resolved "https://registry.yarnpkg.com/chalk/-/chalk-1.1.1.tgz#509afb67066e7499f7eb3535c77445772ae2d019" - dependencies: - ansi-styles "^2.1.0" - escape-string-regexp "^1.0.2" - has-ansi "^2.0.0" - strip-ansi "^3.0.0" - supports-color "^2.0.0" - - chalk@^1.0.0, chalk@^1.1.0, chalk@^1.1.1, chalk@^1.1.3: - version "1.1.3" - resolved "https://registry.yarnpkg.com/chalk/-/chalk-1.1.3.tgz#a8115c55e4a702fe4d150abd3872822a7e09fc98" - dependencies: - ansi-styles "^2.2.1" - escape-string-regexp "^1.0.2" - has-ansi "^2.0.0" - strip-ansi "^3.0.0" - supports-color "^2.0.0" - - chokidar@^1.0.0, chokidar@^1.4.3: - version "1.6.1" - resolved "https://registry.yarnpkg.com/chokidar/-/chokidar-1.6.1.tgz#2f4447ab5e96e50fb3d789fd90d4c72e0e4c70c2" - dependencies: - anymatch "^1.3.0" - async-each "^1.0.0" - glob-parent "^2.0.0" - inherits "^2.0.1" - is-binary-path "^1.0.0" - is-glob "^2.0.0" - path-is-absolute "^1.0.0" - readdirp "^2.0.0" - optionalDependencies: - fsevents "^1.0.0" - - circular-json@^0.3.0: - version "0.3.1" - resolved "https://registry.yarnpkg.com/circular-json/-/circular-json-0.3.1.tgz#be8b36aefccde8b3ca7aa2d6afc07a37242c0d2d" - - cli-cursor@^1.0.1: - version "1.0.2" - resolved "https://registry.yarnpkg.com/cli-cursor/-/cli-cursor-1.0.2.tgz#64da3f7d56a54412e59794bd62dc35295e8f2987" - dependencies: - restore-cursor "^1.0.1" - - cli-width@^2.0.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/cli-width/-/cli-width-2.1.0.tgz#b234ca209b29ef66fc518d9b98d5847b00edf00a" - - cliui@^3.0.3: - version "3.2.0" - resolved "https://registry.yarnpkg.com/cliui/-/cliui-3.2.0.tgz#120601537a916d29940f934da3b48d585a39213d" - dependencies: - string-width "^1.0.1" - strip-ansi "^3.0.1" - wrap-ansi "^2.0.0" - - clone-stats@^0.0.1: - version "0.0.1" - resolved "https://registry.yarnpkg.com/clone-stats/-/clone-stats-0.0.1.tgz#b88f94a82cf38b8791d58046ea4029ad88ca99d1" - - clone@^0.2.0: - version "0.2.0" - resolved "https://registry.yarnpkg.com/clone/-/clone-0.2.0.tgz#c6126a90ad4f72dbf5acdb243cc37724fe93fc1f" - - clone@^1.0.0: - version "1.0.2" - resolved "https://registry.yarnpkg.com/clone/-/clone-1.0.2.tgz#260b7a99ebb1edfe247538175f783243cb19d149" - - co@^4.6.0: - version "4.6.0" - resolved "https://registry.yarnpkg.com/co/-/co-4.6.0.tgz#6ea6bdf3d853ae54ccb8e47bfa0bf3f9031fb184" - - code-point-at@^1.0.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/code-point-at/-/code-point-at-1.1.0.tgz#0d070b4d043a5bea33a2f1a40e2edb3d9a4ccf77" - - colors@1.0.x: - version "1.0.3" - resolved "https://registry.yarnpkg.com/colors/-/colors-1.0.3.tgz#0433f44d809680fdeb60ed260f1b0c262e82a40b" - - combined-stream@^1.0.5, combined-stream@~1.0.5: - version "1.0.5" - resolved "https://registry.yarnpkg.com/combined-stream/-/combined-stream-1.0.5.tgz#938370a57b4a51dea2c77c15d5c5fdf895164009" - dependencies: - delayed-stream "~1.0.0" - - commander@2.9.0, commander@^2.8.1, commander@^2.9.0: - version "2.9.0" - resolved "https://registry.yarnpkg.com/commander/-/commander-2.9.0.tgz#9c99094176e12240cb22d6c5146098400fe0f7d4" - dependencies: - graceful-readlink ">= 1.0.0" - - commander@~2.8.1: - version "2.8.1" - resolved "https://registry.yarnpkg.com/commander/-/commander-2.8.1.tgz#06be367febfda0c330aa1e2a072d3dc9762425d4" - dependencies: - graceful-readlink ">= 1.0.0" - - concat-map@0.0.1: - version "0.0.1" - resolved "https://registry.yarnpkg.com/concat-map/-/concat-map-0.0.1.tgz#d8a96bd77fd68df7793a73036a3ba0d5405d477b" - - concat-stream@^1.4.6, concat-stream@^1.4.7: - version "1.5.2" - resolved "https://registry.yarnpkg.com/concat-stream/-/concat-stream-1.5.2.tgz#708978624d856af41a5a741defdd261da752c266" - dependencies: - inherits "~2.0.1" - readable-stream "~2.0.0" - typedarray "~0.0.5" - - configstore@^1.0.0: - version "1.4.0" - resolved "https://registry.yarnpkg.com/configstore/-/configstore-1.4.0.tgz#c35781d0501d268c25c54b8b17f6240e8a4fb021" - dependencies: - graceful-fs "^4.1.2" - mkdirp "^0.5.0" - object-assign "^4.0.1" - os-tmpdir "^1.0.0" - osenv "^0.1.0" - uuid "^2.0.1" - write-file-atomic "^1.1.2" - xdg-basedir "^2.0.0" - - console-control-strings@^1.0.0, console-control-strings@~1.1.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/console-control-strings/-/console-control-strings-1.1.0.tgz#3d7cf4464db6446ea644bf4b39507f9851008e8e" - - contains-path@^0.1.0: - version "0.1.0" - resolved "https://registry.yarnpkg.com/contains-path/-/contains-path-0.1.0.tgz#fe8cf184ff6670b6baef01a9d4861a5cbec4120a" - - content-disposition@0.5.1: - version "0.5.1" - resolved "https://registry.yarnpkg.com/content-disposition/-/content-disposition-0.5.1.tgz#87476c6a67c8daa87e32e87616df883ba7fb071b" - - content-type@~1.0.2: - version "1.0.2" - resolved "https://registry.yarnpkg.com/content-type/-/content-type-1.0.2.tgz#b7d113aee7a8dd27bd21133c4dc2529df1721eed" - - convert-source-map@^1.1.0, convert-source-map@^1.1.1: - version "1.3.0" - resolved "https://registry.yarnpkg.com/convert-source-map/-/convert-source-map-1.3.0.tgz#e9f3e9c6e2728efc2676696a70eb382f73106a67" - - cookie-signature@1.0.6: - version "1.0.6" - resolved "https://registry.yarnpkg.com/cookie-signature/-/cookie-signature-1.0.6.tgz#e303a882b342cc3ee8ca513a79999734dab3ae2c" - - cookie@0.3.1: - version "0.3.1" - resolved "https://registry.yarnpkg.com/cookie/-/cookie-0.3.1.tgz#e7e0a1f9ef43b4c8ba925c5c5a96e806d16873bb" - - core-js@^2.4.0: - version "2.4.1" - resolved "https://registry.yarnpkg.com/core-js/-/core-js-2.4.1.tgz#4de911e667b0eae9124e34254b53aea6fc618d3e" - - core-util-is@~1.0.0: - version "1.0.2" - resolved "https://registry.yarnpkg.com/core-util-is/-/core-util-is-1.0.2.tgz#b5fd54220aa2bc5ab57aab7140c940754503c1a7" - - cors: - version "2.8.1" - resolved "https://registry.yarnpkg.com/cors/-/cors-2.8.1.tgz#6181aa56abb45a2825be3304703747ae4e9d2383" - dependencies: - vary "^1" - - crc@3.4.0: - version "3.4.0" - resolved "https://registry.yarnpkg.com/crc/-/crc-3.4.0.tgz#4258e351613a74ef1153dfcb05e820c3e9715d7f" - - cryptiles@2.x.x: - version "2.0.5" - resolved "https://registry.yarnpkg.com/cryptiles/-/cryptiles-2.0.5.tgz#3bdfecdc608147c1c67202fa291e7dca59eaa3b8" - dependencies: - boom "2.x.x" - - currently-unhandled@^0.4.1: - version "0.4.1" - resolved "https://registry.yarnpkg.com/currently-unhandled/-/currently-unhandled-0.4.1.tgz#988df33feab191ef799a61369dd76c17adf957ea" - dependencies: - array-find-index "^1.0.1" - - cycle@1.0.x: - version "1.0.3" - resolved "https://registry.yarnpkg.com/cycle/-/cycle-1.0.3.tgz#21e80b2be8580f98b468f379430662b046c34ad2" - - d@^0.1.1, d@~0.1.1: - version "0.1.1" - resolved "https://registry.yarnpkg.com/d/-/d-0.1.1.tgz#da184c535d18d8ee7ba2aa229b914009fae11309" - dependencies: - es5-ext "~0.10.2" - - damerau-levenshtein@^1.0.0: - version "1.0.3" - resolved "https://registry.yarnpkg.com/damerau-levenshtein/-/damerau-levenshtein-1.0.3.tgz#ae4f4ce0b62acae10ff63a01bb08f652f5213af2" - - dashdash@^1.12.0: - version "1.14.1" - resolved "https://registry.yarnpkg.com/dashdash/-/dashdash-1.14.1.tgz#853cfa0f7cbe2fed5de20326b8dd581035f6e2f0" - dependencies: - assert-plus "^1.0.0" - - dataloader@^1.2.0: - version "1.2.0" - resolved "https://registry.yarnpkg.com/dataloader/-/dataloader-1.2.0.tgz#3f73ea657c492c860c1633348adc55ca9bf2107e" - - debug@2, debug@2.6.8, debug@^2.1.1, debug@^2.2.0: - version "2.6.8" - resolved "https://registry.yarnpkg.com/debug/-/debug-2.6.8.tgz#e731531ca2ede27d188222427da17821d68ff4fc" - dependencies: - ms "2.0.0" - - debug@2.2.0, debug@~2.2.0: - version "2.2.0" - resolved "https://registry.yarnpkg.com/debug/-/debug-2.2.0.tgz#f87057e995b1a1f6ae6a4960664137bc56f039da" - dependencies: - ms "0.7.1" - - decamelize@^1.1.1, decamelize@^1.1.2: - version "1.2.0" - resolved "https://registry.yarnpkg.com/decamelize/-/decamelize-1.2.0.tgz#f6534d15148269b20352e7bee26f501f9a191290" - - decompress-tar@^3.0.0: - version "3.1.0" - resolved "https://registry.yarnpkg.com/decompress-tar/-/decompress-tar-3.1.0.tgz#217c789f9b94450efaadc5c5e537978fc333c466" - dependencies: - is-tar "^1.0.0" - object-assign "^2.0.0" - strip-dirs "^1.0.0" - tar-stream "^1.1.1" - through2 "^0.6.1" - vinyl "^0.4.3" - - decompress-tarbz2@^3.0.0: - version "3.1.0" - resolved "https://registry.yarnpkg.com/decompress-tarbz2/-/decompress-tarbz2-3.1.0.tgz#8b23935681355f9f189d87256a0f8bdd96d9666d" - dependencies: - is-bzip2 "^1.0.0" - object-assign "^2.0.0" - seek-bzip "^1.0.3" - strip-dirs "^1.0.0" - tar-stream "^1.1.1" - through2 "^0.6.1" - vinyl "^0.4.3" - - decompress-targz@^3.0.0: - version "3.1.0" - resolved "https://registry.yarnpkg.com/decompress-targz/-/decompress-targz-3.1.0.tgz#b2c13df98166268991b715d6447f642e9696f5a0" - dependencies: - is-gzip "^1.0.0" - object-assign "^2.0.0" - strip-dirs "^1.0.0" - tar-stream "^1.1.1" - through2 "^0.6.1" - vinyl "^0.4.3" - - decompress-unzip@^3.0.0: - version "3.4.0" - resolved "https://registry.yarnpkg.com/decompress-unzip/-/decompress-unzip-3.4.0.tgz#61475b4152066bbe3fee12f9d629d15fe6478eeb" - dependencies: - is-zip "^1.0.0" - read-all-stream "^3.0.0" - stat-mode "^0.2.0" - strip-dirs "^1.0.0" - through2 "^2.0.0" - vinyl "^1.0.0" - yauzl "^2.2.1" - - decompress@^3.0.0: - version "3.0.0" - resolved "https://registry.yarnpkg.com/decompress/-/decompress-3.0.0.tgz#af1dd50d06e3bfc432461d37de11b38c0d991bed" - dependencies: - buffer-to-vinyl "^1.0.0" - concat-stream "^1.4.6" - decompress-tar "^3.0.0" - decompress-tarbz2 "^3.0.0" - decompress-targz "^3.0.0" - decompress-unzip "^3.0.0" - stream-combiner2 "^1.1.1" - vinyl-assign "^1.0.1" - vinyl-fs "^2.2.0" - - deep-eql@^0.1.3: - version "0.1.3" - resolved "https://registry.yarnpkg.com/deep-eql/-/deep-eql-0.1.3.tgz#ef558acab8de25206cd713906d74e56930eb69f2" - dependencies: - type-detect "0.1.1" - - deep-extend@~0.4.0: - version "0.4.1" - resolved "https://registry.yarnpkg.com/deep-extend/-/deep-extend-0.4.1.tgz#efe4113d08085f4e6f9687759810f807469e2253" - - deep-is@~0.1.3: - version "0.1.3" - resolved "https://registry.yarnpkg.com/deep-is/-/deep-is-0.1.3.tgz#b369d6fb5dbc13eecf524f91b070feedc357cf34" - - del@^2.0.2: - version "2.2.2" - resolved "https://registry.yarnpkg.com/del/-/del-2.2.2.tgz#c12c981d067846c84bcaf862cff930d907ffd1a8" - dependencies: - globby "^5.0.0" - is-path-cwd "^1.0.0" - is-path-in-cwd "^1.0.0" - object-assign "^4.0.1" - pify "^2.0.0" - pinkie-promise "^2.0.0" - rimraf "^2.2.8" - - delayed-stream@~1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/delayed-stream/-/delayed-stream-1.0.0.tgz#df3ae199acadfb7d440aaae0b29e2272b24ec619" - - delegates@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/delegates/-/delegates-1.0.0.tgz#84c6e159b81904fdca59a0ef44cd870d31250f9a" - - denodeify@^1.2.1: - version "1.2.1" - resolved "https://registry.yarnpkg.com/denodeify/-/denodeify-1.2.1.tgz#3a36287f5034e699e7577901052c2e6c94251631" - - depd@~1.1.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/depd/-/depd-1.1.0.tgz#e1bd82c6aab6ced965b97b88b17ed3e528ca18c3" - - deprecated-decorator@^0.1.6: - version "0.1.6" - resolved "https://registry.yarnpkg.com/deprecated-decorator/-/deprecated-decorator-0.1.6.tgz#00966317b7a12fe92f3cc831f7583af329b86c37" - - destroy@~1.0.4: - version "1.0.4" - resolved "https://registry.yarnpkg.com/destroy/-/destroy-1.0.4.tgz#978857442c44749e4206613e37946205826abd80" - - detect-indent@^4.0.0: - version "4.0.0" - resolved "https://registry.yarnpkg.com/detect-indent/-/detect-indent-4.0.0.tgz#f76d064352cdf43a1cb6ce619c4ee3a9475de208" - dependencies: - repeating "^2.0.0" - - diff@1.4.0: - version "1.4.0" - resolved "https://registry.yarnpkg.com/diff/-/diff-1.4.0.tgz#7f28d2eb9ee7b15a97efd89ce63dcfdaa3ccbabf" - - doctrine@1.3.x: - version "1.3.0" - resolved "https://registry.yarnpkg.com/doctrine/-/doctrine-1.3.0.tgz#13e75682b55518424276f7c173783456ef913d26" - dependencies: - esutils "^2.0.2" - isarray "^1.0.0" - - doctrine@^1.2.2: - version "1.5.0" - resolved "https://registry.yarnpkg.com/doctrine/-/doctrine-1.5.0.tgz#379dce730f6166f76cefa4e6707a159b02c5a6fa" - dependencies: - esutils "^2.0.2" - isarray "^1.0.0" - - dotenv@2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/dotenv/-/dotenv-2.0.0.tgz#bd759c357aaa70365e01c96b7b0bec08a6e0d949" - - duplexer2@~0.1.0: - version "0.1.4" - resolved "https://registry.yarnpkg.com/duplexer2/-/duplexer2-0.1.4.tgz#8b12dab878c0d69e3e7891051662a32fc6bddcc1" - dependencies: - readable-stream "^2.0.2" - - duplexer@~0.1.1: - version "0.1.1" - resolved "https://registry.yarnpkg.com/duplexer/-/duplexer-0.1.1.tgz#ace6ff808c1ce66b57d1ebf97977acb02334cfc1" - - duplexify@^3.2.0: - version "3.5.0" - resolved "https://registry.yarnpkg.com/duplexify/-/duplexify-3.5.0.tgz#1aa773002e1578457e9d9d4a50b0ccaaebcbd604" - dependencies: - end-of-stream "1.0.0" - inherits "^2.0.1" - readable-stream "^2.0.0" - stream-shift "^1.0.0" - - ecc-jsbn@~0.1.1: - version "0.1.1" - resolved "https://registry.yarnpkg.com/ecc-jsbn/-/ecc-jsbn-0.1.1.tgz#0fc73a9ed5f0d53c38193398523ef7e543777505" - dependencies: - jsbn "~0.1.0" - - ecdsa-sig-formatter@1.0.9: - version "1.0.9" - resolved "https://registry.yarnpkg.com/ecdsa-sig-formatter/-/ecdsa-sig-formatter-1.0.9.tgz#4bc926274ec3b5abb5016e7e1d60921ac262b2a1" - dependencies: - base64url "^2.0.0" - safe-buffer "^5.0.1" - - ee-first@1.1.1: - version "1.1.1" - resolved "https://registry.yarnpkg.com/ee-first/-/ee-first-1.1.1.tgz#590c61156b0ae2f4f0255732a158b266bc56b21d" - - encodeurl@~1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/encodeurl/-/encodeurl-1.0.1.tgz#79e3d58655346909fe6f0f45a5de68103b294d20" - - encoding@^0.1.11: - version "0.1.12" - resolved "https://registry.yarnpkg.com/encoding/-/encoding-0.1.12.tgz#538b66f3ee62cd1ab51ec323829d1f9480c74beb" - dependencies: - iconv-lite "~0.4.13" - - end-of-stream@1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/end-of-stream/-/end-of-stream-1.0.0.tgz#d4596e702734a93e40e9af864319eabd99ff2f0e" - dependencies: - once "~1.3.0" - - end-of-stream@^1.0.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/end-of-stream/-/end-of-stream-1.1.0.tgz#e9353258baa9108965efc41cb0ef8ade2f3cfb07" - dependencies: - once "~1.3.0" - - error-ex@^1.2.0: - version "1.3.0" - resolved "https://registry.yarnpkg.com/error-ex/-/error-ex-1.3.0.tgz#e67b43f3e82c96ea3a584ffee0b9fc3325d802d9" - dependencies: - is-arrayish "^0.2.1" - - es5-ext@^0.10.7, es5-ext@^0.10.8, es5-ext@~0.10.11, es5-ext@~0.10.2, es5-ext@~0.10.7: - version "0.10.12" - resolved "https://registry.yarnpkg.com/es5-ext/-/es5-ext-0.10.12.tgz#aa84641d4db76b62abba5e45fd805ecbab140047" - dependencies: - es6-iterator "2" - es6-symbol "~3.1" - - es6-iterator@2: - version "2.0.0" - resolved "https://registry.yarnpkg.com/es6-iterator/-/es6-iterator-2.0.0.tgz#bd968567d61635e33c0b80727613c9cb4b096bac" - dependencies: - d "^0.1.1" - es5-ext "^0.10.7" - es6-symbol "3" - - es6-map@^0.1.3: - version "0.1.4" - resolved "https://registry.yarnpkg.com/es6-map/-/es6-map-0.1.4.tgz#a34b147be224773a4d7da8072794cefa3632b897" - dependencies: - d "~0.1.1" - es5-ext "~0.10.11" - es6-iterator "2" - es6-set "~0.1.3" - es6-symbol "~3.1.0" - event-emitter "~0.3.4" - - es6-promise@3.2.1: - version "3.2.1" - resolved "https://registry.yarnpkg.com/es6-promise/-/es6-promise-3.2.1.tgz#ec56233868032909207170c39448e24449dd1fc4" - - es6-promise@^3.0.2, es6-promise@^3.2.1: - version "3.3.1" - resolved "https://registry.yarnpkg.com/es6-promise/-/es6-promise-3.3.1.tgz#a08cdde84ccdbf34d027a1451bc91d4bcd28a613" - - es6-set@~0.1.3: - version "0.1.4" - resolved "https://registry.yarnpkg.com/es6-set/-/es6-set-0.1.4.tgz#9516b6761c2964b92ff479456233a247dc707ce8" - dependencies: - d "~0.1.1" - es5-ext "~0.10.11" - es6-iterator "2" - es6-symbol "3" - event-emitter "~0.3.4" - - es6-symbol@3, es6-symbol@~3.1, es6-symbol@~3.1.0: - version "3.1.0" - resolved "https://registry.yarnpkg.com/es6-symbol/-/es6-symbol-3.1.0.tgz#94481c655e7a7cad82eba832d97d5433496d7ffa" - dependencies: - d "~0.1.1" - es5-ext "~0.10.11" - - es6-weak-map@^2.0.1: - version "2.0.1" - resolved "https://registry.yarnpkg.com/es6-weak-map/-/es6-weak-map-2.0.1.tgz#0d2bbd8827eb5fb4ba8f97fbfea50d43db21ea81" - dependencies: - d "^0.1.1" - es5-ext "^0.10.8" - es6-iterator "2" - es6-symbol "3" - - escape-html@~1.0.3: - version "1.0.3" - resolved "https://registry.yarnpkg.com/escape-html/-/escape-html-1.0.3.tgz#0258eae4d3d0c0974de1c169188ef0051d1d1988" - - escape-string-regexp@1.0.5, escape-string-regexp@^1.0.2, escape-string-regexp@^1.0.5: - version "1.0.5" - resolved "https://registry.yarnpkg.com/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz#1b61c0562190a8dff6ae3bb2cf0200ca130b86d4" - - escope@^3.6.0: - version "3.6.0" - resolved "https://registry.yarnpkg.com/escope/-/escope-3.6.0.tgz#e01975e812781a163a6dadfdd80398dc64c889c3" - dependencies: - es6-map "^0.1.3" - es6-weak-map "^2.0.1" - esrecurse "^4.1.0" - estraverse "^4.1.1" - - eslint-config-react-app@^0.4.0: - version "0.4.0" - resolved "https://registry.yarnpkg.com/eslint-config-react-app/-/eslint-config-react-app-0.4.0.tgz#7f87bfd2a35ed7aa17860b6b002b4197fea385d0" - - eslint-import-resolver-node@^0.2.0: - version "0.2.3" - resolved "https://registry.yarnpkg.com/eslint-import-resolver-node/-/eslint-import-resolver-node-0.2.3.tgz#5add8106e8c928db2cba232bcd9efa846e3da16c" - dependencies: - debug "^2.2.0" - object-assign "^4.0.1" - resolve "^1.1.6" - - eslint-module-utils@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/eslint-module-utils/-/eslint-module-utils-1.0.0.tgz#c4a57fd3a53efd8426cc2d5550aadab9bbd05fd0" - dependencies: - debug "2.2.0" - pkg-dir "^1.0.0" - - eslint-plugin-babel@3.3.0: - version "3.3.0" - resolved "https://registry.yarnpkg.com/eslint-plugin-babel/-/eslint-plugin-babel-3.3.0.tgz#2f494aedcf6f4aa4e75b9155980837bc1fbde193" - - eslint-plugin-flowtype@2.21.0: - version "2.21.0" - resolved "https://registry.yarnpkg.com/eslint-plugin-flowtype/-/eslint-plugin-flowtype-2.21.0.tgz#a47e85abcdd181d37a336054bd552149ae387d9c" - dependencies: - lodash "^4.15.0" - - eslint-plugin-import@2.0.1: - version "2.0.1" - resolved "https://registry.yarnpkg.com/eslint-plugin-import/-/eslint-plugin-import-2.0.1.tgz#dcfe96357d476b3f822570d42c29bec66f5d9c5c" - dependencies: - builtin-modules "^1.1.1" - contains-path "^0.1.0" - debug "^2.2.0" - doctrine "1.3.x" - eslint-import-resolver-node "^0.2.0" - eslint-module-utils "^1.0.0" - has "^1.0.1" - lodash.cond "^4.3.0" - minimatch "^3.0.3" - pkg-up "^1.0.0" - - eslint-plugin-jsx-a11y@2.2.3: - version "2.2.3" - resolved "https://registry.yarnpkg.com/eslint-plugin-jsx-a11y/-/eslint-plugin-jsx-a11y-2.2.3.tgz#4e35cb71b8a7db702ac415c806eb8e8d9ea6c65d" - dependencies: - damerau-levenshtein "^1.0.0" - jsx-ast-utils "^1.0.0" - object-assign "^4.0.1" - - eslint-plugin-react@6.4.1: - version "6.4.1" - resolved "https://registry.yarnpkg.com/eslint-plugin-react/-/eslint-plugin-react-6.4.1.tgz#7d1aade747db15892f71eee1fea4addf97bcfa2b" - dependencies: - doctrine "^1.2.2" - jsx-ast-utils "^1.3.1" - - eslint@3.8.1: - version "3.8.1" - resolved "https://registry.yarnpkg.com/eslint/-/eslint-3.8.1.tgz#7d02db44cd5aaf4fa7aa489e1f083baa454342ba" - dependencies: - chalk "^1.1.3" - concat-stream "^1.4.6" - debug "^2.1.1" - doctrine "^1.2.2" - escope "^3.6.0" - espree "^3.3.1" - estraverse "^4.2.0" - esutils "^2.0.2" - file-entry-cache "^2.0.0" - glob "^7.0.3" - globals "^9.2.0" - ignore "^3.1.5" - imurmurhash "^0.1.4" - inquirer "^0.12.0" - is-my-json-valid "^2.10.0" - is-resolvable "^1.0.0" - js-yaml "^3.5.1" - json-stable-stringify "^1.0.0" - levn "^0.3.0" - lodash "^4.0.0" - mkdirp "^0.5.0" - natural-compare "^1.4.0" - optionator "^0.8.2" - path-is-inside "^1.0.1" - pluralize "^1.2.1" - progress "^1.1.8" - require-uncached "^1.0.2" - shelljs "^0.6.0" - strip-bom "^3.0.0" - strip-json-comments "~1.0.1" - table "^3.7.8" - text-table "~0.2.0" - user-home "^2.0.0" - - espree@^3.3.1: - version "3.3.2" - resolved "https://registry.yarnpkg.com/espree/-/espree-3.3.2.tgz#dbf3fadeb4ecb4d4778303e50103b3d36c88b89c" - dependencies: - acorn "^4.0.1" - acorn-jsx "^3.0.0" - - esprima@^2.6.0: - version "2.7.3" - resolved "https://registry.yarnpkg.com/esprima/-/esprima-2.7.3.tgz#96e3b70d5779f6ad49cd032673d1c312767ba581" - - esrecurse@^4.1.0: - version "4.1.0" - resolved "https://registry.yarnpkg.com/esrecurse/-/esrecurse-4.1.0.tgz#4713b6536adf7f2ac4f327d559e7756bff648220" - dependencies: - estraverse "~4.1.0" - object-assign "^4.0.1" - - estraverse@^4.1.1, estraverse@^4.2.0: - version "4.2.0" - resolved "https://registry.yarnpkg.com/estraverse/-/estraverse-4.2.0.tgz#0dee3fed31fcd469618ce7342099fc1afa0bdb13" - - estraverse@~4.1.0: - version "4.1.1" - resolved "https://registry.yarnpkg.com/estraverse/-/estraverse-4.1.1.tgz#f6caca728933a850ef90661d0e17982ba47111a2" - - esutils@^2.0.0, esutils@^2.0.2: - version "2.0.2" - resolved "https://registry.yarnpkg.com/esutils/-/esutils-2.0.2.tgz#0abf4f1caa5bcb1f7a9d8acc6dea4faaa04bac9b" - - etag@~1.7.0: - version "1.7.0" - resolved "https://registry.yarnpkg.com/etag/-/etag-1.7.0.tgz#03d30b5f67dd6e632d2945d30d6652731a34d5d8" - - event-emitter@~0.3.4: - version "0.3.4" - resolved "https://registry.yarnpkg.com/event-emitter/-/event-emitter-0.3.4.tgz#8d63ddfb4cfe1fae3b32ca265c4c720222080bb5" - dependencies: - d "~0.1.1" - es5-ext "~0.10.7" - - event-stream@~3.3.0: - version "3.3.4" - resolved "https://registry.yarnpkg.com/event-stream/-/event-stream-3.3.4.tgz#4ab4c9a0f5a54db9338b4c34d86bfce8f4b35571" - dependencies: - duplexer "~0.1.1" - from "~0" - map-stream "~0.1.0" - pause-stream "0.0.11" - split "0.3" - stream-combiner "~0.0.4" - through "~2.3.1" - - exit-hook@^1.0.0: - version "1.1.1" - resolved "https://registry.yarnpkg.com/exit-hook/-/exit-hook-1.1.1.tgz#f05ca233b48c05d54fff07765df8507e95c02ff8" - - expand-brackets@^0.1.4: - version "0.1.5" - resolved "https://registry.yarnpkg.com/expand-brackets/-/expand-brackets-0.1.5.tgz#df07284e342a807cd733ac5af72411e581d1177b" - dependencies: - is-posix-bracket "^0.1.0" - - expand-range@^1.8.1: - version "1.8.2" - resolved "https://registry.yarnpkg.com/expand-range/-/expand-range-1.8.2.tgz#a299effd335fe2721ebae8e257ec79644fc85337" - dependencies: - fill-range "^2.1.0" - - express-session@1.14.1: - version "1.14.1" - resolved "https://registry.yarnpkg.com/express-session/-/express-session-1.14.1.tgz#600364f0f6bf5dce32649e006770bdeee80aec99" - dependencies: - cookie "0.3.1" - cookie-signature "1.0.6" - crc "3.4.0" - debug "~2.2.0" - depd "~1.1.0" - on-headers "~1.0.1" - parseurl "~1.3.1" - uid-safe "~2.1.2" - utils-merge "1.0.0" - - express@4.14.0: - version "4.14.0" - resolved "https://registry.yarnpkg.com/express/-/express-4.14.0.tgz#c1ee3f42cdc891fb3dc650a8922d51ec847d0d66" - dependencies: - accepts "~1.3.3" - array-flatten "1.1.1" - content-disposition "0.5.1" - content-type "~1.0.2" - cookie "0.3.1" - cookie-signature "1.0.6" - debug "~2.2.0" - depd "~1.1.0" - encodeurl "~1.0.1" - escape-html "~1.0.3" - etag "~1.7.0" - finalhandler "0.5.0" - fresh "0.3.0" - merge-descriptors "1.0.1" - methods "~1.1.2" - on-finished "~2.3.0" - parseurl "~1.3.1" - path-to-regexp "0.1.7" - proxy-addr "~1.1.2" - qs "6.2.0" - range-parser "~1.2.0" - send "0.14.1" - serve-static "~1.11.1" - type-is "~1.6.13" - utils-merge "1.0.0" - vary "~1.1.0" - - extend-shallow@^2.0.1: - version "2.0.1" - resolved "https://registry.yarnpkg.com/extend-shallow/-/extend-shallow-2.0.1.tgz#51af7d614ad9a9f610ea1bafbb989d6b1c56890f" - dependencies: - is-extendable "^0.1.0" - - extend@3, extend@^3.0.0, extend@~3.0.0: - version "3.0.0" - resolved "https://registry.yarnpkg.com/extend/-/extend-3.0.0.tgz#5a474353b9f3353ddd8176dfd37b91c83a46f1d4" - - extglob@^0.3.1: - version "0.3.2" - resolved "https://registry.yarnpkg.com/extglob/-/extglob-0.3.2.tgz#2e18ff3d2f49ab2765cec9023f011daa8d8349a1" - dependencies: - is-extglob "^1.0.0" - - extsprintf@1.0.2: - version "1.0.2" - resolved "https://registry.yarnpkg.com/extsprintf/-/extsprintf-1.0.2.tgz#e1080e0658e300b06294990cc70e1502235fd550" - - eyes@0.1.x: - version "0.1.8" - resolved "https://registry.yarnpkg.com/eyes/-/eyes-0.1.8.tgz#62cf120234c683785d902348a800ef3e0cc20bc0" - - fast-levenshtein@~2.0.4: - version "2.0.5" - resolved "https://registry.yarnpkg.com/fast-levenshtein/-/fast-levenshtein-2.0.5.tgz#bd33145744519ab1c36c3ee9f31f08e9079b67f2" - - fd-slicer@~1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/fd-slicer/-/fd-slicer-1.0.1.tgz#8b5bcbd9ec327c5041bf9ab023fd6750f1177e65" - dependencies: - pend "~1.2.0" - - figures@^1.3.5: - version "1.7.0" - resolved "https://registry.yarnpkg.com/figures/-/figures-1.7.0.tgz#cbe1e3affcf1cd44b80cadfed28dc793a9701d2e" - dependencies: - escape-string-regexp "^1.0.5" - object-assign "^4.1.0" - - file-entry-cache@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/file-entry-cache/-/file-entry-cache-2.0.0.tgz#c392990c3e684783d838b8c84a45d8a048458361" - dependencies: - flat-cache "^1.2.1" - object-assign "^4.0.1" - - file-type@^3.1.0: - version "3.9.0" - resolved "https://registry.yarnpkg.com/file-type/-/file-type-3.9.0.tgz#257a078384d1db8087bc449d107d52a52672b9e9" - - filename-regex@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/filename-regex/-/filename-regex-2.0.0.tgz#996e3e80479b98b9897f15a8a58b3d084e926775" - - fill-range@^2.1.0: - version "2.2.3" - resolved "https://registry.yarnpkg.com/fill-range/-/fill-range-2.2.3.tgz#50b77dfd7e469bc7492470963699fe7a8485a723" - dependencies: - is-number "^2.1.0" - isobject "^2.0.0" - randomatic "^1.1.3" - repeat-element "^1.1.2" - repeat-string "^1.5.2" - - finalhandler@0.5.0: - version "0.5.0" - resolved "https://registry.yarnpkg.com/finalhandler/-/finalhandler-0.5.0.tgz#e9508abece9b6dba871a6942a1d7911b91911ac7" - dependencies: - debug "~2.2.0" - escape-html "~1.0.3" - on-finished "~2.3.0" - statuses "~1.3.0" - unpipe "~1.0.0" - - find-up@^1.0.0: - version "1.1.2" - resolved "https://registry.yarnpkg.com/find-up/-/find-up-1.1.2.tgz#6b2e9822b1a2ce0a60ab64d610eccad53cb24d0f" - dependencies: - path-exists "^2.0.0" - pinkie-promise "^2.0.0" - - find-versions@^1.0.0: - version "1.2.1" - resolved "https://registry.yarnpkg.com/find-versions/-/find-versions-1.2.1.tgz#cbde9f12e38575a0af1be1b9a2c5d5fd8f186b62" - dependencies: - array-uniq "^1.0.0" - get-stdin "^4.0.1" - meow "^3.5.0" - semver-regex "^1.0.0" - - first-chunk-stream@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/first-chunk-stream/-/first-chunk-stream-1.0.0.tgz#59bfb50cd905f60d7c394cd3d9acaab4e6ad934e" - - flat-cache@^1.2.1: - version "1.2.1" - resolved "https://registry.yarnpkg.com/flat-cache/-/flat-cache-1.2.1.tgz#6c837d6225a7de5659323740b36d5361f71691ff" - dependencies: - circular-json "^0.3.0" - del "^2.0.2" - graceful-fs "^4.1.2" - write "^0.2.1" - - for-in@^0.1.5: - version "0.1.6" - resolved "https://registry.yarnpkg.com/for-in/-/for-in-0.1.6.tgz#c9f96e89bfad18a545af5ec3ed352a1d9e5b4dc8" - - for-own@^0.1.4: - version "0.1.4" - resolved "https://registry.yarnpkg.com/for-own/-/for-own-0.1.4.tgz#0149b41a39088c7515f51ebe1c1386d45f935072" - dependencies: - for-in "^0.1.5" - - forever-agent@~0.6.1: - version "0.6.1" - resolved "https://registry.yarnpkg.com/forever-agent/-/forever-agent-0.6.1.tgz#fbc71f0c41adeb37f96c577ad1ed42d8fdacca91" - - form-data@~2.1.1: - version "2.1.2" - resolved "https://registry.yarnpkg.com/form-data/-/form-data-2.1.2.tgz#89c3534008b97eada4cbb157d58f6f5df025eae4" - dependencies: - asynckit "^0.4.0" - combined-stream "^1.0.5" - mime-types "^2.1.12" - - forwarded@~0.1.0: - version "0.1.0" - resolved "https://registry.yarnpkg.com/forwarded/-/forwarded-0.1.0.tgz#19ef9874c4ae1c297bcf078fde63a09b66a84363" - - fresh@0.3.0: - version "0.3.0" - resolved "https://registry.yarnpkg.com/fresh/-/fresh-0.3.0.tgz#651f838e22424e7566de161d8358caa199f83d4f" - - from@~0: - version "0.1.3" - resolved "https://registry.yarnpkg.com/from/-/from-0.1.3.tgz#ef63ac2062ac32acf7862e0d40b44b896f22f3bc" - - fs-readdir-recursive@^0.1.0: - version "0.1.2" - resolved "https://registry.yarnpkg.com/fs-readdir-recursive/-/fs-readdir-recursive-0.1.2.tgz#315b4fb8c1ca5b8c47defef319d073dad3568059" - - fs.realpath@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/fs.realpath/-/fs.realpath-1.0.0.tgz#1504ad2523158caa40db4a2787cb01411994ea4f" - - fsevents@^1.0.0: - version "1.0.15" - resolved "https://registry.yarnpkg.com/fsevents/-/fsevents-1.0.15.tgz#fa63f590f3c2ad91275e4972a6cea545fb0aae44" - dependencies: - nan "^2.3.0" - node-pre-gyp "^0.6.29" - - fstream-ignore@~1.0.5: - version "1.0.5" - resolved "https://registry.yarnpkg.com/fstream-ignore/-/fstream-ignore-1.0.5.tgz#9c31dae34767018fe1d249b24dada67d092da105" - dependencies: - fstream "^1.0.0" - inherits "2" - minimatch "^3.0.0" - - fstream@^1.0.0, fstream@^1.0.2, fstream@~1.0.10: - version "1.0.10" - resolved "https://registry.yarnpkg.com/fstream/-/fstream-1.0.10.tgz#604e8a92fe26ffd9f6fae30399d4984e1ab22822" - dependencies: - graceful-fs "^4.1.2" - inherits "~2.0.0" - mkdirp ">=0.5 0" - rimraf "2" - - function-bind@^1.0.2: - version "1.1.0" - resolved "https://registry.yarnpkg.com/function-bind/-/function-bind-1.1.0.tgz#16176714c801798e4e8f2cf7f7529467bb4a5771" - - gauge@~2.7.1: - version "2.7.2" - resolved "https://registry.yarnpkg.com/gauge/-/gauge-2.7.2.tgz#15cecc31b02d05345a5d6b0e171cdb3ad2307774" - dependencies: - aproba "^1.0.3" - console-control-strings "^1.0.0" - has-unicode "^2.0.0" - object-assign "^4.1.0" - signal-exit "^3.0.0" - string-width "^1.0.1" - strip-ansi "^3.0.1" - supports-color "^0.2.0" - wide-align "^1.1.0" - - generate-function@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/generate-function/-/generate-function-2.0.0.tgz#6858fe7c0969b7d4e9093337647ac79f60dfbe74" - - generate-object-property@^1.1.0: - version "1.2.0" - resolved "https://registry.yarnpkg.com/generate-object-property/-/generate-object-property-1.2.0.tgz#9c0e1c40308ce804f4783618b937fa88f99d50d0" - dependencies: - is-property "^1.0.0" - - get-stdin@^4.0.1: - version "4.0.1" - resolved "https://registry.yarnpkg.com/get-stdin/-/get-stdin-4.0.1.tgz#b968c6b0a04384324902e8bf1a5df32579a450fe" - - getos@^2.7.0: - version "2.8.2" - resolved "https://registry.yarnpkg.com/getos/-/getos-2.8.2.tgz#365e7e3b2cf74cb85ebb6d1d8c76633580cee534" - dependencies: - async "2.0.1" - - getpass@^0.1.1: - version "0.1.6" - resolved "https://registry.yarnpkg.com/getpass/-/getpass-0.1.6.tgz#283ffd9fc1256840875311c1b60e8c40187110e6" - dependencies: - assert-plus "^1.0.0" - - glob-base@^0.3.0: - version "0.3.0" - resolved "https://registry.yarnpkg.com/glob-base/-/glob-base-0.3.0.tgz#dbb164f6221b1c0b1ccf82aea328b497df0ea3c4" - dependencies: - glob-parent "^2.0.0" - is-glob "^2.0.0" - - glob-parent@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/glob-parent/-/glob-parent-2.0.0.tgz#81383d72db054fcccf5336daa902f182f6edbb28" - dependencies: - is-glob "^2.0.0" - - glob-parent@^3.0.0: - version "3.0.1" - resolved "https://registry.yarnpkg.com/glob-parent/-/glob-parent-3.0.1.tgz#60021327cc963ddc3b5f085764f500479ecd82ff" - dependencies: - is-glob "^3.1.0" - path-dirname "^1.0.0" - - glob-stream@^5.3.2: - version "5.3.5" - resolved "https://registry.yarnpkg.com/glob-stream/-/glob-stream-5.3.5.tgz#a55665a9a8ccdc41915a87c701e32d4e016fad22" - dependencies: - extend "^3.0.0" - glob "^5.0.3" - glob-parent "^3.0.0" - micromatch "^2.3.7" - ordered-read-streams "^0.3.0" - through2 "^0.6.0" - to-absolute-glob "^0.1.1" - unique-stream "^2.0.2" - - glob@7.0.5: - version "7.0.5" - resolved "https://registry.yarnpkg.com/glob/-/glob-7.0.5.tgz#b4202a69099bbb4d292a7c1b95b6682b67ebdc95" - dependencies: - fs.realpath "^1.0.0" - inflight "^1.0.4" - inherits "2" - minimatch "^3.0.2" - once "^1.3.0" - path-is-absolute "^1.0.0" - - glob@^5.0.3, glob@^5.0.5: - version "5.0.15" - resolved "https://registry.yarnpkg.com/glob/-/glob-5.0.15.tgz#1bc936b9e02f4a603fcc222ecf7633d30b8b93b1" - dependencies: - inflight "^1.0.4" - inherits "2" - minimatch "2 || 3" - once "^1.3.0" - path-is-absolute "^1.0.0" - - glob@^7.0.3, glob@^7.0.5: - version "7.1.1" - resolved "https://registry.yarnpkg.com/glob/-/glob-7.1.1.tgz#805211df04faaf1c63a3600306cdf5ade50b2ec8" - dependencies: - fs.realpath "^1.0.0" - inflight "^1.0.4" - inherits "2" - minimatch "^3.0.2" - once "^1.3.0" - path-is-absolute "^1.0.0" - - globals@^9.0.0, globals@^9.2.0: - version "9.14.0" - resolved "https://registry.yarnpkg.com/globals/-/globals-9.14.0.tgz#8859936af0038741263053b39d0e76ca241e4034" - - globby@^5.0.0: - version "5.0.0" - resolved "https://registry.yarnpkg.com/globby/-/globby-5.0.0.tgz#ebd84667ca0dbb330b99bcfc68eac2bc54370e0d" - dependencies: - array-union "^1.0.1" - arrify "^1.0.0" - glob "^7.0.3" - object-assign "^4.0.1" - pify "^2.0.0" - pinkie-promise "^2.0.0" - - got@^3.2.0: - version "3.3.1" - resolved "https://registry.yarnpkg.com/got/-/got-3.3.1.tgz#e5d0ed4af55fc3eef4d56007769d98192bcb2eca" - dependencies: - duplexify "^3.2.0" - infinity-agent "^2.0.0" - is-redirect "^1.0.0" - is-stream "^1.0.0" - lowercase-keys "^1.0.0" - nested-error-stacks "^1.0.0" - object-assign "^3.0.0" - prepend-http "^1.0.0" - read-all-stream "^3.0.0" - timed-out "^2.0.0" - - graceful-fs@^4.0.0, graceful-fs@^4.1.2, graceful-fs@^4.1.4: - version "4.1.11" - resolved "https://registry.yarnpkg.com/graceful-fs/-/graceful-fs-4.1.11.tgz#0e8bdfe4d1ddb8854d64e04ea7c00e2a026e5658" - - "graceful-readlink@>= 1.0.0": - version "1.0.1" - resolved "https://registry.yarnpkg.com/graceful-readlink/-/graceful-readlink-1.0.1.tgz#4cafad76bc62f02fa039b2f94e9a3dd3a391a725" - - graphql-server-core@^0.4.3: - version "0.4.3" - resolved "https://registry.yarnpkg.com/graphql-server-core/-/graphql-server-core-0.4.3.tgz#3198832ce8703388713f012da023b33a3823be98" - optionalDependencies: - typed-graphql "^1.0.2" - - graphql-server-express@^0.4.3: - version "0.4.3" - resolved "https://registry.yarnpkg.com/graphql-server-express/-/graphql-server-express-0.4.3.tgz#198674e6db4949c060b9959554d3dc4e9cc4ed9b" - dependencies: - graphql-server-core "^0.4.3" - graphql-server-module-graphiql "^0.4.3" - optionalDependencies: - "@types/express" "^4.0.33" - - graphql-server-module-graphiql@^0.4.3: - version "0.4.3" - resolved "https://registry.yarnpkg.com/graphql-server-module-graphiql/-/graphql-server-module-graphiql-0.4.3.tgz#f82b92b99bb1e1b4b285c86bf6fcfa60b3a7a805" - - graphql-server@^0.3.2: - version "0.3.2" - resolved "https://registry.yarnpkg.com/graphql-server/-/graphql-server-0.3.2.tgz#ac3299963221be784fc78a22784d2d9ab7116e5e" - dependencies: - boom "^4.0.0" - http-errors "^1.5.0" - source-map-support "^0.4.2" - - graphql-subscriptions@0.2.0: - version "0.2.0" - resolved "https://registry.yarnpkg.com/graphql-subscriptions/-/graphql-subscriptions-0.2.0.tgz#9aebf19283f797354615b263090e15246a4c6c8d" - dependencies: - es6-promise "^3.2.1" - graphql "^0.7.0" - - graphql-subscriptions@^0.1.3: - version "0.1.5" - resolved "https://registry.yarnpkg.com/graphql-subscriptions/-/graphql-subscriptions-0.1.5.tgz#603422c0a7ea3818b630751d1c9798bfa1a820ee" - dependencies: - es6-promise "^3.2.1" - graphql "^0.7.0" - - graphql-tools@^0.8.2: - version "0.8.3" - resolved "https://registry.yarnpkg.com/graphql-tools/-/graphql-tools-0.8.3.tgz#7766ec1d1cc716dde331bd7813267bda44aefa08" - dependencies: - deprecated-decorator "^0.1.6" - lodash "^4.3.0" - node-uuid "^1.4.7" - optionalDependencies: - typed-graphql "^1.0.2" - - graphql@0.7.2, graphql@^0.7.0: - version "0.7.2" - resolved "https://registry.yarnpkg.com/graphql/-/graphql-0.7.2.tgz#cc894a32823399b8a0cb012b9e9ecad35cd00f72" - dependencies: - iterall "1.0.2" - - growl@1.9.2: - version "1.9.2" - resolved "https://registry.yarnpkg.com/growl/-/growl-1.9.2.tgz#0ea7743715db8d8de2c5ede1775e1b45ac85c02f" - - gulp-sourcemaps@1.6.0: - version "1.6.0" - resolved "https://registry.yarnpkg.com/gulp-sourcemaps/-/gulp-sourcemaps-1.6.0.tgz#b86ff349d801ceb56e1d9e7dc7bbcb4b7dee600c" - dependencies: - convert-source-map "^1.1.1" - graceful-fs "^4.1.2" - strip-bom "^2.0.0" - through2 "^2.0.0" - vinyl "^1.0.0" - - har-validator@~2.0.6: - version "2.0.6" - resolved "https://registry.yarnpkg.com/har-validator/-/har-validator-2.0.6.tgz#cdcbc08188265ad119b6a5a7c8ab70eecfb5d27d" - dependencies: - chalk "^1.1.1" - commander "^2.9.0" - is-my-json-valid "^2.12.4" - pinkie-promise "^2.0.0" - - has-ansi@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/has-ansi/-/has-ansi-2.0.0.tgz#34f5049ce1ecdf2b0649af3ef24e45ed35416d91" - dependencies: - ansi-regex "^2.0.0" - - has-flag@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/has-flag/-/has-flag-1.0.0.tgz#9d9e793165ce017a00f00418c43f942a7b1d11fa" - - has-unicode@^2.0.0: - version "2.0.1" - resolved "https://registry.yarnpkg.com/has-unicode/-/has-unicode-2.0.1.tgz#e0e6fe6a28cf51138855e086d1691e771de2a8b9" - - has@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/has/-/has-1.0.1.tgz#8461733f538b0837c9361e39a9ab9e9704dc2f28" - dependencies: - function-bind "^1.0.2" - - hawk@~3.1.3: - version "3.1.3" - resolved "https://registry.yarnpkg.com/hawk/-/hawk-3.1.3.tgz#078444bd7c1640b0fe540d2c9b73d59678e8e1c4" - dependencies: - boom "2.x.x" - cryptiles "2.x.x" - hoek "2.x.x" - sntp "1.x.x" - - hoek@2.x.x: - version "2.16.3" - resolved "https://registry.yarnpkg.com/hoek/-/hoek-2.16.3.tgz#20bb7403d3cea398e91dc4710a8ff1b8274a25ed" - - hoek@4.x.x: - version "4.1.0" - resolved "https://registry.yarnpkg.com/hoek/-/hoek-4.1.0.tgz#4a4557460f69842ed463aa00628cc26d2683afa7" - - home-or-tmp@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/home-or-tmp/-/home-or-tmp-1.0.0.tgz#4b9f1e40800c3e50c6c27f781676afcce71f3985" - dependencies: - os-tmpdir "^1.0.1" - user-home "^1.1.1" - - hosted-git-info@^2.1.4: - version "2.1.5" - resolved "https://registry.yarnpkg.com/hosted-git-info/-/hosted-git-info-2.1.5.tgz#0ba81d90da2e25ab34a332e6ec77936e1598118b" - - http-errors@^1.5.0, http-errors@~1.5.0: - version "1.5.1" - resolved "https://registry.yarnpkg.com/http-errors/-/http-errors-1.5.1.tgz#788c0d2c1de2c81b9e6e8c01843b6b97eb920750" - dependencies: - inherits "2.0.3" - setprototypeof "1.0.2" - statuses ">= 1.3.1 < 2" - - http-signature@~1.1.0: - version "1.1.1" - resolved "https://registry.yarnpkg.com/http-signature/-/http-signature-1.1.1.tgz#df72e267066cd0ac67fb76adf8e134a8fbcf91bf" - dependencies: - assert-plus "^0.2.0" - jsprim "^1.2.2" - sshpk "^1.7.0" - - https-proxy-agent@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/https-proxy-agent/-/https-proxy-agent-1.0.0.tgz#35f7da6c48ce4ddbfa264891ac593ee5ff8671e6" - dependencies: - agent-base "2" - debug "2" - extend "3" - - iconv-lite@0.4.13, iconv-lite@~0.4.13: - version "0.4.13" - resolved "https://registry.yarnpkg.com/iconv-lite/-/iconv-lite-0.4.13.tgz#1f88aba4ab0b1508e8312acc39345f36e992e2f2" - - ignore-by-default@^1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/ignore-by-default/-/ignore-by-default-1.0.1.tgz#48ca6d72f6c6a3af00a9ad4ae6876be3889e2b09" - - ignore@^3.1.5: - version "3.2.0" - resolved "https://registry.yarnpkg.com/ignore/-/ignore-3.2.0.tgz#8d88f03c3002a0ac52114db25d2c673b0bf1e435" - - imurmurhash@^0.1.4: - version "0.1.4" - resolved "https://registry.yarnpkg.com/imurmurhash/-/imurmurhash-0.1.4.tgz#9218b9b2b928a238b13dc4fb6b6d576f231453ea" - - indent-string@^2.1.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/indent-string/-/indent-string-2.1.0.tgz#8e2d48348742121b4a8218b7a137e9a52049dc80" - dependencies: - repeating "^2.0.0" - - infinity-agent@^2.0.0: - version "2.0.3" - resolved "https://registry.yarnpkg.com/infinity-agent/-/infinity-agent-2.0.3.tgz#45e0e2ff7a9eb030b27d62b74b3744b7a7ac4216" - - inflight@^1.0.4: - version "1.0.6" - resolved "https://registry.yarnpkg.com/inflight/-/inflight-1.0.6.tgz#49bd6331d7d02d0c09bc910a1075ba8165b56df9" - dependencies: - once "^1.3.0" - wrappy "1" - - inherits@2, inherits@2.0.3, inherits@^2.0.1, inherits@~2.0.0, inherits@~2.0.1: - version "2.0.3" - resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.3.tgz#633c2c83e3da42a502f52466022480f4208261de" - - ini@~1.3.0: - version "1.3.4" - resolved "https://registry.yarnpkg.com/ini/-/ini-1.3.4.tgz#0537cb79daf59b59a1a517dff706c86ec039162e" - - inquirer@^0.12.0: - version "0.12.0" - resolved "https://registry.yarnpkg.com/inquirer/-/inquirer-0.12.0.tgz#1ef2bfd63504df0bc75785fff8c2c41df12f077e" - dependencies: - ansi-escapes "^1.1.0" - ansi-regex "^2.0.0" - chalk "^1.0.0" - cli-cursor "^1.0.1" - cli-width "^2.0.0" - figures "^1.3.5" - lodash "^4.3.0" - readline2 "^1.0.1" - run-async "^0.1.0" - rx-lite "^3.1.2" - string-width "^1.0.1" - strip-ansi "^3.0.0" - through "^2.3.6" - - invariant@^2.2.0: - version "2.2.2" - resolved "https://registry.yarnpkg.com/invariant/-/invariant-2.2.2.tgz#9e1f56ac0acdb6bf303306f338be3b204ae60360" - dependencies: - loose-envify "^1.0.0" - - invert-kv@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/invert-kv/-/invert-kv-1.0.0.tgz#104a8e4aaca6d3d8cd157a8ef8bfab2d7a3ffdb6" - - ipaddr.js@1.1.1: - version "1.1.1" - resolved "https://registry.yarnpkg.com/ipaddr.js/-/ipaddr.js-1.1.1.tgz#c791d95f52b29c1247d5df80ada39b8a73647230" - - is-absolute@^0.1.5: - version "0.1.7" - resolved "https://registry.yarnpkg.com/is-absolute/-/is-absolute-0.1.7.tgz#847491119fccb5fb436217cc737f7faad50f603f" - dependencies: - is-relative "^0.1.0" - - is-arrayish@^0.2.1: - version "0.2.1" - resolved "https://registry.yarnpkg.com/is-arrayish/-/is-arrayish-0.2.1.tgz#77c99840527aa8ecb1a8ba697b80645a7a926a9d" - - is-binary-path@^1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/is-binary-path/-/is-binary-path-1.0.1.tgz#75f16642b480f187a711c814161fd3a4a7655898" - dependencies: - binary-extensions "^1.0.0" - - is-buffer@^1.0.2: - version "1.1.4" - resolved "https://registry.yarnpkg.com/is-buffer/-/is-buffer-1.1.4.tgz#cfc86ccd5dc5a52fa80489111c6920c457e2d98b" - - is-builtin-module@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-builtin-module/-/is-builtin-module-1.0.0.tgz#540572d34f7ac3119f8f76c30cbc1b1e037affbe" - dependencies: - builtin-modules "^1.0.0" - - is-bzip2@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-bzip2/-/is-bzip2-1.0.0.tgz#5ee58eaa5a2e9c80e21407bedf23ae5ac091b3fc" - - is-dotfile@^1.0.0: - version "1.0.2" - resolved "https://registry.yarnpkg.com/is-dotfile/-/is-dotfile-1.0.2.tgz#2c132383f39199f8edc268ca01b9b007d205cc4d" - - is-equal-shallow@^0.1.3: - version "0.1.3" - resolved "https://registry.yarnpkg.com/is-equal-shallow/-/is-equal-shallow-0.1.3.tgz#2238098fc221de0bcfa5d9eac4c45d638aa1c534" - dependencies: - is-primitive "^2.0.0" - - is-extendable@^0.1.0, is-extendable@^0.1.1: - version "0.1.1" - resolved "https://registry.yarnpkg.com/is-extendable/-/is-extendable-0.1.1.tgz#62b110e289a471418e3ec36a617d472e301dfc89" - - is-extglob@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-extglob/-/is-extglob-1.0.0.tgz#ac468177c4943405a092fc8f29760c6ffc6206c0" - - is-extglob@^2.1.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/is-extglob/-/is-extglob-2.1.0.tgz#33411a482b046bf95e6b0cb27ee2711af4cf15ad" - - is-finite@^1.0.0: - version "1.0.2" - resolved "https://registry.yarnpkg.com/is-finite/-/is-finite-1.0.2.tgz#cc6677695602be550ef11e8b4aa6305342b6d0aa" - dependencies: - number-is-nan "^1.0.0" - - is-fullwidth-code-point@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-fullwidth-code-point/-/is-fullwidth-code-point-1.0.0.tgz#ef9e31386f031a7f0d643af82fde50c457ef00cb" - dependencies: - number-is-nan "^1.0.0" - - is-fullwidth-code-point@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/is-fullwidth-code-point/-/is-fullwidth-code-point-2.0.0.tgz#a3b30a5c4f199183167aaab93beefae3ddfb654f" - - is-glob@^2.0.0, is-glob@^2.0.1: - version "2.0.1" - resolved "https://registry.yarnpkg.com/is-glob/-/is-glob-2.0.1.tgz#d096f926a3ded5600f3fdfd91198cb0888c2d863" - dependencies: - is-extglob "^1.0.0" - - is-glob@^3.1.0: - version "3.1.0" - resolved "https://registry.yarnpkg.com/is-glob/-/is-glob-3.1.0.tgz#7ba5ae24217804ac70707b96922567486cc3e84a" - dependencies: - is-extglob "^2.1.0" - - is-gzip@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-gzip/-/is-gzip-1.0.0.tgz#6ca8b07b99c77998025900e555ced8ed80879a83" - - is-my-json-valid@^2.10.0, is-my-json-valid@^2.12.4: - version "2.15.0" - resolved "https://registry.yarnpkg.com/is-my-json-valid/-/is-my-json-valid-2.15.0.tgz#936edda3ca3c211fd98f3b2d3e08da43f7b2915b" - dependencies: - generate-function "^2.0.0" - generate-object-property "^1.1.0" - jsonpointer "^4.0.0" - xtend "^4.0.0" - - is-natural-number@^2.0.0: - version "2.1.1" - resolved "https://registry.yarnpkg.com/is-natural-number/-/is-natural-number-2.1.1.tgz#7d4c5728377ef386c3e194a9911bf57c6dc335e7" - - is-npm@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-npm/-/is-npm-1.0.0.tgz#f2fb63a65e4905b406c86072765a1a4dc793b9f4" - - is-number@^2.0.2, is-number@^2.1.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/is-number/-/is-number-2.1.0.tgz#01fcbbb393463a548f2f466cce16dece49db908f" - dependencies: - kind-of "^3.0.2" - - is-path-cwd@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-path-cwd/-/is-path-cwd-1.0.0.tgz#d225ec23132e89edd38fda767472e62e65f1106d" - - is-path-in-cwd@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-path-in-cwd/-/is-path-in-cwd-1.0.0.tgz#6477582b8214d602346094567003be8a9eac04dc" - dependencies: - is-path-inside "^1.0.0" - - is-path-inside@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-path-inside/-/is-path-inside-1.0.0.tgz#fc06e5a1683fbda13de667aff717bbc10a48f37f" - dependencies: - path-is-inside "^1.0.1" - - is-posix-bracket@^0.1.0: - version "0.1.1" - resolved "https://registry.yarnpkg.com/is-posix-bracket/-/is-posix-bracket-0.1.1.tgz#3334dc79774368e92f016e6fbc0a88f5cd6e6bc4" - - is-primitive@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/is-primitive/-/is-primitive-2.0.0.tgz#207bab91638499c07b2adf240a41a87210034575" - - is-promise@~1, is-promise@~1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/is-promise/-/is-promise-1.0.1.tgz#31573761c057e33c2e91aab9e96da08cefbe76e5" - - is-property@^1.0.0: - version "1.0.2" - resolved "https://registry.yarnpkg.com/is-property/-/is-property-1.0.2.tgz#57fe1c4e48474edd65b09911f26b1cd4095dda84" - - is-redirect@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-redirect/-/is-redirect-1.0.0.tgz#1d03dded53bd8db0f30c26e4f95d36fc7c87dc24" - - is-relative@^0.1.0: - version "0.1.3" - resolved "https://registry.yarnpkg.com/is-relative/-/is-relative-0.1.3.tgz#905fee8ae86f45b3ec614bc3c15c869df0876e82" - - is-resolvable@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-resolvable/-/is-resolvable-1.0.0.tgz#8df57c61ea2e3c501408d100fb013cf8d6e0cc62" - dependencies: - tryit "^1.0.1" - - is-stream@^1.0.0, is-stream@^1.0.1: - version "1.1.0" - resolved "https://registry.yarnpkg.com/is-stream/-/is-stream-1.1.0.tgz#12d4a3dd4e68e0b79ceb8dbc84173ae80d91ca44" - - is-tar@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-tar/-/is-tar-1.0.0.tgz#2f6b2e1792c1f5bb36519acaa9d65c0d26fe853d" - - is-typedarray@^1.0.0, is-typedarray@~1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-typedarray/-/is-typedarray-1.0.0.tgz#e479c80858df0c1b11ddda6940f96011fcda4a9a" - - is-utf8@^0.2.0: - version "0.2.1" - resolved "https://registry.yarnpkg.com/is-utf8/-/is-utf8-0.2.1.tgz#4b0da1442104d1b336340e80797e865cf39f7d72" - - is-valid-glob@^0.3.0: - version "0.3.0" - resolved "https://registry.yarnpkg.com/is-valid-glob/-/is-valid-glob-0.3.0.tgz#d4b55c69f51886f9b65c70d6c2622d37e29f48fe" - - is-zip@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-zip/-/is-zip-1.0.0.tgz#47b0a8ff4d38a76431ccfd99a8e15a4c86ba2325" - - isarray@0.0.1: - version "0.0.1" - resolved "https://registry.yarnpkg.com/isarray/-/isarray-0.0.1.tgz#8a18acfca9a8f4177e09abfc6038939b05d1eedf" - - isarray@1.0.0, isarray@^1.0.0, isarray@~1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/isarray/-/isarray-1.0.0.tgz#bb935d48582cba168c06834957a54a3e07124f11" - - isemail@1.x.x: - version "1.2.0" - resolved "https://registry.yarnpkg.com/isemail/-/isemail-1.2.0.tgz#be03df8cc3e29de4d2c5df6501263f1fa4595e9a" - - isobject@^2.0.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/isobject/-/isobject-2.1.0.tgz#f065561096a3f1da2ef46272f815c840d87e0c89" - dependencies: - isarray "1.0.0" - - isstream@0.1.x, isstream@~0.1.2: - version "0.1.2" - resolved "https://registry.yarnpkg.com/isstream/-/isstream-0.1.2.tgz#47e63f7af55afa6f92e1500e690eb8b8529c099a" - - iterall@1.0.2: - version "1.0.2" - resolved "https://registry.yarnpkg.com/iterall/-/iterall-1.0.2.tgz#41a2e96ce9eda5e61c767ee5dc312373bb046e91" - - jodid25519@^1.0.0: - version "1.0.2" - resolved "https://registry.yarnpkg.com/jodid25519/-/jodid25519-1.0.2.tgz#06d4912255093419477d425633606e0e90782967" - dependencies: - jsbn "~0.1.0" - - joi@^6.10.1: - version "6.10.1" - resolved "https://registry.yarnpkg.com/joi/-/joi-6.10.1.tgz#4d50c318079122000fe5f16af1ff8e1917b77e06" - dependencies: - hoek "2.x.x" - isemail "1.x.x" - moment "2.x.x" - topo "1.x.x" - - js-tokens@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/js-tokens/-/js-tokens-2.0.0.tgz#79903f5563ee778cc1162e6dcf1a0027c97f9cb5" - - js-yaml@^3.5.1: - version "3.7.0" - resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-3.7.0.tgz#5c967ddd837a9bfdca5f2de84253abe8a1c03b80" - dependencies: - argparse "^1.0.7" - esprima "^2.6.0" - - jsbn@~0.1.0: - version "0.1.0" - resolved "https://registry.yarnpkg.com/jsbn/-/jsbn-0.1.0.tgz#650987da0dd74f4ebf5a11377a2aa2d273e97dfd" - - jsesc@^1.3.0: - version "1.3.0" - resolved "https://registry.yarnpkg.com/jsesc/-/jsesc-1.3.0.tgz#46c3fec8c1892b12b0833db9bc7622176dbab34b" - - jsesc@~0.5.0: - version "0.5.0" - resolved "https://registry.yarnpkg.com/jsesc/-/jsesc-0.5.0.tgz#e7dee66e35d6fc16f710fe91d5cf69f70f08911d" - - json-schema@0.2.3: - version "0.2.3" - resolved "https://registry.yarnpkg.com/json-schema/-/json-schema-0.2.3.tgz#b480c892e59a2f05954ce727bd3f2a4e882f9e13" - - json-stable-stringify@^1.0.0, json-stable-stringify@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/json-stable-stringify/-/json-stable-stringify-1.0.1.tgz#9a759d39c5f2ff503fd5300646ed445f88c4f9af" - dependencies: - jsonify "~0.0.0" - - json-stringify-safe@~5.0.1: - version "5.0.1" - resolved "https://registry.yarnpkg.com/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz#1296a2d58fd45f19a0f6ce01d65701e2c735b6eb" - - json3@3.3.2: - version "3.3.2" - resolved "https://registry.yarnpkg.com/json3/-/json3-3.3.2.tgz#3c0434743df93e2f5c42aee7b19bcb483575f4e1" - - json5@^0.4.0: - version "0.4.0" - resolved "https://registry.yarnpkg.com/json5/-/json5-0.4.0.tgz#054352e4c4c80c86c0923877d449de176a732c8d" - - jsonify@~0.0.0: - version "0.0.0" - resolved "https://registry.yarnpkg.com/jsonify/-/jsonify-0.0.0.tgz#2c74b6ee41d93ca51b7b5aaee8f503631d252a73" - - jsonpointer@^4.0.0: - version "4.0.0" - resolved "https://registry.yarnpkg.com/jsonpointer/-/jsonpointer-4.0.0.tgz#6661e161d2fc445f19f98430231343722e1fcbd5" - - jsonwebtoken@^7.0.0: - version "7.3.0" - resolved "https://registry.yarnpkg.com/jsonwebtoken/-/jsonwebtoken-7.3.0.tgz#85118d6a70e3fccdf14389f4e7a1c3f9c8a9fbba" - dependencies: - joi "^6.10.1" - jws "^3.1.4" - lodash.once "^4.0.0" - ms "^0.7.1" - xtend "^4.0.1" - - jsprim@^1.2.2: - version "1.3.1" - resolved "https://registry.yarnpkg.com/jsprim/-/jsprim-1.3.1.tgz#2a7256f70412a29ee3670aaca625994c4dcff252" - dependencies: - extsprintf "1.0.2" - json-schema "0.2.3" - verror "1.3.6" - - jsx-ast-utils@^1.0.0, jsx-ast-utils@^1.3.1: - version "1.3.4" - resolved "https://registry.yarnpkg.com/jsx-ast-utils/-/jsx-ast-utils-1.3.4.tgz#0257ed1cc4b1e65b39d7d9940f9fb4f20f7ba0a9" - dependencies: - acorn-jsx "^3.0.1" - object-assign "^4.1.0" - - jwa@^1.1.4: - version "1.1.5" - resolved "https://registry.yarnpkg.com/jwa/-/jwa-1.1.5.tgz#a0552ce0220742cd52e153774a32905c30e756e5" - dependencies: - base64url "2.0.0" - buffer-equal-constant-time "1.0.1" - ecdsa-sig-formatter "1.0.9" - safe-buffer "^5.0.1" - - jws@^3.1.4: - version "3.1.4" - resolved "https://registry.yarnpkg.com/jws/-/jws-3.1.4.tgz#f9e8b9338e8a847277d6444b1464f61880e050a2" - dependencies: - base64url "^2.0.0" - jwa "^1.1.4" - safe-buffer "^5.0.1" - - jwt-simple@^0.5.1: - version "0.5.1" - resolved "https://registry.yarnpkg.com/jwt-simple/-/jwt-simple-0.5.1.tgz#79ea01891b61de6b68e13e67c0b4b5bda937b294" - - kind-of@^3.0.2: - version "3.1.0" - resolved "https://registry.yarnpkg.com/kind-of/-/kind-of-3.1.0.tgz#475d698a5e49ff5e53d14e3e732429dc8bf4cf47" - dependencies: - is-buffer "^1.0.2" - - latest-version@^1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/latest-version/-/latest-version-1.0.1.tgz#72cfc46e3e8d1be651e1ebb54ea9f6ea96f374bb" - dependencies: - package-json "^1.0.0" - - lazystream@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/lazystream/-/lazystream-1.0.0.tgz#f6995fe0f820392f61396be89462407bb77168e4" - dependencies: - readable-stream "^2.0.5" - - lcid@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/lcid/-/lcid-1.0.0.tgz#308accafa0bc483a3867b4b6f2b9506251d1b835" - dependencies: - invert-kv "^1.0.0" - - levn@^0.3.0, levn@~0.3.0: - version "0.3.0" - resolved "https://registry.yarnpkg.com/levn/-/levn-0.3.0.tgz#3b09924edf9f083c0490fdd4c0bc4421e04764ee" - dependencies: - prelude-ls "~1.1.2" - type-check "~0.3.2" - - load-json-file@^1.0.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/load-json-file/-/load-json-file-1.1.0.tgz#956905708d58b4bab4c2261b04f59f31c99374c0" - dependencies: - graceful-fs "^4.1.2" - parse-json "^2.2.0" - pify "^2.0.0" - pinkie-promise "^2.0.0" - strip-bom "^2.0.0" - - lodash._baseassign@^3.0.0: - version "3.2.0" - resolved "https://registry.yarnpkg.com/lodash._baseassign/-/lodash._baseassign-3.2.0.tgz#8c38a099500f215ad09e59f1722fd0c52bfe0a4e" - dependencies: - lodash._basecopy "^3.0.0" - lodash.keys "^3.0.0" - - lodash._basecopy@^3.0.0: - version "3.0.1" - resolved "https://registry.yarnpkg.com/lodash._basecopy/-/lodash._basecopy-3.0.1.tgz#8da0e6a876cf344c0ad8a54882111dd3c5c7ca36" - - lodash._basecreate@^3.0.0: - version "3.0.3" - resolved "https://registry.yarnpkg.com/lodash._basecreate/-/lodash._basecreate-3.0.3.tgz#1bc661614daa7fc311b7d03bf16806a0213cf821" - - lodash._bindcallback@^3.0.0: - version "3.0.1" - resolved "https://registry.yarnpkg.com/lodash._bindcallback/-/lodash._bindcallback-3.0.1.tgz#e531c27644cf8b57a99e17ed95b35c748789392e" - - lodash._createassigner@^3.0.0: - version "3.1.1" - resolved "https://registry.yarnpkg.com/lodash._createassigner/-/lodash._createassigner-3.1.1.tgz#838a5bae2fdaca63ac22dee8e19fa4e6d6970b11" - dependencies: - lodash._bindcallback "^3.0.0" - lodash._isiterateecall "^3.0.0" - lodash.restparam "^3.0.0" - - lodash._getnative@^3.0.0: - version "3.9.1" - resolved "https://registry.yarnpkg.com/lodash._getnative/-/lodash._getnative-3.9.1.tgz#570bc7dede46d61cdcde687d65d3eecbaa3aaff5" - - lodash._isiterateecall@^3.0.0: - version "3.0.9" - resolved "https://registry.yarnpkg.com/lodash._isiterateecall/-/lodash._isiterateecall-3.0.9.tgz#5203ad7ba425fae842460e696db9cf3e6aac057c" - - lodash.assign@^3.0.0: - version "3.2.0" - resolved "https://registry.yarnpkg.com/lodash.assign/-/lodash.assign-3.2.0.tgz#3ce9f0234b4b2223e296b8fa0ac1fee8ebca64fa" - dependencies: - lodash._baseassign "^3.0.0" - lodash._createassigner "^3.0.0" - lodash.keys "^3.0.0" - - lodash.cond@^4.3.0: - version "4.5.2" - resolved "https://registry.yarnpkg.com/lodash.cond/-/lodash.cond-4.5.2.tgz#f471a1da486be60f6ab955d17115523dd1d255d5" - - lodash.create@3.1.1: - version "3.1.1" - resolved "https://registry.yarnpkg.com/lodash.create/-/lodash.create-3.1.1.tgz#d7f2849f0dbda7e04682bb8cd72ab022461debe7" - dependencies: - lodash._baseassign "^3.0.0" - lodash._basecreate "^3.0.0" - lodash._isiterateecall "^3.0.0" - - lodash.defaults@^3.1.2: - version "3.1.2" - resolved "https://registry.yarnpkg.com/lodash.defaults/-/lodash.defaults-3.1.2.tgz#c7308b18dbf8bc9372d701a73493c61192bd2e2c" - dependencies: - lodash.assign "^3.0.0" - lodash.restparam "^3.0.0" - - lodash.isarguments@^3.0.0: - version "3.1.0" - resolved "https://registry.yarnpkg.com/lodash.isarguments/-/lodash.isarguments-3.1.0.tgz#2f573d85c6a24289ff00663b491c1d338ff3458a" - - lodash.isarray@^3.0.0: - version "3.0.4" - resolved "https://registry.yarnpkg.com/lodash.isarray/-/lodash.isarray-3.0.4.tgz#79e4eb88c36a8122af86f844aa9bcd851b5fbb55" - - lodash.isequal@^4.0.0: - version "4.4.0" - resolved "https://registry.yarnpkg.com/lodash.isequal/-/lodash.isequal-4.4.0.tgz#6295768e98e14dc15ce8d362ef6340db82852031" - - lodash.isobject@^3.0.2: - version "3.0.2" - resolved "https://registry.yarnpkg.com/lodash.isobject/-/lodash.isobject-3.0.2.tgz#3c8fb8d5b5bf4bf90ae06e14f2a530a4ed935e1d" - - lodash.isstring@^4.0.1: - version "4.0.1" - resolved "https://registry.yarnpkg.com/lodash.isstring/-/lodash.isstring-4.0.1.tgz#d527dfb5456eca7cc9bb95d5daeaf88ba54a5451" - - lodash.keys@^3.0.0: - version "3.1.2" - resolved "https://registry.yarnpkg.com/lodash.keys/-/lodash.keys-3.1.2.tgz#4dbc0472b156be50a0b286855d1bd0b0c656098a" - dependencies: - lodash._getnative "^3.0.0" - lodash.isarguments "^3.0.0" - lodash.isarray "^3.0.0" - - lodash.once@^4.0.0: - version "4.1.1" - resolved "https://registry.yarnpkg.com/lodash.once/-/lodash.once-4.1.1.tgz#0dd3971213c7c56df880977d504c88fb471a97ac" - - lodash.pickby@^4.6.0: - version "4.6.0" - resolved "https://registry.yarnpkg.com/lodash.pickby/-/lodash.pickby-4.6.0.tgz#7dea21d8c18d7703a27c704c15d3b84a67e33aff" - - lodash.restparam@^3.0.0: - version "3.6.1" - resolved "https://registry.yarnpkg.com/lodash.restparam/-/lodash.restparam-3.6.1.tgz#936a4e309ef330a7645ed4145986c85ae5b20805" - - lodash@4.16.4, lodash@^4.0.0, lodash@^4.15.0, lodash@^4.2.0, lodash@^4.3.0, lodash@^4.8.0: - version "4.16.4" - resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.16.4.tgz#01ce306b9bad1319f2a5528674f88297aeb70127" - - log-symbols@^1.0.2: - version "1.0.2" - resolved "https://registry.yarnpkg.com/log-symbols/-/log-symbols-1.0.2.tgz#376ff7b58ea3086a0f09facc74617eca501e1a18" - dependencies: - chalk "^1.0.0" - - loose-envify@^1.0.0: - version "1.3.0" - resolved "https://registry.yarnpkg.com/loose-envify/-/loose-envify-1.3.0.tgz#6b26248c42f6d4fa4b0d8542f78edfcde35642a8" - dependencies: - js-tokens "^2.0.0" - - loud-rejection@^1.0.0: - version "1.6.0" - resolved "https://registry.yarnpkg.com/loud-rejection/-/loud-rejection-1.6.0.tgz#5b46f80147edee578870f086d04821cf998e551f" - dependencies: - currently-unhandled "^0.4.1" - signal-exit "^3.0.0" - - lowercase-keys@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/lowercase-keys/-/lowercase-keys-1.0.0.tgz#4e3366b39e7f5457e35f1324bdf6f88d0bfc7306" - - map-obj@^1.0.0, map-obj@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/map-obj/-/map-obj-1.0.1.tgz#d933ceb9205d82bdcf4886f6742bdc2b4dea146d" - - map-stream@~0.1.0: - version "0.1.0" - resolved "https://registry.yarnpkg.com/map-stream/-/map-stream-0.1.0.tgz#e56aa94c4c8055a16404a0674b78f215f7c8e194" - - media-typer@0.3.0: - version "0.3.0" - resolved "https://registry.yarnpkg.com/media-typer/-/media-typer-0.3.0.tgz#8710d7af0aa626f8fffa1ce00168545263255748" - - meow@^3.5.0: - version "3.7.0" - resolved "https://registry.yarnpkg.com/meow/-/meow-3.7.0.tgz#72cb668b425228290abbfa856892587308a801fb" - dependencies: - camelcase-keys "^2.0.0" - decamelize "^1.1.2" - loud-rejection "^1.0.0" - map-obj "^1.0.1" - minimist "^1.1.3" - normalize-package-data "^2.3.4" - object-assign "^4.0.1" - read-pkg-up "^1.0.1" - redent "^1.0.0" - trim-newlines "^1.0.0" - - merge-descriptors@1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/merge-descriptors/-/merge-descriptors-1.0.1.tgz#b00aaa556dd8b44568150ec9d1b953f3f90cbb61" - - merge-stream@^1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/merge-stream/-/merge-stream-1.0.1.tgz#4041202d508a342ba00174008df0c251b8c135e1" - dependencies: - readable-stream "^2.0.1" - - methods@~1.1.2: - version "1.1.2" - resolved "https://registry.yarnpkg.com/methods/-/methods-1.1.2.tgz#5529a4d67654134edcc5266656835b0f851afcee" - - micromatch@^2.1.5, micromatch@^2.3.7: - version "2.3.11" - resolved "https://registry.yarnpkg.com/micromatch/-/micromatch-2.3.11.tgz#86677c97d1720b363431d04d0d15293bd38c1565" - dependencies: - arr-diff "^2.0.0" - array-unique "^0.2.1" - braces "^1.8.2" - expand-brackets "^0.1.4" - extglob "^0.3.1" - filename-regex "^2.0.0" - is-extglob "^1.0.0" - is-glob "^2.0.1" - kind-of "^3.0.2" - normalize-path "^2.0.1" - object.omit "^2.0.0" - parse-glob "^3.0.4" - regex-cache "^0.4.2" - - mime-db@~1.25.0: - version "1.25.0" - resolved "https://registry.yarnpkg.com/mime-db/-/mime-db-1.25.0.tgz#c18dbd7c73a5dbf6f44a024dc0d165a1e7b1c392" - - mime-types@^2.1.12, mime-types@~2.1.11, mime-types@~2.1.13, mime-types@~2.1.7: - version "2.1.13" - resolved "https://registry.yarnpkg.com/mime-types/-/mime-types-2.1.13.tgz#e07aaa9c6c6b9a7ca3012c69003ad25a39e92a88" - dependencies: - mime-db "~1.25.0" - - mime@1.3.4: - version "1.3.4" - resolved "https://registry.yarnpkg.com/mime/-/mime-1.3.4.tgz#115f9e3b6b3daf2959983cb38f149a2d40eb5d53" - - "minimatch@2 || 3", minimatch@^3.0.0, minimatch@^3.0.2, minimatch@^3.0.3: - version "3.0.3" - resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-3.0.3.tgz#2a4e4090b96b2db06a9d7df01055a62a77c9b774" - dependencies: - brace-expansion "^1.0.0" - - minimist@0.0.8: - version "0.0.8" - resolved "https://registry.yarnpkg.com/minimist/-/minimist-0.0.8.tgz#857fcabfc3397d2625b8228262e86aa7a011b05d" - - minimist@^1.1.0, minimist@^1.1.3, minimist@^1.2.0: - version "1.2.0" - resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.0.tgz#a35008b20f41383eec1fb914f4cd5df79a264284" - - mkdirp@0.5.1, "mkdirp@>=0.5 0", mkdirp@^0.5.0, mkdirp@^0.5.1, mkdirp@~0.5.1: - version "0.5.1" - resolved "https://registry.yarnpkg.com/mkdirp/-/mkdirp-0.5.1.tgz#30057438eac6cf7f8c4767f38648d6697d75c903" - dependencies: - minimist "0.0.8" - - mocha@^3.1.2: - version "3.2.0" - resolved "https://registry.yarnpkg.com/mocha/-/mocha-3.2.0.tgz#7dc4f45e5088075171a68896814e6ae9eb7a85e3" - dependencies: - browser-stdout "1.3.0" - commander "2.9.0" - debug "2.2.0" - diff "1.4.0" - escape-string-regexp "1.0.5" - glob "7.0.5" - growl "1.9.2" - json3 "3.3.2" - lodash.create "3.1.1" - mkdirp "0.5.1" - supports-color "3.1.2" - - moment@2.x.x: - version "2.17.1" - resolved "https://registry.yarnpkg.com/moment/-/moment-2.17.1.tgz#fed9506063f36b10f066c8b59a144d7faebe1d82" - - mongo-find-by-ids@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/mongo-find-by-ids/-/mongo-find-by-ids-1.0.0.tgz#c4e7a108e2b9fb98f59eb8be5d3801b2bfb52222" - - mongodb-core@2.1.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/mongodb-core/-/mongodb-core-2.1.0.tgz#49a5edf476f6cc16c4ff7d423802a88080d992fb" - dependencies: - bson "~1.0.0" - require_optional "~1.0.0" - - mongodb-download@^1.3.2: - version "1.3.2" - resolved "https://registry.yarnpkg.com/mongodb-download/-/mongodb-download-1.3.2.tgz#0a2e8868eaea6c18e2a7f7cb7c8048ff10809337" - dependencies: - debug "^2.2.0" - getos "^2.7.0" - yargs "^3.26.0" - - mongodb-prebuilt@^5.0.7: - version "5.0.8" - resolved "https://registry.yarnpkg.com/mongodb-prebuilt/-/mongodb-prebuilt-5.0.8.tgz#82eb96336688888c3a614efbf6c5613fb656fbed" - dependencies: - debug "^2.2.0" - decompress "^3.0.0" - https-proxy-agent "^1.0.0" - mongodb-download "^1.3.2" - spawn-sync "1.0.15" - yargs "^3.26.0" - - mongodb@^2.2.11: - version "2.2.13" - resolved "https://registry.yarnpkg.com/mongodb/-/mongodb-2.2.13.tgz#f74315fbf64450265f920481fc7f17491b056b8a" - dependencies: - es6-promise "3.2.1" - mongodb-core "2.1.0" - readable-stream "2.1.5" - - morgan@^1.8.2: - version "1.8.2" - resolved "https://registry.yarnpkg.com/morgan/-/morgan-1.8.2.tgz#784ac7734e4a453a9c6e6e8680a9329275c8b687" - dependencies: - basic-auth "~1.1.0" - debug "2.6.8" - depd "~1.1.0" - on-finished "~2.3.0" - on-headers "~1.0.1" - - ms@0.7.1, ms@^0.7.1: - version "0.7.1" - resolved "https://registry.yarnpkg.com/ms/-/ms-0.7.1.tgz#9cd13c03adbff25b65effde7ce864ee952017098" - - ms@2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/ms/-/ms-2.0.0.tgz#5608aeadfc00be6c2901df5f9861788de0d597c8" - - mute-stream@0.0.5: - version "0.0.5" - resolved "https://registry.yarnpkg.com/mute-stream/-/mute-stream-0.0.5.tgz#8fbfabb0a98a253d3184331f9e8deb7372fac6c0" - - nan@2.5.0, nan@^2.3.0, nan@^2.3.3: - version "2.5.0" - resolved "https://registry.yarnpkg.com/nan/-/nan-2.5.0.tgz#aa8f1e34531d807e9e27755b234b4a6ec0c152a8" - - natural-compare@^1.4.0: - version "1.4.0" - resolved "https://registry.yarnpkg.com/natural-compare/-/natural-compare-1.4.0.tgz#4abebfeed7541f2c27acfb29bdbbd15c8d5ba4f7" - - negotiator@0.6.1: - version "0.6.1" - resolved "https://registry.yarnpkg.com/negotiator/-/negotiator-0.6.1.tgz#2b327184e8992101177b28563fb5e7102acd0ca9" - - nested-error-stacks@^1.0.0: - version "1.0.2" - resolved "https://registry.yarnpkg.com/nested-error-stacks/-/nested-error-stacks-1.0.2.tgz#19f619591519f096769a5ba9a86e6eeec823c3cf" - dependencies: - inherits "~2.0.1" - - node-fetch@^1.6.3: - version "1.6.3" - resolved "https://registry.yarnpkg.com/node-fetch/-/node-fetch-1.6.3.tgz#dc234edd6489982d58e8f0db4f695029abcd8c04" - dependencies: - encoding "^0.1.11" - is-stream "^1.0.1" - - node-pre-gyp@0.6.32, node-pre-gyp@^0.6.29: - version "0.6.32" - resolved "https://registry.yarnpkg.com/node-pre-gyp/-/node-pre-gyp-0.6.32.tgz#fc452b376e7319b3d255f5f34853ef6fd8fe1fd5" - dependencies: - mkdirp "~0.5.1" - nopt "~3.0.6" - npmlog "^4.0.1" - rc "~1.1.6" - request "^2.79.0" - rimraf "~2.5.4" - semver "~5.3.0" - tar "~2.2.1" - tar-pack "~3.3.0" - - node-static@0.5.9: - version "0.5.9" - resolved "https://registry.yarnpkg.com/node-static/-/node-static-0.5.9.tgz#2f5bf30949e1735958266c269413aebce8cbe899" - - node-uuid@^1.4.7: - version "1.4.7" - resolved "https://registry.yarnpkg.com/node-uuid/-/node-uuid-1.4.7.tgz#6da5a17668c4b3dd59623bda11cf7fa4c1f60a6f" - - nodeify@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/nodeify/-/nodeify-1.0.1.tgz#64ab69a7bdbaf03ce107b4f0335c87c0b9e91b1d" - dependencies: - is-promise "~1.0.0" - promise "~1.3.0" - - nodemon@1.11.0: - version "1.11.0" - resolved "https://registry.yarnpkg.com/nodemon/-/nodemon-1.11.0.tgz#226c562bd2a7b13d3d7518b49ad4828a3623d06c" - dependencies: - chokidar "^1.4.3" - debug "^2.2.0" - es6-promise "^3.0.2" - ignore-by-default "^1.0.0" - lodash.defaults "^3.1.2" - minimatch "^3.0.0" - ps-tree "^1.0.1" - touch "1.0.0" - undefsafe "0.0.3" - update-notifier "0.5.0" - - nopt@~1.0.10: - version "1.0.10" - resolved "https://registry.yarnpkg.com/nopt/-/nopt-1.0.10.tgz#6ddd21bd2a31417b92727dd585f8a6f37608ebee" - dependencies: - abbrev "1" - - nopt@~3.0.6: - version "3.0.6" - resolved "https://registry.yarnpkg.com/nopt/-/nopt-3.0.6.tgz#c6465dbf08abcd4db359317f79ac68a646b28ff9" - dependencies: - abbrev "1" - - normalize-package-data@^2.3.2, normalize-package-data@^2.3.4: - version "2.3.5" - resolved "https://registry.yarnpkg.com/normalize-package-data/-/normalize-package-data-2.3.5.tgz#8d924f142960e1777e7ffe170543631cc7cb02df" - dependencies: - hosted-git-info "^2.1.4" - is-builtin-module "^1.0.0" - semver "2 || 3 || 4 || 5" - validate-npm-package-license "^3.0.1" - - normalize-path@^2.0.1: - version "2.0.1" - resolved "https://registry.yarnpkg.com/normalize-path/-/normalize-path-2.0.1.tgz#47886ac1662760d4261b7d979d241709d3ce3f7a" - - npmlog@^4.0.1: - version "4.0.1" - resolved "https://registry.yarnpkg.com/npmlog/-/npmlog-4.0.1.tgz#d14f503b4cd79710375553004ba96e6662fbc0b8" - dependencies: - are-we-there-yet "~1.1.2" - console-control-strings "~1.1.0" - gauge "~2.7.1" - set-blocking "~2.0.0" - - number-is-nan@^1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/number-is-nan/-/number-is-nan-1.0.1.tgz#097b602b53422a522c1afb8790318336941a011d" - - oauth-sign@~0.8.1: - version "0.8.2" - resolved "https://registry.yarnpkg.com/oauth-sign/-/oauth-sign-0.8.2.tgz#46a6ab7f0aead8deae9ec0565780b7d4efeb9d43" - - object-assign@^2.0.0: - version "2.1.1" - resolved "https://registry.yarnpkg.com/object-assign/-/object-assign-2.1.1.tgz#43c36e5d569ff8e4816c4efa8be02d26967c18aa" - - object-assign@^3.0.0: - version "3.0.0" - resolved "https://registry.yarnpkg.com/object-assign/-/object-assign-3.0.0.tgz#9bedd5ca0897949bca47e7ff408062d549f587f2" - - object-assign@^4.0.0, object-assign@^4.0.1, object-assign@^4.1.0: - version "4.1.0" - resolved "https://registry.yarnpkg.com/object-assign/-/object-assign-4.1.0.tgz#7a3b3d0e98063d43f4c03f2e8ae6cd51a86883a0" - - object.omit@^2.0.0: - version "2.0.1" - resolved "https://registry.yarnpkg.com/object.omit/-/object.omit-2.0.1.tgz#1a9c744829f39dbb858c76ca3579ae2a54ebd1fa" - dependencies: - for-own "^0.1.4" - is-extendable "^0.1.1" - - on-finished@~2.3.0: - version "2.3.0" - resolved "https://registry.yarnpkg.com/on-finished/-/on-finished-2.3.0.tgz#20f1336481b083cd75337992a16971aa2d906947" - dependencies: - ee-first "1.1.1" - - on-headers@~1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/on-headers/-/on-headers-1.0.1.tgz#928f5d0f470d49342651ea6794b0857c100693f7" - - once@^1.3.0: - version "1.4.0" - resolved "https://registry.yarnpkg.com/once/-/once-1.4.0.tgz#583b1aa775961d4b113ac17d9c50baef9dd76bd1" - dependencies: - wrappy "1" - - once@~1.3.0, once@~1.3.3: - version "1.3.3" - resolved "https://registry.yarnpkg.com/once/-/once-1.3.3.tgz#b2e261557ce4c314ec8304f3fa82663e4297ca20" - dependencies: - wrappy "1" - - onetime@^1.0.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/onetime/-/onetime-1.1.0.tgz#a1f7838f8314c516f05ecefcbc4ccfe04b4ed789" - - optionator@^0.8.2: - version "0.8.2" - resolved "https://registry.yarnpkg.com/optionator/-/optionator-0.8.2.tgz#364c5e409d3f4d6301d6c0b4c05bba50180aeb64" - dependencies: - deep-is "~0.1.3" - fast-levenshtein "~2.0.4" - levn "~0.3.0" - prelude-ls "~1.1.2" - type-check "~0.3.2" - wordwrap "~1.0.0" - - ordered-read-streams@^0.3.0: - version "0.3.0" - resolved "https://registry.yarnpkg.com/ordered-read-streams/-/ordered-read-streams-0.3.0.tgz#7137e69b3298bb342247a1bbee3881c80e2fd78b" - dependencies: - is-stream "^1.0.1" - readable-stream "^2.0.1" - - os-homedir@^1.0.0: - version "1.0.2" - resolved "https://registry.yarnpkg.com/os-homedir/-/os-homedir-1.0.2.tgz#ffbc4988336e0e833de0c168c7ef152121aa7fb3" - - os-locale@^1.4.0: - version "1.4.0" - resolved "https://registry.yarnpkg.com/os-locale/-/os-locale-1.4.0.tgz#20f9f17ae29ed345e8bde583b13d2009803c14d9" - dependencies: - lcid "^1.0.0" - - os-shim@^0.1.2: - version "0.1.3" - resolved "https://registry.yarnpkg.com/os-shim/-/os-shim-0.1.3.tgz#6b62c3791cf7909ea35ed46e17658bb417cb3917" - - os-tmpdir@^1.0.0, os-tmpdir@^1.0.1: - version "1.0.2" - resolved "https://registry.yarnpkg.com/os-tmpdir/-/os-tmpdir-1.0.2.tgz#bbe67406c79aa85c5cfec766fe5734555dfa1274" - - osenv@^0.1.0: - version "0.1.3" - resolved "https://registry.yarnpkg.com/osenv/-/osenv-0.1.3.tgz#83cf05c6d6458fc4d5ac6362ea325d92f2754217" - dependencies: - os-homedir "^1.0.0" - os-tmpdir "^1.0.0" - - output-file-sync@^1.1.0: - version "1.1.2" - resolved "https://registry.yarnpkg.com/output-file-sync/-/output-file-sync-1.1.2.tgz#d0a33eefe61a205facb90092e826598d5245ce76" - dependencies: - graceful-fs "^4.1.4" - mkdirp "^0.5.1" - object-assign "^4.1.0" - - package-json@^1.0.0: - version "1.2.0" - resolved "https://registry.yarnpkg.com/package-json/-/package-json-1.2.0.tgz#c8ecac094227cdf76a316874ed05e27cc939a0e0" - dependencies: - got "^3.2.0" - registry-url "^3.0.0" - - parse-glob@^3.0.4: - version "3.0.4" - resolved "https://registry.yarnpkg.com/parse-glob/-/parse-glob-3.0.4.tgz#b2c376cfb11f35513badd173ef0bb6e3a388391c" - dependencies: - glob-base "^0.3.0" - is-dotfile "^1.0.0" - is-extglob "^1.0.0" - is-glob "^2.0.0" - - parse-json@^2.2.0: - version "2.2.0" - resolved "https://registry.yarnpkg.com/parse-json/-/parse-json-2.2.0.tgz#f480f40434ef80741f8469099f8dea18f55a4dc9" - dependencies: - error-ex "^1.2.0" - - parseurl@~1.3.1: - version "1.3.1" - resolved "https://registry.yarnpkg.com/parseurl/-/parseurl-1.3.1.tgz#c8ab8c9223ba34888aa64a297b28853bec18da56" - - passport-jwt@^2.2.1: - version "2.2.1" - resolved "https://registry.yarnpkg.com/passport-jwt/-/passport-jwt-2.2.1.tgz#0e004c94071319d673d9d9bcfd1574a868011527" - dependencies: - jsonwebtoken "^7.0.0" - passport-strategy "^1.0.0" - - passport-strategy@1.x.x, passport-strategy@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/passport-strategy/-/passport-strategy-1.0.0.tgz#b5539aa8fc225a3d1ad179476ddf236b440f52e4" - - passport@^0.3.2: - version "0.3.2" - resolved "https://registry.yarnpkg.com/passport/-/passport-0.3.2.tgz#9dd009f915e8fe095b0124a01b8f82da07510102" - dependencies: - passport-strategy "1.x.x" - pause "0.0.1" - - path-dirname@^1.0.0: - version "1.0.2" - resolved "https://registry.yarnpkg.com/path-dirname/-/path-dirname-1.0.2.tgz#cc33d24d525e099a5388c0336c6e32b9160609e0" - - path-exists@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/path-exists/-/path-exists-1.0.0.tgz#d5a8998eb71ef37a74c34eb0d9eba6e878eea081" - - path-exists@^2.0.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/path-exists/-/path-exists-2.1.0.tgz#0feb6c64f0fc518d9a754dd5efb62c7022761f4b" - dependencies: - pinkie-promise "^2.0.0" - - path-is-absolute@^1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/path-is-absolute/-/path-is-absolute-1.0.1.tgz#174b9268735534ffbc7ace6bf53a5a9e1b5c5f5f" - - path-is-inside@^1.0.1: - version "1.0.2" - resolved "https://registry.yarnpkg.com/path-is-inside/-/path-is-inside-1.0.2.tgz#365417dede44430d1c11af61027facf074bdfc53" - - path-to-regexp@0.1.7: - version "0.1.7" - resolved "https://registry.yarnpkg.com/path-to-regexp/-/path-to-regexp-0.1.7.tgz#df604178005f522f15eb4490e7247a1bfaa67f8c" - - path-type@^1.0.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/path-type/-/path-type-1.1.0.tgz#59c44f7ee491da704da415da5a4070ba4f8fe441" - dependencies: - graceful-fs "^4.1.2" - pify "^2.0.0" - pinkie-promise "^2.0.0" - - pause-stream@0.0.11: - version "0.0.11" - resolved "https://registry.yarnpkg.com/pause-stream/-/pause-stream-0.0.11.tgz#fe5a34b0cbce12b5aa6a2b403ee2e73b602f1445" - dependencies: - through "~2.3" - - pause@0.0.1: - version "0.0.1" - resolved "https://registry.yarnpkg.com/pause/-/pause-0.0.1.tgz#1d408b3fdb76923b9543d96fb4c9dfd535d9cb5d" - - pend@~1.2.0: - version "1.2.0" - resolved "https://registry.yarnpkg.com/pend/-/pend-1.2.0.tgz#7a57eb550a6783f9115331fcf4663d5c8e007a50" - - pify@^2.0.0: - version "2.3.0" - resolved "https://registry.yarnpkg.com/pify/-/pify-2.3.0.tgz#ed141a6ac043a849ea588498e7dca8b15330e90c" - - pinkie-promise@^2.0.0: - version "2.0.1" - resolved "https://registry.yarnpkg.com/pinkie-promise/-/pinkie-promise-2.0.1.tgz#2135d6dfa7a358c069ac9b178776288228450ffa" - dependencies: - pinkie "^2.0.0" - - pinkie@^2.0.0: - version "2.0.4" - resolved "https://registry.yarnpkg.com/pinkie/-/pinkie-2.0.4.tgz#72556b80cfa0d48a974e80e77248e80ed4f7f870" - - pkg-dir@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/pkg-dir/-/pkg-dir-1.0.0.tgz#7a4b508a8d5bb2d629d447056ff4e9c9314cf3d4" - dependencies: - find-up "^1.0.0" - - pkg-up@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/pkg-up/-/pkg-up-1.0.0.tgz#3e08fb461525c4421624a33b9f7e6d0af5b05a26" - dependencies: - find-up "^1.0.0" - - pluralize@^1.2.1: - version "1.2.1" - resolved "https://registry.yarnpkg.com/pluralize/-/pluralize-1.2.1.tgz#d1a21483fd22bb41e58a12fa3421823140897c45" - - prelude-ls@~1.1.2: - version "1.1.2" - resolved "https://registry.yarnpkg.com/prelude-ls/-/prelude-ls-1.1.2.tgz#21932a549f5e52ffd9a827f570e04be62a97da54" - - prepend-http@^1.0.0: - version "1.0.4" - resolved "https://registry.yarnpkg.com/prepend-http/-/prepend-http-1.0.4.tgz#d4f4562b0ce3696e41ac52d0e002e57a635dc6dc" - - preserve@^0.2.0: - version "0.2.0" - resolved "https://registry.yarnpkg.com/preserve/-/preserve-0.2.0.tgz#815ed1f6ebc65926f865b310c0713bcb3315ce4b" - - private@^0.1.6, private@~0.1.5: - version "0.1.6" - resolved "https://registry.yarnpkg.com/private/-/private-0.1.6.tgz#55c6a976d0f9bafb9924851350fe47b9b5fbb7c1" - - process-nextick-args@~1.0.6: - version "1.0.7" - resolved "https://registry.yarnpkg.com/process-nextick-args/-/process-nextick-args-1.0.7.tgz#150e20b756590ad3f91093f25a4f2ad8bff30ba3" - - progress@^1.1.8: - version "1.1.8" - resolved "https://registry.yarnpkg.com/progress/-/progress-1.1.8.tgz#e260c78f6161cdd9b0e56cc3e0a85de17c7a57be" - - promise@~1.3.0: - version "1.3.0" - resolved "https://registry.yarnpkg.com/promise/-/promise-1.3.0.tgz#e5cc9a4c8278e4664ffedc01c7da84842b040175" - dependencies: - is-promise "~1" - - proxy-addr@~1.1.2: - version "1.1.2" - resolved "https://registry.yarnpkg.com/proxy-addr/-/proxy-addr-1.1.2.tgz#b4cc5f22610d9535824c123aef9d3cf73c40ba37" - dependencies: - forwarded "~0.1.0" - ipaddr.js "1.1.1" - - ps-tree@^1.0.1: - version "1.1.0" - resolved "https://registry.yarnpkg.com/ps-tree/-/ps-tree-1.1.0.tgz#b421b24140d6203f1ed3c76996b4427b08e8c014" - dependencies: - event-stream "~3.3.0" - - punycode@^1.4.1: - version "1.4.1" - resolved "https://registry.yarnpkg.com/punycode/-/punycode-1.4.1.tgz#c0d5a63b2718800ad8e1eb0fa5269c84dd41845e" - - qs@6.2.0: - version "6.2.0" - resolved "https://registry.yarnpkg.com/qs/-/qs-6.2.0.tgz#3b7848c03c2dece69a9522b0fae8c4126d745f3b" - - qs@~6.3.0: - version "6.3.0" - resolved "https://registry.yarnpkg.com/qs/-/qs-6.3.0.tgz#f403b264f23bc01228c74131b407f18d5ea5d442" - - random-bytes@~1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/random-bytes/-/random-bytes-1.0.0.tgz#4f68a1dc0ae58bd3fb95848c30324db75d64360b" - - randomatic@^1.1.3: - version "1.1.6" - resolved "https://registry.yarnpkg.com/randomatic/-/randomatic-1.1.6.tgz#110dcabff397e9dcff7c0789ccc0a49adf1ec5bb" - dependencies: - is-number "^2.0.2" - kind-of "^3.0.2" - - range-parser@~1.2.0: - version "1.2.0" - resolved "https://registry.yarnpkg.com/range-parser/-/range-parser-1.2.0.tgz#f49be6b487894ddc40dcc94a322f611092e00d5e" - - raw-body@~2.1.7: - version "2.1.7" - resolved "https://registry.yarnpkg.com/raw-body/-/raw-body-2.1.7.tgz#adfeace2e4fb3098058014d08c072dcc59758774" - dependencies: - bytes "2.4.0" - iconv-lite "0.4.13" - unpipe "1.0.0" - - rc@^1.0.1, rc@~1.1.6: - version "1.1.6" - resolved "https://registry.yarnpkg.com/rc/-/rc-1.1.6.tgz#43651b76b6ae53b5c802f1151fa3fc3b059969c9" - dependencies: - deep-extend "~0.4.0" - ini "~1.3.0" - minimist "^1.2.0" - strip-json-comments "~1.0.4" - - read-all-stream@^3.0.0: - version "3.1.0" - resolved "https://registry.yarnpkg.com/read-all-stream/-/read-all-stream-3.1.0.tgz#35c3e177f2078ef789ee4bfafa4373074eaef4fa" - dependencies: - pinkie-promise "^2.0.0" - readable-stream "^2.0.0" - - read-pkg-up@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/read-pkg-up/-/read-pkg-up-1.0.1.tgz#9d63c13276c065918d57f002a57f40a1b643fb02" - dependencies: - find-up "^1.0.0" - read-pkg "^1.0.0" - - read-pkg@^1.0.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/read-pkg/-/read-pkg-1.1.0.tgz#f5ffaa5ecd29cb31c0474bca7d756b6bb29e3f28" - dependencies: - load-json-file "^1.0.0" - normalize-package-data "^2.3.2" - path-type "^1.0.0" - - readable-stream@2.1.5, readable-stream@^2.0.0, "readable-stream@^2.0.0 || ^1.1.13", readable-stream@^2.0.1, readable-stream@^2.0.2, readable-stream@^2.0.4, readable-stream@^2.0.5, readable-stream@^2.1.5, readable-stream@~2.1.4: - version "2.1.5" - resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.1.5.tgz#66fa8b720e1438b364681f2ad1a63c618448c9d0" - dependencies: - buffer-shims "^1.0.0" - core-util-is "~1.0.0" - inherits "~2.0.1" - isarray "~1.0.0" - process-nextick-args "~1.0.6" - string_decoder "~0.10.x" - util-deprecate "~1.0.1" - - "readable-stream@>=1.0.33-1 <1.1.0-0": - version "1.0.34" - resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-1.0.34.tgz#125820e34bc842d2f2aaafafe4c2916ee32c157c" - dependencies: - core-util-is "~1.0.0" - inherits "~2.0.1" - isarray "0.0.1" - string_decoder "~0.10.x" - - readable-stream@~2.0.0, readable-stream@~2.0.5: - version "2.0.6" - resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.0.6.tgz#8f90341e68a53ccc928788dacfcd11b36eb9b78e" - dependencies: - core-util-is "~1.0.0" - inherits "~2.0.1" - isarray "~1.0.0" - process-nextick-args "~1.0.6" - string_decoder "~0.10.x" - util-deprecate "~1.0.1" - - readdirp@^2.0.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/readdirp/-/readdirp-2.1.0.tgz#4ed0ad060df3073300c48440373f72d1cc642d78" - dependencies: - graceful-fs "^4.1.2" - minimatch "^3.0.2" - readable-stream "^2.0.2" - set-immediate-shim "^1.0.1" - - readline2@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/readline2/-/readline2-1.0.1.tgz#41059608ffc154757b715d9989d199ffbf372e35" - dependencies: - code-point-at "^1.0.0" - is-fullwidth-code-point "^1.0.0" - mute-stream "0.0.5" - - redent@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/redent/-/redent-1.0.0.tgz#cf916ab1fd5f1f16dfb20822dd6ec7f730c2afde" - dependencies: - indent-string "^2.1.0" - strip-indent "^1.0.1" - - regenerate@^1.2.1: - version "1.3.2" - resolved "https://registry.yarnpkg.com/regenerate/-/regenerate-1.3.2.tgz#d1941c67bad437e1be76433add5b385f95b19260" - - regenerator-runtime@^0.9.5: - version "0.9.6" - resolved "https://registry.yarnpkg.com/regenerator-runtime/-/regenerator-runtime-0.9.6.tgz#d33eb95d0d2001a4be39659707c51b0cb71ce029" - - regex-cache@^0.4.2: - version "0.4.3" - resolved "https://registry.yarnpkg.com/regex-cache/-/regex-cache-0.4.3.tgz#9b1a6c35d4d0dfcef5711ae651e8e9d3d7114145" - dependencies: - is-equal-shallow "^0.1.3" - is-primitive "^2.0.0" - - regexpu-core@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/regexpu-core/-/regexpu-core-2.0.0.tgz#49d038837b8dcf8bfa5b9a42139938e6ea2ae240" - dependencies: - regenerate "^1.2.1" - regjsgen "^0.2.0" - regjsparser "^0.1.4" - - registry-url@^3.0.0: - version "3.1.0" - resolved "https://registry.yarnpkg.com/registry-url/-/registry-url-3.1.0.tgz#3d4ef870f73dde1d77f0cf9a381432444e174942" - dependencies: - rc "^1.0.1" - - regjsgen@^0.2.0: - version "0.2.0" - resolved "https://registry.yarnpkg.com/regjsgen/-/regjsgen-0.2.0.tgz#6c016adeac554f75823fe37ac05b92d5a4edb1f7" - - regjsparser@^0.1.4: - version "0.1.5" - resolved "https://registry.yarnpkg.com/regjsparser/-/regjsparser-0.1.5.tgz#7ee8f84dc6fa792d3fd0ae228d24bd949ead205c" - dependencies: - jsesc "~0.5.0" - - repeat-element@^1.1.2: - version "1.1.2" - resolved "https://registry.yarnpkg.com/repeat-element/-/repeat-element-1.1.2.tgz#ef089a178d1483baae4d93eb98b4f9e4e11d990a" - - repeat-string@^1.5.2: - version "1.6.1" - resolved "https://registry.yarnpkg.com/repeat-string/-/repeat-string-1.6.1.tgz#8dcae470e1c88abc2d600fff4a776286da75e637" - - repeating@^1.1.2: - version "1.1.3" - resolved "https://registry.yarnpkg.com/repeating/-/repeating-1.1.3.tgz#3d4114218877537494f97f77f9785fab810fa4ac" - dependencies: - is-finite "^1.0.0" - - repeating@^2.0.0: - version "2.0.1" - resolved "https://registry.yarnpkg.com/repeating/-/repeating-2.0.1.tgz#5214c53a926d3552707527fbab415dbc08d06dda" - dependencies: - is-finite "^1.0.0" - - replace-ext@0.0.1: - version "0.0.1" - resolved "https://registry.yarnpkg.com/replace-ext/-/replace-ext-0.0.1.tgz#29bbd92078a739f0bcce2b4ee41e837953522924" - - request@^2.65.0, request@^2.79.0: - version "2.79.0" - resolved "https://registry.yarnpkg.com/request/-/request-2.79.0.tgz#4dfe5bf6be8b8cdc37fcf93e04b65577722710de" - dependencies: - aws-sign2 "~0.6.0" - aws4 "^1.2.1" - caseless "~0.11.0" - combined-stream "~1.0.5" - extend "~3.0.0" - forever-agent "~0.6.1" - form-data "~2.1.1" - har-validator "~2.0.6" - hawk "~3.1.3" - http-signature "~1.1.0" - is-typedarray "~1.0.0" - isstream "~0.1.2" - json-stringify-safe "~5.0.1" - mime-types "~2.1.7" - oauth-sign "~0.8.1" - qs "~6.3.0" - stringstream "~0.0.4" - tough-cookie "~2.3.0" - tunnel-agent "~0.4.1" - uuid "^3.0.0" - - require-uncached@^1.0.2: - version "1.0.3" - resolved "https://registry.yarnpkg.com/require-uncached/-/require-uncached-1.0.3.tgz#4e0d56d6c9662fd31e43011c4b95aa49955421d3" - dependencies: - caller-path "^0.1.0" - resolve-from "^1.0.0" - - require_optional@~1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/require_optional/-/require_optional-1.0.0.tgz#52a86137a849728eb60a55533617f8f914f59abf" - dependencies: - resolve-from "^2.0.0" - semver "^5.1.0" - - resolve-from@^1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/resolve-from/-/resolve-from-1.0.1.tgz#26cbfe935d1aeeeabb29bc3fe5aeb01e93d44226" - - resolve-from@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/resolve-from/-/resolve-from-2.0.0.tgz#9480ab20e94ffa1d9e80a804c7ea147611966b57" - - resolve@^1.1.6: - version "1.1.7" - resolved "https://registry.yarnpkg.com/resolve/-/resolve-1.1.7.tgz#203114d82ad2c5ed9e8e0411b3932875e889e97b" - - restore-cursor@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/restore-cursor/-/restore-cursor-1.0.1.tgz#34661f46886327fed2991479152252df92daa541" - dependencies: - exit-hook "^1.0.0" - onetime "^1.0.0" - - rimraf@2, rimraf@^2.2.8, rimraf@~2.5.1, rimraf@~2.5.4: - version "2.5.4" - resolved "https://registry.yarnpkg.com/rimraf/-/rimraf-2.5.4.tgz#96800093cbf1a0c86bd95b4625467535c29dfa04" - dependencies: - glob "^7.0.5" - - run-async@^0.1.0: - version "0.1.0" - resolved "https://registry.yarnpkg.com/run-async/-/run-async-0.1.0.tgz#c8ad4a5e110661e402a7d21b530e009f25f8e389" - dependencies: - once "^1.3.0" - - rx-lite@^3.1.2: - version "3.1.2" - resolved "https://registry.yarnpkg.com/rx-lite/-/rx-lite-3.1.2.tgz#19ce502ca572665f3b647b10939f97fd1615f102" - - safe-buffer@^5.0.1: - version "5.0.1" - resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.0.1.tgz#d263ca54696cd8a306b5ca6551e92de57918fbe7" - - seek-bzip@^1.0.3: - version "1.0.5" - resolved "https://registry.yarnpkg.com/seek-bzip/-/seek-bzip-1.0.5.tgz#cfe917cb3d274bcffac792758af53173eb1fabdc" - dependencies: - commander "~2.8.1" - - semver-diff@^2.0.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/semver-diff/-/semver-diff-2.1.0.tgz#4bbb8437c8d37e4b0cf1a68fd726ec6d645d6d36" - dependencies: - semver "^5.0.3" - - semver-regex@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/semver-regex/-/semver-regex-1.0.0.tgz#92a4969065f9c70c694753d55248fc68f8f652c9" - - semver-truncate@^1.0.0: - version "1.1.2" - resolved "https://registry.yarnpkg.com/semver-truncate/-/semver-truncate-1.1.2.tgz#57f41de69707a62709a7e0104ba2117109ea47e8" - dependencies: - semver "^5.3.0" - - "semver@2 || 3 || 4 || 5", semver@^5.0.3, semver@^5.1.0, semver@^5.3.0, semver@~5.3.0: - version "5.3.0" - resolved "https://registry.yarnpkg.com/semver/-/semver-5.3.0.tgz#9b2ce5d3de02d17c6012ad326aa6b4d0cf54f94f" - - semver@^4.0.3: - version "4.3.6" - resolved "https://registry.yarnpkg.com/semver/-/semver-4.3.6.tgz#300bc6e0e86374f7ba61068b5b1ecd57fc6532da" - - semver@~5.0.1: - version "5.0.3" - resolved "https://registry.yarnpkg.com/semver/-/semver-5.0.3.tgz#77466de589cd5d3c95f138aa78bc569a3cb5d27a" - - send@0.14.1: - version "0.14.1" - resolved "https://registry.yarnpkg.com/send/-/send-0.14.1.tgz#a954984325392f51532a7760760e459598c89f7a" - dependencies: - debug "~2.2.0" - depd "~1.1.0" - destroy "~1.0.4" - encodeurl "~1.0.1" - escape-html "~1.0.3" - etag "~1.7.0" - fresh "0.3.0" - http-errors "~1.5.0" - mime "1.3.4" - ms "0.7.1" - on-finished "~2.3.0" - range-parser "~1.2.0" - statuses "~1.3.0" - - serve-static@~1.11.1: - version "1.11.1" - resolved "https://registry.yarnpkg.com/serve-static/-/serve-static-1.11.1.tgz#d6cce7693505f733c759de57befc1af76c0f0805" - dependencies: - encodeurl "~1.0.1" - escape-html "~1.0.3" - parseurl "~1.3.1" - send "0.14.1" - - set-blocking@~2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/set-blocking/-/set-blocking-2.0.0.tgz#045f9782d011ae9a6803ddd382b24392b3d890f7" - - set-immediate-shim@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/set-immediate-shim/-/set-immediate-shim-1.0.1.tgz#4b2b1b27eb808a9f8dcc481a58e5e56f599f3f61" - - setprototypeof@1.0.2: - version "1.0.2" - resolved "https://registry.yarnpkg.com/setprototypeof/-/setprototypeof-1.0.2.tgz#81a552141ec104b88e89ce383103ad5c66564d08" - - shebang-regex@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/shebang-regex/-/shebang-regex-1.0.0.tgz#da42f49740c0b42db2ca9728571cb190c98efea3" - - shelljs@^0.6.0: - version "0.6.1" - resolved "https://registry.yarnpkg.com/shelljs/-/shelljs-0.6.1.tgz#ec6211bed1920442088fe0f70b2837232ed2c8a8" - - signal-exit@^3.0.0: - version "3.0.2" - resolved "https://registry.yarnpkg.com/signal-exit/-/signal-exit-3.0.2.tgz#b5fdc08f1287ea1178628e415e25132b73646c6d" - - slash@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/slash/-/slash-1.0.0.tgz#c41f2f6c39fc16d1cd17ad4b5d896114ae470d55" - - slice-ansi@0.0.4: - version "0.0.4" - resolved "https://registry.yarnpkg.com/slice-ansi/-/slice-ansi-0.0.4.tgz#edbf8903f66f7ce2f8eafd6ceed65e264c831b35" - - slide@^1.1.5: - version "1.1.6" - resolved "https://registry.yarnpkg.com/slide/-/slide-1.1.6.tgz#56eb027d65b4d2dce6cb2e2d32c4d4afc9e1d707" - - sntp@1.x.x: - version "1.0.9" - resolved "https://registry.yarnpkg.com/sntp/-/sntp-1.0.9.tgz#6541184cc90aeea6c6e7b35e2659082443c66198" - dependencies: - hoek "2.x.x" - - source-map-support@^0.4.2: - version "0.4.6" - resolved "https://registry.yarnpkg.com/source-map-support/-/source-map-support-0.4.6.tgz#32552aa64b458392a85eab3b0b5ee61527167aeb" - dependencies: - source-map "^0.5.3" - - source-map@^0.5.0, source-map@^0.5.3: - version "0.5.6" - resolved "https://registry.yarnpkg.com/source-map/-/source-map-0.5.6.tgz#75ce38f52bf0733c5a7f0c118d81334a2bb5f412" - - spawn-sync@1.0.15: - version "1.0.15" - resolved "https://registry.yarnpkg.com/spawn-sync/-/spawn-sync-1.0.15.tgz#b00799557eb7fb0c8376c29d44e8a1ea67e57476" - dependencies: - concat-stream "^1.4.7" - os-shim "^0.1.2" - - spdx-correct@~1.0.0: - version "1.0.2" - resolved "https://registry.yarnpkg.com/spdx-correct/-/spdx-correct-1.0.2.tgz#4b3073d933ff51f3912f03ac5519498a4150db40" - dependencies: - spdx-license-ids "^1.0.2" - - spdx-expression-parse@~1.0.0: - version "1.0.4" - resolved "https://registry.yarnpkg.com/spdx-expression-parse/-/spdx-expression-parse-1.0.4.tgz#9bdf2f20e1f40ed447fbe273266191fced51626c" - - spdx-license-ids@^1.0.2: - version "1.2.2" - resolved "https://registry.yarnpkg.com/spdx-license-ids/-/spdx-license-ids-1.2.2.tgz#c9df7a3424594ade6bd11900d596696dc06bac57" - - split@0.3: - version "0.3.3" - resolved "https://registry.yarnpkg.com/split/-/split-0.3.3.tgz#cd0eea5e63a211dfff7eb0f091c4133e2d0dd28f" - dependencies: - through "2" - - sprintf-js@~1.0.2: - version "1.0.3" - resolved "https://registry.yarnpkg.com/sprintf-js/-/sprintf-js-1.0.3.tgz#04e6926f662895354f3dd015203633b857297e2c" - - sshpk@^1.7.0: - version "1.10.1" - resolved "https://registry.yarnpkg.com/sshpk/-/sshpk-1.10.1.tgz#30e1a5d329244974a1af61511339d595af6638b0" - dependencies: - asn1 "~0.2.3" - assert-plus "^1.0.0" - dashdash "^1.12.0" - getpass "^0.1.1" - optionalDependencies: - bcrypt-pbkdf "^1.0.0" - ecc-jsbn "~0.1.1" - jodid25519 "^1.0.0" - jsbn "~0.1.0" - tweetnacl "~0.14.0" - - stack-trace@0.0.x: - version "0.0.10" - resolved "https://registry.yarnpkg.com/stack-trace/-/stack-trace-0.0.10.tgz#547c70b347e8d32b4e108ea1a2a159e5fdde19c0" - - stat-mode@^0.2.0: - version "0.2.2" - resolved "https://registry.yarnpkg.com/stat-mode/-/stat-mode-0.2.2.tgz#e6c80b623123d7d80cf132ce538f346289072502" - - "statuses@>= 1.3.1 < 2", statuses@~1.3.0: - version "1.3.1" - resolved "https://registry.yarnpkg.com/statuses/-/statuses-1.3.1.tgz#faf51b9eb74aaef3b3acf4ad5f61abf24cb7b93e" - - stream-combiner2@^1.1.1: - version "1.1.1" - resolved "https://registry.yarnpkg.com/stream-combiner2/-/stream-combiner2-1.1.1.tgz#fb4d8a1420ea362764e21ad4780397bebcb41cbe" - dependencies: - duplexer2 "~0.1.0" - readable-stream "^2.0.2" - - stream-combiner@~0.0.4: - version "0.0.4" - resolved "https://registry.yarnpkg.com/stream-combiner/-/stream-combiner-0.0.4.tgz#4d5e433c185261dde623ca3f44c586bcf5c4ad14" - dependencies: - duplexer "~0.1.1" - - stream-shift@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/stream-shift/-/stream-shift-1.0.0.tgz#d5c752825e5367e786f78e18e445ea223a155952" - - string-length@^1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/string-length/-/string-length-1.0.1.tgz#56970fb1c38558e9e70b728bf3de269ac45adfac" - dependencies: - strip-ansi "^3.0.0" - - string-width@^1.0.1: - version "1.0.2" - resolved "https://registry.yarnpkg.com/string-width/-/string-width-1.0.2.tgz#118bdf5b8cdc51a2a7e70d211e07e2b0b9b107d3" - dependencies: - code-point-at "^1.0.0" - is-fullwidth-code-point "^1.0.0" - strip-ansi "^3.0.0" - - string-width@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/string-width/-/string-width-2.0.0.tgz#635c5436cc72a6e0c387ceca278d4e2eec52687e" - dependencies: - is-fullwidth-code-point "^2.0.0" - strip-ansi "^3.0.0" - - string_decoder@~0.10.x: - version "0.10.31" - resolved "https://registry.yarnpkg.com/string_decoder/-/string_decoder-0.10.31.tgz#62e203bc41766c6c28c9fc84301dab1c5310fa94" - - stringstream@~0.0.4: - version "0.0.5" - resolved "https://registry.yarnpkg.com/stringstream/-/stringstream-0.0.5.tgz#4e484cd4de5a0bbbee18e46307710a8a81621878" - - strip-ansi@^3.0.0, strip-ansi@^3.0.1: - version "3.0.1" - resolved "https://registry.yarnpkg.com/strip-ansi/-/strip-ansi-3.0.1.tgz#6a385fb8853d952d5ff05d0e8aaf94278dc63dcf" - dependencies: - ansi-regex "^2.0.0" - - strip-bom-stream@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/strip-bom-stream/-/strip-bom-stream-1.0.0.tgz#e7144398577d51a6bed0fa1994fa05f43fd988ee" - dependencies: - first-chunk-stream "^1.0.0" - strip-bom "^2.0.0" - - strip-bom@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/strip-bom/-/strip-bom-2.0.0.tgz#6219a85616520491f35788bdbf1447a99c7e6b0e" - dependencies: - is-utf8 "^0.2.0" - - strip-bom@^3.0.0: - version "3.0.0" - resolved "https://registry.yarnpkg.com/strip-bom/-/strip-bom-3.0.0.tgz#2334c18e9c759f7bdd56fdef7e9ae3d588e68ed3" - - strip-dirs@^1.0.0: - version "1.1.1" - resolved "https://registry.yarnpkg.com/strip-dirs/-/strip-dirs-1.1.1.tgz#960bbd1287844f3975a4558aa103a8255e2456a0" - dependencies: - chalk "^1.0.0" - get-stdin "^4.0.1" - is-absolute "^0.1.5" - is-natural-number "^2.0.0" - minimist "^1.1.0" - sum-up "^1.0.1" - - strip-indent@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/strip-indent/-/strip-indent-1.0.1.tgz#0c7962a6adefa7bbd4ac366460a638552ae1a0a2" - dependencies: - get-stdin "^4.0.1" - - strip-json-comments@~1.0.1, strip-json-comments@~1.0.4: - version "1.0.4" - resolved "https://registry.yarnpkg.com/strip-json-comments/-/strip-json-comments-1.0.4.tgz#1e15fbcac97d3ee99bf2d73b4c656b082bbafb91" - - subscriptions-transport-ws@0.2.6: - version "0.2.6" - resolved "https://registry.yarnpkg.com/subscriptions-transport-ws/-/subscriptions-transport-ws-0.2.6.tgz#433861167c25ef9a2b8697e9403afa2a77656cb3" - dependencies: - "@types/node" "^6.0.38" - backo2 "^1.0.2" - es6-promise "^3.2.1" - graphql-subscriptions "^0.1.3" - lodash.isobject "^3.0.2" - lodash.isstring "^4.0.1" - node-static "0.5.9" - websocket "^1.0.23" - - sum-up@^1.0.1: - version "1.0.3" - resolved "https://registry.yarnpkg.com/sum-up/-/sum-up-1.0.3.tgz#1c661f667057f63bcb7875aa1438bc162525156e" - dependencies: - chalk "^1.0.0" - - supports-color@3.1.2: - version "3.1.2" - resolved "https://registry.yarnpkg.com/supports-color/-/supports-color-3.1.2.tgz#72a262894d9d408b956ca05ff37b2ed8a6e2a2d5" - dependencies: - has-flag "^1.0.0" - - supports-color@^0.2.0: - version "0.2.0" - resolved "https://registry.yarnpkg.com/supports-color/-/supports-color-0.2.0.tgz#d92de2694eb3f67323973d7ae3d8b55b4c22190a" - - supports-color@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/supports-color/-/supports-color-2.0.0.tgz#535d045ce6b6363fa40117084629995e9df324c7" - - table@^3.7.8: - version "3.8.3" - resolved "https://registry.yarnpkg.com/table/-/table-3.8.3.tgz#2bbc542f0fda9861a755d3947fefd8b3f513855f" - dependencies: - ajv "^4.7.0" - ajv-keywords "^1.0.0" - chalk "^1.1.1" - lodash "^4.0.0" - slice-ansi "0.0.4" - string-width "^2.0.0" - - tar-pack@~3.3.0: - version "3.3.0" - resolved "https://registry.yarnpkg.com/tar-pack/-/tar-pack-3.3.0.tgz#30931816418f55afc4d21775afdd6720cee45dae" - dependencies: - debug "~2.2.0" - fstream "~1.0.10" - fstream-ignore "~1.0.5" - once "~1.3.3" - readable-stream "~2.1.4" - rimraf "~2.5.1" - tar "~2.2.1" - uid-number "~0.0.6" - - tar-stream@^1.1.1: - version "1.5.2" - resolved "https://registry.yarnpkg.com/tar-stream/-/tar-stream-1.5.2.tgz#fbc6c6e83c1a19d4cb48c7d96171fc248effc7bf" - dependencies: - bl "^1.0.0" - end-of-stream "^1.0.0" - readable-stream "^2.0.0" - xtend "^4.0.0" - - tar@~2.2.1: - version "2.2.1" - resolved "https://registry.yarnpkg.com/tar/-/tar-2.2.1.tgz#8e4d2a256c0e2185c6b18ad694aec968b83cb1d1" - dependencies: - block-stream "*" - fstream "^1.0.2" - inherits "2" - - text-table@~0.2.0: - version "0.2.0" - resolved "https://registry.yarnpkg.com/text-table/-/text-table-0.2.0.tgz#7f5ee823ae805207c00af2df4a84ec3fcfa570b4" - - through2-filter@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/through2-filter/-/through2-filter-2.0.0.tgz#60bc55a0dacb76085db1f9dae99ab43f83d622ec" - dependencies: - through2 "~2.0.0" - xtend "~4.0.0" - - through2@^0.6.0, through2@^0.6.1: - version "0.6.5" - resolved "https://registry.yarnpkg.com/through2/-/through2-0.6.5.tgz#41ab9c67b29d57209071410e1d7a7a968cd3ad48" - dependencies: - readable-stream ">=1.0.33-1 <1.1.0-0" - xtend ">=4.0.0 <4.1.0-0" - - through2@^2.0.0, through2@~2.0.0: - version "2.0.3" - resolved "https://registry.yarnpkg.com/through2/-/through2-2.0.3.tgz#0004569b37c7c74ba39c43f3ced78d1ad94140be" - dependencies: - readable-stream "^2.1.5" - xtend "~4.0.1" - - through@2, through@^2.3.6, through@~2.3, through@~2.3.1: - version "2.3.8" - resolved "https://registry.yarnpkg.com/through/-/through-2.3.8.tgz#0dd4c9ffaabc357960b1b724115d7e0e86a2e1f5" - - timed-out@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/timed-out/-/timed-out-2.0.0.tgz#f38b0ae81d3747d628001f41dafc652ace671c0a" - - to-absolute-glob@^0.1.1: - version "0.1.1" - resolved "https://registry.yarnpkg.com/to-absolute-glob/-/to-absolute-glob-0.1.1.tgz#1cdfa472a9ef50c239ee66999b662ca0eb39937f" - dependencies: - extend-shallow "^2.0.1" - - to-fast-properties@^1.0.1: - version "1.0.2" - resolved "https://registry.yarnpkg.com/to-fast-properties/-/to-fast-properties-1.0.2.tgz#f3f5c0c3ba7299a7ef99427e44633257ade43320" - - topo@1.x.x: - version "1.1.0" - resolved "https://registry.yarnpkg.com/topo/-/topo-1.1.0.tgz#e9d751615d1bb87dc865db182fa1ca0a5ef536d5" - dependencies: - hoek "2.x.x" - - touch@1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/touch/-/touch-1.0.0.tgz#449cbe2dbae5a8c8038e30d71fa0ff464947c4de" - dependencies: - nopt "~1.0.10" - - tough-cookie@~2.3.0: - version "2.3.2" - resolved "https://registry.yarnpkg.com/tough-cookie/-/tough-cookie-2.3.2.tgz#f081f76e4c85720e6c37a5faced737150d84072a" - dependencies: - punycode "^1.4.1" - - trim-newlines@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/trim-newlines/-/trim-newlines-1.0.0.tgz#5887966bb582a4503a41eb524f7d35011815a613" - - tryit@^1.0.1: - version "1.0.3" - resolved "https://registry.yarnpkg.com/tryit/-/tryit-1.0.3.tgz#393be730a9446fd1ead6da59a014308f36c289cb" - - tunnel-agent@~0.4.1: - version "0.4.3" - resolved "https://registry.yarnpkg.com/tunnel-agent/-/tunnel-agent-0.4.3.tgz#6373db76909fe570e08d73583365ed828a74eeeb" - - tweetnacl@^0.14.3, tweetnacl@~0.14.0: - version "0.14.4" - resolved "https://registry.yarnpkg.com/tweetnacl/-/tweetnacl-0.14.4.tgz#8c9dbfb52795686f166cd2023794bcf103d13c2b" - - type-check@~0.3.2: - version "0.3.2" - resolved "https://registry.yarnpkg.com/type-check/-/type-check-0.3.2.tgz#5884cab512cf1d355e3fb784f30804b2b520db72" - dependencies: - prelude-ls "~1.1.2" - - type-detect@0.1.1: - version "0.1.1" - resolved "https://registry.yarnpkg.com/type-detect/-/type-detect-0.1.1.tgz#0ba5ec2a885640e470ea4e8505971900dac58822" - - type-detect@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/type-detect/-/type-detect-1.0.0.tgz#762217cc06db258ec48908a1298e8b95121e8ea2" - - type-is@~1.6.13: - version "1.6.14" - resolved "https://registry.yarnpkg.com/type-is/-/type-is-1.6.14.tgz#e219639c17ded1ca0789092dd54a03826b817cb2" - dependencies: - media-typer "0.3.0" - mime-types "~2.1.13" - - typed-graphql@^1.0.2: - version "1.0.2" - resolved "https://registry.yarnpkg.com/typed-graphql/-/typed-graphql-1.0.2.tgz#4c0f788775d552df4d4ec3d73f25469252f40fb8" - - typedarray-to-buffer@^3.1.2: - version "3.1.2" - resolved "https://registry.yarnpkg.com/typedarray-to-buffer/-/typedarray-to-buffer-3.1.2.tgz#1017b32d984ff556eba100f501589aba1ace2e04" - dependencies: - is-typedarray "^1.0.0" - - typedarray@~0.0.5: - version "0.0.6" - resolved "https://registry.yarnpkg.com/typedarray/-/typedarray-0.0.6.tgz#867ac74e3864187b1d3d47d996a78ec5c8830777" - - uid-number@~0.0.6: - version "0.0.6" - resolved "https://registry.yarnpkg.com/uid-number/-/uid-number-0.0.6.tgz#0ea10e8035e8eb5b8e4449f06da1c730663baa81" - - uid-safe@~2.1.2: - version "2.1.3" - resolved "https://registry.yarnpkg.com/uid-safe/-/uid-safe-2.1.3.tgz#077e264a00b3187936b270bb7376a26473631071" - dependencies: - base64-url "1.3.3" - random-bytes "~1.0.0" - - undefsafe@0.0.3: - version "0.0.3" - resolved "https://registry.yarnpkg.com/undefsafe/-/undefsafe-0.0.3.tgz#ecca3a03e56b9af17385baac812ac83b994a962f" - - unique-stream@^2.0.2: - version "2.2.1" - resolved "https://registry.yarnpkg.com/unique-stream/-/unique-stream-2.2.1.tgz#5aa003cfbe94c5ff866c4e7d668bb1c4dbadb369" - dependencies: - json-stable-stringify "^1.0.0" - through2-filter "^2.0.0" - - unpipe@1.0.0, unpipe@~1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/unpipe/-/unpipe-1.0.0.tgz#b2bf4ee8514aae6165b4817829d21b2ef49904ec" - - update-notifier@0.5.0: - version "0.5.0" - resolved "https://registry.yarnpkg.com/update-notifier/-/update-notifier-0.5.0.tgz#07b5dc2066b3627ab3b4f530130f7eddda07a4cc" - dependencies: - chalk "^1.0.0" - configstore "^1.0.0" - is-npm "^1.0.0" - latest-version "^1.0.0" - repeating "^1.1.2" - semver-diff "^2.0.0" - string-length "^1.0.0" - - user-home@^1.1.1: - version "1.1.1" - resolved "https://registry.yarnpkg.com/user-home/-/user-home-1.1.1.tgz#2b5be23a32b63a7c9deb8d0f28d485724a3df190" - - user-home@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/user-home/-/user-home-2.0.0.tgz#9c70bfd8169bc1dcbf48604e0f04b8b49cde9e9f" - dependencies: - os-homedir "^1.0.0" - - util-deprecate@~1.0.1: - version "1.0.2" - resolved "https://registry.yarnpkg.com/util-deprecate/-/util-deprecate-1.0.2.tgz#450d4dc9fa70de732762fbd2d4a28981419a0ccf" - - utils-merge@1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/utils-merge/-/utils-merge-1.0.0.tgz#0294fb922bb9375153541c4f7096231f287c8af8" - - uuid@^2.0.1: - version "2.0.3" - resolved "https://registry.yarnpkg.com/uuid/-/uuid-2.0.3.tgz#67e2e863797215530dff318e5bf9dcebfd47b21a" - - uuid@^3.0.0: - version "3.0.1" - resolved "https://registry.yarnpkg.com/uuid/-/uuid-3.0.1.tgz#6544bba2dfda8c1cf17e629a3a305e2bb1fee6c1" - - v8flags@^2.0.10: - version "2.0.11" - resolved "https://registry.yarnpkg.com/v8flags/-/v8flags-2.0.11.tgz#bca8f30f0d6d60612cc2c00641e6962d42ae6881" - dependencies: - user-home "^1.1.1" - - vali-date@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/vali-date/-/vali-date-1.0.0.tgz#1b904a59609fb328ef078138420934f6b86709a6" - - validate-npm-package-license@^3.0.1: - version "3.0.1" - resolved "https://registry.yarnpkg.com/validate-npm-package-license/-/validate-npm-package-license-3.0.1.tgz#2804babe712ad3379459acfbe24746ab2c303fbc" - dependencies: - spdx-correct "~1.0.0" - spdx-expression-parse "~1.0.0" - - vary@^1, vary@~1.1.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/vary/-/vary-1.1.0.tgz#e1e5affbbd16ae768dd2674394b9ad3022653140" - - verror@1.3.6: - version "1.3.6" - resolved "https://registry.yarnpkg.com/verror/-/verror-1.3.6.tgz#cff5df12946d297d2baaefaa2689e25be01c005c" - dependencies: - extsprintf "1.0.2" - - vinyl-assign@^1.0.1: - version "1.2.1" - resolved "https://registry.yarnpkg.com/vinyl-assign/-/vinyl-assign-1.2.1.tgz#4d198891b5515911d771a8cd9c5480a46a074a45" - dependencies: - object-assign "^4.0.1" - readable-stream "^2.0.0" - - vinyl-fs@^2.2.0: - version "2.4.4" - resolved "https://registry.yarnpkg.com/vinyl-fs/-/vinyl-fs-2.4.4.tgz#be6ff3270cb55dfd7d3063640de81f25d7532239" - dependencies: - duplexify "^3.2.0" - glob-stream "^5.3.2" - graceful-fs "^4.0.0" - gulp-sourcemaps "1.6.0" - is-valid-glob "^0.3.0" - lazystream "^1.0.0" - lodash.isequal "^4.0.0" - merge-stream "^1.0.0" - mkdirp "^0.5.0" - object-assign "^4.0.0" - readable-stream "^2.0.4" - strip-bom "^2.0.0" - strip-bom-stream "^1.0.0" - through2 "^2.0.0" - through2-filter "^2.0.0" - vali-date "^1.0.0" - vinyl "^1.0.0" - - vinyl@^0.4.3: - version "0.4.6" - resolved "https://registry.yarnpkg.com/vinyl/-/vinyl-0.4.6.tgz#2f356c87a550a255461f36bbeb2a5ba8bf784847" - dependencies: - clone "^0.2.0" - clone-stats "^0.0.1" - - vinyl@^1.0.0: - version "1.2.0" - resolved "https://registry.yarnpkg.com/vinyl/-/vinyl-1.2.0.tgz#5c88036cf565e5df05558bfc911f8656df218884" - dependencies: - clone "^1.0.0" - clone-stats "^0.0.1" - replace-ext "0.0.1" - - websocket@^1.0.23: - version "1.0.23" - resolved "https://registry.yarnpkg.com/websocket/-/websocket-1.0.23.tgz#20de8ec4a7126b09465578cd5dbb29a9c296aac6" - dependencies: - debug "^2.2.0" - nan "^2.3.3" - typedarray-to-buffer "^3.1.2" - yaeti "^0.0.4" - - wide-align@^1.1.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/wide-align/-/wide-align-1.1.0.tgz#40edde802a71fea1f070da3e62dcda2e7add96ad" - dependencies: - string-width "^1.0.1" - - window-size@^0.1.4: - version "0.1.4" - resolved "https://registry.yarnpkg.com/window-size/-/window-size-0.1.4.tgz#f8e1aa1ee5a53ec5bf151ffa09742a6ad7697876" - - winston@^2.3.1: - version "2.3.1" - resolved "https://registry.yarnpkg.com/winston/-/winston-2.3.1.tgz#0b48420d978c01804cf0230b648861598225a119" - dependencies: - async "~1.0.0" - colors "1.0.x" - cycle "1.0.x" - eyes "0.1.x" - isstream "0.1.x" - stack-trace "0.0.x" - - wordwrap@~1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/wordwrap/-/wordwrap-1.0.0.tgz#27584810891456a4171c8d0226441ade90cbcaeb" - - wrap-ansi@^2.0.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/wrap-ansi/-/wrap-ansi-2.1.0.tgz#d8fc3d284dd05794fe84973caecdd1cf824fdd85" - dependencies: - string-width "^1.0.1" - strip-ansi "^3.0.1" - - wrappy@1: - version "1.0.2" - resolved "https://registry.yarnpkg.com/wrappy/-/wrappy-1.0.2.tgz#b5243d8f3ec1aa35f1364605bc0d1036e30ab69f" - - write-file-atomic@^1.1.2: - version "1.2.0" - resolved "https://registry.yarnpkg.com/write-file-atomic/-/write-file-atomic-1.2.0.tgz#14c66d4e4cb3ca0565c28cf3b7a6f3e4d5938fab" - dependencies: - graceful-fs "^4.1.2" - imurmurhash "^0.1.4" - slide "^1.1.5" - - write@^0.2.1: - version "0.2.1" - resolved "https://registry.yarnpkg.com/write/-/write-0.2.1.tgz#5fc03828e264cea3fe91455476f7a3c566cb0757" - dependencies: - mkdirp "^0.5.1" - - xdg-basedir@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/xdg-basedir/-/xdg-basedir-2.0.0.tgz#edbc903cc385fc04523d966a335504b5504d1bd2" - dependencies: - os-homedir "^1.0.0" - - "xtend@>=4.0.0 <4.1.0-0", xtend@^4.0.0, xtend@^4.0.1, xtend@~4.0.0, xtend@~4.0.1: - version "4.0.1" - resolved "https://registry.yarnpkg.com/xtend/-/xtend-4.0.1.tgz#a5c6d532be656e23db820efb943a1f04998d63af" - - y18n@^3.2.0: - version "3.2.1" - resolved "https://registry.yarnpkg.com/y18n/-/y18n-3.2.1.tgz#6d15fba884c08679c0d77e88e7759e811e07fa41" - - yaeti@^0.0.4: - version "0.0.4" - resolved "https://registry.yarnpkg.com/yaeti/-/yaeti-0.0.4.tgz#89fe739c45ac4491028973193262a837693a66b6" - - yargs@^3.26.0: - version "3.32.0" - resolved "https://registry.yarnpkg.com/yargs/-/yargs-3.32.0.tgz#03088e9ebf9e756b69751611d2a5ef591482c995" - dependencies: - camelcase "^2.0.1" - cliui "^3.0.3" - decamelize "^1.1.1" - os-locale "^1.4.0" - string-width "^1.0.1" - window-size "^0.1.4" - y18n "^3.2.0" - - yauzl@^2.2.1: - version "2.7.0" - resolved "https://registry.yarnpkg.com/yauzl/-/yauzl-2.7.0.tgz#e21d847868b496fc29eaec23ee87fdd33e9b2bce" - dependencies: - buffer-crc32 "~0.2.3" - fd-slicer "~1.0.1" - -Trace: - Error: EEXIST: file already exists, mkdir '/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/create-graphql-server-authorization' From fe51626c341152f54ff4ea412a72b43419d06705 Mon Sep 17 00:00:00 2001 From: tobkle Date: Sun, 21 May 2017 10:01:35 +0200 Subject: [PATCH 29/69] start branch authorization --- yarn.lock | 80 +++++++++++++++++++++++++++++++++++++++++++++---------- 1 file changed, 66 insertions(+), 14 deletions(-) diff --git a/yarn.lock b/yarn.lock index 45f42dc..e3480bb 100644 --- a/yarn.lock +++ b/yarn.lock @@ -169,6 +169,14 @@ babel-code-frame@^6.16.0: esutils "^2.0.2" js-tokens "^2.0.0" +babel-code-frame@^6.22.0: + version "6.22.0" + resolved "https://registry.yarnpkg.com/babel-code-frame/-/babel-code-frame-6.22.0.tgz#027620bee567a88c32561574e7fd0801d33118e4" + dependencies: + chalk "^1.1.0" + esutils "^2.0.2" + js-tokens "^3.0.0" + babel-core@6.17.0, babel-core@^6.16.0: version "6.17.0" resolved "https://registry.yarnpkg.com/babel-core/-/babel-core-6.17.0.tgz#6c4576447df479e241e58c807e4bc7da4db7f425" @@ -195,14 +203,14 @@ babel-core@6.17.0, babel-core@^6.16.0: slash "^1.0.0" source-map "^0.5.0" -babel-eslint@7.0.0: - version "7.0.0" - resolved "https://registry.yarnpkg.com/babel-eslint/-/babel-eslint-7.0.0.tgz#54e51b4033f54ac81326ecea4c646a779935196d" +babel-eslint@^7.0.0: + version "7.2.3" + resolved "https://registry.yarnpkg.com/babel-eslint/-/babel-eslint-7.2.3.tgz#b2fe2d80126470f5c19442dc757253a897710827" dependencies: - babel-traverse "^6.15.0" - babel-types "^6.15.0" - babylon "^6.11.2" - lodash.pickby "^4.6.0" + babel-code-frame "^6.22.0" + babel-traverse "^6.23.1" + babel-types "^6.23.0" + babylon "^6.17.0" babel-generator@^6.17.0: version "6.18.0" @@ -343,6 +351,12 @@ babel-helpers@^6.16.0: babel-runtime "^6.0.0" babel-template "^6.16.0" +babel-messages@^6.23.0: + version "6.23.0" + resolved "https://registry.yarnpkg.com/babel-messages/-/babel-messages-6.23.0.tgz#f3cdf4703858035b2a2951c6ec5edf6c62f2630e" + dependencies: + babel-runtime "^6.22.0" + babel-messages@^6.8.0: version "6.8.0" resolved "https://registry.yarnpkg.com/babel-messages/-/babel-messages-6.8.0.tgz#bf504736ca967e6d65ef0adb5a2a5f947c8e0eb9" @@ -747,6 +761,13 @@ babel-runtime@^6.0.0, babel-runtime@^6.11.6, babel-runtime@^6.9.0, babel-runtime core-js "^2.4.0" regenerator-runtime "^0.9.5" +babel-runtime@^6.22.0: + version "6.23.0" + resolved "https://registry.yarnpkg.com/babel-runtime/-/babel-runtime-6.23.0.tgz#0a9489f144de70efb3ce4300accdb329e2fc543b" + dependencies: + core-js "^2.4.0" + regenerator-runtime "^0.10.0" + babel-template@^6.14.0, babel-template@^6.15.0, babel-template@^6.16.0, babel-template@^6.8.0: version "6.16.0" resolved "https://registry.yarnpkg.com/babel-template/-/babel-template-6.16.0.tgz#e149dd1a9f03a35f817ddbc4d0481988e7ebc8ca" @@ -757,7 +778,7 @@ babel-template@^6.14.0, babel-template@^6.15.0, babel-template@^6.16.0, babel-te babylon "^6.11.0" lodash "^4.2.0" -babel-traverse@^6.15.0, babel-traverse@^6.16.0, babel-traverse@^6.18.0: +babel-traverse@^6.16.0, babel-traverse@^6.18.0: version "6.18.0" resolved "https://registry.yarnpkg.com/babel-traverse/-/babel-traverse-6.18.0.tgz#5aeaa980baed2a07c8c47329cd90c3b90c80f05e" dependencies: @@ -771,7 +792,21 @@ babel-traverse@^6.15.0, babel-traverse@^6.16.0, babel-traverse@^6.18.0: invariant "^2.2.0" lodash "^4.2.0" -babel-types@^6.13.0, babel-types@^6.15.0, babel-types@^6.16.0, babel-types@^6.18.0, babel-types@^6.8.0, babel-types@^6.9.0: +babel-traverse@^6.23.1: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-traverse/-/babel-traverse-6.24.1.tgz#ab36673fd356f9a0948659e7b338d5feadb31695" + dependencies: + babel-code-frame "^6.22.0" + babel-messages "^6.23.0" + babel-runtime "^6.22.0" + babel-types "^6.24.1" + babylon "^6.15.0" + debug "^2.2.0" + globals "^9.0.0" + invariant "^2.2.0" + lodash "^4.2.0" + +babel-types@^6.13.0, babel-types@^6.16.0, babel-types@^6.18.0, babel-types@^6.8.0, babel-types@^6.9.0: version "6.18.0" resolved "https://registry.yarnpkg.com/babel-types/-/babel-types-6.18.0.tgz#1f7d5a73474c59eb9151b2417bbff4e4fce7c3f8" dependencies: @@ -780,10 +815,23 @@ babel-types@^6.13.0, babel-types@^6.15.0, babel-types@^6.16.0, babel-types@^6.18 lodash "^4.2.0" to-fast-properties "^1.0.1" -babylon, babylon@^6.11.0, babylon@^6.11.2: +babel-types@^6.23.0, babel-types@^6.24.1: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-types/-/babel-types-6.24.1.tgz#a136879dc15b3606bda0d90c1fc74304c2ff0975" + dependencies: + babel-runtime "^6.22.0" + esutils "^2.0.2" + lodash "^4.2.0" + to-fast-properties "^1.0.1" + +babylon, babylon@^6.11.0: version "6.14.1" resolved "https://registry.yarnpkg.com/babylon/-/babylon-6.14.1.tgz#956275fab72753ad9b3435d7afe58f8bf0a29815" +babylon@^6.15.0, babylon@^6.17.0: + version "6.17.1" + resolved "https://registry.yarnpkg.com/babylon/-/babylon-6.17.1.tgz#17f14fddf361b695981fe679385e4f1c01ebd86f" + balanced-match@^0.4.1: version "0.4.2" resolved "https://registry.yarnpkg.com/balanced-match/-/balanced-match-0.4.2.tgz#cb3f3e3c732dc0f01ee70b403f302e61d7709838" @@ -1867,6 +1915,10 @@ js-tokens@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/js-tokens/-/js-tokens-2.0.0.tgz#79903f5563ee778cc1162e6dcf1a0027c97f9cb5" +js-tokens@^3.0.0: + version "3.0.1" + resolved "https://registry.yarnpkg.com/js-tokens/-/js-tokens-3.0.1.tgz#08e9f132484a2c45a30907e9dc4d5567b7f114d7" + js-yaml@^3.5.1: version "3.7.0" resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-3.7.0.tgz#5c967ddd837a9bfdca5f2de84253abe8a1c03b80" @@ -2029,10 +2081,6 @@ lodash.merge@^4.6.0: version "4.6.0" resolved "https://registry.yarnpkg.com/lodash.merge/-/lodash.merge-4.6.0.tgz#69884ba144ac33fe699737a6086deffadd0f89c5" -lodash.pickby@^4.6.0: - version "4.6.0" - resolved "https://registry.yarnpkg.com/lodash.pickby/-/lodash.pickby-4.6.0.tgz#7dea21d8c18d7703a27c704c15d3b84a67e33aff" - lodash@^4.0.0, lodash@^4.2.0, lodash@^4.3.0: version "4.16.6" resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.16.6.tgz#d22c9ac660288f3843e16ba7d2b5d06cca27d777" @@ -2472,6 +2520,10 @@ regenerate@^1.2.1: version "1.3.2" resolved "https://registry.yarnpkg.com/regenerate/-/regenerate-1.3.2.tgz#d1941c67bad437e1be76433add5b385f95b19260" +regenerator-runtime@^0.10.0: + version "0.10.5" + resolved "https://registry.yarnpkg.com/regenerator-runtime/-/regenerator-runtime-0.10.5.tgz#336c3efc1220adcedda2c9fab67b5a7955a33658" + regenerator-runtime@^0.9.5: version "0.9.6" resolved "https://registry.yarnpkg.com/regenerator-runtime/-/regenerator-runtime-0.9.6.tgz#d33eb95d0d2001a4be39659707c51b0cb71ce029" From d3cc04c078a1b65035e28f11395fa77675dc9d53 Mon Sep 17 00:00:00 2001 From: tobkle Date: Sun, 21 May 2017 14:04:59 +0200 Subject: [PATCH 30/69] auth code in test/output-app --- test/input/Tweet.graphql | 13 +++++- test/input/User.graphql | 17 +++++++- test/output-app/model/Tweet.js | 57 +++++++++++++++++++++++++++ test/output-app/model/User.js | 63 ++++++++++++++++++++++++++++++ test/output-app/resolvers/Tweet.js | 40 +++++++++++++++---- test/output-app/resolvers/User.js | 40 +++++++++++++++---- test/seeds/User.json | 6 +-- 7 files changed, 217 insertions(+), 19 deletions(-) diff --git a/test/input/Tweet.graphql b/test/input/Tweet.graphql index 9fc371f..b0447d6 100644 --- a/test/input/Tweet.graphql +++ b/test/input/Tweet.graphql @@ -1,4 +1,15 @@ -type Tweet { +type Tweet + +@authorize( + create: ["owner"] + readOne: [] + readMany: ["world"] + update: ["owner", "editor"] + delete: ["owner", "admin"] + ownerField: "author" +) + +{ author: User! @unmodifiable body: String! diff --git a/test/input/User.graphql b/test/input/User.graphql index 842c07d..2dbd765 100644 --- a/test/input/User.graphql +++ b/test/input/User.graphql @@ -1,5 +1,20 @@ -type User { +type User + +@authorize( + create: ["admin"] + readOne: ["owner", "admin"] + readMany: ["admin"] + update: ["owner", "admin"] + delete: ["owner", "admin"] + ownerField: "_id" + roleField: "role" +) + +{ + role: String! + username: String! + bio: String notify: Boolean diff --git a/test/output-app/model/Tweet.js b/test/output-app/model/Tweet.js index ebe5063..d1a7e1e 100644 --- a/test/output-app/model/Tweet.js +++ b/test/output-app/model/Tweet.js @@ -1,14 +1,71 @@ +import _ from 'lodash'; import DataLoader from 'dataloader'; import findByIds from 'mongo-find-by-ids'; export default class Tweet { constructor(context) { + this.ownerField = 'authorId'; // @authorize(ownerField: "author") this.context = context; this.collection = context.db.collection('tweet'); this.pubsub = context.pubsub; this.loader = new DataLoader(ids => findByIds(this.collection, ids)); } + // returns the owner of the current document @authorize(ownerField) + owner(doc){ + return doc[this.ownerField] || null; + } + + // returns true, if the current user is authorized for the current mode and document + isAuthorized({doc, mode, user}){ + const owner = this.owner(doc); + const role = this.context.User.role(user); + + switch (mode) { + + case: 'create': + // @authorize(create: ["owner"]) + return (!!role && user._id === owner); + break; + + case: 'readOne': + // @authorize(readOne: []) + return false; + break; + + case: 'readMany': + // @authorize(readMany: ["world"]) + return true; + break; + + case: 'update': + // @authorize(update: ["owner", editor"]) + return (!!role && (user._id === owner || role === 'editor')); + break; + + case: 'delete': + // @authorize(delete: ["owner", "admin"]) + return (!!role && (user._id === owner || role === 'admin')); + break; + + default: + return false; + break; + + } + } + + // returns only authorized documents + authorized({doc, mode, user}){ + if (_.isArray(doc)){ + return _.filter(doc, d => this.isAuthorized({doc: d, mode, user}) ); + } else if (_.isObject(doc) && this.isAuthorized({doc, mode, user})) { + return doc; + } else { + return null; + } + } + findOneById(id) { return this.loader.load(id); } diff --git a/test/output-app/model/User.js b/test/output-app/model/User.js index fd61249..76c8ae2 100644 --- a/test/output-app/model/User.js +++ b/test/output-app/model/User.js @@ -1,14 +1,77 @@ +import _ from 'lodash'; import DataLoader from 'dataloader'; import findByIds from 'mongo-find-by-ids'; export default class User { constructor(context) { + this.ownerField = '_id'; // @authorize(ownerField: "_id") + this.roleField = 'role'; // @authorize(roleField: "role") this.context = context; this.collection = context.db.collection('user'); this.pubsub = context.pubsub; this.loader = new DataLoader(ids => findByIds(this.collection, ids)); } + // returns the owner of the current document @authorize(ownerField) + owner(doc){ + return doc[this.ownerField] || null; + } + + // returns the role of the current user @authorize(roleField) + role(user){ + return user[this.roleField] || null; + } + + // returns true, if the current user is authorized for the current mode and document + isAuthorized({doc, mode, user}){ + const owner = this.owner(doc); + const role = this.context.User.role(user); + + switch (mode) { + + case: 'create': + // @authorize(create: ["admin"]) + return (!!role && role === 'admin'); + break; + + case: 'readOne': + // @authorize(readOne: ["owner", "admin"]) + return (!!role && (user._id === owner || role === 'admin')); + break; + + case: 'readMany': + // @authorize(readMany: ["admin"]) + return (!!role && role === 'admin'); + break; + + case: 'update': + // @authorize(update: ["owner", "admin"]) + return (!!role && (user._id === owner || role === 'admin')); + break; + + case: 'delete': + // @authorize(delete: ["owner", "admin"]) + return (!!role && (user._id === owner || role === 'admin')); + break; + + default: + return false; + break; + + } + } + + // returns only authorized documents + authorized({doc, mode, user}){ + if (_.isArray(doc)){ + return _.filter(doc, d => this.isAuthorized({doc: d, mode, user}) ); + } else if (_.isObject(doc) && this.isAuthorized({doc, mode, user})) { + return doc; + } else { + return null; + } + } + findOneById(id) { return this.loader.load(id); } diff --git a/test/output-app/resolvers/Tweet.js b/test/output-app/resolvers/Tweet.js index 64cfed4..cc85b8e 100644 --- a/test/output-app/resolvers/Tweet.js +++ b/test/output-app/resolvers/Tweet.js @@ -13,26 +13,52 @@ const resolvers = { }, }, Query: { - tweets(root, { lastCreatedAt, limit }, { Tweet }) { - return Tweet.all({ lastCreatedAt, limit }); + tweets(root, { lastCreatedAt, limit }, { Tweet, user }) { + return Tweet.authorized({ + doc: Tweet.all({ lastCreatedAt, limit }), + mode: 'readMany', + user + }); }, - tweet(root, { id }, { Tweet }) { - return Tweet.findOneById(id); + tweet(root, { id }, { Tweet, user }) { + return Tweet.authorized({ + doc: Tweet.findOneById(id), + mode: 'readOne', + user + }); }, }, Mutation: { - async createTweet(root, { input }, { Tweet }) { + async createTweet(root, { input }, { Tweet, user }) { + const authorized = Tweet.isAuthorized({ + doc: input, + mode: 'create', + user + }); + if (!authorized) throw new Error('Not authorized'); const id = await Tweet.insert(input); return Tweet.findOneById(id); }, - async updateTweet(root, { id, input }, { Tweet }) { + async updateTweet(root, { id, input }, { Tweet, user }) { + const authorized = Tweet.isAuthorized({ + doc: Tweet.findOneById(id), + mode: 'update', + user + }); + if (!authorized) throw new Error('Not authorized'); await Tweet.updateById(id, input); return Tweet.findOneById(id); }, - removeTweet(root, { id }, { Tweet }) { + removeTweet(root, { id }, { Tweet, user }) { + const authorized = Tweet.isAuthorized({ + doc: Tweet.findOneById(id), + mode: 'delete', + user + }); + if (!authorized) throw new Error('Not authorized'); return Tweet.removeById(id); }, }, diff --git a/test/output-app/resolvers/User.js b/test/output-app/resolvers/User.js index 0e4abac..a5cef19 100644 --- a/test/output-app/resolvers/User.js +++ b/test/output-app/resolvers/User.js @@ -21,26 +21,52 @@ const resolvers = { }, }, Query: { - users(root, { lastCreatedAt, limit }, { User }) { - return User.all({ lastCreatedAt, limit }); + users(root, { lastCreatedAt, limit }, { User, user }) { + return User.authorized({ + doc: User.all({ lastCreatedAt, limit }), + mode: 'readMany', + user + }); }, - user(root, { id }, { User }) { - return User.findOneById(id); + user(root, { id }, { User, user }) { + return User.authorized({ + doc: User.findOneById(id), + mode: 'readOne', + user + }); }, }, Mutation: { - async createUser(root, { input }, { User }) { + async createUser(root, { input }, { User, user }) { + const authorized = User.isAuthorized({ + doc: input, + mode: 'create', + user + }); + if (!authorized) throw new Error('Not authorized'); const id = await User.insert(input); return User.findOneById(id); }, - async updateUser(root, { id, input }, { User }) { + async updateUser(root, { id, input }, { User, user }) { + const authorized = User.isAuthorized({ + doc: User.findOneById(id), + mode: 'update', + user + }); + if (!authorized) throw new Error('Not authorized'); await User.updateById(id, input); return User.findOneById(id); }, - removeUser(root, { id }, { User }) { + removeUser(root, { id }, { User, user }) { + const authorized = User.isAuthorized({ + doc: User.findOneById(id), + mode: 'delete', + user + }); + if (!authorized) throw new Error('Not authorized'); return User.removeById(id); }, }, diff --git a/test/seeds/User.json b/test/seeds/User.json index 1618acf..6012a04 100644 --- a/test/seeds/User.json +++ b/test/seeds/User.json @@ -1,3 +1,3 @@ -{"_id":{"$oid":"583291a1638566b3c5a92ca1"},"bio":"tech lead @meteorjs @apollographql","createdAt":1.479776905993e+12,"followingIds":[{"$oid":"583291a1638566b3c5a92ca0"}],"likedIds":[{"$oid":"583676d3618530145474e350"},{"$oid":"583676d3618530145474e351"}],"updatedAt":1.479776905993e+12,"username":"stubailo"} -{"_id":{"$oid":"583291a1638566b3c5a92ca0"},"bio":"I build things with @percolatestudio. Author of @discovermeteor. Exploring how to improve user experience through technology, design and performance.","createdAt":1.479776904993e+12,"followingIds":[{"$oid":"583291a1638566b3c5a92ca1"},{"$oid":"583291a1638566b3c5a92ca2"}],"likedIds":[{"$oid":"583676d3618530145474e352"},{"$oid":"583676d3618530145474e353"},{"$oid":"583676d3618530145474e354"}],"updatedAt":1.479776904993e+12,"username":"tmeasday"} -{"_id":{"$oid":"583291a1638566b3c5a92ca2"},"bio":"Co-founder of Parse, now at Facebook. Ex Google search quality, game developer \u0026 math contester.","createdAt":1.479776906993e+12,"followingIds":[{"$oid":"583291a1638566b3c5a92ca1"}],"likedIds":[{"$oid":"583676d3618530145474e350"},{"$oid":"583676d3618530145474e353"}],"updatedAt":1.479776906993e+12,"username":"lacker"} +{"_id":{"$oid":"583291a1638566b3c5a92ca1"},"bio":"tech lead @meteorjs @apollographql","createdAt":1.479776905993e+12,"followingIds":[{"$oid":"583291a1638566b3c5a92ca0"}],"likedIds":[{"$oid":"583676d3618530145474e350"},{"$oid":"583676d3618530145474e351"}],"updatedAt":1.479776905993e+12,"username":"stubailo", "role":"editor"} +{"_id":{"$oid":"583291a1638566b3c5a92ca0"},"bio":"I build things with @percolatestudio. Author of @discovermeteor. Exploring how to improve user experience through technology, design and performance.","createdAt":1.479776904993e+12,"followingIds":[{"$oid":"583291a1638566b3c5a92ca1"},{"$oid":"583291a1638566b3c5a92ca2"}],"likedIds":[{"$oid":"583676d3618530145474e352"},{"$oid":"583676d3618530145474e353"},{"$oid":"583676d3618530145474e354"}],"updatedAt":1.479776904993e+12,"username":"tmeasday", "role": "admin"} +{"_id":{"$oid":"583291a1638566b3c5a92ca2"},"bio":"Co-founder of Parse, now at Facebook. Ex Google search quality, game developer \u0026 math contester.","createdAt":1.479776906993e+12,"followingIds":[{"$oid":"583291a1638566b3c5a92ca1"}],"likedIds":[{"$oid":"583676d3618530145474e350"},{"$oid":"583676d3618530145474e353"}],"updatedAt":1.479776906993e+12,"username":"lacker", "role": "user"} From 2119d0191893d44b1507f98a8fca948173a7c66e Mon Sep 17 00:00:00 2001 From: tobkle Date: Sun, 21 May 2017 18:19:24 +0200 Subject: [PATCH 31/69] auth end-to-end-test yet without generator --- test/input/Tweet.graphql | 4 +- test/output-app-end-to-end/mutations.js | 13 +++-- .../scripts/generateJWT.js | 23 +++++++++ test/output-app-end-to-end/sendQuery.js | 5 +- test/output-app/model/Tweet.js | 50 +++++++++---------- test/output-app/model/User.js | 50 +++++++++---------- test/output-app/resolvers/Tweet.js | 47 ++++++----------- test/output-app/resolvers/User.js | 47 ++++++----------- test/output-app/schema/User.graphql | 3 ++ test/seeds/User.json | 4 +- 10 files changed, 121 insertions(+), 125 deletions(-) create mode 100755 test/output-app-end-to-end/scripts/generateJWT.js diff --git a/test/input/Tweet.graphql b/test/input/Tweet.graphql index b0447d6..ddab880 100644 --- a/test/input/Tweet.graphql +++ b/test/input/Tweet.graphql @@ -2,9 +2,9 @@ type Tweet @authorize( create: ["owner"] - readOne: [] + readOne: ["world"] readMany: ["world"] - update: ["owner", "editor"] + update: ["owner", "admin"] delete: ["owner", "admin"] ownerField: "author" ) diff --git a/test/output-app-end-to-end/mutations.js b/test/output-app-end-to-end/mutations.js index 85f9efa..a2eb59e 100644 --- a/test/output-app-end-to-end/mutations.js +++ b/test/output-app-end-to-end/mutations.js @@ -9,18 +9,21 @@ describe('mutations', () => { function makeInput(user) { return `{ username: "${user.username}", - bio: "${user.bio}" + bio: "${user.bio}", + role: "${user.role}" }`; } const expectedUser = { username: 'zol', bio: 'Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead', + role: 'admin' }; const modifiedUser = { username: 'zoltan', bio: 'Maker of things, I guess', + role: 'admin' }; let userId; @@ -39,7 +42,7 @@ describe('mutations', () => { }) .then(() => sendQueryAndExpect( - `{ user(id: "${userId}") { username, bio } }`, + `{ user(id: "${userId}") { username, bio, role } }`, { user: expectedUser }) ) .then(() => @@ -48,13 +51,14 @@ describe('mutations', () => { updateUser(id: "${userId}", input: ${makeInput(modifiedUser)}) { username bio + role } } `, { updateUser: modifiedUser }) ) .then(() => sendQueryAndExpect( - `{ user(id: "${userId}") { username, bio } }`, + `{ user(id: "${userId}") { username, bio, role } }`, { user: modifiedUser }) ) .then(() => @@ -64,7 +68,7 @@ describe('mutations', () => { ) .then(() => sendQueryAndExpect( - `{ user(id: "${userId}") { username, bio } }`, + `{ user(id: "${userId}") { username, bio, role } }`, { user: null }) ); }); @@ -106,6 +110,7 @@ describe('mutations', () => { assert.isNotNull(result.data.createTweet); assert.isNotNull(result.data.createTweet.id); tweetId = result.data.createTweet.id; + console.log('tweetId', tweetId); }) .then(() => sendQueryAndExpect( diff --git a/test/output-app-end-to-end/scripts/generateJWT.js b/test/output-app-end-to-end/scripts/generateJWT.js new file mode 100755 index 0000000..bfe46ae --- /dev/null +++ b/test/output-app-end-to-end/scripts/generateJWT.js @@ -0,0 +1,23 @@ +import jwt from '../../output-app/node_modules/jwt-simple'; +import fs from 'fs'; + +const KEY = 'test-key'; + +const userFile = fs.readFileSync('../../seeds/User.json', 'utf8'); +const re = new RegExp("{.*}", 'g'); +let arr; + +while ((arr = re.exec(userFile)) !== null) { + let user = JSON.parse(arr[0]); + console.log(user); + console.log('------------------------------------'); + console.log('Generated JWT Token for tests:'); + const payload = { + userId: user._id.$oid.toString(), + }; + const token = jwt.encode(payload, KEY); + console.log(token); + console.log('######################################'); +} + + diff --git a/test/output-app-end-to-end/sendQuery.js b/test/output-app-end-to-end/sendQuery.js index 511c35f..db9eb13 100644 --- a/test/output-app-end-to-end/sendQuery.js +++ b/test/output-app-end-to-end/sendQuery.js @@ -6,7 +6,10 @@ const ENDPOINT = 'http://localhost:3000/graphql'; export function sendQuery({ query }) { return fetch(ENDPOINT, { method: 'POST', - headers: { 'content-type': 'application/json' }, + headers: { + 'content-type': 'application/json', + 'authorization': 'JWT eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VySWQiOiI1ODMyOTFhMTYzODU2NmIzYzVhOTJjYTEifQ.QaJYP81K7kgB8FVw6bOK7XSZYI6_gn9GCOlDToQcu0Q', + }, body: JSON.stringify({ query }), }).then((response) => { assert.equal(response.status, 200, response.statusText); diff --git a/test/output-app/model/Tweet.js b/test/output-app/model/Tweet.js index d1a7e1e..ce3c820 100644 --- a/test/output-app/model/Tweet.js +++ b/test/output-app/model/Tweet.js @@ -13,46 +13,40 @@ export default class Tweet { // returns the owner of the current document @authorize(ownerField) owner(doc){ - return doc[this.ownerField] || null; + return (doc && doc[this.ownerField]) ? doc[this.ownerField] : null; } // returns true, if the current user is authorized for the current mode and document - isAuthorized({doc, mode, user}){ + isAuthorized({doc, mode, user, debug = true}){ + let authResult = false; const owner = this.owner(doc); const role = this.context.User.role(user); switch (mode) { - - case: 'create': + case 'create': // @authorize(create: ["owner"]) - return (!!role && user._id === owner); + authResult = (!!role && !!user._id); break; - - case: 'readOne': - // @authorize(readOne: []) - return false; + case 'readOne': + // @authorize(readOne: ["world"]) + authResult = true; break; - - case: 'readMany': + case 'readMany': // @authorize(readMany: ["world"]) - return true; + authResult = true; break; - - case: 'update': + case 'update': // @authorize(update: ["owner", editor"]) - return (!!role && (user._id === owner || role === 'editor')); + authResult = (!!role && (user._id === owner || role === 'admin')); break; - - case: 'delete': + case 'delete': // @authorize(delete: ["owner", "admin"]) - return (!!role && (user._id === owner || role === 'admin')); + authResult = (!!role && (user._id === owner || role === 'admin')); break; - - default: - return false; - break; - } + + (debug) ? console.log('Tweet', mode, owner, role, "===>", authResult) : null; + return authResult; } // returns only authorized documents @@ -66,14 +60,16 @@ export default class Tweet { } } - findOneById(id) { - return this.loader.load(id); + async findOneById(id) { + const doc = await this.loader.load(id); + return doc; } - all({ lastCreatedAt = 0, limit = 10 }) { - return this.collection.find({ + async all({ lastCreatedAt = 0, limit = 10 }) { + const docs = await this.collection.find({ createdAt: { $gt: lastCreatedAt }, }).sort({ createdAt: 1 }).limit(limit).toArray(); + return docs; } author(tweet) { diff --git a/test/output-app/model/User.js b/test/output-app/model/User.js index 76c8ae2..cb64bcf 100644 --- a/test/output-app/model/User.js +++ b/test/output-app/model/User.js @@ -14,51 +14,45 @@ export default class User { // returns the owner of the current document @authorize(ownerField) owner(doc){ - return doc[this.ownerField] || null; + return (doc && doc[this.ownerField]) ? doc[this.ownerField] : null; } // returns the role of the current user @authorize(roleField) role(user){ - return user[this.roleField] || null; + return (user && user[this.roleField]) ? user[this.roleField] : null; } // returns true, if the current user is authorized for the current mode and document - isAuthorized({doc, mode, user}){ + isAuthorized({doc, mode, user, debug = true}){ + let authResult = false; const owner = this.owner(doc); const role = this.context.User.role(user); switch (mode) { - - case: 'create': + case 'create': // @authorize(create: ["admin"]) - return (!!role && role === 'admin'); + authResult = (!!role && role === 'admin'); break; - - case: 'readOne': + case 'readOne': // @authorize(readOne: ["owner", "admin"]) - return (!!role && (user._id === owner || role === 'admin')); + authResult = (!!role && (user._id === owner || role === 'admin')); break; - - case: 'readMany': + case 'readMany': // @authorize(readMany: ["admin"]) - return (!!role && role === 'admin'); + authResult = (!!role && role === 'admin'); break; - - case: 'update': + case 'update': // @authorize(update: ["owner", "admin"]) - return (!!role && (user._id === owner || role === 'admin')); + authResult = (!!role && (user._id === owner || role === 'admin')); break; - - case: 'delete': + case 'delete': // @authorize(delete: ["owner", "admin"]) - return (!!role && (user._id === owner || role === 'admin')); + authResult = (!!role && (user._id === owner || role === 'admin')); break; - - default: - return false; - break; - } + + (debug) ? console.log('User', mode, owner, role, "===>", authResult) : null; + return authResult; } // returns only authorized documents @@ -72,14 +66,16 @@ export default class User { } } - findOneById(id) { - return this.loader.load(id); + async findOneById(id) { + const doc = await this.loader.load(id); + return doc; } - all({ lastCreatedAt = 0, limit = 10 }) { - return this.collection.find({ + async all({ lastCreatedAt = 0, limit = 10 }) { + const docs = await this.collection.find({ createdAt: { $gt: lastCreatedAt }, }).sort({ createdAt: 1 }).limit(limit).toArray(); + return docs; } tweets(user, { minLikes, lastCreatedAt = 0, limit = 10 }) { diff --git a/test/output-app/resolvers/Tweet.js b/test/output-app/resolvers/Tweet.js index cc85b8e..8b6745f 100644 --- a/test/output-app/resolvers/Tweet.js +++ b/test/output-app/resolvers/Tweet.js @@ -13,52 +13,37 @@ const resolvers = { }, }, Query: { - tweets(root, { lastCreatedAt, limit }, { Tweet, user }) { - return Tweet.authorized({ - doc: Tweet.all({ lastCreatedAt, limit }), - mode: 'readMany', - user - }); + async tweets(root, { lastCreatedAt, limit }, { Tweet, user }) { + const doc = await Tweet.all({ lastCreatedAt, limit }); + return Tweet.authorized({doc, mode: 'readMany', user}); }, - tweet(root, { id }, { Tweet, user }) { - return Tweet.authorized({ - doc: Tweet.findOneById(id), - mode: 'readOne', - user - }); + async tweet(root, { id }, { Tweet, user }) { + const doc = await Tweet.findOneById(id); + return Tweet.authorized({doc, mode: 'readOne', user}); }, }, Mutation: { async createTweet(root, { input }, { Tweet, user }) { - const authorized = Tweet.isAuthorized({ - doc: input, - mode: 'create', - user - }); - if (!authorized) throw new Error('Not authorized'); + const doc = input; + const authorized = Tweet.isAuthorized({doc, mode: 'create', user}); + if (!authorized) throw new Error('Tweet: mode: create not authorized'); const id = await Tweet.insert(input); return Tweet.findOneById(id); }, async updateTweet(root, { id, input }, { Tweet, user }) { - const authorized = Tweet.isAuthorized({ - doc: Tweet.findOneById(id), - mode: 'update', - user - }); - if (!authorized) throw new Error('Not authorized'); + const doc = await Tweet.findOneById(id); + const authorized = Tweet.isAuthorized({doc, mode: 'update', user}); + if (!authorized) throw new Error('Tweet: mode: update not authorized'); await Tweet.updateById(id, input); return Tweet.findOneById(id); }, - removeTweet(root, { id }, { Tweet, user }) { - const authorized = Tweet.isAuthorized({ - doc: Tweet.findOneById(id), - mode: 'delete', - user - }); - if (!authorized) throw new Error('Not authorized'); + async removeTweet(root, { id }, { Tweet, user }) { + const doc = await Tweet.findOneById(id); + const authorized = Tweet.isAuthorized({doc, mode: 'delete', user}); + if (!authorized) throw new Error('Tweet: mode: delete not authorized'); return Tweet.removeById(id); }, }, diff --git a/test/output-app/resolvers/User.js b/test/output-app/resolvers/User.js index a5cef19..af99b67 100644 --- a/test/output-app/resolvers/User.js +++ b/test/output-app/resolvers/User.js @@ -21,52 +21,37 @@ const resolvers = { }, }, Query: { - users(root, { lastCreatedAt, limit }, { User, user }) { - return User.authorized({ - doc: User.all({ lastCreatedAt, limit }), - mode: 'readMany', - user - }); + async users(root, { lastCreatedAt, limit }, { User, user }) { + const doc = await User.all({ lastCreatedAt, limit }); + return User.authorized({doc, mode: 'readMany', user}); }, - user(root, { id }, { User, user }) { - return User.authorized({ - doc: User.findOneById(id), - mode: 'readOne', - user - }); + async user(root, { id }, { User, user }) { + const doc = await User.findOneById(id); + return User.authorized({doc, mode: 'readOne', user}); }, }, Mutation: { async createUser(root, { input }, { User, user }) { - const authorized = User.isAuthorized({ - doc: input, - mode: 'create', - user - }); - if (!authorized) throw new Error('Not authorized'); + const doc = input; + const authorized = User.isAuthorized({doc, mode: 'create', user}); + if (!authorized) throw new Error('User: mode: create not authorized'); const id = await User.insert(input); return User.findOneById(id); }, async updateUser(root, { id, input }, { User, user }) { - const authorized = User.isAuthorized({ - doc: User.findOneById(id), - mode: 'update', - user - }); - if (!authorized) throw new Error('Not authorized'); + const doc = await User.findOneById(id); + const authorized = User.isAuthorized({doc, mode: 'update', user}); + if (!authorized) throw new Error('User: mode: update not authorized'); await User.updateById(id, input); return User.findOneById(id); }, - removeUser(root, { id }, { User, user }) { - const authorized = User.isAuthorized({ - doc: User.findOneById(id), - mode: 'delete', - user - }); - if (!authorized) throw new Error('Not authorized'); + async removeUser(root, { id }, { User, user }) { + const doc = await User.findOneById(id); + const authorized = User.isAuthorized({doc, mode: 'delete', user}); + if (!authorized) throw new Error('User: mode: delete not authorized'); return User.removeById(id); }, }, diff --git a/test/output-app/schema/User.graphql b/test/output-app/schema/User.graphql index f504c7f..24d861e 100644 --- a/test/output-app/schema/User.graphql +++ b/test/output-app/schema/User.graphql @@ -1,5 +1,6 @@ type User { id: ObjID! + role: String! username: String! bio: String notify: Boolean @@ -18,12 +19,14 @@ extend type Query { input CreateUserInput { username: String! + role: String! bio: String notify: Boolean } input UpdateUserInput { username: String! + role: String bio: String notify: Boolean } diff --git a/test/seeds/User.json b/test/seeds/User.json index 6012a04..0c33842 100644 --- a/test/seeds/User.json +++ b/test/seeds/User.json @@ -1,3 +1,3 @@ -{"_id":{"$oid":"583291a1638566b3c5a92ca1"},"bio":"tech lead @meteorjs @apollographql","createdAt":1.479776905993e+12,"followingIds":[{"$oid":"583291a1638566b3c5a92ca0"}],"likedIds":[{"$oid":"583676d3618530145474e350"},{"$oid":"583676d3618530145474e351"}],"updatedAt":1.479776905993e+12,"username":"stubailo", "role":"editor"} -{"_id":{"$oid":"583291a1638566b3c5a92ca0"},"bio":"I build things with @percolatestudio. Author of @discovermeteor. Exploring how to improve user experience through technology, design and performance.","createdAt":1.479776904993e+12,"followingIds":[{"$oid":"583291a1638566b3c5a92ca1"},{"$oid":"583291a1638566b3c5a92ca2"}],"likedIds":[{"$oid":"583676d3618530145474e352"},{"$oid":"583676d3618530145474e353"},{"$oid":"583676d3618530145474e354"}],"updatedAt":1.479776904993e+12,"username":"tmeasday", "role": "admin"} +{"_id":{"$oid":"583291a1638566b3c5a92ca1"},"bio":"tech lead @meteorjs @apollographql","createdAt":1.479776905993e+12,"followingIds":[{"$oid":"583291a1638566b3c5a92ca0"}],"likedIds":[{"$oid":"583676d3618530145474e350"},{"$oid":"583676d3618530145474e351"}],"updatedAt":1.479776905993e+12,"username":"stubailo", "role":"admin"} +{"_id":{"$oid":"583291a1638566b3c5a92ca0"},"bio":"I build things with @percolatestudio. Author of @discovermeteor. Exploring how to improve user experience through technology, design and performance.","createdAt":1.479776904993e+12,"followingIds":[{"$oid":"583291a1638566b3c5a92ca1"},{"$oid":"583291a1638566b3c5a92ca2"}],"likedIds":[{"$oid":"583676d3618530145474e352"},{"$oid":"583676d3618530145474e353"},{"$oid":"583676d3618530145474e354"}],"updatedAt":1.479776904993e+12,"username":"tmeasday", "role": "editor", "hash":"$2a$10$SeepHv0X3GZfSzl0uqlXmucLsP2VjdI.nuA0UJnmOtEecLSx.RiWe"} {"_id":{"$oid":"583291a1638566b3c5a92ca2"},"bio":"Co-founder of Parse, now at Facebook. Ex Google search quality, game developer \u0026 math contester.","createdAt":1.479776906993e+12,"followingIds":[{"$oid":"583291a1638566b3c5a92ca1"}],"likedIds":[{"$oid":"583676d3618530145474e350"},{"$oid":"583676d3618530145474e353"}],"updatedAt":1.479776906993e+12,"username":"lacker", "role": "user"} From 95c1f70eaffa4804fc78dbccfa335236aa53269a Mon Sep 17 00:00:00 2001 From: Tobias Klemmer Date: Sun, 28 May 2017 22:13:17 +0200 Subject: [PATCH 32/69] added further authorization tests --- test/input/User.graphql | 1 + test/output-app-end-to-end/index.js | 5 +- test/output-app-end-to-end/mutations.js | 146 ------- test/output-app-end-to-end/sendQuery.js | 22 +- test/output-app-end-to-end/test-1-roles.js | 70 +++ ...=> test-2-queries-with-user-role-admin.js} | 14 +- .../test-3-mutations-with-user-role-admin.js | 413 ++++++++++++++++++ .../test-4-mutations-with-unknown-user.js | 187 ++++++++ .../test-5-mutations-with-user-role-user.js | 329 ++++++++++++++ .../test-6-mutations-with-user-role-editor.js | 329 ++++++++++++++ test/output-app/model/Tweet.js | 13 +- test/output-app/model/User.js | 25 +- test/output-app/resolvers/User.js | 3 +- test/output-app/schema/Tweet.graphql | 2 +- 14 files changed, 1387 insertions(+), 172 deletions(-) delete mode 100644 test/output-app-end-to-end/mutations.js create mode 100644 test/output-app-end-to-end/test-1-roles.js rename test/output-app-end-to-end/{queries.js => test-2-queries-with-user-role-admin.js} (91%) create mode 100644 test/output-app-end-to-end/test-3-mutations-with-user-role-admin.js create mode 100644 test/output-app-end-to-end/test-4-mutations-with-unknown-user.js create mode 100644 test/output-app-end-to-end/test-5-mutations-with-user-role-user.js create mode 100644 test/output-app-end-to-end/test-6-mutations-with-user-role-editor.js diff --git a/test/input/User.graphql b/test/input/User.graphql index 2dbd765..1618b53 100644 --- a/test/input/User.graphql +++ b/test/input/User.graphql @@ -5,6 +5,7 @@ type User readOne: ["owner", "admin"] readMany: ["admin"] update: ["owner", "admin"] + updateRole: ["admin"] delete: ["owner", "admin"] ownerField: "_id" roleField: "role" diff --git a/test/output-app-end-to-end/index.js b/test/output-app-end-to-end/index.js index 9d15fe1..8cc625b 100644 --- a/test/output-app-end-to-end/index.js +++ b/test/output-app-end-to-end/index.js @@ -1,7 +1,6 @@ import { describe, it } from 'mocha'; import { assert } from 'chai'; - -import { sendQuery } from './sendQuery'; +import { sendQuery, adminUser } from './sendQuery'; describe('environment', () => { it('graphql server should be available', () => { @@ -11,7 +10,7 @@ describe('environment', () => { } }`; - return sendQuery({ query, operationName: 'foo' }) + return sendQuery({ query, operationName: 'foo', userId: adminUser }) .then((result) => { assert.isDefined(result.data); }); diff --git a/test/output-app-end-to-end/mutations.js b/test/output-app-end-to-end/mutations.js deleted file mode 100644 index a2eb59e..0000000 --- a/test/output-app-end-to-end/mutations.js +++ /dev/null @@ -1,146 +0,0 @@ -import { describe, it } from 'mocha'; -import { assert } from 'chai'; - -import { sendQuery, sendQueryAndExpect } from './sendQuery'; - -describe('mutations', () => { - describe('users', () => { - it('can do CRUD', () => { - function makeInput(user) { - return `{ - username: "${user.username}", - bio: "${user.bio}", - role: "${user.role}" - }`; - } - - const expectedUser = { - username: 'zol', - bio: 'Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead', - role: 'admin' - }; - - const modifiedUser = { - username: 'zoltan', - bio: 'Maker of things, I guess', - role: 'admin' - }; - - let userId; - return sendQuery({ query: ` - mutation { - createUser(input: ${makeInput(expectedUser)}) { - id - } - } - ` }) - .then((result) => { - assert.isNotNull(result.data); - assert.isNotNull(result.data.createUser); - assert.isNotNull(result.data.createUser.id); - userId = result.data.createUser.id; - }) - .then(() => - sendQueryAndExpect( - `{ user(id: "${userId}") { username, bio, role } }`, - { user: expectedUser }) - ) - .then(() => - sendQueryAndExpect(` - mutation { - updateUser(id: "${userId}", input: ${makeInput(modifiedUser)}) { - username - bio - role - } - } - `, { updateUser: modifiedUser }) - ) - .then(() => - sendQueryAndExpect( - `{ user(id: "${userId}") { username, bio, role } }`, - { user: modifiedUser }) - ) - .then(() => - sendQueryAndExpect( - `mutation { removeUser(id: "${userId}") }`, - { removeUser: true }) - ) - .then(() => - sendQueryAndExpect( - `{ user(id: "${userId}") { username, bio, role } }`, - { user: null }) - ); - }); - }); - - describe('tweets', () => { - it('can do CRUD', () => { - function makeInput(tweet) { - if (tweet.author) { - return `{ - authorId: "${tweet.author.id}", - body: "${tweet.body}" - }`; - } - return `{ - body: "${tweet.body}" - }`; - } - - const expectedTweet = { - author: { id: '583291a1638566b3c5a92ca1' }, - body: 'This is a test tweet', - }; - - const modifiedTweet = { - body: 'This is a modified test', - }; - - let tweetId; - return sendQuery({ query: ` - mutation { - createTweet(input: ${makeInput(expectedTweet)}) { - id - } - } - ` }) - .then((result) => { - assert.isNotNull(result.data); - assert.isNotNull(result.data.createTweet); - assert.isNotNull(result.data.createTweet.id); - tweetId = result.data.createTweet.id; - console.log('tweetId', tweetId); - }) - .then(() => - sendQueryAndExpect( - `{ tweet(id: "${tweetId}") { author { id } body } }`, - { tweet: expectedTweet }) - ) - .then(() => - sendQueryAndExpect(` - mutation { - updateTweet(id: "${tweetId}", input: ${makeInput(modifiedTweet)}) { - body - } - } - `, { updateTweet: modifiedTweet }) - ) - .then(() => - sendQueryAndExpect( - `{ tweet(id: "${tweetId}") { body } }`, - { tweet: modifiedTweet }) - ) - .then(() => - sendQueryAndExpect( - `mutation { removeTweet(id: "${tweetId}") }`, - { removeTweet: true }) - ) - .then(() => - sendQueryAndExpect( - `{ tweet(id: "${tweetId}") { body } }`, - { tweet: null }) - ); - }); - }); -}); diff --git a/test/output-app-end-to-end/sendQuery.js b/test/output-app-end-to-end/sendQuery.js index db9eb13..50f1e8a 100644 --- a/test/output-app-end-to-end/sendQuery.js +++ b/test/output-app-end-to-end/sendQuery.js @@ -1,14 +1,28 @@ import fetch from 'node-fetch'; import { assert } from 'chai'; +import jwt from '../output-app/node_modules/jwt-simple'; const ENDPOINT = 'http://localhost:3000/graphql'; -export function sendQuery({ query }) { +// For testing different user authorizations, set users to: +export const unknownUser = ''; // not signed in +export const defaultUser = '583291a1638566b3c5a92ca2'; // role = 'user' +export const roleUser = '583291a1638566b3c5a92ca0'; // role = 'editor' +export const adminUser = '583291a1638566b3c5a92ca1'; // role = 'admin' + +export function getToken(userId, KEY='test-key'){ + const payload = { userId }; + const token = (userId && userId !== '') ? `JWT ${jwt.encode(payload, KEY)}` : null; + return token; +} + +export function sendQuery({ query, userId }) { + const token = getToken(userId); return fetch(ENDPOINT, { method: 'POST', headers: { 'content-type': 'application/json', - 'authorization': 'JWT eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VySWQiOiI1ODMyOTFhMTYzODU2NmIzYzVhOTJjYTEifQ.QaJYP81K7kgB8FVw6bOK7XSZYI6_gn9GCOlDToQcu0Q', + 'authorization': token, }, body: JSON.stringify({ query }), }).then((response) => { @@ -17,8 +31,8 @@ export function sendQuery({ query }) { }); } -export function sendQueryAndExpect(query, expectedResult) { - return sendQuery({ query }) +export function sendQueryAndExpect(query, expectedResult, userId) { + return sendQuery({ query, userId }) .then((result) => { assert.isDefined(result.data); assert.deepEqual(result.data, expectedResult); diff --git a/test/output-app-end-to-end/test-1-roles.js b/test/output-app-end-to-end/test-1-roles.js new file mode 100644 index 0000000..103c8c9 --- /dev/null +++ b/test/output-app-end-to-end/test-1-roles.js @@ -0,0 +1,70 @@ +import { describe, it } from 'mocha'; +import { assert } from 'chai'; +import { sendQuery, defaultUser, roleUser, adminUser } from './sendQuery'; + +describe('test-1: roles', () => { + + describe('adminUser: stubailo', () => { + it('has role "admin"', () => { + return sendQuery({query: + `query { + user(id: "${adminUser}") { + role + username + } + }`, + userId: adminUser + }).then(result => { + assert.isDefined(result.data); + assert.isDefined(result.data.user); + assert.isDefined(result.data.user.role); + assert.equal(result.data.user.role, 'admin'); + assert.equal(result.data.user.username, 'stubailo'); + return false; + }) + }) + }); + + describe('roleUser: tmeasday', () => { + it('has role "editor"', () => { + return sendQuery({query: + `query { + user(id: "${roleUser}") { + role + username + } + }`, + userId: adminUser + }).then(result => { + assert.isDefined(result.data); + assert.isDefined(result.data.user); + assert.isDefined(result.data.user.role); + assert.equal(result.data.user.role, 'editor'); + assert.equal(result.data.user.username, 'tmeasday'); + return false; + }) + }) + }); + + describe('defaultUser: lacker', () => { + it('has role "user"', () => { + return sendQuery({query: + `query { + user(id: "${defaultUser}") { + role + username + } + }`, + userId: adminUser + }).then(result => { + assert.isDefined(result.data); + assert.isDefined(result.data.user); + assert.isDefined(result.data.user.role); + assert.equal(result.data.user.role, 'user'); + assert.equal(result.data.user.username, 'lacker'); + return false; + }) + }) + }); + +}); \ No newline at end of file diff --git a/test/output-app-end-to-end/queries.js b/test/output-app-end-to-end/test-2-queries-with-user-role-admin.js similarity index 91% rename from test/output-app-end-to-end/queries.js rename to test/output-app-end-to-end/test-2-queries-with-user-role-admin.js index 5a40453..043f743 100644 --- a/test/output-app-end-to-end/queries.js +++ b/test/output-app-end-to-end/test-2-queries-with-user-role-admin.js @@ -1,12 +1,13 @@ import { describe, it } from 'mocha'; import { assert } from 'chai'; +import { sendQuery, sendQueryAndExpect, unknownUser, defaultUser, roleUser, adminUser } from './sendQuery'; -import { sendQuery, sendQueryAndExpect } from './sendQuery'; -describe('queries', () => { +describe('test-2: queries as user with role "admin"', () => { + function itQueries(name, query, expectedResult) { it(name, () => { - sendQueryAndExpect(query, expectedResult); + sendQueryAndExpect(query, expectedResult, adminUser); }); } @@ -39,19 +40,21 @@ describe('queries', () => { } let lastCreatedAt; - return sendQuery({ query: constructQuery() }) + return sendQuery({ query: constructQuery(), userId: adminUser }) .then((result) => { const items = checkResult(result, 0, expectedItems.length); lastCreatedAt = items[0].createdAt; }) - .then(() => sendQuery({ query: constructQuery('(limit: 1)') })) + .then(() => sendQuery({ query: constructQuery('(limit: 1)'), userId: adminUser })) .then(result => checkResult(result, 0, 1)) .then(() => sendQuery({ query: constructQuery(`(lastCreatedAt: ${lastCreatedAt})`), + userId: adminUser, })) .then(result => checkResult(result, 1, expectedItems.length - 1)) .then(() => sendQuery({ query: constructQuery(`(lastCreatedAt: ${lastCreatedAt}, limit: 1)`), + userId: adminUser, })) .then(result => checkResult(result, 1, Math.min(expectedItems.length - 1, 1)) @@ -138,3 +141,4 @@ describe('queries', () => { }, [{ username: 'tmeasday' }, { username: 'lacker' }]); }); }); + diff --git a/test/output-app-end-to-end/test-3-mutations-with-user-role-admin.js b/test/output-app-end-to-end/test-3-mutations-with-user-role-admin.js new file mode 100644 index 0000000..7ae6243 --- /dev/null +++ b/test/output-app-end-to-end/test-3-mutations-with-user-role-admin.js @@ -0,0 +1,413 @@ +import { describe, it } from 'mocha'; +import { assert } from 'chai'; +import { sendQuery, sendQueryAndExpect, roleUser, adminUser } from './sendQuery'; + +let newUser; +let otherUser; +let tweetId; +let tweetIdOthers; + +function makeUserInput(user) { + return `{ + username: "${user.username}", + bio: "${user.bio}", + role: "${user.role}" + }`; +} + +function makeTweetInput(tweet, userId) { + if (tweet.author) { + return `{ + authorId: "${userId ? userId : tweet.author.id}", + body: "${tweet.body}" + }`; + } + return `{ + body: "${tweet.body}" + }`; +} + +describe('test-3: user with role "admin"', () => { + + before(function(done) { + const expectedUser = { + username: 'tobkle', + bio: 'someone', + role: 'admin' + }; + sendQuery({query: ` + mutation { + createUser(input: ${makeUserInput(expectedUser)}) { + id + role + } + } + `, + userId: adminUser + }) + .then(result => { + assert.isNotNull(result.data); + assert.isNotNull(result.data.createUser); + assert.isNotNull(result.data.createUser.id); + assert.equal(result.data.createUser.role, 'admin'); + newUser = result.data.createUser.id; + done(); + }) + }); + + describe('on type "user" (part 1)...', () => { + + it('admin user created new user "tobkle" with role "admin" for the next tests...', () => { + assert.isNotNull(newUser); + }); + + it('can create new users', () => { + const expectedUser = { + username: 'zol', + bio: 'Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead', + role: 'editor' + }; + return sendQuery({query: ` + mutation { + createUser(input: ${makeUserInput(expectedUser)}) { + id + } + } + `, + userId: newUser + }) + .then((result) => { + assert.isNotNull(result.data); + assert.isNotNull(result.data.createUser); + assert.isNotNull(result.data.createUser.id); + otherUser = result.data.createUser.id; + + let expectedTweet = { + author: { id: otherUser }, + body: 'This is a test tweet of user zoltan', + }; + + sendQuery({ query: ` + mutation { + createTweet(input: ${makeTweetInput(expectedTweet, otherUser)}) { + id + } + } + `, + userId: otherUser + }) + .then((result) => { + assert.isNotNull(result.data); + assert.isNotNull(result.data.createTweet); + assert.isNotNull(result.data.createTweet.id); + tweetIdOthers = result.data.createTweet.id; + }); + }); + }); + + it('can read other users', () => { + return sendQueryAndExpect(` + { user(id: "${otherUser}") { username, bio, role } } + `, { + user: { + username: 'zol', + bio: 'Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead', + role: 'editor' + } + }, + newUser) + }); + + it('can read himself', () => { + return sendQueryAndExpect(` + { user(id: "${newUser}") { username, role } } + `, { + user: { + username: 'tobkle', + role: 'admin' + } + }, + newUser) + }); + + it('can update other users', () => { + const modifiedUser = { + username: 'zoltan', + bio: 'Maker of things, I guess', + role: 'editor' + }; + return sendQueryAndExpect(` + mutation { + updateUser(id: "${otherUser}", input: ${makeUserInput(modifiedUser)}) { + username + bio + role + } + } + `, { updateUser: modifiedUser }, + newUser) + }); + + it('can update himself', () => { + const modifiedUser = { + username: 'tobkle', + bio: 'Maker of things, I guess', + role: 'admin' + }; + return sendQueryAndExpect(` + mutation { + updateUser(id: "${newUser}", input: ${makeUserInput(modifiedUser)}) { + username + bio + role + } + } + `, { + updateUser: modifiedUser + }, + newUser) + }); + + it('can update role of other user to "admin"', () => { + const modifiedUser = { + username: 'zoltan', + bio: 'now an admin', + role: 'admin' + }; + return sendQueryAndExpect(` + mutation { + updateUser(id: "${otherUser}", input: ${makeUserInput(modifiedUser)}) { + username + bio + role + } + } + `, { + updateUser: modifiedUser + }, + newUser) + }); + + it('can update his role from "admin" to "editor"', () => { + const modifiedUser = { + username: 'tobkle', + bio: 'Maker of things, I guess', + role: 'editor' + }; + return sendQueryAndExpect(` + mutation { + updateUser(id: "${newUser}", input: ${makeUserInput(modifiedUser)}) { + username + bio + role + } + } + `, { + updateUser: modifiedUser + }, + newUser) + }); + + it('can not update own role while being "editor"', () => { + const modifiedUser = { + username: 'tobkle', + bio: 'Maker of things, I guess', + role: 'admin' + }; + return sendQueryAndExpect(` + mutation { + updateUser(id: "${newUser}", input: ${makeUserInput(modifiedUser)}) { + username + bio + role + } + } + `, { + updateUser: { + username: 'tobkle', + bio: 'Maker of things, I guess', + role: 'editor' + } + }, + newUser) + }); + + it('other user with role "admin" can update role for user "tobkle" back to "admin"', () => { + const modifiedUser = { + username: 'tobkle', + bio: 'Maker of things, I guess', + role: 'admin' + }; + return sendQueryAndExpect(` + mutation { + updateUser(id: "${newUser}", input: ${makeUserInput(modifiedUser)}) { + username + bio + role + } + } + `, { + updateUser: modifiedUser + }, + otherUser) + }); + + it('can delete other users', () => { + return sendQueryAndExpect(` + mutation { + removeUser(id: "${otherUser}") + } + `, { + removeUser: true + }, + newUser) + }); + + }); + + describe('on type "tweet"...', () => { + + let expectedTweet = { + author: { id: newUser }, + body: 'This is a test tweet of user tobkle', + }; + + const expectedTweetOtherAuthor = { + author: { id: adminUser }, + body: 'We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:', + }; + + const modifiedTweet = { + body: 'This is a modified test tweet', + }; + + before(function (done) { + expectedTweet.author.id = newUser; + sendQuery({ query: ` + mutation { + createTweet(input: ${makeTweetInput(expectedTweet, newUser)}) { + id + } + } + `, + userId: newUser + }) + .then((result) => { + assert.isNotNull(result.data); + assert.isNotNull(result.data.createTweet); + assert.isNotNull(result.data.createTweet.id); + tweetId = result.data.createTweet.id; + done(); + }) + }); + + it('can create tweet for himself', () => { + assert.isNotNull(tweetId); + }); + + it('can not create tweet for other author', () => { + return sendQueryAndExpect(` + mutation { + createTweet(input: ${makeTweetInput(expectedTweetOtherAuthor, adminUser)}) { + id + } + } + `, + { createTweet: null }, + newUser); + }); + + it('can read own tweet', () => { + expectedTweet.author.id = newUser; + return sendQueryAndExpect( + `{ tweet(id: "${tweetId}") { author { id } body } }`, + { tweet: expectedTweet }, + newUser) + }); + + it('can read others tweet', () => { + return sendQueryAndExpect( + `{ tweet(id: "583676d3618530145474e352") { author { id } body } }`, + { tweet: expectedTweetOtherAuthor }, + newUser) + }); + + it('can update own tweet', () => { + return sendQueryAndExpect(` + mutation { + updateTweet(id: "${tweetId}", input: ${makeTweetInput(modifiedTweet, newUser)}) { + body + } + } + `, + { updateTweet: modifiedTweet }, + newUser) + }); + + it('can update other users tweet', () => { + return sendQueryAndExpect(` + mutation { + updateTweet(id: "${tweetIdOthers}", input: ${makeTweetInput(modifiedTweet)}) { + body + } + } + `, + { updateTweet: modifiedTweet }, + newUser) + }); + + it('can read updated tweet correctly', () => { + return sendQueryAndExpect( + `{ tweet(id: "${tweetId}") { body } }`, + { tweet: modifiedTweet }, + newUser) + }); + + it('can remove own tweet', () => { + return sendQueryAndExpect( + `mutation { removeTweet(id: "${tweetId}") }`, + { removeTweet: true }, + newUser) + }); + + it('can remove other users tweet', () => { + return sendQueryAndExpect( + `mutation { removeTweet(id: "${tweetIdOthers}") }`, + { removeTweet: true }, + newUser) + }); + + it('can not read removed tweet anymore', () => { + return sendQueryAndExpect( + `{ tweet(id: "${tweetId}") { body } }`, + { tweet: null }, + newUser) + }); + + }); + + describe('on type "user" (part 2)...', () => { + + it('can delete himself', () => { + return sendQueryAndExpect(` + mutation { + removeUser(id: "${newUser}") + } + `, { + removeUser: true + }, + newUser) + }); + + it('user "tobkle" is deleted', () => { + return sendQueryAndExpect(` + { user(id: "${newUser}") { username, bio, role } } + `, { + user: null + }, + newUser) + }); + + }); + +}); \ No newline at end of file diff --git a/test/output-app-end-to-end/test-4-mutations-with-unknown-user.js b/test/output-app-end-to-end/test-4-mutations-with-unknown-user.js new file mode 100644 index 0000000..3ed7eab --- /dev/null +++ b/test/output-app-end-to-end/test-4-mutations-with-unknown-user.js @@ -0,0 +1,187 @@ +import { describe, it } from 'mocha'; +import { assert } from 'chai'; +import { sendQuery, sendQueryAndExpect, unknownUser, adminUser } from './sendQuery'; + +let newUser; +let tweetId; +const tweetIdOthers = '583676d3618530145474e352'; + +function makeUserInput(user) { + return `{ + username: "${user.username}", + bio: "${user.bio}", + role: "${user.role}" + }`; +} + +function makeTweetInput(tweet, userId) { + if (tweet.author) { + return `{ + authorId: "${userId ? userId : tweet.author.id}", + body: "${tweet.body}" + }`; + } + return `{ + body: "${tweet.body}" + }`; +} + +describe('test-4: unkown user (e.g. not signed in, or expired token)', () => { + + describe('on type "user" (part 1)...', () => { + + it('can not create users', () => { + const expectedUser = { + username: 'zol', + bio: 'Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead', + role: 'user' + }; + return sendQuery({query: ` + mutation { + createUser(input: ${makeUserInput(expectedUser)}) { + id + } + } + `, + userId: unknownUser + }) + .then((result) => { + assert.isNotNull(result.data); + assert.isNull(result.data.createUser); + }) + }); + + it('can not read other users', () => { + return sendQueryAndExpect(` + { user(id: "${adminUser}") { username, bio, role } } + `, { + user: null + }, + unknownUser) + }); + + it('can not update other users', () => { + const modifiedUser = { + username: 'zoltan', + bio: 'Maker of things, I guess', + role: 'admin' + }; + return sendQueryAndExpect(` + mutation { + updateUser(id: "${adminUser}", input: ${makeUserInput(modifiedUser)}) { + username + bio + role + } + } + `, { updateUser: null }, + unknownUser) + }); + + it('can not delete other users', () => { + return sendQueryAndExpect(` + mutation { + removeUser(id: "${adminUser}") + } + `, { + removeUser: null + }, + unknownUser) + }); + + }); + + describe('on type "tweet"...', () => { + + let expectedTweet = { + author: { id: newUser }, + body: 'This is a test tweet of user tobkle', + }; + + const expectedTweetOtherAuthor = { + author: { id: adminUser }, + body: 'We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:', + }; + + const modifiedTweet = { + body: 'This is a modified test tweet', + }; + + before(function (done) { + expectedTweet.author.id = unknownUser; + sendQuery({ query: ` + mutation { + createTweet(input: ${makeTweetInput(expectedTweet, unknownUser)}) { + id + } + } + `, + userId: unknownUser + }) + .then((result) => { + assert.isNotNull(result.data); + assert.isNull(result.data.createTweet); + done(); + }) + .catch((error) => { + done(); + }); + }); + + it('can not create tweet for himself', () => { + assert.isUndefined(tweetId); + }); + + it('can not create tweet for other author', () => { + return sendQueryAndExpect(` + mutation { + createTweet(input: ${makeTweetInput(expectedTweetOtherAuthor, adminUser)}) { + id + } + } + `, + { createTweet: null }, + unknownUser); + }); + + it('can read others tweet', () => { + return sendQueryAndExpect( + `{ tweet(id: "${tweetIdOthers}") { author { id } body } }`, + { tweet: expectedTweetOtherAuthor }, + unknownUser) + }); + + it('can not update own tweet', () => { + return sendQueryAndExpect(` + mutation { + updateTweet(id: "${tweetIdOthers}", input: ${makeTweetInput(modifiedTweet, unknownUser)}) { + body + } + } + `, + { updateTweet: null }, + unknownUser) + }); + + it('can not update others tweet', () => { + return sendQueryAndExpect(` + mutation { + updateTweet(id: "${tweetIdOthers}", input: ${makeTweetInput(modifiedTweet)}) { + body + } + } + `, + { updateTweet: null }, + unknownUser) + }); + + it('can not remove other users tweet', () => { + return sendQueryAndExpect( + `mutation { removeTweet(id: "${tweetIdOthers}") }`, + { removeTweet: null }, + unknownUser) + }); + + }); + +}); \ No newline at end of file diff --git a/test/output-app-end-to-end/test-5-mutations-with-user-role-user.js b/test/output-app-end-to-end/test-5-mutations-with-user-role-user.js new file mode 100644 index 0000000..e496e05 --- /dev/null +++ b/test/output-app-end-to-end/test-5-mutations-with-user-role-user.js @@ -0,0 +1,329 @@ +import { describe, it } from 'mocha'; +import { assert } from 'chai'; +import { sendQuery, sendQueryAndExpect, roleUser, adminUser } from './sendQuery'; + +let newUser; +let tweetId; +const tweetIdOthers = '583676d3618530145474e352'; + +function makeUserInput(user) { + return `{ + username: "${user.username}", + bio: "${user.bio}", + role: "${user.role}" + }`; +} + +function makeTweetInput(tweet, userId) { + if (tweet.author) { + return `{ + authorId: "${userId ? userId : tweet.author.id}", + body: "${tweet.body}" + }`; + } + return `{ + body: "${tweet.body}" + }`; +} + +describe('test-5: user with role "user"', () => { + + before(function(done) { + const expectedUser = { + username: 'tobkle', + bio: 'someone', + role: 'user' + }; + sendQuery({query: ` + mutation { + createUser(input: ${makeUserInput(expectedUser)}) { + id + role + } + } + `, + userId: adminUser + }) + .then(result => { + assert.isNotNull(result.data); + assert.isNotNull(result.data.createUser); + assert.isNotNull(result.data.createUser.id); + assert.equal(result.data.createUser.role, 'user'); + newUser = result.data.createUser.id; + done(); + }) + }); + + describe('on type "user" (part 1)...', () => { + + it('admin user created new user "tobkle" with role "user" for the next tests...', () => { + assert.isNotNull(newUser); + }); + + it('can not create users', () => { + const expectedUser = { + username: 'zol', + bio: 'Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead', + role: 'user' + }; + return sendQuery({query: ` + mutation { + createUser(input: ${makeUserInput(expectedUser)}) { + id + } + } + `, + userId: newUser + }) + .then((result) => { + assert.isNotNull(result.data); + assert.isNull(result.data.createUser); + }) + }); + + it('can not read other users', () => { + return sendQueryAndExpect(` + { user(id: "${adminUser}") { username, bio, role } } + `, { + user: null + }, + newUser) + }); + + it('can read himself', () => { + return sendQueryAndExpect(` + { user(id: "${newUser}") { username, role } } + `, { + user: { + username: 'tobkle', + role: 'user' + } + }, + newUser) + }); + + it('can not update other users', () => { + const modifiedUser = { + username: 'zoltan', + bio: 'Maker of things, I guess', + role: 'admin' + }; + return sendQueryAndExpect(` + mutation { + updateUser(id: "${adminUser}", input: ${makeUserInput(modifiedUser)}) { + username + bio + role + } + } + `, { updateUser: null }, + newUser) + }); + + it('can update himself', () => { + const modifiedUser = { + username: 'tobkle', + bio: 'Maker of things, I guess', + role: 'user' + }; + return sendQueryAndExpect(` + mutation { + updateUser(id: "${newUser}", input: ${makeUserInput(modifiedUser)}) { + username + bio + role + } + } + `, { + updateUser: { + username: 'tobkle', + bio: 'Maker of things, I guess', + role: 'user' + } + }, + newUser) + }); + + it('can not update his role', () => { + const modifiedUser = { + username: 'tobkle', + bio: 'Maker of things, I guess', + role: 'admin' + }; + return sendQueryAndExpect(` + mutation { + updateUser(id: "${newUser}", input: ${makeUserInput(modifiedUser)}) { + username + bio + role + } + } + `, { + updateUser: { + username: 'tobkle', + bio: 'Maker of things, I guess', + role: 'user' + } + }, + newUser) + }); + + it('can not delete other users', () => { + return sendQueryAndExpect(` + mutation { + removeUser(id: "${adminUser}") + } + `, { + removeUser: null + }, + newUser) + }); + + }); + + describe('on type "tweet"...', () => { + + let expectedTweet = { + author: { id: newUser }, + body: 'This is a test tweet of user tobkle', + }; + + const expectedTweetOtherAuthor = { + author: { id: adminUser }, + body: 'We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:', + }; + + const modifiedTweet = { + body: 'This is a modified test tweet', + }; + + before(function (done) { + expectedTweet.author.id = newUser; + sendQuery({ query: ` + mutation { + createTweet(input: ${makeTweetInput(expectedTweet, newUser)}) { + id + } + } + `, + userId: newUser + }) + .then((result) => { + assert.isNotNull(result.data); + assert.isNotNull(result.data.createTweet); + assert.isNotNull(result.data.createTweet.id); + tweetId = result.data.createTweet.id; + done(); + }) + }); + + it('can create tweet for himself', () => { + assert.isNotNull(tweetId); + }); + + it('can not create tweet for other author', () => { + return sendQueryAndExpect(` + mutation { + createTweet(input: ${makeTweetInput(expectedTweetOtherAuthor, adminUser)}) { + id + } + } + `, + { createTweet: null }, + newUser); + }); + + it('can read own tweet', () => { + expectedTweet.author.id = newUser; + return sendQueryAndExpect( + `{ tweet(id: "${tweetId}") { author { id } body } }`, + { tweet: expectedTweet }, + newUser) + }); + + it('can read others tweet', () => { + return sendQueryAndExpect( + `{ tweet(id: "${tweetIdOthers}") { author { id } body } }`, + { tweet: expectedTweetOtherAuthor }, + newUser) + }); + + it('can update own tweet', () => { + return sendQueryAndExpect(` + mutation { + updateTweet(id: "${tweetId}", input: ${makeTweetInput(modifiedTweet, newUser)}) { + body + } + } + `, + { updateTweet: modifiedTweet }, + newUser) + }); + + it('can not update others tweet', () => { + return sendQueryAndExpect(` + mutation { + updateTweet(id: "${tweetIdOthers}", input: ${makeTweetInput(modifiedTweet)}) { + body + } + } + `, + { updateTweet: null }, + newUser) + }); + + it('can read updated tweet correctly', () => { + return sendQueryAndExpect( + `{ tweet(id: "${tweetId}") { body } }`, + { tweet: modifiedTweet }, + newUser) + }); + + it('can remove own tweet', () => { + return sendQueryAndExpect( + `mutation { removeTweet(id: "${tweetId}") }`, + { removeTweet: true }, + newUser) + }); + + it('can not remove other users tweet', () => { + return sendQueryAndExpect( + `mutation { removeTweet(id: "${tweetIdOthers}") }`, + { removeTweet: null }, + newUser) + }); + + it('can not read removed tweet anymore', () => { + return sendQueryAndExpect( + `{ tweet(id: "${tweetId}") { body } }`, + { tweet: null }, + newUser) + }); + + }); + + describe('on type "user" (part 2)...', () => { + + it('can delete himself', () => { + return sendQueryAndExpect(` + mutation { + removeUser(id: "${newUser}") + } + `, { + removeUser: true + }, + newUser) + }); + + it('user "tobkle" is deleted', () => { + return sendQueryAndExpect(` + { user(id: "${newUser}") { username, bio, role } } + `, { + user: null + }, + newUser) + }); + + }); + +}); \ No newline at end of file diff --git a/test/output-app-end-to-end/test-6-mutations-with-user-role-editor.js b/test/output-app-end-to-end/test-6-mutations-with-user-role-editor.js new file mode 100644 index 0000000..dfb43bb --- /dev/null +++ b/test/output-app-end-to-end/test-6-mutations-with-user-role-editor.js @@ -0,0 +1,329 @@ +import { describe, it } from 'mocha'; +import { assert } from 'chai'; +import { sendQuery, sendQueryAndExpect, roleUser, adminUser } from './sendQuery'; + +let newUser; +let tweetId; +const tweetIdOthers = '583676d3618530145474e352'; + +function makeUserInput(user) { + return `{ + username: "${user.username}", + bio: "${user.bio}", + role: "${user.role}" + }`; +} + +function makeTweetInput(tweet, userId) { + if (tweet.author) { + return `{ + authorId: "${userId ? userId : tweet.author.id}", + body: "${tweet.body}" + }`; + } + return `{ + body: "${tweet.body}" + }`; +} + +describe('test-6: user with role "editor"', () => { + + before(function(done) { + const expectedUser = { + username: 'tobkle', + bio: 'someone', + role: 'editor' + }; + sendQuery({query: ` + mutation { + createUser(input: ${makeUserInput(expectedUser)}) { + id + role + } + } + `, + userId: adminUser + }) + .then(result => { + assert.isNotNull(result.data); + assert.isNotNull(result.data.createUser); + assert.isNotNull(result.data.createUser.id); + assert.equal(result.data.createUser.role, 'editor'); + newUser = result.data.createUser.id; + done(); + }) + }); + + describe('on type "user" (part 1)...', () => { + + it('admin user created new user "tobkle" with role "editor" for the next tests...', () => { + assert.isNotNull(newUser); + }); + + it('can not create users', () => { + const expectedUser = { + username: 'zol', + bio: 'Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead', + role: 'editor' + }; + return sendQuery({query: ` + mutation { + createUser(input: ${makeUserInput(expectedUser)}) { + id + } + } + `, + userId: newUser + }) + .then((result) => { + assert.isNotNull(result.data); + assert.isNull(result.data.createUser); + }) + }); + + it('can not read other users', () => { + return sendQueryAndExpect(` + { user(id: "${adminUser}") { username, bio, role } } + `, { + user: null + }, + newUser) + }); + + it('can read himself', () => { + return sendQueryAndExpect(` + { user(id: "${newUser}") { username, role } } + `, { + user: { + username: 'tobkle', + role: 'editor' + } + }, + newUser) + }); + + it('can not update other users', () => { + const modifiedUser = { + username: 'zoltan', + bio: 'Maker of things, I guess', + role: 'admin' + }; + return sendQueryAndExpect(` + mutation { + updateUser(id: "${adminUser}", input: ${makeUserInput(modifiedUser)}) { + username + bio + role + } + } + `, { updateUser: null }, + newUser) + }); + + it('can update himself', () => { + const modifiedUser = { + username: 'tmeasday', + bio: 'Maker of things, I guess', + role: 'editor' + }; + return sendQueryAndExpect(` + mutation { + updateUser(id: "${newUser}", input: ${makeUserInput(modifiedUser)}) { + username + bio + role + } + } + `, { + updateUser: { + username: 'tmeasday', + bio: 'Maker of things, I guess', + role: 'editor' + } + }, + newUser) + }); + + it('can not update his role', () => { + const modifiedUser = { + username: 'tmeasday', + bio: 'Maker of things, I guess', + role: 'admin' + }; + return sendQueryAndExpect(` + mutation { + updateUser(id: "${newUser}", input: ${makeUserInput(modifiedUser)}) { + username + bio + role + } + } + `, { + updateUser: { + username: 'tmeasday', + bio: 'Maker of things, I guess', + role: 'editor' + } + }, + newUser) + }); + + it('can not delete other users', () => { + return sendQueryAndExpect(` + mutation { + removeUser(id: "${adminUser}") + } + `, { + removeUser: null + }, + newUser) + }); + + }); + + describe('on type "tweet"...', () => { + + let expectedTweet = { + author: { id: newUser }, + body: 'This is a test tweet of user tobkle', + }; + + const expectedTweetOtherAuthor = { + author: { id: adminUser }, + body: 'We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:', + }; + + const modifiedTweet = { + body: 'This is a modified test tweet', + }; + + before(function (done) { + expectedTweet.author.id = newUser; + sendQuery({ query: ` + mutation { + createTweet(input: ${makeTweetInput(expectedTweet, newUser)}) { + id + } + } + `, + userId: newUser + }) + .then((result) => { + assert.isNotNull(result.data); + assert.isNotNull(result.data.createTweet); + assert.isNotNull(result.data.createTweet.id); + tweetId = result.data.createTweet.id; + done(); + }) + }); + + it('can create tweet for himself', () => { + assert.isNotNull(tweetId); + }); + + it('can not create tweet for other author', () => { + return sendQueryAndExpect(` + mutation { + createTweet(input: ${makeTweetInput(expectedTweetOtherAuthor, adminUser)}) { + id + } + } + `, + { createTweet: null }, + newUser); + }); + + it('can read own tweet', () => { + expectedTweet.author.id = newUser; + return sendQueryAndExpect( + `{ tweet(id: "${tweetId}") { author { id } body } }`, + { tweet: expectedTweet }, + newUser) + }); + + it('can read others tweet', () => { + return sendQueryAndExpect( + `{ tweet(id: "${tweetIdOthers}") { author { id } body } }`, + { tweet: expectedTweetOtherAuthor }, + newUser) + }); + + it('can update own tweet', () => { + return sendQueryAndExpect(` + mutation { + updateTweet(id: "${tweetId}", input: ${makeTweetInput(modifiedTweet, newUser)}) { + body + } + } + `, + { updateTweet: modifiedTweet }, + newUser) + }); + + it('can not update others tweet', () => { + return sendQueryAndExpect(` + mutation { + updateTweet(id: "${tweetIdOthers}", input: ${makeTweetInput(modifiedTweet)}) { + body + } + } + `, + { updateTweet: null }, + newUser) + }); + + it('can read updated tweet correctly', () => { + return sendQueryAndExpect( + `{ tweet(id: "${tweetId}") { body } }`, + { tweet: modifiedTweet }, + newUser) + }); + + it('can remove own tweet', () => { + return sendQueryAndExpect( + `mutation { removeTweet(id: "${tweetId}") }`, + { removeTweet: true }, + newUser) + }); + + it('can not remove other users tweet', () => { + return sendQueryAndExpect( + `mutation { removeTweet(id: "${tweetIdOthers}") }`, + { removeTweet: null }, + newUser) + }); + + it('can not read removed tweet anymore', () => { + return sendQueryAndExpect( + `{ tweet(id: "${tweetId}") { body } }`, + { tweet: null }, + newUser) + }); + + }); + + describe('on type "user" (part 2)...', () => { + + it('can delete himself', () => { + return sendQueryAndExpect(` + mutation { + removeUser(id: "${newUser}") + } + `, { + removeUser: true + }, + newUser) + }); + + it('user "tobkle" is deleted', () => { + return sendQueryAndExpect(` + { user(id: "${newUser}") { username, bio, role } } + `, { + user: null + }, + newUser) + }); + + }); + +}); \ No newline at end of file diff --git a/test/output-app/model/Tweet.js b/test/output-app/model/Tweet.js index ce3c820..59e2f45 100644 --- a/test/output-app/model/Tweet.js +++ b/test/output-app/model/Tweet.js @@ -13,19 +13,20 @@ export default class Tweet { // returns the owner of the current document @authorize(ownerField) owner(doc){ - return (doc && doc[this.ownerField]) ? doc[this.ownerField] : null; + return (doc && doc[this.ownerField]) ? doc[this.ownerField].toString() : null; } // returns true, if the current user is authorized for the current mode and document isAuthorized({doc, mode, user, debug = true}){ let authResult = false; - const owner = this.owner(doc); + const ownerId = this.owner(doc); + const userId = (user && user._id) ? user._id.toString() : ''; const role = this.context.User.role(user); switch (mode) { case 'create': // @authorize(create: ["owner"]) - authResult = (!!role && !!user._id); + authResult = (!!role && userId === ownerId); break; case 'readOne': // @authorize(readOne: ["world"]) @@ -37,15 +38,15 @@ export default class Tweet { break; case 'update': // @authorize(update: ["owner", editor"]) - authResult = (!!role && (user._id === owner || role === 'admin')); + authResult = (!!role && (userId === ownerId || role === 'admin')); break; case 'delete': // @authorize(delete: ["owner", "admin"]) - authResult = (!!role && (user._id === owner || role === 'admin')); + authResult = (!!role && (userId === ownerId || role === 'admin')); break; } - (debug) ? console.log('Tweet', mode, owner, role, "===>", authResult) : null; + (debug) ? console.log('Tweet:', doc._id, 'User:', userId, 'Owner:', ownerId, 'Role:', role, 'Mode:', mode, "===>", 'Authorized:', authResult) : null; return authResult; } diff --git a/test/output-app/model/User.js b/test/output-app/model/User.js index cb64bcf..e371f0a 100644 --- a/test/output-app/model/User.js +++ b/test/output-app/model/User.js @@ -14,7 +14,7 @@ export default class User { // returns the owner of the current document @authorize(ownerField) owner(doc){ - return (doc && doc[this.ownerField]) ? doc[this.ownerField] : null; + return (doc && doc[this.ownerField]) ? doc[this.ownerField].toString() : null; } // returns the role of the current user @authorize(roleField) @@ -25,7 +25,8 @@ export default class User { // returns true, if the current user is authorized for the current mode and document isAuthorized({doc, mode, user, debug = true}){ let authResult = false; - const owner = this.owner(doc); + const ownerId = this.owner(doc); + const userId = (user && user._id) ? user._id.toString() : ''; const role = this.context.User.role(user); switch (mode) { @@ -35,7 +36,7 @@ export default class User { break; case 'readOne': // @authorize(readOne: ["owner", "admin"]) - authResult = (!!role && (user._id === owner || role === 'admin')); + authResult = (!!role && (userId === ownerId || role === 'admin')); break; case 'readMany': // @authorize(readMany: ["admin"]) @@ -43,15 +44,15 @@ export default class User { break; case 'update': // @authorize(update: ["owner", "admin"]) - authResult = (!!role && (user._id === owner || role === 'admin')); + authResult = (!!role && (userId == ownerId || role === 'admin')); break; case 'delete': // @authorize(delete: ["owner", "admin"]) - authResult = (!!role && (user._id === owner || role === 'admin')); + authResult = (!!role && (userId === ownerId || role === 'admin')); break; } - (debug) ? console.log('User', mode, owner, role, "===>", authResult) : null; + (debug) ? console.log('User:', userId, 'Owner:', ownerId, 'Role:', role, 'Mode:', mode, "===>", 'Authorized:', authResult) : null; return authResult; } @@ -66,6 +67,18 @@ export default class User { } } + // returns document without role field + // @authorize(updateRole: ["admin"]) + allowedFields(input, user){ + if (user.role === 'admin'){ + return input; + } + if (input[this.roleField]){ + delete input[this.roleField]; + } + return input; + } + async findOneById(id) { const doc = await this.loader.load(id); return doc; diff --git a/test/output-app/resolvers/User.js b/test/output-app/resolvers/User.js index af99b67..a2992a9 100644 --- a/test/output-app/resolvers/User.js +++ b/test/output-app/resolvers/User.js @@ -44,7 +44,8 @@ const resolvers = { const doc = await User.findOneById(id); const authorized = User.isAuthorized({doc, mode: 'update', user}); if (!authorized) throw new Error('User: mode: update not authorized'); - await User.updateById(id, input); + const updateDoc = User.allowedFields(input, user); + await User.updateById(id, updateDoc); return User.findOneById(id); }, diff --git a/test/output-app/schema/Tweet.graphql b/test/output-app/schema/Tweet.graphql index f5a6b3b..1f32b86 100644 --- a/test/output-app/schema/Tweet.graphql +++ b/test/output-app/schema/Tweet.graphql @@ -1,6 +1,6 @@ type Tweet { id: ObjID! - author: User! + author: User body: String! likers(lastCreatedAt: Float, limit: Int): [User!] createdAt: Float! From 53a092ece5642efdcfe93ffd66a41edd639f0b5e Mon Sep 17 00:00:00 2001 From: Tobias Klemmer Date: Sun, 4 Jun 2017 00:50:32 +0200 Subject: [PATCH 33/69] reworked and plus authorizedFields() --- test/input/Tweet.graphql | 13 +- test/input/User.graphql | 12 +- .../test-3-mutations-with-user-role-admin.js | 11 + test/output-app/model/Tweet.js | 276 ++++++++++++++-- test/output-app/model/User.js | 295 ++++++++++++++---- test/output-app/model/constants.js | 10 + test/output-app/resolvers/Tweet.js | 70 +++-- test/output-app/resolvers/User.js | 75 +++-- test/output-app/schema/Tweet.graphql | 5 + test/output-app/schema/User.graphql | 2 + test/output-app/server/index.js | 1 - test/seeds/Tweet.json | 12 +- test/seeds/User.json | 6 +- 13 files changed, 633 insertions(+), 155 deletions(-) create mode 100644 test/output-app/model/constants.js diff --git a/test/input/Tweet.graphql b/test/input/Tweet.graphql index ddab880..bd16574 100644 --- a/test/input/Tweet.graphql +++ b/test/input/Tweet.graphql @@ -1,16 +1,15 @@ type Tweet @authorize( - create: ["owner"] - readOne: ["world"] - readMany: ["world"] - update: ["owner", "admin"] - delete: ["owner", "admin"] - ownerField: "author" + author: ["create", "read", "update", "delete"], + coauthors: ["read", "update"], + admin: ["create", "read", "update", "delete"], + world: ["read"] ) { - author: User! @unmodifiable + author: User! @unmodifiable @belongsTo @authRole("author") + coauthors: [User!] @belongsTo @authRole("coauthors") body: String! likers: [User!] @hasAndBelongsToMany(as: "liked") diff --git a/test/input/User.graphql b/test/input/User.graphql index 1618b53..ef54227 100644 --- a/test/input/User.graphql +++ b/test/input/User.graphql @@ -1,18 +1,12 @@ type User @authorize( - create: ["admin"] - readOne: ["owner", "admin"] - readMany: ["admin"] - update: ["owner", "admin"] - updateRole: ["admin"] - delete: ["owner", "admin"] - ownerField: "_id" - roleField: "role" + this: ["readOne", "update", "delete"] + admin: ["create", "read", "update", "delete"] ) { - role: String! + role: String! @authRole("admin") @authorize(this: ["read"], admin: ["create", "read", "update"]) username: String! diff --git a/test/output-app-end-to-end/test-3-mutations-with-user-role-admin.js b/test/output-app-end-to-end/test-3-mutations-with-user-role-admin.js index 7ae6243..f5c0e60 100644 --- a/test/output-app-end-to-end/test-3-mutations-with-user-role-admin.js +++ b/test/output-app-end-to-end/test-3-mutations-with-user-role-admin.js @@ -35,6 +35,8 @@ describe('test-3: user with role "admin"', () => { bio: 'someone', role: 'admin' }; + // console.log('before:', makeUserInput(expectedUser)); + // console.log('userId', adminUser); sendQuery({query: ` mutation { createUser(input: ${makeUserInput(expectedUser)}) { @@ -46,6 +48,7 @@ describe('test-3: user with role "admin"', () => { userId: adminUser }) .then(result => { + // console.log('after:', result); assert.isNotNull(result.data); assert.isNotNull(result.data.createUser); assert.isNotNull(result.data.createUser.id); @@ -53,6 +56,10 @@ describe('test-3: user with role "admin"', () => { newUser = result.data.createUser.id; done(); }) + .catch((error) => { + console.log('ERROR: BEFORE', error); + done(); + }) }); describe('on type "user" (part 1)...', () => { @@ -299,6 +306,10 @@ describe('test-3: user with role "admin"', () => { tweetId = result.data.createTweet.id; done(); }) + .catch((error) => { + console.log(error); + done(); + }) }); it('can create tweet for himself', () => { diff --git a/test/output-app/model/Tweet.js b/test/output-app/model/Tweet.js index 59e2f45..9e764e8 100644 --- a/test/output-app/model/Tweet.js +++ b/test/output-app/model/Tweet.js @@ -1,52 +1,213 @@ import _ from 'lodash'; import DataLoader from 'dataloader'; import findByIds from 'mongo-find-by-ids'; +import { CREATE, READ, READONE, READMANY, UPDATE, DELETE, DEBUG } from './constants'; export default class Tweet { constructor(context) { - this.ownerField = 'authorId'; // @authorize(ownerField: "author") + /* this is generated from ... + @authorize( + author: ["create", "read", "update", "delete"], + coauthors: ["read", "update"], + admin: ["read", "update", "delete"], + world: ["read"] + ) + */ + this.authorizations = { + author: { + create: true, + read: true, + readOne: true, + readMany: true, + update: true, + delete: true, + }, + coauthors: { + read: true, + readOne: true, + readMany: true, + update: true, + }, + admin: { + read: true, + readOne: true, + readMany: true, + update: true, + delete: true, + }, + world: { + read: true, + readOne: true, + readMany: true, + } + }; this.context = context; this.collection = context.db.collection('tweet'); this.pubsub = context.pubsub; this.loader = new DataLoader(ids => findByIds(this.collection, ids)); } - // returns the owner of the current document @authorize(ownerField) - owner(doc){ - return (doc && doc[this.ownerField]) ? doc[this.ownerField].toString() : null; - } + // returns true, if the user's role is of expected kind + // this is generated whenever @authorize appears in the type definition + hasUserRole({role, doc, user, mode}){ + let hasRole = false; + switch (role) { - // returns true, if the current user is authorized for the current mode and document - isAuthorized({doc, mode, user, debug = true}){ - let authResult = false; - const ownerId = this.owner(doc); - const userId = (user && user._id) ? user._id.toString() : ''; - const role = this.context.User.role(user); - - switch (mode) { - case 'create': - // @authorize(create: ["owner"]) - authResult = (!!role && userId === ownerId); - break; - case 'readOne': - // @authorize(readOne: ["world"]) - authResult = true; + // returns true, if the signed in user is an author + // this is generated by... + // author: User! @unmodifiable @belongsTo @authRole("author") + // ----- ------------------- + case 'author': + hasRole = ( + // valid signed in user id available + !!user && !!user._id && user._id.toString() !== '' && + // valid document author available + !!doc && !!doc.authorId && doc.authorId.toString() !== '' && + // document author equals signed in user + doc.authorId.toString() === user._id.toString() + ); break; - case 'readMany': - // @authorize(readMany: ["world"]) - authResult = true; + + // returns true, if the signed in user is one of the coauthors + // this is generated by... + // coauthors: [User!] @belongsTo @authRole("coauthors") + // ------- ---------------------- + case 'coauthors': + hasRole = ( + // valid signed in user id available + !!user && !!user._id && user._id.toString() !== '' && + // document has at least one coauthors + !!doc && !!doc.coauthorsIds && _.isArray(doc.coauthorsIds) && doc.coauthorsIds.length > 0 && + // current signed in user is a coauthors + _.indexOf(doc.coauthorsIds, user._id.toString()) > -1 + ); break; - case 'update': - // @authorize(update: ["owner", editor"]) - authResult = (!!role && (userId === ownerId || role === 'admin')); + + // returns true, if signed in user has a role "admin" + // this is generated by... + // @authorize(admin: ["read", "update", "delete"]) + // ----- + // and if there is no @authRole("admin") user on any of the fields + // then it assumes a role definition + // and it checks against the role of the signed in user + case 'admin': + hasRole = ( + // valid signed in user id available + !!user && !!user._id && user._id.toString() !== '' && + // the current user has the correct role + this.context.User.role(user) === 'admin' + ); break; - case 'delete': - // @authorize(delete: ["owner", "admin"]) - authResult = (!!role && (userId === ownerId || role === 'admin')); + + // returns true, if user has a role "world" + // this is generated by... + // @authorize(world: ["read"]) + // ----- + // and if there is no @authRole("world") user on any of the fields + // then it assumes the special role definition "world" + // which means for every user, signed in or not signed in + case 'world': + hasRole = true; break; + + } + + (DEBUG) ? console.log( + '\n---------------------------------------------------------------------------------\n', + 'hasRole?','\n', + 'check if role =', role,'\n', + 'for user:', user.username, user.role, user._id, '\n', + 'doc:', JSON.stringify(doc, null, 2),'\n', + '==>', hasRole + ) + : null; + + return hasRole; + } + + // returns true, if the user role is authorized for the current mode + // this is generated whenever @authorize appears in the type definition + isRoleAuthorizedForMode({role, mode}){ + (DEBUG) ? + console.log( + 'isRoleAuthorizedForMode?', '\n', + 'role:', role, + 'mode:', mode, + '==>', this.authorizations[role][mode] ? true : false, + '\n---------------------------------------------------------------------------------\n', + ) + : null; + return this.authorizations[role][mode] ? true : false; + } + + // returns true, if the current user is authorized for the current mode and document + // this is generated, whenever @authorize appears... + isAuthorized({doc, mode, user}){ + // for authorization DEBUGging and logging reasons, do individual checks... + + // generated by @authorize(author: ...) + const authorAuthorized = this.hasUserRole({role: 'author', doc, user, mode}) && + this.isRoleAuthorizedForMode({role: 'author', mode}); + if (authorAuthorized && DEBUG) { + console.log( + 'Mode:', mode, + 'Tweet:', (doc && doc._id) ? doc._id.toString() : '', + 'User:', (user && user._id) ? user._id.toString() : '', + 'Author:', (doc && doc.authorId) ? doc.authorId.toString() : 'Error', + "===>", 'Authorized:', authorAuthorized + ); + } + + // generated by @authorize(coauthors: ...) + const coauthorsAuthorized = this.hasUserRole({role: 'coauthors', doc, user, mode}) && + this.isRoleAuthorizedForMode({role: 'coauthors', mode}); + if (coauthorsAuthorized && DEBUG) { + console.log( + 'Mode:', mode, + 'Tweet:', (doc && doc._id) ? doc._id.toString() : '', + 'User:', (user && user._id) ? user._id.toString() : '', + 'Coauthors:', (doc && doc.coauthorsIds) ? doc.coauthorsIds.toString() : 'Error', + "===>", 'Authorized:', coauthorsAuthorized + ); + } + + // generated by @authorize(admin: ...) + const adminAuthorized = this.hasUserRole({role: 'admin', doc, user, mode}) && + this.isRoleAuthorizedForMode({role: 'admin', mode}); + if (adminAuthorized && DEBUG){ + console.log( + 'Mode:', mode, + 'Tweet:', (doc && doc._id) ? doc._id.toString() : '', + 'User:', (user && user._id) ? user._id.toString() : '', + 'Role:', (user && user._id && this.context.User.role(user)) ? this.context.User.role(user) : 'Error', + "===>", 'Authorized:', adminAuthorized + ); + } + + // generated by @authorize(world: ...) + const worldAuthorized = this.hasUserRole({role: 'world', doc, user, mode}) && + this.isRoleAuthorizedForMode({role: 'world', mode}); + if (worldAuthorized && DEBUG) { + console.log( + 'Mode:', mode, + 'Tweet:', (doc && doc._id) ? doc._id.toString() : '', + 'User:', (user && user._id) ? user._id.toString() : '', + 'Role:', 'world', + "===>", 'Authorized:', worldAuthorized + ); + } + + // generated by @authorize(author: ..., coauthors: ..., admin: ..., world: ...) + const authResult = authorAuthorized || coauthorsAuthorized || adminAuthorized || worldAuthorized; + if (!authResult && DEBUG) { + console.log( + 'Mode:', mode, + 'Tweet:', (doc && doc._id) ? doc._id.toString() : '', + 'User:', (user && user._id) ? user._id.toString() : '', + "===>", 'Authorized:', authResult + ); } - (debug) ? console.log('Tweet:', doc._id, 'User:', userId, 'Owner:', ownerId, 'Role:', role, 'Mode:', mode, "===>", 'Authorized:', authResult) : null; return authResult; } @@ -77,6 +238,21 @@ export default class Tweet { return this.context.User.findOneById(tweet.authorId); } + createdBy(tweet) { + return this.context.User.findOneById(tweet.createdById); + } + + updatedBy(tweet) { + return this.context.User.findOneById(tweet.updatedById); + } + + coauthors(tweet, { lastCreatedAt = 0, limit = 10 }) { + return this.context.User.collection.find({ + _id: { $in: tweet.coauthorsIds }, + createdAt: { $gt: lastCreatedAt }, + }).sort({ createdAt: 1 }).limit(limit).toArray(); + } + likers(tweet, { lastCreatedAt = 0, limit = 10 }) { return this.context.User.collection.find({ likedIds: tweet._id, @@ -84,6 +260,46 @@ export default class Tweet { }).sort({ createdAt: 1 }).limit(limit).toArray(); } + // adding the current signed in user as a document owner + // the field of the document owner is identified + // by a field in the type definition, which contains an @authRole + addUserToDoc({doc, mode, user}){ + let enhancedDoc = Object.assign({}, doc); + + // generated by... + // author: User! @unmodifiable @belongsTo @authRole("author") + // ----- ------------------- + if (user && user._id){ + enhancedDoc = Object.assign({}, { authorId: user._id}, enhancedDoc); + } + + // generated by ... + // coauthors: [User!] @belongsTo @authRole("coauthors") + // ------- ---------------------- + // TODO: is this logically correct? + if (user && user._id){ + let coauthorsIds = enhancedDoc.coauthorsIds || []; + coauthorsIds = _.union(coauthorsIds, [user._id]); + enhancedDoc = Object.assign({}, { coauthorsIds: coauthorsIds}, enhancedDoc); + } + + // generated by... + // createdBy: User! @unmodifiable @belongsTo + // ----- ------------------- + if (mode === CREATE && user && user._id){ + enhancedDoc = Object.assign({}, { createdById: user._id}, enhancedDoc); + } + + // generated by... + // changedBy: User! @unmodifiable @belongsTo + // ----- ------------------- + if (mode === UPDATE && user && user._id){ + enhancedDoc = Object.assign({}, { updatedById: user._id}, enhancedDoc); + } + + return enhancedDoc; + } + async insert(doc) { const docToInsert = Object.assign({}, doc, { createdAt: Date.now(), diff --git a/test/output-app/model/User.js b/test/output-app/model/User.js index e371f0a..f8d58c9 100644 --- a/test/output-app/model/User.js +++ b/test/output-app/model/User.js @@ -1,94 +1,239 @@ import _ from 'lodash'; import DataLoader from 'dataloader'; import findByIds from 'mongo-find-by-ids'; +import { CREATE, READ, READONE, READMANY, UPDATE, DELETE, DEBUG } from './constants'; export default class User { constructor(context) { - this.ownerField = '_id'; // @authorize(ownerField: "_id") - this.roleField = 'role'; // @authorize(roleField: "role") + /* this is generated from ... + @authorize( + this: ["readOne", "update", "delete"] + admin: ["create", "read", "update", "delete"] + ) + */ + this.authorizations = { + this: { + readOne: true, + update: true, + delete: true, + }, + admin: { + create: true, + read: true, + readOne: true, + readMany: true, + update: true, + delete: true, + }, + }; this.context = context; this.collection = context.db.collection('user'); this.pubsub = context.pubsub; this.loader = new DataLoader(ids => findByIds(this.collection, ids)); } - // returns the owner of the current document @authorize(ownerField) - owner(doc){ - return (doc && doc[this.ownerField]) ? doc[this.ownerField].toString() : null; + // returns true, if the user's role is of expected kind + // this is generated whenever @authorize appears in the type definition + hasUserRole({role, doc, user, mode}){ + let hasRole = false; + switch (role) { + + // returns true, if the signed in user is equal to the document id + // this is generated by... + // @authorize(this:) + // ----- + case 'this': + hasRole = ( + // valid signed in user id available + !!user && !!user._id && user._id.toString() !== '' && + // valid document user id available + !!doc && !!doc._id && doc._id.toString() !== '' && + // document user id equals signed in user + doc._id.toString() === user._id.toString() + ); + break; + + // returns true, if signed in user has a role "admin" + // this is generated by... + // @authorize(admin: ["create", "read", "update", "delete"]) + // ----- + // and if there is no @authRole("admin") user on any of the fields + // then it assumes a role definition + // and it checks against the role of the signed in user + case 'admin': + hasRole = ( + // valid signed in user id available + !!user && !!user._id && user._id.toString() !== '' && + // the current user has the correct role + this.context.User.role(user) === 'admin' + ); + break; + + } + + (DEBUG) ? console.log( + '\n---------------------------------------------------------------------------------\n', + 'hasRole?','\n', + 'check if role =', role,'\n', + 'for user:', (user) ? (user.username, user.role, user._id) : (''), '\n', + 'doc:', JSON.stringify(doc, null, 2),'\n', + '==>', hasRole + ) + : null; + + return hasRole; } - // returns the role of the current user @authorize(roleField) - role(user){ - return (user && user[this.roleField]) ? user[this.roleField] : null; + // returns true, if the user role is authorized for the current mode + // this is generated whenever @authorize appears in the type definition + isRoleAuthorizedForMode({role, mode}){ + (DEBUG) ? + console.log( + 'isRoleAuthorizedForMode?', '\n', + 'role:', role, + 'mode:', mode, + '==>', this.authorizations[role][mode] ? true : false, + '\n---------------------------------------------------------------------------------\n', + ) + : null; + return this.authorizations[role][mode] ? true : false; } // returns true, if the current user is authorized for the current mode and document - isAuthorized({doc, mode, user, debug = true}){ - let authResult = false; - const ownerId = this.owner(doc); - const userId = (user && user._id) ? user._id.toString() : ''; - const role = this.context.User.role(user); - - switch (mode) { - case 'create': - // @authorize(create: ["admin"]) - authResult = (!!role && role === 'admin'); - break; - case 'readOne': - // @authorize(readOne: ["owner", "admin"]) - authResult = (!!role && (userId === ownerId || role === 'admin')); - break; - case 'readMany': - // @authorize(readMany: ["admin"]) - authResult = (!!role && role === 'admin'); - break; - case 'update': - // @authorize(update: ["owner", "admin"]) - authResult = (!!role && (userId == ownerId || role === 'admin')); - break; - case 'delete': - // @authorize(delete: ["owner", "admin"]) - authResult = (!!role && (userId === ownerId || role === 'admin')); - break; + // this is generated, whenever @authorize appears... + isAuthorized({doc, mode, user}){ + // for authorization debugging and logging reasons, do individual checks... + if (mode === CREATE){ + console.log('\n\nisAuthorized:\n', JSON.stringify(doc, null, 2), '\n\n\n'); + } + + // generated by @authorize(this: ...) + const thisAuthorized = this.hasUserRole({role: 'this', doc, user, mode}) && + this.isRoleAuthorizedForMode({role: 'this', mode}); + if (thisAuthorized && DEBUG) { + console.log( + 'Mode:', mode, + 'User Doc:', (doc && doc._id) ? doc._id.toString() : '', + 'User:', (user && user._id) ? user._id.toString() : '', + "===>", 'Authorized:', thisAuthorized + ); + } + + // generated by @authorize(admin: ...) + const adminAuthorized = this.hasUserRole({role: 'admin', doc, user, mode}) && + this.isRoleAuthorizedForMode({role: 'admin', mode}); + if (adminAuthorized && DEBUG){ + console.log( + 'Mode:', mode, + 'User doc:', (doc && doc._id) ? doc._id.toString() : '', + 'User:', (user && user._id) ? user._id.toString() : '', + 'Role:', (user && user._id && this.context.User.role(user)) ? this.context.User.role(user) : 'Error', + "===>", 'Authorized:', adminAuthorized + ); + } + + // generated by @authorize(this: ..., admin: ...) + const authResult = thisAuthorized || adminAuthorized; + if (!authResult && DEBUG) { + console.log( + 'Mode:', mode, + 'Tweet:', (doc && doc._id) ? doc._id.toString() : '', + 'User:', (user && user._id) ? user._id.toString() : '', + "===>", 'Authorized:', authResult + ); } - (debug) ? console.log('User:', userId, 'Owner:', ownerId, 'Role:', role, 'Mode:', mode, "===>", 'Authorized:', authResult) : null; return authResult; } - // returns only authorized documents + // returns the role of the current user + // generated by... + // role: String! @authRole("admin") @authorize(this: ["read"], admin: ["read", "update"]) + // ------- ------------------ + // whereas the field is not of type User, it is of type String + role(user){ + return (user && user.role) ? user.role : null; + } + + // returns document without role field + // generated by... + // role: String! @authRole("admin") @authorize(this: ["read"], admin: ["read", "update"]) + // ------- ------------------ + authorizedFields({doc, mode, user}){ + // array contains all fields, whose authorization is to be checked + const fields = ['role']; + + // check authorization on field level now + fields.forEach(field => { + // default is: field is not authorized + let authorizedField = false; + + if (field === 'role'){ + // role: @authorize(this: ["read"]) + if ( this.hasUserRole({role: 'this', doc, user, mode}) && + (mode === READ || mode === READONE || mode === READMANY) ){ + authorizedField = true; + } + + // role: @authorize(admin: ["create", "read", "update"]) + if ( this.hasUserRole({role: 'admin', doc, user, mode}) && + (mode === CREATE || mode === READ || mode === READONE || mode === READMANY || mode === UPDATE) ){ + authorizedField = true; + } + } + + // role: otherwise remove field from doc, + // because the user and mode is not authorize to access this field + if ( !authorizedField && doc[field] ){ + delete doc[field]; + } + }); + + return doc; + } + + // returns only authorized documents and fields + // generated by ... + // @authorize() authorized({doc, mode, user}){ + if (!user) throw new Error('authorized: user is empty'); + // if it is an array of documents, .... if (_.isArray(doc)){ - return _.filter(doc, d => this.isAuthorized({doc: d, mode, user}) ); - } else if (_.isObject(doc) && this.isAuthorized({doc, mode, user})) { - return doc; + // then filter for the authorized documents + let authorizedDocs = _.filter(doc, d => this.isAuthorized({doc: d, mode, user}) ); + // provide only authorized fields + authorizedDocs.forEach(d => { + d = this.authorizedFields({doc: d, mode, user}); + }); + return authorizedDocs; + + // if it is a single document, check the authorization for it + } else if ( _.isObject(doc) && this.isAuthorized({doc, mode, user}) ) { + // return only authorized fields + const authorizedDoc = this.authorizedFields({doc, mode, user}); + return authorizedDoc; + + // or return null, if no authorized document was found } else { + console.log('authorized: no authorized doc found'); return null; } } - // returns document without role field - // @authorize(updateRole: ["admin"]) - allowedFields(input, user){ - if (user.role === 'admin'){ - return input; - } - if (input[this.roleField]){ - delete input[this.roleField]; - } - return input; - } - - async findOneById(id) { + async findOneById(id, user) { const doc = await this.loader.load(id); + // const authorizedDoc = this.authorized({doc, mode: READONE, user}); + // return authorizedDoc; return doc; } - async all({ lastCreatedAt = 0, limit = 10 }) { - const docs = await this.collection.find({ + async all({ lastCreatedAt = 0, limit = 10, user }) { + const doc = await this.collection.find({ createdAt: { $gt: lastCreatedAt }, }).sort({ createdAt: 1 }).limit(limit).toArray(); - return docs; + // const authorizedDocs = this.authorized({doc, mode: READMANY, user}); + // return authorizedDocs; + return doc; } tweets(user, { minLikes, lastCreatedAt = 0, limit = 10 }) { @@ -119,20 +264,44 @@ export default class User { }).sort({ createdAt: 1 }).limit(limit).toArray(); } - async insert(doc) { - const docToInsert = Object.assign({}, doc, { + createdBy(user) { + return this.context.User.findOneById(user.createdById); + } + + updatedBy(user) { + return this.context.User.findOneById(user.updatedById); + } + + async insert(doc, user) { + let docToInsert = Object.assign({}, doc, { createdAt: Date.now(), updatedAt: Date.now(), + createdById: (user && user._id) ? user._id : 'unknown', + updatedById: (user && user._id) ? user._id : 'unknown', }); + docToInsert = this.authorizedFields({doc: docToInsert, mode: CREATE, user}); + const authorized = this.isAuthorized({doc: docToInsert, mode: CREATE, user}); + if (!authorized) throw new Error('User: mode: create not authorized'); + const id = (await this.collection.insertOne(docToInsert)).insertedId; this.pubsub.publish('userInserted', await this.findOneById(id)); return id; } - async updateById(id, doc) { + async updateById(id, doc, user) { + const foundDoc = await this.findOneById(id); + console.log('foundDoc', JSON.stringify(foundDoc, null, 2)); + + const authorized = this.isAuthorized({doc: foundDoc, mode: UPDATE, user}); + if (!authorized) throw new Error('User: mode: update not authorized'); + + const updatedDoc = this.authorizedFields({doc, mode: UPDATE, user}); + console.log('updatedDoc', JSON.stringify(updatedDoc, null, 2)); + const ret = await this.collection.update({ _id: id }, { - $set: Object.assign({}, doc, { + $set: Object.assign({}, updatedDoc, { updatedAt: Date.now(), + updatedById: (user && user._id) ? user._id : 'unknown', }), }); this.loader.clear(id); @@ -140,7 +309,11 @@ export default class User { return ret; } - async removeById(id) { + async removeById(id, user) { + const doc = await this.findOneById(id); + const authorized = this.isAuthorized({doc, mode: DELETE, user}); + if (!authorized) throw new Error('User: mode: delete not authorized'); + const ret = this.collection.remove({ _id: id }); this.loader.clear(id); this.pubsub.publish('userRemoved', id); diff --git a/test/output-app/model/constants.js b/test/output-app/model/constants.js new file mode 100644 index 0000000..ac7a58d --- /dev/null +++ b/test/output-app/model/constants.js @@ -0,0 +1,10 @@ +// constants, to avoid typing errors +export const CREATE = 'create'; +export const READ = 'read'; +export const READONE = 'readOne'; +export const READMANY = 'readMany'; +export const UPDATE = 'update'; +export const DELETE = 'delete'; + +// debug to switch on additional logs +export const DEBUG = true; diff --git a/test/output-app/resolvers/Tweet.js b/test/output-app/resolvers/Tweet.js index 8b6745f..118661e 100644 --- a/test/output-app/resolvers/Tweet.js +++ b/test/output-app/resolvers/Tweet.js @@ -1,3 +1,5 @@ +import { CREATE, READ, READONE, READMANY, UPDATE, DELETE, DEBUG } from '../model/constants'; + const resolvers = { Tweet: { id(tweet) { @@ -8,43 +10,75 @@ const resolvers = { return Tweet.author(tweet); }, + createdBy(tweet, args, { Tweet }) { + return Tweet.createdBy(tweet); + }, + + updatedBy(tweet, args, { Tweet }) { + return Tweet.updatedBy(tweet); + }, + + coauthors(tweet, { lastCreatedAt, limit }, { Tweet }) { + return Tweet.coauthors(tweet, { lastCreatedAt, limit }); + }, + likers(tweet, { lastCreatedAt, limit }, { Tweet }) { return Tweet.likers(tweet, { lastCreatedAt, limit }); }, }, Query: { async tweets(root, { lastCreatedAt, limit }, { Tweet, user }) { - const doc = await Tweet.all({ lastCreatedAt, limit }); - return Tweet.authorized({doc, mode: 'readMany', user}); + try { + const doc = await Tweet.all({ lastCreatedAt, limit }); + return Tweet.authorized({doc, mode: 'readMany', user}); + } catch(error) { + console.log('ERROR:', error.message); + } }, async tweet(root, { id }, { Tweet, user }) { - const doc = await Tweet.findOneById(id); - return Tweet.authorized({doc, mode: 'readOne', user}); + try { + const doc = await Tweet.findOneById(id); + return Tweet.authorized({doc, mode: 'readOne', user}); + } catch(error) { + console.log('ERROR:', error.message); + } }, }, Mutation: { async createTweet(root, { input }, { Tweet, user }) { - const doc = input; - const authorized = Tweet.isAuthorized({doc, mode: 'create', user}); - if (!authorized) throw new Error('Tweet: mode: create not authorized'); - const id = await Tweet.insert(input); - return Tweet.findOneById(id); + try { + const doc = Tweet.addUserToDoc({doc: input, mode: 'create', user}); + const authorized = Tweet.isAuthorized({doc, mode: 'create', user}); + if (!authorized) throw new Error('Tweet: mode: create not authorized'); + const id = await Tweet.insert(input); + return Tweet.findOneById(id); + } catch(error) { + console.log('ERROR:', error.message); + } }, async updateTweet(root, { id, input }, { Tweet, user }) { - const doc = await Tweet.findOneById(id); - const authorized = Tweet.isAuthorized({doc, mode: 'update', user}); - if (!authorized) throw new Error('Tweet: mode: update not authorized'); - await Tweet.updateById(id, input); - return Tweet.findOneById(id); + try { + const doc = await Tweet.findOneById(id); + const authorized = Tweet.isAuthorized({doc, mode: 'update', user}); + if (!authorized) throw new Error('Tweet: mode: update not authorized'); + await Tweet.updateById(id, input); + return Tweet.findOneById(id); + } catch(error) { + console.log('ERROR:', error.message); + } }, async removeTweet(root, { id }, { Tweet, user }) { - const doc = await Tweet.findOneById(id); - const authorized = Tweet.isAuthorized({doc, mode: 'delete', user}); - if (!authorized) throw new Error('Tweet: mode: delete not authorized'); - return Tweet.removeById(id); + try { + const doc = await Tweet.findOneById(id); + const authorized = Tweet.isAuthorized({doc, mode: 'delete', user}); + if (!authorized) throw new Error('Tweet: mode: delete not authorized'); + return Tweet.removeById(id); + } catch(error) { + console.log('ERROR:', error.message); + } }, }, Subscription: { diff --git a/test/output-app/resolvers/User.js b/test/output-app/resolvers/User.js index a2992a9..a9801b9 100644 --- a/test/output-app/resolvers/User.js +++ b/test/output-app/resolvers/User.js @@ -1,59 +1,94 @@ +import { CREATE, READ, READONE, READMANY, UPDATE, DELETE, DEBUG } from '../model/constants'; + const resolvers = { User: { id(user) { return user._id; }, + createdBy(user, args, { User }) { + //return User.createdBy(user); + const doc = User.createdBy(user); + return User.authorized({doc, mode: READONE, user}); + }, + + updatedBy(user, args, { User }) { + //return User.updatedBy(user); + const doc = User.updatedBy(user); + return User.authorized({doc, mode: READONE, user}); + }, + tweets(user, { minLikes, lastCreatedAt, limit }, { User }) { return User.tweets(user, { minLikes, lastCreatedAt, limit }); + // const doc = User.tweets(user, { minLikes, lastCreatedAt, limit }); + // return Tweet.authorized({doc, mode: READMANY, user}); }, - liked(user, { lastCreatedAt, limit }, { User }) { + liked(user, { lastCreatedAt, limit }, { User, Tweet }) { return User.liked(user, { lastCreatedAt, limit }); + // const doc = User.liked(user, { lastCreatedAt, limit }); + // return Tweet.authorized({doc, mode: READMANY, user}); }, following(user, { lastCreatedAt, limit }, { User }) { return User.following(user, { lastCreatedAt, limit }); + // const doc = User.following(user, { lastCreatedAt, limit }); + // return User.authorized({doc, mode: READMANY, user}); }, followers(user, { lastCreatedAt, limit }, { User }) { return User.followers(user, { lastCreatedAt, limit }); + // const doc = User.followers(user, { lastCreatedAt, limit }); + // return User.authorized({doc, mode: READMANY, user}); }, }, Query: { async users(root, { lastCreatedAt, limit }, { User, user }) { - const doc = await User.all({ lastCreatedAt, limit }); - return User.authorized({doc, mode: 'readMany', user}); + try { + const doc = await User.all({ lastCreatedAt, limit, user }); + return User.authorized({doc, mode: READMANY, user}); + } catch(error) { + console.log('ERROR:', error.message); + } }, async user(root, { id }, { User, user }) { - const doc = await User.findOneById(id); - return User.authorized({doc, mode: 'readOne', user}); + try { + console.log('user', JSON.stringify(user, null, 2)); + const doc = await User.findOneById(id, user); + return User.authorized({doc, mode: READONE, user}); + } catch(error) { + console.log('ERROR:', error.message); + } }, }, Mutation: { async createUser(root, { input }, { User, user }) { - const doc = input; - const authorized = User.isAuthorized({doc, mode: 'create', user}); - if (!authorized) throw new Error('User: mode: create not authorized'); - const id = await User.insert(input); - return User.findOneById(id); + try { + const id = await User.insert(input, user); + const doc = await User.findOneById(id, user); + return User.authorized({doc, mode: READONE, user}); + } catch(error) { + console.log('ERROR:', error.message); + } }, async updateUser(root, { id, input }, { User, user }) { - const doc = await User.findOneById(id); - const authorized = User.isAuthorized({doc, mode: 'update', user}); - if (!authorized) throw new Error('User: mode: update not authorized'); - const updateDoc = User.allowedFields(input, user); - await User.updateById(id, updateDoc); - return User.findOneById(id); + try { + await User.updateById(id, input, user); + const doc = await User.findOneById(id, user); + return User.authorized({doc, mode: READONE, user}); + } catch(error) { + console.log('ERROR:', error.message); + } }, async removeUser(root, { id }, { User, user }) { - const doc = await User.findOneById(id); - const authorized = User.isAuthorized({doc, mode: 'delete', user}); - if (!authorized) throw new Error('User: mode: delete not authorized'); - return User.removeById(id); + try { + return User.removeById(id, user); + } catch(error) { + console.log('ERROR:', error.message); + } }, }, Subscription: { diff --git a/test/output-app/schema/Tweet.graphql b/test/output-app/schema/Tweet.graphql index 1f32b86..5a32ff7 100644 --- a/test/output-app/schema/Tweet.graphql +++ b/test/output-app/schema/Tweet.graphql @@ -1,10 +1,13 @@ type Tweet { id: ObjID! author: User + coauthors: [User!] body: String! likers(lastCreatedAt: Float, limit: Int): [User!] createdAt: Float! + createdBy: User! updatedAt: Float! + updatedBy: User } extend type Query { @@ -15,10 +18,12 @@ extend type Query { input CreateTweetInput { authorId: ObjID! body: String! + coauthorsIds: [ObjID!] } input UpdateTweetInput { body: String! + coauthorsIds: [ObjID!] } extend type Mutation { diff --git a/test/output-app/schema/User.graphql b/test/output-app/schema/User.graphql index 24d861e..590fb8f 100644 --- a/test/output-app/schema/User.graphql +++ b/test/output-app/schema/User.graphql @@ -9,7 +9,9 @@ type User { following(lastCreatedAt: Float, limit: Int): [User!] followers(lastCreatedAt: Float, limit: Int): [User!] createdAt: Float! + createdBy: User! updatedAt: Float! + updatedBy: User } extend type Query { diff --git a/test/output-app/server/index.js b/test/output-app/server/index.js index 073ae22..38eec4c 100644 --- a/test/output-app/server/index.js +++ b/test/output-app/server/index.js @@ -50,7 +50,6 @@ async function startServer() { // Probably indicates someone trying to send an overly expensive query throw new Error('Query too large.'); } - return { schema, context: Object.assign({ user }, req.context), diff --git a/test/seeds/Tweet.json b/test/seeds/Tweet.json index 1edc5e9..2934241 100644 --- a/test/seeds/Tweet.json +++ b/test/seeds/Tweet.json @@ -1,6 +1,6 @@ -{"_id":{"$oid":"583676d3618530145474e352"},"authorId":{"$oid":"583291a1638566b3c5a92ca1"},"body":"We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:","createdAt":1.479964371334e+12,"updatedAt":1.479964371334e+12} -{"_id":{"$oid":"583676d3618530145474e355"},"authorId":{"$oid":"583291a1638566b3c5a92ca2"},"body":"Where have I heard this before","createdAt":1.479964438372e+12,"updatedAt":1.479964438372e+12} -{"_id":{"$oid":"583676d3618530145474e351"},"authorId":{"$oid":"583291a1638566b3c5a92ca0"},"body":"Good times bringing Apollo Optics to Rails over the last few months with @tmeasday @chollier @cjoudrey @rmosolgo and others!","createdAt":1.479964352544e+12,"updatedAt":1.479964352544e+12} -{"_id":{"$oid":"583676d3618530145474e354"},"authorId":{"$oid":"583291a1638566b3c5a92ca2"},"body":"It will stop being insane. It will just be normal. TV changed presidential politics, now it's social media's turn.","createdAt":1.479964423351e+12,"updatedAt":1.479964423351e+12} -{"_id":{"$oid":"583676d3618530145474e353"},"authorId":{"$oid":"583291a1638566b3c5a92ca1"},"body":"Help improve @apollographql integration with #redux dev tools:","createdAt":1.479964386822e+12,"updatedAt":1.479964386822e+12} -{"_id":{"$oid":"583676d3618530145474e350"},"authorId":{"$oid":"583291a1638566b3c5a92ca0"},"body":"A #graphql-first development workflow based on real world lessons, from @danimman \u0026 @stubailo:","createdAt":1.479964340853e+12,"updatedAt":1.479964340853e+12} +{"_id":{"$oid":"583676d3618530145474e352"},"authorId":{"$oid":"583291a1638566b3c5a92ca1"},"coauthorsIds":[],"body":"We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:","createdAt":1.479964371334e+12,"updatedAt":1.479964371334e+12, "createdById":{"$oid":"583291a1638566b3c5a92ca1"}} +{"_id":{"$oid":"583676d3618530145474e355"},"authorId":{"$oid":"583291a1638566b3c5a92ca2"},"coauthorsIds":[{"$oid":"583291a1638566b3c5a92ca1"}],"body":"Where have I heard this before","createdAt":1.479964438372e+12,"updatedAt":1.479964438372e+12, "createdById":{"$oid":"583291a1638566b3c5a92ca1"}} +{"_id":{"$oid":"583676d3618530145474e351"},"authorId":{"$oid":"583291a1638566b3c5a92ca0"},"coauthorsIds":[{"$oid":"583291a1638566b3c5a92ca2"},{"$oid":"583291a1638566b3c5a92ca1"}],"body":"Good times bringing Apollo Optics to Rails over the last few months with @tmeasday @chollier @cjoudrey @rmosolgo and others!","createdAt":1.479964352544e+12,"updatedAt":1.479964352544e+12, "createdById":{"$oid":"583291a1638566b3c5a92ca1"}} +{"_id":{"$oid":"583676d3618530145474e354"},"authorId":{"$oid":"583291a1638566b3c5a92ca2"},"coauthorsIds":[{"$oid":"583291a1638566b3c5a92ca0"},{"$oid":"583291a1638566b3c5a92ca1"}],"body":"It will stop being insane. It will just be normal. TV changed presidential politics, now it's social media's turn.","createdAt":1.479964423351e+12,"updatedAt":1.479964423351e+12, "createdById":{"$oid":"583291a1638566b3c5a92ca1"}} +{"_id":{"$oid":"583676d3618530145474e353"},"authorId":{"$oid":"583291a1638566b3c5a92ca1"},"coauthorsIds":[{"$oid":"583291a1638566b3c5a92ca2"},{"$oid":"583291a1638566b3c5a92ca0"}],"body":"Help improve @apollographql integration with #redux dev tools:","createdAt":1.479964386822e+12,"updatedAt":1.479964386822e+12, "createdById":{"$oid":"583291a1638566b3c5a92ca1"}} +{"_id":{"$oid":"583676d3618530145474e350"},"authorId":{"$oid":"583291a1638566b3c5a92ca0"},"coauthorsIds":[{"$oid":"583291a1638566b3c5a92ca1"},{"$oid":"583291a1638566b3c5a92ca2"}],"body":"A #graphql-first development workflow based on real world lessons, from @danimman \u0026 @stubailo:","createdAt":1.479964340853e+12,"updatedAt":1.479964340853e+12, "createdById":{"$oid":"583291a1638566b3c5a92ca1"}} diff --git a/test/seeds/User.json b/test/seeds/User.json index 0c33842..64a0b91 100644 --- a/test/seeds/User.json +++ b/test/seeds/User.json @@ -1,3 +1,3 @@ -{"_id":{"$oid":"583291a1638566b3c5a92ca1"},"bio":"tech lead @meteorjs @apollographql","createdAt":1.479776905993e+12,"followingIds":[{"$oid":"583291a1638566b3c5a92ca0"}],"likedIds":[{"$oid":"583676d3618530145474e350"},{"$oid":"583676d3618530145474e351"}],"updatedAt":1.479776905993e+12,"username":"stubailo", "role":"admin"} -{"_id":{"$oid":"583291a1638566b3c5a92ca0"},"bio":"I build things with @percolatestudio. Author of @discovermeteor. Exploring how to improve user experience through technology, design and performance.","createdAt":1.479776904993e+12,"followingIds":[{"$oid":"583291a1638566b3c5a92ca1"},{"$oid":"583291a1638566b3c5a92ca2"}],"likedIds":[{"$oid":"583676d3618530145474e352"},{"$oid":"583676d3618530145474e353"},{"$oid":"583676d3618530145474e354"}],"updatedAt":1.479776904993e+12,"username":"tmeasday", "role": "editor", "hash":"$2a$10$SeepHv0X3GZfSzl0uqlXmucLsP2VjdI.nuA0UJnmOtEecLSx.RiWe"} -{"_id":{"$oid":"583291a1638566b3c5a92ca2"},"bio":"Co-founder of Parse, now at Facebook. Ex Google search quality, game developer \u0026 math contester.","createdAt":1.479776906993e+12,"followingIds":[{"$oid":"583291a1638566b3c5a92ca1"}],"likedIds":[{"$oid":"583676d3618530145474e350"},{"$oid":"583676d3618530145474e353"}],"updatedAt":1.479776906993e+12,"username":"lacker", "role": "user"} +{"_id":{"$oid":"583291a1638566b3c5a92ca1"},"bio":"tech lead @meteorjs @apollographql","createdAt":1.479776905993e+12,"followingIds":[{"$oid":"583291a1638566b3c5a92ca0"}],"likedIds":[{"$oid":"583676d3618530145474e350"},{"$oid":"583676d3618530145474e351"}],"updatedAt":1.479776905993e+12,"username":"stubailo", "role":"admin", "createdById":{"$oid":"583291a1638566b3c5a92ca1"}} +{"_id":{"$oid":"583291a1638566b3c5a92ca0"},"bio":"I build things with @percolatestudio. Author of @discovermeteor. Exploring how to improve user experience through technology, design and performance.","createdAt":1.479776904993e+12,"followingIds":[{"$oid":"583291a1638566b3c5a92ca1"},{"$oid":"583291a1638566b3c5a92ca2"}],"likedIds":[{"$oid":"583676d3618530145474e352"},{"$oid":"583676d3618530145474e353"},{"$oid":"583676d3618530145474e354"}],"updatedAt":1.479776904993e+12,"username":"tmeasday", "role": "editor", "hash":"$2a$10$SeepHv0X3GZfSzl0uqlXmucLsP2VjdI.nuA0UJnmOtEecLSx.RiWe", "createdById":{"$oid":"583291a1638566b3c5a92ca1"}} +{"_id":{"$oid":"583291a1638566b3c5a92ca2"},"bio":"Co-founder of Parse, now at Facebook. Ex Google search quality, game developer \u0026 math contester.","createdAt":1.479776906993e+12,"followingIds":[{"$oid":"583291a1638566b3c5a92ca1"}],"likedIds":[{"$oid":"583676d3618530145474e350"},{"$oid":"583676d3618530145474e353"}],"updatedAt":1.479776906993e+12,"username":"lacker", "role": "user", "createdById":{"$oid":"583291a1638566b3c5a92ca1"}} From 835c7db29f888d9bf10b0e3ba7c85a042c9dc732 Mon Sep 17 00:00:00 2001 From: Tobias Klemmer Date: Sun, 4 Jun 2017 14:16:02 +0200 Subject: [PATCH 34/69] User finished before Tweet update --- test/input/Tweet.graphql | 2 +- test/input/User.graphql | 4 +- test/output-app/.gitignore | 2 + test/output-app/model/Tweet.js | 1 + test/output-app/model/User.js | 290 ++++++++++++++------------- test/output-app/model/constants.js | 2 +- test/output-app/package.json | 4 +- test/output-app/resolvers/Tweet.js | 24 ++- test/output-app/resolvers/User.js | 80 ++++---- test/output-app/schema/Tweet.graphql | 2 +- test/output-app/schema/User.graphql | 4 +- test/output-app/server/index.js | 9 +- test/output-app/server/logger.js | 37 ++++ test/output-app/yarn.lock | 57 +++++- test/seeds/Tweet.json | 12 +- test/seeds/User.json | 6 +- 16 files changed, 328 insertions(+), 208 deletions(-) create mode 100644 test/output-app/server/logger.js diff --git a/test/input/Tweet.graphql b/test/input/Tweet.graphql index bd16574..4eb42f2 100644 --- a/test/input/Tweet.graphql +++ b/test/input/Tweet.graphql @@ -1,9 +1,9 @@ type Tweet @authorize( + admin: ["create", "read", "update", "delete"], author: ["create", "read", "update", "delete"], coauthors: ["read", "update"], - admin: ["create", "read", "update", "delete"], world: ["read"] ) diff --git a/test/input/User.graphql b/test/input/User.graphql index ef54227..7d6240b 100644 --- a/test/input/User.graphql +++ b/test/input/User.graphql @@ -1,12 +1,12 @@ type User @authorize( - this: ["readOne", "update", "delete"] admin: ["create", "read", "update", "delete"] + this: ["readOne", "update", "delete"] ) { - role: String! @authRole("admin") @authorize(this: ["read"], admin: ["create", "read", "update"]) + role: String! @authRole("admin") @authorize(admin: ["create", "read", "update"], this: ["read"]) username: String! diff --git a/test/output-app/.gitignore b/test/output-app/.gitignore index 50ffcff..c9d3b9d 100644 --- a/test/output-app/.gitignore +++ b/test/output-app/.gitignore @@ -1,3 +1,5 @@ node_modules /db /input +server/logs/all-logs.log +server/logs/*.log diff --git a/test/output-app/model/Tweet.js b/test/output-app/model/Tweet.js index 9e764e8..d96d709 100644 --- a/test/output-app/model/Tweet.js +++ b/test/output-app/model/Tweet.js @@ -1,4 +1,5 @@ import _ from 'lodash'; +import log from '../server/logger'; import DataLoader from 'dataloader'; import findByIds from 'mongo-find-by-ids'; import { CREATE, READ, READONE, READMANY, UPDATE, DELETE, DEBUG } from './constants'; diff --git a/test/output-app/model/User.js b/test/output-app/model/User.js index f8d58c9..7670ed6 100644 --- a/test/output-app/model/User.js +++ b/test/output-app/model/User.js @@ -1,4 +1,5 @@ import _ from 'lodash'; +import log from '../server/logger'; import DataLoader from 'dataloader'; import findByIds from 'mongo-find-by-ids'; import { CREATE, READ, READONE, READMANY, UPDATE, DELETE, DEBUG } from './constants'; @@ -7,16 +8,11 @@ export default class User { constructor(context) { /* this is generated from ... @authorize( - this: ["readOne", "update", "delete"] admin: ["create", "read", "update", "delete"] + this: ["readOne", "update", "delete"] ) */ this.authorizations = { - this: { - readOne: true, - update: true, - delete: true, - }, admin: { create: true, read: true, @@ -25,6 +21,11 @@ export default class User { update: true, delete: true, }, + this: { + readOne: true, + update: true, + delete: true, + }, }; this.context = context; this.collection = context.db.collection('user'); @@ -32,27 +33,20 @@ export default class User { this.loader = new DataLoader(ids => findByIds(this.collection, ids)); } + // returns the role of the current user + // generated by... + // role: String! @authRole("admin") @authorize(this: ["read"], admin: ["read", "update"]) + // ------- ------------------ + // whereas the field is not of type User, it is of type String + role(user){ + return (user && user.role) ? user.role : null; + } + // returns true, if the user's role is of expected kind // this is generated whenever @authorize appears in the type definition - hasUserRole({role, doc, user, mode}){ + hasUserRole({role, doc, user, mode, printLog = true, resolver}){ let hasRole = false; switch (role) { - - // returns true, if the signed in user is equal to the document id - // this is generated by... - // @authorize(this:) - // ----- - case 'this': - hasRole = ( - // valid signed in user id available - !!user && !!user._id && user._id.toString() !== '' && - // valid document user id available - !!doc && !!doc._id && doc._id.toString() !== '' && - // document user id equals signed in user - doc._id.toString() === user._id.toString() - ); - break; - // returns true, if signed in user has a role "admin" // this is generated by... // @authorize(admin: ["create", "read", "update", "delete"]) @@ -68,99 +62,91 @@ export default class User { this.context.User.role(user) === 'admin' ); break; - + // returns true, if the signed in user is equal to the document id + // this is generated by... + // @authorize(this:) + // ----- + case 'this': + hasRole = ( + // valid signed in user id available + !!user && !!user._id && user._id.toString() !== '' && + // valid document user id available + !!doc && !!doc._id && doc._id.toString() !== '' && + // document user id equals signed in user + doc._id.toString() === user._id.toString() + ); + break; + } + if (printLog){ + log.debug(''); + log.debug(`${resolver} hasRole: "${role}" "${user.username ? user.username : ''} ${user.role ? user.role : ''} ${user._id ? user._id : ''}" ==> "${hasRole}"`); } - - (DEBUG) ? console.log( - '\n---------------------------------------------------------------------------------\n', - 'hasRole?','\n', - 'check if role =', role,'\n', - 'for user:', (user) ? (user.username, user.role, user._id) : (''), '\n', - 'doc:', JSON.stringify(doc, null, 2),'\n', - '==>', hasRole - ) - : null; - return hasRole; } // returns true, if the user role is authorized for the current mode // this is generated whenever @authorize appears in the type definition - isRoleAuthorizedForMode({role, mode}){ - (DEBUG) ? - console.log( - 'isRoleAuthorizedForMode?', '\n', - 'role:', role, - 'mode:', mode, - '==>', this.authorizations[role][mode] ? true : false, - '\n---------------------------------------------------------------------------------\n', - ) - : null; + isRoleAuthorizedForMode({role, mode, resolver}){ + log.debug(`${resolver} isRoleAuthorizedForMode: "${role}" "${mode}" ==> "${this.authorizations[role][mode] ? true : false}"`); return this.authorizations[role][mode] ? true : false; } // returns true, if the current user is authorized for the current mode and document // this is generated, whenever @authorize appears... - isAuthorized({doc, mode, user}){ - // for authorization debugging and logging reasons, do individual checks... - if (mode === CREATE){ - console.log('\n\nisAuthorized:\n', JSON.stringify(doc, null, 2), '\n\n\n'); - } - - // generated by @authorize(this: ...) - const thisAuthorized = this.hasUserRole({role: 'this', doc, user, mode}) && - this.isRoleAuthorizedForMode({role: 'this', mode}); - if (thisAuthorized && DEBUG) { - console.log( - 'Mode:', mode, - 'User Doc:', (doc && doc._id) ? doc._id.toString() : '', - 'User:', (user && user._id) ? user._id.toString() : '', - "===>", 'Authorized:', thisAuthorized - ); - } + isAuthorized({doc, mode, user, resolver}){ // generated by @authorize(admin: ...) - const adminAuthorized = this.hasUserRole({role: 'admin', doc, user, mode}) && - this.isRoleAuthorizedForMode({role: 'admin', mode}); - if (adminAuthorized && DEBUG){ - console.log( - 'Mode:', mode, - 'User doc:', (doc && doc._id) ? doc._id.toString() : '', - 'User:', (user && user._id) ? user._id.toString() : '', - 'Role:', (user && user._id && this.context.User.role(user)) ? this.context.User.role(user) : 'Error', - "===>", 'Authorized:', adminAuthorized - ); + const adminAuthorized = this.hasUserRole({role: 'admin', doc, user, mode, printLog: true, resolver}) && + this.isRoleAuthorizedForMode({role: 'admin', mode, resolver}); + + // logging for debugging... + if (adminAuthorized){ + log.debug(`${resolver} isAuthorized: role: "${ + (user && user._id && this.context.User.role(user)) ? this.context.User.role(user) : '' + }" "${mode}" doc: "${ + (doc && doc._id) ? doc._id.toString() : '' + }" user: "${ + (user && user._id) ? user._id.toString() : '' + }" ===> "${adminAuthorized}"`); + + return adminAuthorized; } - // generated by @authorize(this: ..., admin: ...) - const authResult = thisAuthorized || adminAuthorized; - if (!authResult && DEBUG) { - console.log( - 'Mode:', mode, - 'Tweet:', (doc && doc._id) ? doc._id.toString() : '', - 'User:', (user && user._id) ? user._id.toString() : '', - "===>", 'Authorized:', authResult - ); + // generated by @authorize(this: ...) + const thisAuthorized = this.hasUserRole({role: 'this', doc, user, mode, printLog: true, resolver}) && + this.isRoleAuthorizedForMode({role: 'this', mode, resolver}); + + // logging for debugging... + if (thisAuthorized) { + log.debug(`${resolver} isAuthorized: doc: "${ + (doc && doc._id) ? doc._id.toString() : '' + }" "${mode}" user: "${ + (user && user._id) ? user._id.toString() : '' + }" ===> "${thisAuthorized}"`); + + return thisAuthorized; } - return authResult; - } + // logging for debugging... + log.debug(`${resolver} isAuthorized: role: "${ + (user && user._id && this.context.User.role(user)) ? this.context.User.role(user) : '' + }" "${mode}" doc: "${ + (doc && doc._id) ? doc._id.toString() : '' + }" user: "${ + (user && user._id) ? user._id.toString() : '' + }" ===> "false"`); - // returns the role of the current user - // generated by... - // role: String! @authRole("admin") @authorize(this: ["read"], admin: ["read", "update"]) - // ------- ------------------ - // whereas the field is not of type User, it is of type String - role(user){ - return (user && user.role) ? user.role : null; + return false; } // returns document without role field // generated by... // role: String! @authRole("admin") @authorize(this: ["read"], admin: ["read", "update"]) // ------- ------------------ - authorizedFields({doc, mode, user}){ + authorizedFields({doc, mode, user, resolver}){ // array contains all fields, whose authorization is to be checked + // role: String! @authorize() + // ---- ------------ const fields = ['role']; // check authorization on field level now @@ -168,23 +154,33 @@ export default class User { // default is: field is not authorized let authorizedField = false; + // role: String! @authorize() + // ---- ------------ if (field === 'role'){ - // role: @authorize(this: ["read"]) - if ( this.hasUserRole({role: 'this', doc, user, mode}) && + log.debug(''); + // role: String! @authorize(this: ["read"]) + // ----- ----- ---- + if ( this.hasUserRole({role: 'this', doc, user, mode, printLog: false, resolver}) && (mode === READ || mode === READONE || mode === READMANY) ){ - authorizedField = true; + log.debug(`${resolver} authorizedFields: "${field}" is authorized for role: "this" and mode: "${mode}"`); + authorizedField = true; } // role: @authorize(admin: ["create", "read", "update"]) - if ( this.hasUserRole({role: 'admin', doc, user, mode}) && + // ---- ----- ------ ---- ------ + if ( this.hasUserRole({role: 'admin', doc, user, mode, printLog: false, resolver}) && (mode === CREATE || mode === READ || mode === READONE || mode === READMANY || mode === UPDATE) ){ - authorizedField = true; + log.debug(`${resolver} authorizedFields: "${field}" is authorized for role: "admin" and mode: "${mode}"`); + authorizedField = true; } } - // role: otherwise remove field from doc, + // ... Checking other fields if there... + + // otherwise remove field from doc, // because the user and mode is not authorize to access this field if ( !authorizedField && doc[field] ){ + log.debug(`${resolver} authorizedFields: "${field}" not authorized for user/role and mode: "${mode}", removed from document`); delete doc[field]; } }); @@ -195,123 +191,133 @@ export default class User { // returns only authorized documents and fields // generated by ... // @authorize() - authorized({doc, mode, user}){ - if (!user) throw new Error('authorized: user is empty'); + authorized({doc, mode, user, resolver}){ // if it is an array of documents, .... if (_.isArray(doc)){ // then filter for the authorized documents - let authorizedDocs = _.filter(doc, d => this.isAuthorized({doc: d, mode, user}) ); + let authorizedDocs = _.filter(doc, d => this.isAuthorized({doc: d, mode, user, resolver}) ); // provide only authorized fields authorizedDocs.forEach(d => { - d = this.authorizedFields({doc: d, mode, user}); + d = this.authorizedFields({doc: d, mode, user, resolver}); }); return authorizedDocs; // if it is a single document, check the authorization for it - } else if ( _.isObject(doc) && this.isAuthorized({doc, mode, user}) ) { + } else if ( _.isObject(doc) && this.isAuthorized({doc, mode, user, resolver}) ) { // return only authorized fields - const authorizedDoc = this.authorizedFields({doc, mode, user}); + const authorizedDoc = this.authorizedFields({doc, mode, user, resolver}); return authorizedDoc; + } // or return null, if no authorized document was found - } else { - console.log('authorized: no authorized doc found'); - return null; - } + log.debug(`${resolver} authorized: no authorized doc found`); + return null; } - async findOneById(id, user) { + async findOneById(id, _user) { + //console.log('findOneById _user', id, JSON.stringify(_user, null, 2)); const doc = await this.loader.load(id); - // const authorizedDoc = this.authorized({doc, mode: READONE, user}); - // return authorizedDoc; return doc; + // wanted to do the authorization here, but in the query, the user is false, in mutations and resolvers it is there, why? + // the following doesn't work, because the user is not there at this point of time for a reason I don't understand + // const authorizedDoc = this.authorized({doc: doc, mode: READONE, user: user}); + // return authorizedDoc; } - async all({ lastCreatedAt = 0, limit = 10, user }) { + async all({ lastCreatedAt = 0, limit = 10 }, _user) { + //console.log('findOneById _user', id, JSON.stringify(_user, null, 2)); const doc = await this.collection.find({ createdAt: { $gt: lastCreatedAt }, }).sort({ createdAt: 1 }).limit(limit).toArray(); + return doc; + // wanted to do the authorization here, but in the query, the user is false, in mutations and resolvers it is there, why? + // the following doesn't work, because the user is not there at this point of time for a reason I don't understand // const authorizedDocs = this.authorized({doc, mode: READMANY, user}); // return authorizedDocs; - return doc; } - tweets(user, { minLikes, lastCreatedAt = 0, limit = 10 }) { - return this.context.Tweet.collection.find({ + async tweets(user, { minLikes, lastCreatedAt = 0, limit = 10 }, _user) { + const doc = await this.context.Tweet.collection.find({ authorId: user._id, createdAt: { $gt: lastCreatedAt }, }).sort({ createdAt: 1 }).limit(limit).toArray(); + return doc; } - liked(user, { lastCreatedAt = 0, limit = 10 }) { - return this.context.Tweet.collection.find({ + async liked(user, { lastCreatedAt = 0, limit = 10 }, _user) { + const doc = await this.context.Tweet.collection.find({ _id: { $in: user.likedIds || [] }, createdAt: { $gt: lastCreatedAt }, }).sort({ createdAt: 1 }).limit(limit).toArray(); + return doc; } - following(user, { lastCreatedAt = 0, limit = 10 }) { - return this.context.User.collection.find({ + async following(user, { lastCreatedAt = 0, limit = 10 }, _user) { + const doc = await this.context.User.collection.find({ _id: { $in: user.followingIds || [] }, createdAt: { $gt: lastCreatedAt }, }).sort({ createdAt: 1 }).limit(limit).toArray(); + const authorizedDoc = this.authorized({doc, mode: READMANY, user: _user, resolver: 'following'}); + return authorizedDoc; } - followers(user, { lastCreatedAt = 0, limit = 10 }) { - return this.context.User.collection.find({ + async followers(user, { lastCreatedAt = 0, limit = 10 }, _user) { + const doc = await this.context.User.collection.find({ followingIds: user._id, createdAt: { $gt: lastCreatedAt }, }).sort({ createdAt: 1 }).limit(limit).toArray(); + const authorizedDoc = this.authorized({doc, mode: READMANY, user: _user, resolver: 'followers'}); + return authorizedDoc; } - createdBy(user) { - return this.context.User.findOneById(user.createdById); + async createdBy(user, _user) { + const doc = await this.context.User.findOneById(user.createdById, _user); + const authorizedDoc = this.authorized({doc, mode: READONE, user: _user, resolver: 'createdBy'}); + return authorizedDoc; } - updatedBy(user) { - return this.context.User.findOneById(user.updatedById); + async updatedBy(user, _user) { + const doc = await this.context.User.findOneById(user.updatedById, _user); + const authorizedDoc = this.authorized({doc, mode: READONE, user: _user, resolver: 'updatedBy'}); + return authorizedDoc; } - async insert(doc, user) { + async insert(doc, _user) { let docToInsert = Object.assign({}, doc, { createdAt: Date.now(), updatedAt: Date.now(), - createdById: (user && user._id) ? user._id : 'unknown', - updatedById: (user && user._id) ? user._id : 'unknown', + createdById: (_user && _user._id) ? _user._id : 'unknown', + updatedById: (_user && _user._id) ? _user._id : 'unknown', }); - docToInsert = this.authorizedFields({doc: docToInsert, mode: CREATE, user}); - const authorized = this.isAuthorized({doc: docToInsert, mode: CREATE, user}); + docToInsert = this.authorizedFields({doc: docToInsert, mode: CREATE, user: _user, resolver: 'insert'}); + const authorized = this.isAuthorized({doc: docToInsert, mode: CREATE, user: _user, resolver: 'insert'}); if (!authorized) throw new Error('User: mode: create not authorized'); const id = (await this.collection.insertOne(docToInsert)).insertedId; - this.pubsub.publish('userInserted', await this.findOneById(id)); + this.pubsub.publish('userInserted', await this.findOneById(id, _user)); return id; } - async updateById(id, doc, user) { + async updateById(id, doc, _user) { const foundDoc = await this.findOneById(id); - console.log('foundDoc', JSON.stringify(foundDoc, null, 2)); - - const authorized = this.isAuthorized({doc: foundDoc, mode: UPDATE, user}); + const authorized = this.isAuthorized({doc: foundDoc, mode: UPDATE, user: _user, resolver: 'updateById'}); if (!authorized) throw new Error('User: mode: update not authorized'); - const updatedDoc = this.authorizedFields({doc, mode: UPDATE, user}); - console.log('updatedDoc', JSON.stringify(updatedDoc, null, 2)); - + const updatedDoc = this.authorizedFields({doc, mode: UPDATE, user: _user, resolver: 'updateById'}); const ret = await this.collection.update({ _id: id }, { $set: Object.assign({}, updatedDoc, { updatedAt: Date.now(), - updatedById: (user && user._id) ? user._id : 'unknown', + updatedById: (_user && _user._id) ? _user._id : 'unknown', }), }); this.loader.clear(id); - this.pubsub.publish('userUpdated', await this.findOneById(id)); + this.pubsub.publish('userUpdated', await this.findOneById(id, _user)); return ret; } - async removeById(id, user) { - const doc = await this.findOneById(id); - const authorized = this.isAuthorized({doc, mode: DELETE, user}); + async removeById(id, _user) { + const doc = await this.findOneById(id, _user); + const authorized = this.isAuthorized({doc, mode: DELETE, user: _user, resolver: 'removeById'}); if (!authorized) throw new Error('User: mode: delete not authorized'); const ret = this.collection.remove({ _id: id }); diff --git a/test/output-app/model/constants.js b/test/output-app/model/constants.js index ac7a58d..1103426 100644 --- a/test/output-app/model/constants.js +++ b/test/output-app/model/constants.js @@ -7,4 +7,4 @@ export const UPDATE = 'update'; export const DELETE = 'delete'; // debug to switch on additional logs -export const DEBUG = true; +export const DEBUG = false; diff --git a/test/output-app/package.json b/test/output-app/package.json index b5438f1..5eb5f10 100644 --- a/test/output-app/package.json +++ b/test/output-app/package.json @@ -47,9 +47,11 @@ "lodash": "4.16.4", "mongo-find-by-ids": "^1.0.0", "mongodb": "^2.2.11", + "morgan": "^1.8.2", "nodeify": "^1.0.1", "passport": "^0.3.2", "passport-jwt": "^2.2.1", - "subscriptions-transport-ws": "0.2.6" + "subscriptions-transport-ws": "0.2.6", + "winston": "^2.3.1" } } diff --git a/test/output-app/resolvers/Tweet.js b/test/output-app/resolvers/Tweet.js index 118661e..2938e39 100644 --- a/test/output-app/resolvers/Tweet.js +++ b/test/output-app/resolvers/Tweet.js @@ -1,7 +1,9 @@ +import log from '../server/logger'; import { CREATE, READ, READONE, READMANY, UPDATE, DELETE, DEBUG } from '../model/constants'; const resolvers = { Tweet: { + id(tweet) { return tweet._id; }, @@ -27,29 +29,29 @@ const resolvers = { }, }, Query: { - async tweets(root, { lastCreatedAt, limit }, { Tweet, user }) { + async tweets(root, { lastCreatedAt, limit }, { Tweet, _user }) { try { const doc = await Tweet.all({ lastCreatedAt, limit }); - return Tweet.authorized({doc, mode: 'readMany', user}); + return Tweet.authorized({doc, mode: 'readMany', user: _user}); } catch(error) { console.log('ERROR:', error.message); } }, - async tweet(root, { id }, { Tweet, user }) { + async tweet(root, { id }, { Tweet, _user }) { try { const doc = await Tweet.findOneById(id); - return Tweet.authorized({doc, mode: 'readOne', user}); + return Tweet.authorized({doc, mode: 'readOne', user: _user}); } catch(error) { console.log('ERROR:', error.message); } }, }, Mutation: { - async createTweet(root, { input }, { Tweet, user }) { + async createTweet(root, { input }, { Tweet, _user }) { try { - const doc = Tweet.addUserToDoc({doc: input, mode: 'create', user}); - const authorized = Tweet.isAuthorized({doc, mode: 'create', user}); + const doc = Tweet.addUserToDoc({doc: input, mode: 'create', user: _user}); + const authorized = Tweet.isAuthorized({doc, mode: 'create', user: _user}); if (!authorized) throw new Error('Tweet: mode: create not authorized'); const id = await Tweet.insert(input); return Tweet.findOneById(id); @@ -58,10 +60,10 @@ const resolvers = { } }, - async updateTweet(root, { id, input }, { Tweet, user }) { + async updateTweet(root, { id, input }, { Tweet, _user }) { try { const doc = await Tweet.findOneById(id); - const authorized = Tweet.isAuthorized({doc, mode: 'update', user}); + const authorized = Tweet.isAuthorized({doc, mode: 'update', user: _user}); if (!authorized) throw new Error('Tweet: mode: update not authorized'); await Tweet.updateById(id, input); return Tweet.findOneById(id); @@ -70,10 +72,10 @@ const resolvers = { } }, - async removeTweet(root, { id }, { Tweet, user }) { + async removeTweet(root, { id }, { Tweet, _user }) { try { const doc = await Tweet.findOneById(id); - const authorized = Tweet.isAuthorized({doc, mode: 'delete', user}); + const authorized = Tweet.isAuthorized({doc, mode: 'delete', user: _user}); if (!authorized) throw new Error('Tweet: mode: delete not authorized'); return Tweet.removeById(id); } catch(error) { diff --git a/test/output-app/resolvers/User.js b/test/output-app/resolvers/User.js index a9801b9..9ad3f61 100644 --- a/test/output-app/resolvers/User.js +++ b/test/output-app/resolvers/User.js @@ -1,91 +1,101 @@ +import log from '../server/logger'; import { CREATE, READ, READONE, READMANY, UPDATE, DELETE, DEBUG } from '../model/constants'; const resolvers = { User: { + id(user) { return user._id; }, - createdBy(user, args, { User }) { - //return User.createdBy(user); - const doc = User.createdBy(user); - return User.authorized({doc, mode: READONE, user}); + async createdBy(user, args, { User, _user }) { + const doc = await User.createdBy(user, _user); + return doc; }, - updatedBy(user, args, { User }) { - //return User.updatedBy(user); - const doc = User.updatedBy(user); - return User.authorized({doc, mode: READONE, user}); + async updatedBy(user, args, { User, _user }) { + const doc = await User.updatedBy(user, _user); + return doc; }, - tweets(user, { minLikes, lastCreatedAt, limit }, { User }) { + async tweets(user, { minLikes, lastCreatedAt, limit }, { User, _user }) { return User.tweets(user, { minLikes, lastCreatedAt, limit }); // const doc = User.tweets(user, { minLikes, lastCreatedAt, limit }); // return Tweet.authorized({doc, mode: READMANY, user}); }, - liked(user, { lastCreatedAt, limit }, { User, Tweet }) { + async liked(user, { lastCreatedAt, limit }, { User, Tweet, _user }) { return User.liked(user, { lastCreatedAt, limit }); // const doc = User.liked(user, { lastCreatedAt, limit }); // return Tweet.authorized({doc, mode: READMANY, user}); }, - following(user, { lastCreatedAt, limit }, { User }) { - return User.following(user, { lastCreatedAt, limit }); - // const doc = User.following(user, { lastCreatedAt, limit }); - // return User.authorized({doc, mode: READMANY, user}); + async following(user, { lastCreatedAt, limit }, { User, _user }) { + const doc = await User.following(user, { lastCreatedAt, limit }, _user); + return doc; }, - followers(user, { lastCreatedAt, limit }, { User }) { - return User.followers(user, { lastCreatedAt, limit }); - // const doc = User.followers(user, { lastCreatedAt, limit }); - // return User.authorized({doc, mode: READMANY, user}); + async followers(user, { lastCreatedAt, limit }, { User, _user }) { + const doc = await User.followers(user, { lastCreatedAt, limit }, _user); + return doc; }, }, Query: { - async users(root, { lastCreatedAt, limit }, { User, user }) { + async users(root, { lastCreatedAt, limit }, { User, _user }) { try { - const doc = await User.all({ lastCreatedAt, limit, user }); - return User.authorized({doc, mode: READMANY, user}); + log.debug('---------------------'); + log.debug('User resolver "users"'); + const doc = await User.all({ lastCreatedAt, limit }, _user); + // for any reason I don't understand the authorization has to remain here in Query + return User.authorized({doc, mode: READMANY, user: _user, resolver: 'users'}); } catch(error) { console.log('ERROR:', error.message); } }, - async user(root, { id }, { User, user }) { + async user(root, { id }, { User, _user }) { try { - console.log('user', JSON.stringify(user, null, 2)); - const doc = await User.findOneById(id, user); - return User.authorized({doc, mode: READONE, user}); + log.debug('--------------------'); + log.debug('User resolver "user"'); + const doc = await User.findOneById(id, _user); + // for any reason I don't understand the authorization has to remain here in Query + return User.authorized({doc, mode: READONE, user: _user, resolver: 'user'}); } catch(error) { console.log('ERROR:', error.message); } }, }, Mutation: { - async createUser(root, { input }, { User, user }) { + async createUser(root, { input }, { User, _user }) { try { - const id = await User.insert(input, user); - const doc = await User.findOneById(id, user); - return User.authorized({doc, mode: READONE, user}); + log.debug('--------------------------'); + log.debug('User resolver "createUser"'); + const id = await User.insert(input, _user); + const doc = await User.findOneById(id, _user); + return User.authorized({doc, mode: READONE, user: _user, resolver: 'createUser'}); } catch(error) { console.log('ERROR:', error.message); } }, - async updateUser(root, { id, input }, { User, user }) { + async updateUser(root, { id, input }, { User, _user }) { try { - await User.updateById(id, input, user); - const doc = await User.findOneById(id, user); - return User.authorized({doc, mode: READONE, user}); + log.debug('--------------------------'); + log.debug('User resolver "updateUser"'); + await User.updateById(id, input, _user); + const doc = await User.findOneById(id, _user); + return User.authorized({doc, mode: READONE, user: _user, resolver: 'updateUser'}); } catch(error) { console.log('ERROR:', error.message); } }, - async removeUser(root, { id }, { User, user }) { + async removeUser(root, { id }, { User, _user }) { try { - return User.removeById(id, user); + log.debug('--------------------------'); + log.debug('User resolver "removeUser"'); + const response = await User.removeById(id, _user); + return response; } catch(error) { console.log('ERROR:', error.message); } diff --git a/test/output-app/schema/Tweet.graphql b/test/output-app/schema/Tweet.graphql index 5a32ff7..2be1380 100644 --- a/test/output-app/schema/Tweet.graphql +++ b/test/output-app/schema/Tweet.graphql @@ -5,7 +5,7 @@ type Tweet { body: String! likers(lastCreatedAt: Float, limit: Int): [User!] createdAt: Float! - createdBy: User! + createdBy: User updatedAt: Float! updatedBy: User } diff --git a/test/output-app/schema/User.graphql b/test/output-app/schema/User.graphql index 590fb8f..61d6fa3 100644 --- a/test/output-app/schema/User.graphql +++ b/test/output-app/schema/User.graphql @@ -9,7 +9,7 @@ type User { following(lastCreatedAt: Float, limit: Int): [User!] followers(lastCreatedAt: Float, limit: Int): [User!] createdAt: Float! - createdBy: User! + createdBy: User updatedAt: Float! updatedBy: User } @@ -27,7 +27,7 @@ input CreateUserInput { } input UpdateUserInput { - username: String! + username: String role: String bio: String notify: Boolean diff --git a/test/output-app/server/index.js b/test/output-app/server/index.js index 38eec4c..2a0e52c 100644 --- a/test/output-app/server/index.js +++ b/test/output-app/server/index.js @@ -7,6 +7,8 @@ import { makeExecutableSchema } from 'graphql-tools'; import { MongoClient } from 'mongodb'; import cors from 'cors'; import passport from 'passport'; +import morgan from 'morgan'; +import log, { stream } from './logger'; import typeDefs from '../schema'; import resolvers from '../resolvers'; @@ -26,11 +28,14 @@ const { async function startServer() { + log.info('Logger started'); + const db = await MongoClient.connect(MONGO_URL); const app = express().use('*', cors()); app.use(bodyParser.urlencoded({ extended: true })); app.use(bodyParser.json()); + app.use(morgan("dev", { "stream": stream })); app.use((req, res, next) => { req.context = addModelsToContext({ db, pubsub }); @@ -40,7 +45,7 @@ async function startServer() { authenticate(app); app.use('/graphql', (req, res, next) => { - passport.authenticate('jwt', { session: false }, (err, user) => { + passport.authenticate('jwt', { session: false }, (err, _user) => { graphqlExpress(() => { // Get the query, the same way express-graphql does it // https://github.com/graphql/express-graphql/blob/3fa6e68582d6d933d37fa9e841da5d2aa39261cd/src/index.js#L257 @@ -52,7 +57,7 @@ async function startServer() { } return { schema, - context: Object.assign({ user }, req.context), + context: Object.assign({ _user }, req.context), debug: true, formatError(e) { console.log(e) }, }; diff --git a/test/output-app/server/logger.js b/test/output-app/server/logger.js new file mode 100644 index 0000000..5c9ced8 --- /dev/null +++ b/test/output-app/server/logger.js @@ -0,0 +1,37 @@ +import winston from 'winston'; + +winston.emitErrs = true; + +const logger = new winston.Logger({ + transports: [ + + new winston.transports.File({ + level: 'info', + filename: './server/logs/all-logs.log', + handleExceptions: true, + json: true, + maxsize: 5242880, //5MB + maxFiles: 5, + colorize: false + }), + + new winston.transports.Console({ + level: 'debug', + handleExceptions: true, + json: false, + colorize: true + }) + + ], + + exitOnError: false + +}); + +export default logger; + +export const stream = { + write: function(message, encoding) { + logger.info(message); + } +}; diff --git a/test/output-app/yarn.lock b/test/output-app/yarn.lock index ce8e5db..0d4ce4c 100644 --- a/test/output-app/yarn.lock +++ b/test/output-app/yarn.lock @@ -171,6 +171,10 @@ async@2.0.1: dependencies: lodash "^4.8.0" +async@~1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/async/-/async-1.0.0.tgz#f8fc04ca3a13784ade9e1641af98578cfbd647a9" + asynckit@^0.4.0: version "0.4.0" resolved "https://registry.yarnpkg.com/asynckit/-/asynckit-0.4.0.tgz#c79ed97f7f34cb8f2ba1bc9790bcc366474b4b79" @@ -849,6 +853,10 @@ base64url@2.0.0, base64url@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/base64url/-/base64url-2.0.0.tgz#eac16e03ea1438eff9423d69baa36262ed1f70bb" +basic-auth@~1.1.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/basic-auth/-/basic-auth-1.1.0.tgz#45221ee429f7ee1e5035be3f51533f1cdfd29884" + bcrypt-pbkdf@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.0.tgz#3ca76b85241c7170bf7d9703e7b9aa74630040d4" @@ -1087,6 +1095,10 @@ code-point-at@^1.0.0: version "1.1.0" resolved "https://registry.yarnpkg.com/code-point-at/-/code-point-at-1.1.0.tgz#0d070b4d043a5bea33a2f1a40e2edb3d9a4ccf77" +colors@1.0.x: + version "1.0.3" + resolved "https://registry.yarnpkg.com/colors/-/colors-1.0.3.tgz#0433f44d809680fdeb60ed260f1b0c262e82a40b" + combined-stream@^1.0.5, combined-stream@~1.0.5: version "1.0.5" resolved "https://registry.yarnpkg.com/combined-stream/-/combined-stream-1.0.5.tgz#938370a57b4a51dea2c77c15d5c5fdf895164009" @@ -1188,6 +1200,10 @@ currently-unhandled@^0.4.1: dependencies: array-find-index "^1.0.1" +cycle@1.0.x: + version "1.0.3" + resolved "https://registry.yarnpkg.com/cycle/-/cycle-1.0.3.tgz#21e80b2be8580f98b468f379430662b046c34ad2" + d@^0.1.1, d@~0.1.1: version "0.1.1" resolved "https://registry.yarnpkg.com/d/-/d-0.1.1.tgz#da184c535d18d8ee7ba2aa229b914009fae11309" @@ -1214,6 +1230,12 @@ debug@2, debug@2.2.0, debug@^2.1.1, debug@^2.2.0, debug@~2.2.0: dependencies: ms "0.7.1" +debug@2.6.8: + version "2.6.8" + resolved "https://registry.yarnpkg.com/debug/-/debug-2.6.8.tgz#e731531ca2ede27d188222427da17821d68ff4fc" + dependencies: + ms "2.0.0" + decamelize@^1.1.1, decamelize@^1.1.2: version "1.2.0" resolved "https://registry.yarnpkg.com/decamelize/-/decamelize-1.2.0.tgz#f6534d15148269b20352e7bee26f501f9a191290" @@ -1728,6 +1750,10 @@ extsprintf@1.0.2: version "1.0.2" resolved "https://registry.yarnpkg.com/extsprintf/-/extsprintf-1.0.2.tgz#e1080e0658e300b06294990cc70e1502235fd550" +eyes@0.1.x: + version "0.1.8" + resolved "https://registry.yarnpkg.com/eyes/-/eyes-0.1.8.tgz#62cf120234c683785d902348a800ef3e0cc20bc0" + fast-levenshtein@~2.0.4: version "2.0.5" resolved "https://registry.yarnpkg.com/fast-levenshtein/-/fast-levenshtein-2.0.5.tgz#bd33145744519ab1c36c3ee9f31f08e9079b67f2" @@ -2442,7 +2468,7 @@ isobject@^2.0.0: dependencies: isarray "1.0.0" -isstream@~0.1.2: +isstream@0.1.x, isstream@~0.1.2: version "0.1.2" resolved "https://registry.yarnpkg.com/isstream/-/isstream-0.1.2.tgz#47e63f7af55afa6f92e1500e690eb8b8529c099a" @@ -2885,10 +2911,24 @@ mongodb@^2.2.11: mongodb-core "2.1.0" readable-stream "2.1.5" +morgan@^1.8.2: + version "1.8.2" + resolved "https://registry.yarnpkg.com/morgan/-/morgan-1.8.2.tgz#784ac7734e4a453a9c6e6e8680a9329275c8b687" + dependencies: + basic-auth "~1.1.0" + debug "2.6.8" + depd "~1.1.0" + on-finished "~2.3.0" + on-headers "~1.0.1" + ms@0.7.1, ms@^0.7.1: version "0.7.1" resolved "https://registry.yarnpkg.com/ms/-/ms-0.7.1.tgz#9cd13c03adbff25b65effde7ce864ee952017098" +ms@2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/ms/-/ms-2.0.0.tgz#5608aeadfc00be6c2901df5f9861788de0d597c8" + mute-stream@0.0.5: version "0.0.5" resolved "https://registry.yarnpkg.com/mute-stream/-/mute-stream-0.0.5.tgz#8fbfabb0a98a253d3184331f9e8deb7372fac6c0" @@ -3687,6 +3727,10 @@ sshpk@^1.7.0: jsbn "~0.1.0" tweetnacl "~0.14.0" +stack-trace@0.0.x: + version "0.0.10" + resolved "https://registry.yarnpkg.com/stack-trace/-/stack-trace-0.0.10.tgz#547c70b347e8d32b4e108ea1a2a159e5fdde19c0" + stat-mode@^0.2.0: version "0.2.2" resolved "https://registry.yarnpkg.com/stat-mode/-/stat-mode-0.2.2.tgz#e6c80b623123d7d80cf132ce538f346289072502" @@ -4125,6 +4169,17 @@ window-size@^0.1.4: version "0.1.4" resolved "https://registry.yarnpkg.com/window-size/-/window-size-0.1.4.tgz#f8e1aa1ee5a53ec5bf151ffa09742a6ad7697876" +winston@^2.3.1: + version "2.3.1" + resolved "https://registry.yarnpkg.com/winston/-/winston-2.3.1.tgz#0b48420d978c01804cf0230b648861598225a119" + dependencies: + async "~1.0.0" + colors "1.0.x" + cycle "1.0.x" + eyes "0.1.x" + isstream "0.1.x" + stack-trace "0.0.x" + wordwrap@~1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/wordwrap/-/wordwrap-1.0.0.tgz#27584810891456a4171c8d0226441ade90cbcaeb" diff --git a/test/seeds/Tweet.json b/test/seeds/Tweet.json index 2934241..50bc59c 100644 --- a/test/seeds/Tweet.json +++ b/test/seeds/Tweet.json @@ -1,6 +1,6 @@ -{"_id":{"$oid":"583676d3618530145474e352"},"authorId":{"$oid":"583291a1638566b3c5a92ca1"},"coauthorsIds":[],"body":"We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:","createdAt":1.479964371334e+12,"updatedAt":1.479964371334e+12, "createdById":{"$oid":"583291a1638566b3c5a92ca1"}} -{"_id":{"$oid":"583676d3618530145474e355"},"authorId":{"$oid":"583291a1638566b3c5a92ca2"},"coauthorsIds":[{"$oid":"583291a1638566b3c5a92ca1"}],"body":"Where have I heard this before","createdAt":1.479964438372e+12,"updatedAt":1.479964438372e+12, "createdById":{"$oid":"583291a1638566b3c5a92ca1"}} -{"_id":{"$oid":"583676d3618530145474e351"},"authorId":{"$oid":"583291a1638566b3c5a92ca0"},"coauthorsIds":[{"$oid":"583291a1638566b3c5a92ca2"},{"$oid":"583291a1638566b3c5a92ca1"}],"body":"Good times bringing Apollo Optics to Rails over the last few months with @tmeasday @chollier @cjoudrey @rmosolgo and others!","createdAt":1.479964352544e+12,"updatedAt":1.479964352544e+12, "createdById":{"$oid":"583291a1638566b3c5a92ca1"}} -{"_id":{"$oid":"583676d3618530145474e354"},"authorId":{"$oid":"583291a1638566b3c5a92ca2"},"coauthorsIds":[{"$oid":"583291a1638566b3c5a92ca0"},{"$oid":"583291a1638566b3c5a92ca1"}],"body":"It will stop being insane. It will just be normal. TV changed presidential politics, now it's social media's turn.","createdAt":1.479964423351e+12,"updatedAt":1.479964423351e+12, "createdById":{"$oid":"583291a1638566b3c5a92ca1"}} -{"_id":{"$oid":"583676d3618530145474e353"},"authorId":{"$oid":"583291a1638566b3c5a92ca1"},"coauthorsIds":[{"$oid":"583291a1638566b3c5a92ca2"},{"$oid":"583291a1638566b3c5a92ca0"}],"body":"Help improve @apollographql integration with #redux dev tools:","createdAt":1.479964386822e+12,"updatedAt":1.479964386822e+12, "createdById":{"$oid":"583291a1638566b3c5a92ca1"}} -{"_id":{"$oid":"583676d3618530145474e350"},"authorId":{"$oid":"583291a1638566b3c5a92ca0"},"coauthorsIds":[{"$oid":"583291a1638566b3c5a92ca1"},{"$oid":"583291a1638566b3c5a92ca2"}],"body":"A #graphql-first development workflow based on real world lessons, from @danimman \u0026 @stubailo:","createdAt":1.479964340853e+12,"updatedAt":1.479964340853e+12, "createdById":{"$oid":"583291a1638566b3c5a92ca1"}} +{"_id":{"$oid":"583676d3618530145474e352"},"authorId":{"$oid":"583291a1638566b3c5a92ca1"},"coauthorsIds":[],"body":"We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:","createdAt":1.479964371334e+12,"updatedAt":1.479964371334e+12, "createdById":{"$oid":"583291a1638566b3c5a92ca1"}, "updatedById":{"$oid":"583291a1638566b3c5a92ca1"}} +{"_id":{"$oid":"583676d3618530145474e355"},"authorId":{"$oid":"583291a1638566b3c5a92ca2"},"coauthorsIds":[{"$oid":"583291a1638566b3c5a92ca1"}],"body":"Where have I heard this before","createdAt":1.479964438372e+12,"updatedAt":1.479964438372e+12, "createdById":{"$oid":"583291a1638566b3c5a92ca1"}, "updatedById":{"$oid":"583291a1638566b3c5a92ca1"}} +{"_id":{"$oid":"583676d3618530145474e351"},"authorId":{"$oid":"583291a1638566b3c5a92ca0"},"coauthorsIds":[{"$oid":"583291a1638566b3c5a92ca2"},{"$oid":"583291a1638566b3c5a92ca1"}],"body":"Good times bringing Apollo Optics to Rails over the last few months with @tmeasday @chollier @cjoudrey @rmosolgo and others!","createdAt":1.479964352544e+12,"updatedAt":1.479964352544e+12, "createdById":{"$oid":"583291a1638566b3c5a92ca1"}, "updatedById":{"$oid":"583291a1638566b3c5a92ca1"}} +{"_id":{"$oid":"583676d3618530145474e354"},"authorId":{"$oid":"583291a1638566b3c5a92ca2"},"coauthorsIds":[{"$oid":"583291a1638566b3c5a92ca0"},{"$oid":"583291a1638566b3c5a92ca1"}],"body":"It will stop being insane. It will just be normal. TV changed presidential politics, now it's social media's turn.","createdAt":1.479964423351e+12,"updatedAt":1.479964423351e+12, "createdById":{"$oid":"583291a1638566b3c5a92ca1"}, "updatedById":{"$oid":"583291a1638566b3c5a92ca1"}} +{"_id":{"$oid":"583676d3618530145474e353"},"authorId":{"$oid":"583291a1638566b3c5a92ca1"},"coauthorsIds":[{"$oid":"583291a1638566b3c5a92ca2"},{"$oid":"583291a1638566b3c5a92ca0"}],"body":"Help improve @apollographql integration with #redux dev tools:","createdAt":1.479964386822e+12,"updatedAt":1.479964386822e+12, "createdById":{"$oid":"583291a1638566b3c5a92ca1"}, "updatedById":{"$oid":"583291a1638566b3c5a92ca1"}} +{"_id":{"$oid":"583676d3618530145474e350"},"authorId":{"$oid":"583291a1638566b3c5a92ca0"},"coauthorsIds":[{"$oid":"583291a1638566b3c5a92ca1"},{"$oid":"583291a1638566b3c5a92ca2"}],"body":"A #graphql-first development workflow based on real world lessons, from @danimman \u0026 @stubailo:","createdAt":1.479964340853e+12,"updatedAt":1.479964340853e+12, "createdById":{"$oid":"583291a1638566b3c5a92ca1"}, "updatedById":{"$oid":"583291a1638566b3c5a92ca1"}} diff --git a/test/seeds/User.json b/test/seeds/User.json index 64a0b91..8c15dad 100644 --- a/test/seeds/User.json +++ b/test/seeds/User.json @@ -1,3 +1,3 @@ -{"_id":{"$oid":"583291a1638566b3c5a92ca1"},"bio":"tech lead @meteorjs @apollographql","createdAt":1.479776905993e+12,"followingIds":[{"$oid":"583291a1638566b3c5a92ca0"}],"likedIds":[{"$oid":"583676d3618530145474e350"},{"$oid":"583676d3618530145474e351"}],"updatedAt":1.479776905993e+12,"username":"stubailo", "role":"admin", "createdById":{"$oid":"583291a1638566b3c5a92ca1"}} -{"_id":{"$oid":"583291a1638566b3c5a92ca0"},"bio":"I build things with @percolatestudio. Author of @discovermeteor. Exploring how to improve user experience through technology, design and performance.","createdAt":1.479776904993e+12,"followingIds":[{"$oid":"583291a1638566b3c5a92ca1"},{"$oid":"583291a1638566b3c5a92ca2"}],"likedIds":[{"$oid":"583676d3618530145474e352"},{"$oid":"583676d3618530145474e353"},{"$oid":"583676d3618530145474e354"}],"updatedAt":1.479776904993e+12,"username":"tmeasday", "role": "editor", "hash":"$2a$10$SeepHv0X3GZfSzl0uqlXmucLsP2VjdI.nuA0UJnmOtEecLSx.RiWe", "createdById":{"$oid":"583291a1638566b3c5a92ca1"}} -{"_id":{"$oid":"583291a1638566b3c5a92ca2"},"bio":"Co-founder of Parse, now at Facebook. Ex Google search quality, game developer \u0026 math contester.","createdAt":1.479776906993e+12,"followingIds":[{"$oid":"583291a1638566b3c5a92ca1"}],"likedIds":[{"$oid":"583676d3618530145474e350"},{"$oid":"583676d3618530145474e353"}],"updatedAt":1.479776906993e+12,"username":"lacker", "role": "user", "createdById":{"$oid":"583291a1638566b3c5a92ca1"}} +{"_id":{"$oid":"583291a1638566b3c5a92ca1"},"bio":"tech lead @meteorjs @apollographql","createdAt":1.479776905993e+12,"followingIds":[{"$oid":"583291a1638566b3c5a92ca0"}],"likedIds":[{"$oid":"583676d3618530145474e350"},{"$oid":"583676d3618530145474e351"}],"updatedAt":1.479776905993e+12,"username":"stubailo", "role":"admin", "createdById":{"$oid":"583291a1638566b3c5a92ca1"}, "updatedById":{"$oid":"583291a1638566b3c5a92ca1"}} +{"_id":{"$oid":"583291a1638566b3c5a92ca0"},"bio":"I build things with @percolatestudio. Author of @discovermeteor. Exploring how to improve user experience through technology, design and performance.","createdAt":1.479776904993e+12,"followingIds":[{"$oid":"583291a1638566b3c5a92ca1"},{"$oid":"583291a1638566b3c5a92ca2"}],"likedIds":[{"$oid":"583676d3618530145474e352"},{"$oid":"583676d3618530145474e353"},{"$oid":"583676d3618530145474e354"}],"updatedAt":1.479776904993e+12,"username":"tmeasday", "role": "editor", "hash":"$2a$10$SeepHv0X3GZfSzl0uqlXmucLsP2VjdI.nuA0UJnmOtEecLSx.RiWe", "createdById":{"$oid":"583291a1638566b3c5a92ca1"}, "updatedById":{"$oid":"583291a1638566b3c5a92ca1"}} +{"_id":{"$oid":"583291a1638566b3c5a92ca2"},"bio":"Co-founder of Parse, now at Facebook. Ex Google search quality, game developer \u0026 math contester.","createdAt":1.479776906993e+12,"followingIds":[{"$oid":"583291a1638566b3c5a92ca1"}],"likedIds":[{"$oid":"583676d3618530145474e350"},{"$oid":"583676d3618530145474e353"}],"updatedAt":1.479776906993e+12,"username":"lacker", "role": "user", "createdById":{"$oid":"583291a1638566b3c5a92ca1"}, "updatedById":{"$oid":"583291a1638566b3c5a92ca1"}} From 770ad84e4e1a468e8c19e07bddef32bec4e2d9e5 Mon Sep 17 00:00:00 2001 From: Tobias Klemmer Date: Sun, 4 Jun 2017 16:51:11 +0200 Subject: [PATCH 35/69] v0.1 --- .../test-4-mutations-with-unknown-user.js | 7 +- .../test-5-mutations-with-user-role-user.js | 7 +- .../test-6-mutations-with-user-role-editor.js | 7 +- test/output-app/model/Tweet.js | 386 ++++++++++-------- test/output-app/model/User.js | 8 +- test/output-app/resolvers/Tweet.js | 67 +-- test/output-app/resolvers/User.js | 12 +- 7 files changed, 279 insertions(+), 215 deletions(-) diff --git a/test/output-app-end-to-end/test-4-mutations-with-unknown-user.js b/test/output-app-end-to-end/test-4-mutations-with-unknown-user.js index 3ed7eab..18da560 100644 --- a/test/output-app-end-to-end/test-4-mutations-with-unknown-user.js +++ b/test/output-app-end-to-end/test-4-mutations-with-unknown-user.js @@ -103,6 +103,11 @@ describe('test-4: unkown user (e.g. not signed in, or expired token)', () => { body: 'We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:', }; + const expectedTweetOtherAuthorNoAuthor = { + author: null, + body: 'We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:', + }; + const modifiedTweet = { body: 'This is a modified test tweet', }; @@ -147,7 +152,7 @@ describe('test-4: unkown user (e.g. not signed in, or expired token)', () => { it('can read others tweet', () => { return sendQueryAndExpect( `{ tweet(id: "${tweetIdOthers}") { author { id } body } }`, - { tweet: expectedTweetOtherAuthor }, + { tweet: expectedTweetOtherAuthorNoAuthor }, unknownUser) }); diff --git a/test/output-app-end-to-end/test-5-mutations-with-user-role-user.js b/test/output-app-end-to-end/test-5-mutations-with-user-role-user.js index e496e05..0c16c90 100644 --- a/test/output-app-end-to-end/test-5-mutations-with-user-role-user.js +++ b/test/output-app-end-to-end/test-5-mutations-with-user-role-user.js @@ -193,6 +193,11 @@ describe('test-5: user with role "user"', () => { body: 'We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:', }; + const expectedTweetOtherAuthorNoAuthor = { + author: null, + body: 'We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:', + }; + const modifiedTweet = { body: 'This is a modified test tweet', }; @@ -244,7 +249,7 @@ describe('test-5: user with role "user"', () => { it('can read others tweet', () => { return sendQueryAndExpect( `{ tweet(id: "${tweetIdOthers}") { author { id } body } }`, - { tweet: expectedTweetOtherAuthor }, + { tweet: expectedTweetOtherAuthorNoAuthor }, newUser) }); diff --git a/test/output-app-end-to-end/test-6-mutations-with-user-role-editor.js b/test/output-app-end-to-end/test-6-mutations-with-user-role-editor.js index dfb43bb..b0fbe5b 100644 --- a/test/output-app-end-to-end/test-6-mutations-with-user-role-editor.js +++ b/test/output-app-end-to-end/test-6-mutations-with-user-role-editor.js @@ -193,6 +193,11 @@ describe('test-6: user with role "editor"', () => { body: 'We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:', }; + const expectedTweetOtherAuthorNoAuthor = { + author: null, + body: 'We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:', + }; + const modifiedTweet = { body: 'This is a modified test tweet', }; @@ -244,7 +249,7 @@ describe('test-6: user with role "editor"', () => { it('can read others tweet', () => { return sendQueryAndExpect( `{ tweet(id: "${tweetIdOthers}") { author { id } body } }`, - { tweet: expectedTweetOtherAuthor }, + { tweet: expectedTweetOtherAuthorNoAuthor }, newUser) }); diff --git a/test/output-app/model/Tweet.js b/test/output-app/model/Tweet.js index d96d709..56da25c 100644 --- a/test/output-app/model/Tweet.js +++ b/test/output-app/model/Tweet.js @@ -8,33 +8,33 @@ export default class Tweet { constructor(context) { /* this is generated from ... @authorize( + admin: ["read", "update", "delete"], author: ["create", "read", "update", "delete"], coauthors: ["read", "update"], - admin: ["read", "update", "delete"], world: ["read"] ) */ this.authorizations = { - author: { - create: true, + admin: { read: true, readOne: true, readMany: true, update: true, delete: true, }, - coauthors: { + author: { + create: true, read: true, readOne: true, readMany: true, update: true, + delete: true, }, - admin: { + coauthors: { read: true, readOne: true, readMany: true, update: true, - delete: true, }, world: { read: true, @@ -50,10 +50,24 @@ export default class Tweet { // returns true, if the user's role is of expected kind // this is generated whenever @authorize appears in the type definition - hasUserRole({role, doc, user, mode}){ + hasUserRole({role, doc, user, mode, printLog = true, resolver}){ let hasRole = false; switch (role) { - + // returns true, if signed in user has a role "admin" + // this is generated by... + // @authorize(admin: ["read", "update", "delete"]) + // ----- + // and if there is no @authRole("admin") user on any of the fields + // then it assumes a role definition + // and it checks against the role of the signed in user + case 'admin': + hasRole = ( + // valid signed in user id available + !!user && !!user._id && user._id.toString() !== '' && + // the current user has the correct role + this.context.User.role(user) === 'admin' + ); + break; // returns true, if the signed in user is an author // this is generated by... // author: User! @unmodifiable @belongsTo @authRole("author") @@ -68,7 +82,6 @@ export default class Tweet { doc.authorId.toString() === user._id.toString() ); break; - // returns true, if the signed in user is one of the coauthors // this is generated by... // coauthors: [User!] @belongsTo @authRole("coauthors") @@ -83,23 +96,6 @@ export default class Tweet { _.indexOf(doc.coauthorsIds, user._id.toString()) > -1 ); break; - - // returns true, if signed in user has a role "admin" - // this is generated by... - // @authorize(admin: ["read", "update", "delete"]) - // ----- - // and if there is no @authRole("admin") user on any of the fields - // then it assumes a role definition - // and it checks against the role of the signed in user - case 'admin': - hasRole = ( - // valid signed in user id available - !!user && !!user._id && user._id.toString() !== '' && - // the current user has the correct role - this.context.User.role(user) === 'admin' - ); - break; - // returns true, if user has a role "world" // this is generated by... // @authorize(world: ["read"]) @@ -110,219 +106,263 @@ export default class Tweet { case 'world': hasRole = true; break; - } - - (DEBUG) ? console.log( - '\n---------------------------------------------------------------------------------\n', - 'hasRole?','\n', - 'check if role =', role,'\n', - 'for user:', user.username, user.role, user._id, '\n', - 'doc:', JSON.stringify(doc, null, 2),'\n', - '==>', hasRole - ) - : null; - + if (printLog){ + log.debug(''); + log.debug(`${resolver} hasRole: "${role}" "${ + user.username ? user.username : '' + } ${ + user.role ? user.role : '' + } ${ + user._id ? user._id : '' + } doc: "${ + (doc && doc._id) ? doc._id.toString() : '' + }" author: "${ + (doc && doc.authorId) ? doc.authorId : '' + }" coauthors: "${ + (doc && doc.coauthorsIds && doc.coauthorsIds.length > 0) ? doc.coauthorsIds.toString() : '' + }" ==> "${hasRole}"`); + } return hasRole; } // returns true, if the user role is authorized for the current mode // this is generated whenever @authorize appears in the type definition - isRoleAuthorizedForMode({role, mode}){ - (DEBUG) ? - console.log( - 'isRoleAuthorizedForMode?', '\n', - 'role:', role, - 'mode:', mode, - '==>', this.authorizations[role][mode] ? true : false, - '\n---------------------------------------------------------------------------------\n', - ) - : null; + isRoleAuthorizedForMode({role, mode, resolver}){ + log.debug(`${resolver} isRoleAuthorizedForMode: "${role}" "${mode}" ==> "${this.authorizations[role][mode] ? true : false}"`); return this.authorizations[role][mode] ? true : false; } // returns true, if the current user is authorized for the current mode and document // this is generated, whenever @authorize appears... - isAuthorized({doc, mode, user}){ - // for authorization DEBUGging and logging reasons, do individual checks... + isAuthorized({doc, mode, user, resolver}){ + // generated by @authorize(admin: ...) + const adminAuthorized = this.hasUserRole({role: 'admin', doc, user, mode, printLog: true, resolver}) && + this.isRoleAuthorizedForMode({role: 'admin', mode, resolver}); + + // logging for debugging... + if (adminAuthorized){ + log.debug(`${resolver} isAuthorized: role: "${ + (user && user._id && this.context.User.role(user)) ? this.context.User.role(user) : '' + }" "${mode}" doc: "${ + (doc && doc._id) ? doc._id.toString() : '' + }" user: "${ + (user && user._id) ? user._id.toString() : '' + }" ===> "${adminAuthorized}"`); + + return adminAuthorized; + } // generated by @authorize(author: ...) - const authorAuthorized = this.hasUserRole({role: 'author', doc, user, mode}) && - this.isRoleAuthorizedForMode({role: 'author', mode}); - if (authorAuthorized && DEBUG) { - console.log( - 'Mode:', mode, - 'Tweet:', (doc && doc._id) ? doc._id.toString() : '', - 'User:', (user && user._id) ? user._id.toString() : '', - 'Author:', (doc && doc.authorId) ? doc.authorId.toString() : 'Error', - "===>", 'Authorized:', authorAuthorized - ); - } - - // generated by @authorize(coauthors: ...) - const coauthorsAuthorized = this.hasUserRole({role: 'coauthors', doc, user, mode}) && - this.isRoleAuthorizedForMode({role: 'coauthors', mode}); - if (coauthorsAuthorized && DEBUG) { - console.log( - 'Mode:', mode, - 'Tweet:', (doc && doc._id) ? doc._id.toString() : '', - 'User:', (user && user._id) ? user._id.toString() : '', - 'Coauthors:', (doc && doc.coauthorsIds) ? doc.coauthorsIds.toString() : 'Error', - "===>", 'Authorized:', coauthorsAuthorized - ); + const authorAuthorized = this.hasUserRole({role: 'author', doc, user, mode, printLog: true, resolver}) && + this.isRoleAuthorizedForMode({role: 'author', mode, resolver}); + + // logging for debugging... + if (authorAuthorized){ + log.debug(`${resolver} isAuthorized: role: "author" "${mode}" doc: "${ + (doc && doc._id) ? doc._id.toString() : '' + }" author: "${ + (doc && doc.authorId) ? doc.authorId : '' + }" user: "${ + (user && user._id) ? user._id.toString() : '' + }" ===> "${authorAuthorized}"`); + + return authorAuthorized; } - // generated by @authorize(admin: ...) - const adminAuthorized = this.hasUserRole({role: 'admin', doc, user, mode}) && - this.isRoleAuthorizedForMode({role: 'admin', mode}); - if (adminAuthorized && DEBUG){ - console.log( - 'Mode:', mode, - 'Tweet:', (doc && doc._id) ? doc._id.toString() : '', - 'User:', (user && user._id) ? user._id.toString() : '', - 'Role:', (user && user._id && this.context.User.role(user)) ? this.context.User.role(user) : 'Error', - "===>", 'Authorized:', adminAuthorized - ); + // generated by @authorize(coauthors: ...) + const coauthorsAuthorized = this.hasUserRole({role: 'coauthors', doc, user, mode, printLog: true, resolver}) && + this.isRoleAuthorizedForMode({role: 'coauthors', mode, resolver}); + + // logging for debugging... + if (coauthorsAuthorized){ + log.debug(`${resolver} isAuthorized: role: "coauthors" "${mode}" doc: "${ + (doc && doc._id) ? doc._id.toString() : '' + }" coauthors: "${ + (doc && doc.coauthorsIds && doc.coauthorsIds.length > 0) ? doc.coauthorsIds.toString() : '' + }" user: "${ + (user && user._id) ? user._id.toString() : '' + }" ===> "${coauthorsAuthorized}"`); + + return coauthorsAuthorized; } // generated by @authorize(world: ...) - const worldAuthorized = this.hasUserRole({role: 'world', doc, user, mode}) && - this.isRoleAuthorizedForMode({role: 'world', mode}); - if (worldAuthorized && DEBUG) { - console.log( - 'Mode:', mode, - 'Tweet:', (doc && doc._id) ? doc._id.toString() : '', - 'User:', (user && user._id) ? user._id.toString() : '', - 'Role:', 'world', - "===>", 'Authorized:', worldAuthorized - ); + const worldAuthorized = this.hasUserRole({role: 'world', doc, user, mode, printLog: true, resolver}) && + this.isRoleAuthorizedForMode({role: 'world', mode, resolver}); + + // logging for debugging... + if (worldAuthorized){ + log.debug(`${resolver} isAuthorized: role: "world" "${mode}" doc: "${ + (doc && doc._id) ? doc._id.toString() : '' + }" user: "${ + (user && user._id) ? user._id.toString() : '' + }" ===> "${worldAuthorized}"`); + + return worldAuthorized; } - // generated by @authorize(author: ..., coauthors: ..., admin: ..., world: ...) - const authResult = authorAuthorized || coauthorsAuthorized || adminAuthorized || worldAuthorized; - if (!authResult && DEBUG) { - console.log( - 'Mode:', mode, - 'Tweet:', (doc && doc._id) ? doc._id.toString() : '', - 'User:', (user && user._id) ? user._id.toString() : '', - "===>", 'Authorized:', authResult - ); - } + // logging for debugging... + log.debug(`${resolver} isAuthorized: role: "${ + (user && user._id && this.context.User.role(user)) ? this.context.User.role(user) : '' + }" "${mode}" doc: "${ + (doc && doc._id) ? doc._id.toString() : '' + }" author: "${ + (doc && doc.authorId) ? doc.authorId : '' + }" coauthors: "${ + (doc && doc.coauthorsIds && doc.coauthorsIds.length > 0) ? doc.coauthorsIds.toString() : '' + }" user: "${ + (user && user._id) ? user._id.toString() : '' + }" ===> "false"`); + + return false; + } - return authResult; + // returns document without role field + // generated by... + // role: String! @authRole("admin") @authorize(this: ["read"], admin: ["read", "update"]) + // ------- ------------------ + authorizedFields({doc, mode, user, resolver}){ + // array contains all fields, whose authorization is to be checked + // role: String! @authorize() + // ---- ------------ + const fields = []; + + // check authorization on field level now + fields.forEach(field => { + // default is: field is not authorized + let authorizedField = false; + + // ... Checking fields here... + + // otherwise remove field from doc, + // because the user and mode is not authorize to access this field + if ( !authorizedField && doc[field] ){ + log.debug(`${resolver} authorizedFields: "${field}" not authorized for user/role and mode: "${mode}", removed from document`); + delete doc[field]; + } + }); + + return doc; } - // returns only authorized documents - authorized({doc, mode, user}){ + // returns only authorized documents and fields + // generated by ... + // @authorize() + authorized({doc, mode, user, resolver}){ + // if it is an array of documents, .... if (_.isArray(doc)){ - return _.filter(doc, d => this.isAuthorized({doc: d, mode, user}) ); - } else if (_.isObject(doc) && this.isAuthorized({doc, mode, user})) { - return doc; - } else { - return null; + // then filter for the authorized documents + let authorizedDocs = _.filter(doc, d => this.isAuthorized({doc: d, mode, user, resolver}) ); + // provide only authorized fields + authorizedDocs.forEach(d => { + d = this.authorizedFields({doc: d, mode, user, resolver}); + }); + return authorizedDocs; + + // if it is a single document, check the authorization for it + } else if ( _.isObject(doc) && this.isAuthorized({doc, mode, user, resolver}) ) { + // return only authorized fields + const authorizedDoc = this.authorizedFields({doc, mode, user, resolver}); + return authorizedDoc; } + + // or return null, if no authorized document was found + log.debug(`${resolver} authorized: no authorized doc found`); + return null; } - async findOneById(id) { + async findOneById(id, _user) { const doc = await this.loader.load(id); return doc; } - async all({ lastCreatedAt = 0, limit = 10 }) { - const docs = await this.collection.find({ + async all({ lastCreatedAt = 0, limit = 10 }, _user) { + const doc = await this.collection.find({ createdAt: { $gt: lastCreatedAt }, }).sort({ createdAt: 1 }).limit(limit).toArray(); - return docs; + return doc; } - author(tweet) { - return this.context.User.findOneById(tweet.authorId); + async author(tweet, _user) { + const doc = await this.context.User.findOneById(tweet.authorId, _user); + const authorizedDoc = this.context.User.authorized({doc, mode: READONE, user: _user, resolver: 'author'}); + return authorizedDoc; } - createdBy(tweet) { - return this.context.User.findOneById(tweet.createdById); + async createdBy(tweet, _user) { + const doc = await this.context.User.findOneById(tweet.createdById, _user); + const authorizedDoc = this.context.User.authorized({doc, mode: READONE, user: _user, resolver: 'createdBy'}); + return authorizedDoc; } - updatedBy(tweet) { - return this.context.User.findOneById(tweet.updatedById); + async updatedBy(tweet, _user) { + const doc = await this.context.User.findOneById(tweet.updatedById, _user); + const authorizedDoc = this.context.User.authorized({doc, mode: READONE, user: _user, resolver: 'updatedBy'}); + return authorizedDoc; } - coauthors(tweet, { lastCreatedAt = 0, limit = 10 }) { - return this.context.User.collection.find({ + async coauthors(tweet, { lastCreatedAt = 0, limit = 10 }, _user) { + const doc = await this.context.User.collection.find({ _id: { $in: tweet.coauthorsIds }, createdAt: { $gt: lastCreatedAt }, }).sort({ createdAt: 1 }).limit(limit).toArray(); + const authorizedDoc = this.context.User.authorized({doc, mode: READMANY, user: _user, resolver: 'coauthors'}); + return authorizedDoc; } - likers(tweet, { lastCreatedAt = 0, limit = 10 }) { - return this.context.User.collection.find({ + async likers(tweet, { lastCreatedAt = 0, limit = 10 }, _user) { + const doc = await this.context.User.collection.find({ likedIds: tweet._id, createdAt: { $gt: lastCreatedAt }, }).sort({ createdAt: 1 }).limit(limit).toArray(); + const authorizedDoc = this.context.User.authorized({doc, mode: READMANY, user: _user, resolver: 'likers'}); + return authorizedDoc; } - // adding the current signed in user as a document owner - // the field of the document owner is identified - // by a field in the type definition, which contains an @authRole - addUserToDoc({doc, mode, user}){ - let enhancedDoc = Object.assign({}, doc); - - // generated by... - // author: User! @unmodifiable @belongsTo @authRole("author") - // ----- ------------------- - if (user && user._id){ - enhancedDoc = Object.assign({}, { authorId: user._id}, enhancedDoc); - } - - // generated by ... - // coauthors: [User!] @belongsTo @authRole("coauthors") - // ------- ---------------------- - // TODO: is this logically correct? - if (user && user._id){ - let coauthorsIds = enhancedDoc.coauthorsIds || []; - coauthorsIds = _.union(coauthorsIds, [user._id]); - enhancedDoc = Object.assign({}, { coauthorsIds: coauthorsIds}, enhancedDoc); - } - - // generated by... - // createdBy: User! @unmodifiable @belongsTo - // ----- ------------------- - if (mode === CREATE && user && user._id){ - enhancedDoc = Object.assign({}, { createdById: user._id}, enhancedDoc); - } - - // generated by... - // changedBy: User! @unmodifiable @belongsTo - // ----- ------------------- - if (mode === UPDATE && user && user._id){ - enhancedDoc = Object.assign({}, { updatedById: user._id}, enhancedDoc); - } - - return enhancedDoc; - } - - async insert(doc) { - const docToInsert = Object.assign({}, doc, { + async insert(doc, _user) { + // let coauthorsIds = doc.coauthorsIds || []; + // const enhancedDoc = Object.assign({ + // authorId: user._id, + // coauthorsIds: coauthorsIds, + // }); + let docToInsert = Object.assign({}, doc, { createdAt: Date.now(), updatedAt: Date.now(), + createdById: (_user && _user._id) ? _user._id : 'unknown', + updatedById: (_user && _user._id) ? _user._id : 'unknown', }); + docToInsert = this.authorizedFields({doc: docToInsert, mode: CREATE, user: _user, resolver: 'insert'}); + const authorized = this.isAuthorized({doc: docToInsert, mode: CREATE, user: _user, resolver: 'insert'}); + if (!authorized) throw new Error('Tweet: mode: create not authorized'); + const id = (await this.collection.insertOne(docToInsert)).insertedId; - this.pubsub.publish('tweetInserted', await this.findOneById(id)); + this.pubsub.publish('tweetInserted', await this.findOneById(id, _user)); return id; } - async updateById(id, doc) { + async updateById(id, doc, _user) { + const foundDoc = await this.findOneById(id); + const authorized = this.isAuthorized({doc: foundDoc, mode: UPDATE, user: _user, resolver: 'updateById'}); + if (!authorized) throw new Error('Tweet: mode: update not authorized'); + + const updatedDoc = this.authorizedFields({doc, mode: UPDATE, user: _user, resolver: 'updateById'}); const ret = await this.collection.update({ _id: id }, { - $set: Object.assign({}, doc, { + $set: Object.assign({}, updatedDoc, { updatedAt: Date.now(), + updatedById: (_user && _user._id) ? _user._id : 'unknown', }), }); this.loader.clear(id); - this.pubsub.publish('tweetUpdated', await this.findOneById(id)); + this.pubsub.publish('tweetUpdated', await this.findOneById(id, _user)); return ret; } - async removeById(id) { + async removeById(id, _user) { + const doc = await this.findOneById(id, _user); + const authorized = this.isAuthorized({doc, mode: DELETE, user: _user, resolver: 'removeById'}); + if (!authorized) throw new Error('Tweet: mode: delete not authorized'); + const ret = this.collection.remove({ _id: id }); this.loader.clear(id); this.pubsub.publish('tweetRemoved', id); diff --git a/test/output-app/model/User.js b/test/output-app/model/User.js index 7670ed6..acbecb0 100644 --- a/test/output-app/model/User.js +++ b/test/output-app/model/User.js @@ -175,7 +175,7 @@ export default class User { } } - // ... Checking other fields if there... + // ... Checking fields here... // otherwise remove field from doc, // because the user and mode is not authorize to access this field @@ -241,7 +241,8 @@ export default class User { authorId: user._id, createdAt: { $gt: lastCreatedAt }, }).sort({ createdAt: 1 }).limit(limit).toArray(); - return doc; + const authorizedDoc = this.context.Tweet.authorized({doc, mode: READMANY, user: _user, resolver: 'tweets'}); + return authorizedDoc; } async liked(user, { lastCreatedAt = 0, limit = 10 }, _user) { @@ -249,7 +250,8 @@ export default class User { _id: { $in: user.likedIds || [] }, createdAt: { $gt: lastCreatedAt }, }).sort({ createdAt: 1 }).limit(limit).toArray(); - return doc; + const authorizedDoc = this.context.Tweet.authorized({doc, mode: READMANY, user: _user, resolver: 'liked'}); + return authorizedDoc; } async following(user, { lastCreatedAt = 0, limit = 10 }, _user) { diff --git a/test/output-app/resolvers/Tweet.js b/test/output-app/resolvers/Tweet.js index 2938e39..0b62449 100644 --- a/test/output-app/resolvers/Tweet.js +++ b/test/output-app/resolvers/Tweet.js @@ -3,36 +3,43 @@ import { CREATE, READ, READONE, READMANY, UPDATE, DELETE, DEBUG } from '../model const resolvers = { Tweet: { - + id(tweet) { return tweet._id; }, - author(tweet, args, { Tweet }) { - return Tweet.author(tweet); + async author(tweet, args, { Tweet, _user }) { + const doc = await Tweet.author(tweet, _user); + return doc; }, - createdBy(tweet, args, { Tweet }) { - return Tweet.createdBy(tweet); + async createdBy(tweet, args, { Tweet, _user }) { + const doc = await Tweet.createdBy(tweet, _user); + return doc; }, - updatedBy(tweet, args, { Tweet }) { - return Tweet.updatedBy(tweet); + async updatedBy(tweet, args, { Tweet, _user }) { + const doc = await Tweet.updatedBy(tweet, _user); + return doc; }, - coauthors(tweet, { lastCreatedAt, limit }, { Tweet }) { - return Tweet.coauthors(tweet, { lastCreatedAt, limit }); + async coauthors(tweet, { lastCreatedAt, limit }, { Tweet, _user }) { + const doc = await Tweet.coauthors(tweet, { lastCreatedAt, limit }, _user); + return doc; }, - likers(tweet, { lastCreatedAt, limit }, { Tweet }) { - return Tweet.likers(tweet, { lastCreatedAt, limit }); + async likers(tweet, { lastCreatedAt, limit }, { Tweet, _user }) { + const doc = await Tweet.likers(tweet, { lastCreatedAt, limit }, _user); + return doc; }, }, Query: { async tweets(root, { lastCreatedAt, limit }, { Tweet, _user }) { try { - const doc = await Tweet.all({ lastCreatedAt, limit }); - return Tweet.authorized({doc, mode: 'readMany', user: _user}); + log.debug('---------------------'); + log.debug('Tweet resolver "tweets"'); + const doc = await Tweet.all({ lastCreatedAt, limit }, _user); + return Tweet.authorized({doc, mode: READMANY, user: _user, resolver: 'tweets'}); } catch(error) { console.log('ERROR:', error.message); } @@ -40,8 +47,10 @@ const resolvers = { async tweet(root, { id }, { Tweet, _user }) { try { - const doc = await Tweet.findOneById(id); - return Tweet.authorized({doc, mode: 'readOne', user: _user}); + log.debug('---------------------'); + log.debug('Tweet resolver "tweet"'); + const doc = await Tweet.findOneById(id, _user); + return Tweet.authorized({doc, mode: READONE, user: _user, resolver: 'tweet'}); } catch(error) { console.log('ERROR:', error.message); } @@ -50,11 +59,11 @@ const resolvers = { Mutation: { async createTweet(root, { input }, { Tweet, _user }) { try { - const doc = Tweet.addUserToDoc({doc: input, mode: 'create', user: _user}); - const authorized = Tweet.isAuthorized({doc, mode: 'create', user: _user}); - if (!authorized) throw new Error('Tweet: mode: create not authorized'); - const id = await Tweet.insert(input); - return Tweet.findOneById(id); + log.debug('---------------------------'); + log.debug('Tweet resolver "createTweet"'); + const id = await Tweet.insert(input, _user); + const doc = await Tweet.findOneById(id, _user); + return Tweet.authorized({doc, mode: READONE, user: _user, resolver: 'createTweet'}); } catch(error) { console.log('ERROR:', error.message); } @@ -62,11 +71,11 @@ const resolvers = { async updateTweet(root, { id, input }, { Tweet, _user }) { try { - const doc = await Tweet.findOneById(id); - const authorized = Tweet.isAuthorized({doc, mode: 'update', user: _user}); - if (!authorized) throw new Error('Tweet: mode: update not authorized'); - await Tweet.updateById(id, input); - return Tweet.findOneById(id); + log.debug('---------------------------'); + log.debug('Tweet resolver "updateTweet"'); + await Tweet.updateById(id, input, _user); + const doc = await Tweet.findOneById(id, _user); + return Tweet.authorized({doc, mode: READONE, user: _user, resolver: 'updateTweet'}); } catch(error) { console.log('ERROR:', error.message); } @@ -74,10 +83,10 @@ const resolvers = { async removeTweet(root, { id }, { Tweet, _user }) { try { - const doc = await Tweet.findOneById(id); - const authorized = Tweet.isAuthorized({doc, mode: 'delete', user: _user}); - if (!authorized) throw new Error('Tweet: mode: delete not authorized'); - return Tweet.removeById(id); + log.debug('---------------------------'); + log.debug('Tweet resolver "removeTweet"'); + const response = await Tweet.removeById(id, _user); + return response; } catch(error) { console.log('ERROR:', error.message); } diff --git a/test/output-app/resolvers/User.js b/test/output-app/resolvers/User.js index 9ad3f61..5ef1a0a 100644 --- a/test/output-app/resolvers/User.js +++ b/test/output-app/resolvers/User.js @@ -19,15 +19,13 @@ const resolvers = { }, async tweets(user, { minLikes, lastCreatedAt, limit }, { User, _user }) { - return User.tweets(user, { minLikes, lastCreatedAt, limit }); - // const doc = User.tweets(user, { minLikes, lastCreatedAt, limit }); - // return Tweet.authorized({doc, mode: READMANY, user}); + const doc = await User.tweets(user, { minLikes, lastCreatedAt, limit }, _user); + return doc; }, - async liked(user, { lastCreatedAt, limit }, { User, Tweet, _user }) { - return User.liked(user, { lastCreatedAt, limit }); - // const doc = User.liked(user, { lastCreatedAt, limit }); - // return Tweet.authorized({doc, mode: READMANY, user}); + async liked(user, { lastCreatedAt, limit }, { User, _user }) { + const doc = await User.liked(user, { lastCreatedAt, limit }, _user); + return doc; }, async following(user, { lastCreatedAt, limit }, { User, _user }) { From 614e17f09d8a2fa46d1dd9c816068a20636b04ac Mon Sep 17 00:00:00 2001 From: Tobias Klemmer Date: Mon, 5 Jun 2017 00:39:25 +0200 Subject: [PATCH 36/69] cleanup resolvers --- test/output-app/.gitignore | 1 - test/output-app/index.js | 2 +- test/output-app/model/Tweet.js | 50 ++++++++++---------- test/output-app/model/User.js | 42 ++++++++--------- test/output-app/resolvers/Tweet.js | 66 +++++++------------------- test/output-app/resolvers/User.js | 75 ++++++++---------------------- 6 files changed, 83 insertions(+), 153 deletions(-) diff --git a/test/output-app/.gitignore b/test/output-app/.gitignore index c9d3b9d..5b29f10 100644 --- a/test/output-app/.gitignore +++ b/test/output-app/.gitignore @@ -2,4 +2,3 @@ node_modules /db /input server/logs/all-logs.log -server/logs/*.log diff --git a/test/output-app/index.js b/test/output-app/index.js index 0035126..449bd70 100644 --- a/test/output-app/index.js +++ b/test/output-app/index.js @@ -102,7 +102,7 @@ if (!MONGO_URL) { nodemon({ script: path.join('server', 'index.js'), ext: 'js graphql', - exec: 'babel-node', + exec: 'babel-node --inspect', }).on('restart', () => console.log('Restarting server due to file change\n')); diff --git a/test/output-app/model/Tweet.js b/test/output-app/model/Tweet.js index 56da25c..2ead2d1 100644 --- a/test/output-app/model/Tweet.js +++ b/test/output-app/model/Tweet.js @@ -272,34 +272,36 @@ export default class Tweet { return null; } - async findOneById(id, _user) { - const doc = await this.loader.load(id); - return doc; + async getById(id, _user, resolver){ + const doc = await this.findOneById(id); + return this.authorized({doc, mode: READONE, user: _user, resolver}); + } + + findOneById(id) { + return this.loader.load(id); } - async all({ lastCreatedAt = 0, limit = 10 }, _user) { - const doc = await this.collection.find({ + async getAll({ lastCreatedAt, limit }, _user, resolver){ + const doc = await this.all({ lastCreatedAt, limit }, _user); + return this.authorized({doc, mode: READMANY, user: _user, resolver}); + } + + all({ lastCreatedAt = 0, limit = 10 }, _user) { + return this.collection.find({ createdAt: { $gt: lastCreatedAt }, }).sort({ createdAt: 1 }).limit(limit).toArray(); - return doc; } - async author(tweet, _user) { - const doc = await this.context.User.findOneById(tweet.authorId, _user); - const authorizedDoc = this.context.User.authorized({doc, mode: READONE, user: _user, resolver: 'author'}); - return authorizedDoc; + author(tweet, _user) { + return this.context.User.getById(tweet.authorId, _user, 'author'); } - async createdBy(tweet, _user) { - const doc = await this.context.User.findOneById(tweet.createdById, _user); - const authorizedDoc = this.context.User.authorized({doc, mode: READONE, user: _user, resolver: 'createdBy'}); - return authorizedDoc; + createdBy(tweet, _user) { + return this.context.User.getById(tweet.createdById, _user, 'createdBy'); } - async updatedBy(tweet, _user) { - const doc = await this.context.User.findOneById(tweet.updatedById, _user); - const authorizedDoc = this.context.User.authorized({doc, mode: READONE, user: _user, resolver: 'updatedBy'}); - return authorizedDoc; + updatedBy(tweet, _user) { + return this.context.User.getById(tweet.updatedById, _user, 'udpatedBy'); } async coauthors(tweet, { lastCreatedAt = 0, limit = 10 }, _user) { @@ -307,8 +309,7 @@ export default class Tweet { _id: { $in: tweet.coauthorsIds }, createdAt: { $gt: lastCreatedAt }, }).sort({ createdAt: 1 }).limit(limit).toArray(); - const authorizedDoc = this.context.User.authorized({doc, mode: READMANY, user: _user, resolver: 'coauthors'}); - return authorizedDoc; + return this.context.User.authorized({doc, mode: READMANY, user: _user, resolver: 'coauthors'}); } async likers(tweet, { lastCreatedAt = 0, limit = 10 }, _user) { @@ -316,8 +317,7 @@ export default class Tweet { likedIds: tweet._id, createdAt: { $gt: lastCreatedAt }, }).sort({ createdAt: 1 }).limit(limit).toArray(); - const authorizedDoc = this.context.User.authorized({doc, mode: READMANY, user: _user, resolver: 'likers'}); - return authorizedDoc; + return this.context.User.authorized({doc, mode: READMANY, user: _user, resolver: 'likers'}); } async insert(doc, _user) { @@ -337,7 +337,7 @@ export default class Tweet { if (!authorized) throw new Error('Tweet: mode: create not authorized'); const id = (await this.collection.insertOne(docToInsert)).insertedId; - this.pubsub.publish('tweetInserted', await this.findOneById(id, _user)); + this.pubsub.publish('tweetInserted', await this.findOneById(id)); return id; } @@ -354,12 +354,12 @@ export default class Tweet { }), }); this.loader.clear(id); - this.pubsub.publish('tweetUpdated', await this.findOneById(id, _user)); + this.pubsub.publish('tweetUpdated', await this.findOneById(id)); return ret; } async removeById(id, _user) { - const doc = await this.findOneById(id, _user); + const doc = await this.findOneById(id); const authorized = this.isAuthorized({doc, mode: DELETE, user: _user, resolver: 'removeById'}); if (!authorized) throw new Error('Tweet: mode: delete not authorized'); diff --git a/test/output-app/model/User.js b/test/output-app/model/User.js index acbecb0..9bb463d 100644 --- a/test/output-app/model/User.js +++ b/test/output-app/model/User.js @@ -79,7 +79,7 @@ export default class User { } if (printLog){ log.debug(''); - log.debug(`${resolver} hasRole: "${role}" "${user.username ? user.username : ''} ${user.role ? user.role : ''} ${user._id ? user._id : ''}" ==> "${hasRole}"`); + log.debug(`${resolver} hasRole: "${role}" "${(user && user.username) ? user.username : ''} ${(user && user.role) ? user.role : ''} ${(user && user._id) ? user._id : ''}" ==> "${hasRole}"`); } return hasRole; } @@ -214,26 +214,24 @@ export default class User { return null; } - async findOneById(id, _user) { - //console.log('findOneById _user', id, JSON.stringify(_user, null, 2)); - const doc = await this.loader.load(id); - return doc; - // wanted to do the authorization here, but in the query, the user is false, in mutations and resolvers it is there, why? - // the following doesn't work, because the user is not there at this point of time for a reason I don't understand - // const authorizedDoc = this.authorized({doc: doc, mode: READONE, user: user}); - // return authorizedDoc; + async getById(id, _user, resolver){ + const doc = await this.findOneById(id); + return this.authorized({doc, mode: READONE, user: _user, resolver}); + } + + findOneById(id) { + return this.loader.load(id); } - async all({ lastCreatedAt = 0, limit = 10 }, _user) { - //console.log('findOneById _user', id, JSON.stringify(_user, null, 2)); - const doc = await this.collection.find({ + async getAll({ lastCreatedAt, limit }, _user, resolver){ + const doc = await this.all({ lastCreatedAt, limit }, _user); + return this.authorized({doc, mode: READMANY, user: _user, resolver}); + } + + all({ lastCreatedAt = 0, limit = 10 }, _user) { + return this.collection.find({ createdAt: { $gt: lastCreatedAt }, }).sort({ createdAt: 1 }).limit(limit).toArray(); - return doc; - // wanted to do the authorization here, but in the query, the user is false, in mutations and resolvers it is there, why? - // the following doesn't work, because the user is not there at this point of time for a reason I don't understand - // const authorizedDocs = this.authorized({doc, mode: READMANY, user}); - // return authorizedDocs; } async tweets(user, { minLikes, lastCreatedAt = 0, limit = 10 }, _user) { @@ -273,13 +271,13 @@ export default class User { } async createdBy(user, _user) { - const doc = await this.context.User.findOneById(user.createdById, _user); + const doc = await this.context.User.getById(user.createdById, _user, 'createdBy'); const authorizedDoc = this.authorized({doc, mode: READONE, user: _user, resolver: 'createdBy'}); return authorizedDoc; } async updatedBy(user, _user) { - const doc = await this.context.User.findOneById(user.updatedById, _user); + const doc = await this.context.User.getById(user.updatedById, _user, 'updatedBy'); const authorizedDoc = this.authorized({doc, mode: READONE, user: _user, resolver: 'updatedBy'}); return authorizedDoc; } @@ -296,7 +294,7 @@ export default class User { if (!authorized) throw new Error('User: mode: create not authorized'); const id = (await this.collection.insertOne(docToInsert)).insertedId; - this.pubsub.publish('userInserted', await this.findOneById(id, _user)); + this.pubsub.publish('userInserted', await this.findOneById(id)); return id; } @@ -313,12 +311,12 @@ export default class User { }), }); this.loader.clear(id); - this.pubsub.publish('userUpdated', await this.findOneById(id, _user)); + this.pubsub.publish('userUpdated', await this.findOneById(id)); return ret; } async removeById(id, _user) { - const doc = await this.findOneById(id, _user); + const doc = await this.findOneById(id); const authorized = this.isAuthorized({doc, mode: DELETE, user: _user, resolver: 'removeById'}); if (!authorized) throw new Error('User: mode: delete not authorized'); diff --git a/test/output-app/resolvers/Tweet.js b/test/output-app/resolvers/Tweet.js index 0b62449..2c74815 100644 --- a/test/output-app/resolvers/Tweet.js +++ b/test/output-app/resolvers/Tweet.js @@ -1,69 +1,43 @@ -import log from '../server/logger'; -import { CREATE, READ, READONE, READMANY, UPDATE, DELETE, DEBUG } from '../model/constants'; - const resolvers = { Tweet: { - id(tweet) { return tweet._id; }, - async author(tweet, args, { Tweet, _user }) { - const doc = await Tweet.author(tweet, _user); - return doc; + author(tweet, args, { Tweet, _user }) { + return Tweet.author(tweet, _user); }, - async createdBy(tweet, args, { Tweet, _user }) { - const doc = await Tweet.createdBy(tweet, _user); - return doc; + createdBy(tweet, args, { Tweet, _user }) { + return Tweet.createdBy(tweet, _user); }, - async updatedBy(tweet, args, { Tweet, _user }) { - const doc = await Tweet.updatedBy(tweet, _user); - return doc; + updatedBy(tweet, args, { Tweet, _user }) { + return Tweet.updatedBy(tweet, _user); }, - async coauthors(tweet, { lastCreatedAt, limit }, { Tweet, _user }) { - const doc = await Tweet.coauthors(tweet, { lastCreatedAt, limit }, _user); - return doc; + coauthors(tweet, { lastCreatedAt, limit }, { Tweet, _user }) { + return Tweet.coauthors(tweet, { lastCreatedAt, limit }, _user); }, - async likers(tweet, { lastCreatedAt, limit }, { Tweet, _user }) { - const doc = await Tweet.likers(tweet, { lastCreatedAt, limit }, _user); - return doc; + likers(tweet, { lastCreatedAt, limit }, { Tweet, _user }) { + return Tweet.likers(tweet, { lastCreatedAt, limit }, _user); }, }, Query: { - async tweets(root, { lastCreatedAt, limit }, { Tweet, _user }) { - try { - log.debug('---------------------'); - log.debug('Tweet resolver "tweets"'); - const doc = await Tweet.all({ lastCreatedAt, limit }, _user); - return Tweet.authorized({doc, mode: READMANY, user: _user, resolver: 'tweets'}); - } catch(error) { - console.log('ERROR:', error.message); - } + tweets(root, { lastCreatedAt, limit }, { Tweet, _user }) { + return Tweet.getAll({ lastCreatedAt, limit }, _user, 'tweets'); }, - async tweet(root, { id }, { Tweet, _user }) { - try { - log.debug('---------------------'); - log.debug('Tweet resolver "tweet"'); - const doc = await Tweet.findOneById(id, _user); - return Tweet.authorized({doc, mode: READONE, user: _user, resolver: 'tweet'}); - } catch(error) { - console.log('ERROR:', error.message); - } + tweet(root, { id }, { Tweet, _user }) { + return Tweet.getById(id, _user, 'tweet'); }, }, Mutation: { async createTweet(root, { input }, { Tweet, _user }) { try { - log.debug('---------------------------'); - log.debug('Tweet resolver "createTweet"'); const id = await Tweet.insert(input, _user); - const doc = await Tweet.findOneById(id, _user); - return Tweet.authorized({doc, mode: READONE, user: _user, resolver: 'createTweet'}); + return Tweet.getById(id, _user, 'createTweet'); } catch(error) { console.log('ERROR:', error.message); } @@ -71,11 +45,8 @@ const resolvers = { async updateTweet(root, { id, input }, { Tweet, _user }) { try { - log.debug('---------------------------'); - log.debug('Tweet resolver "updateTweet"'); await Tweet.updateById(id, input, _user); - const doc = await Tweet.findOneById(id, _user); - return Tweet.authorized({doc, mode: READONE, user: _user, resolver: 'updateTweet'}); + return Tweet.getById(id, _user, 'updateTweet'); } catch(error) { console.log('ERROR:', error.message); } @@ -83,10 +54,7 @@ const resolvers = { async removeTweet(root, { id }, { Tweet, _user }) { try { - log.debug('---------------------------'); - log.debug('Tweet resolver "removeTweet"'); - const response = await Tweet.removeById(id, _user); - return response; + return await Tweet.removeById(id, _user); } catch(error) { console.log('ERROR:', error.message); } diff --git a/test/output-app/resolvers/User.js b/test/output-app/resolvers/User.js index 5ef1a0a..8b9331e 100644 --- a/test/output-app/resolvers/User.js +++ b/test/output-app/resolvers/User.js @@ -1,76 +1,47 @@ -import log from '../server/logger'; -import { CREATE, READ, READONE, READMANY, UPDATE, DELETE, DEBUG } from '../model/constants'; - -const resolvers = { + const resolvers = { User: { - id(user) { return user._id; }, - async createdBy(user, args, { User, _user }) { - const doc = await User.createdBy(user, _user); - return doc; + createdBy(user, args, { User, _user }) { + return User.createdBy(user, _user); }, - async updatedBy(user, args, { User, _user }) { - const doc = await User.updatedBy(user, _user); - return doc; + updatedBy(user, args, { User, _user }) { + return User.updatedBy(user, _user); }, - async tweets(user, { minLikes, lastCreatedAt, limit }, { User, _user }) { - const doc = await User.tweets(user, { minLikes, lastCreatedAt, limit }, _user); - return doc; + tweets(user, { minLikes, lastCreatedAt, limit }, { User, _user }) { + return User.tweets(user, { minLikes, lastCreatedAt, limit }, _user); }, - async liked(user, { lastCreatedAt, limit }, { User, _user }) { - const doc = await User.liked(user, { lastCreatedAt, limit }, _user); - return doc; + liked(user, { lastCreatedAt, limit }, { User, _user }) { + return User.liked(user, { lastCreatedAt, limit }, _user); }, - async following(user, { lastCreatedAt, limit }, { User, _user }) { - const doc = await User.following(user, { lastCreatedAt, limit }, _user); - return doc; + following(user, { lastCreatedAt, limit }, { User, _user }) { + return User.following(user, { lastCreatedAt, limit }, _user); }, - async followers(user, { lastCreatedAt, limit }, { User, _user }) { - const doc = await User.followers(user, { lastCreatedAt, limit }, _user); - return doc; + followers(user, { lastCreatedAt, limit }, { User, _user }) { + return User.followers(user, { lastCreatedAt, limit }, _user); }, }, Query: { - async users(root, { lastCreatedAt, limit }, { User, _user }) { - try { - log.debug('---------------------'); - log.debug('User resolver "users"'); - const doc = await User.all({ lastCreatedAt, limit }, _user); - // for any reason I don't understand the authorization has to remain here in Query - return User.authorized({doc, mode: READMANY, user: _user, resolver: 'users'}); - } catch(error) { - console.log('ERROR:', error.message); - } + users(root, { lastCreatedAt, limit }, { User, _user }) { + return User.getAll({ lastCreatedAt, limit }, _user, 'users'); }, - async user(root, { id }, { User, _user }) { - try { - log.debug('--------------------'); - log.debug('User resolver "user"'); - const doc = await User.findOneById(id, _user); - // for any reason I don't understand the authorization has to remain here in Query - return User.authorized({doc, mode: READONE, user: _user, resolver: 'user'}); - } catch(error) { - console.log('ERROR:', error.message); - } + user(root, { id }, { User, _user }) { + return User.getById(id, _user, 'user'); }, }, Mutation: { async createUser(root, { input }, { User, _user }) { try { - log.debug('--------------------------'); - log.debug('User resolver "createUser"'); const id = await User.insert(input, _user); - const doc = await User.findOneById(id, _user); - return User.authorized({doc, mode: READONE, user: _user, resolver: 'createUser'}); + return User.getById(id, _user, 'createUser'); } catch(error) { console.log('ERROR:', error.message); } @@ -78,11 +49,8 @@ const resolvers = { async updateUser(root, { id, input }, { User, _user }) { try { - log.debug('--------------------------'); - log.debug('User resolver "updateUser"'); await User.updateById(id, input, _user); - const doc = await User.findOneById(id, _user); - return User.authorized({doc, mode: READONE, user: _user, resolver: 'updateUser'}); + return User.getById(id, _user, 'updateUser'); } catch(error) { console.log('ERROR:', error.message); } @@ -90,10 +58,7 @@ const resolvers = { async removeUser(root, { id }, { User, _user }) { try { - log.debug('--------------------------'); - log.debug('User resolver "removeUser"'); - const response = await User.removeById(id, _user); - return response; + return await User.removeById(id, _user); } catch(error) { console.log('ERROR:', error.message); } From 807224a2f04d5df2addc9e02cdee345e2bf505ab Mon Sep 17 00:00:00 2001 From: Tobias Klemmer Date: Tue, 13 Jun 2017 00:22:21 +0200 Subject: [PATCH 37/69] easy auth --- test/input/Tweet.graphql | 2 +- test/output-app/authorizations/Tweet.js | 18 + test/output-app/authorizations/User.js | 18 + test/output-app/authorizations/helpers.js | 58 +++ test/output-app/authorizations/index.js | 8 + test/output-app/index.js | 3 +- test/output-app/model/Tweet-complicated.js | 371 ++++++++++++++++++ test/output-app/model/Tweet.js | 422 +++++---------------- test/output-app/model/User-complicated.js | 328 ++++++++++++++++ test/output-app/model/User.js | 342 +++++------------ test/output-app/model/constants.js | 10 - test/output-app/model/index.js | 2 + test/output-app/package.json | 1 + test/output-app/resolvers/Tweet.js | 16 +- test/output-app/resolvers/User.js | 8 +- test/output-app/schema/Tweet.graphql | 8 +- test/output-app/server/authorize.js | 104 +++++ test/output-app/server/index.js | 4 +- test/output-app/yarn.lock | 18 +- 19 files changed, 1130 insertions(+), 611 deletions(-) create mode 100644 test/output-app/authorizations/Tweet.js create mode 100644 test/output-app/authorizations/User.js create mode 100644 test/output-app/authorizations/helpers.js create mode 100644 test/output-app/authorizations/index.js create mode 100644 test/output-app/model/Tweet-complicated.js create mode 100644 test/output-app/model/User-complicated.js delete mode 100644 test/output-app/model/constants.js create mode 100644 test/output-app/server/authorize.js diff --git a/test/input/Tweet.graphql b/test/input/Tweet.graphql index 4eb42f2..6568072 100644 --- a/test/input/Tweet.graphql +++ b/test/input/Tweet.graphql @@ -9,7 +9,7 @@ type Tweet { author: User! @unmodifiable @belongsTo @authRole("author") - coauthors: [User!] @belongsTo @authRole("coauthors") + coauthors: [User] @belongsTo @authRole("coauthors") body: String! likers: [User!] @hasAndBelongsToMany(as: "liked") diff --git a/test/output-app/authorizations/Tweet.js b/test/output-app/authorizations/Tweet.js new file mode 100644 index 0000000..afdf844 --- /dev/null +++ b/test/output-app/authorizations/Tweet.js @@ -0,0 +1,18 @@ +export const Tweet = { + userRoles: { + create: ['admin'], + read: ['admin', 'world'], + readOne: ['admin', 'world'], + readMany: ['admin', 'world'], + update: ['admin'], + delete: ['admin'], + }, + docRoles: { + create: ['authorId'], + read: ['authorId', 'coauthorsIds'], + readOne: ['authorId', 'coauthorsIds'], + readMany: ['authorId', 'coauthorsIds'], + update: ['authorId', 'coauthorsIds'], + delete: ['authorId'], + } +}; diff --git a/test/output-app/authorizations/User.js b/test/output-app/authorizations/User.js new file mode 100644 index 0000000..7ea5d02 --- /dev/null +++ b/test/output-app/authorizations/User.js @@ -0,0 +1,18 @@ +export const User = { + userRoles: { + create: ['admin'], + read: ['admin'], + readOne: ['admin'], + readMany: ['admin'], + update: ['admin'], + delete: ['admin'], + }, + docRoles: { + create: [], + read: [], + readOne: ['_id'], // == 'this' + readMany: [], + update: ['_id'], + delete: ['_id'], + } +}; diff --git a/test/output-app/authorizations/helpers.js b/test/output-app/authorizations/helpers.js new file mode 100644 index 0000000..4fe4e03 --- /dev/null +++ b/test/output-app/authorizations/helpers.js @@ -0,0 +1,58 @@ +import _ from 'lodash'; +import log from '../server/logger'; + +export function findByIds(collection, ids, authQuery) { + const baseQuery = { _id: { $in: ids } }; + const finalQuery = {...baseQuery, ...authQuery}; + return collection.find(finalQuery) + .toArray() + .then((docs) => { + const idMap = {}; + docs.forEach((d) => { idMap[d._id] = d; }); + return ids.map(id => idMap[id]); + }); +} + +export function loggedIn(user) { + if(user && user._id && user._id.toString() !== '') { + return true; + } + return false; +} + +export function queryForRoles(user, userRoles = [], docRoles = [], { User }) { + // Authorized by userRoles + const role = User.authRole(user); + if (userRoles.includes(role) || userRoles.includes('world')) { + return {}; + } + // Authorized by docRoles + const query = { $or: [] }; + if (docRoles.length > 0 && user && user._id){ + docRoles.forEach(docRole => query.$or.push( { [docRole]: user._id } ) ); + return query; + } + // Not Authorized + return false; +} + +export function userAuthorizedForDoc(_user, docRoles, doc){ + const newDoc = Object.assign({}, doc); + let authorized = false; + docRoles.forEach(docRole => { + // user logged in and + // role field in doc exists and + // includes the current user + // includes works for String and Array + if ( + loggedIn(_user) && newDoc[docRole] && + ( + ( _.isArray(newDoc[docRole]) && newDoc[docRole].includes(_user._id.toString()) ) || + ( _.isObject(newDoc[docRole]) && newDoc[docRole].toString().includes(_user._id.toString()) ) + ) + ){ + authorized = true; + } + }) + return authorized; +} diff --git a/test/output-app/authorizations/index.js b/test/output-app/authorizations/index.js new file mode 100644 index 0000000..b2bba94 --- /dev/null +++ b/test/output-app/authorizations/index.js @@ -0,0 +1,8 @@ +export * from './helpers'; +export const auth = {}; + +import { User } from './User'; +auth.User = User; + +import { Tweet } from './Tweet'; +auth.Tweet = Tweet; diff --git a/test/output-app/index.js b/test/output-app/index.js index 449bd70..588f13f 100644 --- a/test/output-app/index.js +++ b/test/output-app/index.js @@ -102,7 +102,8 @@ if (!MONGO_URL) { nodemon({ script: path.join('server', 'index.js'), ext: 'js graphql', - exec: 'babel-node --inspect', + exec: 'babel-node --inspect', // with debugger + // exec: 'babel-node', // without debugger }).on('restart', () => console.log('Restarting server due to file change\n')); diff --git a/test/output-app/model/Tweet-complicated.js b/test/output-app/model/Tweet-complicated.js new file mode 100644 index 0000000..2ead2d1 --- /dev/null +++ b/test/output-app/model/Tweet-complicated.js @@ -0,0 +1,371 @@ +import _ from 'lodash'; +import log from '../server/logger'; +import DataLoader from 'dataloader'; +import findByIds from 'mongo-find-by-ids'; +import { CREATE, READ, READONE, READMANY, UPDATE, DELETE, DEBUG } from './constants'; + +export default class Tweet { + constructor(context) { + /* this is generated from ... + @authorize( + admin: ["read", "update", "delete"], + author: ["create", "read", "update", "delete"], + coauthors: ["read", "update"], + world: ["read"] + ) + */ + this.authorizations = { + admin: { + read: true, + readOne: true, + readMany: true, + update: true, + delete: true, + }, + author: { + create: true, + read: true, + readOne: true, + readMany: true, + update: true, + delete: true, + }, + coauthors: { + read: true, + readOne: true, + readMany: true, + update: true, + }, + world: { + read: true, + readOne: true, + readMany: true, + } + }; + this.context = context; + this.collection = context.db.collection('tweet'); + this.pubsub = context.pubsub; + this.loader = new DataLoader(ids => findByIds(this.collection, ids)); + } + + // returns true, if the user's role is of expected kind + // this is generated whenever @authorize appears in the type definition + hasUserRole({role, doc, user, mode, printLog = true, resolver}){ + let hasRole = false; + switch (role) { + // returns true, if signed in user has a role "admin" + // this is generated by... + // @authorize(admin: ["read", "update", "delete"]) + // ----- + // and if there is no @authRole("admin") user on any of the fields + // then it assumes a role definition + // and it checks against the role of the signed in user + case 'admin': + hasRole = ( + // valid signed in user id available + !!user && !!user._id && user._id.toString() !== '' && + // the current user has the correct role + this.context.User.role(user) === 'admin' + ); + break; + // returns true, if the signed in user is an author + // this is generated by... + // author: User! @unmodifiable @belongsTo @authRole("author") + // ----- ------------------- + case 'author': + hasRole = ( + // valid signed in user id available + !!user && !!user._id && user._id.toString() !== '' && + // valid document author available + !!doc && !!doc.authorId && doc.authorId.toString() !== '' && + // document author equals signed in user + doc.authorId.toString() === user._id.toString() + ); + break; + // returns true, if the signed in user is one of the coauthors + // this is generated by... + // coauthors: [User!] @belongsTo @authRole("coauthors") + // ------- ---------------------- + case 'coauthors': + hasRole = ( + // valid signed in user id available + !!user && !!user._id && user._id.toString() !== '' && + // document has at least one coauthors + !!doc && !!doc.coauthorsIds && _.isArray(doc.coauthorsIds) && doc.coauthorsIds.length > 0 && + // current signed in user is a coauthors + _.indexOf(doc.coauthorsIds, user._id.toString()) > -1 + ); + break; + // returns true, if user has a role "world" + // this is generated by... + // @authorize(world: ["read"]) + // ----- + // and if there is no @authRole("world") user on any of the fields + // then it assumes the special role definition "world" + // which means for every user, signed in or not signed in + case 'world': + hasRole = true; + break; + } + if (printLog){ + log.debug(''); + log.debug(`${resolver} hasRole: "${role}" "${ + user.username ? user.username : '' + } ${ + user.role ? user.role : '' + } ${ + user._id ? user._id : '' + } doc: "${ + (doc && doc._id) ? doc._id.toString() : '' + }" author: "${ + (doc && doc.authorId) ? doc.authorId : '' + }" coauthors: "${ + (doc && doc.coauthorsIds && doc.coauthorsIds.length > 0) ? doc.coauthorsIds.toString() : '' + }" ==> "${hasRole}"`); + } + return hasRole; + } + + // returns true, if the user role is authorized for the current mode + // this is generated whenever @authorize appears in the type definition + isRoleAuthorizedForMode({role, mode, resolver}){ + log.debug(`${resolver} isRoleAuthorizedForMode: "${role}" "${mode}" ==> "${this.authorizations[role][mode] ? true : false}"`); + return this.authorizations[role][mode] ? true : false; + } + + // returns true, if the current user is authorized for the current mode and document + // this is generated, whenever @authorize appears... + isAuthorized({doc, mode, user, resolver}){ + // generated by @authorize(admin: ...) + const adminAuthorized = this.hasUserRole({role: 'admin', doc, user, mode, printLog: true, resolver}) && + this.isRoleAuthorizedForMode({role: 'admin', mode, resolver}); + + // logging for debugging... + if (adminAuthorized){ + log.debug(`${resolver} isAuthorized: role: "${ + (user && user._id && this.context.User.role(user)) ? this.context.User.role(user) : '' + }" "${mode}" doc: "${ + (doc && doc._id) ? doc._id.toString() : '' + }" user: "${ + (user && user._id) ? user._id.toString() : '' + }" ===> "${adminAuthorized}"`); + + return adminAuthorized; + } + + // generated by @authorize(author: ...) + const authorAuthorized = this.hasUserRole({role: 'author', doc, user, mode, printLog: true, resolver}) && + this.isRoleAuthorizedForMode({role: 'author', mode, resolver}); + + // logging for debugging... + if (authorAuthorized){ + log.debug(`${resolver} isAuthorized: role: "author" "${mode}" doc: "${ + (doc && doc._id) ? doc._id.toString() : '' + }" author: "${ + (doc && doc.authorId) ? doc.authorId : '' + }" user: "${ + (user && user._id) ? user._id.toString() : '' + }" ===> "${authorAuthorized}"`); + + return authorAuthorized; + } + + // generated by @authorize(coauthors: ...) + const coauthorsAuthorized = this.hasUserRole({role: 'coauthors', doc, user, mode, printLog: true, resolver}) && + this.isRoleAuthorizedForMode({role: 'coauthors', mode, resolver}); + + // logging for debugging... + if (coauthorsAuthorized){ + log.debug(`${resolver} isAuthorized: role: "coauthors" "${mode}" doc: "${ + (doc && doc._id) ? doc._id.toString() : '' + }" coauthors: "${ + (doc && doc.coauthorsIds && doc.coauthorsIds.length > 0) ? doc.coauthorsIds.toString() : '' + }" user: "${ + (user && user._id) ? user._id.toString() : '' + }" ===> "${coauthorsAuthorized}"`); + + return coauthorsAuthorized; + } + + // generated by @authorize(world: ...) + const worldAuthorized = this.hasUserRole({role: 'world', doc, user, mode, printLog: true, resolver}) && + this.isRoleAuthorizedForMode({role: 'world', mode, resolver}); + + // logging for debugging... + if (worldAuthorized){ + log.debug(`${resolver} isAuthorized: role: "world" "${mode}" doc: "${ + (doc && doc._id) ? doc._id.toString() : '' + }" user: "${ + (user && user._id) ? user._id.toString() : '' + }" ===> "${worldAuthorized}"`); + + return worldAuthorized; + } + + // logging for debugging... + log.debug(`${resolver} isAuthorized: role: "${ + (user && user._id && this.context.User.role(user)) ? this.context.User.role(user) : '' + }" "${mode}" doc: "${ + (doc && doc._id) ? doc._id.toString() : '' + }" author: "${ + (doc && doc.authorId) ? doc.authorId : '' + }" coauthors: "${ + (doc && doc.coauthorsIds && doc.coauthorsIds.length > 0) ? doc.coauthorsIds.toString() : '' + }" user: "${ + (user && user._id) ? user._id.toString() : '' + }" ===> "false"`); + + return false; + } + + // returns document without role field + // generated by... + // role: String! @authRole("admin") @authorize(this: ["read"], admin: ["read", "update"]) + // ------- ------------------ + authorizedFields({doc, mode, user, resolver}){ + // array contains all fields, whose authorization is to be checked + // role: String! @authorize() + // ---- ------------ + const fields = []; + + // check authorization on field level now + fields.forEach(field => { + // default is: field is not authorized + let authorizedField = false; + + // ... Checking fields here... + + // otherwise remove field from doc, + // because the user and mode is not authorize to access this field + if ( !authorizedField && doc[field] ){ + log.debug(`${resolver} authorizedFields: "${field}" not authorized for user/role and mode: "${mode}", removed from document`); + delete doc[field]; + } + }); + + return doc; + } + + // returns only authorized documents and fields + // generated by ... + // @authorize() + authorized({doc, mode, user, resolver}){ + // if it is an array of documents, .... + if (_.isArray(doc)){ + // then filter for the authorized documents + let authorizedDocs = _.filter(doc, d => this.isAuthorized({doc: d, mode, user, resolver}) ); + // provide only authorized fields + authorizedDocs.forEach(d => { + d = this.authorizedFields({doc: d, mode, user, resolver}); + }); + return authorizedDocs; + + // if it is a single document, check the authorization for it + } else if ( _.isObject(doc) && this.isAuthorized({doc, mode, user, resolver}) ) { + // return only authorized fields + const authorizedDoc = this.authorizedFields({doc, mode, user, resolver}); + return authorizedDoc; + } + + // or return null, if no authorized document was found + log.debug(`${resolver} authorized: no authorized doc found`); + return null; + } + + async getById(id, _user, resolver){ + const doc = await this.findOneById(id); + return this.authorized({doc, mode: READONE, user: _user, resolver}); + } + + findOneById(id) { + return this.loader.load(id); + } + + async getAll({ lastCreatedAt, limit }, _user, resolver){ + const doc = await this.all({ lastCreatedAt, limit }, _user); + return this.authorized({doc, mode: READMANY, user: _user, resolver}); + } + + all({ lastCreatedAt = 0, limit = 10 }, _user) { + return this.collection.find({ + createdAt: { $gt: lastCreatedAt }, + }).sort({ createdAt: 1 }).limit(limit).toArray(); + } + + author(tweet, _user) { + return this.context.User.getById(tweet.authorId, _user, 'author'); + } + + createdBy(tweet, _user) { + return this.context.User.getById(tweet.createdById, _user, 'createdBy'); + } + + updatedBy(tweet, _user) { + return this.context.User.getById(tweet.updatedById, _user, 'udpatedBy'); + } + + async coauthors(tweet, { lastCreatedAt = 0, limit = 10 }, _user) { + const doc = await this.context.User.collection.find({ + _id: { $in: tweet.coauthorsIds }, + createdAt: { $gt: lastCreatedAt }, + }).sort({ createdAt: 1 }).limit(limit).toArray(); + return this.context.User.authorized({doc, mode: READMANY, user: _user, resolver: 'coauthors'}); + } + + async likers(tweet, { lastCreatedAt = 0, limit = 10 }, _user) { + const doc = await this.context.User.collection.find({ + likedIds: tweet._id, + createdAt: { $gt: lastCreatedAt }, + }).sort({ createdAt: 1 }).limit(limit).toArray(); + return this.context.User.authorized({doc, mode: READMANY, user: _user, resolver: 'likers'}); + } + + async insert(doc, _user) { + // let coauthorsIds = doc.coauthorsIds || []; + // const enhancedDoc = Object.assign({ + // authorId: user._id, + // coauthorsIds: coauthorsIds, + // }); + let docToInsert = Object.assign({}, doc, { + createdAt: Date.now(), + updatedAt: Date.now(), + createdById: (_user && _user._id) ? _user._id : 'unknown', + updatedById: (_user && _user._id) ? _user._id : 'unknown', + }); + docToInsert = this.authorizedFields({doc: docToInsert, mode: CREATE, user: _user, resolver: 'insert'}); + const authorized = this.isAuthorized({doc: docToInsert, mode: CREATE, user: _user, resolver: 'insert'}); + if (!authorized) throw new Error('Tweet: mode: create not authorized'); + + const id = (await this.collection.insertOne(docToInsert)).insertedId; + this.pubsub.publish('tweetInserted', await this.findOneById(id)); + return id; + } + + async updateById(id, doc, _user) { + const foundDoc = await this.findOneById(id); + const authorized = this.isAuthorized({doc: foundDoc, mode: UPDATE, user: _user, resolver: 'updateById'}); + if (!authorized) throw new Error('Tweet: mode: update not authorized'); + + const updatedDoc = this.authorizedFields({doc, mode: UPDATE, user: _user, resolver: 'updateById'}); + const ret = await this.collection.update({ _id: id }, { + $set: Object.assign({}, updatedDoc, { + updatedAt: Date.now(), + updatedById: (_user && _user._id) ? _user._id : 'unknown', + }), + }); + this.loader.clear(id); + this.pubsub.publish('tweetUpdated', await this.findOneById(id)); + return ret; + } + + async removeById(id, _user) { + const doc = await this.findOneById(id); + const authorized = this.isAuthorized({doc, mode: DELETE, user: _user, resolver: 'removeById'}); + if (!authorized) throw new Error('Tweet: mode: delete not authorized'); + + const ret = this.collection.remove({ _id: id }); + this.loader.clear(id); + this.pubsub.publish('tweetRemoved', id); + return ret; + } +} diff --git a/test/output-app/model/Tweet.js b/test/output-app/model/Tweet.js index 2ead2d1..75dbb95 100644 --- a/test/output-app/model/Tweet.js +++ b/test/output-app/model/Tweet.js @@ -1,371 +1,149 @@ import _ from 'lodash'; +import { ObjectID } from 'mongodb'; import log from '../server/logger'; import DataLoader from 'dataloader'; -import findByIds from 'mongo-find-by-ids'; -import { CREATE, READ, READONE, READMANY, UPDATE, DELETE, DEBUG } from './constants'; +import { auth, findByIds, queryForRoles, userAuthorizedForDoc } from '../authorizations'; export default class Tweet { constructor(context) { - /* this is generated from ... - @authorize( - admin: ["read", "update", "delete"], - author: ["create", "read", "update", "delete"], - coauthors: ["read", "update"], - world: ["read"] - ) - */ - this.authorizations = { - admin: { - read: true, - readOne: true, - readMany: true, - update: true, - delete: true, - }, - author: { - create: true, - read: true, - readOne: true, - readMany: true, - update: true, - delete: true, - }, - coauthors: { - read: true, - readOne: true, - readMany: true, - update: true, - }, - world: { - read: true, - readOne: true, - readMany: true, - } - }; this.context = context; this.collection = context.db.collection('tweet'); this.pubsub = context.pubsub; - this.loader = new DataLoader(ids => findByIds(this.collection, ids)); - } - - // returns true, if the user's role is of expected kind - // this is generated whenever @authorize appears in the type definition - hasUserRole({role, doc, user, mode, printLog = true, resolver}){ - let hasRole = false; - switch (role) { - // returns true, if signed in user has a role "admin" - // this is generated by... - // @authorize(admin: ["read", "update", "delete"]) - // ----- - // and if there is no @authRole("admin") user on any of the fields - // then it assumes a role definition - // and it checks against the role of the signed in user - case 'admin': - hasRole = ( - // valid signed in user id available - !!user && !!user._id && user._id.toString() !== '' && - // the current user has the correct role - this.context.User.role(user) === 'admin' - ); - break; - // returns true, if the signed in user is an author - // this is generated by... - // author: User! @unmodifiable @belongsTo @authRole("author") - // ----- ------------------- - case 'author': - hasRole = ( - // valid signed in user id available - !!user && !!user._id && user._id.toString() !== '' && - // valid document author available - !!doc && !!doc.authorId && doc.authorId.toString() !== '' && - // document author equals signed in user - doc.authorId.toString() === user._id.toString() - ); - break; - // returns true, if the signed in user is one of the coauthors - // this is generated by... - // coauthors: [User!] @belongsTo @authRole("coauthors") - // ------- ---------------------- - case 'coauthors': - hasRole = ( - // valid signed in user id available - !!user && !!user._id && user._id.toString() !== '' && - // document has at least one coauthors - !!doc && !!doc.coauthorsIds && _.isArray(doc.coauthorsIds) && doc.coauthorsIds.length > 0 && - // current signed in user is a coauthors - _.indexOf(doc.coauthorsIds, user._id.toString()) > -1 - ); - break; - // returns true, if user has a role "world" - // this is generated by... - // @authorize(world: ["read"]) - // ----- - // and if there is no @authRole("world") user on any of the fields - // then it assumes the special role definition "world" - // which means for every user, signed in or not signed in - case 'world': - hasRole = true; - break; + this.loader = new DataLoader((ids, authQuery = {}) => findByIds(this.collection, ids, authQuery)); + this.type = 'Tweet'; + this.userRoles = auth[this.type].userRoles; + this.docRoles = auth[this.type].docRoles; + } + + findOneById(id, _user = {}, resolver = '') { + const authQuery = queryForRoles(_user, this.userRoles.readOne, this.docRoles.readOne, { User: this.context.User }); + log.debug(`${resolver} findOneById readOne with user ${(_user && _user.username) ? _user.username : ''} for ${this.type} and ${id}`); + log.debug('authQuery:', JSON.stringify(authQuery, null, 2)); + if (authQuery === false) { + throw new Error(`Not authorized to readOne ${this.type} ${id}.`); } - if (printLog){ - log.debug(''); - log.debug(`${resolver} hasRole: "${role}" "${ - user.username ? user.username : '' - } ${ - user.role ? user.role : '' - } ${ - user._id ? user._id : '' - } doc: "${ - (doc && doc._id) ? doc._id.toString() : '' - }" author: "${ - (doc && doc.authorId) ? doc.authorId : '' - }" coauthors: "${ - (doc && doc.coauthorsIds && doc.coauthorsIds.length > 0) ? doc.coauthorsIds.toString() : '' - }" ==> "${hasRole}"`); - } - return hasRole; + return this.loader.load(id, authQuery); } - // returns true, if the user role is authorized for the current mode - // this is generated whenever @authorize appears in the type definition - isRoleAuthorizedForMode({role, mode, resolver}){ - log.debug(`${resolver} isRoleAuthorizedForMode: "${role}" "${mode}" ==> "${this.authorizations[role][mode] ? true : false}"`); - return this.authorizations[role][mode] ? true : false; - } - - // returns true, if the current user is authorized for the current mode and document - // this is generated, whenever @authorize appears... - isAuthorized({doc, mode, user, resolver}){ - // generated by @authorize(admin: ...) - const adminAuthorized = this.hasUserRole({role: 'admin', doc, user, mode, printLog: true, resolver}) && - this.isRoleAuthorizedForMode({role: 'admin', mode, resolver}); - - // logging for debugging... - if (adminAuthorized){ - log.debug(`${resolver} isAuthorized: role: "${ - (user && user._id && this.context.User.role(user)) ? this.context.User.role(user) : '' - }" "${mode}" doc: "${ - (doc && doc._id) ? doc._id.toString() : '' - }" user: "${ - (user && user._id) ? user._id.toString() : '' - }" ===> "${adminAuthorized}"`); - - return adminAuthorized; - } - - // generated by @authorize(author: ...) - const authorAuthorized = this.hasUserRole({role: 'author', doc, user, mode, printLog: true, resolver}) && - this.isRoleAuthorizedForMode({role: 'author', mode, resolver}); - - // logging for debugging... - if (authorAuthorized){ - log.debug(`${resolver} isAuthorized: role: "author" "${mode}" doc: "${ - (doc && doc._id) ? doc._id.toString() : '' - }" author: "${ - (doc && doc.authorId) ? doc.authorId : '' - }" user: "${ - (user && user._id) ? user._id.toString() : '' - }" ===> "${authorAuthorized}"`); - - return authorAuthorized; - } - - // generated by @authorize(coauthors: ...) - const coauthorsAuthorized = this.hasUserRole({role: 'coauthors', doc, user, mode, printLog: true, resolver}) && - this.isRoleAuthorizedForMode({role: 'coauthors', mode, resolver}); - - // logging for debugging... - if (coauthorsAuthorized){ - log.debug(`${resolver} isAuthorized: role: "coauthors" "${mode}" doc: "${ - (doc && doc._id) ? doc._id.toString() : '' - }" coauthors: "${ - (doc && doc.coauthorsIds && doc.coauthorsIds.length > 0) ? doc.coauthorsIds.toString() : '' - }" user: "${ - (user && user._id) ? user._id.toString() : '' - }" ===> "${coauthorsAuthorized}"`); - - return coauthorsAuthorized; + all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = '') { + const baseQuery = { createdAt: { $gt: lastCreatedAt } }; + const authQuery = queryForRoles(_user, this.userRoles.readMany, this.docRoles.readMany, { User: this.context.User }); + const finalQuery = {...baseQuery, ...authQuery}; + log.debug(`${resolver} all readMany with user ${(_user && _user.username) ? _user.username : ''} for ${this.type}`); + if (authQuery != {}) log.debug('authQuery:', JSON.stringify(authQuery, null, 2)); + if (authQuery === false) { + throw new Error(`Not authorized to readMany ${this.type}.`); } - - // generated by @authorize(world: ...) - const worldAuthorized = this.hasUserRole({role: 'world', doc, user, mode, printLog: true, resolver}) && - this.isRoleAuthorizedForMode({role: 'world', mode, resolver}); - - // logging for debugging... - if (worldAuthorized){ - log.debug(`${resolver} isAuthorized: role: "world" "${mode}" doc: "${ - (doc && doc._id) ? doc._id.toString() : '' - }" user: "${ - (user && user._id) ? user._id.toString() : '' - }" ===> "${worldAuthorized}"`); - - return worldAuthorized; - } - - // logging for debugging... - log.debug(`${resolver} isAuthorized: role: "${ - (user && user._id && this.context.User.role(user)) ? this.context.User.role(user) : '' - }" "${mode}" doc: "${ - (doc && doc._id) ? doc._id.toString() : '' - }" author: "${ - (doc && doc.authorId) ? doc.authorId : '' - }" coauthors: "${ - (doc && doc.coauthorsIds && doc.coauthorsIds.length > 0) ? doc.coauthorsIds.toString() : '' - }" user: "${ - (user && user._id) ? user._id.toString() : '' - }" ===> "false"`); - - return false; - } - - // returns document without role field - // generated by... - // role: String! @authRole("admin") @authorize(this: ["read"], admin: ["read", "update"]) - // ------- ------------------ - authorizedFields({doc, mode, user, resolver}){ - // array contains all fields, whose authorization is to be checked - // role: String! @authorize() - // ---- ------------ - const fields = []; - - // check authorization on field level now - fields.forEach(field => { - // default is: field is not authorized - let authorizedField = false; - - // ... Checking fields here... - - // otherwise remove field from doc, - // because the user and mode is not authorize to access this field - if ( !authorizedField && doc[field] ){ - log.debug(`${resolver} authorizedFields: "${field}" not authorized for user/role and mode: "${mode}", removed from document`); - delete doc[field]; - } - }); - - return doc; - } - - // returns only authorized documents and fields - // generated by ... - // @authorize() - authorized({doc, mode, user, resolver}){ - // if it is an array of documents, .... - if (_.isArray(doc)){ - // then filter for the authorized documents - let authorizedDocs = _.filter(doc, d => this.isAuthorized({doc: d, mode, user, resolver}) ); - // provide only authorized fields - authorizedDocs.forEach(d => { - d = this.authorizedFields({doc: d, mode, user, resolver}); - }); - return authorizedDocs; - - // if it is a single document, check the authorization for it - } else if ( _.isObject(doc) && this.isAuthorized({doc, mode, user, resolver}) ) { - // return only authorized fields - const authorizedDoc = this.authorizedFields({doc, mode, user, resolver}); - return authorizedDoc; - } - - // or return null, if no authorized document was found - log.debug(`${resolver} authorized: no authorized doc found`); - return null; - } - - async getById(id, _user, resolver){ - const doc = await this.findOneById(id); - return this.authorized({doc, mode: READONE, user: _user, resolver}); - } - - findOneById(id) { - return this.loader.load(id); - } - - async getAll({ lastCreatedAt, limit }, _user, resolver){ - const doc = await this.all({ lastCreatedAt, limit }, _user); - return this.authorized({doc, mode: READMANY, user: _user, resolver}); - } - - all({ lastCreatedAt = 0, limit = 10 }, _user) { - return this.collection.find({ - createdAt: { $gt: lastCreatedAt }, - }).sort({ createdAt: 1 }).limit(limit).toArray(); + return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } author(tweet, _user) { - return this.context.User.getById(tweet.authorId, _user, 'author'); + return this.context.User.findOneById(tweet.authorId, _user, 'author'); } createdBy(tweet, _user) { - return this.context.User.getById(tweet.createdById, _user, 'createdBy'); + return this.context.User.findOneById(tweet.createdById, _user, 'createdBy'); } updatedBy(tweet, _user) { - return this.context.User.getById(tweet.updatedById, _user, 'udpatedBy'); + return this.context.User.findOneById(tweet.updatedById, _user, 'udpatedBy'); } - async coauthors(tweet, { lastCreatedAt = 0, limit = 10 }, _user) { - const doc = await this.context.User.collection.find({ - _id: { $in: tweet.coauthorsIds }, - createdAt: { $gt: lastCreatedAt }, - }).sort({ createdAt: 1 }).limit(limit).toArray(); - return this.context.User.authorized({doc, mode: READMANY, user: _user, resolver: 'coauthors'}); + coauthors(tweet, { lastCreatedAt = 0, limit = 10 }, _user) { + const baseQuery = {_id: { $in: tweet.coauthorsIds }, createdAt: { $gt: lastCreatedAt } }; + const authQuery = queryForRoles(_user, this.userRoles.readMany, this.docRoles.readMany, { User: this.context.User }); + const finalQuery = {...baseQuery, ...authQuery}; + log.debug(`coauthors readMany with user ${(_user && _user.username) ? _user.username : ''} for ${this.type}`); + log.debug('authQuery:', JSON.stringify(authQuery, null, 2)); + if (authQuery === false) { + throw new Error(`coauthors Not authorized to readMany ${this.type} ${id}.`); + } + return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } - async likers(tweet, { lastCreatedAt = 0, limit = 10 }, _user) { - const doc = await this.context.User.collection.find({ - likedIds: tweet._id, - createdAt: { $gt: lastCreatedAt }, - }).sort({ createdAt: 1 }).limit(limit).toArray(); - return this.context.User.authorized({doc, mode: READMANY, user: _user, resolver: 'likers'}); + likers(tweet, { lastCreatedAt = 0, limit = 10 }, _user) { + const baseQuery = {likedIds: tweet._id, createdAt: { $gt: lastCreatedAt } }; + const authQuery = queryForRoles(_user, this.userRoles.readMany, this.docRoles.readMany, { User: this.context.User }); + const finalQuery = {...baseQuery, ...authQuery}; + log.debug(`likers readMany with user ${(_user && _user.username) ? _user.username : ''} for ${this.type}`); + log.debug('authQuery:', JSON.stringify(authQuery, null, 2)); + if (authQuery === false) { + throw new Error(`coauthors Not authorized to readMany ${this.type} ${id}.`); + } + return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } async insert(doc, _user) { - // let coauthorsIds = doc.coauthorsIds || []; - // const enhancedDoc = Object.assign({ - // authorId: user._id, - // coauthorsIds: coauthorsIds, - // }); let docToInsert = Object.assign({}, doc, { - createdAt: Date.now(), - updatedAt: Date.now(), - createdById: (_user && _user._id) ? _user._id : 'unknown', - updatedById: (_user && _user._id) ? _user._id : 'unknown', + createdAt: Date.now(), + updatedAt: Date.now(), + createdById: (_user && _user._id) ? _user._id : 'unknown', + updatedById: (_user && _user._id) ? _user._id : 'unknown', }); - docToInsert = this.authorizedFields({doc: docToInsert, mode: CREATE, user: _user, resolver: 'insert'}); - const authorized = this.isAuthorized({doc: docToInsert, mode: CREATE, user: _user, resolver: 'insert'}); - if (!authorized) throw new Error('Tweet: mode: create not authorized'); + const authQuery = queryForRoles(_user, this.userRoles.create, this.docRoles.create, { User: this.context.User }); + if (authQuery === false || (authQuery !== {} && !userAuthorizedForDoc(_user, this.docRoles.create, doc)) ) { + throw new Error(`Not authorized to insert ${this.type} ${id}.`); + } + const id = (await this.collection.insertOne(docToInsert)).insertedId; + + if (id){ + log.debug(`inserted ${this.type} ${id}.`); + } else { + log.debug('insert failed for docToInsert:', JSON.stringify(docToInsert, null, 2)); + throw new Error(`insert not possible for ${this.type} ${id}.`); + } + this.pubsub.publish('tweetInserted', await this.findOneById(id)); return id; } async updateById(id, doc, _user) { - const foundDoc = await this.findOneById(id); - const authorized = this.isAuthorized({doc: foundDoc, mode: UPDATE, user: _user, resolver: 'updateById'}); - if (!authorized) throw new Error('Tweet: mode: update not authorized'); + let docToUpdate = {$set: Object.assign({}, doc, { + updatedAt: Date.now(), + updatedById: (_user && _user._id) ? _user._id : 'unknown', + })}; + + const baseQuery = {_id: id}; + const authQuery = queryForRoles(_user, this.userRoles.update, this.docRoles.update, { User: this.context.User }); + if (authQuery === false) { + throw new Error(`Not authorized to update ${this.type} ${id}.`); + } + + const finalQuery = {...baseQuery, ...authQuery}; + const result = await this.collection.updateOne(finalQuery, docToUpdate); + + if (result.result.ok === 1 && result.result.n === 1){ + log.debug(`updated ${this.type} ${id}.`); + } else { + log.debug(`update failed finalQuery:`, JSON.stringify(finalQuery, null, 2)); + log.debug('update failed for docToUpdate:', JSON.stringify(docToUpdate, null, 2)); + throw new Error(`update not possible for ${this.type} ${id}.`); + } - const updatedDoc = this.authorizedFields({doc, mode: UPDATE, user: _user, resolver: 'updateById'}); - const ret = await this.collection.update({ _id: id }, { - $set: Object.assign({}, updatedDoc, { - updatedAt: Date.now(), - updatedById: (_user && _user._id) ? _user._id : 'unknown', - }), - }); this.loader.clear(id); this.pubsub.publish('tweetUpdated', await this.findOneById(id)); - return ret; + return result; } async removeById(id, _user) { - const doc = await this.findOneById(id); - const authorized = this.isAuthorized({doc, mode: DELETE, user: _user, resolver: 'removeById'}); - if (!authorized) throw new Error('Tweet: mode: delete not authorized'); + const baseQuery = {_id: id}; + const authQuery = queryForRoles(_user, this.userRoles.delete, this.docRoles.delete, { User: this.context.User }); + if (!authQuery) throw new Error(`Not authorized to remove ${this.type} ${id}.`); + + const finalQuery = {...baseQuery, ...authQuery}; + const result = await this.collection.remove(finalQuery); + + if (result.result.ok === 1 && result.result.n === 1){ + log.info(`removed ${this.type} ${id}.`); + } else { + log.debug(`remove failed for finalQuery:`, JSON.stringify(finalQuery, null, 2)); + throw new Error(`remove not possible for ${this.type} ${id}.`); + } - const ret = this.collection.remove({ _id: id }); this.loader.clear(id); this.pubsub.publish('tweetRemoved', id); - return ret; + return result; } } diff --git a/test/output-app/model/User-complicated.js b/test/output-app/model/User-complicated.js new file mode 100644 index 0000000..9bb463d --- /dev/null +++ b/test/output-app/model/User-complicated.js @@ -0,0 +1,328 @@ +import _ from 'lodash'; +import log from '../server/logger'; +import DataLoader from 'dataloader'; +import findByIds from 'mongo-find-by-ids'; +import { CREATE, READ, READONE, READMANY, UPDATE, DELETE, DEBUG } from './constants'; + +export default class User { + constructor(context) { + /* this is generated from ... + @authorize( + admin: ["create", "read", "update", "delete"] + this: ["readOne", "update", "delete"] + ) + */ + this.authorizations = { + admin: { + create: true, + read: true, + readOne: true, + readMany: true, + update: true, + delete: true, + }, + this: { + readOne: true, + update: true, + delete: true, + }, + }; + this.context = context; + this.collection = context.db.collection('user'); + this.pubsub = context.pubsub; + this.loader = new DataLoader(ids => findByIds(this.collection, ids)); + } + + // returns the role of the current user + // generated by... + // role: String! @authRole("admin") @authorize(this: ["read"], admin: ["read", "update"]) + // ------- ------------------ + // whereas the field is not of type User, it is of type String + role(user){ + return (user && user.role) ? user.role : null; + } + + // returns true, if the user's role is of expected kind + // this is generated whenever @authorize appears in the type definition + hasUserRole({role, doc, user, mode, printLog = true, resolver}){ + let hasRole = false; + switch (role) { + // returns true, if signed in user has a role "admin" + // this is generated by... + // @authorize(admin: ["create", "read", "update", "delete"]) + // ----- + // and if there is no @authRole("admin") user on any of the fields + // then it assumes a role definition + // and it checks against the role of the signed in user + case 'admin': + hasRole = ( + // valid signed in user id available + !!user && !!user._id && user._id.toString() !== '' && + // the current user has the correct role + this.context.User.role(user) === 'admin' + ); + break; + // returns true, if the signed in user is equal to the document id + // this is generated by... + // @authorize(this:) + // ----- + case 'this': + hasRole = ( + // valid signed in user id available + !!user && !!user._id && user._id.toString() !== '' && + // valid document user id available + !!doc && !!doc._id && doc._id.toString() !== '' && + // document user id equals signed in user + doc._id.toString() === user._id.toString() + ); + break; + } + if (printLog){ + log.debug(''); + log.debug(`${resolver} hasRole: "${role}" "${(user && user.username) ? user.username : ''} ${(user && user.role) ? user.role : ''} ${(user && user._id) ? user._id : ''}" ==> "${hasRole}"`); + } + return hasRole; + } + + // returns true, if the user role is authorized for the current mode + // this is generated whenever @authorize appears in the type definition + isRoleAuthorizedForMode({role, mode, resolver}){ + log.debug(`${resolver} isRoleAuthorizedForMode: "${role}" "${mode}" ==> "${this.authorizations[role][mode] ? true : false}"`); + return this.authorizations[role][mode] ? true : false; + } + + // returns true, if the current user is authorized for the current mode and document + // this is generated, whenever @authorize appears... + isAuthorized({doc, mode, user, resolver}){ + + // generated by @authorize(admin: ...) + const adminAuthorized = this.hasUserRole({role: 'admin', doc, user, mode, printLog: true, resolver}) && + this.isRoleAuthorizedForMode({role: 'admin', mode, resolver}); + + // logging for debugging... + if (adminAuthorized){ + log.debug(`${resolver} isAuthorized: role: "${ + (user && user._id && this.context.User.role(user)) ? this.context.User.role(user) : '' + }" "${mode}" doc: "${ + (doc && doc._id) ? doc._id.toString() : '' + }" user: "${ + (user && user._id) ? user._id.toString() : '' + }" ===> "${adminAuthorized}"`); + + return adminAuthorized; + } + + // generated by @authorize(this: ...) + const thisAuthorized = this.hasUserRole({role: 'this', doc, user, mode, printLog: true, resolver}) && + this.isRoleAuthorizedForMode({role: 'this', mode, resolver}); + + // logging for debugging... + if (thisAuthorized) { + log.debug(`${resolver} isAuthorized: doc: "${ + (doc && doc._id) ? doc._id.toString() : '' + }" "${mode}" user: "${ + (user && user._id) ? user._id.toString() : '' + }" ===> "${thisAuthorized}"`); + + return thisAuthorized; + } + + // logging for debugging... + log.debug(`${resolver} isAuthorized: role: "${ + (user && user._id && this.context.User.role(user)) ? this.context.User.role(user) : '' + }" "${mode}" doc: "${ + (doc && doc._id) ? doc._id.toString() : '' + }" user: "${ + (user && user._id) ? user._id.toString() : '' + }" ===> "false"`); + + return false; + } + + // returns document without role field + // generated by... + // role: String! @authRole("admin") @authorize(this: ["read"], admin: ["read", "update"]) + // ------- ------------------ + authorizedFields({doc, mode, user, resolver}){ + // array contains all fields, whose authorization is to be checked + // role: String! @authorize() + // ---- ------------ + const fields = ['role']; + + // check authorization on field level now + fields.forEach(field => { + // default is: field is not authorized + let authorizedField = false; + + // role: String! @authorize() + // ---- ------------ + if (field === 'role'){ + log.debug(''); + // role: String! @authorize(this: ["read"]) + // ----- ----- ---- + if ( this.hasUserRole({role: 'this', doc, user, mode, printLog: false, resolver}) && + (mode === READ || mode === READONE || mode === READMANY) ){ + log.debug(`${resolver} authorizedFields: "${field}" is authorized for role: "this" and mode: "${mode}"`); + authorizedField = true; + } + + // role: @authorize(admin: ["create", "read", "update"]) + // ---- ----- ------ ---- ------ + if ( this.hasUserRole({role: 'admin', doc, user, mode, printLog: false, resolver}) && + (mode === CREATE || mode === READ || mode === READONE || mode === READMANY || mode === UPDATE) ){ + log.debug(`${resolver} authorizedFields: "${field}" is authorized for role: "admin" and mode: "${mode}"`); + authorizedField = true; + } + } + + // ... Checking fields here... + + // otherwise remove field from doc, + // because the user and mode is not authorize to access this field + if ( !authorizedField && doc[field] ){ + log.debug(`${resolver} authorizedFields: "${field}" not authorized for user/role and mode: "${mode}", removed from document`); + delete doc[field]; + } + }); + + return doc; + } + + // returns only authorized documents and fields + // generated by ... + // @authorize() + authorized({doc, mode, user, resolver}){ + // if it is an array of documents, .... + if (_.isArray(doc)){ + // then filter for the authorized documents + let authorizedDocs = _.filter(doc, d => this.isAuthorized({doc: d, mode, user, resolver}) ); + // provide only authorized fields + authorizedDocs.forEach(d => { + d = this.authorizedFields({doc: d, mode, user, resolver}); + }); + return authorizedDocs; + + // if it is a single document, check the authorization for it + } else if ( _.isObject(doc) && this.isAuthorized({doc, mode, user, resolver}) ) { + // return only authorized fields + const authorizedDoc = this.authorizedFields({doc, mode, user, resolver}); + return authorizedDoc; + } + + // or return null, if no authorized document was found + log.debug(`${resolver} authorized: no authorized doc found`); + return null; + } + + async getById(id, _user, resolver){ + const doc = await this.findOneById(id); + return this.authorized({doc, mode: READONE, user: _user, resolver}); + } + + findOneById(id) { + return this.loader.load(id); + } + + async getAll({ lastCreatedAt, limit }, _user, resolver){ + const doc = await this.all({ lastCreatedAt, limit }, _user); + return this.authorized({doc, mode: READMANY, user: _user, resolver}); + } + + all({ lastCreatedAt = 0, limit = 10 }, _user) { + return this.collection.find({ + createdAt: { $gt: lastCreatedAt }, + }).sort({ createdAt: 1 }).limit(limit).toArray(); + } + + async tweets(user, { minLikes, lastCreatedAt = 0, limit = 10 }, _user) { + const doc = await this.context.Tweet.collection.find({ + authorId: user._id, + createdAt: { $gt: lastCreatedAt }, + }).sort({ createdAt: 1 }).limit(limit).toArray(); + const authorizedDoc = this.context.Tweet.authorized({doc, mode: READMANY, user: _user, resolver: 'tweets'}); + return authorizedDoc; + } + + async liked(user, { lastCreatedAt = 0, limit = 10 }, _user) { + const doc = await this.context.Tweet.collection.find({ + _id: { $in: user.likedIds || [] }, + createdAt: { $gt: lastCreatedAt }, + }).sort({ createdAt: 1 }).limit(limit).toArray(); + const authorizedDoc = this.context.Tweet.authorized({doc, mode: READMANY, user: _user, resolver: 'liked'}); + return authorizedDoc; + } + + async following(user, { lastCreatedAt = 0, limit = 10 }, _user) { + const doc = await this.context.User.collection.find({ + _id: { $in: user.followingIds || [] }, + createdAt: { $gt: lastCreatedAt }, + }).sort({ createdAt: 1 }).limit(limit).toArray(); + const authorizedDoc = this.authorized({doc, mode: READMANY, user: _user, resolver: 'following'}); + return authorizedDoc; + } + + async followers(user, { lastCreatedAt = 0, limit = 10 }, _user) { + const doc = await this.context.User.collection.find({ + followingIds: user._id, + createdAt: { $gt: lastCreatedAt }, + }).sort({ createdAt: 1 }).limit(limit).toArray(); + const authorizedDoc = this.authorized({doc, mode: READMANY, user: _user, resolver: 'followers'}); + return authorizedDoc; + } + + async createdBy(user, _user) { + const doc = await this.context.User.getById(user.createdById, _user, 'createdBy'); + const authorizedDoc = this.authorized({doc, mode: READONE, user: _user, resolver: 'createdBy'}); + return authorizedDoc; + } + + async updatedBy(user, _user) { + const doc = await this.context.User.getById(user.updatedById, _user, 'updatedBy'); + const authorizedDoc = this.authorized({doc, mode: READONE, user: _user, resolver: 'updatedBy'}); + return authorizedDoc; + } + + async insert(doc, _user) { + let docToInsert = Object.assign({}, doc, { + createdAt: Date.now(), + updatedAt: Date.now(), + createdById: (_user && _user._id) ? _user._id : 'unknown', + updatedById: (_user && _user._id) ? _user._id : 'unknown', + }); + docToInsert = this.authorizedFields({doc: docToInsert, mode: CREATE, user: _user, resolver: 'insert'}); + const authorized = this.isAuthorized({doc: docToInsert, mode: CREATE, user: _user, resolver: 'insert'}); + if (!authorized) throw new Error('User: mode: create not authorized'); + + const id = (await this.collection.insertOne(docToInsert)).insertedId; + this.pubsub.publish('userInserted', await this.findOneById(id)); + return id; + } + + async updateById(id, doc, _user) { + const foundDoc = await this.findOneById(id); + const authorized = this.isAuthorized({doc: foundDoc, mode: UPDATE, user: _user, resolver: 'updateById'}); + if (!authorized) throw new Error('User: mode: update not authorized'); + + const updatedDoc = this.authorizedFields({doc, mode: UPDATE, user: _user, resolver: 'updateById'}); + const ret = await this.collection.update({ _id: id }, { + $set: Object.assign({}, updatedDoc, { + updatedAt: Date.now(), + updatedById: (_user && _user._id) ? _user._id : 'unknown', + }), + }); + this.loader.clear(id); + this.pubsub.publish('userUpdated', await this.findOneById(id)); + return ret; + } + + async removeById(id, _user) { + const doc = await this.findOneById(id); + const authorized = this.isAuthorized({doc, mode: DELETE, user: _user, resolver: 'removeById'}); + if (!authorized) throw new Error('User: mode: delete not authorized'); + + const ret = this.collection.remove({ _id: id }); + this.loader.clear(id); + this.pubsub.publish('userRemoved', id); + return ret; + } +} diff --git a/test/output-app/model/User.js b/test/output-app/model/User.js index 9bb463d..4eb3406 100644 --- a/test/output-app/model/User.js +++ b/test/output-app/model/User.js @@ -1,285 +1,85 @@ import _ from 'lodash'; +import { ObjectID } from 'mongodb'; import log from '../server/logger'; import DataLoader from 'dataloader'; -import findByIds from 'mongo-find-by-ids'; -import { CREATE, READ, READONE, READMANY, UPDATE, DELETE, DEBUG } from './constants'; +import { auth, findByIds, queryForRoles, userAuthorizedForDoc } from '../authorizations'; export default class User { constructor(context) { - /* this is generated from ... - @authorize( - admin: ["create", "read", "update", "delete"] - this: ["readOne", "update", "delete"] - ) - */ - this.authorizations = { - admin: { - create: true, - read: true, - readOne: true, - readMany: true, - update: true, - delete: true, - }, - this: { - readOne: true, - update: true, - delete: true, - }, - }; this.context = context; this.collection = context.db.collection('user'); this.pubsub = context.pubsub; - this.loader = new DataLoader(ids => findByIds(this.collection, ids)); + this.loader = new DataLoader((ids, authQuery = {}) => findByIds(this.collection, ids, authQuery)); + this.type = 'User'; + this.userRoles = auth[this.type].userRoles; + this.docRoles = auth[this.type].docRoles; } - // returns the role of the current user + // returns the userRole of the current user // generated by... // role: String! @authRole("admin") @authorize(this: ["read"], admin: ["read", "update"]) // ------- ------------------ // whereas the field is not of type User, it is of type String - role(user){ - return (user && user.role) ? user.role : null; + authRole(user){ + return (user && user.role) ? user.role : ''; } - // returns true, if the user's role is of expected kind - // this is generated whenever @authorize appears in the type definition - hasUserRole({role, doc, user, mode, printLog = true, resolver}){ - let hasRole = false; - switch (role) { - // returns true, if signed in user has a role "admin" - // this is generated by... - // @authorize(admin: ["create", "read", "update", "delete"]) - // ----- - // and if there is no @authRole("admin") user on any of the fields - // then it assumes a role definition - // and it checks against the role of the signed in user - case 'admin': - hasRole = ( - // valid signed in user id available - !!user && !!user._id && user._id.toString() !== '' && - // the current user has the correct role - this.context.User.role(user) === 'admin' - ); - break; - // returns true, if the signed in user is equal to the document id - // this is generated by... - // @authorize(this:) - // ----- - case 'this': - hasRole = ( - // valid signed in user id available - !!user && !!user._id && user._id.toString() !== '' && - // valid document user id available - !!doc && !!doc._id && doc._id.toString() !== '' && - // document user id equals signed in user - doc._id.toString() === user._id.toString() - ); - break; + findOneById(id, _user = {}, resolver = '') { + const authQuery = queryForRoles(_user, this.userRoles.readOne, this.docRoles.readOne, { User: this.context.User }); + log.debug(`${resolver} findOneById readOne with user ${(_user && _user.username) ? _user.username : ''} for ${this.type} and ${id}`); + if (authQuery === {}) log.debug('authQuery:', JSON.stringify(authQuery, null, 2)); + if (authQuery === false) { + throw new Error(`Not authorized to readOne ${this.type} ${id}.`); } - if (printLog){ - log.debug(''); - log.debug(`${resolver} hasRole: "${role}" "${(user && user.username) ? user.username : ''} ${(user && user.role) ? user.role : ''} ${(user && user._id) ? user._id : ''}" ==> "${hasRole}"`); - } - return hasRole; - } - - // returns true, if the user role is authorized for the current mode - // this is generated whenever @authorize appears in the type definition - isRoleAuthorizedForMode({role, mode, resolver}){ - log.debug(`${resolver} isRoleAuthorizedForMode: "${role}" "${mode}" ==> "${this.authorizations[role][mode] ? true : false}"`); - return this.authorizations[role][mode] ? true : false; - } - - // returns true, if the current user is authorized for the current mode and document - // this is generated, whenever @authorize appears... - isAuthorized({doc, mode, user, resolver}){ - - // generated by @authorize(admin: ...) - const adminAuthorized = this.hasUserRole({role: 'admin', doc, user, mode, printLog: true, resolver}) && - this.isRoleAuthorizedForMode({role: 'admin', mode, resolver}); - - // logging for debugging... - if (adminAuthorized){ - log.debug(`${resolver} isAuthorized: role: "${ - (user && user._id && this.context.User.role(user)) ? this.context.User.role(user) : '' - }" "${mode}" doc: "${ - (doc && doc._id) ? doc._id.toString() : '' - }" user: "${ - (user && user._id) ? user._id.toString() : '' - }" ===> "${adminAuthorized}"`); - - return adminAuthorized; - } - - // generated by @authorize(this: ...) - const thisAuthorized = this.hasUserRole({role: 'this', doc, user, mode, printLog: true, resolver}) && - this.isRoleAuthorizedForMode({role: 'this', mode, resolver}); - - // logging for debugging... - if (thisAuthorized) { - log.debug(`${resolver} isAuthorized: doc: "${ - (doc && doc._id) ? doc._id.toString() : '' - }" "${mode}" user: "${ - (user && user._id) ? user._id.toString() : '' - }" ===> "${thisAuthorized}"`); - - return thisAuthorized; - } - - // logging for debugging... - log.debug(`${resolver} isAuthorized: role: "${ - (user && user._id && this.context.User.role(user)) ? this.context.User.role(user) : '' - }" "${mode}" doc: "${ - (doc && doc._id) ? doc._id.toString() : '' - }" user: "${ - (user && user._id) ? user._id.toString() : '' - }" ===> "false"`); - - return false; - } - - // returns document without role field - // generated by... - // role: String! @authRole("admin") @authorize(this: ["read"], admin: ["read", "update"]) - // ------- ------------------ - authorizedFields({doc, mode, user, resolver}){ - // array contains all fields, whose authorization is to be checked - // role: String! @authorize() - // ---- ------------ - const fields = ['role']; - - // check authorization on field level now - fields.forEach(field => { - // default is: field is not authorized - let authorizedField = false; - - // role: String! @authorize() - // ---- ------------ - if (field === 'role'){ - log.debug(''); - // role: String! @authorize(this: ["read"]) - // ----- ----- ---- - if ( this.hasUserRole({role: 'this', doc, user, mode, printLog: false, resolver}) && - (mode === READ || mode === READONE || mode === READMANY) ){ - log.debug(`${resolver} authorizedFields: "${field}" is authorized for role: "this" and mode: "${mode}"`); - authorizedField = true; - } - - // role: @authorize(admin: ["create", "read", "update"]) - // ---- ----- ------ ---- ------ - if ( this.hasUserRole({role: 'admin', doc, user, mode, printLog: false, resolver}) && - (mode === CREATE || mode === READ || mode === READONE || mode === READMANY || mode === UPDATE) ){ - log.debug(`${resolver} authorizedFields: "${field}" is authorized for role: "admin" and mode: "${mode}"`); - authorizedField = true; - } - } - - // ... Checking fields here... - - // otherwise remove field from doc, - // because the user and mode is not authorize to access this field - if ( !authorizedField && doc[field] ){ - log.debug(`${resolver} authorizedFields: "${field}" not authorized for user/role and mode: "${mode}", removed from document`); - delete doc[field]; - } - }); - - return doc; + return this.loader.load(id, authQuery); } - // returns only authorized documents and fields - // generated by ... - // @authorize() - authorized({doc, mode, user, resolver}){ - // if it is an array of documents, .... - if (_.isArray(doc)){ - // then filter for the authorized documents - let authorizedDocs = _.filter(doc, d => this.isAuthorized({doc: d, mode, user, resolver}) ); - // provide only authorized fields - authorizedDocs.forEach(d => { - d = this.authorizedFields({doc: d, mode, user, resolver}); - }); - return authorizedDocs; - - // if it is a single document, check the authorization for it - } else if ( _.isObject(doc) && this.isAuthorized({doc, mode, user, resolver}) ) { - // return only authorized fields - const authorizedDoc = this.authorizedFields({doc, mode, user, resolver}); - return authorizedDoc; + all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = '') { + const baseQuery = { createdAt: { $gt: lastCreatedAt } }; + const authQuery = queryForRoles(_user, this.userRoles.readMany, this.docRoles.readMany, { User: this.context.User }); + const finalQuery = {...baseQuery, ...authQuery}; + log.debug(`${resolver} all readMany with user ${(_user && _user.username) ? _user.username : ''} for ${this.type}`); + if (authQuery != {}) log.debug('authQuery:', JSON.stringify(authQuery, null, 2)); + if (authQuery === false) { + throw new Error(`Not authorized to readMany ${this.type}.`); } - - // or return null, if no authorized document was found - log.debug(`${resolver} authorized: no authorized doc found`); - return null; - } - - async getById(id, _user, resolver){ - const doc = await this.findOneById(id); - return this.authorized({doc, mode: READONE, user: _user, resolver}); - } - - findOneById(id) { - return this.loader.load(id); - } - - async getAll({ lastCreatedAt, limit }, _user, resolver){ - const doc = await this.all({ lastCreatedAt, limit }, _user); - return this.authorized({doc, mode: READMANY, user: _user, resolver}); - } - - all({ lastCreatedAt = 0, limit = 10 }, _user) { - return this.collection.find({ - createdAt: { $gt: lastCreatedAt }, - }).sort({ createdAt: 1 }).limit(limit).toArray(); + return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } - async tweets(user, { minLikes, lastCreatedAt = 0, limit = 10 }, _user) { - const doc = await this.context.Tweet.collection.find({ + tweets(user, { minLikes, lastCreatedAt = 0, limit = 10 }, _user) { + return this.context.Tweet.collection.find({ authorId: user._id, createdAt: { $gt: lastCreatedAt }, }).sort({ createdAt: 1 }).limit(limit).toArray(); - const authorizedDoc = this.context.Tweet.authorized({doc, mode: READMANY, user: _user, resolver: 'tweets'}); - return authorizedDoc; } - async liked(user, { lastCreatedAt = 0, limit = 10 }, _user) { - const doc = await this.context.Tweet.collection.find({ + liked(user, { lastCreatedAt = 0, limit = 10 }, _user) { + return this.context.Tweet.collection.find({ _id: { $in: user.likedIds || [] }, createdAt: { $gt: lastCreatedAt }, }).sort({ createdAt: 1 }).limit(limit).toArray(); - const authorizedDoc = this.context.Tweet.authorized({doc, mode: READMANY, user: _user, resolver: 'liked'}); - return authorizedDoc; } - async following(user, { lastCreatedAt = 0, limit = 10 }, _user) { - const doc = await this.context.User.collection.find({ + following(user, { lastCreatedAt = 0, limit = 10 }, _user) { + return this.context.User.collection.find({ _id: { $in: user.followingIds || [] }, createdAt: { $gt: lastCreatedAt }, }).sort({ createdAt: 1 }).limit(limit).toArray(); - const authorizedDoc = this.authorized({doc, mode: READMANY, user: _user, resolver: 'following'}); - return authorizedDoc; } - async followers(user, { lastCreatedAt = 0, limit = 10 }, _user) { - const doc = await this.context.User.collection.find({ + followers(user, { lastCreatedAt = 0, limit = 10 }, _user) { + return this.context.User.collection.find({ followingIds: user._id, createdAt: { $gt: lastCreatedAt }, }).sort({ createdAt: 1 }).limit(limit).toArray(); - const authorizedDoc = this.authorized({doc, mode: READMANY, user: _user, resolver: 'followers'}); - return authorizedDoc; } - async createdBy(user, _user) { - const doc = await this.context.User.getById(user.createdById, _user, 'createdBy'); - const authorizedDoc = this.authorized({doc, mode: READONE, user: _user, resolver: 'createdBy'}); - return authorizedDoc; + createdBy(user, _user) { + return this.context.User.findOneById(user.createdById, _user, 'createdBy'); } - async updatedBy(user, _user) { - const doc = await this.context.User.getById(user.updatedById, _user, 'updatedBy'); - const authorizedDoc = this.authorized({doc, mode: READONE, user: _user, resolver: 'updatedBy'}); - return authorizedDoc; + updatedBy(user, _user) { + return this.context.User.findOneById(user.updatedById, _user, 'updatedBy'); } async insert(doc, _user) { @@ -289,40 +89,70 @@ export default class User { createdById: (_user && _user._id) ? _user._id : 'unknown', updatedById: (_user && _user._id) ? _user._id : 'unknown', }); - docToInsert = this.authorizedFields({doc: docToInsert, mode: CREATE, user: _user, resolver: 'insert'}); - const authorized = this.isAuthorized({doc: docToInsert, mode: CREATE, user: _user, resolver: 'insert'}); - if (!authorized) throw new Error('User: mode: create not authorized'); + + const authQuery = queryForRoles(_user, this.userRoles.create, this.docRoles.create, { User: this.context.User }); + if (authQuery === false || (authQuery !== {} && !userAuthorizedForDoc(_user, this.docRoles.create, doc)) ) { + throw new Error(`Not authorized to insert ${this.type} ${id}.`); + } const id = (await this.collection.insertOne(docToInsert)).insertedId; + + if (id){ + log.debug(`inserted ${this.type} ${id}.`); + } else { + log.debug('insert failed for docToInsert:', JSON.stringify(docToInsert, null, 2)); + throw new Error(`insert not possible for ${this.type} ${id}.`); + } + this.pubsub.publish('userInserted', await this.findOneById(id)); return id; } async updateById(id, doc, _user) { - const foundDoc = await this.findOneById(id); - const authorized = this.isAuthorized({doc: foundDoc, mode: UPDATE, user: _user, resolver: 'updateById'}); - if (!authorized) throw new Error('User: mode: update not authorized'); + let docToUpdate = {$set: Object.assign({}, doc, { + updatedAt: Date.now(), + updatedById: (_user && _user._id) ? _user._id : 'unknown', + })}; + + const baseQuery = {_id: id}; + const authQuery = queryForRoles(_user, this.userRoles.update, this.docRoles.update, { User: this.context.User }); + if (authQuery === false) { + throw new Error(`Not authorized to update ${this.type} ${id}.`); + } + + const finalQuery = {...baseQuery, ...authQuery}; + const result = await this.collection.updateOne(finalQuery, docToUpdate); + + if (result.result.ok === 1 && result.result.n === 1){ + log.debug(`updated ${this.type} ${id}.`); + } else { + log.debug(`update failed finalQuery:`, JSON.stringify(finalQuery, null, 2)); + log.debug('update failed for docToUpdate:', JSON.stringify(docToUpdate, null, 2)); + throw new Error(`update not possible for ${this.type} ${id}.`); + } - const updatedDoc = this.authorizedFields({doc, mode: UPDATE, user: _user, resolver: 'updateById'}); - const ret = await this.collection.update({ _id: id }, { - $set: Object.assign({}, updatedDoc, { - updatedAt: Date.now(), - updatedById: (_user && _user._id) ? _user._id : 'unknown', - }), - }); this.loader.clear(id); this.pubsub.publish('userUpdated', await this.findOneById(id)); - return ret; + return result; } async removeById(id, _user) { - const doc = await this.findOneById(id); - const authorized = this.isAuthorized({doc, mode: DELETE, user: _user, resolver: 'removeById'}); - if (!authorized) throw new Error('User: mode: delete not authorized'); + const baseQuery = {_id: id}; + const authQuery = queryForRoles(_user, this.userRoles.delete, this.docRoles.delete, { User: this.context.User }); + if (!authQuery) throw new Error(`Not authorized to remove ${this.type} ${id}.`); + + const finalQuery = {...baseQuery, ...authQuery}; + const result = await this.collection.remove(finalQuery); + + if (result.result.ok === 1 && result.result.n === 1){ + log.info(`removed ${this.type} ${id}.`); + } else { + log.debug(`remove failed for finalQuery:`, JSON.stringify(finalQuery, null, 2)); + throw new Error(`remove not possible for ${this.type} ${id}.`); + } - const ret = this.collection.remove({ _id: id }); this.loader.clear(id); this.pubsub.publish('userRemoved', id); - return ret; + return result; } } diff --git a/test/output-app/model/constants.js b/test/output-app/model/constants.js deleted file mode 100644 index 1103426..0000000 --- a/test/output-app/model/constants.js +++ /dev/null @@ -1,10 +0,0 @@ -// constants, to avoid typing errors -export const CREATE = 'create'; -export const READ = 'read'; -export const READONE = 'readOne'; -export const READMANY = 'readMany'; -export const UPDATE = 'update'; -export const DELETE = 'delete'; - -// debug to switch on additional logs -export const DEBUG = false; diff --git a/test/output-app/model/index.js b/test/output-app/model/index.js index 99f9412..c93df9e 100644 --- a/test/output-app/model/index.js +++ b/test/output-app/model/index.js @@ -1,7 +1,9 @@ +// import Authorize from '../server/authorize'; const models = {}; export default function addModelsToContext(context) { const newContext = Object.assign({}, context); + // newContext['Authorize'] = new Authorize(newContext); Object.keys(models).forEach((key) => { newContext[key] = new models[key](newContext); }); diff --git a/test/output-app/package.json b/test/output-app/package.json index 5eb5f10..debfa7c 100644 --- a/test/output-app/package.json +++ b/test/output-app/package.json @@ -33,6 +33,7 @@ "bcrypt": "^1.0.2", "body-parser": "1.15.2", "cors": "^2.8.1", + "create-graphql-server-authorization": "^0.0.2", "dataloader": "^1.2.0", "denodeify": "^1.2.1", "dotenv": "2.0.0", diff --git a/test/output-app/resolvers/Tweet.js b/test/output-app/resolvers/Tweet.js index 2c74815..2ed9454 100644 --- a/test/output-app/resolvers/Tweet.js +++ b/test/output-app/resolvers/Tweet.js @@ -26,18 +26,26 @@ const resolvers = { }, Query: { tweets(root, { lastCreatedAt, limit }, { Tweet, _user }) { - return Tweet.getAll({ lastCreatedAt, limit }, _user, 'tweets'); + try { + return Tweet.all({ lastCreatedAt, limit }, _user, 'tweets'); + } catch(error){ + console.log('ERROR:', error.message); + } }, tweet(root, { id }, { Tweet, _user }) { - return Tweet.getById(id, _user, 'tweet'); + try { + return Tweet.findOneById(id, _user, 'tweet'); + } catch(error){ + console.log('ERROR:', error.message); + } }, }, Mutation: { async createTweet(root, { input }, { Tweet, _user }) { try { const id = await Tweet.insert(input, _user); - return Tweet.getById(id, _user, 'createTweet'); + return Tweet.findOneById(id, _user, 'createTweet'); } catch(error) { console.log('ERROR:', error.message); } @@ -46,7 +54,7 @@ const resolvers = { async updateTweet(root, { id, input }, { Tweet, _user }) { try { await Tweet.updateById(id, input, _user); - return Tweet.getById(id, _user, 'updateTweet'); + return Tweet.findOneById(id, _user, 'updateTweet'); } catch(error) { console.log('ERROR:', error.message); } diff --git a/test/output-app/resolvers/User.js b/test/output-app/resolvers/User.js index 8b9331e..fcb69d5 100644 --- a/test/output-app/resolvers/User.js +++ b/test/output-app/resolvers/User.js @@ -30,18 +30,18 @@ }, Query: { users(root, { lastCreatedAt, limit }, { User, _user }) { - return User.getAll({ lastCreatedAt, limit }, _user, 'users'); + return User.all({ lastCreatedAt, limit }, _user, 'users'); }, user(root, { id }, { User, _user }) { - return User.getById(id, _user, 'user'); + return User.findOneById(id, _user, 'user'); }, }, Mutation: { async createUser(root, { input }, { User, _user }) { try { const id = await User.insert(input, _user); - return User.getById(id, _user, 'createUser'); + return User.findOneById(id, _user, 'createUser'); } catch(error) { console.log('ERROR:', error.message); } @@ -50,7 +50,7 @@ async updateUser(root, { id, input }, { User, _user }) { try { await User.updateById(id, input, _user); - return User.getById(id, _user, 'updateUser'); + return User.findOneById(id, _user, 'updateUser'); } catch(error) { console.log('ERROR:', error.message); } diff --git a/test/output-app/schema/Tweet.graphql b/test/output-app/schema/Tweet.graphql index 2be1380..f2144c7 100644 --- a/test/output-app/schema/Tweet.graphql +++ b/test/output-app/schema/Tweet.graphql @@ -1,7 +1,7 @@ type Tweet { id: ObjID! author: User - coauthors: [User!] + coauthors: [User] body: String! likers(lastCreatedAt: Float, limit: Int): [User!] createdAt: Float! @@ -18,12 +18,12 @@ extend type Query { input CreateTweetInput { authorId: ObjID! body: String! - coauthorsIds: [ObjID!] + coauthorsIds: [ObjID] } input UpdateTweetInput { - body: String! - coauthorsIds: [ObjID!] + body: String + coauthorsIds: [ObjID] } extend type Mutation { diff --git a/test/output-app/server/authorize.js b/test/output-app/server/authorize.js new file mode 100644 index 0000000..69cbf35 --- /dev/null +++ b/test/output-app/server/authorize.js @@ -0,0 +1,104 @@ + import _ from 'lodash'; + import log from './logger'; + +/** + * @class Authorize + * adding Authorize to the context + **/ +export default class Authorize { + constructor(context){ + this.context = context; + } + + /** + * Returns an array of records, indexed by ids + * @params {object} collection + * @params {array} ids + * @params {object} authQuery + * @return {boolean} loggedIn + **/ + findByIdsWithAuth(collection, ids, authQuery) { + const baseQuery = { _id: { $in: ids } }; + const finalQuery = {...baseQuery, ...authQuery}; + return collection.find(finalQuery) + .toArray() + .then((docs) => { + const idMap = {}; + docs.forEach((d) => { idMap[d._id] = d; }); + return ids.map(id => idMap[id]); + }); + } + + /** + * Returns true, if user is loggedIn + * @params {object} user + * @return {boolean} loggedIn + **/ + loggedIn(user) { + if(user && user._id && user._id.toString() !== '') { + return true; + } + return false; + } + + // for compatibility reasons old document authorizer... + authorized({doc, mode, user, resolver}){ + log.debug(`user "${(user && user.username) ? user.username : ''}" authorized to ${mode} ${resolver} with doc "${(doc && doc._id) ? doc._id : ''}"`); + return doc; + } + + authorizedFields({doc, mode, user, resolver}){ + return doc; + } + + /** + * Returns a query object for the selection + * sets default values in the interface + * @params {object} user, the signed in or unknown user + * @params {array} userRoles, the role of the user, default '' + * @params {array} docRoles, the document owner fields of type: User + * @params {object} context, access to the User model methods + * @return {object} query-selection-object + **/ + //queryForRoles(user, userRoles, docRoles, { User }) { + queryForRoles(user, userRoles = [], docRoles = [], { User }) { + + // Authorized by userRoles + const role = User.authRole(user); + if (userRoles.includes(role)) { + return {}; + } + + // Authorized by docRoles + const query = { $or: [] }; + if (docRoles.length > 0){ + docRoles.forEach(docRole => query.$or.push( { [docRole]: user._id } )); + return query; + } + + // Not Authorized + return false; + } + + userForDoc(_user, docRoles, doc){ + const newDoc = Object.assign({}, doc); + let authorized = false; + docRoles.forEach(docRole => { + // user logged in and + // role field in doc exists and + // includes the current user + // includes works for String and Array + if ( + this.loggedIn(_user) && newDoc[docRole] && + ( + ( _.isArray(newDoc[docRole]) && newDoc[docRole].includes(_user._id.toString()) ) || + ( _.isObject(newDoc[docRole]) && newDoc[docRole].toString().includes(_user._id.toString()) ) + ) + ){ + authorized = true; + } + }) + return authorized; + } + +} diff --git a/test/output-app/server/index.js b/test/output-app/server/index.js index 2a0e52c..e8a6c61 100644 --- a/test/output-app/server/index.js +++ b/test/output-app/server/index.js @@ -50,7 +50,7 @@ async function startServer() { // Get the query, the same way express-graphql does it // https://github.com/graphql/express-graphql/blob/3fa6e68582d6d933d37fa9e841da5d2aa39261cd/src/index.js#L257 const query = req.query.query || req.body.query; - if (query && query.length > 2000) { + if (query && query.length > 4000) { // None of our app's queries are this long // Probably indicates someone trying to send an overly expensive query throw new Error('Query too large.'); @@ -59,7 +59,7 @@ async function startServer() { schema, context: Object.assign({ _user }, req.context), debug: true, - formatError(e) { console.log(e) }, + // formatError(e) { console.log(e) }, }; })(req, res, next); })(req, res, next); diff --git a/test/output-app/yarn.lock b/test/output-app/yarn.lock index 0d4ce4c..67d8e74 100644 --- a/test/output-app/yarn.lock +++ b/test/output-app/yarn.lock @@ -1188,6 +1188,10 @@ crc@3.4.0: version "3.4.0" resolved "https://registry.yarnpkg.com/crc/-/crc-3.4.0.tgz#4258e351613a74ef1153dfcb05e820c3e9715d7f" +create-graphql-server-authorization@^0.0.2: + version "0.0.2" + resolved "https://registry.yarnpkg.com/create-graphql-server-authorization/-/create-graphql-server-authorization-0.0.2.tgz#6449d9e32eeea8191bdd0e72a47dda78a696835f" + cryptiles@2.x.x: version "2.0.5" resolved "https://registry.yarnpkg.com/cryptiles/-/cryptiles-2.0.5.tgz#3bdfecdc608147c1c67202fa291e7dca59eaa3b8" @@ -1224,18 +1228,18 @@ dataloader@^1.2.0: version "1.2.0" resolved "https://registry.yarnpkg.com/dataloader/-/dataloader-1.2.0.tgz#3f73ea657c492c860c1633348adc55ca9bf2107e" -debug@2, debug@2.2.0, debug@^2.1.1, debug@^2.2.0, debug@~2.2.0: - version "2.2.0" - resolved "https://registry.yarnpkg.com/debug/-/debug-2.2.0.tgz#f87057e995b1a1f6ae6a4960664137bc56f039da" - dependencies: - ms "0.7.1" - -debug@2.6.8: +debug@2, debug@2.6.8, debug@^2.1.1, debug@^2.2.0: version "2.6.8" resolved "https://registry.yarnpkg.com/debug/-/debug-2.6.8.tgz#e731531ca2ede27d188222427da17821d68ff4fc" dependencies: ms "2.0.0" +debug@2.2.0, debug@~2.2.0: + version "2.2.0" + resolved "https://registry.yarnpkg.com/debug/-/debug-2.2.0.tgz#f87057e995b1a1f6ae6a4960664137bc56f039da" + dependencies: + ms "0.7.1" + decamelize@^1.1.1, decamelize@^1.1.2: version "1.2.0" resolved "https://registry.yarnpkg.com/decamelize/-/decamelize-1.2.0.tgz#f6534d15148269b20352e7bee26f501f9a191290" From 913aa9190ce9099f520c141cbf9b77a217cebf43 Mon Sep 17 00:00:00 2001 From: Tobias Klemmer Date: Wed, 14 Jun 2017 12:25:57 +0200 Subject: [PATCH 38/69] before simplification --- test/output-app/authorizations/helpers.js | 20 +++++++------ test/output-app/model/Tweet.js | 34 +++++++++++++---------- test/output-app/model/User.js | 29 +++++++++++-------- test/output-app/resolvers/Tweet.js | 6 ++-- test/output-app/resolvers/User.js | 6 ++-- test/output-app/server/authenticate.js | 1 - 6 files changed, 55 insertions(+), 41 deletions(-) diff --git a/test/output-app/authorizations/helpers.js b/test/output-app/authorizations/helpers.js index 4fe4e03..d20eb5d 100644 --- a/test/output-app/authorizations/helpers.js +++ b/test/output-app/authorizations/helpers.js @@ -20,7 +20,7 @@ export function loggedIn(user) { return false; } -export function queryForRoles(user, userRoles = [], docRoles = [], { User }) { +export function queryForRoles(user = {}, userRoles = [], docRoles = [], { User }) { // Authorized by userRoles const role = User.authRole(user); if (userRoles.includes(role) || userRoles.includes('world')) { @@ -36,19 +36,23 @@ export function queryForRoles(user, userRoles = [], docRoles = [], { User }) { return false; } -export function userAuthorizedForDoc(_user, docRoles, doc){ +export function userAuthorizedForDoc(user = {}, userRoles = [], docRoles = [], { User }, doc){ const newDoc = Object.assign({}, doc); let authorized = false; + // Authorized by userRoles + const role = User.authRole(user); + if (userRoles.includes(role) || userRoles.includes('world')) { + authorized = true; + } + // Authorized by docRoles docRoles.forEach(docRole => { - // user logged in and - // role field in doc exists and + // user logged in and role field in doc exists and // includes the current user - // includes works for String and Array if ( - loggedIn(_user) && newDoc[docRole] && + loggedIn(user) && newDoc[docRole] && ( - ( _.isArray(newDoc[docRole]) && newDoc[docRole].includes(_user._id.toString()) ) || - ( _.isObject(newDoc[docRole]) && newDoc[docRole].toString().includes(_user._id.toString()) ) + ( _.isArray(newDoc[docRole]) && newDoc[docRole].includes(user._id.toString()) ) || + ( _.isObject(newDoc[docRole]) && newDoc[docRole].toString().includes(user._id.toString()) ) ) ){ authorized = true; diff --git a/test/output-app/model/Tweet.js b/test/output-app/model/Tweet.js index 75dbb95..ece266a 100644 --- a/test/output-app/model/Tweet.js +++ b/test/output-app/model/Tweet.js @@ -15,22 +15,26 @@ export default class Tweet { this.docRoles = auth[this.type].docRoles; } - findOneById(id, _user = {}, resolver = '') { + getOneById(id, _user = {}, resolver = '') { const authQuery = queryForRoles(_user, this.userRoles.readOne, this.docRoles.readOne, { User: this.context.User }); - log.debug(`${resolver} findOneById readOne with user ${(_user && _user.username) ? _user.username : ''} for ${this.type} and ${id}`); - log.debug('authQuery:', JSON.stringify(authQuery, null, 2)); + log.debug(`${resolver} getOneById readOne with user ${(_user && _user.username) ? _user.username : ''} for ${this.type} and ${id}`); + if (typeof authQuery === "object" && Object.keys(authQuery).length > 0 ) log.debug('authQuery:', JSON.stringify(authQuery, null, 2)); if (authQuery === false) { throw new Error(`Not authorized to readOne ${this.type} ${id}.`); } return this.loader.load(id, authQuery); } + findOneById(id) { + return this.loader.load(id); + } + all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = '') { const baseQuery = { createdAt: { $gt: lastCreatedAt } }; const authQuery = queryForRoles(_user, this.userRoles.readMany, this.docRoles.readMany, { User: this.context.User }); const finalQuery = {...baseQuery, ...authQuery}; log.debug(`${resolver} all readMany with user ${(_user && _user.username) ? _user.username : ''} for ${this.type}`); - if (authQuery != {}) log.debug('authQuery:', JSON.stringify(authQuery, null, 2)); + if (typeof authQuery === "object" && Object.keys(authQuery).length > 0 ) log.debug('authQuery:', JSON.stringify(authQuery, null, 2)); if (authQuery === false) { throw new Error(`Not authorized to readMany ${this.type}.`); } @@ -38,15 +42,15 @@ export default class Tweet { } author(tweet, _user) { - return this.context.User.findOneById(tweet.authorId, _user, 'author'); + return this.context.User.getOneById(tweet.authorId, _user, 'author'); } createdBy(tweet, _user) { - return this.context.User.findOneById(tweet.createdById, _user, 'createdBy'); + return this.context.User.getOneById(tweet.createdById, _user, 'createdBy'); } updatedBy(tweet, _user) { - return this.context.User.findOneById(tweet.updatedById, _user, 'udpatedBy'); + return this.context.User.getOneById(tweet.updatedById, _user, 'udpatedBy'); } coauthors(tweet, { lastCreatedAt = 0, limit = 10 }, _user) { @@ -54,7 +58,7 @@ export default class Tweet { const authQuery = queryForRoles(_user, this.userRoles.readMany, this.docRoles.readMany, { User: this.context.User }); const finalQuery = {...baseQuery, ...authQuery}; log.debug(`coauthors readMany with user ${(_user && _user.username) ? _user.username : ''} for ${this.type}`); - log.debug('authQuery:', JSON.stringify(authQuery, null, 2)); + if (typeof authQuery === "object" && Object.keys(authQuery).length > 0 ) log.debug('authQuery:', JSON.stringify(authQuery, null, 2)); if (authQuery === false) { throw new Error(`coauthors Not authorized to readMany ${this.type} ${id}.`); } @@ -66,7 +70,7 @@ export default class Tweet { const authQuery = queryForRoles(_user, this.userRoles.readMany, this.docRoles.readMany, { User: this.context.User }); const finalQuery = {...baseQuery, ...authQuery}; log.debug(`likers readMany with user ${(_user && _user.username) ? _user.username : ''} for ${this.type}`); - log.debug('authQuery:', JSON.stringify(authQuery, null, 2)); + if (typeof authQuery === "object" && Object.keys(authQuery).length > 0 ) log.debug('authQuery:', JSON.stringify(authQuery, null, 2)); if (authQuery === false) { throw new Error(`coauthors Not authorized to readMany ${this.type} ${id}.`); } @@ -82,7 +86,7 @@ export default class Tweet { }); const authQuery = queryForRoles(_user, this.userRoles.create, this.docRoles.create, { User: this.context.User }); - if (authQuery === false || (authQuery !== {} && !userAuthorizedForDoc(_user, this.docRoles.create, doc)) ) { + if (authQuery === false || (typeof authQuery === "object" && Object.keys(authQuery).length > 0 && !userAuthorizedForDoc(_user, this.userRoles.create, this.docRoles.create, { User: this.context.User }, docToInsert)) ) { throw new Error(`Not authorized to insert ${this.type} ${id}.`); } @@ -95,7 +99,7 @@ export default class Tweet { throw new Error(`insert not possible for ${this.type} ${id}.`); } - this.pubsub.publish('tweetInserted', await this.findOneById(id)); + this.pubsub.publish('tweetInserted', await this.getOneById(id, _user, 'pubsub tweetInserted')); return id; } @@ -107,7 +111,7 @@ export default class Tweet { const baseQuery = {_id: id}; const authQuery = queryForRoles(_user, this.userRoles.update, this.docRoles.update, { User: this.context.User }); - if (authQuery === false) { + if (authQuery === false || (typeof authQuery === "object" && Object.keys(authQuery).length > 0 && !userAuthorizedForDoc(_user, this.userRoles.update, this.docRoles.update, { User: this.context.User }, docToUpdate)) ) { throw new Error(`Not authorized to update ${this.type} ${id}.`); } @@ -123,14 +127,16 @@ export default class Tweet { } this.loader.clear(id); - this.pubsub.publish('tweetUpdated', await this.findOneById(id)); + this.pubsub.publish('tweetUpdated', await this.getOneById(id, _user, 'pubsub tweetUpdated')); return result; } async removeById(id, _user) { const baseQuery = {_id: id}; const authQuery = queryForRoles(_user, this.userRoles.delete, this.docRoles.delete, { User: this.context.User }); - if (!authQuery) throw new Error(`Not authorized to remove ${this.type} ${id}.`); + if (authQuery === false || (typeof authQuery === "object" && Object.keys(authQuery).length > 0 && !userAuthorizedForDoc(_user, this.userRoles.delete, this.docRoles.delete, { User: this.context.User }, {_id: id} )) ) { + throw new Error(`Not authorized to remove ${this.type} ${id}.`); + } const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.remove(finalQuery); diff --git a/test/output-app/model/User.js b/test/output-app/model/User.js index 4eb3406..10b97f7 100644 --- a/test/output-app/model/User.js +++ b/test/output-app/model/User.js @@ -24,22 +24,26 @@ export default class User { return (user && user.role) ? user.role : ''; } - findOneById(id, _user = {}, resolver = '') { + getOneById(id, _user = {}, resolver = '') { const authQuery = queryForRoles(_user, this.userRoles.readOne, this.docRoles.readOne, { User: this.context.User }); - log.debug(`${resolver} findOneById readOne with user ${(_user && _user.username) ? _user.username : ''} for ${this.type} and ${id}`); - if (authQuery === {}) log.debug('authQuery:', JSON.stringify(authQuery, null, 2)); + log.debug(`${resolver} getOneById readOne with user ${(_user && _user.username) ? _user.username : ''} for ${this.type} and ${id}`); + if (typeof authQuery === "object" && Object.keys(authQuery).length > 0 ) log.debug('authQuery:', JSON.stringify(authQuery, null, 2)); if (authQuery === false) { throw new Error(`Not authorized to readOne ${this.type} ${id}.`); } return this.loader.load(id, authQuery); } + findOneById(id) { + return this.loader.load(id); + } + all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = '') { const baseQuery = { createdAt: { $gt: lastCreatedAt } }; const authQuery = queryForRoles(_user, this.userRoles.readMany, this.docRoles.readMany, { User: this.context.User }); const finalQuery = {...baseQuery, ...authQuery}; log.debug(`${resolver} all readMany with user ${(_user && _user.username) ? _user.username : ''} for ${this.type}`); - if (authQuery != {}) log.debug('authQuery:', JSON.stringify(authQuery, null, 2)); + if (typeof authQuery === "object" && Object.keys(authQuery).length > 0 ) log.debug('authQuery:', JSON.stringify(authQuery, null, 2)); if (authQuery === false) { throw new Error(`Not authorized to readMany ${this.type}.`); } @@ -75,11 +79,11 @@ export default class User { } createdBy(user, _user) { - return this.context.User.findOneById(user.createdById, _user, 'createdBy'); + return this.context.User.getOneById(user.createdById, _user, 'createdBy'); } updatedBy(user, _user) { - return this.context.User.findOneById(user.updatedById, _user, 'updatedBy'); + return this.context.User.getOneById(user.updatedById, _user, 'updatedBy'); } async insert(doc, _user) { @@ -91,7 +95,7 @@ export default class User { }); const authQuery = queryForRoles(_user, this.userRoles.create, this.docRoles.create, { User: this.context.User }); - if (authQuery === false || (authQuery !== {} && !userAuthorizedForDoc(_user, this.docRoles.create, doc)) ) { + if (authQuery === false || !userAuthorizedForDoc(_user, this.userRoles.create, this.docRoles.create, { User: this.context.User }, docToInsert) ) { throw new Error(`Not authorized to insert ${this.type} ${id}.`); } @@ -104,7 +108,7 @@ export default class User { throw new Error(`insert not possible for ${this.type} ${id}.`); } - this.pubsub.publish('userInserted', await this.findOneById(id)); + this.pubsub.publish('userInserted', await this.getOneById(id, _user, 'pubsub userInserted')); return id; } @@ -116,7 +120,7 @@ export default class User { const baseQuery = {_id: id}; const authQuery = queryForRoles(_user, this.userRoles.update, this.docRoles.update, { User: this.context.User }); - if (authQuery === false) { + if (authQuery === false || !userAuthorizedForDoc(_user, this.userRoles.update, this.docRoles.update, { User: this.context.User }, docToUpdate) ) { throw new Error(`Not authorized to update ${this.type} ${id}.`); } @@ -132,15 +136,16 @@ export default class User { } this.loader.clear(id); - this.pubsub.publish('userUpdated', await this.findOneById(id)); + this.pubsub.publish('userUpdated', await this.getOneById(id, _user, 'pubsub userUpdated')); return result; } async removeById(id, _user) { const baseQuery = {_id: id}; const authQuery = queryForRoles(_user, this.userRoles.delete, this.docRoles.delete, { User: this.context.User }); - if (!authQuery) throw new Error(`Not authorized to remove ${this.type} ${id}.`); - + if (authQuery === false || !userAuthorizedForDoc(_user, this.userRoles.delete, this.docRoles.delete, { User: this.context.User }, {_id: id} ) ) { + throw new Error(`Not authorized to remove ${this.type} ${id}.`); + } const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.remove(finalQuery); diff --git a/test/output-app/resolvers/Tweet.js b/test/output-app/resolvers/Tweet.js index 2ed9454..e3bf212 100644 --- a/test/output-app/resolvers/Tweet.js +++ b/test/output-app/resolvers/Tweet.js @@ -35,7 +35,7 @@ const resolvers = { tweet(root, { id }, { Tweet, _user }) { try { - return Tweet.findOneById(id, _user, 'tweet'); + return Tweet.getOneById(id, _user, 'tweet'); } catch(error){ console.log('ERROR:', error.message); } @@ -45,7 +45,7 @@ const resolvers = { async createTweet(root, { input }, { Tweet, _user }) { try { const id = await Tweet.insert(input, _user); - return Tweet.findOneById(id, _user, 'createTweet'); + return Tweet.getOneById(id, _user, 'createTweet'); } catch(error) { console.log('ERROR:', error.message); } @@ -54,7 +54,7 @@ const resolvers = { async updateTweet(root, { id, input }, { Tweet, _user }) { try { await Tweet.updateById(id, input, _user); - return Tweet.findOneById(id, _user, 'updateTweet'); + return Tweet.getOneById(id, _user, 'updateTweet'); } catch(error) { console.log('ERROR:', error.message); } diff --git a/test/output-app/resolvers/User.js b/test/output-app/resolvers/User.js index fcb69d5..0aa5cc3 100644 --- a/test/output-app/resolvers/User.js +++ b/test/output-app/resolvers/User.js @@ -34,14 +34,14 @@ }, user(root, { id }, { User, _user }) { - return User.findOneById(id, _user, 'user'); + return User.getOneById(id, _user, 'user'); }, }, Mutation: { async createUser(root, { input }, { User, _user }) { try { const id = await User.insert(input, _user); - return User.findOneById(id, _user, 'createUser'); + return User.getOneById(id, _user, 'createUser'); } catch(error) { console.log('ERROR:', error.message); } @@ -50,7 +50,7 @@ async updateUser(root, { id, input }, { User, _user }) { try { await User.updateById(id, input, _user); - return User.findOneById(id, _user, 'updateUser'); + return User.getOneById(id, _user, 'updateUser'); } catch(error) { console.log('ERROR:', error.message); } diff --git a/test/output-app/server/authenticate.js b/test/output-app/server/authenticate.js index a08b286..3c37011 100644 --- a/test/output-app/server/authenticate.js +++ b/test/output-app/server/authenticate.js @@ -11,7 +11,6 @@ async function userFromPayload(request, jwtPayload) { if (!jwtPayload.userId) { throw new Error('No userId in JWT'); } - return await request.context.User.findOneById(ObjectId(jwtPayload.userId)); } From e458afc59508acbc91e21f2adadc45f77ad0620e Mon Sep 17 00:00:00 2001 From: Tobias Klemmer Date: Thu, 15 Jun 2017 21:15:29 +0200 Subject: [PATCH 39/69] with authorization folder --- test/input/User.graphql | 2 +- .../test-3-mutations-with-user-role-admin.js | 65 ++- .../test-4-mutations-with-unknown-user.js | 17 +- .../test-5-mutations-with-user-role-user.js | 39 +- .../test-6-mutations-with-user-role-editor.js | 26 +- test/output-app/authorizations/Tweet.js | 2 +- test/output-app/authorizations/User.js | 23 +- test/output-app/authorizations/helpers.js | 160 ++++++-- test/output-app/model/Tweet-complicated.js | 371 ------------------ test/output-app/model/Tweet.js | 64 +-- test/output-app/model/User-complicated.js | 328 ---------------- test/output-app/model/User.js | 92 ++--- test/output-app/model/index.js | 2 - test/output-app/resolvers/Tweet.js | 34 +- test/output-app/resolvers/User.js | 22 +- test/output-app/server/authorize.js | 104 ----- 16 files changed, 293 insertions(+), 1058 deletions(-) delete mode 100644 test/output-app/model/Tweet-complicated.js delete mode 100644 test/output-app/model/User-complicated.js delete mode 100644 test/output-app/server/authorize.js diff --git a/test/input/User.graphql b/test/input/User.graphql index 7d6240b..042d616 100644 --- a/test/input/User.graphql +++ b/test/input/User.graphql @@ -6,7 +6,7 @@ type User ) { - role: String! @authRole("admin") @authorize(admin: ["create", "read", "update"], this: ["read"]) + role: String! @authRole("admin") @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne", "delete"]) username: String! diff --git a/test/output-app-end-to-end/test-3-mutations-with-user-role-admin.js b/test/output-app-end-to-end/test-3-mutations-with-user-role-admin.js index f5c0e60..8cd55d0 100644 --- a/test/output-app-end-to-end/test-3-mutations-with-user-role-admin.js +++ b/test/output-app-end-to-end/test-3-mutations-with-user-role-admin.js @@ -5,20 +5,28 @@ import { sendQuery, sendQueryAndExpect, roleUser, adminUser } from './sendQuery' let newUser; let otherUser; let tweetId; +let tweetId2; let tweetIdOthers; function makeUserInput(user) { - return `{ - username: "${user.username}", - bio: "${user.bio}", - role: "${user.role}" - }`; + if (user.role) + return `{ + username: "${user.username}", + bio: "${user.bio}", + role: "${user.role}" + }`; + else + return `{ + username: "${user.username}", + bio: "${user.bio}" + }`; } function makeTweetInput(tweet, userId) { if (tweet.author) { return `{ authorId: "${userId ? userId : tweet.author.id}", + coauthorsIds: ${tweet.coauthorsIds ? JSON.stringify(tweet.coauthorsIds) : JSON.stringify([])}, body: "${tweet.body}" }`; } @@ -68,7 +76,7 @@ describe('test-3: user with role "admin"', () => { assert.isNotNull(newUser); }); - it('can create new users', () => { + it('admin user created new "other" user with role "editor"', () => { const expectedUser = { username: 'zol', bio: 'Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead', @@ -88,27 +96,6 @@ describe('test-3: user with role "admin"', () => { assert.isNotNull(result.data.createUser); assert.isNotNull(result.data.createUser.id); otherUser = result.data.createUser.id; - - let expectedTweet = { - author: { id: otherUser }, - body: 'This is a test tweet of user zoltan', - }; - - sendQuery({ query: ` - mutation { - createTweet(input: ${makeTweetInput(expectedTweet, otherUser)}) { - id - } - } - `, - userId: otherUser - }) - .then((result) => { - assert.isNotNull(result.data); - assert.isNotNull(result.data.createTweet); - assert.isNotNull(result.data.createTweet.id); - tweetIdOthers = result.data.createTweet.id; - }); }); }); @@ -230,11 +217,7 @@ describe('test-3: user with role "admin"', () => { } } `, { - updateUser: { - username: 'tobkle', - bio: 'Maker of things, I guess', - role: 'editor' - } + updateUser: null }, newUser) }); @@ -276,11 +259,13 @@ describe('test-3: user with role "admin"', () => { let expectedTweet = { author: { id: newUser }, + //coauthors: [], body: 'This is a test tweet of user tobkle', }; const expectedTweetOtherAuthor = { author: { id: adminUser }, + //coauthors: [], body: 'We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:', }; @@ -316,16 +301,22 @@ describe('test-3: user with role "admin"', () => { assert.isNotNull(tweetId); }); - it('can not create tweet for other author', () => { - return sendQueryAndExpect(` + it('can create tweet for other author', () => { + sendQuery({ query: ` mutation { createTweet(input: ${makeTweetInput(expectedTweetOtherAuthor, adminUser)}) { id } } - `, - { createTweet: null }, - newUser); + `, + userId: newUser + }) + .then((result) => { + assert.isNotNull(result.data); + assert.isNotNull(result.data.createTweet); + assert.isNotNull(result.data.createTweet.id); + tweetIdOthers = result.data.createTweet.id; + }) }); it('can read own tweet', () => { diff --git a/test/output-app-end-to-end/test-4-mutations-with-unknown-user.js b/test/output-app-end-to-end/test-4-mutations-with-unknown-user.js index 18da560..b9654db 100644 --- a/test/output-app-end-to-end/test-4-mutations-with-unknown-user.js +++ b/test/output-app-end-to-end/test-4-mutations-with-unknown-user.js @@ -7,17 +7,24 @@ let tweetId; const tweetIdOthers = '583676d3618530145474e352'; function makeUserInput(user) { - return `{ - username: "${user.username}", - bio: "${user.bio}", - role: "${user.role}" - }`; + if (user.role) + return `{ + username: "${user.username}", + bio: "${user.bio}", + role: "${user.role}" + }`; + else + return `{ + username: "${user.username}", + bio: "${user.bio}" + }`; } function makeTweetInput(tweet, userId) { if (tweet.author) { return `{ authorId: "${userId ? userId : tweet.author.id}", + coauthorsIds: ${tweet.coauthorsIds ? JSON.stringify(tweet.coauthorsIds) : JSON.stringify([])}, body: "${tweet.body}" }`; } diff --git a/test/output-app-end-to-end/test-5-mutations-with-user-role-user.js b/test/output-app-end-to-end/test-5-mutations-with-user-role-user.js index 0c16c90..1f8e5d1 100644 --- a/test/output-app-end-to-end/test-5-mutations-with-user-role-user.js +++ b/test/output-app-end-to-end/test-5-mutations-with-user-role-user.js @@ -7,17 +7,24 @@ let tweetId; const tweetIdOthers = '583676d3618530145474e352'; function makeUserInput(user) { - return `{ - username: "${user.username}", - bio: "${user.bio}", - role: "${user.role}" - }`; + if (user.role) + return `{ + username: "${user.username}", + bio: "${user.bio}", + role: "${user.role}" + }`; + else + return `{ + username: "${user.username}", + bio: "${user.bio}" + }`; } function makeTweetInput(tweet, userId) { if (tweet.author) { return `{ authorId: "${userId ? userId : tweet.author.id}", + coauthorsIds: ${tweet.coauthorsIds ? JSON.stringify(tweet.coauthorsIds) : JSON.stringify([])}, body: "${tweet.body}" }`; } @@ -90,7 +97,18 @@ describe('test-5: user with role "user"', () => { newUser) }); - it('can read himself', () => { + it('can read himself without field "role"', () => { + return sendQueryAndExpect(` + { user(id: "${newUser}") { username } } + `, { + user: { + username: 'tobkle' + } + }, + newUser) + }); + + it('can read himself with field "role"', () => { return sendQueryAndExpect(` { user(id: "${newUser}") { username, role } } `, { @@ -124,21 +142,18 @@ describe('test-5: user with role "user"', () => { const modifiedUser = { username: 'tobkle', bio: 'Maker of things, I guess', - role: 'user' }; return sendQueryAndExpect(` mutation { updateUser(id: "${newUser}", input: ${makeUserInput(modifiedUser)}) { username bio - role } } `, { updateUser: { username: 'tobkle', bio: 'Maker of things, I guess', - role: 'user' } }, newUser) @@ -159,11 +174,7 @@ describe('test-5: user with role "user"', () => { } } `, { - updateUser: { - username: 'tobkle', - bio: 'Maker of things, I guess', - role: 'user' - } + updateUser: null }, newUser) }); diff --git a/test/output-app-end-to-end/test-6-mutations-with-user-role-editor.js b/test/output-app-end-to-end/test-6-mutations-with-user-role-editor.js index b0fbe5b..9419eeb 100644 --- a/test/output-app-end-to-end/test-6-mutations-with-user-role-editor.js +++ b/test/output-app-end-to-end/test-6-mutations-with-user-role-editor.js @@ -7,17 +7,24 @@ let tweetId; const tweetIdOthers = '583676d3618530145474e352'; function makeUserInput(user) { - return `{ - username: "${user.username}", - bio: "${user.bio}", - role: "${user.role}" - }`; + if (user.role) + return `{ + username: "${user.username}", + bio: "${user.bio}", + role: "${user.role}" + }`; + else + return `{ + username: "${user.username}", + bio: "${user.bio}" + }`; } function makeTweetInput(tweet, userId) { if (tweet.author) { return `{ authorId: "${userId ? userId : tweet.author.id}", + coauthorsIds: ${tweet.coauthorsIds ? JSON.stringify(tweet.coauthorsIds) : JSON.stringify([])}, body: "${tweet.body}" }`; } @@ -124,21 +131,18 @@ describe('test-6: user with role "editor"', () => { const modifiedUser = { username: 'tmeasday', bio: 'Maker of things, I guess', - role: 'editor' }; return sendQueryAndExpect(` mutation { updateUser(id: "${newUser}", input: ${makeUserInput(modifiedUser)}) { username bio - role } } `, { updateUser: { username: 'tmeasday', bio: 'Maker of things, I guess', - role: 'editor' } }, newUser) @@ -159,11 +163,7 @@ describe('test-6: user with role "editor"', () => { } } `, { - updateUser: { - username: 'tmeasday', - bio: 'Maker of things, I guess', - role: 'editor' - } + updateUser: null }, newUser) }); diff --git a/test/output-app/authorizations/Tweet.js b/test/output-app/authorizations/Tweet.js index afdf844..a25a32c 100644 --- a/test/output-app/authorizations/Tweet.js +++ b/test/output-app/authorizations/Tweet.js @@ -14,5 +14,5 @@ export const Tweet = { readMany: ['authorId', 'coauthorsIds'], update: ['authorId', 'coauthorsIds'], delete: ['authorId'], - } + }, }; diff --git a/test/output-app/authorizations/User.js b/test/output-app/authorizations/User.js index 7ea5d02..3654abf 100644 --- a/test/output-app/authorizations/User.js +++ b/test/output-app/authorizations/User.js @@ -14,5 +14,26 @@ export const User = { readMany: [], update: ['_id'], delete: ['_id'], - } + }, + fields: [ + { + name: 'role', + userRoles: { + create: ['admin'], + read: ['admin'], + readOne: ['admin'], + readMany: ['admin'], + update: ['admin'], + delete: ['admin'], + }, + docRoles: { + create: [], + read: [], + readOne: ['_id'], // == 'this' + readMany: [], + update: [], + delete: ['_id'], + }, + } + ] }; diff --git a/test/output-app/authorizations/helpers.js b/test/output-app/authorizations/helpers.js index d20eb5d..3b6cc78 100644 --- a/test/output-app/authorizations/helpers.js +++ b/test/output-app/authorizations/helpers.js @@ -1,18 +1,20 @@ import _ from 'lodash'; import log from '../server/logger'; -export function findByIds(collection, ids, authQuery) { - const baseQuery = { _id: { $in: ids } }; - const finalQuery = {...baseQuery, ...authQuery}; - return collection.find(finalQuery) - .toArray() - .then((docs) => { - const idMap = {}; - docs.forEach((d) => { idMap[d._id] = d; }); - return ids.map(id => idMap[id]); - }); +// enhanced version of tmeasday's findByIds plus authQuery handling +export function findByIds(collection, ids = [], authQuery = {}) { + const baseQuery = { _id: { $in: ids } }; + const finalQuery = {...baseQuery, ...authQuery}; + return collection.find(finalQuery) + .toArray() + .then((docs) => { + const idMap = {}; + docs.forEach((d) => { idMap[d._id] = d; }); + return ids.map(id => idMap[id]); + }); } +// returns true, if user is logged in export function loggedIn(user) { if(user && user._id && user._id.toString() !== '') { return true; @@ -20,43 +22,129 @@ export function loggedIn(user) { return false; } -export function queryForRoles(user = {}, userRoles = [], docRoles = [], { User }) { - // Authorized by userRoles - const role = User.authRole(user); - if (userRoles.includes(role) || userRoles.includes('world')) { - return {}; +// creates an authQuery object with additional query arguments, to implement authorization restrictions for mongodb access +export function queryForRoles(user = {}, auth = {}, type = '', mode = '', { User }, doc = {}, resolver = '') { + + // Build query for the case: The logged in user's role is authorized + if (roleAuthorizedForDoc(user, auth, type, mode, { User }, doc, resolver)) { + return {}; // empty authQuery means, do operation with no access restrictions } - // Authorized by docRoles + + // Build query for the case: The user is listed in any document field const query = { $or: [] }; - if (docRoles.length > 0 && user && user._id){ + if (userAuthorizedForDoc(user, auth, type, mode, { User }, doc, resolver)){ + const docRoles = auth[type].docRoles[mode] || []; docRoles.forEach(docRole => query.$or.push( { [docRole]: user._id } ) ); + log.debug('authQuery:', JSON.stringify(query, null, 2)); return query; } + // Not Authorized - return false; + throw new Error(`Authorization: Not authorized to ${mode} ${type} ${doc._id ? doc._id : ''}.`); } -export function userAuthorizedForDoc(user = {}, userRoles = [], docRoles = [], { User }, doc){ - const newDoc = Object.assign({}, doc); - let authorized = false; - // Authorized by userRoles +// returns true, if the user's role is authorized for a document +export function roleAuthorizedForDoc(user = {}, auth = {}, type = '', mode = '', { User }, doc = {}, resolver = ''){ + const userRoles = auth[type].userRoles[mode] || []; const role = User.authRole(user); - if (userRoles.includes(role) || userRoles.includes('world')) { - authorized = true; + const fields = auth[type].fields || []; + + if ( userRoles.includes('world') || role && role !== '' && role !== '' && userRoles.length > 0 && userRoles.includes(role) ) { + let fieldsAuthorized = true; + + // check all fields with @authorize directives, if any of them is not allowed for the role + fields.forEach(field => { + // if this field is in the document, + if (doc[field.name]) { + const fieldUserRoles = field.userRoles[mode] || []; + //check if the user role doesn't allow this field + if ( fieldUserRoles.length === 0 || ! ( fieldUserRoles.includes(role) || fieldUserRoles.includes('world') ) ){ + fieldsAuthorized = false; + } + } + }); + + // only if all fields of the document are allowed for the role + if (fieldsAuthorized){ + log.debug(`${resolver} ${mode} with user ${user.username ? user.username : ''} for ${type} and ${doc._id ? doc._id : ''}`); + return true; + } + } - // Authorized by docRoles + + return false; +} + +// returns true, if the user is authorized by a document role +export function userAuthorizedForDoc(user = {}, auth = {}, type = '', mode = '', { User }, doc = {}, resolver = ''){ + const docRoles = auth[type].docRoles[mode] || []; + const fields = auth[type].fields || []; + let userId; + let authorized = false; + + // document role checks work only with logged in user + if (!loggedIn(user)) return false; + userId = user._id.toString(); + + // check if any docRole leads to an authorization docRoles.forEach(docRole => { - // user logged in and role field in doc exists and - // includes the current user - if ( - loggedIn(user) && newDoc[docRole] && - ( - ( _.isArray(newDoc[docRole]) && newDoc[docRole].includes(user._id.toString()) ) || - ( _.isObject(newDoc[docRole]) && newDoc[docRole].toString().includes(user._id.toString()) ) - ) - ){ - authorized = true; + const docRoleField = doc[docRole]; + let fieldsAuthorized = true; + // check if the field for the docRole check is in the document, if not, it cannot be checked + if (docRoleField){ + // check if user is authorized for doc + if (fieldContainsUserId(docRoleField, userId)){ + + // check if user is authorized for the doc's fields + fields.forEach(field => { + const fieldDocRoles = field.docRoles[mode] || []; + // check if restricted field is in the current document, and if the current docRole is not in the docRole of the field + if (mode !== 'update' && doc[field.name] && !fieldDocRoles.includes(docRole)){ + fieldsAuthorized = false; + } + // check if doc contains a $set object, and this contains any of the fields, + // and if the current docRole is not in the docRole of the field + if (mode === 'update' && doc.$set && doc.$set[field.name] && !fieldDocRoles.includes(docRole)){ + fieldsAuthorized = false; + } + }); + + // only if the same role is authorized for the document and all fields, it is allowed + if (fieldsAuthorized){ + log.debug(`${resolver} ${mode} with user ${(user.username) ? user.username : ''} for ${type} and docRole ${docRole} for doc with id: ${doc._id ? doc._id : ''}`); + authorized = true; + return true; + } + + } } - }) + }); + return authorized; } + +// returns true, if a field of type array/object/string contains the userId +export function fieldContainsUserId(docRoleField, userId) { + let userIdFound = false; + + // handle an array of userIds + if (_.isArray(docRoleField)){ + docRoleField.forEach(field => { + if (field.toString() === userId){ + userIdFound = true; + } + }); + } + + // handle a field with one userId, must be an object, if it is an ObjectId('') + if (_.isObject(docRoleField) && docRoleField.toString() === userId){ + userIdFound = true; + } + + // handle a field with just an userId String + if (_.isString(docRoleField) && docRoleField.toString() === userId){ + userIdFound = true; + } + + return userIdFound; +} diff --git a/test/output-app/model/Tweet-complicated.js b/test/output-app/model/Tweet-complicated.js deleted file mode 100644 index 2ead2d1..0000000 --- a/test/output-app/model/Tweet-complicated.js +++ /dev/null @@ -1,371 +0,0 @@ -import _ from 'lodash'; -import log from '../server/logger'; -import DataLoader from 'dataloader'; -import findByIds from 'mongo-find-by-ids'; -import { CREATE, READ, READONE, READMANY, UPDATE, DELETE, DEBUG } from './constants'; - -export default class Tweet { - constructor(context) { - /* this is generated from ... - @authorize( - admin: ["read", "update", "delete"], - author: ["create", "read", "update", "delete"], - coauthors: ["read", "update"], - world: ["read"] - ) - */ - this.authorizations = { - admin: { - read: true, - readOne: true, - readMany: true, - update: true, - delete: true, - }, - author: { - create: true, - read: true, - readOne: true, - readMany: true, - update: true, - delete: true, - }, - coauthors: { - read: true, - readOne: true, - readMany: true, - update: true, - }, - world: { - read: true, - readOne: true, - readMany: true, - } - }; - this.context = context; - this.collection = context.db.collection('tweet'); - this.pubsub = context.pubsub; - this.loader = new DataLoader(ids => findByIds(this.collection, ids)); - } - - // returns true, if the user's role is of expected kind - // this is generated whenever @authorize appears in the type definition - hasUserRole({role, doc, user, mode, printLog = true, resolver}){ - let hasRole = false; - switch (role) { - // returns true, if signed in user has a role "admin" - // this is generated by... - // @authorize(admin: ["read", "update", "delete"]) - // ----- - // and if there is no @authRole("admin") user on any of the fields - // then it assumes a role definition - // and it checks against the role of the signed in user - case 'admin': - hasRole = ( - // valid signed in user id available - !!user && !!user._id && user._id.toString() !== '' && - // the current user has the correct role - this.context.User.role(user) === 'admin' - ); - break; - // returns true, if the signed in user is an author - // this is generated by... - // author: User! @unmodifiable @belongsTo @authRole("author") - // ----- ------------------- - case 'author': - hasRole = ( - // valid signed in user id available - !!user && !!user._id && user._id.toString() !== '' && - // valid document author available - !!doc && !!doc.authorId && doc.authorId.toString() !== '' && - // document author equals signed in user - doc.authorId.toString() === user._id.toString() - ); - break; - // returns true, if the signed in user is one of the coauthors - // this is generated by... - // coauthors: [User!] @belongsTo @authRole("coauthors") - // ------- ---------------------- - case 'coauthors': - hasRole = ( - // valid signed in user id available - !!user && !!user._id && user._id.toString() !== '' && - // document has at least one coauthors - !!doc && !!doc.coauthorsIds && _.isArray(doc.coauthorsIds) && doc.coauthorsIds.length > 0 && - // current signed in user is a coauthors - _.indexOf(doc.coauthorsIds, user._id.toString()) > -1 - ); - break; - // returns true, if user has a role "world" - // this is generated by... - // @authorize(world: ["read"]) - // ----- - // and if there is no @authRole("world") user on any of the fields - // then it assumes the special role definition "world" - // which means for every user, signed in or not signed in - case 'world': - hasRole = true; - break; - } - if (printLog){ - log.debug(''); - log.debug(`${resolver} hasRole: "${role}" "${ - user.username ? user.username : '' - } ${ - user.role ? user.role : '' - } ${ - user._id ? user._id : '' - } doc: "${ - (doc && doc._id) ? doc._id.toString() : '' - }" author: "${ - (doc && doc.authorId) ? doc.authorId : '' - }" coauthors: "${ - (doc && doc.coauthorsIds && doc.coauthorsIds.length > 0) ? doc.coauthorsIds.toString() : '' - }" ==> "${hasRole}"`); - } - return hasRole; - } - - // returns true, if the user role is authorized for the current mode - // this is generated whenever @authorize appears in the type definition - isRoleAuthorizedForMode({role, mode, resolver}){ - log.debug(`${resolver} isRoleAuthorizedForMode: "${role}" "${mode}" ==> "${this.authorizations[role][mode] ? true : false}"`); - return this.authorizations[role][mode] ? true : false; - } - - // returns true, if the current user is authorized for the current mode and document - // this is generated, whenever @authorize appears... - isAuthorized({doc, mode, user, resolver}){ - // generated by @authorize(admin: ...) - const adminAuthorized = this.hasUserRole({role: 'admin', doc, user, mode, printLog: true, resolver}) && - this.isRoleAuthorizedForMode({role: 'admin', mode, resolver}); - - // logging for debugging... - if (adminAuthorized){ - log.debug(`${resolver} isAuthorized: role: "${ - (user && user._id && this.context.User.role(user)) ? this.context.User.role(user) : '' - }" "${mode}" doc: "${ - (doc && doc._id) ? doc._id.toString() : '' - }" user: "${ - (user && user._id) ? user._id.toString() : '' - }" ===> "${adminAuthorized}"`); - - return adminAuthorized; - } - - // generated by @authorize(author: ...) - const authorAuthorized = this.hasUserRole({role: 'author', doc, user, mode, printLog: true, resolver}) && - this.isRoleAuthorizedForMode({role: 'author', mode, resolver}); - - // logging for debugging... - if (authorAuthorized){ - log.debug(`${resolver} isAuthorized: role: "author" "${mode}" doc: "${ - (doc && doc._id) ? doc._id.toString() : '' - }" author: "${ - (doc && doc.authorId) ? doc.authorId : '' - }" user: "${ - (user && user._id) ? user._id.toString() : '' - }" ===> "${authorAuthorized}"`); - - return authorAuthorized; - } - - // generated by @authorize(coauthors: ...) - const coauthorsAuthorized = this.hasUserRole({role: 'coauthors', doc, user, mode, printLog: true, resolver}) && - this.isRoleAuthorizedForMode({role: 'coauthors', mode, resolver}); - - // logging for debugging... - if (coauthorsAuthorized){ - log.debug(`${resolver} isAuthorized: role: "coauthors" "${mode}" doc: "${ - (doc && doc._id) ? doc._id.toString() : '' - }" coauthors: "${ - (doc && doc.coauthorsIds && doc.coauthorsIds.length > 0) ? doc.coauthorsIds.toString() : '' - }" user: "${ - (user && user._id) ? user._id.toString() : '' - }" ===> "${coauthorsAuthorized}"`); - - return coauthorsAuthorized; - } - - // generated by @authorize(world: ...) - const worldAuthorized = this.hasUserRole({role: 'world', doc, user, mode, printLog: true, resolver}) && - this.isRoleAuthorizedForMode({role: 'world', mode, resolver}); - - // logging for debugging... - if (worldAuthorized){ - log.debug(`${resolver} isAuthorized: role: "world" "${mode}" doc: "${ - (doc && doc._id) ? doc._id.toString() : '' - }" user: "${ - (user && user._id) ? user._id.toString() : '' - }" ===> "${worldAuthorized}"`); - - return worldAuthorized; - } - - // logging for debugging... - log.debug(`${resolver} isAuthorized: role: "${ - (user && user._id && this.context.User.role(user)) ? this.context.User.role(user) : '' - }" "${mode}" doc: "${ - (doc && doc._id) ? doc._id.toString() : '' - }" author: "${ - (doc && doc.authorId) ? doc.authorId : '' - }" coauthors: "${ - (doc && doc.coauthorsIds && doc.coauthorsIds.length > 0) ? doc.coauthorsIds.toString() : '' - }" user: "${ - (user && user._id) ? user._id.toString() : '' - }" ===> "false"`); - - return false; - } - - // returns document without role field - // generated by... - // role: String! @authRole("admin") @authorize(this: ["read"], admin: ["read", "update"]) - // ------- ------------------ - authorizedFields({doc, mode, user, resolver}){ - // array contains all fields, whose authorization is to be checked - // role: String! @authorize() - // ---- ------------ - const fields = []; - - // check authorization on field level now - fields.forEach(field => { - // default is: field is not authorized - let authorizedField = false; - - // ... Checking fields here... - - // otherwise remove field from doc, - // because the user and mode is not authorize to access this field - if ( !authorizedField && doc[field] ){ - log.debug(`${resolver} authorizedFields: "${field}" not authorized for user/role and mode: "${mode}", removed from document`); - delete doc[field]; - } - }); - - return doc; - } - - // returns only authorized documents and fields - // generated by ... - // @authorize() - authorized({doc, mode, user, resolver}){ - // if it is an array of documents, .... - if (_.isArray(doc)){ - // then filter for the authorized documents - let authorizedDocs = _.filter(doc, d => this.isAuthorized({doc: d, mode, user, resolver}) ); - // provide only authorized fields - authorizedDocs.forEach(d => { - d = this.authorizedFields({doc: d, mode, user, resolver}); - }); - return authorizedDocs; - - // if it is a single document, check the authorization for it - } else if ( _.isObject(doc) && this.isAuthorized({doc, mode, user, resolver}) ) { - // return only authorized fields - const authorizedDoc = this.authorizedFields({doc, mode, user, resolver}); - return authorizedDoc; - } - - // or return null, if no authorized document was found - log.debug(`${resolver} authorized: no authorized doc found`); - return null; - } - - async getById(id, _user, resolver){ - const doc = await this.findOneById(id); - return this.authorized({doc, mode: READONE, user: _user, resolver}); - } - - findOneById(id) { - return this.loader.load(id); - } - - async getAll({ lastCreatedAt, limit }, _user, resolver){ - const doc = await this.all({ lastCreatedAt, limit }, _user); - return this.authorized({doc, mode: READMANY, user: _user, resolver}); - } - - all({ lastCreatedAt = 0, limit = 10 }, _user) { - return this.collection.find({ - createdAt: { $gt: lastCreatedAt }, - }).sort({ createdAt: 1 }).limit(limit).toArray(); - } - - author(tweet, _user) { - return this.context.User.getById(tweet.authorId, _user, 'author'); - } - - createdBy(tweet, _user) { - return this.context.User.getById(tweet.createdById, _user, 'createdBy'); - } - - updatedBy(tweet, _user) { - return this.context.User.getById(tweet.updatedById, _user, 'udpatedBy'); - } - - async coauthors(tweet, { lastCreatedAt = 0, limit = 10 }, _user) { - const doc = await this.context.User.collection.find({ - _id: { $in: tweet.coauthorsIds }, - createdAt: { $gt: lastCreatedAt }, - }).sort({ createdAt: 1 }).limit(limit).toArray(); - return this.context.User.authorized({doc, mode: READMANY, user: _user, resolver: 'coauthors'}); - } - - async likers(tweet, { lastCreatedAt = 0, limit = 10 }, _user) { - const doc = await this.context.User.collection.find({ - likedIds: tweet._id, - createdAt: { $gt: lastCreatedAt }, - }).sort({ createdAt: 1 }).limit(limit).toArray(); - return this.context.User.authorized({doc, mode: READMANY, user: _user, resolver: 'likers'}); - } - - async insert(doc, _user) { - // let coauthorsIds = doc.coauthorsIds || []; - // const enhancedDoc = Object.assign({ - // authorId: user._id, - // coauthorsIds: coauthorsIds, - // }); - let docToInsert = Object.assign({}, doc, { - createdAt: Date.now(), - updatedAt: Date.now(), - createdById: (_user && _user._id) ? _user._id : 'unknown', - updatedById: (_user && _user._id) ? _user._id : 'unknown', - }); - docToInsert = this.authorizedFields({doc: docToInsert, mode: CREATE, user: _user, resolver: 'insert'}); - const authorized = this.isAuthorized({doc: docToInsert, mode: CREATE, user: _user, resolver: 'insert'}); - if (!authorized) throw new Error('Tweet: mode: create not authorized'); - - const id = (await this.collection.insertOne(docToInsert)).insertedId; - this.pubsub.publish('tweetInserted', await this.findOneById(id)); - return id; - } - - async updateById(id, doc, _user) { - const foundDoc = await this.findOneById(id); - const authorized = this.isAuthorized({doc: foundDoc, mode: UPDATE, user: _user, resolver: 'updateById'}); - if (!authorized) throw new Error('Tweet: mode: update not authorized'); - - const updatedDoc = this.authorizedFields({doc, mode: UPDATE, user: _user, resolver: 'updateById'}); - const ret = await this.collection.update({ _id: id }, { - $set: Object.assign({}, updatedDoc, { - updatedAt: Date.now(), - updatedById: (_user && _user._id) ? _user._id : 'unknown', - }), - }); - this.loader.clear(id); - this.pubsub.publish('tweetUpdated', await this.findOneById(id)); - return ret; - } - - async removeById(id, _user) { - const doc = await this.findOneById(id); - const authorized = this.isAuthorized({doc, mode: DELETE, user: _user, resolver: 'removeById'}); - if (!authorized) throw new Error('Tweet: mode: delete not authorized'); - - const ret = this.collection.remove({ _id: id }); - this.loader.clear(id); - this.pubsub.publish('tweetRemoved', id); - return ret; - } -} diff --git a/test/output-app/model/Tweet.js b/test/output-app/model/Tweet.js index ece266a..c2abcc2 100644 --- a/test/output-app/model/Tweet.js +++ b/test/output-app/model/Tweet.js @@ -1,8 +1,6 @@ -import _ from 'lodash'; -import { ObjectID } from 'mongodb'; import log from '../server/logger'; import DataLoader from 'dataloader'; -import { auth, findByIds, queryForRoles, userAuthorizedForDoc } from '../authorizations'; +import { auth, findByIds, queryForRoles } from '../authorizations'; export default class Tweet { constructor(context) { @@ -11,33 +9,21 @@ export default class Tweet { this.pubsub = context.pubsub; this.loader = new DataLoader((ids, authQuery = {}) => findByIds(this.collection, ids, authQuery)); this.type = 'Tweet'; - this.userRoles = auth[this.type].userRoles; - this.docRoles = auth[this.type].docRoles; - } - - getOneById(id, _user = {}, resolver = '') { - const authQuery = queryForRoles(_user, this.userRoles.readOne, this.docRoles.readOne, { User: this.context.User }); - log.debug(`${resolver} getOneById readOne with user ${(_user && _user.username) ? _user.username : ''} for ${this.type} and ${id}`); - if (typeof authQuery === "object" && Object.keys(authQuery).length > 0 ) log.debug('authQuery:', JSON.stringify(authQuery, null, 2)); - if (authQuery === false) { - throw new Error(`Not authorized to readOne ${this.type} ${id}.`); - } - return this.loader.load(id, authQuery); } findOneById(id) { return this.loader.load(id); } + getOneById(id, _user = {}, resolver = '') { + const authQuery = queryForRoles(_user, auth, this.type, 'readOne', { User: this.context.User }, {_id: id}, resolver); + return this.loader.load(id, authQuery); + } + all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = '') { const baseQuery = { createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, this.userRoles.readMany, this.docRoles.readMany, { User: this.context.User }); + const authQuery = queryForRoles(_user, auth, this.type, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); const finalQuery = {...baseQuery, ...authQuery}; - log.debug(`${resolver} all readMany with user ${(_user && _user.username) ? _user.username : ''} for ${this.type}`); - if (typeof authQuery === "object" && Object.keys(authQuery).length > 0 ) log.debug('authQuery:', JSON.stringify(authQuery, null, 2)); - if (authQuery === false) { - throw new Error(`Not authorized to readMany ${this.type}.`); - } return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } @@ -55,25 +41,15 @@ export default class Tweet { coauthors(tweet, { lastCreatedAt = 0, limit = 10 }, _user) { const baseQuery = {_id: { $in: tweet.coauthorsIds }, createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, this.userRoles.readMany, this.docRoles.readMany, { User: this.context.User }); + const authQuery = queryForRoles(_user, auth, this.type, 'readMany', { User: this.context.User }, {_id: 'all'}, 'coauthors'); const finalQuery = {...baseQuery, ...authQuery}; - log.debug(`coauthors readMany with user ${(_user && _user.username) ? _user.username : ''} for ${this.type}`); - if (typeof authQuery === "object" && Object.keys(authQuery).length > 0 ) log.debug('authQuery:', JSON.stringify(authQuery, null, 2)); - if (authQuery === false) { - throw new Error(`coauthors Not authorized to readMany ${this.type} ${id}.`); - } return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } likers(tweet, { lastCreatedAt = 0, limit = 10 }, _user) { const baseQuery = {likedIds: tweet._id, createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, this.userRoles.readMany, this.docRoles.readMany, { User: this.context.User }); + const authQuery = queryForRoles(_user, auth, this.type, 'readMany', { User: this.context.User }, {_id: 'all'}, 'likers'); const finalQuery = {...baseQuery, ...authQuery}; - log.debug(`likers readMany with user ${(_user && _user.username) ? _user.username : ''} for ${this.type}`); - if (typeof authQuery === "object" && Object.keys(authQuery).length > 0 ) log.debug('authQuery:', JSON.stringify(authQuery, null, 2)); - if (authQuery === false) { - throw new Error(`coauthors Not authorized to readMany ${this.type} ${id}.`); - } return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } @@ -85,11 +61,7 @@ export default class Tweet { updatedById: (_user && _user._id) ? _user._id : 'unknown', }); - const authQuery = queryForRoles(_user, this.userRoles.create, this.docRoles.create, { User: this.context.User }); - if (authQuery === false || (typeof authQuery === "object" && Object.keys(authQuery).length > 0 && !userAuthorizedForDoc(_user, this.userRoles.create, this.docRoles.create, { User: this.context.User }, docToInsert)) ) { - throw new Error(`Not authorized to insert ${this.type} ${id}.`); - } - + const authQuery = queryForRoles(_user, auth, this.type, 'create', { User: this.context.User }, {_id: '', ...docToInsert}, 'insert'); const id = (await this.collection.insertOne(docToInsert)).insertedId; if (id){ @@ -104,17 +76,15 @@ export default class Tweet { } async updateById(id, doc, _user) { + // must get the record first, to capture all authorization relevant fields + const docBefore = await this.getOneById(id, _user, 'getOneById in updateById for docBefore'); let docToUpdate = {$set: Object.assign({}, doc, { updatedAt: Date.now(), updatedById: (_user && _user._id) ? _user._id : 'unknown', })}; const baseQuery = {_id: id}; - const authQuery = queryForRoles(_user, this.userRoles.update, this.docRoles.update, { User: this.context.User }); - if (authQuery === false || (typeof authQuery === "object" && Object.keys(authQuery).length > 0 && !userAuthorizedForDoc(_user, this.userRoles.update, this.docRoles.update, { User: this.context.User }, docToUpdate)) ) { - throw new Error(`Not authorized to update ${this.type} ${id}.`); - } - + const authQuery = queryForRoles(_user, auth, this.type, 'update', { User: this.context.User }, {...docBefore, ...docToUpdate}, 'updateById'); const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.updateOne(finalQuery, docToUpdate); @@ -132,12 +102,10 @@ export default class Tweet { } async removeById(id, _user) { + // must get the record first, to capture all authorization relevant fields + const docBefore = await this.getOneById(id, _user, 'getOneById in removeById for docBefore'); const baseQuery = {_id: id}; - const authQuery = queryForRoles(_user, this.userRoles.delete, this.docRoles.delete, { User: this.context.User }); - if (authQuery === false || (typeof authQuery === "object" && Object.keys(authQuery).length > 0 && !userAuthorizedForDoc(_user, this.userRoles.delete, this.docRoles.delete, { User: this.context.User }, {_id: id} )) ) { - throw new Error(`Not authorized to remove ${this.type} ${id}.`); - } - + const authQuery = queryForRoles(_user, auth, this.type, 'delete', { User: this.context.User }, {...docBefore}, 'removeById'); const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.remove(finalQuery); diff --git a/test/output-app/model/User-complicated.js b/test/output-app/model/User-complicated.js deleted file mode 100644 index 9bb463d..0000000 --- a/test/output-app/model/User-complicated.js +++ /dev/null @@ -1,328 +0,0 @@ -import _ from 'lodash'; -import log from '../server/logger'; -import DataLoader from 'dataloader'; -import findByIds from 'mongo-find-by-ids'; -import { CREATE, READ, READONE, READMANY, UPDATE, DELETE, DEBUG } from './constants'; - -export default class User { - constructor(context) { - /* this is generated from ... - @authorize( - admin: ["create", "read", "update", "delete"] - this: ["readOne", "update", "delete"] - ) - */ - this.authorizations = { - admin: { - create: true, - read: true, - readOne: true, - readMany: true, - update: true, - delete: true, - }, - this: { - readOne: true, - update: true, - delete: true, - }, - }; - this.context = context; - this.collection = context.db.collection('user'); - this.pubsub = context.pubsub; - this.loader = new DataLoader(ids => findByIds(this.collection, ids)); - } - - // returns the role of the current user - // generated by... - // role: String! @authRole("admin") @authorize(this: ["read"], admin: ["read", "update"]) - // ------- ------------------ - // whereas the field is not of type User, it is of type String - role(user){ - return (user && user.role) ? user.role : null; - } - - // returns true, if the user's role is of expected kind - // this is generated whenever @authorize appears in the type definition - hasUserRole({role, doc, user, mode, printLog = true, resolver}){ - let hasRole = false; - switch (role) { - // returns true, if signed in user has a role "admin" - // this is generated by... - // @authorize(admin: ["create", "read", "update", "delete"]) - // ----- - // and if there is no @authRole("admin") user on any of the fields - // then it assumes a role definition - // and it checks against the role of the signed in user - case 'admin': - hasRole = ( - // valid signed in user id available - !!user && !!user._id && user._id.toString() !== '' && - // the current user has the correct role - this.context.User.role(user) === 'admin' - ); - break; - // returns true, if the signed in user is equal to the document id - // this is generated by... - // @authorize(this:) - // ----- - case 'this': - hasRole = ( - // valid signed in user id available - !!user && !!user._id && user._id.toString() !== '' && - // valid document user id available - !!doc && !!doc._id && doc._id.toString() !== '' && - // document user id equals signed in user - doc._id.toString() === user._id.toString() - ); - break; - } - if (printLog){ - log.debug(''); - log.debug(`${resolver} hasRole: "${role}" "${(user && user.username) ? user.username : ''} ${(user && user.role) ? user.role : ''} ${(user && user._id) ? user._id : ''}" ==> "${hasRole}"`); - } - return hasRole; - } - - // returns true, if the user role is authorized for the current mode - // this is generated whenever @authorize appears in the type definition - isRoleAuthorizedForMode({role, mode, resolver}){ - log.debug(`${resolver} isRoleAuthorizedForMode: "${role}" "${mode}" ==> "${this.authorizations[role][mode] ? true : false}"`); - return this.authorizations[role][mode] ? true : false; - } - - // returns true, if the current user is authorized for the current mode and document - // this is generated, whenever @authorize appears... - isAuthorized({doc, mode, user, resolver}){ - - // generated by @authorize(admin: ...) - const adminAuthorized = this.hasUserRole({role: 'admin', doc, user, mode, printLog: true, resolver}) && - this.isRoleAuthorizedForMode({role: 'admin', mode, resolver}); - - // logging for debugging... - if (adminAuthorized){ - log.debug(`${resolver} isAuthorized: role: "${ - (user && user._id && this.context.User.role(user)) ? this.context.User.role(user) : '' - }" "${mode}" doc: "${ - (doc && doc._id) ? doc._id.toString() : '' - }" user: "${ - (user && user._id) ? user._id.toString() : '' - }" ===> "${adminAuthorized}"`); - - return adminAuthorized; - } - - // generated by @authorize(this: ...) - const thisAuthorized = this.hasUserRole({role: 'this', doc, user, mode, printLog: true, resolver}) && - this.isRoleAuthorizedForMode({role: 'this', mode, resolver}); - - // logging for debugging... - if (thisAuthorized) { - log.debug(`${resolver} isAuthorized: doc: "${ - (doc && doc._id) ? doc._id.toString() : '' - }" "${mode}" user: "${ - (user && user._id) ? user._id.toString() : '' - }" ===> "${thisAuthorized}"`); - - return thisAuthorized; - } - - // logging for debugging... - log.debug(`${resolver} isAuthorized: role: "${ - (user && user._id && this.context.User.role(user)) ? this.context.User.role(user) : '' - }" "${mode}" doc: "${ - (doc && doc._id) ? doc._id.toString() : '' - }" user: "${ - (user && user._id) ? user._id.toString() : '' - }" ===> "false"`); - - return false; - } - - // returns document without role field - // generated by... - // role: String! @authRole("admin") @authorize(this: ["read"], admin: ["read", "update"]) - // ------- ------------------ - authorizedFields({doc, mode, user, resolver}){ - // array contains all fields, whose authorization is to be checked - // role: String! @authorize() - // ---- ------------ - const fields = ['role']; - - // check authorization on field level now - fields.forEach(field => { - // default is: field is not authorized - let authorizedField = false; - - // role: String! @authorize() - // ---- ------------ - if (field === 'role'){ - log.debug(''); - // role: String! @authorize(this: ["read"]) - // ----- ----- ---- - if ( this.hasUserRole({role: 'this', doc, user, mode, printLog: false, resolver}) && - (mode === READ || mode === READONE || mode === READMANY) ){ - log.debug(`${resolver} authorizedFields: "${field}" is authorized for role: "this" and mode: "${mode}"`); - authorizedField = true; - } - - // role: @authorize(admin: ["create", "read", "update"]) - // ---- ----- ------ ---- ------ - if ( this.hasUserRole({role: 'admin', doc, user, mode, printLog: false, resolver}) && - (mode === CREATE || mode === READ || mode === READONE || mode === READMANY || mode === UPDATE) ){ - log.debug(`${resolver} authorizedFields: "${field}" is authorized for role: "admin" and mode: "${mode}"`); - authorizedField = true; - } - } - - // ... Checking fields here... - - // otherwise remove field from doc, - // because the user and mode is not authorize to access this field - if ( !authorizedField && doc[field] ){ - log.debug(`${resolver} authorizedFields: "${field}" not authorized for user/role and mode: "${mode}", removed from document`); - delete doc[field]; - } - }); - - return doc; - } - - // returns only authorized documents and fields - // generated by ... - // @authorize() - authorized({doc, mode, user, resolver}){ - // if it is an array of documents, .... - if (_.isArray(doc)){ - // then filter for the authorized documents - let authorizedDocs = _.filter(doc, d => this.isAuthorized({doc: d, mode, user, resolver}) ); - // provide only authorized fields - authorizedDocs.forEach(d => { - d = this.authorizedFields({doc: d, mode, user, resolver}); - }); - return authorizedDocs; - - // if it is a single document, check the authorization for it - } else if ( _.isObject(doc) && this.isAuthorized({doc, mode, user, resolver}) ) { - // return only authorized fields - const authorizedDoc = this.authorizedFields({doc, mode, user, resolver}); - return authorizedDoc; - } - - // or return null, if no authorized document was found - log.debug(`${resolver} authorized: no authorized doc found`); - return null; - } - - async getById(id, _user, resolver){ - const doc = await this.findOneById(id); - return this.authorized({doc, mode: READONE, user: _user, resolver}); - } - - findOneById(id) { - return this.loader.load(id); - } - - async getAll({ lastCreatedAt, limit }, _user, resolver){ - const doc = await this.all({ lastCreatedAt, limit }, _user); - return this.authorized({doc, mode: READMANY, user: _user, resolver}); - } - - all({ lastCreatedAt = 0, limit = 10 }, _user) { - return this.collection.find({ - createdAt: { $gt: lastCreatedAt }, - }).sort({ createdAt: 1 }).limit(limit).toArray(); - } - - async tweets(user, { minLikes, lastCreatedAt = 0, limit = 10 }, _user) { - const doc = await this.context.Tweet.collection.find({ - authorId: user._id, - createdAt: { $gt: lastCreatedAt }, - }).sort({ createdAt: 1 }).limit(limit).toArray(); - const authorizedDoc = this.context.Tweet.authorized({doc, mode: READMANY, user: _user, resolver: 'tweets'}); - return authorizedDoc; - } - - async liked(user, { lastCreatedAt = 0, limit = 10 }, _user) { - const doc = await this.context.Tweet.collection.find({ - _id: { $in: user.likedIds || [] }, - createdAt: { $gt: lastCreatedAt }, - }).sort({ createdAt: 1 }).limit(limit).toArray(); - const authorizedDoc = this.context.Tweet.authorized({doc, mode: READMANY, user: _user, resolver: 'liked'}); - return authorizedDoc; - } - - async following(user, { lastCreatedAt = 0, limit = 10 }, _user) { - const doc = await this.context.User.collection.find({ - _id: { $in: user.followingIds || [] }, - createdAt: { $gt: lastCreatedAt }, - }).sort({ createdAt: 1 }).limit(limit).toArray(); - const authorizedDoc = this.authorized({doc, mode: READMANY, user: _user, resolver: 'following'}); - return authorizedDoc; - } - - async followers(user, { lastCreatedAt = 0, limit = 10 }, _user) { - const doc = await this.context.User.collection.find({ - followingIds: user._id, - createdAt: { $gt: lastCreatedAt }, - }).sort({ createdAt: 1 }).limit(limit).toArray(); - const authorizedDoc = this.authorized({doc, mode: READMANY, user: _user, resolver: 'followers'}); - return authorizedDoc; - } - - async createdBy(user, _user) { - const doc = await this.context.User.getById(user.createdById, _user, 'createdBy'); - const authorizedDoc = this.authorized({doc, mode: READONE, user: _user, resolver: 'createdBy'}); - return authorizedDoc; - } - - async updatedBy(user, _user) { - const doc = await this.context.User.getById(user.updatedById, _user, 'updatedBy'); - const authorizedDoc = this.authorized({doc, mode: READONE, user: _user, resolver: 'updatedBy'}); - return authorizedDoc; - } - - async insert(doc, _user) { - let docToInsert = Object.assign({}, doc, { - createdAt: Date.now(), - updatedAt: Date.now(), - createdById: (_user && _user._id) ? _user._id : 'unknown', - updatedById: (_user && _user._id) ? _user._id : 'unknown', - }); - docToInsert = this.authorizedFields({doc: docToInsert, mode: CREATE, user: _user, resolver: 'insert'}); - const authorized = this.isAuthorized({doc: docToInsert, mode: CREATE, user: _user, resolver: 'insert'}); - if (!authorized) throw new Error('User: mode: create not authorized'); - - const id = (await this.collection.insertOne(docToInsert)).insertedId; - this.pubsub.publish('userInserted', await this.findOneById(id)); - return id; - } - - async updateById(id, doc, _user) { - const foundDoc = await this.findOneById(id); - const authorized = this.isAuthorized({doc: foundDoc, mode: UPDATE, user: _user, resolver: 'updateById'}); - if (!authorized) throw new Error('User: mode: update not authorized'); - - const updatedDoc = this.authorizedFields({doc, mode: UPDATE, user: _user, resolver: 'updateById'}); - const ret = await this.collection.update({ _id: id }, { - $set: Object.assign({}, updatedDoc, { - updatedAt: Date.now(), - updatedById: (_user && _user._id) ? _user._id : 'unknown', - }), - }); - this.loader.clear(id); - this.pubsub.publish('userUpdated', await this.findOneById(id)); - return ret; - } - - async removeById(id, _user) { - const doc = await this.findOneById(id); - const authorized = this.isAuthorized({doc, mode: DELETE, user: _user, resolver: 'removeById'}); - if (!authorized) throw new Error('User: mode: delete not authorized'); - - const ret = this.collection.remove({ _id: id }); - this.loader.clear(id); - this.pubsub.publish('userRemoved', id); - return ret; - } -} diff --git a/test/output-app/model/User.js b/test/output-app/model/User.js index 10b97f7..04b4fb9 100644 --- a/test/output-app/model/User.js +++ b/test/output-app/model/User.js @@ -1,8 +1,6 @@ -import _ from 'lodash'; -import { ObjectID } from 'mongodb'; import log from '../server/logger'; import DataLoader from 'dataloader'; -import { auth, findByIds, queryForRoles, userAuthorizedForDoc } from '../authorizations'; +import { auth, findByIds, queryForRoles } from '../authorizations'; export default class User { constructor(context) { @@ -11,71 +9,66 @@ export default class User { this.pubsub = context.pubsub; this.loader = new DataLoader((ids, authQuery = {}) => findByIds(this.collection, ids, authQuery)); this.type = 'User'; - this.userRoles = auth[this.type].userRoles; - this.docRoles = auth[this.type].docRoles; } - // returns the userRole of the current user - // generated by... - // role: String! @authRole("admin") @authorize(this: ["read"], admin: ["read", "update"]) - // ------- ------------------ - // whereas the field is not of type User, it is of type String authRole(user){ return (user && user.role) ? user.role : ''; } - getOneById(id, _user = {}, resolver = '') { - const authQuery = queryForRoles(_user, this.userRoles.readOne, this.docRoles.readOne, { User: this.context.User }); - log.debug(`${resolver} getOneById readOne with user ${(_user && _user.username) ? _user.username : ''} for ${this.type} and ${id}`); - if (typeof authQuery === "object" && Object.keys(authQuery).length > 0 ) log.debug('authQuery:', JSON.stringify(authQuery, null, 2)); - if (authQuery === false) { - throw new Error(`Not authorized to readOne ${this.type} ${id}.`); - } - return this.loader.load(id, authQuery); - } - findOneById(id) { return this.loader.load(id); } + getOneById(id, _user = {}, resolver = '') { + const authQuery = queryForRoles(_user, auth, this.type, 'readOne', { User: this.context.User }, {_id: id}, resolver); + return this.loader.load(id, authQuery); + } + all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = '') { const baseQuery = { createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, this.userRoles.readMany, this.docRoles.readMany, { User: this.context.User }); + const authQuery = queryForRoles(_user, auth, this.type, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); const finalQuery = {...baseQuery, ...authQuery}; - log.debug(`${resolver} all readMany with user ${(_user && _user.username) ? _user.username : ''} for ${this.type}`); - if (typeof authQuery === "object" && Object.keys(authQuery).length > 0 ) log.debug('authQuery:', JSON.stringify(authQuery, null, 2)); - if (authQuery === false) { - throw new Error(`Not authorized to readMany ${this.type}.`); - } return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } - tweets(user, { minLikes, lastCreatedAt = 0, limit = 10 }, _user) { - return this.context.Tweet.collection.find({ + tweets(user, { minLikes, lastCreatedAt = 0, limit = 10 }, _user, resolver = 'tweets') { + const baseQuery = { authorId: user._id, createdAt: { $gt: lastCreatedAt }, - }).sort({ createdAt: 1 }).limit(limit).toArray(); + }; + const authQuery = queryForRoles(_user, auth, this.type, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); + const finalQuery = {...baseQuery, ...authQuery}; + return this.context.Tweet.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } - liked(user, { lastCreatedAt = 0, limit = 10 }, _user) { - return this.context.Tweet.collection.find({ - _id: { $in: user.likedIds || [] }, + liked(user, { lastCreatedAt = 0, limit = 10 }, _user, resolver = 'liked') { + const baseQuery = { + _id: { $in: user.likedIds }, createdAt: { $gt: lastCreatedAt }, - }).sort({ createdAt: 1 }).limit(limit).toArray(); + }; + const authQuery = queryForRoles(_user, auth, this.type, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); + const finalQuery = {...baseQuery, ...authQuery}; + return this.context.Tweet.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } - following(user, { lastCreatedAt = 0, limit = 10 }, _user) { - return this.context.User.collection.find({ + following(user, { lastCreatedAt = 0, limit = 10 }, _user, resolver = 'following') { + const baseQuery = { _id: { $in: user.followingIds || [] }, createdAt: { $gt: lastCreatedAt }, - }).sort({ createdAt: 1 }).limit(limit).toArray(); + }; + const authQuery = queryForRoles(_user, auth, this.context.User.type, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); + const finalQuery = {...baseQuery, ...authQuery}; + return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } - followers(user, { lastCreatedAt = 0, limit = 10 }, _user) { - return this.context.User.collection.find({ + followers(user, { lastCreatedAt = 0, limit = 10 }, _user, resolver = 'followers') { + const baseQuery = { followingIds: user._id, createdAt: { $gt: lastCreatedAt }, - }).sort({ createdAt: 1 }).limit(limit).toArray(); + }; + const authQuery = queryForRoles(_user, auth, this.context.User.type, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); + const finalQuery = {...baseQuery, ...authQuery}; + return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } createdBy(user, _user) { @@ -94,11 +87,7 @@ export default class User { updatedById: (_user && _user._id) ? _user._id : 'unknown', }); - const authQuery = queryForRoles(_user, this.userRoles.create, this.docRoles.create, { User: this.context.User }); - if (authQuery === false || !userAuthorizedForDoc(_user, this.userRoles.create, this.docRoles.create, { User: this.context.User }, docToInsert) ) { - throw new Error(`Not authorized to insert ${this.type} ${id}.`); - } - + const authQuery = queryForRoles(_user, auth, this.type, 'create', { User: this.context.User }, {_id: '', ...docToInsert}, 'insert'); const id = (await this.collection.insertOne(docToInsert)).insertedId; if (id){ @@ -113,17 +102,15 @@ export default class User { } async updateById(id, doc, _user) { + // must get the record first, to capture all authorization relevant fields + const docBefore = await this.getOneById(id, _user, 'getOneById in updateById for docBefore'); let docToUpdate = {$set: Object.assign({}, doc, { updatedAt: Date.now(), updatedById: (_user && _user._id) ? _user._id : 'unknown', })}; const baseQuery = {_id: id}; - const authQuery = queryForRoles(_user, this.userRoles.update, this.docRoles.update, { User: this.context.User }); - if (authQuery === false || !userAuthorizedForDoc(_user, this.userRoles.update, this.docRoles.update, { User: this.context.User }, docToUpdate) ) { - throw new Error(`Not authorized to update ${this.type} ${id}.`); - } - + const authQuery = queryForRoles(_user, auth, this.type, 'update', { User: this.context.User }, {...docBefore, ...docToUpdate}, 'updateById'); const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.updateOne(finalQuery, docToUpdate); @@ -141,11 +128,10 @@ export default class User { } async removeById(id, _user) { + // must get the record first, to capture all authorization relevant fields + const docBefore = await this.getOneById(id, _user, 'getOneById in removeById for docBefore'); const baseQuery = {_id: id}; - const authQuery = queryForRoles(_user, this.userRoles.delete, this.docRoles.delete, { User: this.context.User }); - if (authQuery === false || !userAuthorizedForDoc(_user, this.userRoles.delete, this.docRoles.delete, { User: this.context.User }, {_id: id} ) ) { - throw new Error(`Not authorized to remove ${this.type} ${id}.`); - } + const authQuery = queryForRoles(_user, auth, this.type, 'delete', { User: this.context.User }, {...docBefore}, 'removeById'); const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.remove(finalQuery); diff --git a/test/output-app/model/index.js b/test/output-app/model/index.js index c93df9e..99f9412 100644 --- a/test/output-app/model/index.js +++ b/test/output-app/model/index.js @@ -1,9 +1,7 @@ -// import Authorize from '../server/authorize'; const models = {}; export default function addModelsToContext(context) { const newContext = Object.assign({}, context); - // newContext['Authorize'] = new Authorize(newContext); Object.keys(models).forEach((key) => { newContext[key] = new models[key](newContext); }); diff --git a/test/output-app/resolvers/Tweet.js b/test/output-app/resolvers/Tweet.js index e3bf212..54cf71c 100644 --- a/test/output-app/resolvers/Tweet.js +++ b/test/output-app/resolvers/Tweet.js @@ -26,46 +26,26 @@ const resolvers = { }, Query: { tweets(root, { lastCreatedAt, limit }, { Tweet, _user }) { - try { - return Tweet.all({ lastCreatedAt, limit }, _user, 'tweets'); - } catch(error){ - console.log('ERROR:', error.message); - } + return Tweet.all({ lastCreatedAt, limit }, _user, 'tweets'); }, tweet(root, { id }, { Tweet, _user }) { - try { - return Tweet.getOneById(id, _user, 'tweet'); - } catch(error){ - console.log('ERROR:', error.message); - } + return Tweet.getOneById(id, _user, 'tweet'); }, }, Mutation: { async createTweet(root, { input }, { Tweet, _user }) { - try { - const id = await Tweet.insert(input, _user); - return Tweet.getOneById(id, _user, 'createTweet'); - } catch(error) { - console.log('ERROR:', error.message); - } + const id = await Tweet.insert(input, _user); + return Tweet.getOneById(id, _user, 'createTweet'); }, async updateTweet(root, { id, input }, { Tweet, _user }) { - try { - await Tweet.updateById(id, input, _user); - return Tweet.getOneById(id, _user, 'updateTweet'); - } catch(error) { - console.log('ERROR:', error.message); - } + await Tweet.updateById(id, input, _user); + return Tweet.getOneById(id, _user, 'updateTweet'); }, async removeTweet(root, { id }, { Tweet, _user }) { - try { - return await Tweet.removeById(id, _user); - } catch(error) { - console.log('ERROR:', error.message); - } + return await Tweet.removeById(id, _user); }, }, Subscription: { diff --git a/test/output-app/resolvers/User.js b/test/output-app/resolvers/User.js index 0aa5cc3..6c01969 100644 --- a/test/output-app/resolvers/User.js +++ b/test/output-app/resolvers/User.js @@ -39,29 +39,17 @@ }, Mutation: { async createUser(root, { input }, { User, _user }) { - try { - const id = await User.insert(input, _user); - return User.getOneById(id, _user, 'createUser'); - } catch(error) { - console.log('ERROR:', error.message); - } + const id = await User.insert(input, _user); + return User.getOneById(id, _user, 'createUser'); }, async updateUser(root, { id, input }, { User, _user }) { - try { - await User.updateById(id, input, _user); - return User.getOneById(id, _user, 'updateUser'); - } catch(error) { - console.log('ERROR:', error.message); - } + await User.updateById(id, input, _user); + return User.getOneById(id, _user, 'updateUser'); }, async removeUser(root, { id }, { User, _user }) { - try { - return await User.removeById(id, _user); - } catch(error) { - console.log('ERROR:', error.message); - } + return await User.removeById(id, _user); }, }, Subscription: { diff --git a/test/output-app/server/authorize.js b/test/output-app/server/authorize.js deleted file mode 100644 index 69cbf35..0000000 --- a/test/output-app/server/authorize.js +++ /dev/null @@ -1,104 +0,0 @@ - import _ from 'lodash'; - import log from './logger'; - -/** - * @class Authorize - * adding Authorize to the context - **/ -export default class Authorize { - constructor(context){ - this.context = context; - } - - /** - * Returns an array of records, indexed by ids - * @params {object} collection - * @params {array} ids - * @params {object} authQuery - * @return {boolean} loggedIn - **/ - findByIdsWithAuth(collection, ids, authQuery) { - const baseQuery = { _id: { $in: ids } }; - const finalQuery = {...baseQuery, ...authQuery}; - return collection.find(finalQuery) - .toArray() - .then((docs) => { - const idMap = {}; - docs.forEach((d) => { idMap[d._id] = d; }); - return ids.map(id => idMap[id]); - }); - } - - /** - * Returns true, if user is loggedIn - * @params {object} user - * @return {boolean} loggedIn - **/ - loggedIn(user) { - if(user && user._id && user._id.toString() !== '') { - return true; - } - return false; - } - - // for compatibility reasons old document authorizer... - authorized({doc, mode, user, resolver}){ - log.debug(`user "${(user && user.username) ? user.username : ''}" authorized to ${mode} ${resolver} with doc "${(doc && doc._id) ? doc._id : ''}"`); - return doc; - } - - authorizedFields({doc, mode, user, resolver}){ - return doc; - } - - /** - * Returns a query object for the selection - * sets default values in the interface - * @params {object} user, the signed in or unknown user - * @params {array} userRoles, the role of the user, default '' - * @params {array} docRoles, the document owner fields of type: User - * @params {object} context, access to the User model methods - * @return {object} query-selection-object - **/ - //queryForRoles(user, userRoles, docRoles, { User }) { - queryForRoles(user, userRoles = [], docRoles = [], { User }) { - - // Authorized by userRoles - const role = User.authRole(user); - if (userRoles.includes(role)) { - return {}; - } - - // Authorized by docRoles - const query = { $or: [] }; - if (docRoles.length > 0){ - docRoles.forEach(docRole => query.$or.push( { [docRole]: user._id } )); - return query; - } - - // Not Authorized - return false; - } - - userForDoc(_user, docRoles, doc){ - const newDoc = Object.assign({}, doc); - let authorized = false; - docRoles.forEach(docRole => { - // user logged in and - // role field in doc exists and - // includes the current user - // includes works for String and Array - if ( - this.loggedIn(_user) && newDoc[docRole] && - ( - ( _.isArray(newDoc[docRole]) && newDoc[docRole].includes(_user._id.toString()) ) || - ( _.isObject(newDoc[docRole]) && newDoc[docRole].toString().includes(_user._id.toString()) ) - ) - ){ - authorized = true; - } - }) - return authorized; - } - -} From e41e0610812769dcc36973e42495124643f31e26 Mon Sep 17 00:00:00 2001 From: Tobias Klemmer Date: Thu, 15 Jun 2017 21:40:13 +0200 Subject: [PATCH 40/69] with authorization folder --- test/output-app/model/Tweet.js | 36 +++++++++++++++--------------- test/output-app/model/User.js | 24 ++++++++++---------- test/output-app/resolvers/Tweet.js | 12 +++++----- test/output-app/resolvers/User.js | 14 ++++++------ 4 files changed, 43 insertions(+), 43 deletions(-) diff --git a/test/output-app/model/Tweet.js b/test/output-app/model/Tweet.js index c2abcc2..2faaad3 100644 --- a/test/output-app/model/Tweet.js +++ b/test/output-app/model/Tweet.js @@ -15,45 +15,45 @@ export default class Tweet { return this.loader.load(id); } - getOneById(id, _user = {}, resolver = '') { + getOneById(id, _user = {}, resolver = 'getOneById') { const authQuery = queryForRoles(_user, auth, this.type, 'readOne', { User: this.context.User }, {_id: id}, resolver); return this.loader.load(id, authQuery); } - all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = '') { + all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = 'all') { const baseQuery = { createdAt: { $gt: lastCreatedAt } }; const authQuery = queryForRoles(_user, auth, this.type, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); const finalQuery = {...baseQuery, ...authQuery}; return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } - author(tweet, _user) { - return this.context.User.getOneById(tweet.authorId, _user, 'author'); + author(tweet, _user, resolver = 'author') { + return this.context.User.getOneById(tweet.authorId, _user, resolver); } - createdBy(tweet, _user) { - return this.context.User.getOneById(tweet.createdById, _user, 'createdBy'); + createdBy(tweet, _user, resolver = 'createdBy') { + return this.context.User.getOneById(tweet.createdById, _user, resolver); } - updatedBy(tweet, _user) { - return this.context.User.getOneById(tweet.updatedById, _user, 'udpatedBy'); + updatedBy(tweet, _user, resolver = 'updatedBy') { + return this.context.User.getOneById(tweet.updatedById, _user, resolver); } - coauthors(tweet, { lastCreatedAt = 0, limit = 10 }, _user) { + coauthors(tweet, { lastCreatedAt = 0, limit = 10 }, _user, resolver = 'coauthors') { const baseQuery = {_id: { $in: tweet.coauthorsIds }, createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, auth, this.type, 'readMany', { User: this.context.User }, {_id: 'all'}, 'coauthors'); + const authQuery = queryForRoles(_user, auth, this.type, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); const finalQuery = {...baseQuery, ...authQuery}; return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } - likers(tweet, { lastCreatedAt = 0, limit = 10 }, _user) { + likers(tweet, { lastCreatedAt = 0, limit = 10 }, _user, resolver = 'likers') { const baseQuery = {likedIds: tweet._id, createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, auth, this.type, 'readMany', { User: this.context.User }, {_id: 'all'}, 'likers'); + const authQuery = queryForRoles(_user, auth, this.type, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); const finalQuery = {...baseQuery, ...authQuery}; return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } - async insert(doc, _user) { + async insert(doc, _user, resolver = 'insert') { let docToInsert = Object.assign({}, doc, { createdAt: Date.now(), updatedAt: Date.now(), @@ -61,7 +61,7 @@ export default class Tweet { updatedById: (_user && _user._id) ? _user._id : 'unknown', }); - const authQuery = queryForRoles(_user, auth, this.type, 'create', { User: this.context.User }, {_id: '', ...docToInsert}, 'insert'); + const authQuery = queryForRoles(_user, auth, this.type, 'create', { User: this.context.User }, {_id: '', ...docToInsert}, resolver); const id = (await this.collection.insertOne(docToInsert)).insertedId; if (id){ @@ -75,7 +75,7 @@ export default class Tweet { return id; } - async updateById(id, doc, _user) { + async updateById(id, doc, _user, resolver = 'updateById') { // must get the record first, to capture all authorization relevant fields const docBefore = await this.getOneById(id, _user, 'getOneById in updateById for docBefore'); let docToUpdate = {$set: Object.assign({}, doc, { @@ -84,7 +84,7 @@ export default class Tweet { })}; const baseQuery = {_id: id}; - const authQuery = queryForRoles(_user, auth, this.type, 'update', { User: this.context.User }, {...docBefore, ...docToUpdate}, 'updateById'); + const authQuery = queryForRoles(_user, auth, this.type, 'update', { User: this.context.User }, {...docBefore, ...docToUpdate}, resolver); const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.updateOne(finalQuery, docToUpdate); @@ -101,11 +101,11 @@ export default class Tweet { return result; } - async removeById(id, _user) { + async removeById(id, _user, resolver = 'removeById') { // must get the record first, to capture all authorization relevant fields const docBefore = await this.getOneById(id, _user, 'getOneById in removeById for docBefore'); const baseQuery = {_id: id}; - const authQuery = queryForRoles(_user, auth, this.type, 'delete', { User: this.context.User }, {...docBefore}, 'removeById'); + const authQuery = queryForRoles(_user, auth, this.type, 'delete', { User: this.context.User }, {...docBefore}, resolver); const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.remove(finalQuery); diff --git a/test/output-app/model/User.js b/test/output-app/model/User.js index 04b4fb9..f77a83c 100644 --- a/test/output-app/model/User.js +++ b/test/output-app/model/User.js @@ -19,12 +19,12 @@ export default class User { return this.loader.load(id); } - getOneById(id, _user = {}, resolver = '') { + getOneById(id, _user = {}, resolver = 'getOneById') { const authQuery = queryForRoles(_user, auth, this.type, 'readOne', { User: this.context.User }, {_id: id}, resolver); return this.loader.load(id, authQuery); } - all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = '') { + all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = 'all') { const baseQuery = { createdAt: { $gt: lastCreatedAt } }; const authQuery = queryForRoles(_user, auth, this.type, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); const finalQuery = {...baseQuery, ...authQuery}; @@ -71,15 +71,15 @@ export default class User { return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } - createdBy(user, _user) { - return this.context.User.getOneById(user.createdById, _user, 'createdBy'); + createdBy(user, _user, resolver = 'createdBy') { + return this.context.User.getOneById(user.createdById, _user, resolver); } - updatedBy(user, _user) { - return this.context.User.getOneById(user.updatedById, _user, 'updatedBy'); + updatedBy(user, _user, resolver = 'updatedBy') { + return this.context.User.getOneById(user.updatedById, _user, resolver); } - async insert(doc, _user) { + async insert(doc, _user, resolver = 'insert') { let docToInsert = Object.assign({}, doc, { createdAt: Date.now(), updatedAt: Date.now(), @@ -87,7 +87,7 @@ export default class User { updatedById: (_user && _user._id) ? _user._id : 'unknown', }); - const authQuery = queryForRoles(_user, auth, this.type, 'create', { User: this.context.User }, {_id: '', ...docToInsert}, 'insert'); + const authQuery = queryForRoles(_user, auth, this.type, 'create', { User: this.context.User }, {_id: '', ...docToInsert}, resolver); const id = (await this.collection.insertOne(docToInsert)).insertedId; if (id){ @@ -101,7 +101,7 @@ export default class User { return id; } - async updateById(id, doc, _user) { + async updateById(id, doc, _user, resolver = 'updateById') { // must get the record first, to capture all authorization relevant fields const docBefore = await this.getOneById(id, _user, 'getOneById in updateById for docBefore'); let docToUpdate = {$set: Object.assign({}, doc, { @@ -110,7 +110,7 @@ export default class User { })}; const baseQuery = {_id: id}; - const authQuery = queryForRoles(_user, auth, this.type, 'update', { User: this.context.User }, {...docBefore, ...docToUpdate}, 'updateById'); + const authQuery = queryForRoles(_user, auth, this.type, 'update', { User: this.context.User }, {...docBefore, ...docToUpdate}, resolver); const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.updateOne(finalQuery, docToUpdate); @@ -127,11 +127,11 @@ export default class User { return result; } - async removeById(id, _user) { + async removeById(id, _user, resolver = 'removeById') { // must get the record first, to capture all authorization relevant fields const docBefore = await this.getOneById(id, _user, 'getOneById in removeById for docBefore'); const baseQuery = {_id: id}; - const authQuery = queryForRoles(_user, auth, this.type, 'delete', { User: this.context.User }, {...docBefore}, 'removeById'); + const authQuery = queryForRoles(_user, auth, this.type, 'delete', { User: this.context.User }, {...docBefore}, resolver); const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.remove(finalQuery); diff --git a/test/output-app/resolvers/Tweet.js b/test/output-app/resolvers/Tweet.js index 54cf71c..187b61e 100644 --- a/test/output-app/resolvers/Tweet.js +++ b/test/output-app/resolvers/Tweet.js @@ -5,23 +5,23 @@ const resolvers = { }, author(tweet, args, { Tweet, _user }) { - return Tweet.author(tweet, _user); + return Tweet.author(tweet, _user, 'author'); }, createdBy(tweet, args, { Tweet, _user }) { - return Tweet.createdBy(tweet, _user); + return Tweet.createdBy(tweet, _user, 'createdBy'); }, updatedBy(tweet, args, { Tweet, _user }) { - return Tweet.updatedBy(tweet, _user); + return Tweet.updatedBy(tweet, _user, 'updatedBy'); }, coauthors(tweet, { lastCreatedAt, limit }, { Tweet, _user }) { - return Tweet.coauthors(tweet, { lastCreatedAt, limit }, _user); + return Tweet.coauthors(tweet, { lastCreatedAt, limit }, _user, 'coauthors'); }, likers(tweet, { lastCreatedAt, limit }, { Tweet, _user }) { - return Tweet.likers(tweet, { lastCreatedAt, limit }, _user); + return Tweet.likers(tweet, { lastCreatedAt, limit }, _user, 'likers'); }, }, Query: { @@ -45,7 +45,7 @@ const resolvers = { }, async removeTweet(root, { id }, { Tweet, _user }) { - return await Tweet.removeById(id, _user); + return await Tweet.removeById(id, _user, 'removeTweet'); }, }, Subscription: { diff --git a/test/output-app/resolvers/User.js b/test/output-app/resolvers/User.js index 6c01969..fd2c431 100644 --- a/test/output-app/resolvers/User.js +++ b/test/output-app/resolvers/User.js @@ -5,27 +5,27 @@ }, createdBy(user, args, { User, _user }) { - return User.createdBy(user, _user); + return User.createdBy(user, _user, 'createdBy'); }, updatedBy(user, args, { User, _user }) { - return User.updatedBy(user, _user); + return User.updatedBy(user, _user, 'updatedBy'); }, tweets(user, { minLikes, lastCreatedAt, limit }, { User, _user }) { - return User.tweets(user, { minLikes, lastCreatedAt, limit }, _user); + return User.tweets(user, { minLikes, lastCreatedAt, limit }, _user, 'tweets'); }, liked(user, { lastCreatedAt, limit }, { User, _user }) { - return User.liked(user, { lastCreatedAt, limit }, _user); + return User.liked(user, { lastCreatedAt, limit }, _user, 'liked'); }, following(user, { lastCreatedAt, limit }, { User, _user }) { - return User.following(user, { lastCreatedAt, limit }, _user); + return User.following(user, { lastCreatedAt, limit }, _user, 'following'); }, followers(user, { lastCreatedAt, limit }, { User, _user }) { - return User.followers(user, { lastCreatedAt, limit }, _user); + return User.followers(user, { lastCreatedAt, limit }, _user, 'followers'); }, }, Query: { @@ -49,7 +49,7 @@ }, async removeUser(root, { id }, { User, _user }) { - return await User.removeById(id, _user); + return await User.removeById(id, _user, 'removeUser'); }, }, Subscription: { From 757fb43cb33beb752358a06f578ada9e2d07d833 Mon Sep 17 00:00:00 2001 From: Tobias Klemmer Date: Fri, 16 Jun 2017 00:24:53 +0200 Subject: [PATCH 41/69] removed authorization folder --- package.json | 3 +- test/output-app/README.md | 525 ++++++++++++++++++ test/output-app/authorizations/Tweet.js | 18 - test/output-app/authorizations/User.js | 39 -- test/output-app/authorizations/index.js | 8 - test/output-app/model/Tweet.js | 36 +- test/output-app/model/User.js | 61 +- .../helpers.js => server/authorize.js} | 26 +- yarn.lock | 456 +++++++++------ 9 files changed, 897 insertions(+), 275 deletions(-) create mode 100644 test/output-app/README.md delete mode 100644 test/output-app/authorizations/Tweet.js delete mode 100644 test/output-app/authorizations/User.js delete mode 100644 test/output-app/authorizations/index.js rename test/output-app/{authorizations/helpers.js => server/authorize.js} (81%) diff --git a/package.json b/package.json index eea5dbe..1dc3327 100644 --- a/package.json +++ b/package.json @@ -34,7 +34,7 @@ "babel-register": "6.16.3", "chai": "^3.5.0", "chai-diff": "^1.0.1", - "eslint": "3.8.1", + "eslint": "^4.0.0", "eslint-config-airbnb": "12.0.0", "eslint-plugin-babel": "3.3.0", "eslint-plugin-import": "1.16.0", @@ -49,6 +49,7 @@ "cpr": "^2.0.0", "denodeify": "^1.2.1", "escape-string-regexp": "^1.0.5", + "global": "^4.3.2", "graphql": "0.7.2", "lodash.clonedeep": "^4.5.0", "lodash.includes": "^4.3.0", diff --git a/test/output-app/README.md b/test/output-app/README.md new file mode 100644 index 0000000..1421631 --- /dev/null +++ b/test/output-app/README.md @@ -0,0 +1,525 @@ +# create-graphql-server + +This is a generated create-graphql-server app. + +## Implementing Authorizations +Use the @authorize directive in a \.graphql input file, to define which authorizations should be generated by create-graphql-server. You can define user-roles and document-roles to control authorizations. + +* user-roles: e.g. User.role = "admin", all admins are allowed to do create, read, update, delete,... +* document-roles: e.g. Tweet.authorId = User._id, only authors are allowed to create, update, delete a document + +On field level you can control access also by the @authorize directive +e.g. updating the User with set role = "admin", shouldn't be allowed by for all users. So we need a way to restrict the create, read, update, delete operations also on field level if required. + +Use the following syntax for the Tweet.graphql input file:: +```javascript +type Tweet + +@authorize( + admin: ["create", "read", "update", "delete"], + author: ["create", "read", "update", "delete"], + coauthors: ["read", "update"], + world: ["read"] +) + +{ + author: User! @unmodifiable @belongsTo @authRole("author") + coauthors: [User] @belongsTo @authRole("coauthors") + body: String! + + likers: [User!] @hasAndBelongsToMany(as: "liked") +} +``` +This has the following meaning: +* user-roles: "admin", "world" are created (user roles don't have own fields of type User or [User] in the document) + This will check, if the logged in user has a role "admin". Or if there is a special role "world", which just means every known or unknown user, for "world" you don't have to be logged in. + So each "admin" user will be able to create, read, update or delete the Tweet document. + Everyone ("world") will be allowed to read all Tweets. +* document-roles: "author", "coauthors" are created (document roles have fields in the document) + Look for the fields with the directive @authRole("...") + Only the author of a Tweet is allowed to create, read, update, delete its single Tweet. + Only a coauthor of a Tweet is allowed to read and update a Tweet, but he is not allowed to create a Tweet for a different author, and also not to delete a tweet of a different user. + + +and for the User.graphql input file: +```javascript +type User + +@authorize( + admin: ["create", "read", "update", "delete"] + this: ["readOne", "update", "delete"] +) + +{ + role: String! @authRole("admin") @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne", "delete"]) + + username: String! + + bio: String + notify: Boolean + + tweets(minLikes: Int): [Tweet!] @hasMany(as: "author") + liked: [Tweet!] @belongsToMany + + following: [User!] @belongsToMany + followers: [User!] @hasAndBelongsToMany(as: "following") +} +``` +This has the following meaning: +* user-role: "admin", is created (user roles don't have own fields of type User or [User] in the document) + It is a String field with: **role: String! @authRole("admin")** + This will check, if the logged in user has a role "admin". + So each "admin" user will be able to create, read, update or delete any User document. +* document-role: "this", is created (document roles have own fields in the document, but this is a special case for the field _id, which is not shown in the input type, but will be generated in the later schema file.) + Only the user id of "this" meaning _id is allowed to readOne, update, delete its single User document. + +Here we use also the @authorize directive on field level for the field role: +```javascript +... +role: String! @authRole("admin") @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne", "delete"]) +... +``` +This adds additional authorization checks on the field level just for this field "role". +Every time this field "role" appears in any document, it will be checked, if the user is authorized to do the operation on this document containing this field. If the field is not in the document, it skips the field check. + +In this case it checks: +* if the user-role "admin" is the authorized user, then it allows him to create, read, update, delete operations also on the document, if it contains the field "role" +* if the document-role "this" (=owner of the document user._id_ = doc._id_) to do the operations "readOne" and "delete" on the User document, but it doesn't allow him to upgrade/update his own User.role. + +Use create-graphql-server cli to generate the according schema, resolver, model files with the create-graphql-server command line interface. After its generation, you will find the generated files in the sub folders: schema, resolvers, model folders. The generated model files will use the following functions to implement the authorization logic. + +### model.js + +```javascript +import DataLoader from 'dataloader'; +import { queryForRoles, findByIds } from '../server/authorize'; + +export default class { + constructor(context){ + ... + this.loader = new DataLoader((ids, authQuery = {}) => findByIds(this.collection, ids, authQuery)); + ... + } +... +getOneById(id, _user = {}, resolver = 'getOneById') { + const authQuery = queryForRoles(_user, this.auth, 'readOne', { User: this.context.User }, {_id: id}, resolver); + return this.loader.load(id, authQuery); +} + +all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = 'all') { + const baseQuery = { createdAt: { $gt: lastCreatedAt } }; + const authQuery = queryForRoles(_user, this.auth, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); + const finalQuery = {...baseQuery, ...authQuery}; + return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); +} +... +} +``` + +### ./model/Tweet.js +generated model file for the above input type Tweet.graphql: +this.auth is generated by the @authorize directive. You can see, the directive argument "read" is used to express "readOne" and "readMany" at the same time. Instead you can use "readOne" and "readMany" for fine grained control on read operations, to allow access to just one record or many records. +```javascript +import log from '../server/logger'; +import DataLoader from 'dataloader'; +import { findByIds, queryForRoles } from '../server/authorize'; + +export default class Tweet { + constructor(context) { + this.context = context; + this.collection = context.db.collection('tweet'); + this.pubsub = context.pubsub; + this.loader = new DataLoader((ids, authQuery = {}) => findByIds(this.collection, ids, authQuery)); + this.auth = { + type: 'Tweet', + userRoles: { + create: ['admin'], + read: ['admin', 'world'], + readOne: ['admin', 'world'], + readMany: ['admin', 'world'], + update: ['admin'], + delete: ['admin'], + }, + docRoles: { + create: ['authorId'], + read: ['authorId', 'coauthorsIds'], + readOne: ['authorId', 'coauthorsIds'], + readMany: ['authorId', 'coauthorsIds'], + update: ['authorId', 'coauthorsIds'], + delete: ['authorId'], + }, + } + } + + findOneById(id) { + return this.loader.load(id); + } + + getOneById(id, _user = {}, resolver = 'getOneById') { + const authQuery = queryForRoles(_user, this.auth, 'readOne', { User: this.context.User }, {_id: id}, resolver); + return this.loader.load(id, authQuery); + } + + all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = 'all') { + const baseQuery = { createdAt: { $gt: lastCreatedAt } }; + const authQuery = queryForRoles(_user, this.auth, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); + const finalQuery = {...baseQuery, ...authQuery}; + return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + } + ... +} +``` + +### ./model/User.js +generated model file for the above input type User.graphql: +this.auth is generated by the @authorize directive. Here also with field authorizations. +```javascript +import log from '../server/logger'; +import DataLoader from 'dataloader'; +import { findByIds, queryForRoles } from '../server/authorize'; + +export default class User { + constructor(context) { + this.context = context; + this.collection = context.db.collection('user'); + this.pubsub = context.pubsub; + this.loader = new DataLoader((ids, authQuery = {}) => findByIds(this.collection, ids, authQuery)); + this.auth = { + type: 'User', + userRoles: { + create: ['admin'], + read: ['admin'], + readOne: ['admin'], + readMany: ['admin'], + update: ['admin'], + delete: ['admin'], + }, + docRoles: { + create: [], + read: [], + readOne: ['_id'], // == 'this' + readMany: [], + update: ['_id'], + delete: ['_id'], + }, + fields: [ + { + name: 'role', + userRoles: { + create: ['admin'], + read: ['admin'], + readOne: ['admin'], + readMany: ['admin'], + update: ['admin'], + delete: ['admin'], + }, + docRoles: { + create: [], + read: [], + readOne: ['_id'], // == 'this' + readMany: [], + update: [], + delete: ['_id'], + }, + } + ] + } + } + + authRole(user){ + return (user && user.role) ? user.role : ''; + } + + findOneById(id) { + return this.loader.load(id); + } + + getOneById(id, _user = {}, resolver = 'getOneById') { + const authQuery = queryForRoles(_user, this.auth, 'readOne', { User: this.context.User }, {_id: id}, resolver); + return this.loader.load(id, authQuery); + } + + all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = 'all') { + const baseQuery = { createdAt: { $gt: lastCreatedAt } }; + const authQuery = queryForRoles(_user, this.auth, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); + const finalQuery = {...baseQuery, ...authQuery}; + return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + } + ... +} +``` + + +### function findByIds +This is an extended version of [mongo-find-by-ids](https://github.com/tmeasday/mongo-find-by-ids). +The enhancement is only to provide an additional authQuery object, to extend the query to meet additional authorizations. +```javascript +// enhanced version of tmeasday's findByIds plus authQuery handling +export function findByIds(collection, ids = [], authQuery = {}) { + const baseQuery = { _id: { $in: ids } }; + const finalQuery = {...baseQuery, ...authQuery}; + return collection.find(finalQuery) + .toArray() + .then((docs) => { + const idMap = {}; + docs.forEach((d) => { idMap[d._id] = d; }); + return ids.map(id => idMap[id]); + }); +} +``` + +### function queryForRoles +Use function queryForRoles to generate an authQuery object. + +It expects the following arguments: +```javascript +// creates an authQuery object with additional query arguments, +// to implement authorization restrictions for mongodb access +export function queryForRoles(user = {}, auth = {}, mode = '', { User }, doc = {}, resolver = '') { + + // Build query for the case: The logged in user's role is authorized + if (roleAuthorizedForDoc(user, auth, mode, { User }, doc, resolver)) { + return {}; // empty authQuery means, do operation with no access restrictions + } + + // Build query for the case: The user is listed in any document field + const query = { $or: [] }; + if (userAuthorizedForDoc(user, auth, mode, { User }, doc, resolver)){ + const docRoles = auth.docRoles[mode] || []; + docRoles.forEach(docRole => query.$or.push( { [docRole]: user._id } ) ); + log.debug('authQuery:', JSON.stringify(query, null, 2)); + return query; + } + + // Not Authorized + throw new Error(`Authorization: Not authorized to ${mode} ${auth.type} ${doc._id ? doc._id : ''}.`); +} +``` + +It expects the following arguments with the meanings: +* **user:** this is the logged in user object out of the resolver's context +* **auth:** this is the auth object in the model, which was generated by the @authorize directives in the .graphql file +* **mode:** this is the current mode of operation: + * **create:** insert a record to the database + * **read:** read a record or many records from the database + * **readOne:** read only a single record from the database + * **readMany:** read many records from the the database + * **update:** update a record in the database + * **delete:** remove a record from the database +* **doc:** the current document to be checked for authorizations +* **resolver:** this is a string with the resolver's name, optional, only for easier debugging + +### function roleAuthorizedForDoc +This helper function is used by queryForRoles, and decides, if a user gains the authorization by its role. +For example: If a user has a field "role" in his user document and it contains the value "admin". So it checks if a user's role is admin, and allows all operations for admins. +```javascript +// returns true, if the user's role is authorized for a document +export function roleAuthorizedForDoc(user = {}, auth = {}, mode = '', { User }, doc = {}, resolver = ''){ + const userRoles = auth.userRoles[mode] || []; + const role = User.authRole(user); + const fields = auth.fields || []; + + if ( userRoles.includes('world') || role && role !== '' && role !== '' && userRoles.length > 0 && userRoles.includes(role) ) { + let fieldsAuthorized = true; + + // check all fields with @authorize directives, if any of them is not allowed for the role + fields.forEach(field => { + // if this field is in the document, + if (doc[field.name]) { + const fieldUserRoles = field.userRoles[mode] || []; + //check if the user role doesn't allow this field + if ( fieldUserRoles.length === 0 || ! ( fieldUserRoles.includes(role) || fieldUserRoles.includes('world') ) ){ + fieldsAuthorized = false; + } + } + }); + + // only if all fields of the document are allowed for the role + if (fieldsAuthorized){ + log.debug(`${resolver} ${mode} with user ${user.username ? user.username : ''} for ${auth.type} and ${doc._id ? doc._id : ''}`); + return true; + } + + } + + return false; +} +``` + +### function userAuthorizedForDoc +This helper function is used by queryForRoles, and decides, if a user gains the authorization by its userId in the document role fields. For example if a document of type "Tweet" contains a field named "authorId", it checks if the logged in user's id is included in the field "authorId", if so, he gains control over all operations, which are allowed for the document role "author". It can be also more complicated, if you have an array field "coauthorsIds", which includes all userIds of all coauthors, then it checks, if the user is among the the coauthors, if so, it gains control over all coauthors operations. +```javascript +// returns true, if the user is authorized by a document role +export function userAuthorizedForDoc(user = {}, auth = {}, mode = '', { User }, doc = {}, resolver = ''){ + const docRoles = auth.docRoles[mode] || []; + const fields = auth.fields || []; + let userId; + let authorized = false; + + // document role checks work only with logged in user + if (!loggedIn(user)) return false; + userId = user._id.toString(); + + // check if any docRole leads to an authorization + docRoles.forEach(docRole => { + const docRoleField = doc[docRole]; + let fieldsAuthorized = true; + // check if the field for the docRole check is in the document, if not, it cannot be checked + if (docRoleField){ + // check if user is authorized for doc + if (fieldContainsUserId(docRoleField, userId)){ + + // check if user is authorized for the doc's fields + fields.forEach(field => { + const fieldDocRoles = field.docRoles[mode] || []; + // check if restricted field is in the current document, and if the current docRole is not in the docRole of the field + if (mode !== 'update' && doc[field.name] && !fieldDocRoles.includes(docRole)){ + fieldsAuthorized = false; + } + // check if doc contains a $set object, and this contains any of the fields, + // and if the current docRole is not in the docRole of the field + if (mode === 'update' && doc.$set && doc.$set[field.name] && !fieldDocRoles.includes(docRole)){ + fieldsAuthorized = false; + } + }); + + // only if the same role is authorized for the document and all fields, it is allowed + if (fieldsAuthorized){ + log.debug(`${resolver} ${mode} with user ${(user.username) ? user.username : ''} for ${auth.type} and docRole ${docRole} for doc with id: ${doc._id ? doc._id : ''}`); + authorized = true; + return true; + } + + } + } + }); + + return authorized; +} +``` + +### function fieldContainsUserId +This helper function is used by queryForRoles and checks, if the provided field of types: array, object or string contains the userId. +```javascript +// returns true, if a field of type array/object/string contains the userId +export function fieldContainsUserId(docRoleField, userId) { + let userIdFound = false; + + // handle an array of userIds + if (_.isArray(docRoleField)){ + docRoleField.forEach(field => { + if (field.toString() === userId){ + userIdFound = true; + } + }); + } + + // handle a field with one userId, must be an object, if it is an ObjectId('') + if (_.isObject(docRoleField) && docRoleField.toString() === userId){ + userIdFound = true; + } + + // handle a field with just an userId String + if (_.isString(docRoleField) && docRoleField.toString() === userId){ + userIdFound = true; + } + + return userIdFound; +} +``` + +### ./resolver/User.js +In the resolver interfaces, there are different objects: +* the root object "tweet", contains the document fields +* the args object "args", contains arguments from the graphql query/mutation +* the context object "Tweet", contains the access to the database model of the Tweet collection +* the context object "_user", contains the current logged in user -if logged in-, which is provided from the server's passport implementation +* the last argument in the resolver function is the resolver's name, which is optional and only to enhance the logging in debugging mode by additional information. If you have to analyze authorization outcomes, this helps a lot to figure out, which resolvers authorization rule fired. +```javascript +const resolvers = { + Tweet: { + id(tweet) { + return tweet._id; + }, + + author(tweet, args, { Tweet, _user }) { + return Tweet.author(tweet, _user, 'author'); + }, + + createdBy(tweet, args, { Tweet, _user }) { + return Tweet.createdBy(tweet, _user, 'createdBy'); + }, + + updatedBy(tweet, args, { Tweet, _user }) { + return Tweet.updatedBy(tweet, _user, 'updatedBy'); + }, + + coauthors(tweet, { lastCreatedAt, limit }, { Tweet, _user }) { + return Tweet.coauthors(tweet, { lastCreatedAt, limit }, _user, 'coauthors'); + }, + + likers(tweet, { lastCreatedAt, limit }, { Tweet, _user }) { + return Tweet.likers(tweet, { lastCreatedAt, limit }, _user, 'likers'); + }, + }, + Query: { + tweets(root, { lastCreatedAt, limit }, { Tweet, _user }) { + return Tweet.all({ lastCreatedAt, limit }, _user, 'tweets'); + }, + + tweet(root, { id }, { Tweet, _user }) { + return Tweet.getOneById(id, _user, 'tweet'); + }, + }, + Mutation: { + async createTweet(root, { input }, { Tweet, _user }) { + const id = await Tweet.insert(input, _user); + return Tweet.getOneById(id, _user, 'createTweet'); + }, + + async updateTweet(root, { id, input }, { Tweet, _user }) { + await Tweet.updateById(id, input, _user); + return Tweet.getOneById(id, _user, 'updateTweet'); + }, + + async removeTweet(root, { id }, { Tweet, _user }) { + return await Tweet.removeById(id, _user, 'removeTweet'); + }, + }, + Subscription: { + tweetCreated: tweet => tweet, + tweetUpdated: tweet => tweet, + tweetRemoved: id => id, + }, +}; + +export default resolvers; +``` + +### Testing +If you run within the project root at least one time, it generates the database and adds the seed tweet and user documents once during each run. +```bash +yarn end-to-end-test +``` +It executes many pre-defined tests with different user-roles and document-roles. May be you want to add additional tests to enhance the security of the logic. + +If you want to test with the http://localhost:3000/graphiql frontend, best download the following app: +```bash +brew cask install graphiql +``` +...and generate a JWT token for your test user by running: +```bash +babel-node ./test/output-app-end-to-end/scripts/generateJWT.js +``` +This generates JWT tokens for the different test users from the ./test/seeds/User.json. Copy the wanted JWT token of the different users, and start the GraphiQL app with the following entries: + +* GraphQL endpoint: ```http://localhost:3000/graphql``` +* Method: ```POST``` +* Edit HTTP headers: + * Header name: ```authorization``` + * Header value: ```JWT the-copied-token``` + +...and write and execute your queries/mutations in the GraphiQL window. + +If you use different user's JWT tokens, you can simulate the different user roles such as "admin", "editor" and "user" manually. + diff --git a/test/output-app/authorizations/Tweet.js b/test/output-app/authorizations/Tweet.js deleted file mode 100644 index a25a32c..0000000 --- a/test/output-app/authorizations/Tweet.js +++ /dev/null @@ -1,18 +0,0 @@ -export const Tweet = { - userRoles: { - create: ['admin'], - read: ['admin', 'world'], - readOne: ['admin', 'world'], - readMany: ['admin', 'world'], - update: ['admin'], - delete: ['admin'], - }, - docRoles: { - create: ['authorId'], - read: ['authorId', 'coauthorsIds'], - readOne: ['authorId', 'coauthorsIds'], - readMany: ['authorId', 'coauthorsIds'], - update: ['authorId', 'coauthorsIds'], - delete: ['authorId'], - }, -}; diff --git a/test/output-app/authorizations/User.js b/test/output-app/authorizations/User.js deleted file mode 100644 index 3654abf..0000000 --- a/test/output-app/authorizations/User.js +++ /dev/null @@ -1,39 +0,0 @@ -export const User = { - userRoles: { - create: ['admin'], - read: ['admin'], - readOne: ['admin'], - readMany: ['admin'], - update: ['admin'], - delete: ['admin'], - }, - docRoles: { - create: [], - read: [], - readOne: ['_id'], // == 'this' - readMany: [], - update: ['_id'], - delete: ['_id'], - }, - fields: [ - { - name: 'role', - userRoles: { - create: ['admin'], - read: ['admin'], - readOne: ['admin'], - readMany: ['admin'], - update: ['admin'], - delete: ['admin'], - }, - docRoles: { - create: [], - read: [], - readOne: ['_id'], // == 'this' - readMany: [], - update: [], - delete: ['_id'], - }, - } - ] -}; diff --git a/test/output-app/authorizations/index.js b/test/output-app/authorizations/index.js deleted file mode 100644 index b2bba94..0000000 --- a/test/output-app/authorizations/index.js +++ /dev/null @@ -1,8 +0,0 @@ -export * from './helpers'; -export const auth = {}; - -import { User } from './User'; -auth.User = User; - -import { Tweet } from './Tweet'; -auth.Tweet = Tweet; diff --git a/test/output-app/model/Tweet.js b/test/output-app/model/Tweet.js index 2faaad3..4a3b166 100644 --- a/test/output-app/model/Tweet.js +++ b/test/output-app/model/Tweet.js @@ -1,6 +1,6 @@ import log from '../server/logger'; import DataLoader from 'dataloader'; -import { auth, findByIds, queryForRoles } from '../authorizations'; +import { findByIds, queryForRoles } from '../server/authorize'; export default class Tweet { constructor(context) { @@ -8,7 +8,25 @@ export default class Tweet { this.collection = context.db.collection('tweet'); this.pubsub = context.pubsub; this.loader = new DataLoader((ids, authQuery = {}) => findByIds(this.collection, ids, authQuery)); - this.type = 'Tweet'; + this.auth = { + type: 'Tweet', + userRoles: { + create: ['admin'], + read: ['admin', 'world'], + readOne: ['admin', 'world'], + readMany: ['admin', 'world'], + update: ['admin'], + delete: ['admin'], + }, + docRoles: { + create: ['authorId'], + read: ['authorId', 'coauthorsIds'], + readOne: ['authorId', 'coauthorsIds'], + readMany: ['authorId', 'coauthorsIds'], + update: ['authorId', 'coauthorsIds'], + delete: ['authorId'], + }, + } } findOneById(id) { @@ -16,13 +34,13 @@ export default class Tweet { } getOneById(id, _user = {}, resolver = 'getOneById') { - const authQuery = queryForRoles(_user, auth, this.type, 'readOne', { User: this.context.User }, {_id: id}, resolver); + const authQuery = queryForRoles(_user, this.auth, 'readOne', { User: this.context.User }, {_id: id}, resolver); return this.loader.load(id, authQuery); } all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = 'all') { const baseQuery = { createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, auth, this.type, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); + const authQuery = queryForRoles(_user, this.auth, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); const finalQuery = {...baseQuery, ...authQuery}; return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } @@ -41,14 +59,14 @@ export default class Tweet { coauthors(tweet, { lastCreatedAt = 0, limit = 10 }, _user, resolver = 'coauthors') { const baseQuery = {_id: { $in: tweet.coauthorsIds }, createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, auth, this.type, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); + const authQuery = queryForRoles(_user, this.context.User.auth, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); const finalQuery = {...baseQuery, ...authQuery}; return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } likers(tweet, { lastCreatedAt = 0, limit = 10 }, _user, resolver = 'likers') { const baseQuery = {likedIds: tweet._id, createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, auth, this.type, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); + const authQuery = queryForRoles(_user, this.context.User.auth, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); const finalQuery = {...baseQuery, ...authQuery}; return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } @@ -61,7 +79,7 @@ export default class Tweet { updatedById: (_user && _user._id) ? _user._id : 'unknown', }); - const authQuery = queryForRoles(_user, auth, this.type, 'create', { User: this.context.User }, {_id: '', ...docToInsert}, resolver); + const authQuery = queryForRoles(_user, this.auth, 'create', { User: this.context.User }, {_id: '', ...docToInsert}, resolver); const id = (await this.collection.insertOne(docToInsert)).insertedId; if (id){ @@ -84,7 +102,7 @@ export default class Tweet { })}; const baseQuery = {_id: id}; - const authQuery = queryForRoles(_user, auth, this.type, 'update', { User: this.context.User }, {...docBefore, ...docToUpdate}, resolver); + const authQuery = queryForRoles(_user, this.auth, 'update', { User: this.context.User }, {...docBefore, ...docToUpdate}, resolver); const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.updateOne(finalQuery, docToUpdate); @@ -105,7 +123,7 @@ export default class Tweet { // must get the record first, to capture all authorization relevant fields const docBefore = await this.getOneById(id, _user, 'getOneById in removeById for docBefore'); const baseQuery = {_id: id}; - const authQuery = queryForRoles(_user, auth, this.type, 'delete', { User: this.context.User }, {...docBefore}, resolver); + const authQuery = queryForRoles(_user, this.auth, 'delete', { User: this.context.User }, {...docBefore}, resolver); const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.remove(finalQuery); diff --git a/test/output-app/model/User.js b/test/output-app/model/User.js index f77a83c..55a6ccc 100644 --- a/test/output-app/model/User.js +++ b/test/output-app/model/User.js @@ -1,6 +1,6 @@ import log from '../server/logger'; import DataLoader from 'dataloader'; -import { auth, findByIds, queryForRoles } from '../authorizations'; +import { findByIds, queryForRoles } from '../server/authorize'; export default class User { constructor(context) { @@ -8,7 +8,46 @@ export default class User { this.collection = context.db.collection('user'); this.pubsub = context.pubsub; this.loader = new DataLoader((ids, authQuery = {}) => findByIds(this.collection, ids, authQuery)); - this.type = 'User'; + this.auth = { + type: 'User', + userRoles: { + create: ['admin'], + read: ['admin'], + readOne: ['admin'], + readMany: ['admin'], + update: ['admin'], + delete: ['admin'], + }, + docRoles: { + create: [], + read: [], + readOne: ['_id'], // == 'this' + readMany: [], + update: ['_id'], + delete: ['_id'], + }, + fields: [ + { + name: 'role', + userRoles: { + create: ['admin'], + read: ['admin'], + readOne: ['admin'], + readMany: ['admin'], + update: ['admin'], + delete: ['admin'], + }, + docRoles: { + create: [], + read: [], + readOne: ['_id'], // == 'this' + readMany: [], + update: [], + delete: ['_id'], + }, + } + ] + } } authRole(user){ @@ -20,13 +59,13 @@ export default class User { } getOneById(id, _user = {}, resolver = 'getOneById') { - const authQuery = queryForRoles(_user, auth, this.type, 'readOne', { User: this.context.User }, {_id: id}, resolver); + const authQuery = queryForRoles(_user, this.auth, 'readOne', { User: this.context.User }, {_id: id}, resolver); return this.loader.load(id, authQuery); } all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = 'all') { const baseQuery = { createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, auth, this.type, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); + const authQuery = queryForRoles(_user, this.auth, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); const finalQuery = {...baseQuery, ...authQuery}; return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } @@ -36,7 +75,7 @@ export default class User { authorId: user._id, createdAt: { $gt: lastCreatedAt }, }; - const authQuery = queryForRoles(_user, auth, this.type, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); + const authQuery = queryForRoles(_user, this.context.Tweet.auth, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); const finalQuery = {...baseQuery, ...authQuery}; return this.context.Tweet.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } @@ -46,7 +85,7 @@ export default class User { _id: { $in: user.likedIds }, createdAt: { $gt: lastCreatedAt }, }; - const authQuery = queryForRoles(_user, auth, this.type, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); + const authQuery = queryForRoles(_user, this.context.Tweet.auth, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); const finalQuery = {...baseQuery, ...authQuery}; return this.context.Tweet.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } @@ -56,7 +95,7 @@ export default class User { _id: { $in: user.followingIds || [] }, createdAt: { $gt: lastCreatedAt }, }; - const authQuery = queryForRoles(_user, auth, this.context.User.type, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); + const authQuery = queryForRoles(_user, this.auth, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); const finalQuery = {...baseQuery, ...authQuery}; return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } @@ -66,7 +105,7 @@ export default class User { followingIds: user._id, createdAt: { $gt: lastCreatedAt }, }; - const authQuery = queryForRoles(_user, auth, this.context.User.type, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); + const authQuery = queryForRoles(_user, this.auth, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); const finalQuery = {...baseQuery, ...authQuery}; return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } @@ -87,7 +126,7 @@ export default class User { updatedById: (_user && _user._id) ? _user._id : 'unknown', }); - const authQuery = queryForRoles(_user, auth, this.type, 'create', { User: this.context.User }, {_id: '', ...docToInsert}, resolver); + const authQuery = queryForRoles(_user, this.auth, 'create', { User: this.context.User }, {_id: '', ...docToInsert}, resolver); const id = (await this.collection.insertOne(docToInsert)).insertedId; if (id){ @@ -110,7 +149,7 @@ export default class User { })}; const baseQuery = {_id: id}; - const authQuery = queryForRoles(_user, auth, this.type, 'update', { User: this.context.User }, {...docBefore, ...docToUpdate}, resolver); + const authQuery = queryForRoles(_user, this.auth, 'update', { User: this.context.User }, {...docBefore, ...docToUpdate}, resolver); const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.updateOne(finalQuery, docToUpdate); @@ -131,7 +170,7 @@ export default class User { // must get the record first, to capture all authorization relevant fields const docBefore = await this.getOneById(id, _user, 'getOneById in removeById for docBefore'); const baseQuery = {_id: id}; - const authQuery = queryForRoles(_user, auth, this.type, 'delete', { User: this.context.User }, {...docBefore}, resolver); + const authQuery = queryForRoles(_user, this.auth, 'delete', { User: this.context.User }, {...docBefore}, resolver); const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.remove(finalQuery); diff --git a/test/output-app/authorizations/helpers.js b/test/output-app/server/authorize.js similarity index 81% rename from test/output-app/authorizations/helpers.js rename to test/output-app/server/authorize.js index 3b6cc78..a1f5d44 100644 --- a/test/output-app/authorizations/helpers.js +++ b/test/output-app/server/authorize.js @@ -23,31 +23,31 @@ export function loggedIn(user) { } // creates an authQuery object with additional query arguments, to implement authorization restrictions for mongodb access -export function queryForRoles(user = {}, auth = {}, type = '', mode = '', { User }, doc = {}, resolver = '') { +export function queryForRoles(user = {}, auth = {}, mode = '', { User }, doc = {}, resolver = '') { // Build query for the case: The logged in user's role is authorized - if (roleAuthorizedForDoc(user, auth, type, mode, { User }, doc, resolver)) { + if (roleAuthorizedForDoc(user, auth, mode, { User }, doc, resolver)) { return {}; // empty authQuery means, do operation with no access restrictions } // Build query for the case: The user is listed in any document field const query = { $or: [] }; - if (userAuthorizedForDoc(user, auth, type, mode, { User }, doc, resolver)){ - const docRoles = auth[type].docRoles[mode] || []; + if (userAuthorizedForDoc(user, auth, mode, { User }, doc, resolver)){ + const docRoles = auth.docRoles[mode] || []; docRoles.forEach(docRole => query.$or.push( { [docRole]: user._id } ) ); log.debug('authQuery:', JSON.stringify(query, null, 2)); return query; } // Not Authorized - throw new Error(`Authorization: Not authorized to ${mode} ${type} ${doc._id ? doc._id : ''}.`); + throw new Error(`Authorization: Not authorized to ${mode} ${auth.type} ${doc._id ? doc._id : ''}.`); } // returns true, if the user's role is authorized for a document -export function roleAuthorizedForDoc(user = {}, auth = {}, type = '', mode = '', { User }, doc = {}, resolver = ''){ - const userRoles = auth[type].userRoles[mode] || []; +export function roleAuthorizedForDoc(user = {}, auth = {}, mode = '', { User }, doc = {}, resolver = ''){ + const userRoles = auth.userRoles[mode] || []; const role = User.authRole(user); - const fields = auth[type].fields || []; + const fields = auth.fields || []; if ( userRoles.includes('world') || role && role !== '' && role !== '' && userRoles.length > 0 && userRoles.includes(role) ) { let fieldsAuthorized = true; @@ -66,7 +66,7 @@ export function roleAuthorizedForDoc(user = {}, auth = {}, type = '', mode = '', // only if all fields of the document are allowed for the role if (fieldsAuthorized){ - log.debug(`${resolver} ${mode} with user ${user.username ? user.username : ''} for ${type} and ${doc._id ? doc._id : ''}`); + log.debug(`${resolver} ${mode} with user ${user.username ? user.username : ''} for ${auth.type} and ${doc._id ? doc._id : ''}`); return true; } @@ -76,9 +76,9 @@ export function roleAuthorizedForDoc(user = {}, auth = {}, type = '', mode = '', } // returns true, if the user is authorized by a document role -export function userAuthorizedForDoc(user = {}, auth = {}, type = '', mode = '', { User }, doc = {}, resolver = ''){ - const docRoles = auth[type].docRoles[mode] || []; - const fields = auth[type].fields || []; +export function userAuthorizedForDoc(user = {}, auth = {}, mode = '', { User }, doc = {}, resolver = ''){ + const docRoles = auth.docRoles[mode] || []; + const fields = auth.fields || []; let userId; let authorized = false; @@ -111,7 +111,7 @@ export function userAuthorizedForDoc(user = {}, auth = {}, type = '', mode = '', // only if the same role is authorized for the document and all fields, it is allowed if (fieldsAuthorized){ - log.debug(`${resolver} ${mode} with user ${(user.username) ? user.username : ''} for ${type} and docRole ${docRole} for doc with id: ${doc._id ? doc._id : ''}`); + log.debug(`${resolver} ${mode} with user ${(user.username) ? user.username : ''} for ${auth.type} and docRole ${docRole} for doc with id: ${doc._id ? doc._id : ''}`); authorized = true; return true; } diff --git a/yarn.lock b/yarn.lock index e3480bb..830cd5d 100644 --- a/yarn.lock +++ b/yarn.lock @@ -16,9 +16,9 @@ acorn@^3.0.4: version "3.3.0" resolved "https://registry.yarnpkg.com/acorn/-/acorn-3.3.0.tgz#45e37fb39e8da3f25baee3ff5369e2bb5f22017a" -acorn@^4.0.1: - version "4.0.3" - resolved "https://registry.yarnpkg.com/acorn/-/acorn-4.0.3.tgz#1a3e850b428e73ba6b09d1cc527f5aaad4d03ef1" +acorn@^5.0.1: + version "5.0.3" + resolved "https://registry.yarnpkg.com/acorn/-/acorn-5.0.3.tgz#c460df08491463f028ccb82eab3730bf01087b3d" ajv-keywords@^1.0.0: version "1.1.1" @@ -31,9 +31,9 @@ ajv@^4.7.0: co "^4.6.0" json-stable-stringify "^1.0.1" -ansi-escapes@^1.1.0: - version "1.4.0" - resolved "https://registry.yarnpkg.com/ansi-escapes/-/ansi-escapes-1.4.0.tgz#d3a8a83b319aa67793662b13e761c7911422306e" +ansi-escapes@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/ansi-escapes/-/ansi-escapes-2.0.0.tgz#5bae52be424878dd9783e8910e3fc2922e83c81b" ansi-regex@^2.0.0: version "2.0.0" @@ -778,7 +778,7 @@ babel-template@^6.14.0, babel-template@^6.15.0, babel-template@^6.16.0, babel-te babylon "^6.11.0" lodash "^4.2.0" -babel-traverse@^6.16.0, babel-traverse@^6.18.0: +babel-traverse@^6.16.0: version "6.18.0" resolved "https://registry.yarnpkg.com/babel-traverse/-/babel-traverse-6.18.0.tgz#5aeaa980baed2a07c8c47329cd90c3b90c80f05e" dependencies: @@ -792,7 +792,7 @@ babel-traverse@^6.16.0, babel-traverse@^6.18.0: invariant "^2.2.0" lodash "^4.2.0" -babel-traverse@^6.23.1: +babel-traverse@^6.18.0, babel-traverse@^6.23.1: version "6.24.1" resolved "https://registry.yarnpkg.com/babel-traverse/-/babel-traverse-6.24.1.tgz#ab36673fd356f9a0948659e7b338d5feadb31695" dependencies: @@ -806,20 +806,20 @@ babel-traverse@^6.23.1: invariant "^2.2.0" lodash "^4.2.0" -babel-types@^6.13.0, babel-types@^6.16.0, babel-types@^6.18.0, babel-types@^6.8.0, babel-types@^6.9.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-types/-/babel-types-6.18.0.tgz#1f7d5a73474c59eb9151b2417bbff4e4fce7c3f8" +babel-types@^6.13.0, babel-types@^6.18.0, babel-types@^6.23.0, babel-types@^6.24.1, babel-types@^6.8.0, babel-types@^6.9.0: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-types/-/babel-types-6.24.1.tgz#a136879dc15b3606bda0d90c1fc74304c2ff0975" dependencies: - babel-runtime "^6.9.1" + babel-runtime "^6.22.0" esutils "^2.0.2" lodash "^4.2.0" to-fast-properties "^1.0.1" -babel-types@^6.23.0, babel-types@^6.24.1: - version "6.24.1" - resolved "https://registry.yarnpkg.com/babel-types/-/babel-types-6.24.1.tgz#a136879dc15b3606bda0d90c1fc74304c2ff0975" +babel-types@^6.16.0: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-types/-/babel-types-6.18.0.tgz#1f7d5a73474c59eb9151b2417bbff4e4fce7c3f8" dependencies: - babel-runtime "^6.22.0" + babel-runtime "^6.9.1" esutils "^2.0.2" lodash "^4.2.0" to-fast-properties "^1.0.1" @@ -836,6 +836,10 @@ balanced-match@^0.4.1: version "0.4.2" resolved "https://registry.yarnpkg.com/balanced-match/-/balanced-match-0.4.2.tgz#cb3f3e3c732dc0f01ee70b403f302e61d7709838" +balanced-match@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/balanced-match/-/balanced-match-1.0.0.tgz#89b4d199ab2bee49de164ea02b89ce462d71b767" + bcrypt-pbkdf@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.0.tgz#3ca76b85241c7170bf7d9703e7b9aa74630040d4" @@ -880,6 +884,13 @@ brace-expansion@^1.0.0: balanced-match "^0.4.1" concat-map "0.0.1" +brace-expansion@^1.1.7: + version "1.1.8" + resolved "https://registry.yarnpkg.com/brace-expansion/-/brace-expansion-1.1.8.tgz#c07b211c7c952ec1f8efd51a77ef0d1d3990a292" + dependencies: + balanced-match "^1.0.0" + concat-map "0.0.1" + braces@^1.8.2: version "1.8.5" resolved "https://registry.yarnpkg.com/braces/-/braces-1.8.5.tgz#ba77962e12dff969d6b76711e914b737857bf6a7" @@ -982,11 +993,11 @@ circular-json@^0.3.0: version "0.3.1" resolved "https://registry.yarnpkg.com/circular-json/-/circular-json-0.3.1.tgz#be8b36aefccde8b3ca7aa2d6afc07a37242c0d2d" -cli-cursor@^1.0.1: - version "1.0.2" - resolved "https://registry.yarnpkg.com/cli-cursor/-/cli-cursor-1.0.2.tgz#64da3f7d56a54412e59794bd62dc35295e8f2987" +cli-cursor@^2.1.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/cli-cursor/-/cli-cursor-2.1.0.tgz#b35dac376479facc3e94747d41d0d0f5238ffcb5" dependencies: - restore-cursor "^1.0.1" + restore-cursor "^2.0.0" cli-width@^2.0.0: version "2.1.0" @@ -1016,13 +1027,13 @@ concat-map@0.0.1: version "0.0.1" resolved "https://registry.yarnpkg.com/concat-map/-/concat-map-0.0.1.tgz#d8a96bd77fd68df7793a73036a3ba0d5405d477b" -concat-stream@^1.4.6: - version "1.5.2" - resolved "https://registry.yarnpkg.com/concat-stream/-/concat-stream-1.5.2.tgz#708978624d856af41a5a741defdd261da752c266" +concat-stream@^1.6.0: + version "1.6.0" + resolved "https://registry.yarnpkg.com/concat-stream/-/concat-stream-1.6.0.tgz#0aac662fd52be78964d5532f694784e70110acf7" dependencies: - inherits "~2.0.1" - readable-stream "~2.0.0" - typedarray "~0.0.5" + inherits "^2.0.3" + readable-stream "^2.2.2" + typedarray "^0.0.6" console-control-strings@^1.0.0, console-control-strings@~1.1.0: version "1.1.0" @@ -1097,6 +1108,12 @@ debug@^2.1.1, debug@^2.2.0: dependencies: ms "0.7.2" +debug@^2.6.8: + version "2.6.8" + resolved "https://registry.yarnpkg.com/debug/-/debug-2.6.8.tgz#e731531ca2ede27d188222427da17821d68ff4fc" + dependencies: + ms "2.0.0" + decamelize@^1.1.2: version "1.2.0" resolved "https://registry.yarnpkg.com/decamelize/-/decamelize-1.2.0.tgz#f6534d15148269b20352e7bee26f501f9a191290" @@ -1153,20 +1170,24 @@ diff@^2.2.1: version "2.2.3" resolved "https://registry.yarnpkg.com/diff/-/diff-2.2.3.tgz#60eafd0d28ee906e4e8ff0a52c1229521033bf99" -doctrine@1.3.x: +doctrine@1.3.x, doctrine@^1.2.2: version "1.3.0" resolved "https://registry.yarnpkg.com/doctrine/-/doctrine-1.3.0.tgz#13e75682b55518424276f7c173783456ef913d26" dependencies: esutils "^2.0.2" isarray "^1.0.0" -doctrine@^1.2.2: - version "1.5.0" - resolved "https://registry.yarnpkg.com/doctrine/-/doctrine-1.5.0.tgz#379dce730f6166f76cefa4e6707a159b02c5a6fa" +doctrine@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/doctrine/-/doctrine-2.0.0.tgz#c73d8d2909d22291e1a007a395804da8b665fe63" dependencies: esutils "^2.0.2" isarray "^1.0.0" +dom-walk@^0.1.0: + version "0.1.1" + resolved "https://registry.yarnpkg.com/dom-walk/-/dom-walk-0.1.1.tgz#672226dc74c8f799ad35307df936aba11acd6018" + ecc-jsbn@~0.1.1: version "0.1.1" resolved "https://registry.yarnpkg.com/ecc-jsbn/-/ecc-jsbn-0.1.1.tgz#0fc73a9ed5f0d53c38193398523ef7e543777505" @@ -1185,7 +1206,7 @@ error-ex@^1.2.0: dependencies: is-arrayish "^0.2.1" -es5-ext@^0.10.7, es5-ext@^0.10.8, es5-ext@~0.10.11, es5-ext@~0.10.2, es5-ext@~0.10.7: +es5-ext@^0.10.7, es5-ext@~0.10.11, es5-ext@~0.10.2, es5-ext@~0.10.7: version "0.10.12" resolved "https://registry.yarnpkg.com/es5-ext/-/es5-ext-0.10.12.tgz#aa84641d4db76b62abba5e45fd805ecbab140047" dependencies: @@ -1228,28 +1249,10 @@ es6-symbol@3, es6-symbol@~3.1, es6-symbol@~3.1.0: d "~0.1.1" es5-ext "~0.10.11" -es6-weak-map@^2.0.1: - version "2.0.1" - resolved "https://registry.yarnpkg.com/es6-weak-map/-/es6-weak-map-2.0.1.tgz#0d2bbd8827eb5fb4ba8f97fbfea50d43db21ea81" - dependencies: - d "^0.1.1" - es5-ext "^0.10.8" - es6-iterator "2" - es6-symbol "3" - escape-string-regexp@1.0.5, escape-string-regexp@^1.0.2, escape-string-regexp@^1.0.5: version "1.0.5" resolved "https://registry.yarnpkg.com/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz#1b61c0562190a8dff6ae3bb2cf0200ca130b86d4" -escope@^3.6.0: - version "3.6.0" - resolved "https://registry.yarnpkg.com/escope/-/escope-3.6.0.tgz#e01975e812781a163a6dadfdd80398dc64c889c3" - dependencies: - es6-map "^0.1.3" - es6-weak-map "^2.0.1" - esrecurse "^4.1.0" - estraverse "^4.1.1" - eslint-config-airbnb-base@^8.0.0: version "8.0.0" resolved "https://registry.yarnpkg.com/eslint-config-airbnb-base/-/eslint-config-airbnb-base-8.0.0.tgz#c5e958a469ab8af76aff068b43d784e5afe74ca7" @@ -1308,59 +1311,67 @@ eslint-plugin-react@6.4.1: doctrine "^1.2.2" jsx-ast-utils "^1.3.1" -eslint@3.8.1: - version "3.8.1" - resolved "https://registry.yarnpkg.com/eslint/-/eslint-3.8.1.tgz#7d02db44cd5aaf4fa7aa489e1f083baa454342ba" +eslint-scope@^3.7.1: + version "3.7.1" + resolved "https://registry.yarnpkg.com/eslint-scope/-/eslint-scope-3.7.1.tgz#3d63c3edfda02e06e01a452ad88caacc7cdcb6e8" + dependencies: + esrecurse "^4.1.0" + estraverse "^4.1.1" + +eslint@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/eslint/-/eslint-4.0.0.tgz#7277c01437fdf41dccd168d5aa0e49b75ca1f260" dependencies: + babel-code-frame "^6.22.0" chalk "^1.1.3" - concat-stream "^1.4.6" - debug "^2.1.1" - doctrine "^1.2.2" - escope "^3.6.0" - espree "^3.3.1" + concat-stream "^1.6.0" + debug "^2.6.8" + doctrine "^2.0.0" + eslint-scope "^3.7.1" + espree "^3.4.3" + esquery "^1.0.0" estraverse "^4.2.0" esutils "^2.0.2" file-entry-cache "^2.0.0" - glob "^7.0.3" - globals "^9.2.0" - ignore "^3.1.5" + glob "^7.1.2" + globals "^9.17.0" + ignore "^3.3.3" imurmurhash "^0.1.4" - inquirer "^0.12.0" - is-my-json-valid "^2.10.0" + inquirer "^3.0.6" + is-my-json-valid "^2.16.0" is-resolvable "^1.0.0" - js-yaml "^3.5.1" - json-stable-stringify "^1.0.0" + js-yaml "^3.8.4" + json-stable-stringify "^1.0.1" levn "^0.3.0" - lodash "^4.0.0" - mkdirp "^0.5.0" + lodash "^4.17.4" + mkdirp "^0.5.1" natural-compare "^1.4.0" optionator "^0.8.2" - path-is-inside "^1.0.1" - pluralize "^1.2.1" - progress "^1.1.8" - require-uncached "^1.0.2" - shelljs "^0.6.0" - strip-bom "^3.0.0" - strip-json-comments "~1.0.1" - table "^3.7.8" + path-is-inside "^1.0.2" + pluralize "^4.0.0" + progress "^2.0.0" + require-uncached "^1.0.3" + strip-json-comments "~2.0.1" + table "^4.0.1" text-table "~0.2.0" - user-home "^2.0.0" -espree@^3.3.1: - version "3.3.2" - resolved "https://registry.yarnpkg.com/espree/-/espree-3.3.2.tgz#dbf3fadeb4ecb4d4778303e50103b3d36c88b89c" +espree@^3.4.3: + version "3.4.3" + resolved "https://registry.yarnpkg.com/espree/-/espree-3.4.3.tgz#2910b5ccd49ce893c2ffffaab4fd8b3a31b82374" dependencies: - acorn "^4.0.1" + acorn "^5.0.1" acorn-jsx "^3.0.0" -esprima@^2.6.0: - version "2.7.3" - resolved "https://registry.yarnpkg.com/esprima/-/esprima-2.7.3.tgz#96e3b70d5779f6ad49cd032673d1c312767ba581" - -esprima@~3.1.0: +esprima@^3.1.1, esprima@~3.1.0: version "3.1.2" resolved "https://registry.yarnpkg.com/esprima/-/esprima-3.1.2.tgz#954b5d19321ca436092fa90f06d6798531fe8184" +esquery@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/esquery/-/esquery-1.0.0.tgz#cfba8b57d7fba93f17298a8a006a04cda13d80fa" + dependencies: + estraverse "^4.0.0" + esrecurse@^4.1.0: version "4.1.0" resolved "https://registry.yarnpkg.com/esrecurse/-/esrecurse-4.1.0.tgz#4713b6536adf7f2ac4f327d559e7756bff648220" @@ -1368,7 +1379,7 @@ esrecurse@^4.1.0: estraverse "~4.1.0" object-assign "^4.0.1" -estraverse@^4.1.1, estraverse@^4.2.0: +estraverse@^4.0.0, estraverse@^4.1.1, estraverse@^4.2.0: version "4.2.0" resolved "https://registry.yarnpkg.com/estraverse/-/estraverse-4.2.0.tgz#0dee3fed31fcd469618ce7342099fc1afa0bdb13" @@ -1387,10 +1398,6 @@ event-emitter@~0.3.4: d "~0.1.1" es5-ext "~0.10.7" -exit-hook@^1.0.0: - version "1.1.1" - resolved "https://registry.yarnpkg.com/exit-hook/-/exit-hook-1.1.1.tgz#f05ca233b48c05d54fff07765df8507e95c02ff8" - expand-brackets@^0.1.4: version "0.1.5" resolved "https://registry.yarnpkg.com/expand-brackets/-/expand-brackets-0.1.5.tgz#df07284e342a807cd733ac5af72411e581d1177b" @@ -1407,6 +1414,14 @@ extend@~3.0.0: version "3.0.0" resolved "https://registry.yarnpkg.com/extend/-/extend-3.0.0.tgz#5a474353b9f3353ddd8176dfd37b91c83a46f1d4" +external-editor@^2.0.4: + version "2.0.4" + resolved "https://registry.yarnpkg.com/external-editor/-/external-editor-2.0.4.tgz#1ed9199da9cbfe2ef2f7a31b2fde8b0d12368972" + dependencies: + iconv-lite "^0.4.17" + jschardet "^1.4.2" + tmp "^0.0.31" + extglob@^0.3.1: version "0.3.2" resolved "https://registry.yarnpkg.com/extglob/-/extglob-0.3.2.tgz#2e18ff3d2f49ab2765cec9023f011daa8d8349a1" @@ -1421,12 +1436,11 @@ fast-levenshtein@~2.0.4: version "2.0.5" resolved "https://registry.yarnpkg.com/fast-levenshtein/-/fast-levenshtein-2.0.5.tgz#bd33145744519ab1c36c3ee9f31f08e9079b67f2" -figures@^1.3.5: - version "1.7.0" - resolved "https://registry.yarnpkg.com/figures/-/figures-1.7.0.tgz#cbe1e3affcf1cd44b80cadfed28dc793a9701d2e" +figures@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/figures/-/figures-2.0.0.tgz#3ab1a2d2a62c8bfb431a0c94cb797a2fce27c962" dependencies: escape-string-regexp "^1.0.5" - object-assign "^4.1.0" file-entry-cache@^2.0.0: version "2.0.0" @@ -1611,10 +1625,32 @@ glob@^7.0.3, glob@^7.0.5: once "^1.3.0" path-is-absolute "^1.0.0" -globals@^9.0.0, globals@^9.2.0: +glob@^7.1.2: + version "7.1.2" + resolved "https://registry.yarnpkg.com/glob/-/glob-7.1.2.tgz#c19c9df9a028702d678612384a6552404c636d15" + dependencies: + fs.realpath "^1.0.0" + inflight "^1.0.4" + inherits "2" + minimatch "^3.0.4" + once "^1.3.0" + path-is-absolute "^1.0.0" + +global@^4.3.2: + version "4.3.2" + resolved "https://registry.yarnpkg.com/global/-/global-4.3.2.tgz#e76989268a6c74c38908b1305b10fc0e394e9d0f" + dependencies: + min-document "^2.19.0" + process "~0.5.1" + +globals@^9.0.0: version "9.13.0" resolved "https://registry.yarnpkg.com/globals/-/globals-9.13.0.tgz#d97706b61600d8dbe94708c367d3fdcf48470b8f" +globals@^9.17.0: + version "9.18.0" + resolved "https://registry.yarnpkg.com/globals/-/globals-9.18.0.tgz#aa3896b3e69b487f17e31ed2143d69a8e30c2d8a" + globby@^5.0.0: version "5.0.0" resolved "https://registry.yarnpkg.com/globby/-/globby-5.0.0.tgz#ebd84667ca0dbb330b99bcfc68eac2bc54370e0d" @@ -1709,13 +1745,17 @@ http-signature@~1.1.0: jsprim "^1.2.2" sshpk "^1.7.0" +iconv-lite@^0.4.17: + version "0.4.18" + resolved "https://registry.yarnpkg.com/iconv-lite/-/iconv-lite-0.4.18.tgz#23d8656b16aae6742ac29732ea8f0336a4789cf2" + iconv-lite@~0.4.13: version "0.4.15" resolved "https://registry.yarnpkg.com/iconv-lite/-/iconv-lite-0.4.15.tgz#fe265a218ac6a57cfe854927e9d04c19825eddeb" -ignore@^3.1.5: - version "3.2.0" - resolved "https://registry.yarnpkg.com/ignore/-/ignore-3.2.0.tgz#8d88f03c3002a0ac52114db25d2c673b0bf1e435" +ignore@^3.3.3: + version "3.3.3" + resolved "https://registry.yarnpkg.com/ignore/-/ignore-3.3.3.tgz#432352e57accd87ab3110e82d3fea0e47812156d" imurmurhash@^0.1.4: version "0.1.4" @@ -1734,7 +1774,7 @@ inflight@^1.0.4: once "^1.3.0" wrappy "1" -inherits@2, inherits@^2.0.1, inherits@~2.0.0, inherits@~2.0.1: +inherits@2, inherits@^2.0.1, inherits@^2.0.3, inherits@~2.0.0, inherits@~2.0.1: version "2.0.3" resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.3.tgz#633c2c83e3da42a502f52466022480f4208261de" @@ -1742,21 +1782,22 @@ ini@~1.3.0: version "1.3.4" resolved "https://registry.yarnpkg.com/ini/-/ini-1.3.4.tgz#0537cb79daf59b59a1a517dff706c86ec039162e" -inquirer@^0.12.0: - version "0.12.0" - resolved "https://registry.yarnpkg.com/inquirer/-/inquirer-0.12.0.tgz#1ef2bfd63504df0bc75785fff8c2c41df12f077e" +inquirer@^3.0.6: + version "3.1.0" + resolved "https://registry.yarnpkg.com/inquirer/-/inquirer-3.1.0.tgz#e05400d48b94937c2d3caa7038663ba9189aab01" dependencies: - ansi-escapes "^1.1.0" - ansi-regex "^2.0.0" + ansi-escapes "^2.0.0" chalk "^1.0.0" - cli-cursor "^1.0.1" + cli-cursor "^2.1.0" cli-width "^2.0.0" - figures "^1.3.5" + external-editor "^2.0.4" + figures "^2.0.0" lodash "^4.3.0" - readline2 "^1.0.1" - run-async "^0.1.0" - rx-lite "^3.1.2" - string-width "^1.0.1" + mute-stream "0.0.7" + run-async "^2.2.0" + rx-lite "^4.0.8" + rx-lite-aggregates "^4.0.8" + string-width "^2.0.0" strip-ansi "^3.0.0" through "^2.3.6" @@ -1826,7 +1867,7 @@ is-glob@^2.0.0, is-glob@^2.0.1: dependencies: is-extglob "^1.0.0" -is-my-json-valid@^2.10.0, is-my-json-valid@^2.12.4: +is-my-json-valid@^2.12.4: version "2.15.0" resolved "https://registry.yarnpkg.com/is-my-json-valid/-/is-my-json-valid-2.15.0.tgz#936edda3ca3c211fd98f3b2d3e08da43f7b2915b" dependencies: @@ -1835,6 +1876,15 @@ is-my-json-valid@^2.10.0, is-my-json-valid@^2.12.4: jsonpointer "^4.0.0" xtend "^4.0.0" +is-my-json-valid@^2.16.0: + version "2.16.0" + resolved "https://registry.yarnpkg.com/is-my-json-valid/-/is-my-json-valid-2.16.0.tgz#f079dd9bfdae65ee2038aae8acbc86ab109e3693" + dependencies: + generate-function "^2.0.0" + generate-object-property "^1.1.0" + jsonpointer "^4.0.0" + xtend "^4.0.0" + is-number@^2.0.2, is-number@^2.1.0: version "2.1.0" resolved "https://registry.yarnpkg.com/is-number/-/is-number-2.1.0.tgz#01fcbbb393463a548f2f466cce16dece49db908f" @@ -1865,6 +1915,10 @@ is-primitive@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/is-primitive/-/is-primitive-2.0.0.tgz#207bab91638499c07b2adf240a41a87210034575" +is-promise@^2.1.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/is-promise/-/is-promise-2.1.0.tgz#79a2a9ece7f096e80f36d2b2f3bc16c1ff4bf3fa" + is-property@^1.0.0: version "1.0.2" resolved "https://registry.yarnpkg.com/is-property/-/is-property-1.0.2.tgz#57fe1c4e48474edd65b09911f26b1cd4095dda84" @@ -1919,17 +1973,21 @@ js-tokens@^3.0.0: version "3.0.1" resolved "https://registry.yarnpkg.com/js-tokens/-/js-tokens-3.0.1.tgz#08e9f132484a2c45a30907e9dc4d5567b7f114d7" -js-yaml@^3.5.1: - version "3.7.0" - resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-3.7.0.tgz#5c967ddd837a9bfdca5f2de84253abe8a1c03b80" +js-yaml@^3.8.4: + version "3.8.4" + resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-3.8.4.tgz#520b4564f86573ba96662af85a8cafa7b4b5a6f6" dependencies: argparse "^1.0.7" - esprima "^2.6.0" + esprima "^3.1.1" jsbn@~0.1.0: version "0.1.0" resolved "https://registry.yarnpkg.com/jsbn/-/jsbn-0.1.0.tgz#650987da0dd74f4ebf5a11377a2aa2d273e97dfd" +jschardet@^1.4.2: + version "1.4.2" + resolved "https://registry.yarnpkg.com/jschardet/-/jschardet-1.4.2.tgz#2aa107f142af4121d145659d44f50830961e699a" + jsesc@^1.3.0: version "1.3.0" resolved "https://registry.yarnpkg.com/jsesc/-/jsesc-1.3.0.tgz#46c3fec8c1892b12b0833db9bc7622176dbab34b" @@ -1942,7 +2000,7 @@ json-schema@0.2.3: version "0.2.3" resolved "https://registry.yarnpkg.com/json-schema/-/json-schema-0.2.3.tgz#b480c892e59a2f05954ce727bd3f2a4e882f9e13" -json-stable-stringify@^1.0.0, json-stable-stringify@^1.0.1: +json-stable-stringify@^1.0.1: version "1.0.1" resolved "https://registry.yarnpkg.com/json-stable-stringify/-/json-stable-stringify-1.0.1.tgz#9a759d39c5f2ff503fd5300646ed445f88c4f9af" dependencies: @@ -2081,7 +2139,11 @@ lodash.merge@^4.6.0: version "4.6.0" resolved "https://registry.yarnpkg.com/lodash.merge/-/lodash.merge-4.6.0.tgz#69884ba144ac33fe699737a6086deffadd0f89c5" -lodash@^4.0.0, lodash@^4.2.0, lodash@^4.3.0: +lodash@^4.0.0, lodash@^4.17.4: + version "4.17.4" + resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.4.tgz#78203a4d1c328ae1d86dca6460e369b57f4055ae" + +lodash@^4.2.0, lodash@^4.3.0: version "4.16.6" resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.16.6.tgz#d22c9ac660288f3843e16ba7d2b5d06cca27d777" @@ -2159,12 +2221,28 @@ mime-types@^2.1.12, mime-types@~2.1.7: dependencies: mime-db "~1.24.0" +mimic-fn@^1.0.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/mimic-fn/-/mimic-fn-1.1.0.tgz#e667783d92e89dbd342818b5230b9d62a672ad18" + +min-document@^2.19.0: + version "2.19.0" + resolved "https://registry.yarnpkg.com/min-document/-/min-document-2.19.0.tgz#7bd282e3f5842ed295bb748cdd9f1ffa2c824685" + dependencies: + dom-walk "^0.1.0" + "minimatch@2 || 3", minimatch@^3.0.0, minimatch@^3.0.2, minimatch@^3.0.3: version "3.0.3" resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-3.0.3.tgz#2a4e4090b96b2db06a9d7df01055a62a77c9b774" dependencies: brace-expansion "^1.0.0" +minimatch@^3.0.4: + version "3.0.4" + resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-3.0.4.tgz#5166e286457f03306064be5497e8dbb0c3d32083" + dependencies: + brace-expansion "^1.1.7" + minimist, minimist@^1.1.0, minimist@^1.1.3, minimist@^1.2.0: version "1.2.0" resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.0.tgz#a35008b20f41383eec1fb914f4cd5df79a264284" @@ -2173,7 +2251,7 @@ minimist@0.0.8: version "0.0.8" resolved "https://registry.yarnpkg.com/minimist/-/minimist-0.0.8.tgz#857fcabfc3397d2625b8228262e86aa7a011b05d" -mkdirp, mkdirp@0.5.1, "mkdirp@>=0.5 0", mkdirp@^0.5.0, mkdirp@^0.5.1, mkdirp@~0.5.1: +mkdirp, mkdirp@0.5.1, "mkdirp@>=0.5 0", mkdirp@^0.5.1, mkdirp@~0.5.1: version "0.5.1" resolved "https://registry.yarnpkg.com/mkdirp/-/mkdirp-0.5.1.tgz#30057438eac6cf7f8c4767f38648d6697d75c903" dependencies: @@ -2203,9 +2281,13 @@ ms@0.7.2: version "0.7.2" resolved "https://registry.yarnpkg.com/ms/-/ms-0.7.2.tgz#ae25cf2512b3885a1d95d7f037868d8431124765" -mute-stream@0.0.5: - version "0.0.5" - resolved "https://registry.yarnpkg.com/mute-stream/-/mute-stream-0.0.5.tgz#8fbfabb0a98a253d3184331f9e8deb7372fac6c0" +ms@2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/ms/-/ms-2.0.0.tgz#5608aeadfc00be6c2901df5f9861788de0d597c8" + +mute-stream@0.0.7: + version "0.0.7" + resolved "https://registry.yarnpkg.com/mute-stream/-/mute-stream-0.0.7.tgz#3075ce93bc21b8fab43e1bc4da7e8115ed1e7bab" nan@^2.3.0: version "2.4.0" @@ -2299,9 +2381,11 @@ once@~1.3.3: dependencies: wrappy "1" -onetime@^1.0.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/onetime/-/onetime-1.1.0.tgz#a1f7838f8314c516f05ecefcbc4ccfe04b4ed789" +onetime@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/onetime/-/onetime-2.0.1.tgz#067428230fd67443b2794b22bba528b6867962d4" + dependencies: + mimic-fn "^1.0.0" optionator@^0.8.2: version "0.8.2" @@ -2314,11 +2398,7 @@ optionator@^0.8.2: type-check "~0.3.2" wordwrap "~1.0.0" -os-homedir@^1.0.0: - version "1.0.2" - resolved "https://registry.yarnpkg.com/os-homedir/-/os-homedir-1.0.2.tgz#ffbc4988336e0e833de0c168c7ef152121aa7fb3" - -os-tmpdir@^1.0.1: +os-tmpdir@^1.0.1, os-tmpdir@~1.0.1: version "1.0.2" resolved "https://registry.yarnpkg.com/os-tmpdir/-/os-tmpdir-1.0.2.tgz#bbe67406c79aa85c5cfec766fe5734555dfa1274" @@ -2359,7 +2439,7 @@ path-is-absolute@^1.0.0: version "1.0.1" resolved "https://registry.yarnpkg.com/path-is-absolute/-/path-is-absolute-1.0.1.tgz#174b9268735534ffbc7ace6bf53a5a9e1b5c5f5f" -path-is-inside@^1.0.1: +path-is-inside@^1.0.1, path-is-inside@^1.0.2: version "1.0.2" resolved "https://registry.yarnpkg.com/path-is-inside/-/path-is-inside-1.0.2.tgz#365417dede44430d1c11af61027facf074bdfc53" @@ -2397,9 +2477,9 @@ pkg-up@^1.0.0: dependencies: find-up "^1.0.0" -pluralize@^1.2.1: - version "1.2.1" - resolved "https://registry.yarnpkg.com/pluralize/-/pluralize-1.2.1.tgz#d1a21483fd22bb41e58a12fa3421823140897c45" +pluralize@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/pluralize/-/pluralize-4.0.0.tgz#59b708c1c0190a2f692f1c7618c446b052fd1762" prelude-ls@~1.1.2: version "1.1.2" @@ -2417,9 +2497,13 @@ process-nextick-args@~1.0.6: version "1.0.7" resolved "https://registry.yarnpkg.com/process-nextick-args/-/process-nextick-args-1.0.7.tgz#150e20b756590ad3f91093f25a4f2ad8bff30ba3" -progress@^1.1.8: - version "1.1.8" - resolved "https://registry.yarnpkg.com/progress/-/progress-1.1.8.tgz#e260c78f6161cdd9b0e56cc3e0a85de17c7a57be" +process@~0.5.1: + version "0.5.2" + resolved "https://registry.yarnpkg.com/process/-/process-0.5.2.tgz#1638d8a8e34c2f440a91db95ab9aeb677fc185cf" + +progress@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/progress/-/progress-2.0.0.tgz#8a1be366bf8fc23db2bd23f10c6fe920b4389d1f" punycode@^1.4.1: version "1.4.1" @@ -2472,7 +2556,7 @@ read-pkg@^1.0.0: string_decoder "~0.10.x" util-deprecate "~1.0.1" -readable-stream@^2.0.2, readable-stream@~2.0.0: +readable-stream@^2.0.2: version "2.0.6" resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.0.6.tgz#8f90341e68a53ccc928788dacfcd11b36eb9b78e" dependencies: @@ -2483,6 +2567,18 @@ readable-stream@^2.0.2, readable-stream@~2.0.0: string_decoder "~0.10.x" util-deprecate "~1.0.1" +readable-stream@^2.2.2: + version "2.2.11" + resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.2.11.tgz#0796b31f8d7688007ff0b93a8088d34aa17c0f72" + dependencies: + core-util-is "~1.0.0" + inherits "~2.0.1" + isarray "~1.0.0" + process-nextick-args "~1.0.6" + safe-buffer "~5.0.1" + string_decoder "~1.0.0" + util-deprecate "~1.0.1" + readdirp@^2.0.0: version "2.1.0" resolved "https://registry.yarnpkg.com/readdirp/-/readdirp-2.1.0.tgz#4ed0ad060df3073300c48440373f72d1cc642d78" @@ -2492,14 +2588,6 @@ readdirp@^2.0.0: readable-stream "^2.0.2" set-immediate-shim "^1.0.1" -readline2@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/readline2/-/readline2-1.0.1.tgz#41059608ffc154757b715d9989d199ffbf372e35" - dependencies: - code-point-at "^1.0.0" - is-fullwidth-code-point "^1.0.0" - mute-stream "0.0.5" - recast: version "0.11.18" resolved "https://registry.yarnpkg.com/recast/-/recast-0.11.18.tgz#07af6257ca769868815209401d4d60eef1b5b947" @@ -2592,7 +2680,7 @@ request@^2.65.0, request@^2.75.0: tough-cookie "~2.3.0" tunnel-agent "~0.4.1" -require-uncached@^1.0.2: +require-uncached@^1.0.3: version "1.0.3" resolved "https://registry.yarnpkg.com/require-uncached/-/require-uncached-1.0.3.tgz#4e0d56d6c9662fd31e43011c4b95aa49955421d3" dependencies: @@ -2607,12 +2695,12 @@ resolve@^1.1.6: version "1.1.7" resolved "https://registry.yarnpkg.com/resolve/-/resolve-1.1.7.tgz#203114d82ad2c5ed9e8e0411b3932875e889e97b" -restore-cursor@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/restore-cursor/-/restore-cursor-1.0.1.tgz#34661f46886327fed2991479152252df92daa541" +restore-cursor@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/restore-cursor/-/restore-cursor-2.0.0.tgz#9f7ee287f82fd326d4fd162923d62129eee0dfaf" dependencies: - exit-hook "^1.0.0" - onetime "^1.0.0" + onetime "^2.0.0" + signal-exit "^3.0.2" rimraf, rimraf@2, rimraf@^2.2.8, rimraf@^2.5.4, rimraf@~2.5.1, rimraf@~2.5.4: version "2.5.4" @@ -2620,15 +2708,25 @@ rimraf, rimraf@2, rimraf@^2.2.8, rimraf@^2.5.4, rimraf@~2.5.1, rimraf@~2.5.4: dependencies: glob "^7.0.5" -run-async@^0.1.0: - version "0.1.0" - resolved "https://registry.yarnpkg.com/run-async/-/run-async-0.1.0.tgz#c8ad4a5e110661e402a7d21b530e009f25f8e389" +run-async@^2.2.0: + version "2.3.0" + resolved "https://registry.yarnpkg.com/run-async/-/run-async-2.3.0.tgz#0371ab4ae0bdd720d4166d7dfda64ff7a445a6c0" dependencies: - once "^1.3.0" + is-promise "^2.1.0" -rx-lite@^3.1.2: - version "3.1.2" - resolved "https://registry.yarnpkg.com/rx-lite/-/rx-lite-3.1.2.tgz#19ce502ca572665f3b647b10939f97fd1615f102" +rx-lite-aggregates@^4.0.8: + version "4.0.8" + resolved "https://registry.yarnpkg.com/rx-lite-aggregates/-/rx-lite-aggregates-4.0.8.tgz#753b87a89a11c95467c4ac1626c4efc4e05c67be" + dependencies: + rx-lite "*" + +rx-lite@*, rx-lite@^4.0.8: + version "4.0.8" + resolved "https://registry.yarnpkg.com/rx-lite/-/rx-lite-4.0.8.tgz#0b1e11af8bc44836f04a6407e92da42467b79444" + +safe-buffer@~5.0.1: + version "5.0.1" + resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.0.1.tgz#d263ca54696cd8a306b5ca6551e92de57918fbe7" semver-regex@^1.0.0: version "1.0.0" @@ -2660,14 +2758,14 @@ shebang-regex@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/shebang-regex/-/shebang-regex-1.0.0.tgz#da42f49740c0b42db2ca9728571cb190c98efea3" -shelljs@^0.6.0: - version "0.6.1" - resolved "https://registry.yarnpkg.com/shelljs/-/shelljs-0.6.1.tgz#ec6211bed1920442088fe0f70b2837232ed2c8a8" - signal-exit@^3.0.0: version "3.0.1" resolved "https://registry.yarnpkg.com/signal-exit/-/signal-exit-3.0.1.tgz#5a4c884992b63a7acd9badb7894c3ee9cfccad81" +signal-exit@^3.0.2: + version "3.0.2" + resolved "https://registry.yarnpkg.com/signal-exit/-/signal-exit-3.0.2.tgz#b5fdc08f1287ea1178628e415e25132b73646c6d" + slash@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/slash/-/slash-1.0.0.tgz#c41f2f6c39fc16d1cd17ad4b5d896114ae470d55" @@ -2744,6 +2842,12 @@ string_decoder@~0.10.x: version "0.10.31" resolved "https://registry.yarnpkg.com/string_decoder/-/string_decoder-0.10.31.tgz#62e203bc41766c6c28c9fc84301dab1c5310fa94" +string_decoder@~1.0.0: + version "1.0.2" + resolved "https://registry.yarnpkg.com/string_decoder/-/string_decoder-1.0.2.tgz#b29e1f4e1125fa97a10382b8a533737b7491e179" + dependencies: + safe-buffer "~5.0.1" + stringstream@~0.0.4: version "0.0.5" resolved "https://registry.yarnpkg.com/stringstream/-/stringstream-0.0.5.tgz#4e484cd4de5a0bbbee18e46307710a8a81621878" @@ -2760,20 +2864,20 @@ strip-bom@^2.0.0: dependencies: is-utf8 "^0.2.0" -strip-bom@^3.0.0: - version "3.0.0" - resolved "https://registry.yarnpkg.com/strip-bom/-/strip-bom-3.0.0.tgz#2334c18e9c759f7bdd56fdef7e9ae3d588e68ed3" - strip-indent@^1.0.1: version "1.0.1" resolved "https://registry.yarnpkg.com/strip-indent/-/strip-indent-1.0.1.tgz#0c7962a6adefa7bbd4ac366460a638552ae1a0a2" dependencies: get-stdin "^4.0.1" -strip-json-comments@~1.0.1, strip-json-comments@~1.0.4: +strip-json-comments@~1.0.4: version "1.0.4" resolved "https://registry.yarnpkg.com/strip-json-comments/-/strip-json-comments-1.0.4.tgz#1e15fbcac97d3ee99bf2d73b4c656b082bbafb91" +strip-json-comments@~2.0.1: + version "2.0.1" + resolved "https://registry.yarnpkg.com/strip-json-comments/-/strip-json-comments-2.0.1.tgz#3c531942e908c2697c0ec344858c286c7ca0a60a" + supports-color@3.1.2: version "3.1.2" resolved "https://registry.yarnpkg.com/supports-color/-/supports-color-3.1.2.tgz#72a262894d9d408b956ca05ff37b2ed8a6e2a2d5" @@ -2784,9 +2888,9 @@ supports-color@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/supports-color/-/supports-color-2.0.0.tgz#535d045ce6b6363fa40117084629995e9df324c7" -table@^3.7.8: - version "3.8.3" - resolved "https://registry.yarnpkg.com/table/-/table-3.8.3.tgz#2bbc542f0fda9861a755d3947fefd8b3f513855f" +table@^4.0.1: + version "4.0.1" + resolved "https://registry.yarnpkg.com/table/-/table-4.0.1.tgz#a8116c133fac2c61f4a420ab6cdf5c4d61f0e435" dependencies: ajv "^4.7.0" ajv-keywords "^1.0.0" @@ -2824,6 +2928,12 @@ through@^2.3.6: version "2.3.8" resolved "https://registry.yarnpkg.com/through/-/through-2.3.8.tgz#0dd4c9ffaabc357960b1b724115d7e0e86a2e1f5" +tmp@^0.0.31: + version "0.0.31" + resolved "https://registry.yarnpkg.com/tmp/-/tmp-0.0.31.tgz#8f38ab9438e17315e5dbd8b3657e8bfb277ae4a7" + dependencies: + os-tmpdir "~1.0.1" + to-fast-properties@^1.0.1: version "1.0.2" resolved "https://registry.yarnpkg.com/to-fast-properties/-/to-fast-properties-1.0.2.tgz#f3f5c0c3ba7299a7ef99427e44633257ade43320" @@ -2864,7 +2974,7 @@ type-detect@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/type-detect/-/type-detect-1.0.0.tgz#762217cc06db258ec48908a1298e8b95121e8ea2" -typedarray@~0.0.5: +typedarray@^0.0.6: version "0.0.6" resolved "https://registry.yarnpkg.com/typedarray/-/typedarray-0.0.6.tgz#867ac74e3864187b1d3d47d996a78ec5c8830777" @@ -2876,12 +2986,6 @@ user-home@^1.1.1: version "1.1.1" resolved "https://registry.yarnpkg.com/user-home/-/user-home-1.1.1.tgz#2b5be23a32b63a7c9deb8d0f28d485724a3df190" -user-home@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/user-home/-/user-home-2.0.0.tgz#9c70bfd8169bc1dcbf48604e0f04b8b49cde9e9f" - dependencies: - os-homedir "^1.0.0" - util-deprecate@~1.0.1: version "1.0.2" resolved "https://registry.yarnpkg.com/util-deprecate/-/util-deprecate-1.0.2.tgz#450d4dc9fa70de732762fbd2d4a28981419a0ccf" From aadbe9c1d3a836287f9522bdbb9089421b07dd9f Mon Sep 17 00:00:00 2001 From: Tobias Klemmer Date: Sun, 9 Jul 2017 21:07:31 +0200 Subject: [PATCH 42/69] easier authorization --- test/get-jwt-tokens-for-tests.sh | 4 + test/input/User.graphql | 2 +- .../scripts/run-end-to-end-tests.sh | 12 + test/output-app/README.md | 435 +- test/output-app/model/Tweet.js | 231 +- test/output-app/model/User.js | 320 +- test/output-app/resolvers/Tweet.js | 6 +- test/output-app/resolvers/User.js | 6 +- test/output-app/server/authenticate.js | 1 + test/output-app/server/authorize.js | 165 +- test/output-app/server/index.js | 6 + test/output-app/server/logger.js | 40 +- .../server/logs/all-logs-readable.log | 16273 ++++++++++++++++ 13 files changed, 16897 insertions(+), 604 deletions(-) create mode 100755 test/get-jwt-tokens-for-tests.sh create mode 100644 test/output-app/server/logs/all-logs-readable.log diff --git a/test/get-jwt-tokens-for-tests.sh b/test/get-jwt-tokens-for-tests.sh new file mode 100755 index 0000000..7ebc09b --- /dev/null +++ b/test/get-jwt-tokens-for-tests.sh @@ -0,0 +1,4 @@ +#!/bin/bash +cd output-app-end-to-end/scripts +babel-node generateJWT.js +cd ../.. diff --git a/test/input/User.graphql b/test/input/User.graphql index 042d616..8b6259a 100644 --- a/test/input/User.graphql +++ b/test/input/User.graphql @@ -6,7 +6,7 @@ type User ) { - role: String! @authRole("admin") @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne", "delete"]) + role: String! @authRole("admin") @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) username: String! diff --git a/test/output-app-end-to-end/scripts/run-end-to-end-tests.sh b/test/output-app-end-to-end/scripts/run-end-to-end-tests.sh index 75abf03..5d2d677 100755 --- a/test/output-app-end-to-end/scripts/run-end-to-end-tests.sh +++ b/test/output-app-end-to-end/scripts/run-end-to-end-tests.sh @@ -7,6 +7,7 @@ echo "checking for server connection" TEST_DIR=$(dirname $(dirname "$0")) SEED_DIR=$(dirname $TEST_DIR)/seeds +LOG_FILE=$(dirname $TEST_DIR)/output-app/server/logs/all-logs-readable.log $MOCHA "$TEST_DIR/index.js" > /dev/null 2> /dev/null if [[ $? -ne 0 ]]; then @@ -27,3 +28,14 @@ mongoimport --drop --host 127.0.0.1:3002 --db database --collection tweet "$SEED echo "running tests" $MOCHA "$TEST_DIR" + +echo "Please consider the log file for debugging $LOG_FILE" +echo "" + +# Test only specific test files... +# $MOCHA "$TEST_DIR/test-1-roles.js" +# $MOCHA "$TEST_DIR/test-2-queries-with-user-role-admin.js" +# $MOCHA "$TEST_DIR/test-3-mutations-with-user-role-admin.js" +# $MOCHA "$TEST_DIR/test-4-mutations-with-unknown-user.js" +# $MOCHA "$TEST_DIR/test-5-mutations-with-user-role-user.js" +# $MOCHA "$TEST_DIR/test-6-mutations-with-user-role-editor.js" diff --git a/test/output-app/README.md b/test/output-app/README.md index 1421631..ee5c74e 100644 --- a/test/output-app/README.md +++ b/test/output-app/README.md @@ -51,7 +51,7 @@ type User ) { - role: String! @authRole("admin") @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne", "delete"]) + role: String! @authRole("admin") @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) username: String! @@ -65,6 +65,7 @@ type User followers: [User!] @hasAndBelongsToMany(as: "following") } ``` + This has the following meaning: * user-role: "admin", is created (user roles don't have own fields of type User or [User] in the document) It is a String field with: **role: String! @authRole("admin")** @@ -76,7 +77,7 @@ This has the following meaning: Here we use also the @authorize directive on field level for the field role: ```javascript ... -role: String! @authRole("admin") @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne", "delete"]) +role: String! @authRole("admin") @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) ... ``` This adds additional authorization checks on the field level just for this field "role". @@ -84,7 +85,7 @@ Every time this field "role" appears in any document, it will be checked, if the In this case it checks: * if the user-role "admin" is the authorized user, then it allows him to create, read, update, delete operations also on the document, if it contains the field "role" -* if the document-role "this" (=owner of the document user._id_ = doc._id_) to do the operations "readOne" and "delete" on the User document, but it doesn't allow him to upgrade/update his own User.role. +* if the document-role "this" (=owner of the document user._id_ = doc._id_) to do the operations "readOne" on the User document, but it doesn't allow him to upgrade/update his own User.role. Use create-graphql-server cli to generate the according schema, resolver, model files with the create-graphql-server command line interface. After its generation, you will find the generated files in the sub folders: schema, resolvers, model folders. The generated model files will use the following functions to implement the authorization logic. @@ -97,20 +98,32 @@ import { queryForRoles, findByIds } from '../server/authorize'; export default class { constructor(context){ ... - this.loader = new DataLoader((ids, authQuery = {}) => findByIds(this.collection, ids, authQuery)); + this.loaders = (_user = {}, resolver = '') => ({ + readOne: new DataLoader(ids => new Promise( async (resolve, reject) => { + try { + const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readOne', { User: this.context.User }, resolver); + const result = await findByIds(this.collection, ids, authQuery); + resolve(result); + } catch (err) { reject(err); } + })), + }); ... } ... -getOneById(id, _user = {}, resolver = 'getOneById') { - const authQuery = queryForRoles(_user, this.auth, 'readOne', { User: this.context.User }, {_id: id}, resolver); - return this.loader.load(id, authQuery); +async getOneById(id, _user = {}, resolver = 'tweet getOneById') { + try { + const result = await this.loaders(_user, resolver).readOne.load(id); + return result; + } catch (err) { log.error(err.message); } } -all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = 'all') { - const baseQuery = { createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, this.auth, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); - const finalQuery = {...baseQuery, ...authQuery}; - return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); +all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = 'tweet all') { + try { + const baseQuery = { createdAt: { $gt: lastCreatedAt } }; + const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readMany', { User: this.context.User }, resolver); + const finalQuery = {...baseQuery, ...authQuery}; + return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + } catch (err){ log.error(err.message); } } ... } @@ -122,49 +135,49 @@ this.auth is generated by the @authorize directive. You can see, the directive a ```javascript import log from '../server/logger'; import DataLoader from 'dataloader'; -import { findByIds, queryForRoles } from '../server/authorize'; +import { findByIds, queryForRoles, fieldContainsUserId } from '../server/authorize'; export default class Tweet { constructor(context) { this.context = context; this.collection = context.db.collection('tweet'); this.pubsub = context.pubsub; - this.loader = new DataLoader((ids, authQuery = {}) => findByIds(this.collection, ids, authQuery)); - this.auth = { - type: 'Tweet', - userRoles: { - create: ['admin'], - read: ['admin', 'world'], - readOne: ['admin', 'world'], - readMany: ['admin', 'world'], - update: ['admin'], - delete: ['admin'], - }, - docRoles: { - create: ['authorId'], - read: ['authorId', 'coauthorsIds'], - readOne: ['authorId', 'coauthorsIds'], - readMany: ['authorId', 'coauthorsIds'], - update: ['authorId', 'coauthorsIds'], - delete: ['authorId'], - }, - } + this.loaders = (_user = {}, resolver = '') => ({ + readOne: new DataLoader(ids => new Promise( async (resolve, reject) => { + try { + const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readOne', { User: this.context.User }, resolver); + const result = await findByIds(this.collection, ids, authQuery); + resolve(result); + } catch (err) { reject(err); } + })), + // readMany: new DataLoader(ids => new Promise( async (resolve, reject) => { + // try { + // const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readMany', { User: this.context.User }, resolver); + // const result = await findByIds(this.collection, ids, authQuery); + // resolve(result); + // } catch (err) { reject(err); } + // })), + }); } - findOneById(id) { - return this.loader.load(id); + async getOneById(id, _user = {}, resolver = 'tweet getOneById') { + try { + const result = await this.loaders(_user, resolver).readOne.load(id); + return result; + } catch (err) { log.error(err.message); } } - getOneById(id, _user = {}, resolver = 'getOneById') { - const authQuery = queryForRoles(_user, this.auth, 'readOne', { User: this.context.User }, {_id: id}, resolver); - return this.loader.load(id, authQuery); + all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = 'tweet all') { + try { + const baseQuery = { createdAt: { $gt: lastCreatedAt } }; + const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readMany', { User: this.context.User }, resolver); + const finalQuery = {...baseQuery, ...authQuery}; + return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + } catch (err){ log.error(err.message); } } - all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = 'all') { - const baseQuery = { createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, this.auth, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); - const finalQuery = {...baseQuery, ...authQuery}; - return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + author(tweet, _user, resolver = 'tweet author') { + return this.context.User.getOneById(tweet.authorId, _user, resolver); } ... } @@ -176,75 +189,68 @@ this.auth is generated by the @authorize directive. Here also with field authori ```javascript import log from '../server/logger'; import DataLoader from 'dataloader'; -import { findByIds, queryForRoles } from '../server/authorize'; +import { findByIds, queryForRoles, fieldContainsUserId } from '../server/authorize'; export default class User { constructor(context) { this.context = context; this.collection = context.db.collection('user'); this.pubsub = context.pubsub; - this.loader = new DataLoader((ids, authQuery = {}) => findByIds(this.collection, ids, authQuery)); - this.auth = { - type: 'User', - userRoles: { - create: ['admin'], - read: ['admin'], - readOne: ['admin'], - readMany: ['admin'], - update: ['admin'], - delete: ['admin'], - }, - docRoles: { - create: [], - read: [], - readOne: ['_id'], // == 'this' - readMany: [], - update: ['_id'], - delete: ['_id'], - }, - fields: [ - { - name: 'role', - userRoles: { - create: ['admin'], - read: ['admin'], - readOne: ['admin'], - readMany: ['admin'], - update: ['admin'], - delete: ['admin'], - }, - docRoles: { - create: [], - read: [], - readOne: ['_id'], // == 'this' - readMany: [], - update: [], - delete: ['_id'], - }, - } - ] - } + this._user = {}; + this.loaders = (_user = {}, resolver = '') => ({ + readOneWithoutAuth: new DataLoader(ids => new Promise( async (resolve, reject) => { + try { + const result = await findByIds(this.collection, ids, {}); + resolve(result); + } catch (err) { reject(err); } + })), + readOne: new DataLoader(ids => new Promise( async (resolve, reject) => { + try { + const authQuery = queryForRoles(_user, ['admin'], ['_id'], 'readOne', { User: this.context.User }, resolver); + const result = await findByIds(this.collection, ids, authQuery); + resolve(result); + } catch (err) { reject(err); } + })), + // readMany: new DataLoader(ids => new Promise( async (resolve, reject) => { + // try { + // const authQuery = queryForRoles(_user, ['admin'], [], 'readMany', { User: this.context.User }, resolver); + // const result = await findByIds(this.collection, ids, authQuery); + // resolve(result); + // } catch (err) { reject(err); } + // })), + }); } authRole(user){ return (user && user.role) ? user.role : ''; } - findOneById(id) { - return this.loader.load(id); + // used from server calls, without authorization checks, NOT for use in resolvers + async findOneById(id, _user = {}, resolver = 'user findOneById') { + try { + const result = await this.loaders(_user, resolver).readOneWithoutAuth.load(id); + return result; + } catch (err) { log.error(err.message); } } - getOneById(id, _user = {}, resolver = 'getOneById') { - const authQuery = queryForRoles(_user, this.auth, 'readOne', { User: this.context.User }, {_id: id}, resolver); - return this.loader.load(id, authQuery); + // used for api calls, with authorization checks, for use in resolvers + async getOneById(id, _user = {}, resolver = 'user getOneById') { + try { + const result = await this.loaders(_user, resolver).readOne.load(id); + return result; + } catch (err) { log.error(err.message); } } - all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = 'all') { - const baseQuery = { createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, this.auth, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); - const finalQuery = {...baseQuery, ...authQuery}; - return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = 'user all') { + try { + const baseQuery = { createdAt: { $gt: lastCreatedAt } }; + const authQuery = queryForRoles(_user, ['admin'], [], 'readMany', { User: this.context.User }, resolver); + const restrictedFields = (Object.keys(authQuery).length === 0) ? {} : { role: 0 }; + const finalQuery = {...baseQuery, ...authQuery}; + return this.collection.find(finalQuery).sort({ createdAt: 1 }).project(restrictedFields).limit(limit).toArray(); + } catch (err) { log.error(err.message); } } + ... } ``` @@ -255,16 +261,14 @@ This is an extended version of [mongo-find-by-ids](https://github.com/tmeasday/m The enhancement is only to provide an additional authQuery object, to extend the query to meet additional authorizations. ```javascript // enhanced version of tmeasday's findByIds plus authQuery handling -export function findByIds(collection, ids = [], authQuery = {}) { +export function findByIds(collection, ids = [], authQuery) { const baseQuery = { _id: { $in: ids } }; const finalQuery = {...baseQuery, ...authQuery}; - return collection.find(finalQuery) - .toArray() - .then((docs) => { - const idMap = {}; - docs.forEach((d) => { idMap[d._id] = d; }); - return ids.map(id => idMap[id]); - }); + return collection.find(finalQuery).toArray().then(docs => { + const idMap = {}; + docs.forEach(d => { idMap[d._id] = d; }); + return ids.map(id => idMap[id]); + }); } ``` @@ -273,32 +277,31 @@ Use function queryForRoles to generate an authQuery object. It expects the following arguments: ```javascript -// creates an authQuery object with additional query arguments, -// to implement authorization restrictions for mongodb access -export function queryForRoles(user = {}, auth = {}, mode = '', { User }, doc = {}, resolver = '') { +// creates an authQuery object with additional query arguments, to implement authorization restrictions for mongodb access +export function queryForRoles(user = {}, userRoles = [], docRoles = [], mode = '', { User }, resolver = '') { // Build query for the case: The logged in user's role is authorized - if (roleAuthorizedForDoc(user, auth, mode, { User }, doc, resolver)) { + if (roleAuthorizedForDoc(user, userRoles, docRoles, mode, { User }, resolver)) { return {}; // empty authQuery means, do operation with no access restrictions } // Build query for the case: The user is listed in any document field const query = { $or: [] }; - if (userAuthorizedForDoc(user, auth, mode, { User }, doc, resolver)){ - const docRoles = auth.docRoles[mode] || []; + if (loggedIn(user)){ docRoles.forEach(docRole => query.$or.push( { [docRole]: user._id } ) ); log.debug('authQuery:', JSON.stringify(query, null, 2)); - return query; + if (query.$or.length > 0) return query; } // Not Authorized - throw new Error(`Authorization: Not authorized to ${mode} ${auth.type} ${doc._id ? doc._id : ''}.`); + throw new Error(`Authorization: Not authorized to ${mode} in ${resolver}.`); } ``` It expects the following arguments with the meanings: * **user:** this is the logged in user object out of the resolver's context -* **auth:** this is the auth object in the model, which was generated by the @authorize directives in the .graphql file +* **userRoles:** an array with userRoles, which was generated by the @authorize directives in the .graphql file +* **docRoles:** an array with docRoles, which was generated by the @authorize directives in the .graphql file * **mode:** this is the current mode of operation: * **create:** insert a record to the database * **read:** read a record or many records from the database @@ -306,7 +309,7 @@ It expects the following arguments with the meanings: * **readMany:** read many records from the the database * **update:** update a record in the database * **delete:** remove a record from the database -* **doc:** the current document to be checked for authorizations +* **User:** User context to access the User model * **resolver:** this is a string with the resolver's name, optional, only for easier debugging ### function roleAuthorizedForDoc @@ -314,117 +317,80 @@ This helper function is used by queryForRoles, and decides, if a user gains the For example: If a user has a field "role" in his user document and it contains the value "admin". So it checks if a user's role is admin, and allows all operations for admins. ```javascript // returns true, if the user's role is authorized for a document -export function roleAuthorizedForDoc(user = {}, auth = {}, mode = '', { User }, doc = {}, resolver = ''){ - const userRoles = auth.userRoles[mode] || []; +export function roleAuthorizedForDoc(user = {}, userRoles = [], docRoles = [], mode = '', { User }, resolver = ''){ const role = User.authRole(user); - const fields = auth.fields || []; if ( userRoles.includes('world') || role && role !== '' && role !== '' && userRoles.length > 0 && userRoles.includes(role) ) { - let fieldsAuthorized = true; - - // check all fields with @authorize directives, if any of them is not allowed for the role - fields.forEach(field => { - // if this field is in the document, - if (doc[field.name]) { - const fieldUserRoles = field.userRoles[mode] || []; - //check if the user role doesn't allow this field - if ( fieldUserRoles.length === 0 || ! ( fieldUserRoles.includes(role) || fieldUserRoles.includes('world') ) ){ - fieldsAuthorized = false; - } - } - }); - - // only if all fields of the document are allowed for the role - if (fieldsAuthorized){ - log.debug(`${resolver} ${mode} with user ${user.username ? user.username : ''} for ${auth.type} and ${doc._id ? doc._id : ''}`); - return true; - } - + log.debug(`${resolver} ${mode} with user ${user.username ? user.username : ''} is authorized`); + return true; } return false; } ``` -### function userAuthorizedForDoc -This helper function is used by queryForRoles, and decides, if a user gains the authorization by its userId in the document role fields. For example if a document of type "Tweet" contains a field named "authorId", it checks if the logged in user's id is included in the field "authorId", if so, he gains control over all operations, which are allowed for the document role "author". It can be also more complicated, if you have an array field "coauthorsIds", which includes all userIds of all coauthors, then it checks, if the user is among the the coauthors, if so, it gains control over all coauthors operations. -```javascript -// returns true, if the user is authorized by a document role -export function userAuthorizedForDoc(user = {}, auth = {}, mode = '', { User }, doc = {}, resolver = ''){ - const docRoles = auth.docRoles[mode] || []; - const fields = auth.fields || []; - let userId; - let authorized = false; - - // document role checks work only with logged in user - if (!loggedIn(user)) return false; - userId = user._id.toString(); - - // check if any docRole leads to an authorization - docRoles.forEach(docRole => { - const docRoleField = doc[docRole]; - let fieldsAuthorized = true; - // check if the field for the docRole check is in the document, if not, it cannot be checked - if (docRoleField){ - // check if user is authorized for doc - if (fieldContainsUserId(docRoleField, userId)){ - - // check if user is authorized for the doc's fields - fields.forEach(field => { - const fieldDocRoles = field.docRoles[mode] || []; - // check if restricted field is in the current document, and if the current docRole is not in the docRole of the field - if (mode !== 'update' && doc[field.name] && !fieldDocRoles.includes(docRole)){ - fieldsAuthorized = false; - } - // check if doc contains a $set object, and this contains any of the fields, - // and if the current docRole is not in the docRole of the field - if (mode === 'update' && doc.$set && doc.$set[field.name] && !fieldDocRoles.includes(docRole)){ - fieldsAuthorized = false; - } - }); - - // only if the same role is authorized for the document and all fields, it is allowed - if (fieldsAuthorized){ - log.debug(`${resolver} ${mode} with user ${(user.username) ? user.username : ''} for ${auth.type} and docRole ${docRole} for doc with id: ${doc._id ? doc._id : ''}`); - authorized = true; - return true; - } - - } - } - }); - - return authorized; -} -``` - ### function fieldContainsUserId -This helper function is used by queryForRoles and checks, if the provided field of types: array, object or string contains the userId. +This helper function is used in the models and checks, if the provided field of types: array, object or string contains the userId. ```javascript // returns true, if a field of type array/object/string contains the userId export function fieldContainsUserId(docRoleField, userId) { - let userIdFound = false; + let found = false; + + // empty userId is not a valid userId + if (userId.toString() === '') return false; + + // handle a simple id field + if (docRoleField.toString() === userId.toString()){ + return true; + } - // handle an array of userIds + // handle an array if (_.isArray(docRoleField)){ - docRoleField.forEach(field => { - if (field.toString() === userId){ - userIdFound = true; - } + docRoleField.every(field => { + if (fieldContainsUserId(field, userId)) { + found = true; + return true; + } }); + if (found) return true; } - // handle a field with one userId, must be an object, if it is an ObjectId('') - if (_.isObject(docRoleField) && docRoleField.toString() === userId){ - userIdFound = true; - } + // handle an object + if (_.isObject(docRoleField)){ + Object.keys(docRoleField).every(field => { - // handle a field with just an userId String - if (_.isString(docRoleField) && docRoleField.toString() === userId){ - userIdFound = true; - } + // handle a field + if (docRoleField[field] && docRoleField[field].toString() === userId.toString()){ + found = true; + return true; + } - return userIdFound; + // handle an array + if (_.isArray(docRoleField[field])){ + docRoleField[field].every(innerField => { + if (fieldContainsUserId(innerField, userId)) { + found = true; + return true; + } + }) + if (found) return true; + } + + // handle an object + if (_.isObject(docRoleField[field])){ + Object.keys(docRoleField[field]).every(innerField => { + if (fieldContainsUserId(docRoleField[field][innerField], userId)) { + found = true; + return true; + } + }); + if (found) return true; + } + + }); + + } + return found; } ``` @@ -436,64 +402,67 @@ In the resolver interfaces, there are different objects: * the context object "_user", contains the current logged in user -if logged in-, which is provided from the server's passport implementation * the last argument in the resolver function is the resolver's name, which is optional and only to enhance the logging in debugging mode by additional information. If you have to analyze authorization outcomes, this helps a lot to figure out, which resolvers authorization rule fired. ```javascript -const resolvers = { - Tweet: { - id(tweet) { - return tweet._id; + const resolvers = { + User: { + id(user) { + return user._id; }, - author(tweet, args, { Tweet, _user }) { - return Tweet.author(tweet, _user, 'author'); + createdBy(user, args, { User, _user }) { + return User.createdBy(user, _user, 'createdBy'); }, - createdBy(tweet, args, { Tweet, _user }) { - return Tweet.createdBy(tweet, _user, 'createdBy'); + updatedBy(user, args, { User, _user }) { + return User.updatedBy(user, _user, 'updatedBy'); }, - updatedBy(tweet, args, { Tweet, _user }) { - return Tweet.updatedBy(tweet, _user, 'updatedBy'); + tweets(user, { minLikes, lastCreatedAt, limit }, { User, _user }) { + return User.tweets(user, { minLikes, lastCreatedAt, limit }, _user, 'tweets'); }, - coauthors(tweet, { lastCreatedAt, limit }, { Tweet, _user }) { - return Tweet.coauthors(tweet, { lastCreatedAt, limit }, _user, 'coauthors'); + liked(user, { lastCreatedAt, limit }, { User, _user }) { + return User.liked(user, { lastCreatedAt, limit }, _user, 'liked'); }, - likers(tweet, { lastCreatedAt, limit }, { Tweet, _user }) { - return Tweet.likers(tweet, { lastCreatedAt, limit }, _user, 'likers'); + following(user, { lastCreatedAt, limit }, { User, _user }) { + return User.following(user, { lastCreatedAt, limit }, _user, 'following'); + }, + + followers(user, { lastCreatedAt, limit }, { User, _user }) { + return User.followers(user, { lastCreatedAt, limit }, _user, 'followers'); }, }, Query: { - tweets(root, { lastCreatedAt, limit }, { Tweet, _user }) { - return Tweet.all({ lastCreatedAt, limit }, _user, 'tweets'); + users(root, { lastCreatedAt, limit }, { User, _user }) { + return User.all({ lastCreatedAt, limit }, _user, 'users'); }, - tweet(root, { id }, { Tweet, _user }) { - return Tweet.getOneById(id, _user, 'tweet'); + user(root, { id }, { User, _user }) { + return User.getOneById(id, _user, 'user'); }, }, Mutation: { - async createTweet(root, { input }, { Tweet, _user }) { - const id = await Tweet.insert(input, _user); - return Tweet.getOneById(id, _user, 'createTweet'); + async createUser(root, { input }, { User, _user }) { + return await User.insert(input, _user); }, - async updateTweet(root, { id, input }, { Tweet, _user }) { - await Tweet.updateById(id, input, _user); - return Tweet.getOneById(id, _user, 'updateTweet'); + async updateUser(root, { id, input }, { User, _user }) { + return await User.updateById(id, input, _user); }, - async removeTweet(root, { id }, { Tweet, _user }) { - return await Tweet.removeById(id, _user, 'removeTweet'); + async removeUser(root, { id }, { User, _user }) { + return await User.removeById(id, _user, 'removeUser'); }, }, Subscription: { - tweetCreated: tweet => tweet, - tweetUpdated: tweet => tweet, - tweetRemoved: id => id, + userCreated: user => user, + userUpdated: user => user, + userRemoved: id => id, }, }; export default resolvers; + ``` ### Testing diff --git a/test/output-app/model/Tweet.js b/test/output-app/model/Tweet.js index 4a3b166..2e936eb 100644 --- a/test/output-app/model/Tweet.js +++ b/test/output-app/model/Tweet.js @@ -1,141 +1,158 @@ import log from '../server/logger'; import DataLoader from 'dataloader'; -import { findByIds, queryForRoles } from '../server/authorize'; +import { findByIds, queryForRoles, fieldContainsUserId } from '../server/authorize'; export default class Tweet { constructor(context) { this.context = context; this.collection = context.db.collection('tweet'); this.pubsub = context.pubsub; - this.loader = new DataLoader((ids, authQuery = {}) => findByIds(this.collection, ids, authQuery)); - this.auth = { - type: 'Tweet', - userRoles: { - create: ['admin'], - read: ['admin', 'world'], - readOne: ['admin', 'world'], - readMany: ['admin', 'world'], - update: ['admin'], - delete: ['admin'], - }, - docRoles: { - create: ['authorId'], - read: ['authorId', 'coauthorsIds'], - readOne: ['authorId', 'coauthorsIds'], - readMany: ['authorId', 'coauthorsIds'], - update: ['authorId', 'coauthorsIds'], - delete: ['authorId'], - }, - } - } - - findOneById(id) { - return this.loader.load(id); + this.loaders = (_user = {}, resolver = '') => ({ + readOne: new DataLoader(ids => new Promise( async (resolve, reject) => { + try { + const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readOne', { User: this.context.User }, resolver); + const result = await findByIds(this.collection, ids, authQuery); + resolve(result); + } catch (err) { reject(err); } + })), + // readMany: new DataLoader(ids => new Promise( async (resolve, reject) => { + // try { + // const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readMany', { User: this.context.User }, resolver); + // const result = await findByIds(this.collection, ids, authQuery); + // resolve(result); + // } catch (err) { reject(err); } + // })), + }); } - getOneById(id, _user = {}, resolver = 'getOneById') { - const authQuery = queryForRoles(_user, this.auth, 'readOne', { User: this.context.User }, {_id: id}, resolver); - return this.loader.load(id, authQuery); + async getOneById(id, _user = {}, resolver = 'tweet getOneById') { + try { + const result = await this.loaders(_user, resolver).readOne.load(id); + return result; + } catch (err) { log.error(err.message); } } - all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = 'all') { - const baseQuery = { createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, this.auth, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); - const finalQuery = {...baseQuery, ...authQuery}; - return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = 'tweet all') { + try { + const baseQuery = { createdAt: { $gt: lastCreatedAt } }; + const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readMany', { User: this.context.User }, resolver); + const finalQuery = {...baseQuery, ...authQuery}; + return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + } catch (err){ log.error(err.message); } } - author(tweet, _user, resolver = 'author') { + author(tweet, _user, resolver = 'tweet author') { return this.context.User.getOneById(tweet.authorId, _user, resolver); } - createdBy(tweet, _user, resolver = 'createdBy') { + createdBy(tweet, _user, resolver = 'tweet createdBy') { return this.context.User.getOneById(tweet.createdById, _user, resolver); } - updatedBy(tweet, _user, resolver = 'updatedBy') { + updatedBy(tweet, _user, resolver = 'tweet updatedBy') { return this.context.User.getOneById(tweet.updatedById, _user, resolver); } - coauthors(tweet, { lastCreatedAt = 0, limit = 10 }, _user, resolver = 'coauthors') { - const baseQuery = {_id: { $in: tweet.coauthorsIds }, createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, this.context.User.auth, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); - const finalQuery = {...baseQuery, ...authQuery}; - return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + coauthors(tweet, { lastCreatedAt = 0, limit = 10 }, _user, resolver = 'tweet coauthors') { + try { + const baseQuery = {_id: { $in: tweet.coauthorsIds }, createdAt: { $gt: lastCreatedAt } }; + const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readMany', { User: this.context.User }, resolver); + const finalQuery = {...baseQuery, ...authQuery}; + return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + } catch (err){ log.error(err.message); } } - likers(tweet, { lastCreatedAt = 0, limit = 10 }, _user, resolver = 'likers') { - const baseQuery = {likedIds: tweet._id, createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, this.context.User.auth, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); - const finalQuery = {...baseQuery, ...authQuery}; - return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + likers(tweet, { lastCreatedAt = 0, limit = 10 }, _user, resolver = 'tweet likers') { + try { + const baseQuery = {likedIds: tweet._id, createdAt: { $gt: lastCreatedAt } }; + const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readMany', { User: this.context.User }, resolver); + const finalQuery = {...baseQuery, ...authQuery}; + return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + } catch (err){ log.error(err.message); } } - async insert(doc, _user, resolver = 'insert') { - let docToInsert = Object.assign({}, doc, { - createdAt: Date.now(), - updatedAt: Date.now(), - createdById: (_user && _user._id) ? _user._id : 'unknown', - updatedById: (_user && _user._id) ? _user._id : 'unknown', - }); + async insert(doc, _user, resolver = 'insert tweet') { + try { + let insertedDoc = null; + let docToInsert = Object.assign({}, doc, { + createdAt: Date.now(), + updatedAt: Date.now(), + createdById: (_user && _user._id) ? _user._id : 'unknown', + updatedById: (_user && _user._id) ? _user._id : 'unknown', + }); + + const authQuery = queryForRoles(_user, ['admin'], ['authorId'], 'create', { User: this.context.User }, resolver); + + const docRoleFields = ['authorId'].map(key => ({ [key]: docToInsert[key] }) ); + if (Object.keys(authQuery).length > 0 && !fieldContainsUserId(docRoleFields, _user._id)) { + throw new Error('Not authorized to insert tweet'); + } - const authQuery = queryForRoles(_user, this.auth, 'create', { User: this.context.User }, {_id: '', ...docToInsert}, resolver); - const id = (await this.collection.insertOne(docToInsert)).insertedId; - - if (id){ - log.debug(`inserted ${this.type} ${id}.`); - } else { - log.debug('insert failed for docToInsert:', JSON.stringify(docToInsert, null, 2)); - throw new Error(`insert not possible for ${this.type} ${id}.`); - } - - this.pubsub.publish('tweetInserted', await this.getOneById(id, _user, 'pubsub tweetInserted')); - return id; + const id = (await this.collection.insertOne(docToInsert)).insertedId; + if (!id) { + log.error('insert tweet failed for docToInsert:', JSON.stringify(docToInsert, null, 2)); + throw new Error(`insert tweet not possible for ${id}.`); + } + + log.debug(`inserted tweet ${id}.`); + insertedDoc = this.getOneById(id, _user, 'pubsub tweetInserted'); + this.pubsub.publish('tweetInserted', insertedDoc); + return insertedDoc; + + } catch (err){ log.error(err.message); } } - async updateById(id, doc, _user, resolver = 'updateById') { - // must get the record first, to capture all authorization relevant fields - const docBefore = await this.getOneById(id, _user, 'getOneById in updateById for docBefore'); - let docToUpdate = {$set: Object.assign({}, doc, { - updatedAt: Date.now(), - updatedById: (_user && _user._id) ? _user._id : 'unknown', - })}; - - const baseQuery = {_id: id}; - const authQuery = queryForRoles(_user, this.auth, 'update', { User: this.context.User }, {...docBefore, ...docToUpdate}, resolver); - const finalQuery = {...baseQuery, ...authQuery}; - const result = await this.collection.updateOne(finalQuery, docToUpdate); - - if (result.result.ok === 1 && result.result.n === 1){ - log.debug(`updated ${this.type} ${id}.`); - } else { - log.debug(`update failed finalQuery:`, JSON.stringify(finalQuery, null, 2)); - log.debug('update failed for docToUpdate:', JSON.stringify(docToUpdate, null, 2)); - throw new Error(`update not possible for ${this.type} ${id}.`); - } - - this.loader.clear(id); - this.pubsub.publish('tweetUpdated', await this.getOneById(id, _user, 'pubsub tweetUpdated')); - return result; + async updateById(id, doc, _user, resolver = 'update tweet') { + try { + let updatedDoc = null; + const docBefore = await this.getOneById(id, _user, 'tweet getOneById in updateById for docBefore'); + let docToUpdate = {$set: Object.assign({}, doc, { + updatedAt: Date.now(), + updatedById: (_user && _user._id) ? _user._id : 'unknown', + })}; + + const baseQuery = {_id: id}; + const authQuery = queryForRoles(_user, ['admin'], ['authorId', 'coauthorsIds'], 'update', { User: this.context.User }, resolver); + + const finalQuery = {...baseQuery, ...authQuery}; + const result = await this.collection.updateOne(finalQuery, docToUpdate); + if (result.result.ok !== 1 || result.result.n !== 1){ + log.error(`update tweet failed finalQuery:`, JSON.stringify(finalQuery, null, 2)); + log.error('update tweet failed for docToUpdate:', JSON.stringify(docToUpdate, null, 2)); + throw new Error(`update tweet not possible for ${id}.`); + } + + log.debug(`updated tweet ${id}.`); + this.loaders().readOne.clear(id); + // this.loaders().readMany.clear(id); + + updatedDoc = this.getOneById(id, _user, 'pubsub tweetUpdated'); + this.pubsub.publish('tweetUpdated', updatedDoc); + return updatedDoc; + + } catch (err){ log.error(err.message); } } - async removeById(id, _user, resolver = 'removeById') { - // must get the record first, to capture all authorization relevant fields - const docBefore = await this.getOneById(id, _user, 'getOneById in removeById for docBefore'); - const baseQuery = {_id: id}; - const authQuery = queryForRoles(_user, this.auth, 'delete', { User: this.context.User }, {...docBefore}, resolver); - const finalQuery = {...baseQuery, ...authQuery}; - const result = await this.collection.remove(finalQuery); - - if (result.result.ok === 1 && result.result.n === 1){ - log.info(`removed ${this.type} ${id}.`); - } else { - log.debug(`remove failed for finalQuery:`, JSON.stringify(finalQuery, null, 2)); - throw new Error(`remove not possible for ${this.type} ${id}.`); - } - - this.loader.clear(id); - this.pubsub.publish('tweetRemoved', id); - return result; + async removeById(id, _user, resolver = 'remove tweet') { + try { + const docBefore = this.getOneById(id, _user, 'tweet getOneById in removeById for docBefore'); + const baseQuery = {_id: id}; + const authQuery = queryForRoles(_user, ['admin'], ['authorId'], 'delete', { User: this.context.User }, resolver); + const finalQuery = {...baseQuery, ...authQuery}; + const result = await this.collection.remove(finalQuery); + + if (result.result.ok !== 1 || result.result.n !== 1){ + log.error(`remove tweet failed for finalQuery:`, JSON.stringify(finalQuery, null, 2)); + throw new Error(`remove tweet not possible for ${id}.`); + } + + log.debug(`removed tweet ${id}.`); + this.loaders().readOne.clear(id); + // this.loaders().readMany.clear(id); + + this.pubsub.publish('tweetRemoved', id); + return result; + + } catch (err){ log.error(err.message); } } } diff --git a/test/output-app/model/User.js b/test/output-app/model/User.js index 55a6ccc..4e8392f 100644 --- a/test/output-app/model/User.js +++ b/test/output-app/model/User.js @@ -1,188 +1,212 @@ import log from '../server/logger'; import DataLoader from 'dataloader'; -import { findByIds, queryForRoles } from '../server/authorize'; +import { findByIds, queryForRoles, fieldContainsUserId } from '../server/authorize'; export default class User { constructor(context) { this.context = context; this.collection = context.db.collection('user'); this.pubsub = context.pubsub; - this.loader = new DataLoader((ids, authQuery = {}) => findByIds(this.collection, ids, authQuery)); - this.auth = { - type: 'User', - userRoles: { - create: ['admin'], - read: ['admin'], - readOne: ['admin'], - readMany: ['admin'], - update: ['admin'], - delete: ['admin'], - }, - docRoles: { - create: [], - read: [], - readOne: ['_id'], // == 'this' - readMany: [], - update: ['_id'], - delete: ['_id'], - }, - fields: [ - { - name: 'role', - userRoles: { - create: ['admin'], - read: ['admin'], - readOne: ['admin'], - readMany: ['admin'], - update: ['admin'], - delete: ['admin'], - }, - docRoles: { - create: [], - read: [], - readOne: ['_id'], // == 'this' - readMany: [], - update: [], - delete: ['_id'], - }, - } - ] - } + this._user = {}; + this.loaders = (_user = {}, resolver = '') => ({ + readOneWithoutAuth: new DataLoader(ids => new Promise( async (resolve, reject) => { + try { + const result = await findByIds(this.collection, ids, {}); + resolve(result); + } catch (err) { reject(err); } + })), + readOne: new DataLoader(ids => new Promise( async (resolve, reject) => { + try { + const authQuery = queryForRoles(_user, ['admin'], ['_id'], 'readOne', { User: this.context.User }, resolver); + const result = await findByIds(this.collection, ids, authQuery); + resolve(result); + } catch (err) { reject(err); } + })), + // readMany: new DataLoader(ids => new Promise( async (resolve, reject) => { + // try { + // const authQuery = queryForRoles(_user, ['admin'], [], 'readMany', { User: this.context.User }, resolver); + // const result = await findByIds(this.collection, ids, authQuery); + // resolve(result); + // } catch (err) { reject(err); } + // })), + }); } authRole(user){ return (user && user.role) ? user.role : ''; } - findOneById(id) { - return this.loader.load(id); + // used from server calls, without authorization checks, NOT for use in resolvers + async findOneById(id, _user = {}, resolver = 'user findOneById') { + try { + const result = await this.loaders(_user, resolver).readOneWithoutAuth.load(id); + return result; + } catch (err) { log.error(err.message); } } - getOneById(id, _user = {}, resolver = 'getOneById') { - const authQuery = queryForRoles(_user, this.auth, 'readOne', { User: this.context.User }, {_id: id}, resolver); - return this.loader.load(id, authQuery); + // used for api calls, with authorization checks, for use in resolvers + async getOneById(id, _user = {}, resolver = 'user getOneById') { + try { + const result = await this.loaders(_user, resolver).readOne.load(id); + return result; + } catch (err) { log.error(err.message); } } - all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = 'all') { - const baseQuery = { createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, this.auth, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); - const finalQuery = {...baseQuery, ...authQuery}; - return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = 'user all') { + try { + const baseQuery = { createdAt: { $gt: lastCreatedAt } }; + const authQuery = queryForRoles(_user, ['admin'], [], 'readMany', { User: this.context.User }, resolver); + const restrictedFields = (Object.keys(authQuery).length === 0) ? {} : { role: 0 }; + const finalQuery = {...baseQuery, ...authQuery}; + return this.collection.find(finalQuery).sort({ createdAt: 1 }).project(restrictedFields).limit(limit).toArray(); + } catch (err) { log.error(err.message); } } - tweets(user, { minLikes, lastCreatedAt = 0, limit = 10 }, _user, resolver = 'tweets') { - const baseQuery = { - authorId: user._id, - createdAt: { $gt: lastCreatedAt }, - }; - const authQuery = queryForRoles(_user, this.context.Tweet.auth, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); - const finalQuery = {...baseQuery, ...authQuery}; - return this.context.Tweet.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + tweets(user, { minLikes, lastCreatedAt = 0, limit = 10 }, _user, resolver = 'user tweets') { + try { + const baseQuery = { + authorId: user._id, + createdAt: { $gt: lastCreatedAt }, + }; + const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readMany', { User: this.context.User }, resolver); + const finalQuery = {...baseQuery, ...authQuery}; + return this.context.Tweet.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + } catch (err) { log.error(err.message); } } - liked(user, { lastCreatedAt = 0, limit = 10 }, _user, resolver = 'liked') { - const baseQuery = { - _id: { $in: user.likedIds }, - createdAt: { $gt: lastCreatedAt }, - }; - const authQuery = queryForRoles(_user, this.context.Tweet.auth, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); - const finalQuery = {...baseQuery, ...authQuery}; - return this.context.Tweet.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + liked(user, { lastCreatedAt = 0, limit = 10 }, _user, resolver = 'user liked') { + try { + const baseQuery = { + _id: { $in: user.likedIds }, + createdAt: { $gt: lastCreatedAt }, + }; + const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readMany', { User: this.context.User }, resolver); + const finalQuery = {...baseQuery, ...authQuery}; + return this.context.Tweet.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + } catch (err) { log.error(err.message); } } - following(user, { lastCreatedAt = 0, limit = 10 }, _user, resolver = 'following') { - const baseQuery = { - _id: { $in: user.followingIds || [] }, - createdAt: { $gt: lastCreatedAt }, - }; - const authQuery = queryForRoles(_user, this.auth, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); - const finalQuery = {...baseQuery, ...authQuery}; - return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + following(user, { lastCreatedAt = 0, limit = 10 }, _user, resolver = 'user following') { + try { + const baseQuery = { + _id: { $in: user.followingIds || [] }, + createdAt: { $gt: lastCreatedAt }, + }; + const authQuery = queryForRoles(_user, ['admin'], [], 'readMany', { User: this.context.User }, resolver); + const restrictedFields = (Object.keys(authQuery).length === 0) ? {} : { role: 0 }; + const finalQuery = {...baseQuery, ...authQuery}; + return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).project(restrictedFields).limit(limit).toArray(); + } catch (err) { log.error(err.message); } } - followers(user, { lastCreatedAt = 0, limit = 10 }, _user, resolver = 'followers') { - const baseQuery = { - followingIds: user._id, - createdAt: { $gt: lastCreatedAt }, - }; - const authQuery = queryForRoles(_user, this.auth, 'readMany', { User: this.context.User }, {_id: 'all'}, resolver); - const finalQuery = {...baseQuery, ...authQuery}; - return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + followers(user, { lastCreatedAt = 0, limit = 10 }, _user, resolver = 'user followers') { + try { + const baseQuery = { + followingIds: user._id, + createdAt: { $gt: lastCreatedAt }, + }; + const authQuery = queryForRoles(_user, ['admin'], [], 'readMany', { User: this.context.User }, resolver); + const restrictedFields = (Object.keys(authQuery).length === 0) ? {} : { role: 0 }; + const finalQuery = {...baseQuery, ...authQuery}; + return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).project(restrictedFields).limit(limit).toArray(); + } catch (err) { log.error(err.message); } } - createdBy(user, _user, resolver = 'createdBy') { + createdBy(user, _user, resolver = 'user createdBy') { return this.context.User.getOneById(user.createdById, _user, resolver); } - updatedBy(user, _user, resolver = 'updatedBy') { + updatedBy(user, _user, resolver = 'user updatedBy') { return this.context.User.getOneById(user.updatedById, _user, resolver); } - async insert(doc, _user, resolver = 'insert') { - let docToInsert = Object.assign({}, doc, { - createdAt: Date.now(), - updatedAt: Date.now(), - createdById: (_user && _user._id) ? _user._id : 'unknown', - updatedById: (_user && _user._id) ? _user._id : 'unknown', - }); - - const authQuery = queryForRoles(_user, this.auth, 'create', { User: this.context.User }, {_id: '', ...docToInsert}, resolver); - const id = (await this.collection.insertOne(docToInsert)).insertedId; - - if (id){ - log.debug(`inserted ${this.type} ${id}.`); - } else { - log.debug('insert failed for docToInsert:', JSON.stringify(docToInsert, null, 2)); - throw new Error(`insert not possible for ${this.type} ${id}.`); - } - - this.pubsub.publish('userInserted', await this.getOneById(id, _user, 'pubsub userInserted')); - return id; + async insert(doc, _user, resolver = 'insert user') { + try { + let insertedDoc = null; + let docToInsert = Object.assign({}, doc, { + createdAt: Date.now(), + updatedAt: Date.now(), + createdById: (_user && _user._id) ? _user._id : 'unknown', + updatedById: (_user && _user._id) ? _user._id : 'unknown', + }); + + const authQuery = queryForRoles(_user, ['admin'], [], 'create', { User: this.context.User }, resolver); + + const docRoleFields = [].map(key => ({ [key]: docToInsert[key] }) ); + if (Object.keys(authQuery).length > 0 && !fieldContainsUserId(docRoleFields, _user._id)) { + throw new Error('Not authorized to insert user'); + } + + const id = (await this.collection.insertOne(docToInsert)).insertedId; + if (!id) { + log.error('insert user failed for:', JSON.stringify(docToInsert, null, 2)); + throw new Error(`insert user not possible for user ${id}.`); + } + + log.debug(`inserted user ${id}.`); + insertedDoc = this.getOneById(id, _user, 'pubsub userInserted'); + this.pubsub.publish('userInserted', insertedDoc); + return insertedDoc; + + } catch (err) { log.error(err.message); } } - async updateById(id, doc, _user, resolver = 'updateById') { - // must get the record first, to capture all authorization relevant fields - const docBefore = await this.getOneById(id, _user, 'getOneById in updateById for docBefore'); - let docToUpdate = {$set: Object.assign({}, doc, { - updatedAt: Date.now(), - updatedById: (_user && _user._id) ? _user._id : 'unknown', - })}; - - const baseQuery = {_id: id}; - const authQuery = queryForRoles(_user, this.auth, 'update', { User: this.context.User }, {...docBefore, ...docToUpdate}, resolver); - const finalQuery = {...baseQuery, ...authQuery}; - const result = await this.collection.updateOne(finalQuery, docToUpdate); - - if (result.result.ok === 1 && result.result.n === 1){ - log.debug(`updated ${this.type} ${id}.`); - } else { - log.debug(`update failed finalQuery:`, JSON.stringify(finalQuery, null, 2)); - log.debug('update failed for docToUpdate:', JSON.stringify(docToUpdate, null, 2)); - throw new Error(`update not possible for ${this.type} ${id}.`); - } - - this.loader.clear(id); - this.pubsub.publish('userUpdated', await this.getOneById(id, _user, 'pubsub userUpdated')); - return result; + async updateById(id, doc, _user, resolver = 'update user') { + try { + let updatedDoc = null; + const docBefore = await this.findOneById(id, _user, 'user findOneById in updateById for docBefore'); + let docToUpdate = {$set: Object.assign({}, doc, { + updatedAt: Date.now(), + updatedById: (_user && _user._id) ? _user._id : 'unknown', + })}; + + const baseQuery = {_id: id}; + const authQuery = queryForRoles(_user, ['admin'], ['_id'], 'update', { User: this.context.User }, resolver); + + if (doc['role'] && Object.keys(authQuery).length > 0) { + throw new Error('Not authorized to update field "role"'); + } + + const finalQuery = {...baseQuery, ...authQuery}; + const result = await this.collection.updateOne(finalQuery, docToUpdate); + if (result.result.ok !== 1){ + log.error(`update user failed finalQuery:`, JSON.stringify(finalQuery, null, 2)); + log.error('update user failed for docToUpdate:', JSON.stringify(docToUpdate, null, 2)); + throw new Error(`update user not possible for ${id}.`); + } + + log.debug(`updated user ${id}.`); + this.loaders().readOneWithoutAuth.clear(id); + this.loaders().readOne.clear(id); + // this.loaders().readMany.clear(id); + + updatedDoc = this.getOneById(id, _user, 'pubsub userUpdated') + this.pubsub.publish('userUpdated', updatedDoc); + return updatedDoc; + + } catch (err) { log.error(err.message); } } - async removeById(id, _user, resolver = 'removeById') { - // must get the record first, to capture all authorization relevant fields - const docBefore = await this.getOneById(id, _user, 'getOneById in removeById for docBefore'); - const baseQuery = {_id: id}; - const authQuery = queryForRoles(_user, this.auth, 'delete', { User: this.context.User }, {...docBefore}, resolver); - const finalQuery = {...baseQuery, ...authQuery}; - const result = await this.collection.remove(finalQuery); - - if (result.result.ok === 1 && result.result.n === 1){ - log.info(`removed ${this.type} ${id}.`); - } else { - log.debug(`remove failed for finalQuery:`, JSON.stringify(finalQuery, null, 2)); - throw new Error(`remove not possible for ${this.type} ${id}.`); - } - - this.loader.clear(id); - this.pubsub.publish('userRemoved', id); - return result; + async removeById(id, _user, resolver = 'remove user') { + try { + const docBefore = await this.findOneById(id, _user, 'user findOneById in removeById for docBefore'); + const baseQuery = {_id: id}; + const authQuery = queryForRoles(_user, ['admin'], ['_id'], 'delete', { User: this.context.User }, resolver); + const finalQuery = {...baseQuery, ...authQuery}; + const result = await this.collection.remove(finalQuery); + if (result.result.ok !== 1 || result.result.n !== 1){ + log.error(`remove user failed for finalQuery:`, JSON.stringify(finalQuery, null, 2)); + throw new Error(`remove user not possible for ${id}.`); + } + + log.debug(`removed user ${id}.`); + this.loaders().readOneWithoutAuth.clear(id); + this.loaders().readOne.clear(id); + // this.loaders().readMany.clear(id); + + this.pubsub.publish('userRemoved', id); + return result; + + } catch (err) { log.error(err.message); } } } diff --git a/test/output-app/resolvers/Tweet.js b/test/output-app/resolvers/Tweet.js index 187b61e..a8fb88c 100644 --- a/test/output-app/resolvers/Tweet.js +++ b/test/output-app/resolvers/Tweet.js @@ -35,13 +35,11 @@ const resolvers = { }, Mutation: { async createTweet(root, { input }, { Tweet, _user }) { - const id = await Tweet.insert(input, _user); - return Tweet.getOneById(id, _user, 'createTweet'); + return await Tweet.insert(input, _user); }, async updateTweet(root, { id, input }, { Tweet, _user }) { - await Tweet.updateById(id, input, _user); - return Tweet.getOneById(id, _user, 'updateTweet'); + return await Tweet.updateById(id, input, _user); }, async removeTweet(root, { id }, { Tweet, _user }) { diff --git a/test/output-app/resolvers/User.js b/test/output-app/resolvers/User.js index fd2c431..fa33f84 100644 --- a/test/output-app/resolvers/User.js +++ b/test/output-app/resolvers/User.js @@ -39,13 +39,11 @@ }, Mutation: { async createUser(root, { input }, { User, _user }) { - const id = await User.insert(input, _user); - return User.getOneById(id, _user, 'createUser'); + return await User.insert(input, _user); }, async updateUser(root, { id, input }, { User, _user }) { - await User.updateById(id, input, _user); - return User.getOneById(id, _user, 'updateUser'); + return await User.updateById(id, input, _user); }, async removeUser(root, { id }, { User, _user }) { diff --git a/test/output-app/server/authenticate.js b/test/output-app/server/authenticate.js index 3c37011..c09fdf6 100644 --- a/test/output-app/server/authenticate.js +++ b/test/output-app/server/authenticate.js @@ -4,6 +4,7 @@ import jwt from 'jwt-simple'; import { ObjectId } from 'mongodb'; import nodeify from 'nodeify'; import bcrypt from 'bcrypt'; +import log from '../server/logger'; const KEY = 'test-key'; diff --git a/test/output-app/server/authorize.js b/test/output-app/server/authorize.js index a1f5d44..32444e5 100644 --- a/test/output-app/server/authorize.js +++ b/test/output-app/server/authorize.js @@ -1,17 +1,14 @@ import _ from 'lodash'; import log from '../server/logger'; -// enhanced version of tmeasday's findByIds plus authQuery handling -export function findByIds(collection, ids = [], authQuery = {}) { +export function findByIds(collection, ids = [], authQuery) { const baseQuery = { _id: { $in: ids } }; const finalQuery = {...baseQuery, ...authQuery}; - return collection.find(finalQuery) - .toArray() - .then((docs) => { - const idMap = {}; - docs.forEach((d) => { idMap[d._id] = d; }); - return ids.map(id => idMap[id]); - }); + return collection.find(finalQuery).toArray().then(docs => { + const idMap = {}; + docs.forEach(d => { idMap[d._id] = d; }); + return ids.map(id => idMap[id]); + }); } // returns true, if user is logged in @@ -23,128 +20,94 @@ export function loggedIn(user) { } // creates an authQuery object with additional query arguments, to implement authorization restrictions for mongodb access -export function queryForRoles(user = {}, auth = {}, mode = '', { User }, doc = {}, resolver = '') { +export function queryForRoles(user = {}, userRoles = [], docRoles = [], mode = '', { User }, resolver = '') { // Build query for the case: The logged in user's role is authorized - if (roleAuthorizedForDoc(user, auth, mode, { User }, doc, resolver)) { + if (roleAuthorizedForDoc(user, userRoles, docRoles, mode, { User }, resolver)) { return {}; // empty authQuery means, do operation with no access restrictions } // Build query for the case: The user is listed in any document field const query = { $or: [] }; - if (userAuthorizedForDoc(user, auth, mode, { User }, doc, resolver)){ - const docRoles = auth.docRoles[mode] || []; + if (loggedIn(user)){ docRoles.forEach(docRole => query.$or.push( { [docRole]: user._id } ) ); log.debug('authQuery:', JSON.stringify(query, null, 2)); - return query; + if (query.$or.length > 0) return query; } // Not Authorized - throw new Error(`Authorization: Not authorized to ${mode} ${auth.type} ${doc._id ? doc._id : ''}.`); + throw new Error(`Authorization: Not authorized to ${mode} in ${resolver}.`); } // returns true, if the user's role is authorized for a document -export function roleAuthorizedForDoc(user = {}, auth = {}, mode = '', { User }, doc = {}, resolver = ''){ - const userRoles = auth.userRoles[mode] || []; +export function roleAuthorizedForDoc(user = {}, userRoles = [], docRoles = [], mode = '', { User }, resolver = ''){ const role = User.authRole(user); - const fields = auth.fields || []; if ( userRoles.includes('world') || role && role !== '' && role !== '' && userRoles.length > 0 && userRoles.includes(role) ) { - let fieldsAuthorized = true; - - // check all fields with @authorize directives, if any of them is not allowed for the role - fields.forEach(field => { - // if this field is in the document, - if (doc[field.name]) { - const fieldUserRoles = field.userRoles[mode] || []; - //check if the user role doesn't allow this field - if ( fieldUserRoles.length === 0 || ! ( fieldUserRoles.includes(role) || fieldUserRoles.includes('world') ) ){ - fieldsAuthorized = false; - } - } - }); - - // only if all fields of the document are allowed for the role - if (fieldsAuthorized){ - log.debug(`${resolver} ${mode} with user ${user.username ? user.username : ''} for ${auth.type} and ${doc._id ? doc._id : ''}`); - return true; - } - + log.debug(`${resolver} ${mode} with user ${user.username ? user.username : ''} is authorized`); + return true; } return false; } -// returns true, if the user is authorized by a document role -export function userAuthorizedForDoc(user = {}, auth = {}, mode = '', { User }, doc = {}, resolver = ''){ - const docRoles = auth.docRoles[mode] || []; - const fields = auth.fields || []; - let userId; - let authorized = false; - - // document role checks work only with logged in user - if (!loggedIn(user)) return false; - userId = user._id.toString(); - - // check if any docRole leads to an authorization - docRoles.forEach(docRole => { - const docRoleField = doc[docRole]; - let fieldsAuthorized = true; - // check if the field for the docRole check is in the document, if not, it cannot be checked - if (docRoleField){ - // check if user is authorized for doc - if (fieldContainsUserId(docRoleField, userId)){ - - // check if user is authorized for the doc's fields - fields.forEach(field => { - const fieldDocRoles = field.docRoles[mode] || []; - // check if restricted field is in the current document, and if the current docRole is not in the docRole of the field - if (mode !== 'update' && doc[field.name] && !fieldDocRoles.includes(docRole)){ - fieldsAuthorized = false; - } - // check if doc contains a $set object, and this contains any of the fields, - // and if the current docRole is not in the docRole of the field - if (mode === 'update' && doc.$set && doc.$set[field.name] && !fieldDocRoles.includes(docRole)){ - fieldsAuthorized = false; - } - }); - - // only if the same role is authorized for the document and all fields, it is allowed - if (fieldsAuthorized){ - log.debug(`${resolver} ${mode} with user ${(user.username) ? user.username : ''} for ${auth.type} and docRole ${docRole} for doc with id: ${doc._id ? doc._id : ''}`); - authorized = true; - return true; - } - - } - } - }); - - return authorized; -} - // returns true, if a field of type array/object/string contains the userId export function fieldContainsUserId(docRoleField, userId) { - let userIdFound = false; + let found = false; + + // empty userId is not a valid userId + if (userId.toString() === '') return false; + + // handle a simple id field + if (docRoleField.toString() === userId.toString()){ + return true; + } - // handle an array of userIds + // handle an array if (_.isArray(docRoleField)){ - docRoleField.forEach(field => { - if (field.toString() === userId){ - userIdFound = true; - } + docRoleField.every(field => { + if (fieldContainsUserId(field, userId)) { + found = true; + return true; + } }); + if (found) return true; } - // handle a field with one userId, must be an object, if it is an ObjectId('') - if (_.isObject(docRoleField) && docRoleField.toString() === userId){ - userIdFound = true; - } + // handle an object + if (_.isObject(docRoleField)){ + Object.keys(docRoleField).every(field => { - // handle a field with just an userId String - if (_.isString(docRoleField) && docRoleField.toString() === userId){ - userIdFound = true; - } + // handle a field + if (docRoleField[field] && docRoleField[field].toString() === userId.toString()){ + found = true; + return true; + } + + // handle an array + if (_.isArray(docRoleField[field])){ + docRoleField[field].every(innerField => { + if (fieldContainsUserId(innerField, userId)) { + found = true; + return true; + } + }) + if (found) return true; + } - return userIdFound; + // handle an object + if (_.isObject(docRoleField[field])){ + Object.keys(docRoleField[field]).every(innerField => { + if (fieldContainsUserId(docRoleField[field][innerField], userId)) { + found = true; + return true; + } + }); + if (found) return true; + } + + }); + + } + return found; } diff --git a/test/output-app/server/index.js b/test/output-app/server/index.js index e8a6c61..c9d452b 100644 --- a/test/output-app/server/index.js +++ b/test/output-app/server/index.js @@ -14,6 +14,7 @@ import typeDefs from '../schema'; import resolvers from '../resolvers'; import addModelsToContext from '../model'; import authenticate from './authenticate'; +import { parse, print } from 'graphql'; import { pubsub, subscriptionManager } from './subscriptions'; @@ -49,10 +50,15 @@ async function startServer() { graphqlExpress(() => { // Get the query, the same way express-graphql does it // https://github.com/graphql/express-graphql/blob/3fa6e68582d6d933d37fa9e841da5d2aa39261cd/src/index.js#L257 + const {variables, operationName} = req.body; + const {_id, username, role} = _user; const query = req.query.query || req.body.query; + log.debug('-'.repeat(80)); + log.debug(`Request:\nUser: "${(username) ? username: ''}", role: "${(role) ? role : ''}", id: "${(_id) ? _id : ''}",\nOperation: "${operationName ? operationName : ''}", variables: "${variables ? JSON.stringify(variables) : ''}",\nQuery:\n${print(parse(query))}`); if (query && query.length > 4000) { // None of our app's queries are this long // Probably indicates someone trying to send an overly expensive query + log.error('Query too large.'); throw new Error('Query too large.'); } return { diff --git a/test/output-app/server/logger.js b/test/output-app/server/logger.js index 5c9ced8..c29154a 100644 --- a/test/output-app/server/logger.js +++ b/test/output-app/server/logger.js @@ -2,24 +2,52 @@ import winston from 'winston'; winston.emitErrs = true; +const timestamp = function() { + return new Date(Date.now()).toLocaleString(); +}; + +const formatter = function(options) { + return options.timestamp() + + ' ' + + (options.level === 'error' ? ' ' + options.level.toUpperCase() : '' ) + + ' ' + + (options.message ? options.message : '') + + (options.meta && Object.keys(options.meta).length ? '\n\t'+ JSON.stringify(options.meta) : '' ) + ; +} + const logger = new winston.Logger({ transports: [ + // new winston.transports.File({ + // level: 'debug', + // filename: './server/logs/all-logs.log', + // handleExceptions: true, + // json: true, + // maxsize: 5242880, //5MB + // maxFiles: 5, + // colorize: false + // }), + new winston.transports.File({ - level: 'info', - filename: './server/logs/all-logs.log', + level: 'debug', + filename: './server/logs/all-logs-readable.log', handleExceptions: true, - json: true, + json: false, maxsize: 5242880, //5MB maxFiles: 5, - colorize: false + colorize: false, + timestamp: timestamp, + formatter: formatter }), new winston.transports.Console({ level: 'debug', handleExceptions: true, json: false, - colorize: true + colorize: true, + timestamp: timestamp, + formatter: formatter }) ], @@ -32,6 +60,6 @@ export default logger; export const stream = { write: function(message, encoding) { - logger.info(message); + // logger.debug(message); } }; diff --git a/test/output-app/server/logs/all-logs-readable.log b/test/output-app/server/logs/all-logs-readable.log new file mode 100644 index 0000000..08c8992 --- /dev/null +++ b/test/output-app/server/logs/all-logs-readable.log @@ -0,0 +1,16273 @@ +2017-07-09 19:45:44 -------------------------------------------------------------------------------- +2017-07-09 19:45:44 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + role + username + } +} + +2017-07-09 19:45:55 user readOne with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + role + username + } +} + +2017-07-09 19:45:55 user readOne with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca2") { + role + username + } +} + +2017-07-09 19:45:55 user readOne with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + id + username + bio + } +} + +2017-07-09 19:45:55 user readOne with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users { + username + createdAt + } +} + +2017-07-09 19:45:55 users readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(limit: 1) { + username + createdAt + } +} + +2017-07-09 19:45:55 users readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993) { + username + createdAt + } +} + +2017-07-09 19:45:55 users readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } +} + +2017-07-09 19:45:55 users readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers { + username + createdAt + } + } +} + +2017-07-09 19:45:55 user readOne with user stubailo is authorized +2017-07-09 19:45:55 followers readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 19:45:55 user readOne with user stubailo is authorized +2017-07-09 19:45:55 followers readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-07-09 19:45:55 user readOne with user stubailo is authorized +2017-07-09 19:45:55 followers readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 19:45:55 user readOne with user stubailo is authorized +2017-07-09 19:45:55 followers readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following { + username + createdAt + } + } +} + +2017-07-09 19:45:55 user readOne with user stubailo is authorized +2017-07-09 19:45:55 following readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 19:45:55 user readOne with user stubailo is authorized +2017-07-09 19:45:55 following readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-07-09 19:45:55 user readOne with user stubailo is authorized +2017-07-09 19:45:55 following readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 19:45:55 user readOne with user stubailo is authorized +2017-07-09 19:45:55 following readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets { + id + createdAt + } + } +} + +2017-07-09 19:45:55 user readOne with user stubailo is authorized +2017-07-09 19:45:55 tweets readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(limit: 1) { + id + createdAt + } + } +} + +2017-07-09 19:45:55 user readOne with user stubailo is authorized +2017-07-09 19:45:55 tweets readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } + } +} + +2017-07-09 19:45:55 user readOne with user stubailo is authorized +2017-07-09 19:45:55 tweets readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } + } +} + +2017-07-09 19:45:55 user readOne with user stubailo is authorized +2017-07-09 19:45:55 tweets readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked { + id + createdAt + } + } +} + +2017-07-09 19:45:55 user readOne with user stubailo is authorized +2017-07-09 19:45:55 liked readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(limit: 1) { + id + createdAt + } + } +} + +2017-07-09 19:45:55 user readOne with user stubailo is authorized +2017-07-09 19:45:55 liked readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334) { + id + createdAt + } + } +} + +2017-07-09 19:45:55 user readOne with user stubailo is authorized +2017-07-09 19:45:55 liked readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334, limit: 1) { + id + createdAt + } + } +} + +2017-07-09 19:45:55 user readOne with user stubailo is authorized +2017-07-09 19:45:55 liked readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + id + body + } +} + +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + author { + username + } + } +} + +2017-07-09 19:45:55 tweet readOne with user stubailo is authorized +2017-07-09 19:45:55 tweet readOne with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets { + id + createdAt + } +} + +2017-07-09 19:45:55 tweets readMany with user stubailo is authorized +2017-07-09 19:45:55 author readOne with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(limit: 1) { + id + createdAt + } +} + +2017-07-09 19:45:55 tweets readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } +} + +2017-07-09 19:45:55 tweets readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } +} + +2017-07-09 19:45:55 tweets readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers { + username + createdAt + } + } +} + +2017-07-09 19:45:55 tweet readOne with user stubailo is authorized +2017-07-09 19:45:55 likers readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 19:45:55 tweet readOne with user stubailo is authorized +2017-07-09 19:45:55 likers readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993) { + username + createdAt + } + } +} + +2017-07-09 19:45:55 tweet readOne with user stubailo is authorized +2017-07-09 19:45:55 likers readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 19:45:55 tweet readOne with user stubailo is authorized +2017-07-09 19:45:55 likers readMany with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { + id + role + } +} + +2017-07-09 19:45:55 insert user create with user stubailo is authorized +2017-07-09 19:45:55 inserted user 59626bd3381b9493f5a80a90. +2017-07-09 19:45:55 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-07-09 19:45:55 insert user create with user tobkle is authorized +2017-07-09 19:45:55 inserted user 59626bd3381b9493f5a80a91. +2017-07-09 19:45:55 pubsub userInserted readOne with user tobkle is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", +Operation: "", variables: "", +Query: +{ + user(id: "59626bd3381b9493f5a80a91") { + username + bio + role + } +} + +2017-07-09 19:45:55 user readOne with user tobkle is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", +Operation: "", variables: "", +Query: +{ + user(id: "59626bd3381b9493f5a80a90") { + username + role + } +} + +2017-07-09 19:45:55 user readOne with user tobkle is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59626bd3381b9493f5a80a91", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-07-09 19:45:55 update user update with user tobkle is authorized +2017-07-09 19:45:55 updated user 59626bd3381b9493f5a80a91. +2017-07-09 19:45:55 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59626bd3381b9493f5a80a90", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 19:45:55 update user update with user tobkle is authorized +2017-07-09 19:45:55 updated user 59626bd3381b9493f5a80a90. +2017-07-09 19:45:55 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59626bd3381b9493f5a80a91", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 19:45:55 update user update with user tobkle is authorized +2017-07-09 19:45:55 updated user 59626bd3381b9493f5a80a91. +2017-07-09 19:45:55 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59626bd3381b9493f5a80a90", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-07-09 19:45:55 update user update with user tobkle is authorized +2017-07-09 19:45:55 updated user 59626bd3381b9493f5a80a90. +2017-07-09 19:45:55 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "tobkle", role: "editor", id: "59626bd3381b9493f5a80a90", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59626bd3381b9493f5a80a90", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 19:45:55 authQuery: { + "$or": [ + { + "_id": "59626bd3381b9493f5a80a90" + } + ] +} +2017-07-09 19:45:55 ERROR Not authorized to update field "role" +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "zoltan", role: "admin", id: "59626bd3381b9493f5a80a91", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59626bd3381b9493f5a80a90", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 19:45:55 update user update with user zoltan is authorized +2017-07-09 19:45:55 updated user 59626bd3381b9493f5a80a90. +2017-07-09 19:45:55 pubsub userUpdated readOne with user zoltan is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59626bd3381b9493f5a80a91") +} + +2017-07-09 19:45:55 removeUser delete with user tobkle is authorized +2017-07-09 19:45:55 removed user 59626bd3381b9493f5a80a91. +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59626bd3381b9493f5a80a90", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 19:45:55 insert tweet create with user tobkle is authorized +2017-07-09 19:45:55 inserted tweet 59626bd3381b9493f5a80a92. +2017-07-09 19:45:55 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", +Operation: "", variables: "", +Query: +{ + tweet(id: "59626bd3381b9493f5a80a92") { + author { + id + } + body + } +} + +2017-07-09 19:45:55 tweet readOne with user tobkle is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 19:45:55 insert tweet create with user tobkle is authorized +2017-07-09 19:45:55 author readOne with user tobkle is authorized +2017-07-09 19:45:55 inserted tweet 59626bd3381b9493f5a80a93. +2017-07-09 19:45:55 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 19:45:55 tweet readOne with user tobkle is authorized +2017-07-09 19:45:55 author readOne with user tobkle is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59626bd3381b9493f5a80a92", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 19:45:55 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 19:45:55 update tweet update with user tobkle is authorized +2017-07-09 19:45:55 updated tweet 59626bd3381b9493f5a80a92. +2017-07-09 19:45:55 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59626bd3381b9493f5a80a93", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 19:45:55 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 19:45:55 update tweet update with user tobkle is authorized +2017-07-09 19:45:55 updated tweet 59626bd3381b9493f5a80a93. +2017-07-09 19:45:55 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", +Operation: "", variables: "", +Query: +{ + tweet(id: "59626bd3381b9493f5a80a92") { + body + } +} + +2017-07-09 19:45:55 tweet readOne with user tobkle is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59626bd3381b9493f5a80a92") +} + +2017-07-09 19:45:55 removeTweet delete with user tobkle is authorized +2017-07-09 19:45:55 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 19:45:55 removed tweet 59626bd3381b9493f5a80a92. +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59626bd3381b9493f5a80a93") +} + +2017-07-09 19:45:55 removeTweet delete with user tobkle is authorized +2017-07-09 19:45:55 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 19:45:55 removed tweet 59626bd3381b9493f5a80a93. +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", +Operation: "", variables: "", +Query: +{ + tweet(id: "59626bd3381b9493f5a80a92") { + body + } +} + +2017-07-09 19:45:55 tweet readOne with user tobkle is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59626bd3381b9493f5a80a90") +} + +2017-07-09 19:45:55 removeUser delete with user tobkle is authorized +2017-07-09 19:45:55 removed user 59626bd3381b9493f5a80a90. +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59626bd3381b9493f5a80a90") { + username + bio + role + } +} + +2017-07-09 19:45:55 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-07-09 19:45:55 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 19:45:55 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 19:45:55 ERROR Authorization: Not authorized to update in update user. +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 19:45:55 ERROR Authorization: Not authorized to delete in removeUser. +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 19:45:55 ERROR Authorization: Not authorized to create in insert tweet. +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 19:45:55 tweet readOne with user is authorized +2017-07-09 19:45:55 ERROR Authorization: Not authorized to readOne in author. +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 19:45:55 tweet getOneById in updateById for docBefore readOne with user is authorized +2017-07-09 19:45:55 ERROR Authorization: Not authorized to update in update tweet. +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 19:45:55 tweet getOneById in updateById for docBefore readOne with user is authorized +2017-07-09 19:45:55 ERROR Authorization: Not authorized to update in update tweet. +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 19:45:55 ERROR Authorization: Not authorized to delete in removeTweet. +2017-07-09 19:45:55 tweet getOneById in removeById for docBefore readOne with user is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { + id + role + } +} + +2017-07-09 19:45:55 insert user create with user stubailo is authorized +2017-07-09 19:45:55 inserted user 59626bd3381b9493f5a80a94. +2017-07-09 19:45:55 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-07-09 19:45:55 authQuery: { + "$or": [] +} +2017-07-09 19:45:55 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 19:45:55 authQuery: { + "$or": [ + { + "_id": "59626bd3381b9493f5a80a94" + } + ] +} +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", +Operation: "", variables: "", +Query: +{ + user(id: "59626bd3381b9493f5a80a94") { + username + } +} + +2017-07-09 19:45:55 authQuery: { + "$or": [ + { + "_id": "59626bd3381b9493f5a80a94" + } + ] +} +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", +Operation: "", variables: "", +Query: +{ + user(id: "59626bd3381b9493f5a80a94") { + username + role + } +} + +2017-07-09 19:45:55 authQuery: { + "$or": [ + { + "_id": "59626bd3381b9493f5a80a94" + } + ] +} +2017-07-09 19:45:55 -------------------------------------------------------------------------------- +2017-07-09 19:45:55 Request: +User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 19:45:55 authQuery: { + "$or": [ + { + "_id": "59626bd3381b9493f5a80a94" + } + ] +} +2017-07-09 19:45:55 ERROR Not authorized to update user +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59626bd3381b9493f5a80a94", input: {username: "tobkle", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "_id": "59626bd3381b9493f5a80a94" + } + ] +} +2017-07-09 19:45:56 updated user 59626bd3381b9493f5a80a94. +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "_id": "59626bd3381b9493f5a80a94" + } + ] +} +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59626bd3381b9493f5a80a94", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "_id": "59626bd3381b9493f5a80a94" + } + ] +} +2017-07-09 19:45:56 ERROR Not authorized to update field "role" +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "_id": "59626bd3381b9493f5a80a94" + } + ] +} +2017-07-09 19:45:56 ERROR remove user failed for finalQuery: { + "_id": "583291a1638566b3c5a92ca1", + "$or": [ + { + "_id": "59626bd3381b9493f5a80a94" + } + ] +} +2017-07-09 19:45:56 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59626bd3381b9493f5a80a94", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "authorId": "59626bd3381b9493f5a80a94" + } + ] +} +2017-07-09 19:45:56 inserted tweet 59626bd4381b9493f5a80a95. +2017-07-09 19:45:56 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "authorId": "59626bd3381b9493f5a80a94" + } + ] +} +2017-07-09 19:45:56 ERROR Not authorized to insert tweet +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", +Operation: "", variables: "", +Query: +{ + tweet(id: "59626bd4381b9493f5a80a95") { + author { + id + } + body + } +} + +2017-07-09 19:45:56 tweet readOne with user tobkle is authorized +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "_id": "59626bd3381b9493f5a80a94" + } + ] +} +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 19:45:56 tweet readOne with user tobkle is authorized +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "_id": "59626bd3381b9493f5a80a94" + } + ] +} +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59626bd4381b9493f5a80a95", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 19:45:56 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "authorId": "59626bd3381b9493f5a80a94" + }, + { + "coauthorsIds": "59626bd3381b9493f5a80a94" + } + ] +} +2017-07-09 19:45:56 updated tweet 59626bd4381b9493f5a80a95. +2017-07-09 19:45:56 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 19:45:56 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "authorId": "59626bd3381b9493f5a80a94" + }, + { + "coauthorsIds": "59626bd3381b9493f5a80a94" + } + ] +} +2017-07-09 19:45:56 ERROR Not authorized to update tweet +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", +Operation: "", variables: "", +Query: +{ + tweet(id: "59626bd4381b9493f5a80a95") { + body + } +} + +2017-07-09 19:45:56 tweet readOne with user tobkle is authorized +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59626bd4381b9493f5a80a95") +} + +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "authorId": "59626bd3381b9493f5a80a94" + } + ] +} +2017-07-09 19:45:56 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 19:45:56 removed tweet 59626bd4381b9493f5a80a95. +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "authorId": "59626bd3381b9493f5a80a94" + } + ] +} +2017-07-09 19:45:56 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 19:45:56 ERROR remove tweet failed for finalQuery: { + "_id": "583676d3618530145474e352", + "$or": [ + { + "authorId": "59626bd3381b9493f5a80a94" + } + ] +} +2017-07-09 19:45:56 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", +Operation: "", variables: "", +Query: +{ + tweet(id: "59626bd4381b9493f5a80a95") { + body + } +} + +2017-07-09 19:45:56 tweet readOne with user tobkle is authorized +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59626bd3381b9493f5a80a94") +} + +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "_id": "59626bd3381b9493f5a80a94" + } + ] +} +2017-07-09 19:45:56 removed user 59626bd3381b9493f5a80a94. +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59626bd3381b9493f5a80a94") { + username + bio + role + } +} + +2017-07-09 19:45:56 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { + id + role + } +} + +2017-07-09 19:45:56 insert user create with user stubailo is authorized +2017-07-09 19:45:56 inserted user 59626bd4381b9493f5a80a96. +2017-07-09 19:45:56 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tobkle", role: "editor", id: "59626bd4381b9493f5a80a96", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-07-09 19:45:56 authQuery: { + "$or": [] +} +2017-07-09 19:45:56 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tobkle", role: "editor", id: "59626bd4381b9493f5a80a96", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "_id": "59626bd4381b9493f5a80a96" + } + ] +} +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tobkle", role: "editor", id: "59626bd4381b9493f5a80a96", +Operation: "", variables: "", +Query: +{ + user(id: "59626bd4381b9493f5a80a96") { + username + role + } +} + +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "_id": "59626bd4381b9493f5a80a96" + } + ] +} +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tobkle", role: "editor", id: "59626bd4381b9493f5a80a96", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "_id": "59626bd4381b9493f5a80a96" + } + ] +} +2017-07-09 19:45:56 ERROR Not authorized to update user +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tobkle", role: "editor", id: "59626bd4381b9493f5a80a96", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59626bd4381b9493f5a80a96", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "_id": "59626bd4381b9493f5a80a96" + } + ] +} +2017-07-09 19:45:56 updated user 59626bd4381b9493f5a80a96. +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "_id": "59626bd4381b9493f5a80a96" + } + ] +} +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tmeasday", role: "editor", id: "59626bd4381b9493f5a80a96", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59626bd4381b9493f5a80a96", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "_id": "59626bd4381b9493f5a80a96" + } + ] +} +2017-07-09 19:45:56 ERROR Not authorized to update field "role" +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tmeasday", role: "editor", id: "59626bd4381b9493f5a80a96", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "_id": "59626bd4381b9493f5a80a96" + } + ] +} +2017-07-09 19:45:56 ERROR remove user failed for finalQuery: { + "_id": "583291a1638566b3c5a92ca1", + "$or": [ + { + "_id": "59626bd4381b9493f5a80a96" + } + ] +} +2017-07-09 19:45:56 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tmeasday", role: "editor", id: "59626bd4381b9493f5a80a96", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59626bd4381b9493f5a80a96", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "authorId": "59626bd4381b9493f5a80a96" + } + ] +} +2017-07-09 19:45:56 inserted tweet 59626bd4381b9493f5a80a97. +2017-07-09 19:45:56 pubsub tweetInserted readOne with user tmeasday is authorized +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tmeasday", role: "editor", id: "59626bd4381b9493f5a80a96", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "authorId": "59626bd4381b9493f5a80a96" + } + ] +} +2017-07-09 19:45:56 ERROR Not authorized to insert tweet +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tmeasday", role: "editor", id: "59626bd4381b9493f5a80a96", +Operation: "", variables: "", +Query: +{ + tweet(id: "59626bd4381b9493f5a80a97") { + author { + id + } + body + } +} + +2017-07-09 19:45:56 tweet readOne with user tmeasday is authorized +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "_id": "59626bd4381b9493f5a80a96" + } + ] +} +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tmeasday", role: "editor", id: "59626bd4381b9493f5a80a96", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 19:45:56 tweet readOne with user tmeasday is authorized +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "_id": "59626bd4381b9493f5a80a96" + } + ] +} +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tmeasday", role: "editor", id: "59626bd4381b9493f5a80a96", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59626bd4381b9493f5a80a97", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 19:45:56 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "authorId": "59626bd4381b9493f5a80a96" + }, + { + "coauthorsIds": "59626bd4381b9493f5a80a96" + } + ] +} +2017-07-09 19:45:56 updated tweet 59626bd4381b9493f5a80a97. +2017-07-09 19:45:56 pubsub tweetUpdated readOne with user tmeasday is authorized +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tmeasday", role: "editor", id: "59626bd4381b9493f5a80a96", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 19:45:56 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "authorId": "59626bd4381b9493f5a80a96" + }, + { + "coauthorsIds": "59626bd4381b9493f5a80a96" + } + ] +} +2017-07-09 19:45:56 ERROR Not authorized to update tweet +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tmeasday", role: "editor", id: "59626bd4381b9493f5a80a96", +Operation: "", variables: "", +Query: +{ + tweet(id: "59626bd4381b9493f5a80a97") { + body + } +} + +2017-07-09 19:45:56 tweet readOne with user tmeasday is authorized +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tmeasday", role: "editor", id: "59626bd4381b9493f5a80a96", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59626bd4381b9493f5a80a97") +} + +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "authorId": "59626bd4381b9493f5a80a96" + } + ] +} +2017-07-09 19:45:56 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized +2017-07-09 19:45:56 removed tweet 59626bd4381b9493f5a80a97. +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tmeasday", role: "editor", id: "59626bd4381b9493f5a80a96", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "authorId": "59626bd4381b9493f5a80a96" + } + ] +} +2017-07-09 19:45:56 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized +2017-07-09 19:45:56 ERROR remove tweet failed for finalQuery: { + "_id": "583676d3618530145474e352", + "$or": [ + { + "authorId": "59626bd4381b9493f5a80a96" + } + ] +} +2017-07-09 19:45:56 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tmeasday", role: "editor", id: "59626bd4381b9493f5a80a96", +Operation: "", variables: "", +Query: +{ + tweet(id: "59626bd4381b9493f5a80a97") { + body + } +} + +2017-07-09 19:45:56 tweet readOne with user tmeasday is authorized +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "tmeasday", role: "editor", id: "59626bd4381b9493f5a80a96", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59626bd4381b9493f5a80a96") +} + +2017-07-09 19:45:56 authQuery: { + "$or": [ + { + "_id": "59626bd4381b9493f5a80a96" + } + ] +} +2017-07-09 19:45:56 removed user 59626bd4381b9493f5a80a96. +2017-07-09 19:45:56 -------------------------------------------------------------------------------- +2017-07-09 19:45:56 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59626bd4381b9493f5a80a96") { + username + bio + role + } +} + +2017-07-09 19:45:56 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 19:54:26 Logger started +2017-07-09 19:57:26 Logger started +2017-07-09 19:57:54 -------------------------------------------------------------------------------- +2017-07-09 19:57:54 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-07-09 19:58:04 -------------------------------------------------------------------------------- +2017-07-09 19:58:04 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-07-09 19:58:04 -------------------------------------------------------------------------------- +2017-07-09 19:58:04 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + role + username + } +} + +2017-07-09 19:58:04 user readOne with user stubailo is authorized +2017-07-09 19:58:04 -------------------------------------------------------------------------------- +2017-07-09 19:58:04 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + role + username + } +} + +2017-07-09 19:58:04 user readOne with user stubailo is authorized +2017-07-09 19:58:04 -------------------------------------------------------------------------------- +2017-07-09 19:58:04 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca2") { + role + username + } +} + +2017-07-09 19:58:04 user readOne with user stubailo is authorized +2017-07-09 19:58:04 -------------------------------------------------------------------------------- +2017-07-09 19:58:04 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + id + username + bio + } +} + +2017-07-09 19:58:04 user readOne with user stubailo is authorized +2017-07-09 19:58:04 -------------------------------------------------------------------------------- +2017-07-09 19:58:04 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users { + username + createdAt + } +} + +2017-07-09 19:58:04 users readMany with user stubailo is authorized +2017-07-09 19:58:04 -------------------------------------------------------------------------------- +2017-07-09 19:58:04 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(limit: 1) { + username + createdAt + } +} + +2017-07-09 19:58:04 users readMany with user stubailo is authorized +2017-07-09 19:58:04 -------------------------------------------------------------------------------- +2017-07-09 19:58:04 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993) { + username + createdAt + } +} + +2017-07-09 19:58:04 users readMany with user stubailo is authorized +2017-07-09 19:58:04 -------------------------------------------------------------------------------- +2017-07-09 19:58:04 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } +} + +2017-07-09 19:58:04 users readMany with user stubailo is authorized +2017-07-09 19:58:04 -------------------------------------------------------------------------------- +2017-07-09 19:58:04 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers { + username + createdAt + } + } +} + +2017-07-09 19:58:04 user readOne with user stubailo is authorized +2017-07-09 19:58:04 followers readMany with user stubailo is authorized +2017-07-09 19:58:04 -------------------------------------------------------------------------------- +2017-07-09 19:58:04 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 19:58:04 user readOne with user stubailo is authorized +2017-07-09 19:58:04 followers readMany with user stubailo is authorized +2017-07-09 19:58:04 -------------------------------------------------------------------------------- +2017-07-09 19:58:04 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-07-09 19:58:04 user readOne with user stubailo is authorized +2017-07-09 19:58:04 followers readMany with user stubailo is authorized +2017-07-09 19:58:04 -------------------------------------------------------------------------------- +2017-07-09 19:58:04 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 19:58:04 user readOne with user stubailo is authorized +2017-07-09 19:58:04 followers readMany with user stubailo is authorized +2017-07-09 19:58:04 -------------------------------------------------------------------------------- +2017-07-09 19:58:04 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following { + username + createdAt + } + } +} + +2017-07-09 19:58:04 user readOne with user stubailo is authorized +2017-07-09 19:58:04 following readMany with user stubailo is authorized +2017-07-09 19:58:04 -------------------------------------------------------------------------------- +2017-07-09 19:58:04 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 19:58:04 user readOne with user stubailo is authorized +2017-07-09 19:58:04 following readMany with user stubailo is authorized +2017-07-09 19:58:04 -------------------------------------------------------------------------------- +2017-07-09 19:58:04 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-07-09 19:58:04 user readOne with user stubailo is authorized +2017-07-09 19:58:04 following readMany with user stubailo is authorized +2017-07-09 19:58:04 -------------------------------------------------------------------------------- +2017-07-09 19:58:04 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 19:58:04 user readOne with user stubailo is authorized +2017-07-09 19:58:04 following readMany with user stubailo is authorized +2017-07-09 19:58:04 -------------------------------------------------------------------------------- +2017-07-09 19:58:04 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets { + id + createdAt + } + } +} + +2017-07-09 19:58:04 user readOne with user stubailo is authorized +2017-07-09 19:58:04 tweets readMany with user stubailo is authorized +2017-07-09 19:58:04 -------------------------------------------------------------------------------- +2017-07-09 19:58:04 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(limit: 1) { + id + createdAt + } + } +} + +2017-07-09 19:58:04 user readOne with user stubailo is authorized +2017-07-09 19:58:04 tweets readMany with user stubailo is authorized +2017-07-09 19:58:04 -------------------------------------------------------------------------------- +2017-07-09 19:58:04 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } + } +} + +2017-07-09 19:58:04 user readOne with user stubailo is authorized +2017-07-09 19:58:04 tweets readMany with user stubailo is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } + } +} + +2017-07-09 19:58:05 user readOne with user stubailo is authorized +2017-07-09 19:58:05 tweets readMany with user stubailo is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked { + id + createdAt + } + } +} + +2017-07-09 19:58:05 user readOne with user stubailo is authorized +2017-07-09 19:58:05 liked readMany with user stubailo is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(limit: 1) { + id + createdAt + } + } +} + +2017-07-09 19:58:05 user readOne with user stubailo is authorized +2017-07-09 19:58:05 liked readMany with user stubailo is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334) { + id + createdAt + } + } +} + +2017-07-09 19:58:05 user readOne with user stubailo is authorized +2017-07-09 19:58:05 liked readMany with user stubailo is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334, limit: 1) { + id + createdAt + } + } +} + +2017-07-09 19:58:05 user readOne with user stubailo is authorized +2017-07-09 19:58:05 liked readMany with user stubailo is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + id + body + } +} + +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + author { + username + } + } +} + +2017-07-09 19:58:05 tweet readOne with user stubailo is authorized +2017-07-09 19:58:05 tweet readOne with user stubailo is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets { + id + createdAt + } +} + +2017-07-09 19:58:05 tweets readMany with user stubailo is authorized +2017-07-09 19:58:05 author readOne with user stubailo is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(limit: 1) { + id + createdAt + } +} + +2017-07-09 19:58:05 tweets readMany with user stubailo is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } +} + +2017-07-09 19:58:05 tweets readMany with user stubailo is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } +} + +2017-07-09 19:58:05 tweets readMany with user stubailo is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers { + username + createdAt + } + } +} + +2017-07-09 19:58:05 tweet readOne with user stubailo is authorized +2017-07-09 19:58:05 likers readMany with user stubailo is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 19:58:05 tweet readOne with user stubailo is authorized +2017-07-09 19:58:05 likers readMany with user stubailo is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993) { + username + createdAt + } + } +} + +2017-07-09 19:58:05 tweet readOne with user stubailo is authorized +2017-07-09 19:58:05 likers readMany with user stubailo is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 19:58:05 tweet readOne with user stubailo is authorized +2017-07-09 19:58:05 likers readMany with user stubailo is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { + id + role + } +} + +2017-07-09 19:58:05 insert user create with user stubailo is authorized +2017-07-09 19:58:05 inserted user 59626ead9506339804845128. +2017-07-09 19:58:05 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "admin", id: "59626ead9506339804845128", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-07-09 19:58:05 insert user create with user tobkle is authorized +2017-07-09 19:58:05 inserted user 59626ead9506339804845129. +2017-07-09 19:58:05 pubsub userInserted readOne with user tobkle is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "admin", id: "59626ead9506339804845128", +Operation: "", variables: "", +Query: +{ + user(id: "59626ead9506339804845129") { + username + bio + role + } +} + +2017-07-09 19:58:05 user readOne with user tobkle is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "admin", id: "59626ead9506339804845128", +Operation: "", variables: "", +Query: +{ + user(id: "59626ead9506339804845128") { + username + role + } +} + +2017-07-09 19:58:05 user readOne with user tobkle is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "admin", id: "59626ead9506339804845128", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59626ead9506339804845129", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-07-09 19:58:05 update user update with user tobkle is authorized +2017-07-09 19:58:05 updated user 59626ead9506339804845129. +2017-07-09 19:58:05 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "admin", id: "59626ead9506339804845128", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59626ead9506339804845128", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 19:58:05 update user update with user tobkle is authorized +2017-07-09 19:58:05 updated user 59626ead9506339804845128. +2017-07-09 19:58:05 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "admin", id: "59626ead9506339804845128", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59626ead9506339804845129", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 19:58:05 update user update with user tobkle is authorized +2017-07-09 19:58:05 updated user 59626ead9506339804845129. +2017-07-09 19:58:05 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "admin", id: "59626ead9506339804845128", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59626ead9506339804845128", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-07-09 19:58:05 update user update with user tobkle is authorized +2017-07-09 19:58:05 updated user 59626ead9506339804845128. +2017-07-09 19:58:05 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "editor", id: "59626ead9506339804845128", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59626ead9506339804845128", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "_id": "59626ead9506339804845128" + } + ] +} +2017-07-09 19:58:05 ERROR Not authorized to update field "role" +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "zoltan", role: "admin", id: "59626ead9506339804845129", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59626ead9506339804845128", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 19:58:05 update user update with user zoltan is authorized +2017-07-09 19:58:05 updated user 59626ead9506339804845128. +2017-07-09 19:58:05 pubsub userUpdated readOne with user zoltan is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "admin", id: "59626ead9506339804845128", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59626ead9506339804845129") +} + +2017-07-09 19:58:05 removeUser delete with user tobkle is authorized +2017-07-09 19:58:05 removed user 59626ead9506339804845129. +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "admin", id: "59626ead9506339804845128", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59626ead9506339804845128", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 19:58:05 insert tweet create with user tobkle is authorized +2017-07-09 19:58:05 inserted tweet 59626ead950633980484512a. +2017-07-09 19:58:05 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "admin", id: "59626ead9506339804845128", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 19:58:05 insert tweet create with user tobkle is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "admin", id: "59626ead9506339804845128", +Operation: "", variables: "", +Query: +{ + tweet(id: "59626ead950633980484512a") { + author { + id + } + body + } +} + +2017-07-09 19:58:05 tweet readOne with user tobkle is authorized +2017-07-09 19:58:05 inserted tweet 59626ead950633980484512b. +2017-07-09 19:58:05 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 19:58:05 author readOne with user tobkle is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "admin", id: "59626ead9506339804845128", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 19:58:05 tweet readOne with user tobkle is authorized +2017-07-09 19:58:05 author readOne with user tobkle is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "admin", id: "59626ead9506339804845128", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59626ead950633980484512a", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 19:58:05 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 19:58:05 update tweet update with user tobkle is authorized +2017-07-09 19:58:05 updated tweet 59626ead950633980484512a. +2017-07-09 19:58:05 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "admin", id: "59626ead9506339804845128", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59626ead950633980484512b", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 19:58:05 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 19:58:05 update tweet update with user tobkle is authorized +2017-07-09 19:58:05 updated tweet 59626ead950633980484512b. +2017-07-09 19:58:05 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "admin", id: "59626ead9506339804845128", +Operation: "", variables: "", +Query: +{ + tweet(id: "59626ead950633980484512a") { + body + } +} + +2017-07-09 19:58:05 tweet readOne with user tobkle is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "admin", id: "59626ead9506339804845128", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59626ead950633980484512a") +} + +2017-07-09 19:58:05 removeTweet delete with user tobkle is authorized +2017-07-09 19:58:05 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 19:58:05 removed tweet 59626ead950633980484512a. +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "admin", id: "59626ead9506339804845128", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59626ead950633980484512b") +} + +2017-07-09 19:58:05 removeTweet delete with user tobkle is authorized +2017-07-09 19:58:05 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 19:58:05 removed tweet 59626ead950633980484512b. +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "admin", id: "59626ead9506339804845128", +Operation: "", variables: "", +Query: +{ + tweet(id: "59626ead950633980484512a") { + body + } +} + +2017-07-09 19:58:05 tweet readOne with user tobkle is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "admin", id: "59626ead9506339804845128", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59626ead9506339804845128") +} + +2017-07-09 19:58:05 removeUser delete with user tobkle is authorized +2017-07-09 19:58:05 removed user 59626ead9506339804845128. +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59626ead9506339804845128") { + username + bio + role + } +} + +2017-07-09 19:58:05 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-07-09 19:58:05 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 19:58:05 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 19:58:05 ERROR Authorization: Not authorized to update in update user. +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 19:58:05 ERROR Authorization: Not authorized to delete in removeUser. +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 19:58:05 ERROR Authorization: Not authorized to create in insert tweet. +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 19:58:05 tweet readOne with user is authorized +2017-07-09 19:58:05 ERROR Authorization: Not authorized to readOne in author. +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 19:58:05 tweet getOneById in updateById for docBefore readOne with user is authorized +2017-07-09 19:58:05 ERROR Authorization: Not authorized to update in update tweet. +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 19:58:05 tweet getOneById in updateById for docBefore readOne with user is authorized +2017-07-09 19:58:05 ERROR Authorization: Not authorized to update in update tweet. +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 19:58:05 ERROR Authorization: Not authorized to delete in removeTweet. +2017-07-09 19:58:05 tweet getOneById in removeById for docBefore readOne with user is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { + id + role + } +} + +2017-07-09 19:58:05 insert user create with user stubailo is authorized +2017-07-09 19:58:05 inserted user 59626ead950633980484512c. +2017-07-09 19:58:05 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "user", id: "59626ead950633980484512c", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-07-09 19:58:05 authQuery: { + "$or": [] +} +2017-07-09 19:58:05 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "user", id: "59626ead950633980484512c", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "_id": "59626ead950633980484512c" + } + ] +} +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "user", id: "59626ead950633980484512c", +Operation: "", variables: "", +Query: +{ + user(id: "59626ead950633980484512c") { + username + } +} + +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "_id": "59626ead950633980484512c" + } + ] +} +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "user", id: "59626ead950633980484512c", +Operation: "", variables: "", +Query: +{ + user(id: "59626ead950633980484512c") { + username + role + } +} + +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "_id": "59626ead950633980484512c" + } + ] +} +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "user", id: "59626ead950633980484512c", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "_id": "59626ead950633980484512c" + } + ] +} +2017-07-09 19:58:05 ERROR Not authorized to update user +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "user", id: "59626ead950633980484512c", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59626ead950633980484512c", input: {username: "tobkle", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "_id": "59626ead950633980484512c" + } + ] +} +2017-07-09 19:58:05 updated user 59626ead950633980484512c. +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "_id": "59626ead950633980484512c" + } + ] +} +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "user", id: "59626ead950633980484512c", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59626ead950633980484512c", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "_id": "59626ead950633980484512c" + } + ] +} +2017-07-09 19:58:05 ERROR Not authorized to update field "role" +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "user", id: "59626ead950633980484512c", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "_id": "59626ead950633980484512c" + } + ] +} +2017-07-09 19:58:05 ERROR remove user failed for finalQuery: { + "_id": "583291a1638566b3c5a92ca1", + "$or": [ + { + "_id": "59626ead950633980484512c" + } + ] +} +2017-07-09 19:58:05 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "user", id: "59626ead950633980484512c", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59626ead950633980484512c", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "authorId": "59626ead950633980484512c" + } + ] +} +2017-07-09 19:58:05 inserted tweet 59626ead950633980484512d. +2017-07-09 19:58:05 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "user", id: "59626ead950633980484512c", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "authorId": "59626ead950633980484512c" + } + ] +} +2017-07-09 19:58:05 ERROR Not authorized to insert tweet +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "user", id: "59626ead950633980484512c", +Operation: "", variables: "", +Query: +{ + tweet(id: "59626ead950633980484512d") { + author { + id + } + body + } +} + +2017-07-09 19:58:05 tweet readOne with user tobkle is authorized +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "_id": "59626ead950633980484512c" + } + ] +} +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "user", id: "59626ead950633980484512c", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 19:58:05 tweet readOne with user tobkle is authorized +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "_id": "59626ead950633980484512c" + } + ] +} +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "user", id: "59626ead950633980484512c", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59626ead950633980484512d", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 19:58:05 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "authorId": "59626ead950633980484512c" + }, + { + "coauthorsIds": "59626ead950633980484512c" + } + ] +} +2017-07-09 19:58:05 updated tweet 59626ead950633980484512d. +2017-07-09 19:58:05 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "user", id: "59626ead950633980484512c", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 19:58:05 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "authorId": "59626ead950633980484512c" + }, + { + "coauthorsIds": "59626ead950633980484512c" + } + ] +} +2017-07-09 19:58:05 ERROR Not authorized to update tweet +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "user", id: "59626ead950633980484512c", +Operation: "", variables: "", +Query: +{ + tweet(id: "59626ead950633980484512d") { + body + } +} + +2017-07-09 19:58:05 tweet readOne with user tobkle is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "user", id: "59626ead950633980484512c", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59626ead950633980484512d") +} + +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "authorId": "59626ead950633980484512c" + } + ] +} +2017-07-09 19:58:05 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 19:58:05 removed tweet 59626ead950633980484512d. +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "user", id: "59626ead950633980484512c", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "authorId": "59626ead950633980484512c" + } + ] +} +2017-07-09 19:58:05 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 19:58:05 ERROR remove tweet failed for finalQuery: { + "_id": "583676d3618530145474e352", + "$or": [ + { + "authorId": "59626ead950633980484512c" + } + ] +} +2017-07-09 19:58:05 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "user", id: "59626ead950633980484512c", +Operation: "", variables: "", +Query: +{ + tweet(id: "59626ead950633980484512d") { + body + } +} + +2017-07-09 19:58:05 tweet readOne with user tobkle is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "user", id: "59626ead950633980484512c", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59626ead950633980484512c") +} + +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "_id": "59626ead950633980484512c" + } + ] +} +2017-07-09 19:58:05 removed user 59626ead950633980484512c. +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59626ead950633980484512c") { + username + bio + role + } +} + +2017-07-09 19:58:05 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { + id + role + } +} + +2017-07-09 19:58:05 insert user create with user stubailo is authorized +2017-07-09 19:58:05 inserted user 59626ead950633980484512e. +2017-07-09 19:58:05 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "editor", id: "59626ead950633980484512e", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-07-09 19:58:05 authQuery: { + "$or": [] +} +2017-07-09 19:58:05 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "editor", id: "59626ead950633980484512e", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "_id": "59626ead950633980484512e" + } + ] +} +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "editor", id: "59626ead950633980484512e", +Operation: "", variables: "", +Query: +{ + user(id: "59626ead950633980484512e") { + username + role + } +} + +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "_id": "59626ead950633980484512e" + } + ] +} +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "editor", id: "59626ead950633980484512e", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "_id": "59626ead950633980484512e" + } + ] +} +2017-07-09 19:58:05 ERROR Not authorized to update user +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tobkle", role: "editor", id: "59626ead950633980484512e", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59626ead950633980484512e", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "_id": "59626ead950633980484512e" + } + ] +} +2017-07-09 19:58:05 updated user 59626ead950633980484512e. +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "_id": "59626ead950633980484512e" + } + ] +} +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tmeasday", role: "editor", id: "59626ead950633980484512e", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59626ead950633980484512e", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "_id": "59626ead950633980484512e" + } + ] +} +2017-07-09 19:58:05 ERROR Not authorized to update field "role" +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tmeasday", role: "editor", id: "59626ead950633980484512e", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "_id": "59626ead950633980484512e" + } + ] +} +2017-07-09 19:58:05 ERROR remove user failed for finalQuery: { + "_id": "583291a1638566b3c5a92ca1", + "$or": [ + { + "_id": "59626ead950633980484512e" + } + ] +} +2017-07-09 19:58:05 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tmeasday", role: "editor", id: "59626ead950633980484512e", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59626ead950633980484512e", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "authorId": "59626ead950633980484512e" + } + ] +} +2017-07-09 19:58:05 inserted tweet 59626ead950633980484512f. +2017-07-09 19:58:05 pubsub tweetInserted readOne with user tmeasday is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tmeasday", role: "editor", id: "59626ead950633980484512e", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "authorId": "59626ead950633980484512e" + } + ] +} +2017-07-09 19:58:05 ERROR Not authorized to insert tweet +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tmeasday", role: "editor", id: "59626ead950633980484512e", +Operation: "", variables: "", +Query: +{ + tweet(id: "59626ead950633980484512f") { + author { + id + } + body + } +} + +2017-07-09 19:58:05 tweet readOne with user tmeasday is authorized +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "_id": "59626ead950633980484512e" + } + ] +} +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tmeasday", role: "editor", id: "59626ead950633980484512e", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 19:58:05 tweet readOne with user tmeasday is authorized +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "_id": "59626ead950633980484512e" + } + ] +} +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tmeasday", role: "editor", id: "59626ead950633980484512e", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59626ead950633980484512f", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 19:58:05 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "authorId": "59626ead950633980484512e" + }, + { + "coauthorsIds": "59626ead950633980484512e" + } + ] +} +2017-07-09 19:58:05 updated tweet 59626ead950633980484512f. +2017-07-09 19:58:05 pubsub tweetUpdated readOne with user tmeasday is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tmeasday", role: "editor", id: "59626ead950633980484512e", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 19:58:05 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "authorId": "59626ead950633980484512e" + }, + { + "coauthorsIds": "59626ead950633980484512e" + } + ] +} +2017-07-09 19:58:05 ERROR Not authorized to update tweet +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tmeasday", role: "editor", id: "59626ead950633980484512e", +Operation: "", variables: "", +Query: +{ + tweet(id: "59626ead950633980484512f") { + body + } +} + +2017-07-09 19:58:05 tweet readOne with user tmeasday is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tmeasday", role: "editor", id: "59626ead950633980484512e", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59626ead950633980484512f") +} + +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "authorId": "59626ead950633980484512e" + } + ] +} +2017-07-09 19:58:05 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized +2017-07-09 19:58:05 removed tweet 59626ead950633980484512f. +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tmeasday", role: "editor", id: "59626ead950633980484512e", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "authorId": "59626ead950633980484512e" + } + ] +} +2017-07-09 19:58:05 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized +2017-07-09 19:58:05 ERROR remove tweet failed for finalQuery: { + "_id": "583676d3618530145474e352", + "$or": [ + { + "authorId": "59626ead950633980484512e" + } + ] +} +2017-07-09 19:58:05 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tmeasday", role: "editor", id: "59626ead950633980484512e", +Operation: "", variables: "", +Query: +{ + tweet(id: "59626ead950633980484512f") { + body + } +} + +2017-07-09 19:58:05 tweet readOne with user tmeasday is authorized +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "tmeasday", role: "editor", id: "59626ead950633980484512e", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59626ead950633980484512e") +} + +2017-07-09 19:58:05 authQuery: { + "$or": [ + { + "_id": "59626ead950633980484512e" + } + ] +} +2017-07-09 19:58:05 removed user 59626ead950633980484512e. +2017-07-09 19:58:05 -------------------------------------------------------------------------------- +2017-07-09 19:58:05 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59626ead950633980484512e") { + username + bio + role + } +} + +2017-07-09 19:58:05 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 19:59:58 Logger started +2017-07-09 20:01:09 Logger started +2017-07-09 20:03:22 Logger started +2017-07-09 20:04:03 -------------------------------------------------------------------------------- +2017-07-09 20:04:03 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + role + username + } +} + +2017-07-09 20:04:15 user readOne with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + role + username + } +} + +2017-07-09 20:04:15 user readOne with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca2") { + role + username + } +} + +2017-07-09 20:04:15 user readOne with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + id + username + bio + } +} + +2017-07-09 20:04:15 user readOne with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users { + username + createdAt + } +} + +2017-07-09 20:04:15 users readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(limit: 1) { + username + createdAt + } +} + +2017-07-09 20:04:15 users readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993) { + username + createdAt + } +} + +2017-07-09 20:04:15 users readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } +} + +2017-07-09 20:04:15 users readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers { + username + createdAt + } + } +} + +2017-07-09 20:04:15 user readOne with user stubailo is authorized +2017-07-09 20:04:15 followers readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:04:15 user readOne with user stubailo is authorized +2017-07-09 20:04:15 followers readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-07-09 20:04:15 user readOne with user stubailo is authorized +2017-07-09 20:04:15 followers readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:04:15 user readOne with user stubailo is authorized +2017-07-09 20:04:15 followers readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following { + username + createdAt + } + } +} + +2017-07-09 20:04:15 user readOne with user stubailo is authorized +2017-07-09 20:04:15 following readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:04:15 user readOne with user stubailo is authorized +2017-07-09 20:04:15 following readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-07-09 20:04:15 user readOne with user stubailo is authorized +2017-07-09 20:04:15 following readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:04:15 user readOne with user stubailo is authorized +2017-07-09 20:04:15 following readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets { + id + createdAt + } + } +} + +2017-07-09 20:04:15 user readOne with user stubailo is authorized +2017-07-09 20:04:15 tweets readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(limit: 1) { + id + createdAt + } + } +} + +2017-07-09 20:04:15 user readOne with user stubailo is authorized +2017-07-09 20:04:15 tweets readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } + } +} + +2017-07-09 20:04:15 user readOne with user stubailo is authorized +2017-07-09 20:04:15 tweets readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } + } +} + +2017-07-09 20:04:15 user readOne with user stubailo is authorized +2017-07-09 20:04:15 tweets readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked { + id + createdAt + } + } +} + +2017-07-09 20:04:15 user readOne with user stubailo is authorized +2017-07-09 20:04:15 liked readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(limit: 1) { + id + createdAt + } + } +} + +2017-07-09 20:04:15 user readOne with user stubailo is authorized +2017-07-09 20:04:15 liked readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334) { + id + createdAt + } + } +} + +2017-07-09 20:04:15 user readOne with user stubailo is authorized +2017-07-09 20:04:15 liked readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334, limit: 1) { + id + createdAt + } + } +} + +2017-07-09 20:04:15 user readOne with user stubailo is authorized +2017-07-09 20:04:15 liked readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + author { + username + } + } +} + +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + id + body + } +} + +2017-07-09 20:04:15 tweet readOne with user stubailo is authorized +2017-07-09 20:04:15 tweet readOne with user stubailo is authorized +2017-07-09 20:04:15 author readOne with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets { + id + createdAt + } +} + +2017-07-09 20:04:15 tweets readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(limit: 1) { + id + createdAt + } +} + +2017-07-09 20:04:15 tweets readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } +} + +2017-07-09 20:04:15 tweets readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } +} + +2017-07-09 20:04:15 tweets readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers { + username + createdAt + } + } +} + +2017-07-09 20:04:15 tweet readOne with user stubailo is authorized +2017-07-09 20:04:15 likers readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:04:15 tweet readOne with user stubailo is authorized +2017-07-09 20:04:15 likers readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993) { + username + createdAt + } + } +} + +2017-07-09 20:04:15 tweet readOne with user stubailo is authorized +2017-07-09 20:04:15 likers readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:04:15 tweet readOne with user stubailo is authorized +2017-07-09 20:04:15 likers readMany with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { + id + role + } +} + +2017-07-09 20:04:15 insert user create with user stubailo is authorized +2017-07-09 20:04:15 inserted user 5962701fbd5b289911a30965. +2017-07-09 20:04:15 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-07-09 20:04:15 insert user create with user tobkle is authorized +2017-07-09 20:04:15 inserted user 5962701fbd5b289911a30966. +2017-07-09 20:04:15 pubsub userInserted readOne with user tobkle is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", +Operation: "", variables: "", +Query: +{ + user(id: "5962701fbd5b289911a30966") { + username + bio + role + } +} + +2017-07-09 20:04:15 user readOne with user tobkle is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", +Operation: "", variables: "", +Query: +{ + user(id: "5962701fbd5b289911a30965") { + username + role + } +} + +2017-07-09 20:04:15 user readOne with user tobkle is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "5962701fbd5b289911a30966", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-07-09 20:04:15 update user update with user tobkle is authorized +2017-07-09 20:04:15 updated user 5962701fbd5b289911a30966. +2017-07-09 20:04:15 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "5962701fbd5b289911a30965", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:04:15 update user update with user tobkle is authorized +2017-07-09 20:04:15 updated user 5962701fbd5b289911a30965. +2017-07-09 20:04:15 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "5962701fbd5b289911a30966", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:04:15 update user update with user tobkle is authorized +2017-07-09 20:04:15 updated user 5962701fbd5b289911a30966. +2017-07-09 20:04:15 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "5962701fbd5b289911a30965", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-07-09 20:04:15 update user update with user tobkle is authorized +2017-07-09 20:04:15 updated user 5962701fbd5b289911a30965. +2017-07-09 20:04:15 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "editor", id: "5962701fbd5b289911a30965", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "5962701fbd5b289911a30965", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:04:15 authQuery: { + "$or": [ + { + "_id": "5962701fbd5b289911a30965" + } + ] +} +2017-07-09 20:04:15 ERROR Not authorized to update field "role" +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "zoltan", role: "admin", id: "5962701fbd5b289911a30966", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "5962701fbd5b289911a30965", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:04:15 update user update with user zoltan is authorized +2017-07-09 20:04:15 updated user 5962701fbd5b289911a30965. +2017-07-09 20:04:15 pubsub userUpdated readOne with user zoltan is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "5962701fbd5b289911a30966") +} + +2017-07-09 20:04:15 removeUser delete with user tobkle is authorized +2017-07-09 20:04:15 removed user 5962701fbd5b289911a30966. +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "5962701fbd5b289911a30965", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 20:04:15 insert tweet create with user tobkle is authorized +2017-07-09 20:04:15 inserted tweet 5962701fbd5b289911a30967. +2017-07-09 20:04:15 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", +Operation: "", variables: "", +Query: +{ + tweet(id: "5962701fbd5b289911a30967") { + author { + id + } + body + } +} + +2017-07-09 20:04:15 tweet readOne with user tobkle is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 20:04:15 insert tweet create with user tobkle is authorized +2017-07-09 20:04:15 author readOne with user tobkle is authorized +2017-07-09 20:04:15 inserted tweet 5962701fbd5b289911a30968. +2017-07-09 20:04:15 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 20:04:15 tweet readOne with user tobkle is authorized +2017-07-09 20:04:15 author readOne with user tobkle is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "5962701fbd5b289911a30967", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:04:15 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 20:04:15 update tweet update with user tobkle is authorized +2017-07-09 20:04:15 updated tweet 5962701fbd5b289911a30967. +2017-07-09 20:04:15 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "5962701fbd5b289911a30968", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:04:15 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 20:04:15 update tweet update with user tobkle is authorized +2017-07-09 20:04:15 updated tweet 5962701fbd5b289911a30968. +2017-07-09 20:04:15 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", +Operation: "", variables: "", +Query: +{ + tweet(id: "5962701fbd5b289911a30967") { + body + } +} + +2017-07-09 20:04:15 tweet readOne with user tobkle is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "5962701fbd5b289911a30967") +} + +2017-07-09 20:04:15 removeTweet delete with user tobkle is authorized +2017-07-09 20:04:15 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 20:04:15 removed tweet 5962701fbd5b289911a30967. +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "5962701fbd5b289911a30968") +} + +2017-07-09 20:04:15 removeTweet delete with user tobkle is authorized +2017-07-09 20:04:15 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 20:04:15 removed tweet 5962701fbd5b289911a30968. +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", +Operation: "", variables: "", +Query: +{ + tweet(id: "5962701fbd5b289911a30967") { + body + } +} + +2017-07-09 20:04:15 tweet readOne with user tobkle is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "5962701fbd5b289911a30965") +} + +2017-07-09 20:04:15 removeUser delete with user tobkle is authorized +2017-07-09 20:04:15 removed user 5962701fbd5b289911a30965. +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "5962701fbd5b289911a30965") { + username + bio + role + } +} + +2017-07-09 20:04:15 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-07-09 20:04:15 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 20:04:15 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:04:15 ERROR Authorization: Not authorized to update in update user. +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 20:04:15 ERROR Authorization: Not authorized to delete in removeUser. +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 20:04:15 ERROR Authorization: Not authorized to create in insert tweet. +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 20:04:15 tweet readOne with user is authorized +2017-07-09 20:04:15 ERROR Authorization: Not authorized to readOne in author. +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:04:15 tweet getOneById in updateById for docBefore readOne with user is authorized +2017-07-09 20:04:15 ERROR Authorization: Not authorized to update in update tweet. +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:04:15 tweet getOneById in updateById for docBefore readOne with user is authorized +2017-07-09 20:04:15 ERROR Authorization: Not authorized to update in update tweet. +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 20:04:15 ERROR Authorization: Not authorized to delete in removeTweet. +2017-07-09 20:04:15 tweet getOneById in removeById for docBefore readOne with user is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { + id + role + } +} + +2017-07-09 20:04:15 insert user create with user stubailo is authorized +2017-07-09 20:04:15 inserted user 5962701fbd5b289911a30969. +2017-07-09 20:04:15 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-07-09 20:04:15 authQuery: { + "$or": [] +} +2017-07-09 20:04:15 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 20:04:15 authQuery: { + "$or": [ + { + "_id": "5962701fbd5b289911a30969" + } + ] +} +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", +Operation: "", variables: "", +Query: +{ + user(id: "5962701fbd5b289911a30969") { + username + } +} + +2017-07-09 20:04:15 authQuery: { + "$or": [ + { + "_id": "5962701fbd5b289911a30969" + } + ] +} +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", +Operation: "", variables: "", +Query: +{ + user(id: "5962701fbd5b289911a30969") { + username + role + } +} + +2017-07-09 20:04:15 authQuery: { + "$or": [ + { + "_id": "5962701fbd5b289911a30969" + } + ] +} +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:04:15 authQuery: { + "$or": [ + { + "_id": "5962701fbd5b289911a30969" + } + ] +} +2017-07-09 20:04:15 ERROR Not authorized to update user +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "5962701fbd5b289911a30969", input: {username: "tobkle", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-07-09 20:04:15 authQuery: { + "$or": [ + { + "_id": "5962701fbd5b289911a30969" + } + ] +} +2017-07-09 20:04:15 updated user 5962701fbd5b289911a30969. +2017-07-09 20:04:15 authQuery: { + "$or": [ + { + "_id": "5962701fbd5b289911a30969" + } + ] +} +2017-07-09 20:04:15 -------------------------------------------------------------------------------- +2017-07-09 20:04:15 Request: +User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "5962701fbd5b289911a30969", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:04:15 authQuery: { + "$or": [ + { + "_id": "5962701fbd5b289911a30969" + } + ] +} +2017-07-09 20:04:15 ERROR Not authorized to update field "role" +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 20:04:16 authQuery: { + "$or": [ + { + "_id": "5962701fbd5b289911a30969" + } + ] +} +2017-07-09 20:04:16 ERROR remove user failed for finalQuery: { + "_id": "583291a1638566b3c5a92ca1", + "$or": [ + { + "_id": "5962701fbd5b289911a30969" + } + ] +} +2017-07-09 20:04:16 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "5962701fbd5b289911a30969", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 20:04:16 authQuery: { + "$or": [ + { + "authorId": "5962701fbd5b289911a30969" + } + ] +} +2017-07-09 20:04:16 inserted tweet 59627020bd5b289911a3096a. +2017-07-09 20:04:16 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 20:04:16 authQuery: { + "$or": [ + { + "authorId": "5962701fbd5b289911a30969" + } + ] +} +2017-07-09 20:04:16 ERROR Not authorized to insert tweet +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", +Operation: "", variables: "", +Query: +{ + tweet(id: "59627020bd5b289911a3096a") { + author { + id + } + body + } +} + +2017-07-09 20:04:16 tweet readOne with user tobkle is authorized +2017-07-09 20:04:16 authQuery: { + "$or": [ + { + "_id": "5962701fbd5b289911a30969" + } + ] +} +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 20:04:16 tweet readOne with user tobkle is authorized +2017-07-09 20:04:16 authQuery: { + "$or": [ + { + "_id": "5962701fbd5b289911a30969" + } + ] +} +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59627020bd5b289911a3096a", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:04:16 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 20:04:16 authQuery: { + "$or": [ + { + "authorId": "5962701fbd5b289911a30969" + }, + { + "coauthorsIds": "5962701fbd5b289911a30969" + } + ] +} +2017-07-09 20:04:16 updated tweet 59627020bd5b289911a3096a. +2017-07-09 20:04:16 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:04:16 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 20:04:16 authQuery: { + "$or": [ + { + "authorId": "5962701fbd5b289911a30969" + }, + { + "coauthorsIds": "5962701fbd5b289911a30969" + } + ] +} +2017-07-09 20:04:16 ERROR Not authorized to update tweet +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", +Operation: "", variables: "", +Query: +{ + tweet(id: "59627020bd5b289911a3096a") { + body + } +} + +2017-07-09 20:04:16 tweet readOne with user tobkle is authorized +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59627020bd5b289911a3096a") +} + +2017-07-09 20:04:16 authQuery: { + "$or": [ + { + "authorId": "5962701fbd5b289911a30969" + } + ] +} +2017-07-09 20:04:16 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 20:04:16 removed tweet 59627020bd5b289911a3096a. +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 20:04:16 authQuery: { + "$or": [ + { + "authorId": "5962701fbd5b289911a30969" + } + ] +} +2017-07-09 20:04:16 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 20:04:16 ERROR remove tweet failed for finalQuery: { + "_id": "583676d3618530145474e352", + "$or": [ + { + "authorId": "5962701fbd5b289911a30969" + } + ] +} +2017-07-09 20:04:16 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", +Operation: "", variables: "", +Query: +{ + tweet(id: "59627020bd5b289911a3096a") { + body + } +} + +2017-07-09 20:04:16 tweet readOne with user tobkle is authorized +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "5962701fbd5b289911a30969") +} + +2017-07-09 20:04:16 authQuery: { + "$or": [ + { + "_id": "5962701fbd5b289911a30969" + } + ] +} +2017-07-09 20:04:16 removed user 5962701fbd5b289911a30969. +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "5962701fbd5b289911a30969") { + username + bio + role + } +} + +2017-07-09 20:04:16 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { + id + role + } +} + +2017-07-09 20:04:16 insert user create with user stubailo is authorized +2017-07-09 20:04:16 inserted user 59627020bd5b289911a3096b. +2017-07-09 20:04:16 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tobkle", role: "editor", id: "59627020bd5b289911a3096b", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-07-09 20:04:16 authQuery: { + "$or": [] +} +2017-07-09 20:04:16 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tobkle", role: "editor", id: "59627020bd5b289911a3096b", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 20:04:16 authQuery: { + "$or": [ + { + "_id": "59627020bd5b289911a3096b" + } + ] +} +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tobkle", role: "editor", id: "59627020bd5b289911a3096b", +Operation: "", variables: "", +Query: +{ + user(id: "59627020bd5b289911a3096b") { + username + role + } +} + +2017-07-09 20:04:16 authQuery: { + "$or": [ + { + "_id": "59627020bd5b289911a3096b" + } + ] +} +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tobkle", role: "editor", id: "59627020bd5b289911a3096b", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:04:16 authQuery: { + "$or": [ + { + "_id": "59627020bd5b289911a3096b" + } + ] +} +2017-07-09 20:04:16 ERROR Not authorized to update user +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tobkle", role: "editor", id: "59627020bd5b289911a3096b", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59627020bd5b289911a3096b", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-07-09 20:04:16 authQuery: { + "$or": [ + { + "_id": "59627020bd5b289911a3096b" + } + ] +} +2017-07-09 20:04:16 updated user 59627020bd5b289911a3096b. +2017-07-09 20:04:16 authQuery: { + "$or": [ + { + "_id": "59627020bd5b289911a3096b" + } + ] +} +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tmeasday", role: "editor", id: "59627020bd5b289911a3096b", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59627020bd5b289911a3096b", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:04:16 authQuery: { + "$or": [ + { + "_id": "59627020bd5b289911a3096b" + } + ] +} +2017-07-09 20:04:16 ERROR Not authorized to update field "role" +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tmeasday", role: "editor", id: "59627020bd5b289911a3096b", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 20:04:16 authQuery: { + "$or": [ + { + "_id": "59627020bd5b289911a3096b" + } + ] +} +2017-07-09 20:04:16 ERROR remove user failed for finalQuery: { + "_id": "583291a1638566b3c5a92ca1", + "$or": [ + { + "_id": "59627020bd5b289911a3096b" + } + ] +} +2017-07-09 20:04:16 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tmeasday", role: "editor", id: "59627020bd5b289911a3096b", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59627020bd5b289911a3096b", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 20:04:16 authQuery: { + "$or": [ + { + "authorId": "59627020bd5b289911a3096b" + } + ] +} +2017-07-09 20:04:16 inserted tweet 59627020bd5b289911a3096c. +2017-07-09 20:04:16 pubsub tweetInserted readOne with user tmeasday is authorized +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tmeasday", role: "editor", id: "59627020bd5b289911a3096b", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 20:04:16 authQuery: { + "$or": [ + { + "authorId": "59627020bd5b289911a3096b" + } + ] +} +2017-07-09 20:04:16 ERROR Not authorized to insert tweet +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tmeasday", role: "editor", id: "59627020bd5b289911a3096b", +Operation: "", variables: "", +Query: +{ + tweet(id: "59627020bd5b289911a3096c") { + author { + id + } + body + } +} + +2017-07-09 20:04:16 tweet readOne with user tmeasday is authorized +2017-07-09 20:04:16 authQuery: { + "$or": [ + { + "_id": "59627020bd5b289911a3096b" + } + ] +} +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tmeasday", role: "editor", id: "59627020bd5b289911a3096b", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 20:04:16 tweet readOne with user tmeasday is authorized +2017-07-09 20:04:16 authQuery: { + "$or": [ + { + "_id": "59627020bd5b289911a3096b" + } + ] +} +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tmeasday", role: "editor", id: "59627020bd5b289911a3096b", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59627020bd5b289911a3096c", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:04:16 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized +2017-07-09 20:04:16 authQuery: { + "$or": [ + { + "authorId": "59627020bd5b289911a3096b" + }, + { + "coauthorsIds": "59627020bd5b289911a3096b" + } + ] +} +2017-07-09 20:04:16 updated tweet 59627020bd5b289911a3096c. +2017-07-09 20:04:16 pubsub tweetUpdated readOne with user tmeasday is authorized +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tmeasday", role: "editor", id: "59627020bd5b289911a3096b", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:04:16 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized +2017-07-09 20:04:16 authQuery: { + "$or": [ + { + "authorId": "59627020bd5b289911a3096b" + }, + { + "coauthorsIds": "59627020bd5b289911a3096b" + } + ] +} +2017-07-09 20:04:16 ERROR Not authorized to update tweet +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tmeasday", role: "editor", id: "59627020bd5b289911a3096b", +Operation: "", variables: "", +Query: +{ + tweet(id: "59627020bd5b289911a3096c") { + body + } +} + +2017-07-09 20:04:16 tweet readOne with user tmeasday is authorized +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tmeasday", role: "editor", id: "59627020bd5b289911a3096b", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59627020bd5b289911a3096c") +} + +2017-07-09 20:04:16 authQuery: { + "$or": [ + { + "authorId": "59627020bd5b289911a3096b" + } + ] +} +2017-07-09 20:04:16 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized +2017-07-09 20:04:16 removed tweet 59627020bd5b289911a3096c. +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tmeasday", role: "editor", id: "59627020bd5b289911a3096b", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 20:04:16 authQuery: { + "$or": [ + { + "authorId": "59627020bd5b289911a3096b" + } + ] +} +2017-07-09 20:04:16 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized +2017-07-09 20:04:16 ERROR remove tweet failed for finalQuery: { + "_id": "583676d3618530145474e352", + "$or": [ + { + "authorId": "59627020bd5b289911a3096b" + } + ] +} +2017-07-09 20:04:16 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tmeasday", role: "editor", id: "59627020bd5b289911a3096b", +Operation: "", variables: "", +Query: +{ + tweet(id: "59627020bd5b289911a3096c") { + body + } +} + +2017-07-09 20:04:16 tweet readOne with user tmeasday is authorized +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "tmeasday", role: "editor", id: "59627020bd5b289911a3096b", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59627020bd5b289911a3096b") +} + +2017-07-09 20:04:16 authQuery: { + "$or": [ + { + "_id": "59627020bd5b289911a3096b" + } + ] +} +2017-07-09 20:04:16 removed user 59627020bd5b289911a3096b. +2017-07-09 20:04:16 -------------------------------------------------------------------------------- +2017-07-09 20:04:16 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59627020bd5b289911a3096b") { + username + bio + role + } +} + +2017-07-09 20:04:16 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 20:05:52 Logger started +2017-07-09 20:28:15 Logger started +2017-07-09 20:29:12 Logger started +2017-07-09 20:30:13 Logger started +2017-07-09 20:30:34 -------------------------------------------------------------------------------- +2017-07-09 20:30:34 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + role + username + } +} + +2017-07-09 20:30:45 user readOne with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + role + username + } +} + +2017-07-09 20:30:45 user readOne with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca2") { + role + username + } +} + +2017-07-09 20:30:45 user readOne with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + id + username + bio + } +} + +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users { + username + createdAt + } +} + +2017-07-09 20:30:45 users readMany with user stubailo is authorized +2017-07-09 20:30:45 user readOne with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(limit: 1) { + username + createdAt + } +} + +2017-07-09 20:30:45 users readMany with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993) { + username + createdAt + } +} + +2017-07-09 20:30:45 users readMany with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } +} + +2017-07-09 20:30:45 users readMany with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers { + username + createdAt + } + } +} + +2017-07-09 20:30:45 user readOne with user stubailo is authorized +2017-07-09 20:30:45 followers readMany with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:30:45 user readOne with user stubailo is authorized +2017-07-09 20:30:45 followers readMany with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-07-09 20:30:45 user readOne with user stubailo is authorized +2017-07-09 20:30:45 followers readMany with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:30:45 user readOne with user stubailo is authorized +2017-07-09 20:30:45 followers readMany with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following { + username + createdAt + } + } +} + +2017-07-09 20:30:45 user readOne with user stubailo is authorized +2017-07-09 20:30:45 following readMany with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:30:45 user readOne with user stubailo is authorized +2017-07-09 20:30:45 following readMany with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-07-09 20:30:45 user readOne with user stubailo is authorized +2017-07-09 20:30:45 following readMany with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:30:45 user readOne with user stubailo is authorized +2017-07-09 20:30:45 following readMany with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets { + id + createdAt + } + } +} + +2017-07-09 20:30:45 user readOne with user stubailo is authorized +2017-07-09 20:30:45 tweets readMany with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(limit: 1) { + id + createdAt + } + } +} + +2017-07-09 20:30:45 user readOne with user stubailo is authorized +2017-07-09 20:30:45 tweets readMany with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } + } +} + +2017-07-09 20:30:45 user readOne with user stubailo is authorized +2017-07-09 20:30:45 tweets readMany with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } + } +} + +2017-07-09 20:30:45 user readOne with user stubailo is authorized +2017-07-09 20:30:45 tweets readMany with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked { + id + createdAt + } + } +} + +2017-07-09 20:30:45 user readOne with user stubailo is authorized +2017-07-09 20:30:45 liked readMany with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(limit: 1) { + id + createdAt + } + } +} + +2017-07-09 20:30:45 user readOne with user stubailo is authorized +2017-07-09 20:30:45 liked readMany with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334) { + id + createdAt + } + } +} + +2017-07-09 20:30:45 user readOne with user stubailo is authorized +2017-07-09 20:30:45 liked readMany with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334, limit: 1) { + id + createdAt + } + } +} + +2017-07-09 20:30:45 user readOne with user stubailo is authorized +2017-07-09 20:30:45 liked readMany with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + id + body + } +} + +2017-07-09 20:30:45 tweet readOne with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + author { + username + } + } +} + +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets { + id + createdAt + } +} + +2017-07-09 20:30:45 tweets readMany with user stubailo is authorized +2017-07-09 20:30:45 tweet readOne with user stubailo is authorized +2017-07-09 20:30:45 author readOne with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(limit: 1) { + id + createdAt + } +} + +2017-07-09 20:30:45 tweets readMany with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } +} + +2017-07-09 20:30:45 tweets readMany with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } +} + +2017-07-09 20:30:45 tweets readMany with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers { + username + createdAt + } + } +} + +2017-07-09 20:30:45 tweet readOne with user stubailo is authorized +2017-07-09 20:30:45 likers readMany with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:30:45 tweet readOne with user stubailo is authorized +2017-07-09 20:30:45 likers readMany with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993) { + username + createdAt + } + } +} + +2017-07-09 20:30:45 tweet readOne with user stubailo is authorized +2017-07-09 20:30:45 likers readMany with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:30:45 tweet readOne with user stubailo is authorized +2017-07-09 20:30:45 likers readMany with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { + id + role + } +} + +2017-07-09 20:30:45 insert user create with user stubailo is authorized +2017-07-09 20:30:45 inserted user 59627655ba519d9b0eb890f9. +2017-07-09 20:30:45 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-07-09 20:30:45 insert user create with user tobkle is authorized +2017-07-09 20:30:45 inserted user 59627655ba519d9b0eb890fa. +2017-07-09 20:30:45 pubsub userInserted readOne with user tobkle is authorized +2017-07-09 20:30:45 -------------------------------------------------------------------------------- +2017-07-09 20:30:45 Request: +User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", +Operation: "", variables: "", +Query: +{ + user(id: "59627655ba519d9b0eb890fa") { + username + bio + role + } +} + +2017-07-09 20:30:45 user readOne with user tobkle is authorized +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", +Operation: "", variables: "", +Query: +{ + user(id: "59627655ba519d9b0eb890f9") { + username + role + } +} + +2017-07-09 20:30:46 user readOne with user tobkle is authorized +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59627655ba519d9b0eb890fa", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-07-09 20:30:46 update user update with user tobkle is authorized +2017-07-09 20:30:46 updated user 59627655ba519d9b0eb890fa. +2017-07-09 20:30:46 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59627655ba519d9b0eb890f9", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:30:46 update user update with user tobkle is authorized +2017-07-09 20:30:46 updated user 59627655ba519d9b0eb890f9. +2017-07-09 20:30:46 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59627655ba519d9b0eb890fa", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:30:46 update user update with user tobkle is authorized +2017-07-09 20:30:46 updated user 59627655ba519d9b0eb890fa. +2017-07-09 20:30:46 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59627655ba519d9b0eb890f9", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-07-09 20:30:46 update user update with user tobkle is authorized +2017-07-09 20:30:46 updated user 59627655ba519d9b0eb890f9. +2017-07-09 20:30:46 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "editor", id: "59627655ba519d9b0eb890f9", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59627655ba519d9b0eb890f9", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "_id": "59627655ba519d9b0eb890f9" + } + ] +} +2017-07-09 20:30:46 ERROR Not authorized to update field "role" +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "zoltan", role: "admin", id: "59627655ba519d9b0eb890fa", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59627655ba519d9b0eb890f9", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:30:46 update user update with user zoltan is authorized +2017-07-09 20:30:46 updated user 59627655ba519d9b0eb890f9. +2017-07-09 20:30:46 pubsub userUpdated readOne with user zoltan is authorized +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59627655ba519d9b0eb890fa") +} + +2017-07-09 20:30:46 removeUser delete with user tobkle is authorized +2017-07-09 20:30:46 removed user 59627655ba519d9b0eb890fa. +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59627655ba519d9b0eb890f9", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 20:30:46 insert tweet create with user tobkle is authorized +2017-07-09 20:30:46 inserted tweet 59627656ba519d9b0eb890fb. +2017-07-09 20:30:46 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 20:30:46 insert tweet create with user tobkle is authorized +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", +Operation: "", variables: "", +Query: +{ + tweet(id: "59627656ba519d9b0eb890fb") { + author { + id + } + body + } +} + +2017-07-09 20:30:46 tweet readOne with user tobkle is authorized +2017-07-09 20:30:46 inserted tweet 59627656ba519d9b0eb890fc. +2017-07-09 20:30:46 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 20:30:46 author readOne with user tobkle is authorized +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 20:30:46 tweet readOne with user tobkle is authorized +2017-07-09 20:30:46 author readOne with user tobkle is authorized +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59627656ba519d9b0eb890fb", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:30:46 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 20:30:46 update tweet update with user tobkle is authorized +2017-07-09 20:30:46 updated tweet 59627656ba519d9b0eb890fb. +2017-07-09 20:30:46 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59627656ba519d9b0eb890fc", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:30:46 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 20:30:46 update tweet update with user tobkle is authorized +2017-07-09 20:30:46 updated tweet 59627656ba519d9b0eb890fc. +2017-07-09 20:30:46 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", +Operation: "", variables: "", +Query: +{ + tweet(id: "59627656ba519d9b0eb890fb") { + body + } +} + +2017-07-09 20:30:46 tweet readOne with user tobkle is authorized +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59627656ba519d9b0eb890fb") +} + +2017-07-09 20:30:46 removeTweet delete with user tobkle is authorized +2017-07-09 20:30:46 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 20:30:46 removed tweet 59627656ba519d9b0eb890fb. +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59627656ba519d9b0eb890fc") +} + +2017-07-09 20:30:46 removeTweet delete with user tobkle is authorized +2017-07-09 20:30:46 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 20:30:46 removed tweet 59627656ba519d9b0eb890fc. +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", +Operation: "", variables: "", +Query: +{ + tweet(id: "59627656ba519d9b0eb890fb") { + body + } +} + +2017-07-09 20:30:46 tweet readOne with user tobkle is authorized +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59627655ba519d9b0eb890f9") +} + +2017-07-09 20:30:46 removeUser delete with user tobkle is authorized +2017-07-09 20:30:46 removed user 59627655ba519d9b0eb890f9. +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59627655ba519d9b0eb890f9") { + username + bio + role + } +} + +2017-07-09 20:30:46 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-07-09 20:30:46 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 20:30:46 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:30:46 ERROR Authorization: Not authorized to update in update user. +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 20:30:46 ERROR Authorization: Not authorized to delete in removeUser. +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 20:30:46 ERROR Authorization: Not authorized to create in insert tweet. +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 20:30:46 tweet readOne with user is authorized +2017-07-09 20:30:46 ERROR Authorization: Not authorized to readOne in author. +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:30:46 tweet getOneById in updateById for docBefore readOne with user is authorized +2017-07-09 20:30:46 ERROR Authorization: Not authorized to update in update tweet. +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:30:46 tweet getOneById in updateById for docBefore readOne with user is authorized +2017-07-09 20:30:46 ERROR Authorization: Not authorized to update in update tweet. +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 20:30:46 ERROR Authorization: Not authorized to delete in removeTweet. +2017-07-09 20:30:46 tweet getOneById in removeById for docBefore readOne with user is authorized +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { + id + role + } +} + +2017-07-09 20:30:46 insert user create with user stubailo is authorized +2017-07-09 20:30:46 inserted user 59627656ba519d9b0eb890fd. +2017-07-09 20:30:46 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-07-09 20:30:46 authQuery: { + "$or": [] +} +2017-07-09 20:30:46 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "_id": "59627656ba519d9b0eb890fd" + } + ] +} +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", +Operation: "", variables: "", +Query: +{ + user(id: "59627656ba519d9b0eb890fd") { + username + } +} + +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "_id": "59627656ba519d9b0eb890fd" + } + ] +} +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", +Operation: "", variables: "", +Query: +{ + user(id: "59627656ba519d9b0eb890fd") { + username + role + } +} + +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "_id": "59627656ba519d9b0eb890fd" + } + ] +} +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "_id": "59627656ba519d9b0eb890fd" + } + ] +} +2017-07-09 20:30:46 ERROR Not authorized to update user +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59627656ba519d9b0eb890fd", input: {username: "tobkle", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "_id": "59627656ba519d9b0eb890fd" + } + ] +} +2017-07-09 20:30:46 updated user 59627656ba519d9b0eb890fd. +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "_id": "59627656ba519d9b0eb890fd" + } + ] +} +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59627656ba519d9b0eb890fd", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "_id": "59627656ba519d9b0eb890fd" + } + ] +} +2017-07-09 20:30:46 ERROR Not authorized to update field "role" +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "_id": "59627656ba519d9b0eb890fd" + } + ] +} +2017-07-09 20:30:46 ERROR remove user failed for finalQuery: { + "_id": "583291a1638566b3c5a92ca1", + "$or": [ + { + "_id": "59627656ba519d9b0eb890fd" + } + ] +} +2017-07-09 20:30:46 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59627656ba519d9b0eb890fd", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "authorId": "59627656ba519d9b0eb890fd" + } + ] +} +2017-07-09 20:30:46 inserted tweet 59627656ba519d9b0eb890fe. +2017-07-09 20:30:46 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "authorId": "59627656ba519d9b0eb890fd" + } + ] +} +2017-07-09 20:30:46 ERROR Not authorized to insert tweet +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", +Operation: "", variables: "", +Query: +{ + tweet(id: "59627656ba519d9b0eb890fe") { + author { + id + } + body + } +} + +2017-07-09 20:30:46 tweet readOne with user tobkle is authorized +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "_id": "59627656ba519d9b0eb890fd" + } + ] +} +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 20:30:46 tweet readOne with user tobkle is authorized +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "_id": "59627656ba519d9b0eb890fd" + } + ] +} +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59627656ba519d9b0eb890fe", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:30:46 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "authorId": "59627656ba519d9b0eb890fd" + }, + { + "coauthorsIds": "59627656ba519d9b0eb890fd" + } + ] +} +2017-07-09 20:30:46 updated tweet 59627656ba519d9b0eb890fe. +2017-07-09 20:30:46 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:30:46 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "authorId": "59627656ba519d9b0eb890fd" + }, + { + "coauthorsIds": "59627656ba519d9b0eb890fd" + } + ] +} +2017-07-09 20:30:46 ERROR Not authorized to update tweet +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", +Operation: "", variables: "", +Query: +{ + tweet(id: "59627656ba519d9b0eb890fe") { + body + } +} + +2017-07-09 20:30:46 tweet readOne with user tobkle is authorized +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59627656ba519d9b0eb890fe") +} + +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "authorId": "59627656ba519d9b0eb890fd" + } + ] +} +2017-07-09 20:30:46 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 20:30:46 removed tweet 59627656ba519d9b0eb890fe. +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "authorId": "59627656ba519d9b0eb890fd" + } + ] +} +2017-07-09 20:30:46 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 20:30:46 ERROR remove tweet failed for finalQuery: { + "_id": "583676d3618530145474e352", + "$or": [ + { + "authorId": "59627656ba519d9b0eb890fd" + } + ] +} +2017-07-09 20:30:46 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", +Operation: "", variables: "", +Query: +{ + tweet(id: "59627656ba519d9b0eb890fe") { + body + } +} + +2017-07-09 20:30:46 tweet readOne with user tobkle is authorized +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59627656ba519d9b0eb890fd") +} + +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "_id": "59627656ba519d9b0eb890fd" + } + ] +} +2017-07-09 20:30:46 removed user 59627656ba519d9b0eb890fd. +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59627656ba519d9b0eb890fd") { + username + bio + role + } +} + +2017-07-09 20:30:46 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { + id + role + } +} + +2017-07-09 20:30:46 insert user create with user stubailo is authorized +2017-07-09 20:30:46 inserted user 59627656ba519d9b0eb890ff. +2017-07-09 20:30:46 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "editor", id: "59627656ba519d9b0eb890ff", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-07-09 20:30:46 authQuery: { + "$or": [] +} +2017-07-09 20:30:46 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "editor", id: "59627656ba519d9b0eb890ff", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "_id": "59627656ba519d9b0eb890ff" + } + ] +} +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "editor", id: "59627656ba519d9b0eb890ff", +Operation: "", variables: "", +Query: +{ + user(id: "59627656ba519d9b0eb890ff") { + username + role + } +} + +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "_id": "59627656ba519d9b0eb890ff" + } + ] +} +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "editor", id: "59627656ba519d9b0eb890ff", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "_id": "59627656ba519d9b0eb890ff" + } + ] +} +2017-07-09 20:30:46 ERROR Not authorized to update user +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tobkle", role: "editor", id: "59627656ba519d9b0eb890ff", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59627656ba519d9b0eb890ff", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "_id": "59627656ba519d9b0eb890ff" + } + ] +} +2017-07-09 20:30:46 updated user 59627656ba519d9b0eb890ff. +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "_id": "59627656ba519d9b0eb890ff" + } + ] +} +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tmeasday", role: "editor", id: "59627656ba519d9b0eb890ff", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59627656ba519d9b0eb890ff", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "_id": "59627656ba519d9b0eb890ff" + } + ] +} +2017-07-09 20:30:46 ERROR Not authorized to update field "role" +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tmeasday", role: "editor", id: "59627656ba519d9b0eb890ff", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "_id": "59627656ba519d9b0eb890ff" + } + ] +} +2017-07-09 20:30:46 ERROR remove user failed for finalQuery: { + "_id": "583291a1638566b3c5a92ca1", + "$or": [ + { + "_id": "59627656ba519d9b0eb890ff" + } + ] +} +2017-07-09 20:30:46 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tmeasday", role: "editor", id: "59627656ba519d9b0eb890ff", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59627656ba519d9b0eb890ff", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "authorId": "59627656ba519d9b0eb890ff" + } + ] +} +2017-07-09 20:30:46 inserted tweet 59627656ba519d9b0eb89100. +2017-07-09 20:30:46 pubsub tweetInserted readOne with user tmeasday is authorized +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tmeasday", role: "editor", id: "59627656ba519d9b0eb890ff", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "authorId": "59627656ba519d9b0eb890ff" + } + ] +} +2017-07-09 20:30:46 ERROR Not authorized to insert tweet +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tmeasday", role: "editor", id: "59627656ba519d9b0eb890ff", +Operation: "", variables: "", +Query: +{ + tweet(id: "59627656ba519d9b0eb89100") { + author { + id + } + body + } +} + +2017-07-09 20:30:46 tweet readOne with user tmeasday is authorized +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "_id": "59627656ba519d9b0eb890ff" + } + ] +} +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tmeasday", role: "editor", id: "59627656ba519d9b0eb890ff", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 20:30:46 tweet readOne with user tmeasday is authorized +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "_id": "59627656ba519d9b0eb890ff" + } + ] +} +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tmeasday", role: "editor", id: "59627656ba519d9b0eb890ff", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59627656ba519d9b0eb89100", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:30:46 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "authorId": "59627656ba519d9b0eb890ff" + }, + { + "coauthorsIds": "59627656ba519d9b0eb890ff" + } + ] +} +2017-07-09 20:30:46 updated tweet 59627656ba519d9b0eb89100. +2017-07-09 20:30:46 pubsub tweetUpdated readOne with user tmeasday is authorized +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tmeasday", role: "editor", id: "59627656ba519d9b0eb890ff", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:30:46 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "authorId": "59627656ba519d9b0eb890ff" + }, + { + "coauthorsIds": "59627656ba519d9b0eb890ff" + } + ] +} +2017-07-09 20:30:46 ERROR Not authorized to update tweet +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tmeasday", role: "editor", id: "59627656ba519d9b0eb890ff", +Operation: "", variables: "", +Query: +{ + tweet(id: "59627656ba519d9b0eb89100") { + body + } +} + +2017-07-09 20:30:46 tweet readOne with user tmeasday is authorized +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tmeasday", role: "editor", id: "59627656ba519d9b0eb890ff", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59627656ba519d9b0eb89100") +} + +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "authorId": "59627656ba519d9b0eb890ff" + } + ] +} +2017-07-09 20:30:46 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized +2017-07-09 20:30:46 removed tweet 59627656ba519d9b0eb89100. +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tmeasday", role: "editor", id: "59627656ba519d9b0eb890ff", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "authorId": "59627656ba519d9b0eb890ff" + } + ] +} +2017-07-09 20:30:46 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized +2017-07-09 20:30:46 ERROR remove tweet failed for finalQuery: { + "_id": "583676d3618530145474e352", + "$or": [ + { + "authorId": "59627656ba519d9b0eb890ff" + } + ] +} +2017-07-09 20:30:46 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tmeasday", role: "editor", id: "59627656ba519d9b0eb890ff", +Operation: "", variables: "", +Query: +{ + tweet(id: "59627656ba519d9b0eb89100") { + body + } +} + +2017-07-09 20:30:46 tweet readOne with user tmeasday is authorized +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "tmeasday", role: "editor", id: "59627656ba519d9b0eb890ff", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59627656ba519d9b0eb890ff") +} + +2017-07-09 20:30:46 authQuery: { + "$or": [ + { + "_id": "59627656ba519d9b0eb890ff" + } + ] +} +2017-07-09 20:30:46 removed user 59627656ba519d9b0eb890ff. +2017-07-09 20:30:46 -------------------------------------------------------------------------------- +2017-07-09 20:30:46 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59627656ba519d9b0eb890ff") { + username + bio + role + } +} + +2017-07-09 20:30:46 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 20:32:30 Logger started +2017-07-09 20:33:01 Logger started +2017-07-09 20:33:14 -------------------------------------------------------------------------------- +2017-07-09 20:33:14 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + role + username + } +} + +2017-07-09 20:33:25 user readOne with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + role + username + } +} + +2017-07-09 20:33:25 user readOne with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca2") { + role + username + } +} + +2017-07-09 20:33:25 user readOne with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + id + username + bio + } +} + +2017-07-09 20:33:25 user readOne with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users { + username + createdAt + } +} + +2017-07-09 20:33:25 users readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(limit: 1) { + username + createdAt + } +} + +2017-07-09 20:33:25 users readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993) { + username + createdAt + } +} + +2017-07-09 20:33:25 users readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } +} + +2017-07-09 20:33:25 users readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers { + username + createdAt + } + } +} + +2017-07-09 20:33:25 user readOne with user stubailo is authorized +2017-07-09 20:33:25 followers readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:33:25 user readOne with user stubailo is authorized +2017-07-09 20:33:25 followers readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-07-09 20:33:25 user readOne with user stubailo is authorized +2017-07-09 20:33:25 followers readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:33:25 user readOne with user stubailo is authorized +2017-07-09 20:33:25 followers readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following { + username + createdAt + } + } +} + +2017-07-09 20:33:25 user readOne with user stubailo is authorized +2017-07-09 20:33:25 following readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:33:25 user readOne with user stubailo is authorized +2017-07-09 20:33:25 following readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-07-09 20:33:25 user readOne with user stubailo is authorized +2017-07-09 20:33:25 following readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:33:25 user readOne with user stubailo is authorized +2017-07-09 20:33:25 following readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets { + id + createdAt + } + } +} + +2017-07-09 20:33:25 user readOne with user stubailo is authorized +2017-07-09 20:33:25 tweets readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(limit: 1) { + id + createdAt + } + } +} + +2017-07-09 20:33:25 user readOne with user stubailo is authorized +2017-07-09 20:33:25 tweets readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } + } +} + +2017-07-09 20:33:25 user readOne with user stubailo is authorized +2017-07-09 20:33:25 tweets readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } + } +} + +2017-07-09 20:33:25 user readOne with user stubailo is authorized +2017-07-09 20:33:25 tweets readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked { + id + createdAt + } + } +} + +2017-07-09 20:33:25 user readOne with user stubailo is authorized +2017-07-09 20:33:25 liked readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(limit: 1) { + id + createdAt + } + } +} + +2017-07-09 20:33:25 user readOne with user stubailo is authorized +2017-07-09 20:33:25 liked readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334) { + id + createdAt + } + } +} + +2017-07-09 20:33:25 user readOne with user stubailo is authorized +2017-07-09 20:33:25 liked readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334, limit: 1) { + id + createdAt + } + } +} + +2017-07-09 20:33:25 user readOne with user stubailo is authorized +2017-07-09 20:33:25 liked readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + author { + username + } + } +} + +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + id + body + } +} + +2017-07-09 20:33:25 tweet readOne with user stubailo is authorized +2017-07-09 20:33:25 tweet readOne with user stubailo is authorized +2017-07-09 20:33:25 author readOne with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets { + id + createdAt + } +} + +2017-07-09 20:33:25 tweets readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(limit: 1) { + id + createdAt + } +} + +2017-07-09 20:33:25 tweets readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } +} + +2017-07-09 20:33:25 tweets readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } +} + +2017-07-09 20:33:25 tweets readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers { + username + createdAt + } + } +} + +2017-07-09 20:33:25 tweet readOne with user stubailo is authorized +2017-07-09 20:33:25 likers readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:33:25 tweet readOne with user stubailo is authorized +2017-07-09 20:33:25 likers readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993) { + username + createdAt + } + } +} + +2017-07-09 20:33:25 tweet readOne with user stubailo is authorized +2017-07-09 20:33:25 likers readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:33:25 tweet readOne with user stubailo is authorized +2017-07-09 20:33:25 likers readMany with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { + id + role + } +} + +2017-07-09 20:33:25 insert user create with user stubailo is authorized +2017-07-09 20:33:25 inserted user 596276f59bce489b8e6d4df3. +2017-07-09 20:33:25 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-07-09 20:33:25 insert user create with user tobkle is authorized +2017-07-09 20:33:25 inserted user 596276f59bce489b8e6d4df4. +2017-07-09 20:33:25 pubsub userInserted readOne with user tobkle is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", +Operation: "", variables: "", +Query: +{ + user(id: "596276f59bce489b8e6d4df4") { + username + bio + role + } +} + +2017-07-09 20:33:25 user readOne with user tobkle is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", +Operation: "", variables: "", +Query: +{ + user(id: "596276f59bce489b8e6d4df3") { + username + role + } +} + +2017-07-09 20:33:25 user readOne with user tobkle is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596276f59bce489b8e6d4df4", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-07-09 20:33:25 update user update with user tobkle is authorized +2017-07-09 20:33:25 updated user 596276f59bce489b8e6d4df4. +2017-07-09 20:33:25 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596276f59bce489b8e6d4df3", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:33:25 update user update with user tobkle is authorized +2017-07-09 20:33:25 updated user 596276f59bce489b8e6d4df3. +2017-07-09 20:33:25 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596276f59bce489b8e6d4df4", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:33:25 update user update with user tobkle is authorized +2017-07-09 20:33:25 updated user 596276f59bce489b8e6d4df4. +2017-07-09 20:33:25 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596276f59bce489b8e6d4df3", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-07-09 20:33:25 update user update with user tobkle is authorized +2017-07-09 20:33:25 updated user 596276f59bce489b8e6d4df3. +2017-07-09 20:33:25 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "tobkle", role: "editor", id: "596276f59bce489b8e6d4df3", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596276f59bce489b8e6d4df3", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:33:25 authQuery: { + "$or": [ + { + "_id": "596276f59bce489b8e6d4df3" + } + ] +} +2017-07-09 20:33:25 ERROR Not authorized to update field "role" +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "zoltan", role: "admin", id: "596276f59bce489b8e6d4df4", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596276f59bce489b8e6d4df3", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:33:25 update user update with user zoltan is authorized +2017-07-09 20:33:25 updated user 596276f59bce489b8e6d4df3. +2017-07-09 20:33:25 pubsub userUpdated readOne with user zoltan is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "596276f59bce489b8e6d4df4") +} + +2017-07-09 20:33:25 removeUser delete with user tobkle is authorized +2017-07-09 20:33:25 removed user 596276f59bce489b8e6d4df4. +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "596276f59bce489b8e6d4df3", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 20:33:25 insert tweet create with user tobkle is authorized +2017-07-09 20:33:25 inserted tweet 596276f59bce489b8e6d4df5. +2017-07-09 20:33:25 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 20:33:25 insert tweet create with user tobkle is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", +Operation: "", variables: "", +Query: +{ + tweet(id: "596276f59bce489b8e6d4df5") { + author { + id + } + body + } +} + +2017-07-09 20:33:25 tweet readOne with user tobkle is authorized +2017-07-09 20:33:25 inserted tweet 596276f59bce489b8e6d4df6. +2017-07-09 20:33:25 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 20:33:25 author readOne with user tobkle is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 20:33:25 tweet readOne with user tobkle is authorized +2017-07-09 20:33:25 author readOne with user tobkle is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "596276f59bce489b8e6d4df5", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:33:25 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 20:33:25 update tweet update with user tobkle is authorized +2017-07-09 20:33:25 updated tweet 596276f59bce489b8e6d4df5. +2017-07-09 20:33:25 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "596276f59bce489b8e6d4df6", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:33:25 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 20:33:25 update tweet update with user tobkle is authorized +2017-07-09 20:33:25 updated tweet 596276f59bce489b8e6d4df6. +2017-07-09 20:33:25 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", +Operation: "", variables: "", +Query: +{ + tweet(id: "596276f59bce489b8e6d4df5") { + body + } +} + +2017-07-09 20:33:25 tweet readOne with user tobkle is authorized +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "596276f59bce489b8e6d4df5") +} + +2017-07-09 20:33:25 removeTweet delete with user tobkle is authorized +2017-07-09 20:33:25 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 20:33:25 removed tweet 596276f59bce489b8e6d4df5. +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "596276f59bce489b8e6d4df6") +} + +2017-07-09 20:33:25 removeTweet delete with user tobkle is authorized +2017-07-09 20:33:25 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 20:33:25 removed tweet 596276f59bce489b8e6d4df6. +2017-07-09 20:33:25 -------------------------------------------------------------------------------- +2017-07-09 20:33:25 Request: +User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", +Operation: "", variables: "", +Query: +{ + tweet(id: "596276f59bce489b8e6d4df5") { + body + } +} + +2017-07-09 20:33:25 tweet readOne with user tobkle is authorized +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "596276f59bce489b8e6d4df3") +} + +2017-07-09 20:33:26 removeUser delete with user tobkle is authorized +2017-07-09 20:33:26 removed user 596276f59bce489b8e6d4df3. +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "596276f59bce489b8e6d4df3") { + username + bio + role + } +} + +2017-07-09 20:33:26 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-07-09 20:33:26 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 20:33:26 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:33:26 ERROR Authorization: Not authorized to update in update user. +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 20:33:26 ERROR Authorization: Not authorized to delete in removeUser. +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 20:33:26 ERROR Authorization: Not authorized to create in insert tweet. +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 20:33:26 tweet readOne with user is authorized +2017-07-09 20:33:26 ERROR Authorization: Not authorized to readOne in author. +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:33:26 tweet getOneById in updateById for docBefore readOne with user is authorized +2017-07-09 20:33:26 ERROR Authorization: Not authorized to update in update tweet. +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:33:26 tweet getOneById in updateById for docBefore readOne with user is authorized +2017-07-09 20:33:26 ERROR Authorization: Not authorized to update in update tweet. +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 20:33:26 ERROR Authorization: Not authorized to delete in removeTweet. +2017-07-09 20:33:26 tweet getOneById in removeById for docBefore readOne with user is authorized +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { + id + role + } +} + +2017-07-09 20:33:26 insert user create with user stubailo is authorized +2017-07-09 20:33:26 inserted user 596276f69bce489b8e6d4df7. +2017-07-09 20:33:26 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-07-09 20:33:26 authQuery: { + "$or": [] +} +2017-07-09 20:33:26 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "_id": "596276f69bce489b8e6d4df7" + } + ] +} +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", +Operation: "", variables: "", +Query: +{ + user(id: "596276f69bce489b8e6d4df7") { + username + } +} + +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "_id": "596276f69bce489b8e6d4df7" + } + ] +} +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", +Operation: "", variables: "", +Query: +{ + user(id: "596276f69bce489b8e6d4df7") { + username + role + } +} + +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "_id": "596276f69bce489b8e6d4df7" + } + ] +} +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "_id": "596276f69bce489b8e6d4df7" + } + ] +} +2017-07-09 20:33:26 ERROR Not authorized to update field "role" +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596276f69bce489b8e6d4df7", input: {username: "tobkle", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "_id": "596276f69bce489b8e6d4df7" + } + ] +} +2017-07-09 20:33:26 updated user 596276f69bce489b8e6d4df7. +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "_id": "596276f69bce489b8e6d4df7" + } + ] +} +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596276f69bce489b8e6d4df7", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "_id": "596276f69bce489b8e6d4df7" + } + ] +} +2017-07-09 20:33:26 ERROR Not authorized to update field "role" +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "_id": "596276f69bce489b8e6d4df7" + } + ] +} +2017-07-09 20:33:26 ERROR remove user failed for finalQuery: { + "_id": "583291a1638566b3c5a92ca1", + "$or": [ + { + "_id": "596276f69bce489b8e6d4df7" + } + ] +} +2017-07-09 20:33:26 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "596276f69bce489b8e6d4df7", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "authorId": "596276f69bce489b8e6d4df7" + } + ] +} +2017-07-09 20:33:26 inserted tweet 596276f69bce489b8e6d4df8. +2017-07-09 20:33:26 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "authorId": "596276f69bce489b8e6d4df7" + } + ] +} +2017-07-09 20:33:26 ERROR Not authorized to insert tweet +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", +Operation: "", variables: "", +Query: +{ + tweet(id: "596276f69bce489b8e6d4df8") { + author { + id + } + body + } +} + +2017-07-09 20:33:26 tweet readOne with user tobkle is authorized +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "_id": "596276f69bce489b8e6d4df7" + } + ] +} +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 20:33:26 tweet readOne with user tobkle is authorized +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "_id": "596276f69bce489b8e6d4df7" + } + ] +} +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "596276f69bce489b8e6d4df8", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:33:26 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "authorId": "596276f69bce489b8e6d4df7" + }, + { + "coauthorsIds": "596276f69bce489b8e6d4df7" + } + ] +} +2017-07-09 20:33:26 updated tweet 596276f69bce489b8e6d4df8. +2017-07-09 20:33:26 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:33:26 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "authorId": "596276f69bce489b8e6d4df7" + }, + { + "coauthorsIds": "596276f69bce489b8e6d4df7" + } + ] +} +2017-07-09 20:33:26 ERROR Not authorized to update tweet +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", +Operation: "", variables: "", +Query: +{ + tweet(id: "596276f69bce489b8e6d4df8") { + body + } +} + +2017-07-09 20:33:26 tweet readOne with user tobkle is authorized +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "596276f69bce489b8e6d4df8") +} + +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "authorId": "596276f69bce489b8e6d4df7" + } + ] +} +2017-07-09 20:33:26 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 20:33:26 removed tweet 596276f69bce489b8e6d4df8. +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "authorId": "596276f69bce489b8e6d4df7" + } + ] +} +2017-07-09 20:33:26 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 20:33:26 ERROR remove tweet failed for finalQuery: { + "_id": "583676d3618530145474e352", + "$or": [ + { + "authorId": "596276f69bce489b8e6d4df7" + } + ] +} +2017-07-09 20:33:26 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", +Operation: "", variables: "", +Query: +{ + tweet(id: "596276f69bce489b8e6d4df8") { + body + } +} + +2017-07-09 20:33:26 tweet readOne with user tobkle is authorized +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "596276f69bce489b8e6d4df7") +} + +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "_id": "596276f69bce489b8e6d4df7" + } + ] +} +2017-07-09 20:33:26 removed user 596276f69bce489b8e6d4df7. +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "596276f69bce489b8e6d4df7") { + username + bio + role + } +} + +2017-07-09 20:33:26 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { + id + role + } +} + +2017-07-09 20:33:26 insert user create with user stubailo is authorized +2017-07-09 20:33:26 inserted user 596276f69bce489b8e6d4df9. +2017-07-09 20:33:26 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tobkle", role: "editor", id: "596276f69bce489b8e6d4df9", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-07-09 20:33:26 authQuery: { + "$or": [] +} +2017-07-09 20:33:26 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tobkle", role: "editor", id: "596276f69bce489b8e6d4df9", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "_id": "596276f69bce489b8e6d4df9" + } + ] +} +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tobkle", role: "editor", id: "596276f69bce489b8e6d4df9", +Operation: "", variables: "", +Query: +{ + user(id: "596276f69bce489b8e6d4df9") { + username + role + } +} + +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "_id": "596276f69bce489b8e6d4df9" + } + ] +} +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tobkle", role: "editor", id: "596276f69bce489b8e6d4df9", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "_id": "596276f69bce489b8e6d4df9" + } + ] +} +2017-07-09 20:33:26 ERROR Not authorized to update field "role" +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tobkle", role: "editor", id: "596276f69bce489b8e6d4df9", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596276f69bce489b8e6d4df9", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "_id": "596276f69bce489b8e6d4df9" + } + ] +} +2017-07-09 20:33:26 updated user 596276f69bce489b8e6d4df9. +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "_id": "596276f69bce489b8e6d4df9" + } + ] +} +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tmeasday", role: "editor", id: "596276f69bce489b8e6d4df9", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596276f69bce489b8e6d4df9", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "_id": "596276f69bce489b8e6d4df9" + } + ] +} +2017-07-09 20:33:26 ERROR Not authorized to update field "role" +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tmeasday", role: "editor", id: "596276f69bce489b8e6d4df9", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "_id": "596276f69bce489b8e6d4df9" + } + ] +} +2017-07-09 20:33:26 ERROR remove user failed for finalQuery: { + "_id": "583291a1638566b3c5a92ca1", + "$or": [ + { + "_id": "596276f69bce489b8e6d4df9" + } + ] +} +2017-07-09 20:33:26 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tmeasday", role: "editor", id: "596276f69bce489b8e6d4df9", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "596276f69bce489b8e6d4df9", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "authorId": "596276f69bce489b8e6d4df9" + } + ] +} +2017-07-09 20:33:26 inserted tweet 596276f69bce489b8e6d4dfa. +2017-07-09 20:33:26 pubsub tweetInserted readOne with user tmeasday is authorized +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tmeasday", role: "editor", id: "596276f69bce489b8e6d4df9", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "authorId": "596276f69bce489b8e6d4df9" + } + ] +} +2017-07-09 20:33:26 ERROR Not authorized to insert tweet +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tmeasday", role: "editor", id: "596276f69bce489b8e6d4df9", +Operation: "", variables: "", +Query: +{ + tweet(id: "596276f69bce489b8e6d4dfa") { + author { + id + } + body + } +} + +2017-07-09 20:33:26 tweet readOne with user tmeasday is authorized +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "_id": "596276f69bce489b8e6d4df9" + } + ] +} +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tmeasday", role: "editor", id: "596276f69bce489b8e6d4df9", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 20:33:26 tweet readOne with user tmeasday is authorized +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "_id": "596276f69bce489b8e6d4df9" + } + ] +} +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tmeasday", role: "editor", id: "596276f69bce489b8e6d4df9", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "596276f69bce489b8e6d4dfa", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:33:26 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "authorId": "596276f69bce489b8e6d4df9" + }, + { + "coauthorsIds": "596276f69bce489b8e6d4df9" + } + ] +} +2017-07-09 20:33:26 updated tweet 596276f69bce489b8e6d4dfa. +2017-07-09 20:33:26 pubsub tweetUpdated readOne with user tmeasday is authorized +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tmeasday", role: "editor", id: "596276f69bce489b8e6d4df9", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:33:26 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "authorId": "596276f69bce489b8e6d4df9" + }, + { + "coauthorsIds": "596276f69bce489b8e6d4df9" + } + ] +} +2017-07-09 20:33:26 ERROR Not authorized to update tweet +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tmeasday", role: "editor", id: "596276f69bce489b8e6d4df9", +Operation: "", variables: "", +Query: +{ + tweet(id: "596276f69bce489b8e6d4dfa") { + body + } +} + +2017-07-09 20:33:26 tweet readOne with user tmeasday is authorized +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tmeasday", role: "editor", id: "596276f69bce489b8e6d4df9", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "596276f69bce489b8e6d4dfa") +} + +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "authorId": "596276f69bce489b8e6d4df9" + } + ] +} +2017-07-09 20:33:26 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized +2017-07-09 20:33:26 removed tweet 596276f69bce489b8e6d4dfa. +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tmeasday", role: "editor", id: "596276f69bce489b8e6d4df9", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "authorId": "596276f69bce489b8e6d4df9" + } + ] +} +2017-07-09 20:33:26 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized +2017-07-09 20:33:26 ERROR remove tweet failed for finalQuery: { + "_id": "583676d3618530145474e352", + "$or": [ + { + "authorId": "596276f69bce489b8e6d4df9" + } + ] +} +2017-07-09 20:33:26 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tmeasday", role: "editor", id: "596276f69bce489b8e6d4df9", +Operation: "", variables: "", +Query: +{ + tweet(id: "596276f69bce489b8e6d4dfa") { + body + } +} + +2017-07-09 20:33:26 tweet readOne with user tmeasday is authorized +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "tmeasday", role: "editor", id: "596276f69bce489b8e6d4df9", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "596276f69bce489b8e6d4df9") +} + +2017-07-09 20:33:26 authQuery: { + "$or": [ + { + "_id": "596276f69bce489b8e6d4df9" + } + ] +} +2017-07-09 20:33:26 removed user 596276f69bce489b8e6d4df9. +2017-07-09 20:33:26 -------------------------------------------------------------------------------- +2017-07-09 20:33:26 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "596276f69bce489b8e6d4df9") { + username + bio + role + } +} + +2017-07-09 20:33:26 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 20:34:32 Logger started +2017-07-09 20:35:00 Logger started +2017-07-09 20:35:21 Logger started +2017-07-09 20:35:45 -------------------------------------------------------------------------------- +2017-07-09 20:35:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + role + username + } +} + +2017-07-09 20:35:56 user readOne with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + role + username + } +} + +2017-07-09 20:35:56 user readOne with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca2") { + role + username + } +} + +2017-07-09 20:35:56 user readOne with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + id + username + bio + } +} + +2017-07-09 20:35:56 user readOne with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users { + username + createdAt + } +} + +2017-07-09 20:35:56 users readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(limit: 1) { + username + createdAt + } +} + +2017-07-09 20:35:56 users readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993) { + username + createdAt + } +} + +2017-07-09 20:35:56 users readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } +} + +2017-07-09 20:35:56 users readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers { + username + createdAt + } + } +} + +2017-07-09 20:35:56 user readOne with user stubailo is authorized +2017-07-09 20:35:56 followers readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:35:56 user readOne with user stubailo is authorized +2017-07-09 20:35:56 followers readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-07-09 20:35:56 user readOne with user stubailo is authorized +2017-07-09 20:35:56 followers readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:35:56 user readOne with user stubailo is authorized +2017-07-09 20:35:56 followers readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following { + username + createdAt + } + } +} + +2017-07-09 20:35:56 user readOne with user stubailo is authorized +2017-07-09 20:35:56 following readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:35:56 user readOne with user stubailo is authorized +2017-07-09 20:35:56 following readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-07-09 20:35:56 user readOne with user stubailo is authorized +2017-07-09 20:35:56 following readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:35:56 user readOne with user stubailo is authorized +2017-07-09 20:35:56 following readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets { + id + createdAt + } + } +} + +2017-07-09 20:35:56 user readOne with user stubailo is authorized +2017-07-09 20:35:56 tweets readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(limit: 1) { + id + createdAt + } + } +} + +2017-07-09 20:35:56 user readOne with user stubailo is authorized +2017-07-09 20:35:56 tweets readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } + } +} + +2017-07-09 20:35:56 user readOne with user stubailo is authorized +2017-07-09 20:35:56 tweets readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } + } +} + +2017-07-09 20:35:56 user readOne with user stubailo is authorized +2017-07-09 20:35:56 tweets readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked { + id + createdAt + } + } +} + +2017-07-09 20:35:56 user readOne with user stubailo is authorized +2017-07-09 20:35:56 liked readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(limit: 1) { + id + createdAt + } + } +} + +2017-07-09 20:35:56 user readOne with user stubailo is authorized +2017-07-09 20:35:56 liked readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334) { + id + createdAt + } + } +} + +2017-07-09 20:35:56 user readOne with user stubailo is authorized +2017-07-09 20:35:56 liked readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334, limit: 1) { + id + createdAt + } + } +} + +2017-07-09 20:35:56 user readOne with user stubailo is authorized +2017-07-09 20:35:56 liked readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + author { + username + } + } +} + +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + id + body + } +} + +2017-07-09 20:35:56 tweet readOne with user stubailo is authorized +2017-07-09 20:35:56 tweet readOne with user stubailo is authorized +2017-07-09 20:35:56 author readOne with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets { + id + createdAt + } +} + +2017-07-09 20:35:56 tweets readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(limit: 1) { + id + createdAt + } +} + +2017-07-09 20:35:56 tweets readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } +} + +2017-07-09 20:35:56 tweets readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } +} + +2017-07-09 20:35:56 tweets readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers { + username + createdAt + } + } +} + +2017-07-09 20:35:56 tweet readOne with user stubailo is authorized +2017-07-09 20:35:56 likers readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:35:56 tweet readOne with user stubailo is authorized +2017-07-09 20:35:56 likers readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993) { + username + createdAt + } + } +} + +2017-07-09 20:35:56 tweet readOne with user stubailo is authorized +2017-07-09 20:35:56 likers readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:35:56 tweet readOne with user stubailo is authorized +2017-07-09 20:35:56 likers readMany with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { + id + role + } +} + +2017-07-09 20:35:56 insert user create with user stubailo is authorized +2017-07-09 20:35:56 inserted user 5962778c08de6c9c11df0d23. +2017-07-09 20:35:56 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-07-09 20:35:56 insert user create with user tobkle is authorized +2017-07-09 20:35:56 inserted user 5962778c08de6c9c11df0d24. +2017-07-09 20:35:56 pubsub userInserted readOne with user tobkle is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", +Operation: "", variables: "", +Query: +{ + user(id: "5962778c08de6c9c11df0d24") { + username + bio + role + } +} + +2017-07-09 20:35:56 user readOne with user tobkle is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", +Operation: "", variables: "", +Query: +{ + user(id: "5962778c08de6c9c11df0d23") { + username + role + } +} + +2017-07-09 20:35:56 user readOne with user tobkle is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "5962778c08de6c9c11df0d24", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-07-09 20:35:56 update user update with user tobkle is authorized +2017-07-09 20:35:56 updated user 5962778c08de6c9c11df0d24. +2017-07-09 20:35:56 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "5962778c08de6c9c11df0d23", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:35:56 update user update with user tobkle is authorized +2017-07-09 20:35:56 updated user 5962778c08de6c9c11df0d23. +2017-07-09 20:35:56 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "5962778c08de6c9c11df0d24", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:35:56 update user update with user tobkle is authorized +2017-07-09 20:35:56 updated user 5962778c08de6c9c11df0d24. +2017-07-09 20:35:56 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "5962778c08de6c9c11df0d23", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-07-09 20:35:56 update user update with user tobkle is authorized +2017-07-09 20:35:56 updated user 5962778c08de6c9c11df0d23. +2017-07-09 20:35:56 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "tobkle", role: "editor", id: "5962778c08de6c9c11df0d23", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "5962778c08de6c9c11df0d23", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:35:56 authQuery: { + "$or": [ + { + "_id": "5962778c08de6c9c11df0d23" + } + ] +} +2017-07-09 20:35:56 ERROR Not authorized to update field "role" +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "zoltan", role: "admin", id: "5962778c08de6c9c11df0d24", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "5962778c08de6c9c11df0d23", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:35:56 update user update with user zoltan is authorized +2017-07-09 20:35:56 updated user 5962778c08de6c9c11df0d23. +2017-07-09 20:35:56 pubsub userUpdated readOne with user zoltan is authorized +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "5962778c08de6c9c11df0d24") +} + +2017-07-09 20:35:56 removeUser delete with user tobkle is authorized +2017-07-09 20:35:56 removed user 5962778c08de6c9c11df0d24. +2017-07-09 20:35:56 -------------------------------------------------------------------------------- +2017-07-09 20:35:56 Request: +User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "5962778c08de6c9c11df0d23", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 20:35:57 insert tweet create with user tobkle is authorized +2017-07-09 20:35:57 inserted tweet 5962778d08de6c9c11df0d25. +2017-07-09 20:35:57 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 20:35:57 insert tweet create with user tobkle is authorized +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", +Operation: "", variables: "", +Query: +{ + tweet(id: "5962778d08de6c9c11df0d25") { + author { + id + } + body + } +} + +2017-07-09 20:35:57 tweet readOne with user tobkle is authorized +2017-07-09 20:35:57 inserted tweet 5962778d08de6c9c11df0d26. +2017-07-09 20:35:57 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 20:35:57 author readOne with user tobkle is authorized +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 20:35:57 tweet readOne with user tobkle is authorized +2017-07-09 20:35:57 author readOne with user tobkle is authorized +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "5962778d08de6c9c11df0d25", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:35:57 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 20:35:57 update tweet update with user tobkle is authorized +2017-07-09 20:35:57 updated tweet 5962778d08de6c9c11df0d25. +2017-07-09 20:35:57 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "5962778d08de6c9c11df0d26", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:35:57 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 20:35:57 update tweet update with user tobkle is authorized +2017-07-09 20:35:57 updated tweet 5962778d08de6c9c11df0d26. +2017-07-09 20:35:57 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", +Operation: "", variables: "", +Query: +{ + tweet(id: "5962778d08de6c9c11df0d25") { + body + } +} + +2017-07-09 20:35:57 tweet readOne with user tobkle is authorized +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "5962778d08de6c9c11df0d25") +} + +2017-07-09 20:35:57 removeTweet delete with user tobkle is authorized +2017-07-09 20:35:57 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 20:35:57 removed tweet 5962778d08de6c9c11df0d25. +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "5962778d08de6c9c11df0d26") +} + +2017-07-09 20:35:57 removeTweet delete with user tobkle is authorized +2017-07-09 20:35:57 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 20:35:57 removed tweet 5962778d08de6c9c11df0d26. +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", +Operation: "", variables: "", +Query: +{ + tweet(id: "5962778d08de6c9c11df0d25") { + body + } +} + +2017-07-09 20:35:57 tweet readOne with user tobkle is authorized +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "5962778c08de6c9c11df0d23") +} + +2017-07-09 20:35:57 removeUser delete with user tobkle is authorized +2017-07-09 20:35:57 removed user 5962778c08de6c9c11df0d23. +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "5962778c08de6c9c11df0d23") { + username + bio + role + } +} + +2017-07-09 20:35:57 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-07-09 20:35:57 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 20:35:57 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:35:57 ERROR Authorization: Not authorized to update in update user. +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 20:35:57 ERROR Authorization: Not authorized to delete in removeUser. +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 20:35:57 ERROR Authorization: Not authorized to create in insert tweet. +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 20:35:57 tweet readOne with user is authorized +2017-07-09 20:35:57 ERROR Authorization: Not authorized to readOne in author. +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:35:57 tweet getOneById in updateById for docBefore readOne with user is authorized +2017-07-09 20:35:57 ERROR Authorization: Not authorized to update in update tweet. +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:35:57 tweet getOneById in updateById for docBefore readOne with user is authorized +2017-07-09 20:35:57 ERROR Authorization: Not authorized to update in update tweet. +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 20:35:57 ERROR Authorization: Not authorized to delete in removeTweet. +2017-07-09 20:35:57 tweet getOneById in removeById for docBefore readOne with user is authorized +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { + id + role + } +} + +2017-07-09 20:35:57 insert user create with user stubailo is authorized +2017-07-09 20:35:57 inserted user 5962778d08de6c9c11df0d27. +2017-07-09 20:35:57 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-07-09 20:35:57 authQuery: { + "$or": [] +} +2017-07-09 20:35:57 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "_id": "5962778d08de6c9c11df0d27" + } + ] +} +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", +Operation: "", variables: "", +Query: +{ + user(id: "5962778d08de6c9c11df0d27") { + username + } +} + +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "_id": "5962778d08de6c9c11df0d27" + } + ] +} +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", +Operation: "", variables: "", +Query: +{ + user(id: "5962778d08de6c9c11df0d27") { + username + role + } +} + +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "_id": "5962778d08de6c9c11df0d27" + } + ] +} +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "_id": "5962778d08de6c9c11df0d27" + } + ] +} +2017-07-09 20:35:57 ERROR Not authorized to update field "role" +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "5962778d08de6c9c11df0d27", input: {username: "tobkle", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "_id": "5962778d08de6c9c11df0d27" + } + ] +} +2017-07-09 20:35:57 updated user 5962778d08de6c9c11df0d27. +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "_id": "5962778d08de6c9c11df0d27" + } + ] +} +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "5962778d08de6c9c11df0d27", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "_id": "5962778d08de6c9c11df0d27" + } + ] +} +2017-07-09 20:35:57 ERROR Not authorized to update field "role" +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "_id": "5962778d08de6c9c11df0d27" + } + ] +} +2017-07-09 20:35:57 ERROR remove user failed for finalQuery: { + "_id": "583291a1638566b3c5a92ca1", + "$or": [ + { + "_id": "5962778d08de6c9c11df0d27" + } + ] +} +2017-07-09 20:35:57 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "5962778d08de6c9c11df0d27", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "authorId": "5962778d08de6c9c11df0d27" + } + ] +} +2017-07-09 20:35:57 inserted tweet 5962778d08de6c9c11df0d28. +2017-07-09 20:35:57 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "authorId": "5962778d08de6c9c11df0d27" + } + ] +} +2017-07-09 20:35:57 ERROR Not authorized to insert tweet +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", +Operation: "", variables: "", +Query: +{ + tweet(id: "5962778d08de6c9c11df0d28") { + author { + id + } + body + } +} + +2017-07-09 20:35:57 tweet readOne with user tobkle is authorized +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "_id": "5962778d08de6c9c11df0d27" + } + ] +} +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 20:35:57 tweet readOne with user tobkle is authorized +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "_id": "5962778d08de6c9c11df0d27" + } + ] +} +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "5962778d08de6c9c11df0d28", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:35:57 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "authorId": "5962778d08de6c9c11df0d27" + }, + { + "coauthorsIds": "5962778d08de6c9c11df0d27" + } + ] +} +2017-07-09 20:35:57 updated tweet 5962778d08de6c9c11df0d28. +2017-07-09 20:35:57 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:35:57 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "authorId": "5962778d08de6c9c11df0d27" + }, + { + "coauthorsIds": "5962778d08de6c9c11df0d27" + } + ] +} +2017-07-09 20:35:57 ERROR update tweet failed finalQuery: { + "_id": "583676d3618530145474e352", + "$or": [ + { + "authorId": "5962778d08de6c9c11df0d27" + }, + { + "coauthorsIds": "5962778d08de6c9c11df0d27" + } + ] +} +2017-07-09 20:35:57 ERROR update tweet failed for docToUpdate: { + "$set": { + "body": "This is a modified test tweet", + "updatedAt": 1499625357426, + "updatedById": "5962778d08de6c9c11df0d27" + } +} +2017-07-09 20:35:57 ERROR update tweet not possible for 583676d3618530145474e352. +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", +Operation: "", variables: "", +Query: +{ + tweet(id: "5962778d08de6c9c11df0d28") { + body + } +} + +2017-07-09 20:35:57 tweet readOne with user tobkle is authorized +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "5962778d08de6c9c11df0d28") +} + +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "authorId": "5962778d08de6c9c11df0d27" + } + ] +} +2017-07-09 20:35:57 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 20:35:57 removed tweet 5962778d08de6c9c11df0d28. +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "authorId": "5962778d08de6c9c11df0d27" + } + ] +} +2017-07-09 20:35:57 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 20:35:57 ERROR remove tweet failed for finalQuery: { + "_id": "583676d3618530145474e352", + "$or": [ + { + "authorId": "5962778d08de6c9c11df0d27" + } + ] +} +2017-07-09 20:35:57 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", +Operation: "", variables: "", +Query: +{ + tweet(id: "5962778d08de6c9c11df0d28") { + body + } +} + +2017-07-09 20:35:57 tweet readOne with user tobkle is authorized +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "5962778d08de6c9c11df0d27") +} + +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "_id": "5962778d08de6c9c11df0d27" + } + ] +} +2017-07-09 20:35:57 removed user 5962778d08de6c9c11df0d27. +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "5962778d08de6c9c11df0d27") { + username + bio + role + } +} + +2017-07-09 20:35:57 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { + id + role + } +} + +2017-07-09 20:35:57 insert user create with user stubailo is authorized +2017-07-09 20:35:57 inserted user 5962778d08de6c9c11df0d29. +2017-07-09 20:35:57 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "editor", id: "5962778d08de6c9c11df0d29", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-07-09 20:35:57 authQuery: { + "$or": [] +} +2017-07-09 20:35:57 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "editor", id: "5962778d08de6c9c11df0d29", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "_id": "5962778d08de6c9c11df0d29" + } + ] +} +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "editor", id: "5962778d08de6c9c11df0d29", +Operation: "", variables: "", +Query: +{ + user(id: "5962778d08de6c9c11df0d29") { + username + role + } +} + +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "_id": "5962778d08de6c9c11df0d29" + } + ] +} +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "editor", id: "5962778d08de6c9c11df0d29", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "_id": "5962778d08de6c9c11df0d29" + } + ] +} +2017-07-09 20:35:57 ERROR Not authorized to update field "role" +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tobkle", role: "editor", id: "5962778d08de6c9c11df0d29", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "5962778d08de6c9c11df0d29", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "_id": "5962778d08de6c9c11df0d29" + } + ] +} +2017-07-09 20:35:57 updated user 5962778d08de6c9c11df0d29. +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "_id": "5962778d08de6c9c11df0d29" + } + ] +} +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tmeasday", role: "editor", id: "5962778d08de6c9c11df0d29", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "5962778d08de6c9c11df0d29", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "_id": "5962778d08de6c9c11df0d29" + } + ] +} +2017-07-09 20:35:57 ERROR Not authorized to update field "role" +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tmeasday", role: "editor", id: "5962778d08de6c9c11df0d29", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "_id": "5962778d08de6c9c11df0d29" + } + ] +} +2017-07-09 20:35:57 ERROR remove user failed for finalQuery: { + "_id": "583291a1638566b3c5a92ca1", + "$or": [ + { + "_id": "5962778d08de6c9c11df0d29" + } + ] +} +2017-07-09 20:35:57 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tmeasday", role: "editor", id: "5962778d08de6c9c11df0d29", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "5962778d08de6c9c11df0d29", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "authorId": "5962778d08de6c9c11df0d29" + } + ] +} +2017-07-09 20:35:57 inserted tweet 5962778d08de6c9c11df0d2a. +2017-07-09 20:35:57 pubsub tweetInserted readOne with user tmeasday is authorized +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tmeasday", role: "editor", id: "5962778d08de6c9c11df0d29", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "authorId": "5962778d08de6c9c11df0d29" + } + ] +} +2017-07-09 20:35:57 ERROR Not authorized to insert tweet +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tmeasday", role: "editor", id: "5962778d08de6c9c11df0d29", +Operation: "", variables: "", +Query: +{ + tweet(id: "5962778d08de6c9c11df0d2a") { + author { + id + } + body + } +} + +2017-07-09 20:35:57 tweet readOne with user tmeasday is authorized +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "_id": "5962778d08de6c9c11df0d29" + } + ] +} +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tmeasday", role: "editor", id: "5962778d08de6c9c11df0d29", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 20:35:57 tweet readOne with user tmeasday is authorized +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "_id": "5962778d08de6c9c11df0d29" + } + ] +} +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tmeasday", role: "editor", id: "5962778d08de6c9c11df0d29", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "5962778d08de6c9c11df0d2a", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:35:57 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "authorId": "5962778d08de6c9c11df0d29" + }, + { + "coauthorsIds": "5962778d08de6c9c11df0d29" + } + ] +} +2017-07-09 20:35:57 updated tweet 5962778d08de6c9c11df0d2a. +2017-07-09 20:35:57 pubsub tweetUpdated readOne with user tmeasday is authorized +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tmeasday", role: "editor", id: "5962778d08de6c9c11df0d29", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:35:57 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "authorId": "5962778d08de6c9c11df0d29" + }, + { + "coauthorsIds": "5962778d08de6c9c11df0d29" + } + ] +} +2017-07-09 20:35:57 ERROR update tweet failed finalQuery: { + "_id": "583676d3618530145474e352", + "$or": [ + { + "authorId": "5962778d08de6c9c11df0d29" + }, + { + "coauthorsIds": "5962778d08de6c9c11df0d29" + } + ] +} +2017-07-09 20:35:57 ERROR update tweet failed for docToUpdate: { + "$set": { + "body": "This is a modified test tweet", + "updatedAt": 1499625357646, + "updatedById": "5962778d08de6c9c11df0d29" + } +} +2017-07-09 20:35:57 ERROR update tweet not possible for 583676d3618530145474e352. +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tmeasday", role: "editor", id: "5962778d08de6c9c11df0d29", +Operation: "", variables: "", +Query: +{ + tweet(id: "5962778d08de6c9c11df0d2a") { + body + } +} + +2017-07-09 20:35:57 tweet readOne with user tmeasday is authorized +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tmeasday", role: "editor", id: "5962778d08de6c9c11df0d29", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "5962778d08de6c9c11df0d2a") +} + +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "authorId": "5962778d08de6c9c11df0d29" + } + ] +} +2017-07-09 20:35:57 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized +2017-07-09 20:35:57 removed tweet 5962778d08de6c9c11df0d2a. +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tmeasday", role: "editor", id: "5962778d08de6c9c11df0d29", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "authorId": "5962778d08de6c9c11df0d29" + } + ] +} +2017-07-09 20:35:57 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized +2017-07-09 20:35:57 ERROR remove tweet failed for finalQuery: { + "_id": "583676d3618530145474e352", + "$or": [ + { + "authorId": "5962778d08de6c9c11df0d29" + } + ] +} +2017-07-09 20:35:57 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tmeasday", role: "editor", id: "5962778d08de6c9c11df0d29", +Operation: "", variables: "", +Query: +{ + tweet(id: "5962778d08de6c9c11df0d2a") { + body + } +} + +2017-07-09 20:35:57 tweet readOne with user tmeasday is authorized +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "tmeasday", role: "editor", id: "5962778d08de6c9c11df0d29", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "5962778d08de6c9c11df0d29") +} + +2017-07-09 20:35:57 authQuery: { + "$or": [ + { + "_id": "5962778d08de6c9c11df0d29" + } + ] +} +2017-07-09 20:35:57 removed user 5962778d08de6c9c11df0d29. +2017-07-09 20:35:57 -------------------------------------------------------------------------------- +2017-07-09 20:35:57 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "5962778d08de6c9c11df0d29") { + username + bio + role + } +} + +2017-07-09 20:35:57 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 20:36:20 Logger started +2017-07-09 20:36:33 Logger started +2017-07-09 20:37:37 Logger started +2017-07-09 20:38:24 Logger started +2017-07-09 20:39:07 -------------------------------------------------------------------------------- +2017-07-09 20:39:07 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + role + username + } +} + +2017-07-09 20:39:18 user readOne with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + role + username + } +} + +2017-07-09 20:39:18 user readOne with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca2") { + role + username + } +} + +2017-07-09 20:39:18 user readOne with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + id + username + bio + } +} + +2017-07-09 20:39:18 user readOne with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users { + username + createdAt + } +} + +2017-07-09 20:39:18 users readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(limit: 1) { + username + createdAt + } +} + +2017-07-09 20:39:18 users readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993) { + username + createdAt + } +} + +2017-07-09 20:39:18 users readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } +} + +2017-07-09 20:39:18 users readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers { + username + createdAt + } + } +} + +2017-07-09 20:39:18 user readOne with user stubailo is authorized +2017-07-09 20:39:18 followers readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:39:18 user readOne with user stubailo is authorized +2017-07-09 20:39:18 followers readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-07-09 20:39:18 user readOne with user stubailo is authorized +2017-07-09 20:39:18 followers readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:39:18 user readOne with user stubailo is authorized +2017-07-09 20:39:18 followers readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following { + username + createdAt + } + } +} + +2017-07-09 20:39:18 user readOne with user stubailo is authorized +2017-07-09 20:39:18 following readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:39:18 user readOne with user stubailo is authorized +2017-07-09 20:39:18 following readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-07-09 20:39:18 user readOne with user stubailo is authorized +2017-07-09 20:39:18 following readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:39:18 user readOne with user stubailo is authorized +2017-07-09 20:39:18 following readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets { + id + createdAt + } + } +} + +2017-07-09 20:39:18 user readOne with user stubailo is authorized +2017-07-09 20:39:18 tweets readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(limit: 1) { + id + createdAt + } + } +} + +2017-07-09 20:39:18 user readOne with user stubailo is authorized +2017-07-09 20:39:18 tweets readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } + } +} + +2017-07-09 20:39:18 user readOne with user stubailo is authorized +2017-07-09 20:39:18 tweets readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } + } +} + +2017-07-09 20:39:18 user readOne with user stubailo is authorized +2017-07-09 20:39:18 tweets readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked { + id + createdAt + } + } +} + +2017-07-09 20:39:18 user readOne with user stubailo is authorized +2017-07-09 20:39:18 liked readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(limit: 1) { + id + createdAt + } + } +} + +2017-07-09 20:39:18 user readOne with user stubailo is authorized +2017-07-09 20:39:18 liked readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334) { + id + createdAt + } + } +} + +2017-07-09 20:39:18 user readOne with user stubailo is authorized +2017-07-09 20:39:18 liked readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334, limit: 1) { + id + createdAt + } + } +} + +2017-07-09 20:39:18 user readOne with user stubailo is authorized +2017-07-09 20:39:18 liked readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets { + id + createdAt + } +} + +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + author { + username + } + } +} + +2017-07-09 20:39:18 tweets readMany with user stubailo is authorized +2017-07-09 20:39:18 tweet readOne with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + id + body + } +} + +2017-07-09 20:39:18 tweet readOne with user stubailo is authorized +2017-07-09 20:39:18 author readOne with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(limit: 1) { + id + createdAt + } +} + +2017-07-09 20:39:18 tweets readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } +} + +2017-07-09 20:39:18 tweets readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } +} + +2017-07-09 20:39:18 tweets readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers { + username + createdAt + } + } +} + +2017-07-09 20:39:18 tweet readOne with user stubailo is authorized +2017-07-09 20:39:18 likers readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:39:18 tweet readOne with user stubailo is authorized +2017-07-09 20:39:18 likers readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993) { + username + createdAt + } + } +} + +2017-07-09 20:39:18 tweet readOne with user stubailo is authorized +2017-07-09 20:39:18 likers readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:39:18 tweet readOne with user stubailo is authorized +2017-07-09 20:39:18 likers readMany with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { + id + role + } +} + +2017-07-09 20:39:18 insert user create with user stubailo is authorized +2017-07-09 20:39:18 inserted user 596278564c57819cb42922c4. +2017-07-09 20:39:18 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-07-09 20:39:18 insert user create with user tobkle is authorized +2017-07-09 20:39:18 inserted user 596278564c57819cb42922c5. +2017-07-09 20:39:18 pubsub userInserted readOne with user tobkle is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", +Operation: "", variables: "", +Query: +{ + user(id: "596278564c57819cb42922c5") { + username + bio + role + } +} + +2017-07-09 20:39:18 user readOne with user tobkle is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", +Operation: "", variables: "", +Query: +{ + user(id: "596278564c57819cb42922c4") { + username + role + } +} + +2017-07-09 20:39:18 user readOne with user tobkle is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596278564c57819cb42922c5", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-07-09 20:39:18 update user update with user tobkle is authorized +2017-07-09 20:39:18 updated user 596278564c57819cb42922c5. +2017-07-09 20:39:18 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596278564c57819cb42922c4", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:39:18 update user update with user tobkle is authorized +2017-07-09 20:39:18 updated user 596278564c57819cb42922c4. +2017-07-09 20:39:18 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596278564c57819cb42922c5", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:39:18 update user update with user tobkle is authorized +2017-07-09 20:39:18 updated user 596278564c57819cb42922c5. +2017-07-09 20:39:18 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596278564c57819cb42922c4", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-07-09 20:39:18 update user update with user tobkle is authorized +2017-07-09 20:39:18 updated user 596278564c57819cb42922c4. +2017-07-09 20:39:18 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 20:39:18 -------------------------------------------------------------------------------- +2017-07-09 20:39:18 Request: +User: "tobkle", role: "editor", id: "596278564c57819cb42922c4", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596278564c57819cb42922c4", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:39:18 authQuery: { + "$or": [ + { + "_id": "596278564c57819cb42922c4" + } + ] +} +2017-07-09 20:39:18 ERROR Not authorized to update field "role" +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "zoltan", role: "admin", id: "596278564c57819cb42922c5", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596278564c57819cb42922c4", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:39:19 update user update with user zoltan is authorized +2017-07-09 20:39:19 updated user 596278564c57819cb42922c4. +2017-07-09 20:39:19 pubsub userUpdated readOne with user zoltan is authorized +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "596278564c57819cb42922c5") +} + +2017-07-09 20:39:19 removeUser delete with user tobkle is authorized +2017-07-09 20:39:19 removed user 596278564c57819cb42922c5. +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "596278564c57819cb42922c4", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 20:39:19 insert tweet create with user tobkle is authorized +2017-07-09 20:39:19 inserted tweet 596278574c57819cb42922c6. +2017-07-09 20:39:19 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 20:39:19 insert tweet create with user tobkle is authorized +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", +Operation: "", variables: "", +Query: +{ + tweet(id: "596278574c57819cb42922c6") { + author { + id + } + body + } +} + +2017-07-09 20:39:19 tweet readOne with user tobkle is authorized +2017-07-09 20:39:19 inserted tweet 596278574c57819cb42922c7. +2017-07-09 20:39:19 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 20:39:19 author readOne with user tobkle is authorized +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 20:39:19 tweet readOne with user tobkle is authorized +2017-07-09 20:39:19 author readOne with user tobkle is authorized +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "596278574c57819cb42922c6", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:39:19 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 20:39:19 update tweet update with user tobkle is authorized +2017-07-09 20:39:19 updated tweet 596278574c57819cb42922c6. +2017-07-09 20:39:19 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "596278574c57819cb42922c7", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:39:19 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 20:39:19 update tweet update with user tobkle is authorized +2017-07-09 20:39:19 updated tweet 596278574c57819cb42922c7. +2017-07-09 20:39:19 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", +Operation: "", variables: "", +Query: +{ + tweet(id: "596278574c57819cb42922c6") { + body + } +} + +2017-07-09 20:39:19 tweet readOne with user tobkle is authorized +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "596278574c57819cb42922c6") +} + +2017-07-09 20:39:19 removeTweet delete with user tobkle is authorized +2017-07-09 20:39:19 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 20:39:19 removed tweet 596278574c57819cb42922c6. +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "596278574c57819cb42922c7") +} + +2017-07-09 20:39:19 removeTweet delete with user tobkle is authorized +2017-07-09 20:39:19 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 20:39:19 removed tweet 596278574c57819cb42922c7. +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", +Operation: "", variables: "", +Query: +{ + tweet(id: "596278574c57819cb42922c6") { + body + } +} + +2017-07-09 20:39:19 tweet readOne with user tobkle is authorized +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "596278564c57819cb42922c4") +} + +2017-07-09 20:39:19 removeUser delete with user tobkle is authorized +2017-07-09 20:39:19 removed user 596278564c57819cb42922c4. +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "596278564c57819cb42922c4") { + username + bio + role + } +} + +2017-07-09 20:39:19 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-07-09 20:39:19 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 20:39:19 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:39:19 ERROR Authorization: Not authorized to update in update user. +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 20:39:19 ERROR Authorization: Not authorized to delete in removeUser. +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 20:39:19 ERROR Authorization: Not authorized to create in insert tweet. +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 20:39:19 tweet readOne with user is authorized +2017-07-09 20:39:19 ERROR Authorization: Not authorized to readOne in author. +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:39:19 tweet getOneById in updateById for docBefore readOne with user is authorized +2017-07-09 20:39:19 ERROR Authorization: Not authorized to update in update tweet. +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:39:19 tweet getOneById in updateById for docBefore readOne with user is authorized +2017-07-09 20:39:19 ERROR Authorization: Not authorized to update in update tweet. +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 20:39:19 ERROR Authorization: Not authorized to delete in removeTweet. +2017-07-09 20:39:19 tweet getOneById in removeById for docBefore readOne with user is authorized +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { + id + role + } +} + +2017-07-09 20:39:19 insert user create with user stubailo is authorized +2017-07-09 20:39:19 inserted user 596278574c57819cb42922c8. +2017-07-09 20:39:19 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "user", id: "596278574c57819cb42922c8", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-07-09 20:39:19 authQuery: { + "$or": [] +} +2017-07-09 20:39:19 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "user", id: "596278574c57819cb42922c8", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "_id": "596278574c57819cb42922c8" + } + ] +} +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "user", id: "596278574c57819cb42922c8", +Operation: "", variables: "", +Query: +{ + user(id: "596278574c57819cb42922c8") { + username + } +} + +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "_id": "596278574c57819cb42922c8" + } + ] +} +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "user", id: "596278574c57819cb42922c8", +Operation: "", variables: "", +Query: +{ + user(id: "596278574c57819cb42922c8") { + username + role + } +} + +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "_id": "596278574c57819cb42922c8" + } + ] +} +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "user", id: "596278574c57819cb42922c8", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "_id": "596278574c57819cb42922c8" + } + ] +} +2017-07-09 20:39:19 ERROR Not authorized to update field "role" +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "user", id: "596278574c57819cb42922c8", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596278574c57819cb42922c8", input: {username: "tobkle", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "_id": "596278574c57819cb42922c8" + } + ] +} +2017-07-09 20:39:19 updated user 596278574c57819cb42922c8. +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "_id": "596278574c57819cb42922c8" + } + ] +} +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "user", id: "596278574c57819cb42922c8", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596278574c57819cb42922c8", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "_id": "596278574c57819cb42922c8" + } + ] +} +2017-07-09 20:39:19 ERROR Not authorized to update field "role" +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "user", id: "596278574c57819cb42922c8", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "_id": "596278574c57819cb42922c8" + } + ] +} +2017-07-09 20:39:19 ERROR remove user failed for finalQuery: { + "_id": "583291a1638566b3c5a92ca1", + "$or": [ + { + "_id": "596278574c57819cb42922c8" + } + ] +} +2017-07-09 20:39:19 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "user", id: "596278574c57819cb42922c8", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "596278574c57819cb42922c8", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "authorId": "596278574c57819cb42922c8" + } + ] +} +2017-07-09 20:39:19 inserted tweet 596278574c57819cb42922c9. +2017-07-09 20:39:19 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "user", id: "596278574c57819cb42922c8", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "authorId": "596278574c57819cb42922c8" + } + ] +} +2017-07-09 20:39:19 ERROR Not authorized to insert tweet +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "user", id: "596278574c57819cb42922c8", +Operation: "", variables: "", +Query: +{ + tweet(id: "596278574c57819cb42922c9") { + author { + id + } + body + } +} + +2017-07-09 20:39:19 tweet readOne with user tobkle is authorized +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "_id": "596278574c57819cb42922c8" + } + ] +} +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "user", id: "596278574c57819cb42922c8", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 20:39:19 tweet readOne with user tobkle is authorized +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "_id": "596278574c57819cb42922c8" + } + ] +} +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "user", id: "596278574c57819cb42922c8", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "596278574c57819cb42922c9", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:39:19 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "authorId": "596278574c57819cb42922c8" + }, + { + "coauthorsIds": "596278574c57819cb42922c8" + } + ] +} +2017-07-09 20:39:19 updated tweet 596278574c57819cb42922c9. +2017-07-09 20:39:19 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "user", id: "596278574c57819cb42922c8", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:39:19 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "authorId": "596278574c57819cb42922c8" + }, + { + "coauthorsIds": "596278574c57819cb42922c8" + } + ] +} +2017-07-09 20:39:19 ERROR update tweet failed finalQuery: { + "_id": "583676d3618530145474e352", + "$or": [ + { + "authorId": "596278574c57819cb42922c8" + }, + { + "coauthorsIds": "596278574c57819cb42922c8" + } + ] +} +2017-07-09 20:39:19 ERROR update tweet failed for docToUpdate: { + "$set": { + "body": "This is a modified test tweet", + "updatedAt": 1499625559454, + "updatedById": "596278574c57819cb42922c8" + } +} +2017-07-09 20:39:19 ERROR update tweet not possible for 583676d3618530145474e352. +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "user", id: "596278574c57819cb42922c8", +Operation: "", variables: "", +Query: +{ + tweet(id: "596278574c57819cb42922c9") { + body + } +} + +2017-07-09 20:39:19 tweet readOne with user tobkle is authorized +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "user", id: "596278574c57819cb42922c8", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "596278574c57819cb42922c9") +} + +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "authorId": "596278574c57819cb42922c8" + } + ] +} +2017-07-09 20:39:19 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 20:39:19 removed tweet 596278574c57819cb42922c9. +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "user", id: "596278574c57819cb42922c8", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "authorId": "596278574c57819cb42922c8" + } + ] +} +2017-07-09 20:39:19 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 20:39:19 ERROR remove tweet failed for finalQuery: { + "_id": "583676d3618530145474e352", + "$or": [ + { + "authorId": "596278574c57819cb42922c8" + } + ] +} +2017-07-09 20:39:19 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "user", id: "596278574c57819cb42922c8", +Operation: "", variables: "", +Query: +{ + tweet(id: "596278574c57819cb42922c9") { + body + } +} + +2017-07-09 20:39:19 tweet readOne with user tobkle is authorized +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "user", id: "596278574c57819cb42922c8", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "596278574c57819cb42922c8") +} + +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "_id": "596278574c57819cb42922c8" + } + ] +} +2017-07-09 20:39:19 removed user 596278574c57819cb42922c8. +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "596278574c57819cb42922c8") { + username + bio + role + } +} + +2017-07-09 20:39:19 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { + id + role + } +} + +2017-07-09 20:39:19 insert user create with user stubailo is authorized +2017-07-09 20:39:19 inserted user 596278574c57819cb42922ca. +2017-07-09 20:39:19 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "editor", id: "596278574c57819cb42922ca", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-07-09 20:39:19 authQuery: { + "$or": [] +} +2017-07-09 20:39:19 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "editor", id: "596278574c57819cb42922ca", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "_id": "596278574c57819cb42922ca" + } + ] +} +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "editor", id: "596278574c57819cb42922ca", +Operation: "", variables: "", +Query: +{ + user(id: "596278574c57819cb42922ca") { + username + role + } +} + +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "_id": "596278574c57819cb42922ca" + } + ] +} +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "editor", id: "596278574c57819cb42922ca", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "_id": "596278574c57819cb42922ca" + } + ] +} +2017-07-09 20:39:19 ERROR Not authorized to update field "role" +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tobkle", role: "editor", id: "596278574c57819cb42922ca", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596278574c57819cb42922ca", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "_id": "596278574c57819cb42922ca" + } + ] +} +2017-07-09 20:39:19 updated user 596278574c57819cb42922ca. +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "_id": "596278574c57819cb42922ca" + } + ] +} +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tmeasday", role: "editor", id: "596278574c57819cb42922ca", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596278574c57819cb42922ca", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "_id": "596278574c57819cb42922ca" + } + ] +} +2017-07-09 20:39:19 ERROR Not authorized to update field "role" +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tmeasday", role: "editor", id: "596278574c57819cb42922ca", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "_id": "596278574c57819cb42922ca" + } + ] +} +2017-07-09 20:39:19 ERROR remove user failed for finalQuery: { + "_id": "583291a1638566b3c5a92ca1", + "$or": [ + { + "_id": "596278574c57819cb42922ca" + } + ] +} +2017-07-09 20:39:19 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tmeasday", role: "editor", id: "596278574c57819cb42922ca", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "596278574c57819cb42922ca", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "authorId": "596278574c57819cb42922ca" + } + ] +} +2017-07-09 20:39:19 inserted tweet 596278574c57819cb42922cb. +2017-07-09 20:39:19 pubsub tweetInserted readOne with user tmeasday is authorized +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tmeasday", role: "editor", id: "596278574c57819cb42922ca", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "authorId": "596278574c57819cb42922ca" + } + ] +} +2017-07-09 20:39:19 ERROR Not authorized to insert tweet +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tmeasday", role: "editor", id: "596278574c57819cb42922ca", +Operation: "", variables: "", +Query: +{ + tweet(id: "596278574c57819cb42922cb") { + author { + id + } + body + } +} + +2017-07-09 20:39:19 tweet readOne with user tmeasday is authorized +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "_id": "596278574c57819cb42922ca" + } + ] +} +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tmeasday", role: "editor", id: "596278574c57819cb42922ca", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 20:39:19 tweet readOne with user tmeasday is authorized +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "_id": "596278574c57819cb42922ca" + } + ] +} +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tmeasday", role: "editor", id: "596278574c57819cb42922ca", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "596278574c57819cb42922cb", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:39:19 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "authorId": "596278574c57819cb42922ca" + }, + { + "coauthorsIds": "596278574c57819cb42922ca" + } + ] +} +2017-07-09 20:39:19 updated tweet 596278574c57819cb42922cb. +2017-07-09 20:39:19 pubsub tweetUpdated readOne with user tmeasday is authorized +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tmeasday", role: "editor", id: "596278574c57819cb42922ca", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:39:19 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "authorId": "596278574c57819cb42922ca" + }, + { + "coauthorsIds": "596278574c57819cb42922ca" + } + ] +} +2017-07-09 20:39:19 ERROR update tweet failed finalQuery: { + "_id": "583676d3618530145474e352", + "$or": [ + { + "authorId": "596278574c57819cb42922ca" + }, + { + "coauthorsIds": "596278574c57819cb42922ca" + } + ] +} +2017-07-09 20:39:19 ERROR update tweet failed for docToUpdate: { + "$set": { + "body": "This is a modified test tweet", + "updatedAt": 1499625559652, + "updatedById": "596278574c57819cb42922ca" + } +} +2017-07-09 20:39:19 ERROR update tweet not possible for 583676d3618530145474e352. +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tmeasday", role: "editor", id: "596278574c57819cb42922ca", +Operation: "", variables: "", +Query: +{ + tweet(id: "596278574c57819cb42922cb") { + body + } +} + +2017-07-09 20:39:19 tweet readOne with user tmeasday is authorized +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tmeasday", role: "editor", id: "596278574c57819cb42922ca", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "596278574c57819cb42922cb") +} + +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "authorId": "596278574c57819cb42922ca" + } + ] +} +2017-07-09 20:39:19 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized +2017-07-09 20:39:19 removed tweet 596278574c57819cb42922cb. +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tmeasday", role: "editor", id: "596278574c57819cb42922ca", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "authorId": "596278574c57819cb42922ca" + } + ] +} +2017-07-09 20:39:19 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized +2017-07-09 20:39:19 ERROR remove tweet failed for finalQuery: { + "_id": "583676d3618530145474e352", + "$or": [ + { + "authorId": "596278574c57819cb42922ca" + } + ] +} +2017-07-09 20:39:19 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tmeasday", role: "editor", id: "596278574c57819cb42922ca", +Operation: "", variables: "", +Query: +{ + tweet(id: "596278574c57819cb42922cb") { + body + } +} + +2017-07-09 20:39:19 tweet readOne with user tmeasday is authorized +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "tmeasday", role: "editor", id: "596278574c57819cb42922ca", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "596278574c57819cb42922ca") +} + +2017-07-09 20:39:19 authQuery: { + "$or": [ + { + "_id": "596278574c57819cb42922ca" + } + ] +} +2017-07-09 20:39:19 removed user 596278574c57819cb42922ca. +2017-07-09 20:39:19 -------------------------------------------------------------------------------- +2017-07-09 20:39:19 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "596278574c57819cb42922ca") { + username + bio + role + } +} + +2017-07-09 20:39:19 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 20:42:33 -------------------------------------------------------------------------------- +2017-07-09 20:42:33 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-07-09 20:42:44 -------------------------------------------------------------------------------- +2017-07-09 20:42:44 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-07-09 20:42:44 -------------------------------------------------------------------------------- +2017-07-09 20:42:44 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + role + username + } +} + +2017-07-09 20:42:44 user readOne with user stubailo is authorized +2017-07-09 20:42:44 -------------------------------------------------------------------------------- +2017-07-09 20:42:44 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + role + username + } +} + +2017-07-09 20:42:44 user readOne with user stubailo is authorized +2017-07-09 20:42:44 -------------------------------------------------------------------------------- +2017-07-09 20:42:44 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca2") { + role + username + } +} + +2017-07-09 20:42:44 user readOne with user stubailo is authorized +2017-07-09 20:42:44 -------------------------------------------------------------------------------- +2017-07-09 20:42:44 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + id + username + bio + } +} + +2017-07-09 20:42:44 user readOne with user stubailo is authorized +2017-07-09 20:42:44 -------------------------------------------------------------------------------- +2017-07-09 20:42:44 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users { + username + createdAt + } +} + +2017-07-09 20:42:44 users readMany with user stubailo is authorized +2017-07-09 20:42:44 -------------------------------------------------------------------------------- +2017-07-09 20:42:44 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(limit: 1) { + username + createdAt + } +} + +2017-07-09 20:42:44 users readMany with user stubailo is authorized +2017-07-09 20:42:44 -------------------------------------------------------------------------------- +2017-07-09 20:42:44 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993) { + username + createdAt + } +} + +2017-07-09 20:42:44 users readMany with user stubailo is authorized +2017-07-09 20:42:44 -------------------------------------------------------------------------------- +2017-07-09 20:42:44 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } +} + +2017-07-09 20:42:44 users readMany with user stubailo is authorized +2017-07-09 20:42:44 -------------------------------------------------------------------------------- +2017-07-09 20:42:44 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers { + username + createdAt + } + } +} + +2017-07-09 20:42:44 user readOne with user stubailo is authorized +2017-07-09 20:42:44 followers readMany with user stubailo is authorized +2017-07-09 20:42:44 -------------------------------------------------------------------------------- +2017-07-09 20:42:44 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:42:44 user readOne with user stubailo is authorized +2017-07-09 20:42:44 followers readMany with user stubailo is authorized +2017-07-09 20:42:44 -------------------------------------------------------------------------------- +2017-07-09 20:42:44 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-07-09 20:42:44 user readOne with user stubailo is authorized +2017-07-09 20:42:44 followers readMany with user stubailo is authorized +2017-07-09 20:42:44 -------------------------------------------------------------------------------- +2017-07-09 20:42:44 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:42:44 user readOne with user stubailo is authorized +2017-07-09 20:42:44 followers readMany with user stubailo is authorized +2017-07-09 20:42:44 -------------------------------------------------------------------------------- +2017-07-09 20:42:44 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following { + username + createdAt + } + } +} + +2017-07-09 20:42:44 user readOne with user stubailo is authorized +2017-07-09 20:42:44 following readMany with user stubailo is authorized +2017-07-09 20:42:44 -------------------------------------------------------------------------------- +2017-07-09 20:42:44 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:42:44 user readOne with user stubailo is authorized +2017-07-09 20:42:44 following readMany with user stubailo is authorized +2017-07-09 20:42:44 -------------------------------------------------------------------------------- +2017-07-09 20:42:44 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-07-09 20:42:44 user readOne with user stubailo is authorized +2017-07-09 20:42:44 following readMany with user stubailo is authorized +2017-07-09 20:42:44 -------------------------------------------------------------------------------- +2017-07-09 20:42:44 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:42:44 user readOne with user stubailo is authorized +2017-07-09 20:42:44 following readMany with user stubailo is authorized +2017-07-09 20:42:44 -------------------------------------------------------------------------------- +2017-07-09 20:42:44 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets { + id + createdAt + } + } +} + +2017-07-09 20:42:44 user readOne with user stubailo is authorized +2017-07-09 20:42:44 tweets readMany with user stubailo is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(limit: 1) { + id + createdAt + } + } +} + +2017-07-09 20:42:45 user readOne with user stubailo is authorized +2017-07-09 20:42:45 tweets readMany with user stubailo is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } + } +} + +2017-07-09 20:42:45 user readOne with user stubailo is authorized +2017-07-09 20:42:45 tweets readMany with user stubailo is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } + } +} + +2017-07-09 20:42:45 user readOne with user stubailo is authorized +2017-07-09 20:42:45 tweets readMany with user stubailo is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked { + id + createdAt + } + } +} + +2017-07-09 20:42:45 user readOne with user stubailo is authorized +2017-07-09 20:42:45 liked readMany with user stubailo is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(limit: 1) { + id + createdAt + } + } +} + +2017-07-09 20:42:45 user readOne with user stubailo is authorized +2017-07-09 20:42:45 liked readMany with user stubailo is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334) { + id + createdAt + } + } +} + +2017-07-09 20:42:45 user readOne with user stubailo is authorized +2017-07-09 20:42:45 liked readMany with user stubailo is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334, limit: 1) { + id + createdAt + } + } +} + +2017-07-09 20:42:45 user readOne with user stubailo is authorized +2017-07-09 20:42:45 liked readMany with user stubailo is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + id + body + } +} + +2017-07-09 20:42:45 tweet readOne with user stubailo is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + author { + username + } + } +} + +2017-07-09 20:42:45 tweet readOne with user stubailo is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets { + id + createdAt + } +} + +2017-07-09 20:42:45 tweets readMany with user stubailo is authorized +2017-07-09 20:42:45 author readOne with user stubailo is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(limit: 1) { + id + createdAt + } +} + +2017-07-09 20:42:45 tweets readMany with user stubailo is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } +} + +2017-07-09 20:42:45 tweets readMany with user stubailo is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } +} + +2017-07-09 20:42:45 tweets readMany with user stubailo is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers { + username + createdAt + } + } +} + +2017-07-09 20:42:45 tweet readOne with user stubailo is authorized +2017-07-09 20:42:45 likers readMany with user stubailo is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:42:45 tweet readOne with user stubailo is authorized +2017-07-09 20:42:45 likers readMany with user stubailo is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993) { + username + createdAt + } + } +} + +2017-07-09 20:42:45 tweet readOne with user stubailo is authorized +2017-07-09 20:42:45 likers readMany with user stubailo is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 20:42:45 tweet readOne with user stubailo is authorized +2017-07-09 20:42:45 likers readMany with user stubailo is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { + id + role + } +} + +2017-07-09 20:42:45 insert user create with user stubailo is authorized +2017-07-09 20:42:45 inserted user 596279254c57819cb42922cc. +2017-07-09 20:42:45 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-07-09 20:42:45 insert user create with user tobkle is authorized +2017-07-09 20:42:45 inserted user 596279254c57819cb42922cd. +2017-07-09 20:42:45 pubsub userInserted readOne with user tobkle is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", +Operation: "", variables: "", +Query: +{ + user(id: "596279254c57819cb42922cd") { + username + bio + role + } +} + +2017-07-09 20:42:45 user readOne with user tobkle is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", +Operation: "", variables: "", +Query: +{ + user(id: "596279254c57819cb42922cc") { + username + role + } +} + +2017-07-09 20:42:45 user readOne with user tobkle is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596279254c57819cb42922cd", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-07-09 20:42:45 update user update with user tobkle is authorized +2017-07-09 20:42:45 updated user 596279254c57819cb42922cd. +2017-07-09 20:42:45 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596279254c57819cb42922cc", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:42:45 update user update with user tobkle is authorized +2017-07-09 20:42:45 updated user 596279254c57819cb42922cc. +2017-07-09 20:42:45 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596279254c57819cb42922cd", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:42:45 update user update with user tobkle is authorized +2017-07-09 20:42:45 updated user 596279254c57819cb42922cd. +2017-07-09 20:42:45 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596279254c57819cb42922cc", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-07-09 20:42:45 update user update with user tobkle is authorized +2017-07-09 20:42:45 updated user 596279254c57819cb42922cc. +2017-07-09 20:42:45 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "editor", id: "596279254c57819cb42922cc", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596279254c57819cb42922cc", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "_id": "596279254c57819cb42922cc" + } + ] +} +2017-07-09 20:42:45 ERROR Not authorized to update field "role" +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "zoltan", role: "admin", id: "596279254c57819cb42922cd", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596279254c57819cb42922cc", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:42:45 update user update with user zoltan is authorized +2017-07-09 20:42:45 updated user 596279254c57819cb42922cc. +2017-07-09 20:42:45 pubsub userUpdated readOne with user zoltan is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "596279254c57819cb42922cd") +} + +2017-07-09 20:42:45 removeUser delete with user tobkle is authorized +2017-07-09 20:42:45 removed user 596279254c57819cb42922cd. +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "596279254c57819cb42922cc", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 20:42:45 insert tweet create with user tobkle is authorized +2017-07-09 20:42:45 inserted tweet 596279254c57819cb42922ce. +2017-07-09 20:42:45 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 20:42:45 insert tweet create with user tobkle is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", +Operation: "", variables: "", +Query: +{ + tweet(id: "596279254c57819cb42922ce") { + author { + id + } + body + } +} + +2017-07-09 20:42:45 tweet readOne with user tobkle is authorized +2017-07-09 20:42:45 inserted tweet 596279254c57819cb42922cf. +2017-07-09 20:42:45 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 20:42:45 author readOne with user tobkle is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 20:42:45 tweet readOne with user tobkle is authorized +2017-07-09 20:42:45 author readOne with user tobkle is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "596279254c57819cb42922ce", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:42:45 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 20:42:45 update tweet update with user tobkle is authorized +2017-07-09 20:42:45 updated tweet 596279254c57819cb42922ce. +2017-07-09 20:42:45 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "596279254c57819cb42922cf", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:42:45 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 20:42:45 update tweet update with user tobkle is authorized +2017-07-09 20:42:45 updated tweet 596279254c57819cb42922cf. +2017-07-09 20:42:45 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", +Operation: "", variables: "", +Query: +{ + tweet(id: "596279254c57819cb42922ce") { + body + } +} + +2017-07-09 20:42:45 tweet readOne with user tobkle is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "596279254c57819cb42922ce") +} + +2017-07-09 20:42:45 removeTweet delete with user tobkle is authorized +2017-07-09 20:42:45 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 20:42:45 removed tweet 596279254c57819cb42922ce. +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "596279254c57819cb42922cf") +} + +2017-07-09 20:42:45 removeTweet delete with user tobkle is authorized +2017-07-09 20:42:45 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 20:42:45 removed tweet 596279254c57819cb42922cf. +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", +Operation: "", variables: "", +Query: +{ + tweet(id: "596279254c57819cb42922ce") { + body + } +} + +2017-07-09 20:42:45 tweet readOne with user tobkle is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "596279254c57819cb42922cc") +} + +2017-07-09 20:42:45 removeUser delete with user tobkle is authorized +2017-07-09 20:42:45 removed user 596279254c57819cb42922cc. +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "596279254c57819cb42922cc") { + username + bio + role + } +} + +2017-07-09 20:42:45 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-07-09 20:42:45 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 20:42:45 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:42:45 ERROR Authorization: Not authorized to update in update user. +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 20:42:45 ERROR Authorization: Not authorized to delete in removeUser. +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 20:42:45 ERROR Authorization: Not authorized to create in insert tweet. +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 20:42:45 tweet readOne with user is authorized +2017-07-09 20:42:45 ERROR Authorization: Not authorized to readOne in author. +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:42:45 tweet getOneById in updateById for docBefore readOne with user is authorized +2017-07-09 20:42:45 ERROR Authorization: Not authorized to update in update tweet. +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:42:45 tweet getOneById in updateById for docBefore readOne with user is authorized +2017-07-09 20:42:45 ERROR Authorization: Not authorized to update in update tweet. +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 20:42:45 ERROR Authorization: Not authorized to delete in removeTweet. +2017-07-09 20:42:45 tweet getOneById in removeById for docBefore readOne with user is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { + id + role + } +} + +2017-07-09 20:42:45 insert user create with user stubailo is authorized +2017-07-09 20:42:45 inserted user 596279254c57819cb42922d0. +2017-07-09 20:42:45 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "user", id: "596279254c57819cb42922d0", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-07-09 20:42:45 authQuery: { + "$or": [] +} +2017-07-09 20:42:45 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "user", id: "596279254c57819cb42922d0", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "_id": "596279254c57819cb42922d0" + } + ] +} +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "user", id: "596279254c57819cb42922d0", +Operation: "", variables: "", +Query: +{ + user(id: "596279254c57819cb42922d0") { + username + } +} + +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "_id": "596279254c57819cb42922d0" + } + ] +} +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "user", id: "596279254c57819cb42922d0", +Operation: "", variables: "", +Query: +{ + user(id: "596279254c57819cb42922d0") { + username + role + } +} + +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "_id": "596279254c57819cb42922d0" + } + ] +} +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "user", id: "596279254c57819cb42922d0", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "_id": "596279254c57819cb42922d0" + } + ] +} +2017-07-09 20:42:45 ERROR Not authorized to update field "role" +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "user", id: "596279254c57819cb42922d0", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596279254c57819cb42922d0", input: {username: "tobkle", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "_id": "596279254c57819cb42922d0" + } + ] +} +2017-07-09 20:42:45 updated user 596279254c57819cb42922d0. +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "_id": "596279254c57819cb42922d0" + } + ] +} +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "user", id: "596279254c57819cb42922d0", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596279254c57819cb42922d0", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "_id": "596279254c57819cb42922d0" + } + ] +} +2017-07-09 20:42:45 ERROR Not authorized to update field "role" +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "user", id: "596279254c57819cb42922d0", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "_id": "596279254c57819cb42922d0" + } + ] +} +2017-07-09 20:42:45 ERROR remove user failed for finalQuery: { + "_id": "583291a1638566b3c5a92ca1", + "$or": [ + { + "_id": "596279254c57819cb42922d0" + } + ] +} +2017-07-09 20:42:45 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "user", id: "596279254c57819cb42922d0", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "596279254c57819cb42922d0", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "authorId": "596279254c57819cb42922d0" + } + ] +} +2017-07-09 20:42:45 inserted tweet 596279254c57819cb42922d1. +2017-07-09 20:42:45 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "user", id: "596279254c57819cb42922d0", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "authorId": "596279254c57819cb42922d0" + } + ] +} +2017-07-09 20:42:45 ERROR Not authorized to insert tweet +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "user", id: "596279254c57819cb42922d0", +Operation: "", variables: "", +Query: +{ + tweet(id: "596279254c57819cb42922d1") { + author { + id + } + body + } +} + +2017-07-09 20:42:45 tweet readOne with user tobkle is authorized +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "_id": "596279254c57819cb42922d0" + } + ] +} +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "user", id: "596279254c57819cb42922d0", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 20:42:45 tweet readOne with user tobkle is authorized +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "_id": "596279254c57819cb42922d0" + } + ] +} +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "user", id: "596279254c57819cb42922d0", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "596279254c57819cb42922d1", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:42:45 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "authorId": "596279254c57819cb42922d0" + }, + { + "coauthorsIds": "596279254c57819cb42922d0" + } + ] +} +2017-07-09 20:42:45 updated tweet 596279254c57819cb42922d1. +2017-07-09 20:42:45 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "user", id: "596279254c57819cb42922d0", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:42:45 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "authorId": "596279254c57819cb42922d0" + }, + { + "coauthorsIds": "596279254c57819cb42922d0" + } + ] +} +2017-07-09 20:42:45 ERROR update tweet failed finalQuery: { + "_id": "583676d3618530145474e352", + "$or": [ + { + "authorId": "596279254c57819cb42922d0" + }, + { + "coauthorsIds": "596279254c57819cb42922d0" + } + ] +} +2017-07-09 20:42:45 ERROR update tweet failed for docToUpdate: { + "$set": { + "body": "This is a modified test tweet", + "updatedAt": 1499625765665, + "updatedById": "596279254c57819cb42922d0" + } +} +2017-07-09 20:42:45 ERROR update tweet not possible for 583676d3618530145474e352. +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "user", id: "596279254c57819cb42922d0", +Operation: "", variables: "", +Query: +{ + tweet(id: "596279254c57819cb42922d1") { + body + } +} + +2017-07-09 20:42:45 tweet readOne with user tobkle is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "user", id: "596279254c57819cb42922d0", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "596279254c57819cb42922d1") +} + +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "authorId": "596279254c57819cb42922d0" + } + ] +} +2017-07-09 20:42:45 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 20:42:45 removed tweet 596279254c57819cb42922d1. +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "user", id: "596279254c57819cb42922d0", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "authorId": "596279254c57819cb42922d0" + } + ] +} +2017-07-09 20:42:45 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 20:42:45 ERROR remove tweet failed for finalQuery: { + "_id": "583676d3618530145474e352", + "$or": [ + { + "authorId": "596279254c57819cb42922d0" + } + ] +} +2017-07-09 20:42:45 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "user", id: "596279254c57819cb42922d0", +Operation: "", variables: "", +Query: +{ + tweet(id: "596279254c57819cb42922d1") { + body + } +} + +2017-07-09 20:42:45 tweet readOne with user tobkle is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "user", id: "596279254c57819cb42922d0", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "596279254c57819cb42922d0") +} + +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "_id": "596279254c57819cb42922d0" + } + ] +} +2017-07-09 20:42:45 removed user 596279254c57819cb42922d0. +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "596279254c57819cb42922d0") { + username + bio + role + } +} + +2017-07-09 20:42:45 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { + id + role + } +} + +2017-07-09 20:42:45 insert user create with user stubailo is authorized +2017-07-09 20:42:45 inserted user 596279254c57819cb42922d2. +2017-07-09 20:42:45 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "editor", id: "596279254c57819cb42922d2", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-07-09 20:42:45 authQuery: { + "$or": [] +} +2017-07-09 20:42:45 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "editor", id: "596279254c57819cb42922d2", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "_id": "596279254c57819cb42922d2" + } + ] +} +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "editor", id: "596279254c57819cb42922d2", +Operation: "", variables: "", +Query: +{ + user(id: "596279254c57819cb42922d2") { + username + role + } +} + +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "_id": "596279254c57819cb42922d2" + } + ] +} +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "editor", id: "596279254c57819cb42922d2", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "_id": "596279254c57819cb42922d2" + } + ] +} +2017-07-09 20:42:45 ERROR Not authorized to update field "role" +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tobkle", role: "editor", id: "596279254c57819cb42922d2", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596279254c57819cb42922d2", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "_id": "596279254c57819cb42922d2" + } + ] +} +2017-07-09 20:42:45 updated user 596279254c57819cb42922d2. +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "_id": "596279254c57819cb42922d2" + } + ] +} +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tmeasday", role: "editor", id: "596279254c57819cb42922d2", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596279254c57819cb42922d2", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "_id": "596279254c57819cb42922d2" + } + ] +} +2017-07-09 20:42:45 ERROR Not authorized to update field "role" +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tmeasday", role: "editor", id: "596279254c57819cb42922d2", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "_id": "596279254c57819cb42922d2" + } + ] +} +2017-07-09 20:42:45 ERROR remove user failed for finalQuery: { + "_id": "583291a1638566b3c5a92ca1", + "$or": [ + { + "_id": "596279254c57819cb42922d2" + } + ] +} +2017-07-09 20:42:45 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tmeasday", role: "editor", id: "596279254c57819cb42922d2", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "596279254c57819cb42922d2", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "authorId": "596279254c57819cb42922d2" + } + ] +} +2017-07-09 20:42:45 inserted tweet 596279254c57819cb42922d3. +2017-07-09 20:42:45 pubsub tweetInserted readOne with user tmeasday is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tmeasday", role: "editor", id: "596279254c57819cb42922d2", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "authorId": "596279254c57819cb42922d2" + } + ] +} +2017-07-09 20:42:45 ERROR Not authorized to insert tweet +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tmeasday", role: "editor", id: "596279254c57819cb42922d2", +Operation: "", variables: "", +Query: +{ + tweet(id: "596279254c57819cb42922d3") { + author { + id + } + body + } +} + +2017-07-09 20:42:45 tweet readOne with user tmeasday is authorized +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "_id": "596279254c57819cb42922d2" + } + ] +} +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tmeasday", role: "editor", id: "596279254c57819cb42922d2", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 20:42:45 tweet readOne with user tmeasday is authorized +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "_id": "596279254c57819cb42922d2" + } + ] +} +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tmeasday", role: "editor", id: "596279254c57819cb42922d2", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "596279254c57819cb42922d3", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:42:45 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "authorId": "596279254c57819cb42922d2" + }, + { + "coauthorsIds": "596279254c57819cb42922d2" + } + ] +} +2017-07-09 20:42:45 updated tweet 596279254c57819cb42922d3. +2017-07-09 20:42:45 pubsub tweetUpdated readOne with user tmeasday is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tmeasday", role: "editor", id: "596279254c57819cb42922d2", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 20:42:45 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "authorId": "596279254c57819cb42922d2" + }, + { + "coauthorsIds": "596279254c57819cb42922d2" + } + ] +} +2017-07-09 20:42:45 ERROR update tweet failed finalQuery: { + "_id": "583676d3618530145474e352", + "$or": [ + { + "authorId": "596279254c57819cb42922d2" + }, + { + "coauthorsIds": "596279254c57819cb42922d2" + } + ] +} +2017-07-09 20:42:45 ERROR update tweet failed for docToUpdate: { + "$set": { + "body": "This is a modified test tweet", + "updatedAt": 1499625765847, + "updatedById": "596279254c57819cb42922d2" + } +} +2017-07-09 20:42:45 ERROR update tweet not possible for 583676d3618530145474e352. +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tmeasday", role: "editor", id: "596279254c57819cb42922d2", +Operation: "", variables: "", +Query: +{ + tweet(id: "596279254c57819cb42922d3") { + body + } +} + +2017-07-09 20:42:45 tweet readOne with user tmeasday is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tmeasday", role: "editor", id: "596279254c57819cb42922d2", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "596279254c57819cb42922d3") +} + +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "authorId": "596279254c57819cb42922d2" + } + ] +} +2017-07-09 20:42:45 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized +2017-07-09 20:42:45 removed tweet 596279254c57819cb42922d3. +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tmeasday", role: "editor", id: "596279254c57819cb42922d2", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "authorId": "596279254c57819cb42922d2" + } + ] +} +2017-07-09 20:42:45 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized +2017-07-09 20:42:45 ERROR remove tweet failed for finalQuery: { + "_id": "583676d3618530145474e352", + "$or": [ + { + "authorId": "596279254c57819cb42922d2" + } + ] +} +2017-07-09 20:42:45 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tmeasday", role: "editor", id: "596279254c57819cb42922d2", +Operation: "", variables: "", +Query: +{ + tweet(id: "596279254c57819cb42922d3") { + body + } +} + +2017-07-09 20:42:45 tweet readOne with user tmeasday is authorized +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "tmeasday", role: "editor", id: "596279254c57819cb42922d2", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "596279254c57819cb42922d2") +} + +2017-07-09 20:42:45 authQuery: { + "$or": [ + { + "_id": "596279254c57819cb42922d2" + } + ] +} +2017-07-09 20:42:45 removed user 596279254c57819cb42922d2. +2017-07-09 20:42:45 -------------------------------------------------------------------------------- +2017-07-09 20:42:45 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "596279254c57819cb42922d2") { + username + bio + role + } +} + +2017-07-09 20:42:45 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 20:46:10 Logger started +2017-07-09 21:06:09 -------------------------------------------------------------------------------- +2017-07-09 21:06:09 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + role + username + } +} + +2017-07-09 21:06:19 user readOne with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + role + username + } +} + +2017-07-09 21:06:19 user readOne with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca2") { + role + username + } +} + +2017-07-09 21:06:19 user readOne with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + id + username + bio + } +} + +2017-07-09 21:06:19 user readOne with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users { + username + createdAt + } +} + +2017-07-09 21:06:19 users readMany with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(limit: 1) { + username + createdAt + } +} + +2017-07-09 21:06:19 users readMany with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993) { + username + createdAt + } +} + +2017-07-09 21:06:19 users readMany with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } +} + +2017-07-09 21:06:19 users readMany with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers { + username + createdAt + } + } +} + +2017-07-09 21:06:19 user readOne with user stubailo is authorized +2017-07-09 21:06:19 followers readMany with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 21:06:19 user readOne with user stubailo is authorized +2017-07-09 21:06:19 followers readMany with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-07-09 21:06:19 user readOne with user stubailo is authorized +2017-07-09 21:06:19 followers readMany with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 21:06:19 user readOne with user stubailo is authorized +2017-07-09 21:06:19 followers readMany with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following { + username + createdAt + } + } +} + +2017-07-09 21:06:19 user readOne with user stubailo is authorized +2017-07-09 21:06:19 following readMany with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 21:06:19 user readOne with user stubailo is authorized +2017-07-09 21:06:19 following readMany with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-07-09 21:06:19 user readOne with user stubailo is authorized +2017-07-09 21:06:19 following readMany with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 21:06:19 user readOne with user stubailo is authorized +2017-07-09 21:06:19 following readMany with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets { + id + createdAt + } + } +} + +2017-07-09 21:06:19 user readOne with user stubailo is authorized +2017-07-09 21:06:19 tweets readMany with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(limit: 1) { + id + createdAt + } + } +} + +2017-07-09 21:06:19 user readOne with user stubailo is authorized +2017-07-09 21:06:19 tweets readMany with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } + } +} + +2017-07-09 21:06:19 user readOne with user stubailo is authorized +2017-07-09 21:06:19 tweets readMany with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } + } +} + +2017-07-09 21:06:19 user readOne with user stubailo is authorized +2017-07-09 21:06:19 tweets readMany with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked { + id + createdAt + } + } +} + +2017-07-09 21:06:19 user readOne with user stubailo is authorized +2017-07-09 21:06:19 liked readMany with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(limit: 1) { + id + createdAt + } + } +} + +2017-07-09 21:06:19 user readOne with user stubailo is authorized +2017-07-09 21:06:19 liked readMany with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334) { + id + createdAt + } + } +} + +2017-07-09 21:06:19 user readOne with user stubailo is authorized +2017-07-09 21:06:19 liked readMany with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334, limit: 1) { + id + createdAt + } + } +} + +2017-07-09 21:06:19 user readOne with user stubailo is authorized +2017-07-09 21:06:19 liked readMany with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + id + body + } +} + +2017-07-09 21:06:19 tweet readOne with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + author { + username + } + } +} + +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets { + id + createdAt + } +} + +2017-07-09 21:06:19 tweets readMany with user stubailo is authorized +2017-07-09 21:06:19 tweet readOne with user stubailo is authorized +2017-07-09 21:06:19 author readOne with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(limit: 1) { + id + createdAt + } +} + +2017-07-09 21:06:19 tweets readMany with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } +} + +2017-07-09 21:06:19 tweets readMany with user stubailo is authorized +2017-07-09 21:06:19 -------------------------------------------------------------------------------- +2017-07-09 21:06:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } +} + +2017-07-09 21:06:19 tweets readMany with user stubailo is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers { + username + createdAt + } + } +} + +2017-07-09 21:06:20 tweet readOne with user stubailo is authorized +2017-07-09 21:06:20 likers readMany with user stubailo is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(limit: 1) { + username + createdAt + } + } +} + +2017-07-09 21:06:20 tweet readOne with user stubailo is authorized +2017-07-09 21:06:20 likers readMany with user stubailo is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993) { + username + createdAt + } + } +} + +2017-07-09 21:06:20 tweet readOne with user stubailo is authorized +2017-07-09 21:06:20 likers readMany with user stubailo is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } + } +} + +2017-07-09 21:06:20 tweet readOne with user stubailo is authorized +2017-07-09 21:06:20 likers readMany with user stubailo is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { + id + role + } +} + +2017-07-09 21:06:20 insert user create with user stubailo is authorized +2017-07-09 21:06:20 inserted user 59627eac2157d09ddf9d728c. +2017-07-09 21:06:20 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-07-09 21:06:20 insert user create with user tobkle is authorized +2017-07-09 21:06:20 inserted user 59627eac2157d09ddf9d728d. +2017-07-09 21:06:20 pubsub userInserted readOne with user tobkle is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +Operation: "", variables: "", +Query: +{ + user(id: "59627eac2157d09ddf9d728d") { + username + bio + role + } +} + +2017-07-09 21:06:20 user readOne with user tobkle is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +Operation: "", variables: "", +Query: +{ + user(id: "59627eac2157d09ddf9d728c") { + username + role + } +} + +2017-07-09 21:06:20 user readOne with user tobkle is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59627eac2157d09ddf9d728d", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-07-09 21:06:20 update user update with user tobkle is authorized +2017-07-09 21:06:20 updated user 59627eac2157d09ddf9d728d. +2017-07-09 21:06:20 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59627eac2157d09ddf9d728c", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 21:06:20 update user update with user tobkle is authorized +2017-07-09 21:06:20 updated user 59627eac2157d09ddf9d728c. +2017-07-09 21:06:20 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59627eac2157d09ddf9d728d", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 21:06:20 update user update with user tobkle is authorized +2017-07-09 21:06:20 updated user 59627eac2157d09ddf9d728d. +2017-07-09 21:06:20 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59627eac2157d09ddf9d728c", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-07-09 21:06:20 update user update with user tobkle is authorized +2017-07-09 21:06:20 updated user 59627eac2157d09ddf9d728c. +2017-07-09 21:06:20 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "editor", id: "59627eac2157d09ddf9d728c", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59627eac2157d09ddf9d728c", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "_id": "59627eac2157d09ddf9d728c" + } + ] +} +2017-07-09 21:06:20 ERROR Not authorized to update field "role" +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "zoltan", role: "admin", id: "59627eac2157d09ddf9d728d", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59627eac2157d09ddf9d728c", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 21:06:20 update user update with user zoltan is authorized +2017-07-09 21:06:20 updated user 59627eac2157d09ddf9d728c. +2017-07-09 21:06:20 pubsub userUpdated readOne with user zoltan is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59627eac2157d09ddf9d728d") +} + +2017-07-09 21:06:20 removeUser delete with user tobkle is authorized +2017-07-09 21:06:20 removed user 59627eac2157d09ddf9d728d. +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59627eac2157d09ddf9d728c", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 21:06:20 insert tweet create with user tobkle is authorized +2017-07-09 21:06:20 inserted tweet 59627eac2157d09ddf9d728e. +2017-07-09 21:06:20 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 21:06:20 insert tweet create with user tobkle is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +Operation: "", variables: "", +Query: +{ + tweet(id: "59627eac2157d09ddf9d728e") { + author { + id + } + body + } +} + +2017-07-09 21:06:20 tweet readOne with user tobkle is authorized +2017-07-09 21:06:20 inserted tweet 59627eac2157d09ddf9d728f. +2017-07-09 21:06:20 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 21:06:20 author readOne with user tobkle is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 21:06:20 tweet readOne with user tobkle is authorized +2017-07-09 21:06:20 author readOne with user tobkle is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59627eac2157d09ddf9d728e", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 21:06:20 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 21:06:20 update tweet update with user tobkle is authorized +2017-07-09 21:06:20 updated tweet 59627eac2157d09ddf9d728e. +2017-07-09 21:06:20 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59627eac2157d09ddf9d728f", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 21:06:20 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 21:06:20 update tweet update with user tobkle is authorized +2017-07-09 21:06:20 updated tweet 59627eac2157d09ddf9d728f. +2017-07-09 21:06:20 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +Operation: "", variables: "", +Query: +{ + tweet(id: "59627eac2157d09ddf9d728e") { + body + } +} + +2017-07-09 21:06:20 tweet readOne with user tobkle is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59627eac2157d09ddf9d728e") +} + +2017-07-09 21:06:20 removeTweet delete with user tobkle is authorized +2017-07-09 21:06:20 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 21:06:20 removed tweet 59627eac2157d09ddf9d728e. +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59627eac2157d09ddf9d728f") +} + +2017-07-09 21:06:20 removeTweet delete with user tobkle is authorized +2017-07-09 21:06:20 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 21:06:20 removed tweet 59627eac2157d09ddf9d728f. +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +Operation: "", variables: "", +Query: +{ + tweet(id: "59627eac2157d09ddf9d728e") { + body + } +} + +2017-07-09 21:06:20 tweet readOne with user tobkle is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59627eac2157d09ddf9d728c") +} + +2017-07-09 21:06:20 removeUser delete with user tobkle is authorized +2017-07-09 21:06:20 removed user 59627eac2157d09ddf9d728c. +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59627eac2157d09ddf9d728c") { + username + bio + role + } +} + +2017-07-09 21:06:20 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-07-09 21:06:20 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 21:06:20 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 21:06:20 ERROR Authorization: Not authorized to update in update user. +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 21:06:20 ERROR Authorization: Not authorized to delete in removeUser. +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 21:06:20 ERROR Authorization: Not authorized to create in insert tweet. +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 21:06:20 tweet readOne with user is authorized +2017-07-09 21:06:20 ERROR Authorization: Not authorized to readOne in author. +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 21:06:20 tweet getOneById in updateById for docBefore readOne with user is authorized +2017-07-09 21:06:20 ERROR Authorization: Not authorized to update in update tweet. +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 21:06:20 tweet getOneById in updateById for docBefore readOne with user is authorized +2017-07-09 21:06:20 ERROR Authorization: Not authorized to update in update tweet. +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 21:06:20 ERROR Authorization: Not authorized to delete in removeTweet. +2017-07-09 21:06:20 tweet getOneById in removeById for docBefore readOne with user is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { + id + role + } +} + +2017-07-09 21:06:20 insert user create with user stubailo is authorized +2017-07-09 21:06:20 inserted user 59627eac2157d09ddf9d7290. +2017-07-09 21:06:20 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-07-09 21:06:20 authQuery: { + "$or": [] +} +2017-07-09 21:06:20 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "_id": "59627eac2157d09ddf9d7290" + } + ] +} +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +Operation: "", variables: "", +Query: +{ + user(id: "59627eac2157d09ddf9d7290") { + username + } +} + +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "_id": "59627eac2157d09ddf9d7290" + } + ] +} +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +Operation: "", variables: "", +Query: +{ + user(id: "59627eac2157d09ddf9d7290") { + username + role + } +} + +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "_id": "59627eac2157d09ddf9d7290" + } + ] +} +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "_id": "59627eac2157d09ddf9d7290" + } + ] +} +2017-07-09 21:06:20 ERROR Not authorized to update field "role" +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59627eac2157d09ddf9d7290", input: {username: "tobkle", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "_id": "59627eac2157d09ddf9d7290" + } + ] +} +2017-07-09 21:06:20 updated user 59627eac2157d09ddf9d7290. +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "_id": "59627eac2157d09ddf9d7290" + } + ] +} +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59627eac2157d09ddf9d7290", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "_id": "59627eac2157d09ddf9d7290" + } + ] +} +2017-07-09 21:06:20 ERROR Not authorized to update field "role" +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "_id": "59627eac2157d09ddf9d7290" + } + ] +} +2017-07-09 21:06:20 ERROR remove user failed for finalQuery: { + "_id": "583291a1638566b3c5a92ca1", + "$or": [ + { + "_id": "59627eac2157d09ddf9d7290" + } + ] +} +2017-07-09 21:06:20 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59627eac2157d09ddf9d7290", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "authorId": "59627eac2157d09ddf9d7290" + } + ] +} +2017-07-09 21:06:20 inserted tweet 59627eac2157d09ddf9d7291. +2017-07-09 21:06:20 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "authorId": "59627eac2157d09ddf9d7290" + } + ] +} +2017-07-09 21:06:20 ERROR Not authorized to insert tweet +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +Operation: "", variables: "", +Query: +{ + tweet(id: "59627eac2157d09ddf9d7291") { + author { + id + } + body + } +} + +2017-07-09 21:06:20 tweet readOne with user tobkle is authorized +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "_id": "59627eac2157d09ddf9d7290" + } + ] +} +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 21:06:20 tweet readOne with user tobkle is authorized +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "_id": "59627eac2157d09ddf9d7290" + } + ] +} +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59627eac2157d09ddf9d7291", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 21:06:20 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "authorId": "59627eac2157d09ddf9d7290" + }, + { + "coauthorsIds": "59627eac2157d09ddf9d7290" + } + ] +} +2017-07-09 21:06:20 updated tweet 59627eac2157d09ddf9d7291. +2017-07-09 21:06:20 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 21:06:20 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "authorId": "59627eac2157d09ddf9d7290" + }, + { + "coauthorsIds": "59627eac2157d09ddf9d7290" + } + ] +} +2017-07-09 21:06:20 ERROR update tweet failed finalQuery: { + "_id": "583676d3618530145474e352", + "$or": [ + { + "authorId": "59627eac2157d09ddf9d7290" + }, + { + "coauthorsIds": "59627eac2157d09ddf9d7290" + } + ] +} +2017-07-09 21:06:20 ERROR update tweet failed for docToUpdate: { + "$set": { + "body": "This is a modified test tweet", + "updatedAt": 1499627180595, + "updatedById": "59627eac2157d09ddf9d7290" + } +} +2017-07-09 21:06:20 ERROR update tweet not possible for 583676d3618530145474e352. +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +Operation: "", variables: "", +Query: +{ + tweet(id: "59627eac2157d09ddf9d7291") { + body + } +} + +2017-07-09 21:06:20 tweet readOne with user tobkle is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59627eac2157d09ddf9d7291") +} + +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "authorId": "59627eac2157d09ddf9d7290" + } + ] +} +2017-07-09 21:06:20 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 21:06:20 removed tweet 59627eac2157d09ddf9d7291. +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "authorId": "59627eac2157d09ddf9d7290" + } + ] +} +2017-07-09 21:06:20 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 21:06:20 ERROR remove tweet failed for finalQuery: { + "_id": "583676d3618530145474e352", + "$or": [ + { + "authorId": "59627eac2157d09ddf9d7290" + } + ] +} +2017-07-09 21:06:20 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +Operation: "", variables: "", +Query: +{ + tweet(id: "59627eac2157d09ddf9d7291") { + body + } +} + +2017-07-09 21:06:20 tweet readOne with user tobkle is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59627eac2157d09ddf9d7290") +} + +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "_id": "59627eac2157d09ddf9d7290" + } + ] +} +2017-07-09 21:06:20 removed user 59627eac2157d09ddf9d7290. +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59627eac2157d09ddf9d7290") { + username + bio + role + } +} + +2017-07-09 21:06:20 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { + id + role + } +} + +2017-07-09 21:06:20 insert user create with user stubailo is authorized +2017-07-09 21:06:20 inserted user 59627eac2157d09ddf9d7292. +2017-07-09 21:06:20 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "editor", id: "59627eac2157d09ddf9d7292", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-07-09 21:06:20 authQuery: { + "$or": [] +} +2017-07-09 21:06:20 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "editor", id: "59627eac2157d09ddf9d7292", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "_id": "59627eac2157d09ddf9d7292" + } + ] +} +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "editor", id: "59627eac2157d09ddf9d7292", +Operation: "", variables: "", +Query: +{ + user(id: "59627eac2157d09ddf9d7292") { + username + role + } +} + +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "_id": "59627eac2157d09ddf9d7292" + } + ] +} +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "editor", id: "59627eac2157d09ddf9d7292", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "_id": "59627eac2157d09ddf9d7292" + } + ] +} +2017-07-09 21:06:20 ERROR Not authorized to update field "role" +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tobkle", role: "editor", id: "59627eac2157d09ddf9d7292", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59627eac2157d09ddf9d7292", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "_id": "59627eac2157d09ddf9d7292" + } + ] +} +2017-07-09 21:06:20 updated user 59627eac2157d09ddf9d7292. +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "_id": "59627eac2157d09ddf9d7292" + } + ] +} +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tmeasday", role: "editor", id: "59627eac2157d09ddf9d7292", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59627eac2157d09ddf9d7292", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "_id": "59627eac2157d09ddf9d7292" + } + ] +} +2017-07-09 21:06:20 ERROR Not authorized to update field "role" +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tmeasday", role: "editor", id: "59627eac2157d09ddf9d7292", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "_id": "59627eac2157d09ddf9d7292" + } + ] +} +2017-07-09 21:06:20 ERROR remove user failed for finalQuery: { + "_id": "583291a1638566b3c5a92ca1", + "$or": [ + { + "_id": "59627eac2157d09ddf9d7292" + } + ] +} +2017-07-09 21:06:20 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tmeasday", role: "editor", id: "59627eac2157d09ddf9d7292", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59627eac2157d09ddf9d7292", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "authorId": "59627eac2157d09ddf9d7292" + } + ] +} +2017-07-09 21:06:20 inserted tweet 59627eac2157d09ddf9d7293. +2017-07-09 21:06:20 pubsub tweetInserted readOne with user tmeasday is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tmeasday", role: "editor", id: "59627eac2157d09ddf9d7292", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "authorId": "59627eac2157d09ddf9d7292" + } + ] +} +2017-07-09 21:06:20 ERROR Not authorized to insert tweet +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tmeasday", role: "editor", id: "59627eac2157d09ddf9d7292", +Operation: "", variables: "", +Query: +{ + tweet(id: "59627eac2157d09ddf9d7293") { + author { + id + } + body + } +} + +2017-07-09 21:06:20 tweet readOne with user tmeasday is authorized +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "_id": "59627eac2157d09ddf9d7292" + } + ] +} +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tmeasday", role: "editor", id: "59627eac2157d09ddf9d7292", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-09 21:06:20 tweet readOne with user tmeasday is authorized +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "_id": "59627eac2157d09ddf9d7292" + } + ] +} +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tmeasday", role: "editor", id: "59627eac2157d09ddf9d7292", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59627eac2157d09ddf9d7293", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 21:06:20 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "authorId": "59627eac2157d09ddf9d7292" + }, + { + "coauthorsIds": "59627eac2157d09ddf9d7292" + } + ] +} +2017-07-09 21:06:20 updated tweet 59627eac2157d09ddf9d7293. +2017-07-09 21:06:20 pubsub tweetUpdated readOne with user tmeasday is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tmeasday", role: "editor", id: "59627eac2157d09ddf9d7292", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-09 21:06:20 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "authorId": "59627eac2157d09ddf9d7292" + }, + { + "coauthorsIds": "59627eac2157d09ddf9d7292" + } + ] +} +2017-07-09 21:06:20 ERROR update tweet failed finalQuery: { + "_id": "583676d3618530145474e352", + "$or": [ + { + "authorId": "59627eac2157d09ddf9d7292" + }, + { + "coauthorsIds": "59627eac2157d09ddf9d7292" + } + ] +} +2017-07-09 21:06:20 ERROR update tweet failed for docToUpdate: { + "$set": { + "body": "This is a modified test tweet", + "updatedAt": 1499627180803, + "updatedById": "59627eac2157d09ddf9d7292" + } +} +2017-07-09 21:06:20 ERROR update tweet not possible for 583676d3618530145474e352. +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tmeasday", role: "editor", id: "59627eac2157d09ddf9d7292", +Operation: "", variables: "", +Query: +{ + tweet(id: "59627eac2157d09ddf9d7293") { + body + } +} + +2017-07-09 21:06:20 tweet readOne with user tmeasday is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tmeasday", role: "editor", id: "59627eac2157d09ddf9d7292", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59627eac2157d09ddf9d7293") +} + +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "authorId": "59627eac2157d09ddf9d7292" + } + ] +} +2017-07-09 21:06:20 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized +2017-07-09 21:06:20 removed tweet 59627eac2157d09ddf9d7293. +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tmeasday", role: "editor", id: "59627eac2157d09ddf9d7292", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "authorId": "59627eac2157d09ddf9d7292" + } + ] +} +2017-07-09 21:06:20 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized +2017-07-09 21:06:20 ERROR remove tweet failed for finalQuery: { + "_id": "583676d3618530145474e352", + "$or": [ + { + "authorId": "59627eac2157d09ddf9d7292" + } + ] +} +2017-07-09 21:06:20 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tmeasday", role: "editor", id: "59627eac2157d09ddf9d7292", +Operation: "", variables: "", +Query: +{ + tweet(id: "59627eac2157d09ddf9d7293") { + body + } +} + +2017-07-09 21:06:20 tweet readOne with user tmeasday is authorized +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "tmeasday", role: "editor", id: "59627eac2157d09ddf9d7292", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59627eac2157d09ddf9d7292") +} + +2017-07-09 21:06:20 authQuery: { + "$or": [ + { + "_id": "59627eac2157d09ddf9d7292" + } + ] +} +2017-07-09 21:06:20 removed user 59627eac2157d09ddf9d7292. +2017-07-09 21:06:20 -------------------------------------------------------------------------------- +2017-07-09 21:06:20 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59627eac2157d09ddf9d7292") { + username + bio + role + } +} + +2017-07-09 21:06:20 ERROR Authorization: Not authorized to readOne in user. From f311afd06c686cd27279f2689ea8ca158519a9bc Mon Sep 17 00:00:00 2001 From: Tobias Klemmer Date: Sun, 9 Jul 2017 21:13:08 +0200 Subject: [PATCH 43/69] logfile with end-to-end-test --- .../server/logs/all-logs-readable.log | 15627 +--------------- 1 file changed, 590 insertions(+), 15037 deletions(-) diff --git a/test/output-app/server/logs/all-logs-readable.log b/test/output-app/server/logs/all-logs-readable.log index 08c8992..d9f355c 100644 --- a/test/output-app/server/logs/all-logs-readable.log +++ b/test/output-app/server/logs/all-logs-readable.log @@ -1,5 +1,5 @@ -2017-07-09 19:45:44 -------------------------------------------------------------------------------- -2017-07-09 19:45:44 Request: +2017-07-09 21:12:22 -------------------------------------------------------------------------------- +2017-07-09 21:12:22 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -11,8 +11,8 @@ Query: } } -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -24,8 +24,8 @@ Query: } } -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -36,9 +36,9 @@ Query: } } -2017-07-09 19:45:55 user readOne with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: +2017-07-09 21:12:33 user readOne with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -49,9 +49,9 @@ Query: } } -2017-07-09 19:45:55 user readOne with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: +2017-07-09 21:12:33 user readOne with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -62,9 +62,9 @@ Query: } } -2017-07-09 19:45:55 user readOne with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: +2017-07-09 21:12:33 user readOne with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -76,9 +76,9 @@ Query: } } -2017-07-09 19:45:55 user readOne with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: +2017-07-09 21:12:33 user readOne with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -89,9 +89,9 @@ Query: } } -2017-07-09 19:45:55 users readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: +2017-07-09 21:12:33 users readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -102,9 +102,9 @@ Query: } } -2017-07-09 19:45:55 users readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: +2017-07-09 21:12:33 users readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -115,9 +115,9 @@ Query: } } -2017-07-09 19:45:55 users readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: +2017-07-09 21:12:33 users readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -128,9 +128,9 @@ Query: } } -2017-07-09 19:45:55 users readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: +2017-07-09 21:12:33 users readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -143,10 +143,10 @@ Query: } } -2017-07-09 19:45:55 user readOne with user stubailo is authorized -2017-07-09 19:45:55 followers readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: +2017-07-09 21:12:33 user readOne with user stubailo is authorized +2017-07-09 21:12:33 followers readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -159,10 +159,10 @@ Query: } } -2017-07-09 19:45:55 user readOne with user stubailo is authorized -2017-07-09 19:45:55 followers readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: +2017-07-09 21:12:33 user readOne with user stubailo is authorized +2017-07-09 21:12:33 followers readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -175,10 +175,10 @@ Query: } } -2017-07-09 19:45:55 user readOne with user stubailo is authorized -2017-07-09 19:45:55 followers readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: +2017-07-09 21:12:33 user readOne with user stubailo is authorized +2017-07-09 21:12:33 followers readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -191,10 +191,10 @@ Query: } } -2017-07-09 19:45:55 user readOne with user stubailo is authorized -2017-07-09 19:45:55 followers readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: +2017-07-09 21:12:33 user readOne with user stubailo is authorized +2017-07-09 21:12:33 followers readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -207,10 +207,10 @@ Query: } } -2017-07-09 19:45:55 user readOne with user stubailo is authorized -2017-07-09 19:45:55 following readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: +2017-07-09 21:12:33 user readOne with user stubailo is authorized +2017-07-09 21:12:33 following readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -223,10 +223,10 @@ Query: } } -2017-07-09 19:45:55 user readOne with user stubailo is authorized -2017-07-09 19:45:55 following readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: +2017-07-09 21:12:33 user readOne with user stubailo is authorized +2017-07-09 21:12:33 following readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -239,10 +239,10 @@ Query: } } -2017-07-09 19:45:55 user readOne with user stubailo is authorized -2017-07-09 19:45:55 following readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: +2017-07-09 21:12:33 user readOne with user stubailo is authorized +2017-07-09 21:12:33 following readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -255,10 +255,10 @@ Query: } } -2017-07-09 19:45:55 user readOne with user stubailo is authorized -2017-07-09 19:45:55 following readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: +2017-07-09 21:12:33 user readOne with user stubailo is authorized +2017-07-09 21:12:33 following readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -271,10 +271,10 @@ Query: } } -2017-07-09 19:45:55 user readOne with user stubailo is authorized -2017-07-09 19:45:55 tweets readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: +2017-07-09 21:12:33 user readOne with user stubailo is authorized +2017-07-09 21:12:33 tweets readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -287,10 +287,10 @@ Query: } } -2017-07-09 19:45:55 user readOne with user stubailo is authorized -2017-07-09 19:45:55 tweets readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: +2017-07-09 21:12:33 user readOne with user stubailo is authorized +2017-07-09 21:12:33 tweets readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -303,10 +303,10 @@ Query: } } -2017-07-09 19:45:55 user readOne with user stubailo is authorized -2017-07-09 19:45:55 tweets readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: +2017-07-09 21:12:33 user readOne with user stubailo is authorized +2017-07-09 21:12:33 tweets readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -319,10 +319,10 @@ Query: } } -2017-07-09 19:45:55 user readOne with user stubailo is authorized -2017-07-09 19:45:55 tweets readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: +2017-07-09 21:12:33 user readOne with user stubailo is authorized +2017-07-09 21:12:33 tweets readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -335,10 +335,10 @@ Query: } } -2017-07-09 19:45:55 user readOne with user stubailo is authorized -2017-07-09 19:45:55 liked readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: +2017-07-09 21:12:33 user readOne with user stubailo is authorized +2017-07-09 21:12:33 liked readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -351,10 +351,10 @@ Query: } } -2017-07-09 19:45:55 user readOne with user stubailo is authorized -2017-07-09 19:45:55 liked readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: +2017-07-09 21:12:33 user readOne with user stubailo is authorized +2017-07-09 21:12:33 liked readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -367,10 +367,10 @@ Query: } } -2017-07-09 19:45:55 user readOne with user stubailo is authorized -2017-07-09 19:45:55 liked readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: +2017-07-09 21:12:33 user readOne with user stubailo is authorized +2017-07-09 21:12:33 liked readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -383,14457 +383,23 @@ Query: } } -2017-07-09 19:45:55 user readOne with user stubailo is authorized -2017-07-09 19:45:55 liked readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: +2017-07-09 21:12:33 user readOne with user stubailo is authorized +2017-07-09 21:12:33 liked readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: { tweet(id: "583676d3618530145474e351") { - id - body - } -} - -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - author { - username - } - } -} - -2017-07-09 19:45:55 tweet readOne with user stubailo is authorized -2017-07-09 19:45:55 tweet readOne with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets { - id - createdAt - } -} - -2017-07-09 19:45:55 tweets readMany with user stubailo is authorized -2017-07-09 19:45:55 author readOne with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(limit: 1) { - id - createdAt - } -} - -2017-07-09 19:45:55 tweets readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } -} - -2017-07-09 19:45:55 tweets readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } -} - -2017-07-09 19:45:55 tweets readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers { - username - createdAt - } - } -} - -2017-07-09 19:45:55 tweet readOne with user stubailo is authorized -2017-07-09 19:45:55 likers readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(limit: 1) { - username - createdAt - } - } -} - -2017-07-09 19:45:55 tweet readOne with user stubailo is authorized -2017-07-09 19:45:55 likers readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993) { - username - createdAt - } - } -} - -2017-07-09 19:45:55 tweet readOne with user stubailo is authorized -2017-07-09 19:45:55 likers readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } - } -} - -2017-07-09 19:45:55 tweet readOne with user stubailo is authorized -2017-07-09 19:45:55 likers readMany with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { - id - role - } -} - -2017-07-09 19:45:55 insert user create with user stubailo is authorized -2017-07-09 19:45:55 inserted user 59626bd3381b9493f5a80a90. -2017-07-09 19:45:55 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-07-09 19:45:55 insert user create with user tobkle is authorized -2017-07-09 19:45:55 inserted user 59626bd3381b9493f5a80a91. -2017-07-09 19:45:55 pubsub userInserted readOne with user tobkle is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", -Operation: "", variables: "", -Query: -{ - user(id: "59626bd3381b9493f5a80a91") { - username - bio - role - } -} - -2017-07-09 19:45:55 user readOne with user tobkle is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", -Operation: "", variables: "", -Query: -{ - user(id: "59626bd3381b9493f5a80a90") { - username - role - } -} - -2017-07-09 19:45:55 user readOne with user tobkle is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59626bd3381b9493f5a80a91", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-07-09 19:45:55 update user update with user tobkle is authorized -2017-07-09 19:45:55 updated user 59626bd3381b9493f5a80a91. -2017-07-09 19:45:55 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59626bd3381b9493f5a80a90", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 19:45:55 update user update with user tobkle is authorized -2017-07-09 19:45:55 updated user 59626bd3381b9493f5a80a90. -2017-07-09 19:45:55 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59626bd3381b9493f5a80a91", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 19:45:55 update user update with user tobkle is authorized -2017-07-09 19:45:55 updated user 59626bd3381b9493f5a80a91. -2017-07-09 19:45:55 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59626bd3381b9493f5a80a90", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-07-09 19:45:55 update user update with user tobkle is authorized -2017-07-09 19:45:55 updated user 59626bd3381b9493f5a80a90. -2017-07-09 19:45:55 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "tobkle", role: "editor", id: "59626bd3381b9493f5a80a90", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59626bd3381b9493f5a80a90", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 19:45:55 authQuery: { - "$or": [ - { - "_id": "59626bd3381b9493f5a80a90" - } - ] -} -2017-07-09 19:45:55 ERROR Not authorized to update field "role" -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "zoltan", role: "admin", id: "59626bd3381b9493f5a80a91", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59626bd3381b9493f5a80a90", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 19:45:55 update user update with user zoltan is authorized -2017-07-09 19:45:55 updated user 59626bd3381b9493f5a80a90. -2017-07-09 19:45:55 pubsub userUpdated readOne with user zoltan is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59626bd3381b9493f5a80a91") -} - -2017-07-09 19:45:55 removeUser delete with user tobkle is authorized -2017-07-09 19:45:55 removed user 59626bd3381b9493f5a80a91. -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59626bd3381b9493f5a80a90", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 19:45:55 insert tweet create with user tobkle is authorized -2017-07-09 19:45:55 inserted tweet 59626bd3381b9493f5a80a92. -2017-07-09 19:45:55 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", -Operation: "", variables: "", -Query: -{ - tweet(id: "59626bd3381b9493f5a80a92") { - author { - id - } - body - } -} - -2017-07-09 19:45:55 tweet readOne with user tobkle is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 19:45:55 insert tweet create with user tobkle is authorized -2017-07-09 19:45:55 author readOne with user tobkle is authorized -2017-07-09 19:45:55 inserted tweet 59626bd3381b9493f5a80a93. -2017-07-09 19:45:55 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 19:45:55 tweet readOne with user tobkle is authorized -2017-07-09 19:45:55 author readOne with user tobkle is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59626bd3381b9493f5a80a92", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 19:45:55 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 19:45:55 update tweet update with user tobkle is authorized -2017-07-09 19:45:55 updated tweet 59626bd3381b9493f5a80a92. -2017-07-09 19:45:55 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59626bd3381b9493f5a80a93", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 19:45:55 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 19:45:55 update tweet update with user tobkle is authorized -2017-07-09 19:45:55 updated tweet 59626bd3381b9493f5a80a93. -2017-07-09 19:45:55 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", -Operation: "", variables: "", -Query: -{ - tweet(id: "59626bd3381b9493f5a80a92") { - body - } -} - -2017-07-09 19:45:55 tweet readOne with user tobkle is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59626bd3381b9493f5a80a92") -} - -2017-07-09 19:45:55 removeTweet delete with user tobkle is authorized -2017-07-09 19:45:55 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 19:45:55 removed tweet 59626bd3381b9493f5a80a92. -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59626bd3381b9493f5a80a93") -} - -2017-07-09 19:45:55 removeTweet delete with user tobkle is authorized -2017-07-09 19:45:55 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 19:45:55 removed tweet 59626bd3381b9493f5a80a93. -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", -Operation: "", variables: "", -Query: -{ - tweet(id: "59626bd3381b9493f5a80a92") { - body - } -} - -2017-07-09 19:45:55 tweet readOne with user tobkle is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "tobkle", role: "admin", id: "59626bd3381b9493f5a80a90", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59626bd3381b9493f5a80a90") -} - -2017-07-09 19:45:55 removeUser delete with user tobkle is authorized -2017-07-09 19:45:55 removed user 59626bd3381b9493f5a80a90. -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59626bd3381b9493f5a80a90") { - username - bio - role - } -} - -2017-07-09 19:45:55 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-07-09 19:45:55 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-07-09 19:45:55 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 19:45:55 ERROR Authorization: Not authorized to update in update user. -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-07-09 19:45:55 ERROR Authorization: Not authorized to delete in removeUser. -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 19:45:55 ERROR Authorization: Not authorized to create in insert tweet. -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 19:45:55 tweet readOne with user is authorized -2017-07-09 19:45:55 ERROR Authorization: Not authorized to readOne in author. -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 19:45:55 tweet getOneById in updateById for docBefore readOne with user is authorized -2017-07-09 19:45:55 ERROR Authorization: Not authorized to update in update tweet. -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 19:45:55 tweet getOneById in updateById for docBefore readOne with user is authorized -2017-07-09 19:45:55 ERROR Authorization: Not authorized to update in update tweet. -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-07-09 19:45:55 ERROR Authorization: Not authorized to delete in removeTweet. -2017-07-09 19:45:55 tweet getOneById in removeById for docBefore readOne with user is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { - id - role - } -} - -2017-07-09 19:45:55 insert user create with user stubailo is authorized -2017-07-09 19:45:55 inserted user 59626bd3381b9493f5a80a94. -2017-07-09 19:45:55 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-07-09 19:45:55 authQuery: { - "$or": [] -} -2017-07-09 19:45:55 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-07-09 19:45:55 authQuery: { - "$or": [ - { - "_id": "59626bd3381b9493f5a80a94" - } - ] -} -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", -Operation: "", variables: "", -Query: -{ - user(id: "59626bd3381b9493f5a80a94") { - username - } -} - -2017-07-09 19:45:55 authQuery: { - "$or": [ - { - "_id": "59626bd3381b9493f5a80a94" - } - ] -} -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", -Operation: "", variables: "", -Query: -{ - user(id: "59626bd3381b9493f5a80a94") { - username - role - } -} - -2017-07-09 19:45:55 authQuery: { - "$or": [ - { - "_id": "59626bd3381b9493f5a80a94" - } - ] -} -2017-07-09 19:45:55 -------------------------------------------------------------------------------- -2017-07-09 19:45:55 Request: -User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 19:45:55 authQuery: { - "$or": [ - { - "_id": "59626bd3381b9493f5a80a94" - } - ] -} -2017-07-09 19:45:55 ERROR Not authorized to update user -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59626bd3381b9493f5a80a94", input: {username: "tobkle", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "_id": "59626bd3381b9493f5a80a94" - } - ] -} -2017-07-09 19:45:56 updated user 59626bd3381b9493f5a80a94. -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "_id": "59626bd3381b9493f5a80a94" - } - ] -} -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59626bd3381b9493f5a80a94", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "_id": "59626bd3381b9493f5a80a94" - } - ] -} -2017-07-09 19:45:56 ERROR Not authorized to update field "role" -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "_id": "59626bd3381b9493f5a80a94" - } - ] -} -2017-07-09 19:45:56 ERROR remove user failed for finalQuery: { - "_id": "583291a1638566b3c5a92ca1", - "$or": [ - { - "_id": "59626bd3381b9493f5a80a94" - } - ] -} -2017-07-09 19:45:56 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59626bd3381b9493f5a80a94", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "authorId": "59626bd3381b9493f5a80a94" - } - ] -} -2017-07-09 19:45:56 inserted tweet 59626bd4381b9493f5a80a95. -2017-07-09 19:45:56 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "authorId": "59626bd3381b9493f5a80a94" - } - ] -} -2017-07-09 19:45:56 ERROR Not authorized to insert tweet -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", -Operation: "", variables: "", -Query: -{ - tweet(id: "59626bd4381b9493f5a80a95") { - author { - id - } - body - } -} - -2017-07-09 19:45:56 tweet readOne with user tobkle is authorized -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "_id": "59626bd3381b9493f5a80a94" - } - ] -} -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 19:45:56 tweet readOne with user tobkle is authorized -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "_id": "59626bd3381b9493f5a80a94" - } - ] -} -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59626bd4381b9493f5a80a95", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 19:45:56 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "authorId": "59626bd3381b9493f5a80a94" - }, - { - "coauthorsIds": "59626bd3381b9493f5a80a94" - } - ] -} -2017-07-09 19:45:56 updated tweet 59626bd4381b9493f5a80a95. -2017-07-09 19:45:56 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 19:45:56 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "authorId": "59626bd3381b9493f5a80a94" - }, - { - "coauthorsIds": "59626bd3381b9493f5a80a94" - } - ] -} -2017-07-09 19:45:56 ERROR Not authorized to update tweet -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", -Operation: "", variables: "", -Query: -{ - tweet(id: "59626bd4381b9493f5a80a95") { - body - } -} - -2017-07-09 19:45:56 tweet readOne with user tobkle is authorized -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59626bd4381b9493f5a80a95") -} - -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "authorId": "59626bd3381b9493f5a80a94" - } - ] -} -2017-07-09 19:45:56 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 19:45:56 removed tweet 59626bd4381b9493f5a80a95. -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "authorId": "59626bd3381b9493f5a80a94" - } - ] -} -2017-07-09 19:45:56 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 19:45:56 ERROR remove tweet failed for finalQuery: { - "_id": "583676d3618530145474e352", - "$or": [ - { - "authorId": "59626bd3381b9493f5a80a94" - } - ] -} -2017-07-09 19:45:56 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", -Operation: "", variables: "", -Query: -{ - tweet(id: "59626bd4381b9493f5a80a95") { - body - } -} - -2017-07-09 19:45:56 tweet readOne with user tobkle is authorized -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tobkle", role: "user", id: "59626bd3381b9493f5a80a94", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59626bd3381b9493f5a80a94") -} - -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "_id": "59626bd3381b9493f5a80a94" - } - ] -} -2017-07-09 19:45:56 removed user 59626bd3381b9493f5a80a94. -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59626bd3381b9493f5a80a94") { - username - bio - role - } -} - -2017-07-09 19:45:56 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { - id - role - } -} - -2017-07-09 19:45:56 insert user create with user stubailo is authorized -2017-07-09 19:45:56 inserted user 59626bd4381b9493f5a80a96. -2017-07-09 19:45:56 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tobkle", role: "editor", id: "59626bd4381b9493f5a80a96", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-07-09 19:45:56 authQuery: { - "$or": [] -} -2017-07-09 19:45:56 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tobkle", role: "editor", id: "59626bd4381b9493f5a80a96", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "_id": "59626bd4381b9493f5a80a96" - } - ] -} -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tobkle", role: "editor", id: "59626bd4381b9493f5a80a96", -Operation: "", variables: "", -Query: -{ - user(id: "59626bd4381b9493f5a80a96") { - username - role - } -} - -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "_id": "59626bd4381b9493f5a80a96" - } - ] -} -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tobkle", role: "editor", id: "59626bd4381b9493f5a80a96", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "_id": "59626bd4381b9493f5a80a96" - } - ] -} -2017-07-09 19:45:56 ERROR Not authorized to update user -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tobkle", role: "editor", id: "59626bd4381b9493f5a80a96", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59626bd4381b9493f5a80a96", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "_id": "59626bd4381b9493f5a80a96" - } - ] -} -2017-07-09 19:45:56 updated user 59626bd4381b9493f5a80a96. -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "_id": "59626bd4381b9493f5a80a96" - } - ] -} -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tmeasday", role: "editor", id: "59626bd4381b9493f5a80a96", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59626bd4381b9493f5a80a96", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "_id": "59626bd4381b9493f5a80a96" - } - ] -} -2017-07-09 19:45:56 ERROR Not authorized to update field "role" -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tmeasday", role: "editor", id: "59626bd4381b9493f5a80a96", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "_id": "59626bd4381b9493f5a80a96" - } - ] -} -2017-07-09 19:45:56 ERROR remove user failed for finalQuery: { - "_id": "583291a1638566b3c5a92ca1", - "$or": [ - { - "_id": "59626bd4381b9493f5a80a96" - } - ] -} -2017-07-09 19:45:56 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tmeasday", role: "editor", id: "59626bd4381b9493f5a80a96", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59626bd4381b9493f5a80a96", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "authorId": "59626bd4381b9493f5a80a96" - } - ] -} -2017-07-09 19:45:56 inserted tweet 59626bd4381b9493f5a80a97. -2017-07-09 19:45:56 pubsub tweetInserted readOne with user tmeasday is authorized -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tmeasday", role: "editor", id: "59626bd4381b9493f5a80a96", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "authorId": "59626bd4381b9493f5a80a96" - } - ] -} -2017-07-09 19:45:56 ERROR Not authorized to insert tweet -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tmeasday", role: "editor", id: "59626bd4381b9493f5a80a96", -Operation: "", variables: "", -Query: -{ - tweet(id: "59626bd4381b9493f5a80a97") { - author { - id - } - body - } -} - -2017-07-09 19:45:56 tweet readOne with user tmeasday is authorized -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "_id": "59626bd4381b9493f5a80a96" - } - ] -} -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tmeasday", role: "editor", id: "59626bd4381b9493f5a80a96", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 19:45:56 tweet readOne with user tmeasday is authorized -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "_id": "59626bd4381b9493f5a80a96" - } - ] -} -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tmeasday", role: "editor", id: "59626bd4381b9493f5a80a96", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59626bd4381b9493f5a80a97", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 19:45:56 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "authorId": "59626bd4381b9493f5a80a96" - }, - { - "coauthorsIds": "59626bd4381b9493f5a80a96" - } - ] -} -2017-07-09 19:45:56 updated tweet 59626bd4381b9493f5a80a97. -2017-07-09 19:45:56 pubsub tweetUpdated readOne with user tmeasday is authorized -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tmeasday", role: "editor", id: "59626bd4381b9493f5a80a96", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 19:45:56 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "authorId": "59626bd4381b9493f5a80a96" - }, - { - "coauthorsIds": "59626bd4381b9493f5a80a96" - } - ] -} -2017-07-09 19:45:56 ERROR Not authorized to update tweet -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tmeasday", role: "editor", id: "59626bd4381b9493f5a80a96", -Operation: "", variables: "", -Query: -{ - tweet(id: "59626bd4381b9493f5a80a97") { - body - } -} - -2017-07-09 19:45:56 tweet readOne with user tmeasday is authorized -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tmeasday", role: "editor", id: "59626bd4381b9493f5a80a96", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59626bd4381b9493f5a80a97") -} - -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "authorId": "59626bd4381b9493f5a80a96" - } - ] -} -2017-07-09 19:45:56 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized -2017-07-09 19:45:56 removed tweet 59626bd4381b9493f5a80a97. -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tmeasday", role: "editor", id: "59626bd4381b9493f5a80a96", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "authorId": "59626bd4381b9493f5a80a96" - } - ] -} -2017-07-09 19:45:56 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized -2017-07-09 19:45:56 ERROR remove tweet failed for finalQuery: { - "_id": "583676d3618530145474e352", - "$or": [ - { - "authorId": "59626bd4381b9493f5a80a96" - } - ] -} -2017-07-09 19:45:56 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tmeasday", role: "editor", id: "59626bd4381b9493f5a80a96", -Operation: "", variables: "", -Query: -{ - tweet(id: "59626bd4381b9493f5a80a97") { - body - } -} - -2017-07-09 19:45:56 tweet readOne with user tmeasday is authorized -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "tmeasday", role: "editor", id: "59626bd4381b9493f5a80a96", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59626bd4381b9493f5a80a96") -} - -2017-07-09 19:45:56 authQuery: { - "$or": [ - { - "_id": "59626bd4381b9493f5a80a96" - } - ] -} -2017-07-09 19:45:56 removed user 59626bd4381b9493f5a80a96. -2017-07-09 19:45:56 -------------------------------------------------------------------------------- -2017-07-09 19:45:56 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59626bd4381b9493f5a80a96") { - username - bio - role - } -} - -2017-07-09 19:45:56 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 19:54:26 Logger started -2017-07-09 19:57:26 Logger started -2017-07-09 19:57:54 -------------------------------------------------------------------------------- -2017-07-09 19:57:54 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-07-09 19:58:04 -------------------------------------------------------------------------------- -2017-07-09 19:58:04 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-07-09 19:58:04 -------------------------------------------------------------------------------- -2017-07-09 19:58:04 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - role - username - } -} - -2017-07-09 19:58:04 user readOne with user stubailo is authorized -2017-07-09 19:58:04 -------------------------------------------------------------------------------- -2017-07-09 19:58:04 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - role - username - } -} - -2017-07-09 19:58:04 user readOne with user stubailo is authorized -2017-07-09 19:58:04 -------------------------------------------------------------------------------- -2017-07-09 19:58:04 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca2") { - role - username - } -} - -2017-07-09 19:58:04 user readOne with user stubailo is authorized -2017-07-09 19:58:04 -------------------------------------------------------------------------------- -2017-07-09 19:58:04 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - id - username - bio - } -} - -2017-07-09 19:58:04 user readOne with user stubailo is authorized -2017-07-09 19:58:04 -------------------------------------------------------------------------------- -2017-07-09 19:58:04 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users { - username - createdAt - } -} - -2017-07-09 19:58:04 users readMany with user stubailo is authorized -2017-07-09 19:58:04 -------------------------------------------------------------------------------- -2017-07-09 19:58:04 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(limit: 1) { - username - createdAt - } -} - -2017-07-09 19:58:04 users readMany with user stubailo is authorized -2017-07-09 19:58:04 -------------------------------------------------------------------------------- -2017-07-09 19:58:04 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993) { - username - createdAt - } -} - -2017-07-09 19:58:04 users readMany with user stubailo is authorized -2017-07-09 19:58:04 -------------------------------------------------------------------------------- -2017-07-09 19:58:04 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } -} - -2017-07-09 19:58:04 users readMany with user stubailo is authorized -2017-07-09 19:58:04 -------------------------------------------------------------------------------- -2017-07-09 19:58:04 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers { - username - createdAt - } - } -} - -2017-07-09 19:58:04 user readOne with user stubailo is authorized -2017-07-09 19:58:04 followers readMany with user stubailo is authorized -2017-07-09 19:58:04 -------------------------------------------------------------------------------- -2017-07-09 19:58:04 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(limit: 1) { - username - createdAt - } - } -} - -2017-07-09 19:58:04 user readOne with user stubailo is authorized -2017-07-09 19:58:04 followers readMany with user stubailo is authorized -2017-07-09 19:58:04 -------------------------------------------------------------------------------- -2017-07-09 19:58:04 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-07-09 19:58:04 user readOne with user stubailo is authorized -2017-07-09 19:58:04 followers readMany with user stubailo is authorized -2017-07-09 19:58:04 -------------------------------------------------------------------------------- -2017-07-09 19:58:04 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-07-09 19:58:04 user readOne with user stubailo is authorized -2017-07-09 19:58:04 followers readMany with user stubailo is authorized -2017-07-09 19:58:04 -------------------------------------------------------------------------------- -2017-07-09 19:58:04 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following { - username - createdAt - } - } -} - -2017-07-09 19:58:04 user readOne with user stubailo is authorized -2017-07-09 19:58:04 following readMany with user stubailo is authorized -2017-07-09 19:58:04 -------------------------------------------------------------------------------- -2017-07-09 19:58:04 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(limit: 1) { - username - createdAt - } - } -} - -2017-07-09 19:58:04 user readOne with user stubailo is authorized -2017-07-09 19:58:04 following readMany with user stubailo is authorized -2017-07-09 19:58:04 -------------------------------------------------------------------------------- -2017-07-09 19:58:04 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-07-09 19:58:04 user readOne with user stubailo is authorized -2017-07-09 19:58:04 following readMany with user stubailo is authorized -2017-07-09 19:58:04 -------------------------------------------------------------------------------- -2017-07-09 19:58:04 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-07-09 19:58:04 user readOne with user stubailo is authorized -2017-07-09 19:58:04 following readMany with user stubailo is authorized -2017-07-09 19:58:04 -------------------------------------------------------------------------------- -2017-07-09 19:58:04 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets { - id - createdAt - } - } -} - -2017-07-09 19:58:04 user readOne with user stubailo is authorized -2017-07-09 19:58:04 tweets readMany with user stubailo is authorized -2017-07-09 19:58:04 -------------------------------------------------------------------------------- -2017-07-09 19:58:04 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(limit: 1) { - id - createdAt - } - } -} - -2017-07-09 19:58:04 user readOne with user stubailo is authorized -2017-07-09 19:58:04 tweets readMany with user stubailo is authorized -2017-07-09 19:58:04 -------------------------------------------------------------------------------- -2017-07-09 19:58:04 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } - } -} - -2017-07-09 19:58:04 user readOne with user stubailo is authorized -2017-07-09 19:58:04 tweets readMany with user stubailo is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } - } -} - -2017-07-09 19:58:05 user readOne with user stubailo is authorized -2017-07-09 19:58:05 tweets readMany with user stubailo is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked { - id - createdAt - } - } -} - -2017-07-09 19:58:05 user readOne with user stubailo is authorized -2017-07-09 19:58:05 liked readMany with user stubailo is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(limit: 1) { - id - createdAt - } - } -} - -2017-07-09 19:58:05 user readOne with user stubailo is authorized -2017-07-09 19:58:05 liked readMany with user stubailo is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334) { - id - createdAt - } - } -} - -2017-07-09 19:58:05 user readOne with user stubailo is authorized -2017-07-09 19:58:05 liked readMany with user stubailo is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334, limit: 1) { - id - createdAt - } - } -} - -2017-07-09 19:58:05 user readOne with user stubailo is authorized -2017-07-09 19:58:05 liked readMany with user stubailo is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - id - body - } -} - -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - author { - username - } - } -} - -2017-07-09 19:58:05 tweet readOne with user stubailo is authorized -2017-07-09 19:58:05 tweet readOne with user stubailo is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets { - id - createdAt - } -} - -2017-07-09 19:58:05 tweets readMany with user stubailo is authorized -2017-07-09 19:58:05 author readOne with user stubailo is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(limit: 1) { - id - createdAt - } -} - -2017-07-09 19:58:05 tweets readMany with user stubailo is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } -} - -2017-07-09 19:58:05 tweets readMany with user stubailo is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } -} - -2017-07-09 19:58:05 tweets readMany with user stubailo is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers { - username - createdAt - } - } -} - -2017-07-09 19:58:05 tweet readOne with user stubailo is authorized -2017-07-09 19:58:05 likers readMany with user stubailo is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(limit: 1) { - username - createdAt - } - } -} - -2017-07-09 19:58:05 tweet readOne with user stubailo is authorized -2017-07-09 19:58:05 likers readMany with user stubailo is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993) { - username - createdAt - } - } -} - -2017-07-09 19:58:05 tweet readOne with user stubailo is authorized -2017-07-09 19:58:05 likers readMany with user stubailo is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } - } -} - -2017-07-09 19:58:05 tweet readOne with user stubailo is authorized -2017-07-09 19:58:05 likers readMany with user stubailo is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { - id - role - } -} - -2017-07-09 19:58:05 insert user create with user stubailo is authorized -2017-07-09 19:58:05 inserted user 59626ead9506339804845128. -2017-07-09 19:58:05 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "admin", id: "59626ead9506339804845128", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-07-09 19:58:05 insert user create with user tobkle is authorized -2017-07-09 19:58:05 inserted user 59626ead9506339804845129. -2017-07-09 19:58:05 pubsub userInserted readOne with user tobkle is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "admin", id: "59626ead9506339804845128", -Operation: "", variables: "", -Query: -{ - user(id: "59626ead9506339804845129") { - username - bio - role - } -} - -2017-07-09 19:58:05 user readOne with user tobkle is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "admin", id: "59626ead9506339804845128", -Operation: "", variables: "", -Query: -{ - user(id: "59626ead9506339804845128") { - username - role - } -} - -2017-07-09 19:58:05 user readOne with user tobkle is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "admin", id: "59626ead9506339804845128", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59626ead9506339804845129", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-07-09 19:58:05 update user update with user tobkle is authorized -2017-07-09 19:58:05 updated user 59626ead9506339804845129. -2017-07-09 19:58:05 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "admin", id: "59626ead9506339804845128", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59626ead9506339804845128", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 19:58:05 update user update with user tobkle is authorized -2017-07-09 19:58:05 updated user 59626ead9506339804845128. -2017-07-09 19:58:05 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "admin", id: "59626ead9506339804845128", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59626ead9506339804845129", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 19:58:05 update user update with user tobkle is authorized -2017-07-09 19:58:05 updated user 59626ead9506339804845129. -2017-07-09 19:58:05 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "admin", id: "59626ead9506339804845128", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59626ead9506339804845128", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-07-09 19:58:05 update user update with user tobkle is authorized -2017-07-09 19:58:05 updated user 59626ead9506339804845128. -2017-07-09 19:58:05 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "editor", id: "59626ead9506339804845128", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59626ead9506339804845128", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "_id": "59626ead9506339804845128" - } - ] -} -2017-07-09 19:58:05 ERROR Not authorized to update field "role" -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "zoltan", role: "admin", id: "59626ead9506339804845129", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59626ead9506339804845128", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 19:58:05 update user update with user zoltan is authorized -2017-07-09 19:58:05 updated user 59626ead9506339804845128. -2017-07-09 19:58:05 pubsub userUpdated readOne with user zoltan is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "admin", id: "59626ead9506339804845128", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59626ead9506339804845129") -} - -2017-07-09 19:58:05 removeUser delete with user tobkle is authorized -2017-07-09 19:58:05 removed user 59626ead9506339804845129. -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "admin", id: "59626ead9506339804845128", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59626ead9506339804845128", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 19:58:05 insert tweet create with user tobkle is authorized -2017-07-09 19:58:05 inserted tweet 59626ead950633980484512a. -2017-07-09 19:58:05 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "admin", id: "59626ead9506339804845128", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 19:58:05 insert tweet create with user tobkle is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "admin", id: "59626ead9506339804845128", -Operation: "", variables: "", -Query: -{ - tweet(id: "59626ead950633980484512a") { - author { - id - } - body - } -} - -2017-07-09 19:58:05 tweet readOne with user tobkle is authorized -2017-07-09 19:58:05 inserted tweet 59626ead950633980484512b. -2017-07-09 19:58:05 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 19:58:05 author readOne with user tobkle is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "admin", id: "59626ead9506339804845128", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 19:58:05 tweet readOne with user tobkle is authorized -2017-07-09 19:58:05 author readOne with user tobkle is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "admin", id: "59626ead9506339804845128", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59626ead950633980484512a", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 19:58:05 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 19:58:05 update tweet update with user tobkle is authorized -2017-07-09 19:58:05 updated tweet 59626ead950633980484512a. -2017-07-09 19:58:05 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "admin", id: "59626ead9506339804845128", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59626ead950633980484512b", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 19:58:05 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 19:58:05 update tweet update with user tobkle is authorized -2017-07-09 19:58:05 updated tweet 59626ead950633980484512b. -2017-07-09 19:58:05 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "admin", id: "59626ead9506339804845128", -Operation: "", variables: "", -Query: -{ - tweet(id: "59626ead950633980484512a") { - body - } -} - -2017-07-09 19:58:05 tweet readOne with user tobkle is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "admin", id: "59626ead9506339804845128", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59626ead950633980484512a") -} - -2017-07-09 19:58:05 removeTweet delete with user tobkle is authorized -2017-07-09 19:58:05 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 19:58:05 removed tweet 59626ead950633980484512a. -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "admin", id: "59626ead9506339804845128", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59626ead950633980484512b") -} - -2017-07-09 19:58:05 removeTweet delete with user tobkle is authorized -2017-07-09 19:58:05 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 19:58:05 removed tweet 59626ead950633980484512b. -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "admin", id: "59626ead9506339804845128", -Operation: "", variables: "", -Query: -{ - tweet(id: "59626ead950633980484512a") { - body - } -} - -2017-07-09 19:58:05 tweet readOne with user tobkle is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "admin", id: "59626ead9506339804845128", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59626ead9506339804845128") -} - -2017-07-09 19:58:05 removeUser delete with user tobkle is authorized -2017-07-09 19:58:05 removed user 59626ead9506339804845128. -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59626ead9506339804845128") { - username - bio - role - } -} - -2017-07-09 19:58:05 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-07-09 19:58:05 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-07-09 19:58:05 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 19:58:05 ERROR Authorization: Not authorized to update in update user. -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-07-09 19:58:05 ERROR Authorization: Not authorized to delete in removeUser. -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 19:58:05 ERROR Authorization: Not authorized to create in insert tweet. -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 19:58:05 tweet readOne with user is authorized -2017-07-09 19:58:05 ERROR Authorization: Not authorized to readOne in author. -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 19:58:05 tweet getOneById in updateById for docBefore readOne with user is authorized -2017-07-09 19:58:05 ERROR Authorization: Not authorized to update in update tweet. -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 19:58:05 tweet getOneById in updateById for docBefore readOne with user is authorized -2017-07-09 19:58:05 ERROR Authorization: Not authorized to update in update tweet. -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-07-09 19:58:05 ERROR Authorization: Not authorized to delete in removeTweet. -2017-07-09 19:58:05 tweet getOneById in removeById for docBefore readOne with user is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { - id - role - } -} - -2017-07-09 19:58:05 insert user create with user stubailo is authorized -2017-07-09 19:58:05 inserted user 59626ead950633980484512c. -2017-07-09 19:58:05 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "user", id: "59626ead950633980484512c", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-07-09 19:58:05 authQuery: { - "$or": [] -} -2017-07-09 19:58:05 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "user", id: "59626ead950633980484512c", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "_id": "59626ead950633980484512c" - } - ] -} -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "user", id: "59626ead950633980484512c", -Operation: "", variables: "", -Query: -{ - user(id: "59626ead950633980484512c") { - username - } -} - -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "_id": "59626ead950633980484512c" - } - ] -} -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "user", id: "59626ead950633980484512c", -Operation: "", variables: "", -Query: -{ - user(id: "59626ead950633980484512c") { - username - role - } -} - -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "_id": "59626ead950633980484512c" - } - ] -} -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "user", id: "59626ead950633980484512c", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "_id": "59626ead950633980484512c" - } - ] -} -2017-07-09 19:58:05 ERROR Not authorized to update user -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "user", id: "59626ead950633980484512c", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59626ead950633980484512c", input: {username: "tobkle", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "_id": "59626ead950633980484512c" - } - ] -} -2017-07-09 19:58:05 updated user 59626ead950633980484512c. -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "_id": "59626ead950633980484512c" - } - ] -} -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "user", id: "59626ead950633980484512c", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59626ead950633980484512c", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "_id": "59626ead950633980484512c" - } - ] -} -2017-07-09 19:58:05 ERROR Not authorized to update field "role" -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "user", id: "59626ead950633980484512c", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "_id": "59626ead950633980484512c" - } - ] -} -2017-07-09 19:58:05 ERROR remove user failed for finalQuery: { - "_id": "583291a1638566b3c5a92ca1", - "$or": [ - { - "_id": "59626ead950633980484512c" - } - ] -} -2017-07-09 19:58:05 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "user", id: "59626ead950633980484512c", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59626ead950633980484512c", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "authorId": "59626ead950633980484512c" - } - ] -} -2017-07-09 19:58:05 inserted tweet 59626ead950633980484512d. -2017-07-09 19:58:05 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "user", id: "59626ead950633980484512c", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "authorId": "59626ead950633980484512c" - } - ] -} -2017-07-09 19:58:05 ERROR Not authorized to insert tweet -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "user", id: "59626ead950633980484512c", -Operation: "", variables: "", -Query: -{ - tweet(id: "59626ead950633980484512d") { - author { - id - } - body - } -} - -2017-07-09 19:58:05 tweet readOne with user tobkle is authorized -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "_id": "59626ead950633980484512c" - } - ] -} -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "user", id: "59626ead950633980484512c", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 19:58:05 tweet readOne with user tobkle is authorized -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "_id": "59626ead950633980484512c" - } - ] -} -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "user", id: "59626ead950633980484512c", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59626ead950633980484512d", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 19:58:05 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "authorId": "59626ead950633980484512c" - }, - { - "coauthorsIds": "59626ead950633980484512c" - } - ] -} -2017-07-09 19:58:05 updated tweet 59626ead950633980484512d. -2017-07-09 19:58:05 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "user", id: "59626ead950633980484512c", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 19:58:05 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "authorId": "59626ead950633980484512c" - }, - { - "coauthorsIds": "59626ead950633980484512c" - } - ] -} -2017-07-09 19:58:05 ERROR Not authorized to update tweet -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "user", id: "59626ead950633980484512c", -Operation: "", variables: "", -Query: -{ - tweet(id: "59626ead950633980484512d") { - body - } -} - -2017-07-09 19:58:05 tweet readOne with user tobkle is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "user", id: "59626ead950633980484512c", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59626ead950633980484512d") -} - -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "authorId": "59626ead950633980484512c" - } - ] -} -2017-07-09 19:58:05 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 19:58:05 removed tweet 59626ead950633980484512d. -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "user", id: "59626ead950633980484512c", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "authorId": "59626ead950633980484512c" - } - ] -} -2017-07-09 19:58:05 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 19:58:05 ERROR remove tweet failed for finalQuery: { - "_id": "583676d3618530145474e352", - "$or": [ - { - "authorId": "59626ead950633980484512c" - } - ] -} -2017-07-09 19:58:05 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "user", id: "59626ead950633980484512c", -Operation: "", variables: "", -Query: -{ - tweet(id: "59626ead950633980484512d") { - body - } -} - -2017-07-09 19:58:05 tweet readOne with user tobkle is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "user", id: "59626ead950633980484512c", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59626ead950633980484512c") -} - -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "_id": "59626ead950633980484512c" - } - ] -} -2017-07-09 19:58:05 removed user 59626ead950633980484512c. -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59626ead950633980484512c") { - username - bio - role - } -} - -2017-07-09 19:58:05 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { - id - role - } -} - -2017-07-09 19:58:05 insert user create with user stubailo is authorized -2017-07-09 19:58:05 inserted user 59626ead950633980484512e. -2017-07-09 19:58:05 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "editor", id: "59626ead950633980484512e", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-07-09 19:58:05 authQuery: { - "$or": [] -} -2017-07-09 19:58:05 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "editor", id: "59626ead950633980484512e", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "_id": "59626ead950633980484512e" - } - ] -} -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "editor", id: "59626ead950633980484512e", -Operation: "", variables: "", -Query: -{ - user(id: "59626ead950633980484512e") { - username - role - } -} - -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "_id": "59626ead950633980484512e" - } - ] -} -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "editor", id: "59626ead950633980484512e", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "_id": "59626ead950633980484512e" - } - ] -} -2017-07-09 19:58:05 ERROR Not authorized to update user -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tobkle", role: "editor", id: "59626ead950633980484512e", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59626ead950633980484512e", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "_id": "59626ead950633980484512e" - } - ] -} -2017-07-09 19:58:05 updated user 59626ead950633980484512e. -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "_id": "59626ead950633980484512e" - } - ] -} -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tmeasday", role: "editor", id: "59626ead950633980484512e", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59626ead950633980484512e", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "_id": "59626ead950633980484512e" - } - ] -} -2017-07-09 19:58:05 ERROR Not authorized to update field "role" -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tmeasday", role: "editor", id: "59626ead950633980484512e", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "_id": "59626ead950633980484512e" - } - ] -} -2017-07-09 19:58:05 ERROR remove user failed for finalQuery: { - "_id": "583291a1638566b3c5a92ca1", - "$or": [ - { - "_id": "59626ead950633980484512e" - } - ] -} -2017-07-09 19:58:05 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tmeasday", role: "editor", id: "59626ead950633980484512e", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59626ead950633980484512e", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "authorId": "59626ead950633980484512e" - } - ] -} -2017-07-09 19:58:05 inserted tweet 59626ead950633980484512f. -2017-07-09 19:58:05 pubsub tweetInserted readOne with user tmeasday is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tmeasday", role: "editor", id: "59626ead950633980484512e", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "authorId": "59626ead950633980484512e" - } - ] -} -2017-07-09 19:58:05 ERROR Not authorized to insert tweet -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tmeasday", role: "editor", id: "59626ead950633980484512e", -Operation: "", variables: "", -Query: -{ - tweet(id: "59626ead950633980484512f") { - author { - id - } - body - } -} - -2017-07-09 19:58:05 tweet readOne with user tmeasday is authorized -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "_id": "59626ead950633980484512e" - } - ] -} -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tmeasday", role: "editor", id: "59626ead950633980484512e", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 19:58:05 tweet readOne with user tmeasday is authorized -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "_id": "59626ead950633980484512e" - } - ] -} -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tmeasday", role: "editor", id: "59626ead950633980484512e", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59626ead950633980484512f", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 19:58:05 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "authorId": "59626ead950633980484512e" - }, - { - "coauthorsIds": "59626ead950633980484512e" - } - ] -} -2017-07-09 19:58:05 updated tweet 59626ead950633980484512f. -2017-07-09 19:58:05 pubsub tweetUpdated readOne with user tmeasday is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tmeasday", role: "editor", id: "59626ead950633980484512e", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 19:58:05 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "authorId": "59626ead950633980484512e" - }, - { - "coauthorsIds": "59626ead950633980484512e" - } - ] -} -2017-07-09 19:58:05 ERROR Not authorized to update tweet -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tmeasday", role: "editor", id: "59626ead950633980484512e", -Operation: "", variables: "", -Query: -{ - tweet(id: "59626ead950633980484512f") { - body - } -} - -2017-07-09 19:58:05 tweet readOne with user tmeasday is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tmeasday", role: "editor", id: "59626ead950633980484512e", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59626ead950633980484512f") -} - -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "authorId": "59626ead950633980484512e" - } - ] -} -2017-07-09 19:58:05 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized -2017-07-09 19:58:05 removed tweet 59626ead950633980484512f. -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tmeasday", role: "editor", id: "59626ead950633980484512e", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "authorId": "59626ead950633980484512e" - } - ] -} -2017-07-09 19:58:05 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized -2017-07-09 19:58:05 ERROR remove tweet failed for finalQuery: { - "_id": "583676d3618530145474e352", - "$or": [ - { - "authorId": "59626ead950633980484512e" - } - ] -} -2017-07-09 19:58:05 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tmeasday", role: "editor", id: "59626ead950633980484512e", -Operation: "", variables: "", -Query: -{ - tweet(id: "59626ead950633980484512f") { - body - } -} - -2017-07-09 19:58:05 tweet readOne with user tmeasday is authorized -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "tmeasday", role: "editor", id: "59626ead950633980484512e", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59626ead950633980484512e") -} - -2017-07-09 19:58:05 authQuery: { - "$or": [ - { - "_id": "59626ead950633980484512e" - } - ] -} -2017-07-09 19:58:05 removed user 59626ead950633980484512e. -2017-07-09 19:58:05 -------------------------------------------------------------------------------- -2017-07-09 19:58:05 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59626ead950633980484512e") { - username - bio - role - } -} - -2017-07-09 19:58:05 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 19:59:58 Logger started -2017-07-09 20:01:09 Logger started -2017-07-09 20:03:22 Logger started -2017-07-09 20:04:03 -------------------------------------------------------------------------------- -2017-07-09 20:04:03 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - role - username - } -} - -2017-07-09 20:04:15 user readOne with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - role - username - } -} - -2017-07-09 20:04:15 user readOne with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca2") { - role - username - } -} - -2017-07-09 20:04:15 user readOne with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - id - username - bio - } -} - -2017-07-09 20:04:15 user readOne with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users { - username - createdAt - } -} - -2017-07-09 20:04:15 users readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(limit: 1) { - username - createdAt - } -} - -2017-07-09 20:04:15 users readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993) { - username - createdAt - } -} - -2017-07-09 20:04:15 users readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } -} - -2017-07-09 20:04:15 users readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers { - username - createdAt - } - } -} - -2017-07-09 20:04:15 user readOne with user stubailo is authorized -2017-07-09 20:04:15 followers readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:04:15 user readOne with user stubailo is authorized -2017-07-09 20:04:15 followers readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-07-09 20:04:15 user readOne with user stubailo is authorized -2017-07-09 20:04:15 followers readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:04:15 user readOne with user stubailo is authorized -2017-07-09 20:04:15 followers readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following { - username - createdAt - } - } -} - -2017-07-09 20:04:15 user readOne with user stubailo is authorized -2017-07-09 20:04:15 following readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:04:15 user readOne with user stubailo is authorized -2017-07-09 20:04:15 following readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-07-09 20:04:15 user readOne with user stubailo is authorized -2017-07-09 20:04:15 following readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:04:15 user readOne with user stubailo is authorized -2017-07-09 20:04:15 following readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets { - id - createdAt - } - } -} - -2017-07-09 20:04:15 user readOne with user stubailo is authorized -2017-07-09 20:04:15 tweets readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(limit: 1) { - id - createdAt - } - } -} - -2017-07-09 20:04:15 user readOne with user stubailo is authorized -2017-07-09 20:04:15 tweets readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } - } -} - -2017-07-09 20:04:15 user readOne with user stubailo is authorized -2017-07-09 20:04:15 tweets readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } - } -} - -2017-07-09 20:04:15 user readOne with user stubailo is authorized -2017-07-09 20:04:15 tweets readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked { - id - createdAt - } - } -} - -2017-07-09 20:04:15 user readOne with user stubailo is authorized -2017-07-09 20:04:15 liked readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(limit: 1) { - id - createdAt - } - } -} - -2017-07-09 20:04:15 user readOne with user stubailo is authorized -2017-07-09 20:04:15 liked readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334) { - id - createdAt - } - } -} - -2017-07-09 20:04:15 user readOne with user stubailo is authorized -2017-07-09 20:04:15 liked readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334, limit: 1) { - id - createdAt - } - } -} - -2017-07-09 20:04:15 user readOne with user stubailo is authorized -2017-07-09 20:04:15 liked readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - author { - username - } - } -} - -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - id - body - } -} - -2017-07-09 20:04:15 tweet readOne with user stubailo is authorized -2017-07-09 20:04:15 tweet readOne with user stubailo is authorized -2017-07-09 20:04:15 author readOne with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets { - id - createdAt - } -} - -2017-07-09 20:04:15 tweets readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(limit: 1) { - id - createdAt - } -} - -2017-07-09 20:04:15 tweets readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } -} - -2017-07-09 20:04:15 tweets readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } -} - -2017-07-09 20:04:15 tweets readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers { - username - createdAt - } - } -} - -2017-07-09 20:04:15 tweet readOne with user stubailo is authorized -2017-07-09 20:04:15 likers readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:04:15 tweet readOne with user stubailo is authorized -2017-07-09 20:04:15 likers readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993) { - username - createdAt - } - } -} - -2017-07-09 20:04:15 tweet readOne with user stubailo is authorized -2017-07-09 20:04:15 likers readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:04:15 tweet readOne with user stubailo is authorized -2017-07-09 20:04:15 likers readMany with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { - id - role - } -} - -2017-07-09 20:04:15 insert user create with user stubailo is authorized -2017-07-09 20:04:15 inserted user 5962701fbd5b289911a30965. -2017-07-09 20:04:15 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-07-09 20:04:15 insert user create with user tobkle is authorized -2017-07-09 20:04:15 inserted user 5962701fbd5b289911a30966. -2017-07-09 20:04:15 pubsub userInserted readOne with user tobkle is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", -Operation: "", variables: "", -Query: -{ - user(id: "5962701fbd5b289911a30966") { - username - bio - role - } -} - -2017-07-09 20:04:15 user readOne with user tobkle is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", -Operation: "", variables: "", -Query: -{ - user(id: "5962701fbd5b289911a30965") { - username - role - } -} - -2017-07-09 20:04:15 user readOne with user tobkle is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "5962701fbd5b289911a30966", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-07-09 20:04:15 update user update with user tobkle is authorized -2017-07-09 20:04:15 updated user 5962701fbd5b289911a30966. -2017-07-09 20:04:15 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "5962701fbd5b289911a30965", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:04:15 update user update with user tobkle is authorized -2017-07-09 20:04:15 updated user 5962701fbd5b289911a30965. -2017-07-09 20:04:15 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "5962701fbd5b289911a30966", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:04:15 update user update with user tobkle is authorized -2017-07-09 20:04:15 updated user 5962701fbd5b289911a30966. -2017-07-09 20:04:15 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "5962701fbd5b289911a30965", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-07-09 20:04:15 update user update with user tobkle is authorized -2017-07-09 20:04:15 updated user 5962701fbd5b289911a30965. -2017-07-09 20:04:15 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "editor", id: "5962701fbd5b289911a30965", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "5962701fbd5b289911a30965", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:04:15 authQuery: { - "$or": [ - { - "_id": "5962701fbd5b289911a30965" - } - ] -} -2017-07-09 20:04:15 ERROR Not authorized to update field "role" -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "zoltan", role: "admin", id: "5962701fbd5b289911a30966", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "5962701fbd5b289911a30965", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:04:15 update user update with user zoltan is authorized -2017-07-09 20:04:15 updated user 5962701fbd5b289911a30965. -2017-07-09 20:04:15 pubsub userUpdated readOne with user zoltan is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "5962701fbd5b289911a30966") -} - -2017-07-09 20:04:15 removeUser delete with user tobkle is authorized -2017-07-09 20:04:15 removed user 5962701fbd5b289911a30966. -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "5962701fbd5b289911a30965", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 20:04:15 insert tweet create with user tobkle is authorized -2017-07-09 20:04:15 inserted tweet 5962701fbd5b289911a30967. -2017-07-09 20:04:15 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", -Operation: "", variables: "", -Query: -{ - tweet(id: "5962701fbd5b289911a30967") { - author { - id - } - body - } -} - -2017-07-09 20:04:15 tweet readOne with user tobkle is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 20:04:15 insert tweet create with user tobkle is authorized -2017-07-09 20:04:15 author readOne with user tobkle is authorized -2017-07-09 20:04:15 inserted tweet 5962701fbd5b289911a30968. -2017-07-09 20:04:15 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 20:04:15 tweet readOne with user tobkle is authorized -2017-07-09 20:04:15 author readOne with user tobkle is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "5962701fbd5b289911a30967", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:04:15 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 20:04:15 update tweet update with user tobkle is authorized -2017-07-09 20:04:15 updated tweet 5962701fbd5b289911a30967. -2017-07-09 20:04:15 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "5962701fbd5b289911a30968", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:04:15 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 20:04:15 update tweet update with user tobkle is authorized -2017-07-09 20:04:15 updated tweet 5962701fbd5b289911a30968. -2017-07-09 20:04:15 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", -Operation: "", variables: "", -Query: -{ - tweet(id: "5962701fbd5b289911a30967") { - body - } -} - -2017-07-09 20:04:15 tweet readOne with user tobkle is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "5962701fbd5b289911a30967") -} - -2017-07-09 20:04:15 removeTweet delete with user tobkle is authorized -2017-07-09 20:04:15 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 20:04:15 removed tweet 5962701fbd5b289911a30967. -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "5962701fbd5b289911a30968") -} - -2017-07-09 20:04:15 removeTweet delete with user tobkle is authorized -2017-07-09 20:04:15 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 20:04:15 removed tweet 5962701fbd5b289911a30968. -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", -Operation: "", variables: "", -Query: -{ - tweet(id: "5962701fbd5b289911a30967") { - body - } -} - -2017-07-09 20:04:15 tweet readOne with user tobkle is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "admin", id: "5962701fbd5b289911a30965", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "5962701fbd5b289911a30965") -} - -2017-07-09 20:04:15 removeUser delete with user tobkle is authorized -2017-07-09 20:04:15 removed user 5962701fbd5b289911a30965. -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "5962701fbd5b289911a30965") { - username - bio - role - } -} - -2017-07-09 20:04:15 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-07-09 20:04:15 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-07-09 20:04:15 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:04:15 ERROR Authorization: Not authorized to update in update user. -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-07-09 20:04:15 ERROR Authorization: Not authorized to delete in removeUser. -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 20:04:15 ERROR Authorization: Not authorized to create in insert tweet. -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 20:04:15 tweet readOne with user is authorized -2017-07-09 20:04:15 ERROR Authorization: Not authorized to readOne in author. -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:04:15 tweet getOneById in updateById for docBefore readOne with user is authorized -2017-07-09 20:04:15 ERROR Authorization: Not authorized to update in update tweet. -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:04:15 tweet getOneById in updateById for docBefore readOne with user is authorized -2017-07-09 20:04:15 ERROR Authorization: Not authorized to update in update tweet. -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-07-09 20:04:15 ERROR Authorization: Not authorized to delete in removeTweet. -2017-07-09 20:04:15 tweet getOneById in removeById for docBefore readOne with user is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { - id - role - } -} - -2017-07-09 20:04:15 insert user create with user stubailo is authorized -2017-07-09 20:04:15 inserted user 5962701fbd5b289911a30969. -2017-07-09 20:04:15 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-07-09 20:04:15 authQuery: { - "$or": [] -} -2017-07-09 20:04:15 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-07-09 20:04:15 authQuery: { - "$or": [ - { - "_id": "5962701fbd5b289911a30969" - } - ] -} -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", -Operation: "", variables: "", -Query: -{ - user(id: "5962701fbd5b289911a30969") { - username - } -} - -2017-07-09 20:04:15 authQuery: { - "$or": [ - { - "_id": "5962701fbd5b289911a30969" - } - ] -} -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", -Operation: "", variables: "", -Query: -{ - user(id: "5962701fbd5b289911a30969") { - username - role - } -} - -2017-07-09 20:04:15 authQuery: { - "$or": [ - { - "_id": "5962701fbd5b289911a30969" - } - ] -} -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:04:15 authQuery: { - "$or": [ - { - "_id": "5962701fbd5b289911a30969" - } - ] -} -2017-07-09 20:04:15 ERROR Not authorized to update user -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "5962701fbd5b289911a30969", input: {username: "tobkle", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-07-09 20:04:15 authQuery: { - "$or": [ - { - "_id": "5962701fbd5b289911a30969" - } - ] -} -2017-07-09 20:04:15 updated user 5962701fbd5b289911a30969. -2017-07-09 20:04:15 authQuery: { - "$or": [ - { - "_id": "5962701fbd5b289911a30969" - } - ] -} -2017-07-09 20:04:15 -------------------------------------------------------------------------------- -2017-07-09 20:04:15 Request: -User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "5962701fbd5b289911a30969", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:04:15 authQuery: { - "$or": [ - { - "_id": "5962701fbd5b289911a30969" - } - ] -} -2017-07-09 20:04:15 ERROR Not authorized to update field "role" -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-07-09 20:04:16 authQuery: { - "$or": [ - { - "_id": "5962701fbd5b289911a30969" - } - ] -} -2017-07-09 20:04:16 ERROR remove user failed for finalQuery: { - "_id": "583291a1638566b3c5a92ca1", - "$or": [ - { - "_id": "5962701fbd5b289911a30969" - } - ] -} -2017-07-09 20:04:16 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "5962701fbd5b289911a30969", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 20:04:16 authQuery: { - "$or": [ - { - "authorId": "5962701fbd5b289911a30969" - } - ] -} -2017-07-09 20:04:16 inserted tweet 59627020bd5b289911a3096a. -2017-07-09 20:04:16 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 20:04:16 authQuery: { - "$or": [ - { - "authorId": "5962701fbd5b289911a30969" - } - ] -} -2017-07-09 20:04:16 ERROR Not authorized to insert tweet -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", -Operation: "", variables: "", -Query: -{ - tweet(id: "59627020bd5b289911a3096a") { - author { - id - } - body - } -} - -2017-07-09 20:04:16 tweet readOne with user tobkle is authorized -2017-07-09 20:04:16 authQuery: { - "$or": [ - { - "_id": "5962701fbd5b289911a30969" - } - ] -} -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 20:04:16 tweet readOne with user tobkle is authorized -2017-07-09 20:04:16 authQuery: { - "$or": [ - { - "_id": "5962701fbd5b289911a30969" - } - ] -} -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59627020bd5b289911a3096a", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:04:16 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 20:04:16 authQuery: { - "$or": [ - { - "authorId": "5962701fbd5b289911a30969" - }, - { - "coauthorsIds": "5962701fbd5b289911a30969" - } - ] -} -2017-07-09 20:04:16 updated tweet 59627020bd5b289911a3096a. -2017-07-09 20:04:16 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:04:16 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 20:04:16 authQuery: { - "$or": [ - { - "authorId": "5962701fbd5b289911a30969" - }, - { - "coauthorsIds": "5962701fbd5b289911a30969" - } - ] -} -2017-07-09 20:04:16 ERROR Not authorized to update tweet -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", -Operation: "", variables: "", -Query: -{ - tweet(id: "59627020bd5b289911a3096a") { - body - } -} - -2017-07-09 20:04:16 tweet readOne with user tobkle is authorized -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59627020bd5b289911a3096a") -} - -2017-07-09 20:04:16 authQuery: { - "$or": [ - { - "authorId": "5962701fbd5b289911a30969" - } - ] -} -2017-07-09 20:04:16 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 20:04:16 removed tweet 59627020bd5b289911a3096a. -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-07-09 20:04:16 authQuery: { - "$or": [ - { - "authorId": "5962701fbd5b289911a30969" - } - ] -} -2017-07-09 20:04:16 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 20:04:16 ERROR remove tweet failed for finalQuery: { - "_id": "583676d3618530145474e352", - "$or": [ - { - "authorId": "5962701fbd5b289911a30969" - } - ] -} -2017-07-09 20:04:16 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", -Operation: "", variables: "", -Query: -{ - tweet(id: "59627020bd5b289911a3096a") { - body - } -} - -2017-07-09 20:04:16 tweet readOne with user tobkle is authorized -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tobkle", role: "user", id: "5962701fbd5b289911a30969", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "5962701fbd5b289911a30969") -} - -2017-07-09 20:04:16 authQuery: { - "$or": [ - { - "_id": "5962701fbd5b289911a30969" - } - ] -} -2017-07-09 20:04:16 removed user 5962701fbd5b289911a30969. -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "5962701fbd5b289911a30969") { - username - bio - role - } -} - -2017-07-09 20:04:16 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { - id - role - } -} - -2017-07-09 20:04:16 insert user create with user stubailo is authorized -2017-07-09 20:04:16 inserted user 59627020bd5b289911a3096b. -2017-07-09 20:04:16 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tobkle", role: "editor", id: "59627020bd5b289911a3096b", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-07-09 20:04:16 authQuery: { - "$or": [] -} -2017-07-09 20:04:16 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tobkle", role: "editor", id: "59627020bd5b289911a3096b", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-07-09 20:04:16 authQuery: { - "$or": [ - { - "_id": "59627020bd5b289911a3096b" - } - ] -} -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tobkle", role: "editor", id: "59627020bd5b289911a3096b", -Operation: "", variables: "", -Query: -{ - user(id: "59627020bd5b289911a3096b") { - username - role - } -} - -2017-07-09 20:04:16 authQuery: { - "$or": [ - { - "_id": "59627020bd5b289911a3096b" - } - ] -} -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tobkle", role: "editor", id: "59627020bd5b289911a3096b", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:04:16 authQuery: { - "$or": [ - { - "_id": "59627020bd5b289911a3096b" - } - ] -} -2017-07-09 20:04:16 ERROR Not authorized to update user -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tobkle", role: "editor", id: "59627020bd5b289911a3096b", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59627020bd5b289911a3096b", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-07-09 20:04:16 authQuery: { - "$or": [ - { - "_id": "59627020bd5b289911a3096b" - } - ] -} -2017-07-09 20:04:16 updated user 59627020bd5b289911a3096b. -2017-07-09 20:04:16 authQuery: { - "$or": [ - { - "_id": "59627020bd5b289911a3096b" - } - ] -} -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tmeasday", role: "editor", id: "59627020bd5b289911a3096b", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59627020bd5b289911a3096b", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:04:16 authQuery: { - "$or": [ - { - "_id": "59627020bd5b289911a3096b" - } - ] -} -2017-07-09 20:04:16 ERROR Not authorized to update field "role" -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tmeasday", role: "editor", id: "59627020bd5b289911a3096b", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-07-09 20:04:16 authQuery: { - "$or": [ - { - "_id": "59627020bd5b289911a3096b" - } - ] -} -2017-07-09 20:04:16 ERROR remove user failed for finalQuery: { - "_id": "583291a1638566b3c5a92ca1", - "$or": [ - { - "_id": "59627020bd5b289911a3096b" - } - ] -} -2017-07-09 20:04:16 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tmeasday", role: "editor", id: "59627020bd5b289911a3096b", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59627020bd5b289911a3096b", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 20:04:16 authQuery: { - "$or": [ - { - "authorId": "59627020bd5b289911a3096b" - } - ] -} -2017-07-09 20:04:16 inserted tweet 59627020bd5b289911a3096c. -2017-07-09 20:04:16 pubsub tweetInserted readOne with user tmeasday is authorized -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tmeasday", role: "editor", id: "59627020bd5b289911a3096b", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 20:04:16 authQuery: { - "$or": [ - { - "authorId": "59627020bd5b289911a3096b" - } - ] -} -2017-07-09 20:04:16 ERROR Not authorized to insert tweet -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tmeasday", role: "editor", id: "59627020bd5b289911a3096b", -Operation: "", variables: "", -Query: -{ - tweet(id: "59627020bd5b289911a3096c") { - author { - id - } - body - } -} - -2017-07-09 20:04:16 tweet readOne with user tmeasday is authorized -2017-07-09 20:04:16 authQuery: { - "$or": [ - { - "_id": "59627020bd5b289911a3096b" - } - ] -} -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tmeasday", role: "editor", id: "59627020bd5b289911a3096b", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 20:04:16 tweet readOne with user tmeasday is authorized -2017-07-09 20:04:16 authQuery: { - "$or": [ - { - "_id": "59627020bd5b289911a3096b" - } - ] -} -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tmeasday", role: "editor", id: "59627020bd5b289911a3096b", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59627020bd5b289911a3096c", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:04:16 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized -2017-07-09 20:04:16 authQuery: { - "$or": [ - { - "authorId": "59627020bd5b289911a3096b" - }, - { - "coauthorsIds": "59627020bd5b289911a3096b" - } - ] -} -2017-07-09 20:04:16 updated tweet 59627020bd5b289911a3096c. -2017-07-09 20:04:16 pubsub tweetUpdated readOne with user tmeasday is authorized -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tmeasday", role: "editor", id: "59627020bd5b289911a3096b", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:04:16 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized -2017-07-09 20:04:16 authQuery: { - "$or": [ - { - "authorId": "59627020bd5b289911a3096b" - }, - { - "coauthorsIds": "59627020bd5b289911a3096b" - } - ] -} -2017-07-09 20:04:16 ERROR Not authorized to update tweet -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tmeasday", role: "editor", id: "59627020bd5b289911a3096b", -Operation: "", variables: "", -Query: -{ - tweet(id: "59627020bd5b289911a3096c") { - body - } -} - -2017-07-09 20:04:16 tweet readOne with user tmeasday is authorized -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tmeasday", role: "editor", id: "59627020bd5b289911a3096b", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59627020bd5b289911a3096c") -} - -2017-07-09 20:04:16 authQuery: { - "$or": [ - { - "authorId": "59627020bd5b289911a3096b" - } - ] -} -2017-07-09 20:04:16 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized -2017-07-09 20:04:16 removed tweet 59627020bd5b289911a3096c. -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tmeasday", role: "editor", id: "59627020bd5b289911a3096b", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-07-09 20:04:16 authQuery: { - "$or": [ - { - "authorId": "59627020bd5b289911a3096b" - } - ] -} -2017-07-09 20:04:16 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized -2017-07-09 20:04:16 ERROR remove tweet failed for finalQuery: { - "_id": "583676d3618530145474e352", - "$or": [ - { - "authorId": "59627020bd5b289911a3096b" - } - ] -} -2017-07-09 20:04:16 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tmeasday", role: "editor", id: "59627020bd5b289911a3096b", -Operation: "", variables: "", -Query: -{ - tweet(id: "59627020bd5b289911a3096c") { - body - } -} - -2017-07-09 20:04:16 tweet readOne with user tmeasday is authorized -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "tmeasday", role: "editor", id: "59627020bd5b289911a3096b", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59627020bd5b289911a3096b") -} - -2017-07-09 20:04:16 authQuery: { - "$or": [ - { - "_id": "59627020bd5b289911a3096b" - } - ] -} -2017-07-09 20:04:16 removed user 59627020bd5b289911a3096b. -2017-07-09 20:04:16 -------------------------------------------------------------------------------- -2017-07-09 20:04:16 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59627020bd5b289911a3096b") { - username - bio - role - } -} - -2017-07-09 20:04:16 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 20:05:52 Logger started -2017-07-09 20:28:15 Logger started -2017-07-09 20:29:12 Logger started -2017-07-09 20:30:13 Logger started -2017-07-09 20:30:34 -------------------------------------------------------------------------------- -2017-07-09 20:30:34 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - role - username - } -} - -2017-07-09 20:30:45 user readOne with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - role - username - } -} - -2017-07-09 20:30:45 user readOne with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca2") { - role - username - } -} - -2017-07-09 20:30:45 user readOne with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - id - username - bio - } -} - -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users { - username - createdAt - } -} - -2017-07-09 20:30:45 users readMany with user stubailo is authorized -2017-07-09 20:30:45 user readOne with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(limit: 1) { - username - createdAt - } -} - -2017-07-09 20:30:45 users readMany with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993) { - username - createdAt - } -} - -2017-07-09 20:30:45 users readMany with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } -} - -2017-07-09 20:30:45 users readMany with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers { - username - createdAt - } - } -} - -2017-07-09 20:30:45 user readOne with user stubailo is authorized -2017-07-09 20:30:45 followers readMany with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:30:45 user readOne with user stubailo is authorized -2017-07-09 20:30:45 followers readMany with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-07-09 20:30:45 user readOne with user stubailo is authorized -2017-07-09 20:30:45 followers readMany with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:30:45 user readOne with user stubailo is authorized -2017-07-09 20:30:45 followers readMany with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following { - username - createdAt - } - } -} - -2017-07-09 20:30:45 user readOne with user stubailo is authorized -2017-07-09 20:30:45 following readMany with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:30:45 user readOne with user stubailo is authorized -2017-07-09 20:30:45 following readMany with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-07-09 20:30:45 user readOne with user stubailo is authorized -2017-07-09 20:30:45 following readMany with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:30:45 user readOne with user stubailo is authorized -2017-07-09 20:30:45 following readMany with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets { - id - createdAt - } - } -} - -2017-07-09 20:30:45 user readOne with user stubailo is authorized -2017-07-09 20:30:45 tweets readMany with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(limit: 1) { - id - createdAt - } - } -} - -2017-07-09 20:30:45 user readOne with user stubailo is authorized -2017-07-09 20:30:45 tweets readMany with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } - } -} - -2017-07-09 20:30:45 user readOne with user stubailo is authorized -2017-07-09 20:30:45 tweets readMany with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } - } -} - -2017-07-09 20:30:45 user readOne with user stubailo is authorized -2017-07-09 20:30:45 tweets readMany with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked { - id - createdAt - } - } -} - -2017-07-09 20:30:45 user readOne with user stubailo is authorized -2017-07-09 20:30:45 liked readMany with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(limit: 1) { - id - createdAt - } - } -} - -2017-07-09 20:30:45 user readOne with user stubailo is authorized -2017-07-09 20:30:45 liked readMany with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334) { - id - createdAt - } - } -} - -2017-07-09 20:30:45 user readOne with user stubailo is authorized -2017-07-09 20:30:45 liked readMany with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334, limit: 1) { - id - createdAt - } - } -} - -2017-07-09 20:30:45 user readOne with user stubailo is authorized -2017-07-09 20:30:45 liked readMany with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - id - body - } -} - -2017-07-09 20:30:45 tweet readOne with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - author { - username - } - } -} - -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets { - id - createdAt - } -} - -2017-07-09 20:30:45 tweets readMany with user stubailo is authorized -2017-07-09 20:30:45 tweet readOne with user stubailo is authorized -2017-07-09 20:30:45 author readOne with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(limit: 1) { - id - createdAt - } -} - -2017-07-09 20:30:45 tweets readMany with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } -} - -2017-07-09 20:30:45 tweets readMany with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } -} - -2017-07-09 20:30:45 tweets readMany with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers { - username - createdAt - } - } -} - -2017-07-09 20:30:45 tweet readOne with user stubailo is authorized -2017-07-09 20:30:45 likers readMany with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:30:45 tweet readOne with user stubailo is authorized -2017-07-09 20:30:45 likers readMany with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993) { - username - createdAt - } - } -} - -2017-07-09 20:30:45 tweet readOne with user stubailo is authorized -2017-07-09 20:30:45 likers readMany with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:30:45 tweet readOne with user stubailo is authorized -2017-07-09 20:30:45 likers readMany with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { - id - role - } -} - -2017-07-09 20:30:45 insert user create with user stubailo is authorized -2017-07-09 20:30:45 inserted user 59627655ba519d9b0eb890f9. -2017-07-09 20:30:45 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-07-09 20:30:45 insert user create with user tobkle is authorized -2017-07-09 20:30:45 inserted user 59627655ba519d9b0eb890fa. -2017-07-09 20:30:45 pubsub userInserted readOne with user tobkle is authorized -2017-07-09 20:30:45 -------------------------------------------------------------------------------- -2017-07-09 20:30:45 Request: -User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", -Operation: "", variables: "", -Query: -{ - user(id: "59627655ba519d9b0eb890fa") { - username - bio - role - } -} - -2017-07-09 20:30:45 user readOne with user tobkle is authorized -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", -Operation: "", variables: "", -Query: -{ - user(id: "59627655ba519d9b0eb890f9") { - username - role - } -} - -2017-07-09 20:30:46 user readOne with user tobkle is authorized -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59627655ba519d9b0eb890fa", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-07-09 20:30:46 update user update with user tobkle is authorized -2017-07-09 20:30:46 updated user 59627655ba519d9b0eb890fa. -2017-07-09 20:30:46 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59627655ba519d9b0eb890f9", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:30:46 update user update with user tobkle is authorized -2017-07-09 20:30:46 updated user 59627655ba519d9b0eb890f9. -2017-07-09 20:30:46 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59627655ba519d9b0eb890fa", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:30:46 update user update with user tobkle is authorized -2017-07-09 20:30:46 updated user 59627655ba519d9b0eb890fa. -2017-07-09 20:30:46 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59627655ba519d9b0eb890f9", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-07-09 20:30:46 update user update with user tobkle is authorized -2017-07-09 20:30:46 updated user 59627655ba519d9b0eb890f9. -2017-07-09 20:30:46 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "editor", id: "59627655ba519d9b0eb890f9", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59627655ba519d9b0eb890f9", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "_id": "59627655ba519d9b0eb890f9" - } - ] -} -2017-07-09 20:30:46 ERROR Not authorized to update field "role" -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "zoltan", role: "admin", id: "59627655ba519d9b0eb890fa", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59627655ba519d9b0eb890f9", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:30:46 update user update with user zoltan is authorized -2017-07-09 20:30:46 updated user 59627655ba519d9b0eb890f9. -2017-07-09 20:30:46 pubsub userUpdated readOne with user zoltan is authorized -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59627655ba519d9b0eb890fa") -} - -2017-07-09 20:30:46 removeUser delete with user tobkle is authorized -2017-07-09 20:30:46 removed user 59627655ba519d9b0eb890fa. -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59627655ba519d9b0eb890f9", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 20:30:46 insert tweet create with user tobkle is authorized -2017-07-09 20:30:46 inserted tweet 59627656ba519d9b0eb890fb. -2017-07-09 20:30:46 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 20:30:46 insert tweet create with user tobkle is authorized -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", -Operation: "", variables: "", -Query: -{ - tweet(id: "59627656ba519d9b0eb890fb") { - author { - id - } - body - } -} - -2017-07-09 20:30:46 tweet readOne with user tobkle is authorized -2017-07-09 20:30:46 inserted tweet 59627656ba519d9b0eb890fc. -2017-07-09 20:30:46 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 20:30:46 author readOne with user tobkle is authorized -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 20:30:46 tweet readOne with user tobkle is authorized -2017-07-09 20:30:46 author readOne with user tobkle is authorized -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59627656ba519d9b0eb890fb", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:30:46 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 20:30:46 update tweet update with user tobkle is authorized -2017-07-09 20:30:46 updated tweet 59627656ba519d9b0eb890fb. -2017-07-09 20:30:46 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59627656ba519d9b0eb890fc", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:30:46 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 20:30:46 update tweet update with user tobkle is authorized -2017-07-09 20:30:46 updated tweet 59627656ba519d9b0eb890fc. -2017-07-09 20:30:46 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", -Operation: "", variables: "", -Query: -{ - tweet(id: "59627656ba519d9b0eb890fb") { - body - } -} - -2017-07-09 20:30:46 tweet readOne with user tobkle is authorized -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59627656ba519d9b0eb890fb") -} - -2017-07-09 20:30:46 removeTweet delete with user tobkle is authorized -2017-07-09 20:30:46 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 20:30:46 removed tweet 59627656ba519d9b0eb890fb. -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59627656ba519d9b0eb890fc") -} - -2017-07-09 20:30:46 removeTweet delete with user tobkle is authorized -2017-07-09 20:30:46 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 20:30:46 removed tweet 59627656ba519d9b0eb890fc. -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", -Operation: "", variables: "", -Query: -{ - tweet(id: "59627656ba519d9b0eb890fb") { - body - } -} - -2017-07-09 20:30:46 tweet readOne with user tobkle is authorized -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "admin", id: "59627655ba519d9b0eb890f9", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59627655ba519d9b0eb890f9") -} - -2017-07-09 20:30:46 removeUser delete with user tobkle is authorized -2017-07-09 20:30:46 removed user 59627655ba519d9b0eb890f9. -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59627655ba519d9b0eb890f9") { - username - bio - role - } -} - -2017-07-09 20:30:46 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-07-09 20:30:46 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-07-09 20:30:46 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:30:46 ERROR Authorization: Not authorized to update in update user. -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-07-09 20:30:46 ERROR Authorization: Not authorized to delete in removeUser. -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 20:30:46 ERROR Authorization: Not authorized to create in insert tweet. -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 20:30:46 tweet readOne with user is authorized -2017-07-09 20:30:46 ERROR Authorization: Not authorized to readOne in author. -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:30:46 tweet getOneById in updateById for docBefore readOne with user is authorized -2017-07-09 20:30:46 ERROR Authorization: Not authorized to update in update tweet. -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:30:46 tweet getOneById in updateById for docBefore readOne with user is authorized -2017-07-09 20:30:46 ERROR Authorization: Not authorized to update in update tweet. -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-07-09 20:30:46 ERROR Authorization: Not authorized to delete in removeTweet. -2017-07-09 20:30:46 tweet getOneById in removeById for docBefore readOne with user is authorized -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { - id - role - } -} - -2017-07-09 20:30:46 insert user create with user stubailo is authorized -2017-07-09 20:30:46 inserted user 59627656ba519d9b0eb890fd. -2017-07-09 20:30:46 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-07-09 20:30:46 authQuery: { - "$or": [] -} -2017-07-09 20:30:46 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "_id": "59627656ba519d9b0eb890fd" - } - ] -} -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", -Operation: "", variables: "", -Query: -{ - user(id: "59627656ba519d9b0eb890fd") { - username - } -} - -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "_id": "59627656ba519d9b0eb890fd" - } - ] -} -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", -Operation: "", variables: "", -Query: -{ - user(id: "59627656ba519d9b0eb890fd") { - username - role - } -} - -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "_id": "59627656ba519d9b0eb890fd" - } - ] -} -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "_id": "59627656ba519d9b0eb890fd" - } - ] -} -2017-07-09 20:30:46 ERROR Not authorized to update user -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59627656ba519d9b0eb890fd", input: {username: "tobkle", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "_id": "59627656ba519d9b0eb890fd" - } - ] -} -2017-07-09 20:30:46 updated user 59627656ba519d9b0eb890fd. -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "_id": "59627656ba519d9b0eb890fd" - } - ] -} -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59627656ba519d9b0eb890fd", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "_id": "59627656ba519d9b0eb890fd" - } - ] -} -2017-07-09 20:30:46 ERROR Not authorized to update field "role" -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "_id": "59627656ba519d9b0eb890fd" - } - ] -} -2017-07-09 20:30:46 ERROR remove user failed for finalQuery: { - "_id": "583291a1638566b3c5a92ca1", - "$or": [ - { - "_id": "59627656ba519d9b0eb890fd" - } - ] -} -2017-07-09 20:30:46 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59627656ba519d9b0eb890fd", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "authorId": "59627656ba519d9b0eb890fd" - } - ] -} -2017-07-09 20:30:46 inserted tweet 59627656ba519d9b0eb890fe. -2017-07-09 20:30:46 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "authorId": "59627656ba519d9b0eb890fd" - } - ] -} -2017-07-09 20:30:46 ERROR Not authorized to insert tweet -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", -Operation: "", variables: "", -Query: -{ - tweet(id: "59627656ba519d9b0eb890fe") { - author { - id - } - body - } -} - -2017-07-09 20:30:46 tweet readOne with user tobkle is authorized -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "_id": "59627656ba519d9b0eb890fd" - } - ] -} -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 20:30:46 tweet readOne with user tobkle is authorized -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "_id": "59627656ba519d9b0eb890fd" - } - ] -} -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59627656ba519d9b0eb890fe", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:30:46 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "authorId": "59627656ba519d9b0eb890fd" - }, - { - "coauthorsIds": "59627656ba519d9b0eb890fd" - } - ] -} -2017-07-09 20:30:46 updated tweet 59627656ba519d9b0eb890fe. -2017-07-09 20:30:46 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:30:46 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "authorId": "59627656ba519d9b0eb890fd" - }, - { - "coauthorsIds": "59627656ba519d9b0eb890fd" - } - ] -} -2017-07-09 20:30:46 ERROR Not authorized to update tweet -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", -Operation: "", variables: "", -Query: -{ - tweet(id: "59627656ba519d9b0eb890fe") { - body - } -} - -2017-07-09 20:30:46 tweet readOne with user tobkle is authorized -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59627656ba519d9b0eb890fe") -} - -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "authorId": "59627656ba519d9b0eb890fd" - } - ] -} -2017-07-09 20:30:46 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 20:30:46 removed tweet 59627656ba519d9b0eb890fe. -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "authorId": "59627656ba519d9b0eb890fd" - } - ] -} -2017-07-09 20:30:46 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 20:30:46 ERROR remove tweet failed for finalQuery: { - "_id": "583676d3618530145474e352", - "$or": [ - { - "authorId": "59627656ba519d9b0eb890fd" - } - ] -} -2017-07-09 20:30:46 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", -Operation: "", variables: "", -Query: -{ - tweet(id: "59627656ba519d9b0eb890fe") { - body - } -} - -2017-07-09 20:30:46 tweet readOne with user tobkle is authorized -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "user", id: "59627656ba519d9b0eb890fd", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59627656ba519d9b0eb890fd") -} - -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "_id": "59627656ba519d9b0eb890fd" - } - ] -} -2017-07-09 20:30:46 removed user 59627656ba519d9b0eb890fd. -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59627656ba519d9b0eb890fd") { - username - bio - role - } -} - -2017-07-09 20:30:46 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { - id - role - } -} - -2017-07-09 20:30:46 insert user create with user stubailo is authorized -2017-07-09 20:30:46 inserted user 59627656ba519d9b0eb890ff. -2017-07-09 20:30:46 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "editor", id: "59627656ba519d9b0eb890ff", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-07-09 20:30:46 authQuery: { - "$or": [] -} -2017-07-09 20:30:46 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "editor", id: "59627656ba519d9b0eb890ff", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "_id": "59627656ba519d9b0eb890ff" - } - ] -} -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "editor", id: "59627656ba519d9b0eb890ff", -Operation: "", variables: "", -Query: -{ - user(id: "59627656ba519d9b0eb890ff") { - username - role - } -} - -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "_id": "59627656ba519d9b0eb890ff" - } - ] -} -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "editor", id: "59627656ba519d9b0eb890ff", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "_id": "59627656ba519d9b0eb890ff" - } - ] -} -2017-07-09 20:30:46 ERROR Not authorized to update user -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tobkle", role: "editor", id: "59627656ba519d9b0eb890ff", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59627656ba519d9b0eb890ff", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "_id": "59627656ba519d9b0eb890ff" - } - ] -} -2017-07-09 20:30:46 updated user 59627656ba519d9b0eb890ff. -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "_id": "59627656ba519d9b0eb890ff" - } - ] -} -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tmeasday", role: "editor", id: "59627656ba519d9b0eb890ff", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59627656ba519d9b0eb890ff", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "_id": "59627656ba519d9b0eb890ff" - } - ] -} -2017-07-09 20:30:46 ERROR Not authorized to update field "role" -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tmeasday", role: "editor", id: "59627656ba519d9b0eb890ff", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "_id": "59627656ba519d9b0eb890ff" - } - ] -} -2017-07-09 20:30:46 ERROR remove user failed for finalQuery: { - "_id": "583291a1638566b3c5a92ca1", - "$or": [ - { - "_id": "59627656ba519d9b0eb890ff" - } - ] -} -2017-07-09 20:30:46 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tmeasday", role: "editor", id: "59627656ba519d9b0eb890ff", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59627656ba519d9b0eb890ff", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "authorId": "59627656ba519d9b0eb890ff" - } - ] -} -2017-07-09 20:30:46 inserted tweet 59627656ba519d9b0eb89100. -2017-07-09 20:30:46 pubsub tweetInserted readOne with user tmeasday is authorized -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tmeasday", role: "editor", id: "59627656ba519d9b0eb890ff", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "authorId": "59627656ba519d9b0eb890ff" - } - ] -} -2017-07-09 20:30:46 ERROR Not authorized to insert tweet -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tmeasday", role: "editor", id: "59627656ba519d9b0eb890ff", -Operation: "", variables: "", -Query: -{ - tweet(id: "59627656ba519d9b0eb89100") { - author { - id - } - body - } -} - -2017-07-09 20:30:46 tweet readOne with user tmeasday is authorized -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "_id": "59627656ba519d9b0eb890ff" - } - ] -} -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tmeasday", role: "editor", id: "59627656ba519d9b0eb890ff", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 20:30:46 tweet readOne with user tmeasday is authorized -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "_id": "59627656ba519d9b0eb890ff" - } - ] -} -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tmeasday", role: "editor", id: "59627656ba519d9b0eb890ff", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59627656ba519d9b0eb89100", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:30:46 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "authorId": "59627656ba519d9b0eb890ff" - }, - { - "coauthorsIds": "59627656ba519d9b0eb890ff" - } - ] -} -2017-07-09 20:30:46 updated tweet 59627656ba519d9b0eb89100. -2017-07-09 20:30:46 pubsub tweetUpdated readOne with user tmeasday is authorized -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tmeasday", role: "editor", id: "59627656ba519d9b0eb890ff", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:30:46 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "authorId": "59627656ba519d9b0eb890ff" - }, - { - "coauthorsIds": "59627656ba519d9b0eb890ff" - } - ] -} -2017-07-09 20:30:46 ERROR Not authorized to update tweet -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tmeasday", role: "editor", id: "59627656ba519d9b0eb890ff", -Operation: "", variables: "", -Query: -{ - tweet(id: "59627656ba519d9b0eb89100") { - body - } -} - -2017-07-09 20:30:46 tweet readOne with user tmeasday is authorized -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tmeasday", role: "editor", id: "59627656ba519d9b0eb890ff", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59627656ba519d9b0eb89100") -} - -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "authorId": "59627656ba519d9b0eb890ff" - } - ] -} -2017-07-09 20:30:46 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized -2017-07-09 20:30:46 removed tweet 59627656ba519d9b0eb89100. -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tmeasday", role: "editor", id: "59627656ba519d9b0eb890ff", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "authorId": "59627656ba519d9b0eb890ff" - } - ] -} -2017-07-09 20:30:46 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized -2017-07-09 20:30:46 ERROR remove tweet failed for finalQuery: { - "_id": "583676d3618530145474e352", - "$or": [ - { - "authorId": "59627656ba519d9b0eb890ff" - } - ] -} -2017-07-09 20:30:46 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tmeasday", role: "editor", id: "59627656ba519d9b0eb890ff", -Operation: "", variables: "", -Query: -{ - tweet(id: "59627656ba519d9b0eb89100") { - body - } -} - -2017-07-09 20:30:46 tweet readOne with user tmeasday is authorized -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "tmeasday", role: "editor", id: "59627656ba519d9b0eb890ff", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59627656ba519d9b0eb890ff") -} - -2017-07-09 20:30:46 authQuery: { - "$or": [ - { - "_id": "59627656ba519d9b0eb890ff" - } - ] -} -2017-07-09 20:30:46 removed user 59627656ba519d9b0eb890ff. -2017-07-09 20:30:46 -------------------------------------------------------------------------------- -2017-07-09 20:30:46 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59627656ba519d9b0eb890ff") { - username - bio - role - } -} - -2017-07-09 20:30:46 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 20:32:30 Logger started -2017-07-09 20:33:01 Logger started -2017-07-09 20:33:14 -------------------------------------------------------------------------------- -2017-07-09 20:33:14 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - role - username - } -} - -2017-07-09 20:33:25 user readOne with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - role - username - } -} - -2017-07-09 20:33:25 user readOne with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca2") { - role - username - } -} - -2017-07-09 20:33:25 user readOne with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - id - username - bio - } -} - -2017-07-09 20:33:25 user readOne with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users { - username - createdAt - } -} - -2017-07-09 20:33:25 users readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(limit: 1) { - username - createdAt - } -} - -2017-07-09 20:33:25 users readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993) { - username - createdAt - } -} - -2017-07-09 20:33:25 users readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } -} - -2017-07-09 20:33:25 users readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers { - username - createdAt - } - } -} - -2017-07-09 20:33:25 user readOne with user stubailo is authorized -2017-07-09 20:33:25 followers readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:33:25 user readOne with user stubailo is authorized -2017-07-09 20:33:25 followers readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-07-09 20:33:25 user readOne with user stubailo is authorized -2017-07-09 20:33:25 followers readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:33:25 user readOne with user stubailo is authorized -2017-07-09 20:33:25 followers readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following { - username - createdAt - } - } -} - -2017-07-09 20:33:25 user readOne with user stubailo is authorized -2017-07-09 20:33:25 following readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:33:25 user readOne with user stubailo is authorized -2017-07-09 20:33:25 following readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-07-09 20:33:25 user readOne with user stubailo is authorized -2017-07-09 20:33:25 following readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:33:25 user readOne with user stubailo is authorized -2017-07-09 20:33:25 following readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets { - id - createdAt - } - } -} - -2017-07-09 20:33:25 user readOne with user stubailo is authorized -2017-07-09 20:33:25 tweets readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(limit: 1) { - id - createdAt - } - } -} - -2017-07-09 20:33:25 user readOne with user stubailo is authorized -2017-07-09 20:33:25 tweets readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } - } -} - -2017-07-09 20:33:25 user readOne with user stubailo is authorized -2017-07-09 20:33:25 tweets readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } - } -} - -2017-07-09 20:33:25 user readOne with user stubailo is authorized -2017-07-09 20:33:25 tweets readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked { - id - createdAt - } - } -} - -2017-07-09 20:33:25 user readOne with user stubailo is authorized -2017-07-09 20:33:25 liked readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(limit: 1) { - id - createdAt - } - } -} - -2017-07-09 20:33:25 user readOne with user stubailo is authorized -2017-07-09 20:33:25 liked readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334) { - id - createdAt - } - } -} - -2017-07-09 20:33:25 user readOne with user stubailo is authorized -2017-07-09 20:33:25 liked readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334, limit: 1) { - id - createdAt - } - } -} - -2017-07-09 20:33:25 user readOne with user stubailo is authorized -2017-07-09 20:33:25 liked readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - author { - username - } - } -} - -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - id - body - } -} - -2017-07-09 20:33:25 tweet readOne with user stubailo is authorized -2017-07-09 20:33:25 tweet readOne with user stubailo is authorized -2017-07-09 20:33:25 author readOne with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets { - id - createdAt - } -} - -2017-07-09 20:33:25 tweets readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(limit: 1) { - id - createdAt - } -} - -2017-07-09 20:33:25 tweets readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } -} - -2017-07-09 20:33:25 tweets readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } -} - -2017-07-09 20:33:25 tweets readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers { - username - createdAt - } - } -} - -2017-07-09 20:33:25 tweet readOne with user stubailo is authorized -2017-07-09 20:33:25 likers readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:33:25 tweet readOne with user stubailo is authorized -2017-07-09 20:33:25 likers readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993) { - username - createdAt - } - } -} - -2017-07-09 20:33:25 tweet readOne with user stubailo is authorized -2017-07-09 20:33:25 likers readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:33:25 tweet readOne with user stubailo is authorized -2017-07-09 20:33:25 likers readMany with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { - id - role - } -} - -2017-07-09 20:33:25 insert user create with user stubailo is authorized -2017-07-09 20:33:25 inserted user 596276f59bce489b8e6d4df3. -2017-07-09 20:33:25 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-07-09 20:33:25 insert user create with user tobkle is authorized -2017-07-09 20:33:25 inserted user 596276f59bce489b8e6d4df4. -2017-07-09 20:33:25 pubsub userInserted readOne with user tobkle is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", -Operation: "", variables: "", -Query: -{ - user(id: "596276f59bce489b8e6d4df4") { - username - bio - role - } -} - -2017-07-09 20:33:25 user readOne with user tobkle is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", -Operation: "", variables: "", -Query: -{ - user(id: "596276f59bce489b8e6d4df3") { - username - role - } -} - -2017-07-09 20:33:25 user readOne with user tobkle is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596276f59bce489b8e6d4df4", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-07-09 20:33:25 update user update with user tobkle is authorized -2017-07-09 20:33:25 updated user 596276f59bce489b8e6d4df4. -2017-07-09 20:33:25 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596276f59bce489b8e6d4df3", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:33:25 update user update with user tobkle is authorized -2017-07-09 20:33:25 updated user 596276f59bce489b8e6d4df3. -2017-07-09 20:33:25 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596276f59bce489b8e6d4df4", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:33:25 update user update with user tobkle is authorized -2017-07-09 20:33:25 updated user 596276f59bce489b8e6d4df4. -2017-07-09 20:33:25 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596276f59bce489b8e6d4df3", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-07-09 20:33:25 update user update with user tobkle is authorized -2017-07-09 20:33:25 updated user 596276f59bce489b8e6d4df3. -2017-07-09 20:33:25 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "tobkle", role: "editor", id: "596276f59bce489b8e6d4df3", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596276f59bce489b8e6d4df3", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:33:25 authQuery: { - "$or": [ - { - "_id": "596276f59bce489b8e6d4df3" - } - ] -} -2017-07-09 20:33:25 ERROR Not authorized to update field "role" -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "zoltan", role: "admin", id: "596276f59bce489b8e6d4df4", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596276f59bce489b8e6d4df3", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:33:25 update user update with user zoltan is authorized -2017-07-09 20:33:25 updated user 596276f59bce489b8e6d4df3. -2017-07-09 20:33:25 pubsub userUpdated readOne with user zoltan is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "596276f59bce489b8e6d4df4") -} - -2017-07-09 20:33:25 removeUser delete with user tobkle is authorized -2017-07-09 20:33:25 removed user 596276f59bce489b8e6d4df4. -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "596276f59bce489b8e6d4df3", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 20:33:25 insert tweet create with user tobkle is authorized -2017-07-09 20:33:25 inserted tweet 596276f59bce489b8e6d4df5. -2017-07-09 20:33:25 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 20:33:25 insert tweet create with user tobkle is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", -Operation: "", variables: "", -Query: -{ - tweet(id: "596276f59bce489b8e6d4df5") { - author { - id - } - body - } -} - -2017-07-09 20:33:25 tweet readOne with user tobkle is authorized -2017-07-09 20:33:25 inserted tweet 596276f59bce489b8e6d4df6. -2017-07-09 20:33:25 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 20:33:25 author readOne with user tobkle is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 20:33:25 tweet readOne with user tobkle is authorized -2017-07-09 20:33:25 author readOne with user tobkle is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "596276f59bce489b8e6d4df5", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:33:25 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 20:33:25 update tweet update with user tobkle is authorized -2017-07-09 20:33:25 updated tweet 596276f59bce489b8e6d4df5. -2017-07-09 20:33:25 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "596276f59bce489b8e6d4df6", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:33:25 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 20:33:25 update tweet update with user tobkle is authorized -2017-07-09 20:33:25 updated tweet 596276f59bce489b8e6d4df6. -2017-07-09 20:33:25 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", -Operation: "", variables: "", -Query: -{ - tweet(id: "596276f59bce489b8e6d4df5") { - body - } -} - -2017-07-09 20:33:25 tweet readOne with user tobkle is authorized -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "596276f59bce489b8e6d4df5") -} - -2017-07-09 20:33:25 removeTweet delete with user tobkle is authorized -2017-07-09 20:33:25 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 20:33:25 removed tweet 596276f59bce489b8e6d4df5. -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "596276f59bce489b8e6d4df6") -} - -2017-07-09 20:33:25 removeTweet delete with user tobkle is authorized -2017-07-09 20:33:25 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 20:33:25 removed tweet 596276f59bce489b8e6d4df6. -2017-07-09 20:33:25 -------------------------------------------------------------------------------- -2017-07-09 20:33:25 Request: -User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", -Operation: "", variables: "", -Query: -{ - tweet(id: "596276f59bce489b8e6d4df5") { - body - } -} - -2017-07-09 20:33:25 tweet readOne with user tobkle is authorized -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tobkle", role: "admin", id: "596276f59bce489b8e6d4df3", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "596276f59bce489b8e6d4df3") -} - -2017-07-09 20:33:26 removeUser delete with user tobkle is authorized -2017-07-09 20:33:26 removed user 596276f59bce489b8e6d4df3. -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "596276f59bce489b8e6d4df3") { - username - bio - role - } -} - -2017-07-09 20:33:26 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-07-09 20:33:26 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-07-09 20:33:26 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:33:26 ERROR Authorization: Not authorized to update in update user. -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-07-09 20:33:26 ERROR Authorization: Not authorized to delete in removeUser. -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 20:33:26 ERROR Authorization: Not authorized to create in insert tweet. -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 20:33:26 tweet readOne with user is authorized -2017-07-09 20:33:26 ERROR Authorization: Not authorized to readOne in author. -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:33:26 tweet getOneById in updateById for docBefore readOne with user is authorized -2017-07-09 20:33:26 ERROR Authorization: Not authorized to update in update tweet. -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:33:26 tweet getOneById in updateById for docBefore readOne with user is authorized -2017-07-09 20:33:26 ERROR Authorization: Not authorized to update in update tweet. -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-07-09 20:33:26 ERROR Authorization: Not authorized to delete in removeTweet. -2017-07-09 20:33:26 tweet getOneById in removeById for docBefore readOne with user is authorized -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { - id - role - } -} - -2017-07-09 20:33:26 insert user create with user stubailo is authorized -2017-07-09 20:33:26 inserted user 596276f69bce489b8e6d4df7. -2017-07-09 20:33:26 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-07-09 20:33:26 authQuery: { - "$or": [] -} -2017-07-09 20:33:26 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "_id": "596276f69bce489b8e6d4df7" - } - ] -} -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", -Operation: "", variables: "", -Query: -{ - user(id: "596276f69bce489b8e6d4df7") { - username - } -} - -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "_id": "596276f69bce489b8e6d4df7" - } - ] -} -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", -Operation: "", variables: "", -Query: -{ - user(id: "596276f69bce489b8e6d4df7") { - username - role - } -} - -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "_id": "596276f69bce489b8e6d4df7" - } - ] -} -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "_id": "596276f69bce489b8e6d4df7" - } - ] -} -2017-07-09 20:33:26 ERROR Not authorized to update field "role" -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596276f69bce489b8e6d4df7", input: {username: "tobkle", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "_id": "596276f69bce489b8e6d4df7" - } - ] -} -2017-07-09 20:33:26 updated user 596276f69bce489b8e6d4df7. -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "_id": "596276f69bce489b8e6d4df7" - } - ] -} -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596276f69bce489b8e6d4df7", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "_id": "596276f69bce489b8e6d4df7" - } - ] -} -2017-07-09 20:33:26 ERROR Not authorized to update field "role" -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "_id": "596276f69bce489b8e6d4df7" - } - ] -} -2017-07-09 20:33:26 ERROR remove user failed for finalQuery: { - "_id": "583291a1638566b3c5a92ca1", - "$or": [ - { - "_id": "596276f69bce489b8e6d4df7" - } - ] -} -2017-07-09 20:33:26 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "596276f69bce489b8e6d4df7", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "authorId": "596276f69bce489b8e6d4df7" - } - ] -} -2017-07-09 20:33:26 inserted tweet 596276f69bce489b8e6d4df8. -2017-07-09 20:33:26 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "authorId": "596276f69bce489b8e6d4df7" - } - ] -} -2017-07-09 20:33:26 ERROR Not authorized to insert tweet -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", -Operation: "", variables: "", -Query: -{ - tweet(id: "596276f69bce489b8e6d4df8") { - author { - id - } - body - } -} - -2017-07-09 20:33:26 tweet readOne with user tobkle is authorized -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "_id": "596276f69bce489b8e6d4df7" - } - ] -} -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 20:33:26 tweet readOne with user tobkle is authorized -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "_id": "596276f69bce489b8e6d4df7" - } - ] -} -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "596276f69bce489b8e6d4df8", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:33:26 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "authorId": "596276f69bce489b8e6d4df7" - }, - { - "coauthorsIds": "596276f69bce489b8e6d4df7" - } - ] -} -2017-07-09 20:33:26 updated tweet 596276f69bce489b8e6d4df8. -2017-07-09 20:33:26 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:33:26 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "authorId": "596276f69bce489b8e6d4df7" - }, - { - "coauthorsIds": "596276f69bce489b8e6d4df7" - } - ] -} -2017-07-09 20:33:26 ERROR Not authorized to update tweet -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", -Operation: "", variables: "", -Query: -{ - tweet(id: "596276f69bce489b8e6d4df8") { - body - } -} - -2017-07-09 20:33:26 tweet readOne with user tobkle is authorized -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "596276f69bce489b8e6d4df8") -} - -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "authorId": "596276f69bce489b8e6d4df7" - } - ] -} -2017-07-09 20:33:26 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 20:33:26 removed tweet 596276f69bce489b8e6d4df8. -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "authorId": "596276f69bce489b8e6d4df7" - } - ] -} -2017-07-09 20:33:26 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 20:33:26 ERROR remove tweet failed for finalQuery: { - "_id": "583676d3618530145474e352", - "$or": [ - { - "authorId": "596276f69bce489b8e6d4df7" - } - ] -} -2017-07-09 20:33:26 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", -Operation: "", variables: "", -Query: -{ - tweet(id: "596276f69bce489b8e6d4df8") { - body - } -} - -2017-07-09 20:33:26 tweet readOne with user tobkle is authorized -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tobkle", role: "user", id: "596276f69bce489b8e6d4df7", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "596276f69bce489b8e6d4df7") -} - -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "_id": "596276f69bce489b8e6d4df7" - } - ] -} -2017-07-09 20:33:26 removed user 596276f69bce489b8e6d4df7. -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "596276f69bce489b8e6d4df7") { - username - bio - role - } -} - -2017-07-09 20:33:26 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { - id - role - } -} - -2017-07-09 20:33:26 insert user create with user stubailo is authorized -2017-07-09 20:33:26 inserted user 596276f69bce489b8e6d4df9. -2017-07-09 20:33:26 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tobkle", role: "editor", id: "596276f69bce489b8e6d4df9", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-07-09 20:33:26 authQuery: { - "$or": [] -} -2017-07-09 20:33:26 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tobkle", role: "editor", id: "596276f69bce489b8e6d4df9", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "_id": "596276f69bce489b8e6d4df9" - } - ] -} -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tobkle", role: "editor", id: "596276f69bce489b8e6d4df9", -Operation: "", variables: "", -Query: -{ - user(id: "596276f69bce489b8e6d4df9") { - username - role - } -} - -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "_id": "596276f69bce489b8e6d4df9" - } - ] -} -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tobkle", role: "editor", id: "596276f69bce489b8e6d4df9", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "_id": "596276f69bce489b8e6d4df9" - } - ] -} -2017-07-09 20:33:26 ERROR Not authorized to update field "role" -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tobkle", role: "editor", id: "596276f69bce489b8e6d4df9", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596276f69bce489b8e6d4df9", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "_id": "596276f69bce489b8e6d4df9" - } - ] -} -2017-07-09 20:33:26 updated user 596276f69bce489b8e6d4df9. -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "_id": "596276f69bce489b8e6d4df9" - } - ] -} -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tmeasday", role: "editor", id: "596276f69bce489b8e6d4df9", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596276f69bce489b8e6d4df9", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "_id": "596276f69bce489b8e6d4df9" - } - ] -} -2017-07-09 20:33:26 ERROR Not authorized to update field "role" -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tmeasday", role: "editor", id: "596276f69bce489b8e6d4df9", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "_id": "596276f69bce489b8e6d4df9" - } - ] -} -2017-07-09 20:33:26 ERROR remove user failed for finalQuery: { - "_id": "583291a1638566b3c5a92ca1", - "$or": [ - { - "_id": "596276f69bce489b8e6d4df9" - } - ] -} -2017-07-09 20:33:26 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tmeasday", role: "editor", id: "596276f69bce489b8e6d4df9", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "596276f69bce489b8e6d4df9", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "authorId": "596276f69bce489b8e6d4df9" - } - ] -} -2017-07-09 20:33:26 inserted tweet 596276f69bce489b8e6d4dfa. -2017-07-09 20:33:26 pubsub tweetInserted readOne with user tmeasday is authorized -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tmeasday", role: "editor", id: "596276f69bce489b8e6d4df9", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "authorId": "596276f69bce489b8e6d4df9" - } - ] -} -2017-07-09 20:33:26 ERROR Not authorized to insert tweet -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tmeasday", role: "editor", id: "596276f69bce489b8e6d4df9", -Operation: "", variables: "", -Query: -{ - tweet(id: "596276f69bce489b8e6d4dfa") { - author { - id - } - body - } -} - -2017-07-09 20:33:26 tweet readOne with user tmeasday is authorized -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "_id": "596276f69bce489b8e6d4df9" - } - ] -} -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tmeasday", role: "editor", id: "596276f69bce489b8e6d4df9", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 20:33:26 tweet readOne with user tmeasday is authorized -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "_id": "596276f69bce489b8e6d4df9" - } - ] -} -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tmeasday", role: "editor", id: "596276f69bce489b8e6d4df9", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "596276f69bce489b8e6d4dfa", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:33:26 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "authorId": "596276f69bce489b8e6d4df9" - }, - { - "coauthorsIds": "596276f69bce489b8e6d4df9" - } - ] -} -2017-07-09 20:33:26 updated tweet 596276f69bce489b8e6d4dfa. -2017-07-09 20:33:26 pubsub tweetUpdated readOne with user tmeasday is authorized -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tmeasday", role: "editor", id: "596276f69bce489b8e6d4df9", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:33:26 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "authorId": "596276f69bce489b8e6d4df9" - }, - { - "coauthorsIds": "596276f69bce489b8e6d4df9" - } - ] -} -2017-07-09 20:33:26 ERROR Not authorized to update tweet -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tmeasday", role: "editor", id: "596276f69bce489b8e6d4df9", -Operation: "", variables: "", -Query: -{ - tweet(id: "596276f69bce489b8e6d4dfa") { - body - } -} - -2017-07-09 20:33:26 tweet readOne with user tmeasday is authorized -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tmeasday", role: "editor", id: "596276f69bce489b8e6d4df9", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "596276f69bce489b8e6d4dfa") -} - -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "authorId": "596276f69bce489b8e6d4df9" - } - ] -} -2017-07-09 20:33:26 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized -2017-07-09 20:33:26 removed tweet 596276f69bce489b8e6d4dfa. -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tmeasday", role: "editor", id: "596276f69bce489b8e6d4df9", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "authorId": "596276f69bce489b8e6d4df9" - } - ] -} -2017-07-09 20:33:26 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized -2017-07-09 20:33:26 ERROR remove tweet failed for finalQuery: { - "_id": "583676d3618530145474e352", - "$or": [ - { - "authorId": "596276f69bce489b8e6d4df9" - } - ] -} -2017-07-09 20:33:26 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tmeasday", role: "editor", id: "596276f69bce489b8e6d4df9", -Operation: "", variables: "", -Query: -{ - tweet(id: "596276f69bce489b8e6d4dfa") { - body - } -} - -2017-07-09 20:33:26 tweet readOne with user tmeasday is authorized -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "tmeasday", role: "editor", id: "596276f69bce489b8e6d4df9", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "596276f69bce489b8e6d4df9") -} - -2017-07-09 20:33:26 authQuery: { - "$or": [ - { - "_id": "596276f69bce489b8e6d4df9" - } - ] -} -2017-07-09 20:33:26 removed user 596276f69bce489b8e6d4df9. -2017-07-09 20:33:26 -------------------------------------------------------------------------------- -2017-07-09 20:33:26 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "596276f69bce489b8e6d4df9") { - username - bio - role - } -} - -2017-07-09 20:33:26 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 20:34:32 Logger started -2017-07-09 20:35:00 Logger started -2017-07-09 20:35:21 Logger started -2017-07-09 20:35:45 -------------------------------------------------------------------------------- -2017-07-09 20:35:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - role - username - } -} - -2017-07-09 20:35:56 user readOne with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - role - username - } -} - -2017-07-09 20:35:56 user readOne with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca2") { - role - username - } -} - -2017-07-09 20:35:56 user readOne with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - id - username - bio - } -} - -2017-07-09 20:35:56 user readOne with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users { - username - createdAt - } -} - -2017-07-09 20:35:56 users readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(limit: 1) { - username - createdAt - } -} - -2017-07-09 20:35:56 users readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993) { - username - createdAt - } -} - -2017-07-09 20:35:56 users readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } -} - -2017-07-09 20:35:56 users readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers { - username - createdAt - } - } -} - -2017-07-09 20:35:56 user readOne with user stubailo is authorized -2017-07-09 20:35:56 followers readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:35:56 user readOne with user stubailo is authorized -2017-07-09 20:35:56 followers readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-07-09 20:35:56 user readOne with user stubailo is authorized -2017-07-09 20:35:56 followers readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:35:56 user readOne with user stubailo is authorized -2017-07-09 20:35:56 followers readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following { - username - createdAt - } - } -} - -2017-07-09 20:35:56 user readOne with user stubailo is authorized -2017-07-09 20:35:56 following readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:35:56 user readOne with user stubailo is authorized -2017-07-09 20:35:56 following readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-07-09 20:35:56 user readOne with user stubailo is authorized -2017-07-09 20:35:56 following readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:35:56 user readOne with user stubailo is authorized -2017-07-09 20:35:56 following readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets { - id - createdAt - } - } -} - -2017-07-09 20:35:56 user readOne with user stubailo is authorized -2017-07-09 20:35:56 tweets readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(limit: 1) { - id - createdAt - } - } -} - -2017-07-09 20:35:56 user readOne with user stubailo is authorized -2017-07-09 20:35:56 tweets readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } - } -} - -2017-07-09 20:35:56 user readOne with user stubailo is authorized -2017-07-09 20:35:56 tweets readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } - } -} - -2017-07-09 20:35:56 user readOne with user stubailo is authorized -2017-07-09 20:35:56 tweets readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked { - id - createdAt - } - } -} - -2017-07-09 20:35:56 user readOne with user stubailo is authorized -2017-07-09 20:35:56 liked readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(limit: 1) { - id - createdAt - } - } -} - -2017-07-09 20:35:56 user readOne with user stubailo is authorized -2017-07-09 20:35:56 liked readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334) { - id - createdAt - } - } -} - -2017-07-09 20:35:56 user readOne with user stubailo is authorized -2017-07-09 20:35:56 liked readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334, limit: 1) { - id - createdAt - } - } -} - -2017-07-09 20:35:56 user readOne with user stubailo is authorized -2017-07-09 20:35:56 liked readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - author { - username - } - } -} - -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - id - body - } -} - -2017-07-09 20:35:56 tweet readOne with user stubailo is authorized -2017-07-09 20:35:56 tweet readOne with user stubailo is authorized -2017-07-09 20:35:56 author readOne with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets { - id - createdAt - } -} - -2017-07-09 20:35:56 tweets readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(limit: 1) { - id - createdAt - } -} - -2017-07-09 20:35:56 tweets readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } -} - -2017-07-09 20:35:56 tweets readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } -} - -2017-07-09 20:35:56 tweets readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers { - username - createdAt - } - } -} - -2017-07-09 20:35:56 tweet readOne with user stubailo is authorized -2017-07-09 20:35:56 likers readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:35:56 tweet readOne with user stubailo is authorized -2017-07-09 20:35:56 likers readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993) { - username - createdAt - } - } -} - -2017-07-09 20:35:56 tweet readOne with user stubailo is authorized -2017-07-09 20:35:56 likers readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:35:56 tweet readOne with user stubailo is authorized -2017-07-09 20:35:56 likers readMany with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { - id - role - } -} - -2017-07-09 20:35:56 insert user create with user stubailo is authorized -2017-07-09 20:35:56 inserted user 5962778c08de6c9c11df0d23. -2017-07-09 20:35:56 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-07-09 20:35:56 insert user create with user tobkle is authorized -2017-07-09 20:35:56 inserted user 5962778c08de6c9c11df0d24. -2017-07-09 20:35:56 pubsub userInserted readOne with user tobkle is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", -Operation: "", variables: "", -Query: -{ - user(id: "5962778c08de6c9c11df0d24") { - username - bio - role - } -} - -2017-07-09 20:35:56 user readOne with user tobkle is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", -Operation: "", variables: "", -Query: -{ - user(id: "5962778c08de6c9c11df0d23") { - username - role - } -} - -2017-07-09 20:35:56 user readOne with user tobkle is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "5962778c08de6c9c11df0d24", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-07-09 20:35:56 update user update with user tobkle is authorized -2017-07-09 20:35:56 updated user 5962778c08de6c9c11df0d24. -2017-07-09 20:35:56 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "5962778c08de6c9c11df0d23", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:35:56 update user update with user tobkle is authorized -2017-07-09 20:35:56 updated user 5962778c08de6c9c11df0d23. -2017-07-09 20:35:56 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "5962778c08de6c9c11df0d24", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:35:56 update user update with user tobkle is authorized -2017-07-09 20:35:56 updated user 5962778c08de6c9c11df0d24. -2017-07-09 20:35:56 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "5962778c08de6c9c11df0d23", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-07-09 20:35:56 update user update with user tobkle is authorized -2017-07-09 20:35:56 updated user 5962778c08de6c9c11df0d23. -2017-07-09 20:35:56 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "tobkle", role: "editor", id: "5962778c08de6c9c11df0d23", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "5962778c08de6c9c11df0d23", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:35:56 authQuery: { - "$or": [ - { - "_id": "5962778c08de6c9c11df0d23" - } - ] -} -2017-07-09 20:35:56 ERROR Not authorized to update field "role" -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "zoltan", role: "admin", id: "5962778c08de6c9c11df0d24", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "5962778c08de6c9c11df0d23", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:35:56 update user update with user zoltan is authorized -2017-07-09 20:35:56 updated user 5962778c08de6c9c11df0d23. -2017-07-09 20:35:56 pubsub userUpdated readOne with user zoltan is authorized -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "5962778c08de6c9c11df0d24") -} - -2017-07-09 20:35:56 removeUser delete with user tobkle is authorized -2017-07-09 20:35:56 removed user 5962778c08de6c9c11df0d24. -2017-07-09 20:35:56 -------------------------------------------------------------------------------- -2017-07-09 20:35:56 Request: -User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "5962778c08de6c9c11df0d23", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 20:35:57 insert tweet create with user tobkle is authorized -2017-07-09 20:35:57 inserted tweet 5962778d08de6c9c11df0d25. -2017-07-09 20:35:57 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 20:35:57 insert tweet create with user tobkle is authorized -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", -Operation: "", variables: "", -Query: -{ - tweet(id: "5962778d08de6c9c11df0d25") { - author { - id - } - body - } -} - -2017-07-09 20:35:57 tweet readOne with user tobkle is authorized -2017-07-09 20:35:57 inserted tweet 5962778d08de6c9c11df0d26. -2017-07-09 20:35:57 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 20:35:57 author readOne with user tobkle is authorized -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 20:35:57 tweet readOne with user tobkle is authorized -2017-07-09 20:35:57 author readOne with user tobkle is authorized -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "5962778d08de6c9c11df0d25", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:35:57 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 20:35:57 update tweet update with user tobkle is authorized -2017-07-09 20:35:57 updated tweet 5962778d08de6c9c11df0d25. -2017-07-09 20:35:57 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "5962778d08de6c9c11df0d26", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:35:57 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 20:35:57 update tweet update with user tobkle is authorized -2017-07-09 20:35:57 updated tweet 5962778d08de6c9c11df0d26. -2017-07-09 20:35:57 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", -Operation: "", variables: "", -Query: -{ - tweet(id: "5962778d08de6c9c11df0d25") { - body - } -} - -2017-07-09 20:35:57 tweet readOne with user tobkle is authorized -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "5962778d08de6c9c11df0d25") -} - -2017-07-09 20:35:57 removeTweet delete with user tobkle is authorized -2017-07-09 20:35:57 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 20:35:57 removed tweet 5962778d08de6c9c11df0d25. -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "5962778d08de6c9c11df0d26") -} - -2017-07-09 20:35:57 removeTweet delete with user tobkle is authorized -2017-07-09 20:35:57 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 20:35:57 removed tweet 5962778d08de6c9c11df0d26. -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", -Operation: "", variables: "", -Query: -{ - tweet(id: "5962778d08de6c9c11df0d25") { - body - } -} - -2017-07-09 20:35:57 tweet readOne with user tobkle is authorized -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "admin", id: "5962778c08de6c9c11df0d23", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "5962778c08de6c9c11df0d23") -} - -2017-07-09 20:35:57 removeUser delete with user tobkle is authorized -2017-07-09 20:35:57 removed user 5962778c08de6c9c11df0d23. -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "5962778c08de6c9c11df0d23") { - username - bio - role - } -} - -2017-07-09 20:35:57 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-07-09 20:35:57 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-07-09 20:35:57 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:35:57 ERROR Authorization: Not authorized to update in update user. -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-07-09 20:35:57 ERROR Authorization: Not authorized to delete in removeUser. -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 20:35:57 ERROR Authorization: Not authorized to create in insert tweet. -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 20:35:57 tweet readOne with user is authorized -2017-07-09 20:35:57 ERROR Authorization: Not authorized to readOne in author. -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:35:57 tweet getOneById in updateById for docBefore readOne with user is authorized -2017-07-09 20:35:57 ERROR Authorization: Not authorized to update in update tweet. -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:35:57 tweet getOneById in updateById for docBefore readOne with user is authorized -2017-07-09 20:35:57 ERROR Authorization: Not authorized to update in update tweet. -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-07-09 20:35:57 ERROR Authorization: Not authorized to delete in removeTweet. -2017-07-09 20:35:57 tweet getOneById in removeById for docBefore readOne with user is authorized -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { - id - role - } -} - -2017-07-09 20:35:57 insert user create with user stubailo is authorized -2017-07-09 20:35:57 inserted user 5962778d08de6c9c11df0d27. -2017-07-09 20:35:57 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-07-09 20:35:57 authQuery: { - "$or": [] -} -2017-07-09 20:35:57 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "_id": "5962778d08de6c9c11df0d27" - } - ] -} -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", -Operation: "", variables: "", -Query: -{ - user(id: "5962778d08de6c9c11df0d27") { - username - } -} - -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "_id": "5962778d08de6c9c11df0d27" - } - ] -} -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", -Operation: "", variables: "", -Query: -{ - user(id: "5962778d08de6c9c11df0d27") { - username - role - } -} - -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "_id": "5962778d08de6c9c11df0d27" - } - ] -} -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "_id": "5962778d08de6c9c11df0d27" - } - ] -} -2017-07-09 20:35:57 ERROR Not authorized to update field "role" -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "5962778d08de6c9c11df0d27", input: {username: "tobkle", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "_id": "5962778d08de6c9c11df0d27" - } - ] -} -2017-07-09 20:35:57 updated user 5962778d08de6c9c11df0d27. -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "_id": "5962778d08de6c9c11df0d27" - } - ] -} -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "5962778d08de6c9c11df0d27", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "_id": "5962778d08de6c9c11df0d27" - } - ] -} -2017-07-09 20:35:57 ERROR Not authorized to update field "role" -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "_id": "5962778d08de6c9c11df0d27" - } - ] -} -2017-07-09 20:35:57 ERROR remove user failed for finalQuery: { - "_id": "583291a1638566b3c5a92ca1", - "$or": [ - { - "_id": "5962778d08de6c9c11df0d27" - } - ] -} -2017-07-09 20:35:57 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "5962778d08de6c9c11df0d27", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "authorId": "5962778d08de6c9c11df0d27" - } - ] -} -2017-07-09 20:35:57 inserted tweet 5962778d08de6c9c11df0d28. -2017-07-09 20:35:57 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "authorId": "5962778d08de6c9c11df0d27" - } - ] -} -2017-07-09 20:35:57 ERROR Not authorized to insert tweet -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", -Operation: "", variables: "", -Query: -{ - tweet(id: "5962778d08de6c9c11df0d28") { - author { - id - } - body - } -} - -2017-07-09 20:35:57 tweet readOne with user tobkle is authorized -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "_id": "5962778d08de6c9c11df0d27" - } - ] -} -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 20:35:57 tweet readOne with user tobkle is authorized -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "_id": "5962778d08de6c9c11df0d27" - } - ] -} -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "5962778d08de6c9c11df0d28", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:35:57 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "authorId": "5962778d08de6c9c11df0d27" - }, - { - "coauthorsIds": "5962778d08de6c9c11df0d27" - } - ] -} -2017-07-09 20:35:57 updated tweet 5962778d08de6c9c11df0d28. -2017-07-09 20:35:57 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:35:57 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "authorId": "5962778d08de6c9c11df0d27" - }, - { - "coauthorsIds": "5962778d08de6c9c11df0d27" - } - ] -} -2017-07-09 20:35:57 ERROR update tweet failed finalQuery: { - "_id": "583676d3618530145474e352", - "$or": [ - { - "authorId": "5962778d08de6c9c11df0d27" - }, - { - "coauthorsIds": "5962778d08de6c9c11df0d27" - } - ] -} -2017-07-09 20:35:57 ERROR update tweet failed for docToUpdate: { - "$set": { - "body": "This is a modified test tweet", - "updatedAt": 1499625357426, - "updatedById": "5962778d08de6c9c11df0d27" - } -} -2017-07-09 20:35:57 ERROR update tweet not possible for 583676d3618530145474e352. -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", -Operation: "", variables: "", -Query: -{ - tweet(id: "5962778d08de6c9c11df0d28") { - body - } -} - -2017-07-09 20:35:57 tweet readOne with user tobkle is authorized -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "5962778d08de6c9c11df0d28") -} - -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "authorId": "5962778d08de6c9c11df0d27" - } - ] -} -2017-07-09 20:35:57 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 20:35:57 removed tweet 5962778d08de6c9c11df0d28. -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "authorId": "5962778d08de6c9c11df0d27" - } - ] -} -2017-07-09 20:35:57 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 20:35:57 ERROR remove tweet failed for finalQuery: { - "_id": "583676d3618530145474e352", - "$or": [ - { - "authorId": "5962778d08de6c9c11df0d27" - } - ] -} -2017-07-09 20:35:57 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", -Operation: "", variables: "", -Query: -{ - tweet(id: "5962778d08de6c9c11df0d28") { - body - } -} - -2017-07-09 20:35:57 tweet readOne with user tobkle is authorized -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "user", id: "5962778d08de6c9c11df0d27", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "5962778d08de6c9c11df0d27") -} - -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "_id": "5962778d08de6c9c11df0d27" - } - ] -} -2017-07-09 20:35:57 removed user 5962778d08de6c9c11df0d27. -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "5962778d08de6c9c11df0d27") { - username - bio - role - } -} - -2017-07-09 20:35:57 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { - id - role - } -} - -2017-07-09 20:35:57 insert user create with user stubailo is authorized -2017-07-09 20:35:57 inserted user 5962778d08de6c9c11df0d29. -2017-07-09 20:35:57 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "editor", id: "5962778d08de6c9c11df0d29", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-07-09 20:35:57 authQuery: { - "$or": [] -} -2017-07-09 20:35:57 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "editor", id: "5962778d08de6c9c11df0d29", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "_id": "5962778d08de6c9c11df0d29" - } - ] -} -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "editor", id: "5962778d08de6c9c11df0d29", -Operation: "", variables: "", -Query: -{ - user(id: "5962778d08de6c9c11df0d29") { - username - role - } -} - -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "_id": "5962778d08de6c9c11df0d29" - } - ] -} -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "editor", id: "5962778d08de6c9c11df0d29", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "_id": "5962778d08de6c9c11df0d29" - } - ] -} -2017-07-09 20:35:57 ERROR Not authorized to update field "role" -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tobkle", role: "editor", id: "5962778d08de6c9c11df0d29", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "5962778d08de6c9c11df0d29", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "_id": "5962778d08de6c9c11df0d29" - } - ] -} -2017-07-09 20:35:57 updated user 5962778d08de6c9c11df0d29. -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "_id": "5962778d08de6c9c11df0d29" - } - ] -} -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tmeasday", role: "editor", id: "5962778d08de6c9c11df0d29", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "5962778d08de6c9c11df0d29", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "_id": "5962778d08de6c9c11df0d29" - } - ] -} -2017-07-09 20:35:57 ERROR Not authorized to update field "role" -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tmeasday", role: "editor", id: "5962778d08de6c9c11df0d29", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "_id": "5962778d08de6c9c11df0d29" - } - ] -} -2017-07-09 20:35:57 ERROR remove user failed for finalQuery: { - "_id": "583291a1638566b3c5a92ca1", - "$or": [ - { - "_id": "5962778d08de6c9c11df0d29" - } - ] -} -2017-07-09 20:35:57 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tmeasday", role: "editor", id: "5962778d08de6c9c11df0d29", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "5962778d08de6c9c11df0d29", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "authorId": "5962778d08de6c9c11df0d29" - } - ] -} -2017-07-09 20:35:57 inserted tweet 5962778d08de6c9c11df0d2a. -2017-07-09 20:35:57 pubsub tweetInserted readOne with user tmeasday is authorized -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tmeasday", role: "editor", id: "5962778d08de6c9c11df0d29", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "authorId": "5962778d08de6c9c11df0d29" - } - ] -} -2017-07-09 20:35:57 ERROR Not authorized to insert tweet -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tmeasday", role: "editor", id: "5962778d08de6c9c11df0d29", -Operation: "", variables: "", -Query: -{ - tweet(id: "5962778d08de6c9c11df0d2a") { - author { - id - } - body - } -} - -2017-07-09 20:35:57 tweet readOne with user tmeasday is authorized -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "_id": "5962778d08de6c9c11df0d29" - } - ] -} -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tmeasday", role: "editor", id: "5962778d08de6c9c11df0d29", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 20:35:57 tweet readOne with user tmeasday is authorized -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "_id": "5962778d08de6c9c11df0d29" - } - ] -} -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tmeasday", role: "editor", id: "5962778d08de6c9c11df0d29", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "5962778d08de6c9c11df0d2a", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:35:57 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "authorId": "5962778d08de6c9c11df0d29" - }, - { - "coauthorsIds": "5962778d08de6c9c11df0d29" - } - ] -} -2017-07-09 20:35:57 updated tweet 5962778d08de6c9c11df0d2a. -2017-07-09 20:35:57 pubsub tweetUpdated readOne with user tmeasday is authorized -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tmeasday", role: "editor", id: "5962778d08de6c9c11df0d29", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:35:57 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "authorId": "5962778d08de6c9c11df0d29" - }, - { - "coauthorsIds": "5962778d08de6c9c11df0d29" - } - ] -} -2017-07-09 20:35:57 ERROR update tweet failed finalQuery: { - "_id": "583676d3618530145474e352", - "$or": [ - { - "authorId": "5962778d08de6c9c11df0d29" - }, - { - "coauthorsIds": "5962778d08de6c9c11df0d29" - } - ] -} -2017-07-09 20:35:57 ERROR update tweet failed for docToUpdate: { - "$set": { - "body": "This is a modified test tweet", - "updatedAt": 1499625357646, - "updatedById": "5962778d08de6c9c11df0d29" - } -} -2017-07-09 20:35:57 ERROR update tweet not possible for 583676d3618530145474e352. -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tmeasday", role: "editor", id: "5962778d08de6c9c11df0d29", -Operation: "", variables: "", -Query: -{ - tweet(id: "5962778d08de6c9c11df0d2a") { - body - } -} - -2017-07-09 20:35:57 tweet readOne with user tmeasday is authorized -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tmeasday", role: "editor", id: "5962778d08de6c9c11df0d29", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "5962778d08de6c9c11df0d2a") -} - -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "authorId": "5962778d08de6c9c11df0d29" - } - ] -} -2017-07-09 20:35:57 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized -2017-07-09 20:35:57 removed tweet 5962778d08de6c9c11df0d2a. -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tmeasday", role: "editor", id: "5962778d08de6c9c11df0d29", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "authorId": "5962778d08de6c9c11df0d29" - } - ] -} -2017-07-09 20:35:57 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized -2017-07-09 20:35:57 ERROR remove tweet failed for finalQuery: { - "_id": "583676d3618530145474e352", - "$or": [ - { - "authorId": "5962778d08de6c9c11df0d29" - } - ] -} -2017-07-09 20:35:57 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tmeasday", role: "editor", id: "5962778d08de6c9c11df0d29", -Operation: "", variables: "", -Query: -{ - tweet(id: "5962778d08de6c9c11df0d2a") { - body - } -} - -2017-07-09 20:35:57 tweet readOne with user tmeasday is authorized -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "tmeasday", role: "editor", id: "5962778d08de6c9c11df0d29", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "5962778d08de6c9c11df0d29") -} - -2017-07-09 20:35:57 authQuery: { - "$or": [ - { - "_id": "5962778d08de6c9c11df0d29" - } - ] -} -2017-07-09 20:35:57 removed user 5962778d08de6c9c11df0d29. -2017-07-09 20:35:57 -------------------------------------------------------------------------------- -2017-07-09 20:35:57 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "5962778d08de6c9c11df0d29") { - username - bio - role - } -} - -2017-07-09 20:35:57 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 20:36:20 Logger started -2017-07-09 20:36:33 Logger started -2017-07-09 20:37:37 Logger started -2017-07-09 20:38:24 Logger started -2017-07-09 20:39:07 -------------------------------------------------------------------------------- -2017-07-09 20:39:07 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - role - username - } -} - -2017-07-09 20:39:18 user readOne with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - role - username - } -} - -2017-07-09 20:39:18 user readOne with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca2") { - role - username - } -} - -2017-07-09 20:39:18 user readOne with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - id - username - bio - } -} - -2017-07-09 20:39:18 user readOne with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users { - username - createdAt - } -} - -2017-07-09 20:39:18 users readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(limit: 1) { - username - createdAt - } -} - -2017-07-09 20:39:18 users readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993) { - username - createdAt - } -} - -2017-07-09 20:39:18 users readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } -} - -2017-07-09 20:39:18 users readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers { - username - createdAt - } - } -} - -2017-07-09 20:39:18 user readOne with user stubailo is authorized -2017-07-09 20:39:18 followers readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:39:18 user readOne with user stubailo is authorized -2017-07-09 20:39:18 followers readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-07-09 20:39:18 user readOne with user stubailo is authorized -2017-07-09 20:39:18 followers readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:39:18 user readOne with user stubailo is authorized -2017-07-09 20:39:18 followers readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following { - username - createdAt - } - } -} - -2017-07-09 20:39:18 user readOne with user stubailo is authorized -2017-07-09 20:39:18 following readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:39:18 user readOne with user stubailo is authorized -2017-07-09 20:39:18 following readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-07-09 20:39:18 user readOne with user stubailo is authorized -2017-07-09 20:39:18 following readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:39:18 user readOne with user stubailo is authorized -2017-07-09 20:39:18 following readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets { - id - createdAt - } - } -} - -2017-07-09 20:39:18 user readOne with user stubailo is authorized -2017-07-09 20:39:18 tweets readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(limit: 1) { - id - createdAt - } - } -} - -2017-07-09 20:39:18 user readOne with user stubailo is authorized -2017-07-09 20:39:18 tweets readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } - } -} - -2017-07-09 20:39:18 user readOne with user stubailo is authorized -2017-07-09 20:39:18 tweets readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } - } -} - -2017-07-09 20:39:18 user readOne with user stubailo is authorized -2017-07-09 20:39:18 tweets readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked { - id - createdAt - } - } -} - -2017-07-09 20:39:18 user readOne with user stubailo is authorized -2017-07-09 20:39:18 liked readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(limit: 1) { - id - createdAt - } - } -} - -2017-07-09 20:39:18 user readOne with user stubailo is authorized -2017-07-09 20:39:18 liked readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334) { - id - createdAt - } - } -} - -2017-07-09 20:39:18 user readOne with user stubailo is authorized -2017-07-09 20:39:18 liked readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334, limit: 1) { - id - createdAt - } - } -} - -2017-07-09 20:39:18 user readOne with user stubailo is authorized -2017-07-09 20:39:18 liked readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets { - id - createdAt - } -} - -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - author { - username - } - } -} - -2017-07-09 20:39:18 tweets readMany with user stubailo is authorized -2017-07-09 20:39:18 tweet readOne with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - id - body - } -} - -2017-07-09 20:39:18 tweet readOne with user stubailo is authorized -2017-07-09 20:39:18 author readOne with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(limit: 1) { - id - createdAt - } -} - -2017-07-09 20:39:18 tweets readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } -} - -2017-07-09 20:39:18 tweets readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } -} - -2017-07-09 20:39:18 tweets readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers { - username - createdAt - } - } -} - -2017-07-09 20:39:18 tweet readOne with user stubailo is authorized -2017-07-09 20:39:18 likers readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:39:18 tweet readOne with user stubailo is authorized -2017-07-09 20:39:18 likers readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993) { - username - createdAt - } - } -} - -2017-07-09 20:39:18 tweet readOne with user stubailo is authorized -2017-07-09 20:39:18 likers readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:39:18 tweet readOne with user stubailo is authorized -2017-07-09 20:39:18 likers readMany with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { - id - role - } -} - -2017-07-09 20:39:18 insert user create with user stubailo is authorized -2017-07-09 20:39:18 inserted user 596278564c57819cb42922c4. -2017-07-09 20:39:18 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-07-09 20:39:18 insert user create with user tobkle is authorized -2017-07-09 20:39:18 inserted user 596278564c57819cb42922c5. -2017-07-09 20:39:18 pubsub userInserted readOne with user tobkle is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", -Operation: "", variables: "", -Query: -{ - user(id: "596278564c57819cb42922c5") { - username - bio - role - } -} - -2017-07-09 20:39:18 user readOne with user tobkle is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", -Operation: "", variables: "", -Query: -{ - user(id: "596278564c57819cb42922c4") { - username - role - } -} - -2017-07-09 20:39:18 user readOne with user tobkle is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596278564c57819cb42922c5", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-07-09 20:39:18 update user update with user tobkle is authorized -2017-07-09 20:39:18 updated user 596278564c57819cb42922c5. -2017-07-09 20:39:18 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596278564c57819cb42922c4", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:39:18 update user update with user tobkle is authorized -2017-07-09 20:39:18 updated user 596278564c57819cb42922c4. -2017-07-09 20:39:18 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596278564c57819cb42922c5", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:39:18 update user update with user tobkle is authorized -2017-07-09 20:39:18 updated user 596278564c57819cb42922c5. -2017-07-09 20:39:18 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596278564c57819cb42922c4", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-07-09 20:39:18 update user update with user tobkle is authorized -2017-07-09 20:39:18 updated user 596278564c57819cb42922c4. -2017-07-09 20:39:18 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 20:39:18 -------------------------------------------------------------------------------- -2017-07-09 20:39:18 Request: -User: "tobkle", role: "editor", id: "596278564c57819cb42922c4", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596278564c57819cb42922c4", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:39:18 authQuery: { - "$or": [ - { - "_id": "596278564c57819cb42922c4" - } - ] -} -2017-07-09 20:39:18 ERROR Not authorized to update field "role" -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "zoltan", role: "admin", id: "596278564c57819cb42922c5", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596278564c57819cb42922c4", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:39:19 update user update with user zoltan is authorized -2017-07-09 20:39:19 updated user 596278564c57819cb42922c4. -2017-07-09 20:39:19 pubsub userUpdated readOne with user zoltan is authorized -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "596278564c57819cb42922c5") -} - -2017-07-09 20:39:19 removeUser delete with user tobkle is authorized -2017-07-09 20:39:19 removed user 596278564c57819cb42922c5. -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "596278564c57819cb42922c4", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 20:39:19 insert tweet create with user tobkle is authorized -2017-07-09 20:39:19 inserted tweet 596278574c57819cb42922c6. -2017-07-09 20:39:19 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 20:39:19 insert tweet create with user tobkle is authorized -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", -Operation: "", variables: "", -Query: -{ - tweet(id: "596278574c57819cb42922c6") { - author { - id - } - body - } -} - -2017-07-09 20:39:19 tweet readOne with user tobkle is authorized -2017-07-09 20:39:19 inserted tweet 596278574c57819cb42922c7. -2017-07-09 20:39:19 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 20:39:19 author readOne with user tobkle is authorized -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 20:39:19 tweet readOne with user tobkle is authorized -2017-07-09 20:39:19 author readOne with user tobkle is authorized -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "596278574c57819cb42922c6", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:39:19 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 20:39:19 update tweet update with user tobkle is authorized -2017-07-09 20:39:19 updated tweet 596278574c57819cb42922c6. -2017-07-09 20:39:19 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "596278574c57819cb42922c7", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:39:19 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 20:39:19 update tweet update with user tobkle is authorized -2017-07-09 20:39:19 updated tweet 596278574c57819cb42922c7. -2017-07-09 20:39:19 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", -Operation: "", variables: "", -Query: -{ - tweet(id: "596278574c57819cb42922c6") { - body - } -} - -2017-07-09 20:39:19 tweet readOne with user tobkle is authorized -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "596278574c57819cb42922c6") -} - -2017-07-09 20:39:19 removeTweet delete with user tobkle is authorized -2017-07-09 20:39:19 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 20:39:19 removed tweet 596278574c57819cb42922c6. -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "596278574c57819cb42922c7") -} - -2017-07-09 20:39:19 removeTweet delete with user tobkle is authorized -2017-07-09 20:39:19 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 20:39:19 removed tweet 596278574c57819cb42922c7. -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", -Operation: "", variables: "", -Query: -{ - tweet(id: "596278574c57819cb42922c6") { - body - } -} - -2017-07-09 20:39:19 tweet readOne with user tobkle is authorized -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "admin", id: "596278564c57819cb42922c4", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "596278564c57819cb42922c4") -} - -2017-07-09 20:39:19 removeUser delete with user tobkle is authorized -2017-07-09 20:39:19 removed user 596278564c57819cb42922c4. -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "596278564c57819cb42922c4") { - username - bio - role - } -} - -2017-07-09 20:39:19 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-07-09 20:39:19 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-07-09 20:39:19 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:39:19 ERROR Authorization: Not authorized to update in update user. -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-07-09 20:39:19 ERROR Authorization: Not authorized to delete in removeUser. -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 20:39:19 ERROR Authorization: Not authorized to create in insert tweet. -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 20:39:19 tweet readOne with user is authorized -2017-07-09 20:39:19 ERROR Authorization: Not authorized to readOne in author. -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:39:19 tweet getOneById in updateById for docBefore readOne with user is authorized -2017-07-09 20:39:19 ERROR Authorization: Not authorized to update in update tweet. -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:39:19 tweet getOneById in updateById for docBefore readOne with user is authorized -2017-07-09 20:39:19 ERROR Authorization: Not authorized to update in update tweet. -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-07-09 20:39:19 ERROR Authorization: Not authorized to delete in removeTweet. -2017-07-09 20:39:19 tweet getOneById in removeById for docBefore readOne with user is authorized -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { - id - role - } -} - -2017-07-09 20:39:19 insert user create with user stubailo is authorized -2017-07-09 20:39:19 inserted user 596278574c57819cb42922c8. -2017-07-09 20:39:19 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "user", id: "596278574c57819cb42922c8", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-07-09 20:39:19 authQuery: { - "$or": [] -} -2017-07-09 20:39:19 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "user", id: "596278574c57819cb42922c8", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "_id": "596278574c57819cb42922c8" - } - ] -} -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "user", id: "596278574c57819cb42922c8", -Operation: "", variables: "", -Query: -{ - user(id: "596278574c57819cb42922c8") { - username - } -} - -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "_id": "596278574c57819cb42922c8" - } - ] -} -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "user", id: "596278574c57819cb42922c8", -Operation: "", variables: "", -Query: -{ - user(id: "596278574c57819cb42922c8") { - username - role - } -} - -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "_id": "596278574c57819cb42922c8" - } - ] -} -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "user", id: "596278574c57819cb42922c8", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "_id": "596278574c57819cb42922c8" - } - ] -} -2017-07-09 20:39:19 ERROR Not authorized to update field "role" -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "user", id: "596278574c57819cb42922c8", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596278574c57819cb42922c8", input: {username: "tobkle", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "_id": "596278574c57819cb42922c8" - } - ] -} -2017-07-09 20:39:19 updated user 596278574c57819cb42922c8. -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "_id": "596278574c57819cb42922c8" - } - ] -} -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "user", id: "596278574c57819cb42922c8", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596278574c57819cb42922c8", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "_id": "596278574c57819cb42922c8" - } - ] -} -2017-07-09 20:39:19 ERROR Not authorized to update field "role" -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "user", id: "596278574c57819cb42922c8", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "_id": "596278574c57819cb42922c8" - } - ] -} -2017-07-09 20:39:19 ERROR remove user failed for finalQuery: { - "_id": "583291a1638566b3c5a92ca1", - "$or": [ - { - "_id": "596278574c57819cb42922c8" - } - ] -} -2017-07-09 20:39:19 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "user", id: "596278574c57819cb42922c8", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "596278574c57819cb42922c8", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "authorId": "596278574c57819cb42922c8" - } - ] -} -2017-07-09 20:39:19 inserted tweet 596278574c57819cb42922c9. -2017-07-09 20:39:19 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "user", id: "596278574c57819cb42922c8", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "authorId": "596278574c57819cb42922c8" - } - ] -} -2017-07-09 20:39:19 ERROR Not authorized to insert tweet -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "user", id: "596278574c57819cb42922c8", -Operation: "", variables: "", -Query: -{ - tweet(id: "596278574c57819cb42922c9") { - author { - id - } - body - } -} - -2017-07-09 20:39:19 tweet readOne with user tobkle is authorized -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "_id": "596278574c57819cb42922c8" - } - ] -} -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "user", id: "596278574c57819cb42922c8", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 20:39:19 tweet readOne with user tobkle is authorized -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "_id": "596278574c57819cb42922c8" - } - ] -} -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "user", id: "596278574c57819cb42922c8", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "596278574c57819cb42922c9", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:39:19 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "authorId": "596278574c57819cb42922c8" - }, - { - "coauthorsIds": "596278574c57819cb42922c8" - } - ] -} -2017-07-09 20:39:19 updated tweet 596278574c57819cb42922c9. -2017-07-09 20:39:19 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "user", id: "596278574c57819cb42922c8", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:39:19 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "authorId": "596278574c57819cb42922c8" - }, - { - "coauthorsIds": "596278574c57819cb42922c8" - } - ] -} -2017-07-09 20:39:19 ERROR update tweet failed finalQuery: { - "_id": "583676d3618530145474e352", - "$or": [ - { - "authorId": "596278574c57819cb42922c8" - }, - { - "coauthorsIds": "596278574c57819cb42922c8" - } - ] -} -2017-07-09 20:39:19 ERROR update tweet failed for docToUpdate: { - "$set": { - "body": "This is a modified test tweet", - "updatedAt": 1499625559454, - "updatedById": "596278574c57819cb42922c8" - } -} -2017-07-09 20:39:19 ERROR update tweet not possible for 583676d3618530145474e352. -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "user", id: "596278574c57819cb42922c8", -Operation: "", variables: "", -Query: -{ - tweet(id: "596278574c57819cb42922c9") { - body - } -} - -2017-07-09 20:39:19 tweet readOne with user tobkle is authorized -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "user", id: "596278574c57819cb42922c8", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "596278574c57819cb42922c9") -} - -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "authorId": "596278574c57819cb42922c8" - } - ] -} -2017-07-09 20:39:19 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 20:39:19 removed tweet 596278574c57819cb42922c9. -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "user", id: "596278574c57819cb42922c8", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "authorId": "596278574c57819cb42922c8" - } - ] -} -2017-07-09 20:39:19 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 20:39:19 ERROR remove tweet failed for finalQuery: { - "_id": "583676d3618530145474e352", - "$or": [ - { - "authorId": "596278574c57819cb42922c8" - } - ] -} -2017-07-09 20:39:19 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "user", id: "596278574c57819cb42922c8", -Operation: "", variables: "", -Query: -{ - tweet(id: "596278574c57819cb42922c9") { - body - } -} - -2017-07-09 20:39:19 tweet readOne with user tobkle is authorized -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "user", id: "596278574c57819cb42922c8", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "596278574c57819cb42922c8") -} - -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "_id": "596278574c57819cb42922c8" - } - ] -} -2017-07-09 20:39:19 removed user 596278574c57819cb42922c8. -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "596278574c57819cb42922c8") { - username - bio - role - } -} - -2017-07-09 20:39:19 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { - id - role - } -} - -2017-07-09 20:39:19 insert user create with user stubailo is authorized -2017-07-09 20:39:19 inserted user 596278574c57819cb42922ca. -2017-07-09 20:39:19 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "editor", id: "596278574c57819cb42922ca", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-07-09 20:39:19 authQuery: { - "$or": [] -} -2017-07-09 20:39:19 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "editor", id: "596278574c57819cb42922ca", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "_id": "596278574c57819cb42922ca" - } - ] -} -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "editor", id: "596278574c57819cb42922ca", -Operation: "", variables: "", -Query: -{ - user(id: "596278574c57819cb42922ca") { - username - role - } -} - -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "_id": "596278574c57819cb42922ca" - } - ] -} -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "editor", id: "596278574c57819cb42922ca", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "_id": "596278574c57819cb42922ca" - } - ] -} -2017-07-09 20:39:19 ERROR Not authorized to update field "role" -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tobkle", role: "editor", id: "596278574c57819cb42922ca", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596278574c57819cb42922ca", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "_id": "596278574c57819cb42922ca" - } - ] -} -2017-07-09 20:39:19 updated user 596278574c57819cb42922ca. -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "_id": "596278574c57819cb42922ca" - } - ] -} -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tmeasday", role: "editor", id: "596278574c57819cb42922ca", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596278574c57819cb42922ca", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "_id": "596278574c57819cb42922ca" - } - ] -} -2017-07-09 20:39:19 ERROR Not authorized to update field "role" -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tmeasday", role: "editor", id: "596278574c57819cb42922ca", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "_id": "596278574c57819cb42922ca" - } - ] -} -2017-07-09 20:39:19 ERROR remove user failed for finalQuery: { - "_id": "583291a1638566b3c5a92ca1", - "$or": [ - { - "_id": "596278574c57819cb42922ca" - } - ] -} -2017-07-09 20:39:19 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tmeasday", role: "editor", id: "596278574c57819cb42922ca", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "596278574c57819cb42922ca", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "authorId": "596278574c57819cb42922ca" - } - ] -} -2017-07-09 20:39:19 inserted tweet 596278574c57819cb42922cb. -2017-07-09 20:39:19 pubsub tweetInserted readOne with user tmeasday is authorized -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tmeasday", role: "editor", id: "596278574c57819cb42922ca", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "authorId": "596278574c57819cb42922ca" - } - ] -} -2017-07-09 20:39:19 ERROR Not authorized to insert tweet -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tmeasday", role: "editor", id: "596278574c57819cb42922ca", -Operation: "", variables: "", -Query: -{ - tweet(id: "596278574c57819cb42922cb") { - author { - id - } - body - } -} - -2017-07-09 20:39:19 tweet readOne with user tmeasday is authorized -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "_id": "596278574c57819cb42922ca" - } - ] -} -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tmeasday", role: "editor", id: "596278574c57819cb42922ca", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 20:39:19 tweet readOne with user tmeasday is authorized -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "_id": "596278574c57819cb42922ca" - } - ] -} -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tmeasday", role: "editor", id: "596278574c57819cb42922ca", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "596278574c57819cb42922cb", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:39:19 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "authorId": "596278574c57819cb42922ca" - }, - { - "coauthorsIds": "596278574c57819cb42922ca" - } - ] -} -2017-07-09 20:39:19 updated tweet 596278574c57819cb42922cb. -2017-07-09 20:39:19 pubsub tweetUpdated readOne with user tmeasday is authorized -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tmeasday", role: "editor", id: "596278574c57819cb42922ca", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:39:19 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "authorId": "596278574c57819cb42922ca" - }, - { - "coauthorsIds": "596278574c57819cb42922ca" - } - ] -} -2017-07-09 20:39:19 ERROR update tweet failed finalQuery: { - "_id": "583676d3618530145474e352", - "$or": [ - { - "authorId": "596278574c57819cb42922ca" - }, - { - "coauthorsIds": "596278574c57819cb42922ca" - } - ] -} -2017-07-09 20:39:19 ERROR update tweet failed for docToUpdate: { - "$set": { - "body": "This is a modified test tweet", - "updatedAt": 1499625559652, - "updatedById": "596278574c57819cb42922ca" - } -} -2017-07-09 20:39:19 ERROR update tweet not possible for 583676d3618530145474e352. -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tmeasday", role: "editor", id: "596278574c57819cb42922ca", -Operation: "", variables: "", -Query: -{ - tweet(id: "596278574c57819cb42922cb") { - body - } -} - -2017-07-09 20:39:19 tweet readOne with user tmeasday is authorized -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tmeasday", role: "editor", id: "596278574c57819cb42922ca", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "596278574c57819cb42922cb") -} - -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "authorId": "596278574c57819cb42922ca" - } - ] -} -2017-07-09 20:39:19 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized -2017-07-09 20:39:19 removed tweet 596278574c57819cb42922cb. -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tmeasday", role: "editor", id: "596278574c57819cb42922ca", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "authorId": "596278574c57819cb42922ca" - } - ] -} -2017-07-09 20:39:19 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized -2017-07-09 20:39:19 ERROR remove tweet failed for finalQuery: { - "_id": "583676d3618530145474e352", - "$or": [ - { - "authorId": "596278574c57819cb42922ca" - } - ] -} -2017-07-09 20:39:19 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tmeasday", role: "editor", id: "596278574c57819cb42922ca", -Operation: "", variables: "", -Query: -{ - tweet(id: "596278574c57819cb42922cb") { - body - } -} - -2017-07-09 20:39:19 tweet readOne with user tmeasday is authorized -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "tmeasday", role: "editor", id: "596278574c57819cb42922ca", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "596278574c57819cb42922ca") -} - -2017-07-09 20:39:19 authQuery: { - "$or": [ - { - "_id": "596278574c57819cb42922ca" - } - ] -} -2017-07-09 20:39:19 removed user 596278574c57819cb42922ca. -2017-07-09 20:39:19 -------------------------------------------------------------------------------- -2017-07-09 20:39:19 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "596278574c57819cb42922ca") { - username - bio - role - } -} - -2017-07-09 20:39:19 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 20:42:33 -------------------------------------------------------------------------------- -2017-07-09 20:42:33 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-07-09 20:42:44 -------------------------------------------------------------------------------- -2017-07-09 20:42:44 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-07-09 20:42:44 -------------------------------------------------------------------------------- -2017-07-09 20:42:44 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - role - username - } -} - -2017-07-09 20:42:44 user readOne with user stubailo is authorized -2017-07-09 20:42:44 -------------------------------------------------------------------------------- -2017-07-09 20:42:44 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - role - username - } -} - -2017-07-09 20:42:44 user readOne with user stubailo is authorized -2017-07-09 20:42:44 -------------------------------------------------------------------------------- -2017-07-09 20:42:44 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca2") { - role - username - } -} - -2017-07-09 20:42:44 user readOne with user stubailo is authorized -2017-07-09 20:42:44 -------------------------------------------------------------------------------- -2017-07-09 20:42:44 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - id - username - bio - } -} - -2017-07-09 20:42:44 user readOne with user stubailo is authorized -2017-07-09 20:42:44 -------------------------------------------------------------------------------- -2017-07-09 20:42:44 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users { - username - createdAt - } -} - -2017-07-09 20:42:44 users readMany with user stubailo is authorized -2017-07-09 20:42:44 -------------------------------------------------------------------------------- -2017-07-09 20:42:44 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(limit: 1) { - username - createdAt - } -} - -2017-07-09 20:42:44 users readMany with user stubailo is authorized -2017-07-09 20:42:44 -------------------------------------------------------------------------------- -2017-07-09 20:42:44 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993) { - username - createdAt - } -} - -2017-07-09 20:42:44 users readMany with user stubailo is authorized -2017-07-09 20:42:44 -------------------------------------------------------------------------------- -2017-07-09 20:42:44 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } -} - -2017-07-09 20:42:44 users readMany with user stubailo is authorized -2017-07-09 20:42:44 -------------------------------------------------------------------------------- -2017-07-09 20:42:44 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers { - username - createdAt - } - } -} - -2017-07-09 20:42:44 user readOne with user stubailo is authorized -2017-07-09 20:42:44 followers readMany with user stubailo is authorized -2017-07-09 20:42:44 -------------------------------------------------------------------------------- -2017-07-09 20:42:44 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:42:44 user readOne with user stubailo is authorized -2017-07-09 20:42:44 followers readMany with user stubailo is authorized -2017-07-09 20:42:44 -------------------------------------------------------------------------------- -2017-07-09 20:42:44 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-07-09 20:42:44 user readOne with user stubailo is authorized -2017-07-09 20:42:44 followers readMany with user stubailo is authorized -2017-07-09 20:42:44 -------------------------------------------------------------------------------- -2017-07-09 20:42:44 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:42:44 user readOne with user stubailo is authorized -2017-07-09 20:42:44 followers readMany with user stubailo is authorized -2017-07-09 20:42:44 -------------------------------------------------------------------------------- -2017-07-09 20:42:44 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following { - username - createdAt - } - } -} - -2017-07-09 20:42:44 user readOne with user stubailo is authorized -2017-07-09 20:42:44 following readMany with user stubailo is authorized -2017-07-09 20:42:44 -------------------------------------------------------------------------------- -2017-07-09 20:42:44 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:42:44 user readOne with user stubailo is authorized -2017-07-09 20:42:44 following readMany with user stubailo is authorized -2017-07-09 20:42:44 -------------------------------------------------------------------------------- -2017-07-09 20:42:44 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-07-09 20:42:44 user readOne with user stubailo is authorized -2017-07-09 20:42:44 following readMany with user stubailo is authorized -2017-07-09 20:42:44 -------------------------------------------------------------------------------- -2017-07-09 20:42:44 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:42:44 user readOne with user stubailo is authorized -2017-07-09 20:42:44 following readMany with user stubailo is authorized -2017-07-09 20:42:44 -------------------------------------------------------------------------------- -2017-07-09 20:42:44 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets { - id - createdAt - } - } -} - -2017-07-09 20:42:44 user readOne with user stubailo is authorized -2017-07-09 20:42:44 tweets readMany with user stubailo is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(limit: 1) { - id - createdAt - } - } -} - -2017-07-09 20:42:45 user readOne with user stubailo is authorized -2017-07-09 20:42:45 tweets readMany with user stubailo is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } - } -} - -2017-07-09 20:42:45 user readOne with user stubailo is authorized -2017-07-09 20:42:45 tweets readMany with user stubailo is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } - } -} - -2017-07-09 20:42:45 user readOne with user stubailo is authorized -2017-07-09 20:42:45 tweets readMany with user stubailo is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked { - id - createdAt - } - } -} - -2017-07-09 20:42:45 user readOne with user stubailo is authorized -2017-07-09 20:42:45 liked readMany with user stubailo is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(limit: 1) { - id - createdAt - } - } -} - -2017-07-09 20:42:45 user readOne with user stubailo is authorized -2017-07-09 20:42:45 liked readMany with user stubailo is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334) { - id - createdAt - } - } -} - -2017-07-09 20:42:45 user readOne with user stubailo is authorized -2017-07-09 20:42:45 liked readMany with user stubailo is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334, limit: 1) { - id - createdAt - } - } -} - -2017-07-09 20:42:45 user readOne with user stubailo is authorized -2017-07-09 20:42:45 liked readMany with user stubailo is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - id - body - } -} - -2017-07-09 20:42:45 tweet readOne with user stubailo is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - author { - username - } - } -} - -2017-07-09 20:42:45 tweet readOne with user stubailo is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets { - id - createdAt - } -} - -2017-07-09 20:42:45 tweets readMany with user stubailo is authorized -2017-07-09 20:42:45 author readOne with user stubailo is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(limit: 1) { - id - createdAt - } -} - -2017-07-09 20:42:45 tweets readMany with user stubailo is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } -} - -2017-07-09 20:42:45 tweets readMany with user stubailo is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } -} - -2017-07-09 20:42:45 tweets readMany with user stubailo is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers { - username - createdAt - } - } -} - -2017-07-09 20:42:45 tweet readOne with user stubailo is authorized -2017-07-09 20:42:45 likers readMany with user stubailo is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:42:45 tweet readOne with user stubailo is authorized -2017-07-09 20:42:45 likers readMany with user stubailo is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993) { - username - createdAt - } - } -} - -2017-07-09 20:42:45 tweet readOne with user stubailo is authorized -2017-07-09 20:42:45 likers readMany with user stubailo is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } - } -} - -2017-07-09 20:42:45 tweet readOne with user stubailo is authorized -2017-07-09 20:42:45 likers readMany with user stubailo is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { - id - role - } -} - -2017-07-09 20:42:45 insert user create with user stubailo is authorized -2017-07-09 20:42:45 inserted user 596279254c57819cb42922cc. -2017-07-09 20:42:45 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-07-09 20:42:45 insert user create with user tobkle is authorized -2017-07-09 20:42:45 inserted user 596279254c57819cb42922cd. -2017-07-09 20:42:45 pubsub userInserted readOne with user tobkle is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", -Operation: "", variables: "", -Query: -{ - user(id: "596279254c57819cb42922cd") { - username - bio - role - } -} - -2017-07-09 20:42:45 user readOne with user tobkle is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", -Operation: "", variables: "", -Query: -{ - user(id: "596279254c57819cb42922cc") { - username - role - } -} - -2017-07-09 20:42:45 user readOne with user tobkle is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596279254c57819cb42922cd", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-07-09 20:42:45 update user update with user tobkle is authorized -2017-07-09 20:42:45 updated user 596279254c57819cb42922cd. -2017-07-09 20:42:45 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596279254c57819cb42922cc", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:42:45 update user update with user tobkle is authorized -2017-07-09 20:42:45 updated user 596279254c57819cb42922cc. -2017-07-09 20:42:45 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596279254c57819cb42922cd", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:42:45 update user update with user tobkle is authorized -2017-07-09 20:42:45 updated user 596279254c57819cb42922cd. -2017-07-09 20:42:45 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596279254c57819cb42922cc", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-07-09 20:42:45 update user update with user tobkle is authorized -2017-07-09 20:42:45 updated user 596279254c57819cb42922cc. -2017-07-09 20:42:45 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "editor", id: "596279254c57819cb42922cc", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596279254c57819cb42922cc", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "_id": "596279254c57819cb42922cc" - } - ] -} -2017-07-09 20:42:45 ERROR Not authorized to update field "role" -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "zoltan", role: "admin", id: "596279254c57819cb42922cd", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596279254c57819cb42922cc", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:42:45 update user update with user zoltan is authorized -2017-07-09 20:42:45 updated user 596279254c57819cb42922cc. -2017-07-09 20:42:45 pubsub userUpdated readOne with user zoltan is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "596279254c57819cb42922cd") -} - -2017-07-09 20:42:45 removeUser delete with user tobkle is authorized -2017-07-09 20:42:45 removed user 596279254c57819cb42922cd. -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "596279254c57819cb42922cc", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 20:42:45 insert tweet create with user tobkle is authorized -2017-07-09 20:42:45 inserted tweet 596279254c57819cb42922ce. -2017-07-09 20:42:45 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 20:42:45 insert tweet create with user tobkle is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", -Operation: "", variables: "", -Query: -{ - tweet(id: "596279254c57819cb42922ce") { - author { - id - } - body - } -} - -2017-07-09 20:42:45 tweet readOne with user tobkle is authorized -2017-07-09 20:42:45 inserted tweet 596279254c57819cb42922cf. -2017-07-09 20:42:45 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 20:42:45 author readOne with user tobkle is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 20:42:45 tweet readOne with user tobkle is authorized -2017-07-09 20:42:45 author readOne with user tobkle is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "596279254c57819cb42922ce", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:42:45 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 20:42:45 update tweet update with user tobkle is authorized -2017-07-09 20:42:45 updated tweet 596279254c57819cb42922ce. -2017-07-09 20:42:45 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "596279254c57819cb42922cf", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:42:45 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 20:42:45 update tweet update with user tobkle is authorized -2017-07-09 20:42:45 updated tweet 596279254c57819cb42922cf. -2017-07-09 20:42:45 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", -Operation: "", variables: "", -Query: -{ - tweet(id: "596279254c57819cb42922ce") { - body - } -} - -2017-07-09 20:42:45 tweet readOne with user tobkle is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "596279254c57819cb42922ce") -} - -2017-07-09 20:42:45 removeTweet delete with user tobkle is authorized -2017-07-09 20:42:45 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 20:42:45 removed tweet 596279254c57819cb42922ce. -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "596279254c57819cb42922cf") -} - -2017-07-09 20:42:45 removeTweet delete with user tobkle is authorized -2017-07-09 20:42:45 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 20:42:45 removed tweet 596279254c57819cb42922cf. -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", -Operation: "", variables: "", -Query: -{ - tweet(id: "596279254c57819cb42922ce") { - body - } -} - -2017-07-09 20:42:45 tweet readOne with user tobkle is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "admin", id: "596279254c57819cb42922cc", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "596279254c57819cb42922cc") -} - -2017-07-09 20:42:45 removeUser delete with user tobkle is authorized -2017-07-09 20:42:45 removed user 596279254c57819cb42922cc. -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "596279254c57819cb42922cc") { - username - bio - role - } -} - -2017-07-09 20:42:45 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-07-09 20:42:45 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-07-09 20:42:45 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:42:45 ERROR Authorization: Not authorized to update in update user. -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-07-09 20:42:45 ERROR Authorization: Not authorized to delete in removeUser. -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 20:42:45 ERROR Authorization: Not authorized to create in insert tweet. -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 20:42:45 tweet readOne with user is authorized -2017-07-09 20:42:45 ERROR Authorization: Not authorized to readOne in author. -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:42:45 tweet getOneById in updateById for docBefore readOne with user is authorized -2017-07-09 20:42:45 ERROR Authorization: Not authorized to update in update tweet. -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:42:45 tweet getOneById in updateById for docBefore readOne with user is authorized -2017-07-09 20:42:45 ERROR Authorization: Not authorized to update in update tweet. -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-07-09 20:42:45 ERROR Authorization: Not authorized to delete in removeTweet. -2017-07-09 20:42:45 tweet getOneById in removeById for docBefore readOne with user is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { - id - role - } -} - -2017-07-09 20:42:45 insert user create with user stubailo is authorized -2017-07-09 20:42:45 inserted user 596279254c57819cb42922d0. -2017-07-09 20:42:45 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "user", id: "596279254c57819cb42922d0", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-07-09 20:42:45 authQuery: { - "$or": [] -} -2017-07-09 20:42:45 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "user", id: "596279254c57819cb42922d0", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "_id": "596279254c57819cb42922d0" - } - ] -} -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "user", id: "596279254c57819cb42922d0", -Operation: "", variables: "", -Query: -{ - user(id: "596279254c57819cb42922d0") { - username - } -} - -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "_id": "596279254c57819cb42922d0" - } - ] -} -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "user", id: "596279254c57819cb42922d0", -Operation: "", variables: "", -Query: -{ - user(id: "596279254c57819cb42922d0") { - username - role - } -} - -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "_id": "596279254c57819cb42922d0" - } - ] -} -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "user", id: "596279254c57819cb42922d0", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "_id": "596279254c57819cb42922d0" - } - ] -} -2017-07-09 20:42:45 ERROR Not authorized to update field "role" -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "user", id: "596279254c57819cb42922d0", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596279254c57819cb42922d0", input: {username: "tobkle", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "_id": "596279254c57819cb42922d0" - } - ] -} -2017-07-09 20:42:45 updated user 596279254c57819cb42922d0. -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "_id": "596279254c57819cb42922d0" - } - ] -} -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "user", id: "596279254c57819cb42922d0", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596279254c57819cb42922d0", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "_id": "596279254c57819cb42922d0" - } - ] -} -2017-07-09 20:42:45 ERROR Not authorized to update field "role" -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "user", id: "596279254c57819cb42922d0", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "_id": "596279254c57819cb42922d0" - } - ] -} -2017-07-09 20:42:45 ERROR remove user failed for finalQuery: { - "_id": "583291a1638566b3c5a92ca1", - "$or": [ - { - "_id": "596279254c57819cb42922d0" - } - ] -} -2017-07-09 20:42:45 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "user", id: "596279254c57819cb42922d0", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "596279254c57819cb42922d0", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "authorId": "596279254c57819cb42922d0" - } - ] -} -2017-07-09 20:42:45 inserted tweet 596279254c57819cb42922d1. -2017-07-09 20:42:45 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "user", id: "596279254c57819cb42922d0", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "authorId": "596279254c57819cb42922d0" - } - ] -} -2017-07-09 20:42:45 ERROR Not authorized to insert tweet -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "user", id: "596279254c57819cb42922d0", -Operation: "", variables: "", -Query: -{ - tweet(id: "596279254c57819cb42922d1") { - author { - id - } - body - } -} - -2017-07-09 20:42:45 tweet readOne with user tobkle is authorized -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "_id": "596279254c57819cb42922d0" - } - ] -} -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "user", id: "596279254c57819cb42922d0", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 20:42:45 tweet readOne with user tobkle is authorized -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "_id": "596279254c57819cb42922d0" - } - ] -} -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "user", id: "596279254c57819cb42922d0", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "596279254c57819cb42922d1", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:42:45 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "authorId": "596279254c57819cb42922d0" - }, - { - "coauthorsIds": "596279254c57819cb42922d0" - } - ] -} -2017-07-09 20:42:45 updated tweet 596279254c57819cb42922d1. -2017-07-09 20:42:45 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "user", id: "596279254c57819cb42922d0", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:42:45 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "authorId": "596279254c57819cb42922d0" - }, - { - "coauthorsIds": "596279254c57819cb42922d0" - } - ] -} -2017-07-09 20:42:45 ERROR update tweet failed finalQuery: { - "_id": "583676d3618530145474e352", - "$or": [ - { - "authorId": "596279254c57819cb42922d0" - }, - { - "coauthorsIds": "596279254c57819cb42922d0" - } - ] -} -2017-07-09 20:42:45 ERROR update tweet failed for docToUpdate: { - "$set": { - "body": "This is a modified test tweet", - "updatedAt": 1499625765665, - "updatedById": "596279254c57819cb42922d0" - } -} -2017-07-09 20:42:45 ERROR update tweet not possible for 583676d3618530145474e352. -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "user", id: "596279254c57819cb42922d0", -Operation: "", variables: "", -Query: -{ - tweet(id: "596279254c57819cb42922d1") { - body - } -} - -2017-07-09 20:42:45 tweet readOne with user tobkle is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "user", id: "596279254c57819cb42922d0", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "596279254c57819cb42922d1") -} - -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "authorId": "596279254c57819cb42922d0" - } - ] -} -2017-07-09 20:42:45 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 20:42:45 removed tweet 596279254c57819cb42922d1. -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "user", id: "596279254c57819cb42922d0", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "authorId": "596279254c57819cb42922d0" - } - ] -} -2017-07-09 20:42:45 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 20:42:45 ERROR remove tweet failed for finalQuery: { - "_id": "583676d3618530145474e352", - "$or": [ - { - "authorId": "596279254c57819cb42922d0" - } - ] -} -2017-07-09 20:42:45 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "user", id: "596279254c57819cb42922d0", -Operation: "", variables: "", -Query: -{ - tweet(id: "596279254c57819cb42922d1") { - body - } -} - -2017-07-09 20:42:45 tweet readOne with user tobkle is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "user", id: "596279254c57819cb42922d0", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "596279254c57819cb42922d0") -} - -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "_id": "596279254c57819cb42922d0" - } - ] -} -2017-07-09 20:42:45 removed user 596279254c57819cb42922d0. -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "596279254c57819cb42922d0") { - username - bio - role - } -} - -2017-07-09 20:42:45 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { - id - role - } -} - -2017-07-09 20:42:45 insert user create with user stubailo is authorized -2017-07-09 20:42:45 inserted user 596279254c57819cb42922d2. -2017-07-09 20:42:45 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "editor", id: "596279254c57819cb42922d2", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-07-09 20:42:45 authQuery: { - "$or": [] -} -2017-07-09 20:42:45 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "editor", id: "596279254c57819cb42922d2", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "_id": "596279254c57819cb42922d2" - } - ] -} -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "editor", id: "596279254c57819cb42922d2", -Operation: "", variables: "", -Query: -{ - user(id: "596279254c57819cb42922d2") { - username - role - } -} - -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "_id": "596279254c57819cb42922d2" - } - ] -} -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "editor", id: "596279254c57819cb42922d2", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "_id": "596279254c57819cb42922d2" - } - ] -} -2017-07-09 20:42:45 ERROR Not authorized to update field "role" -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tobkle", role: "editor", id: "596279254c57819cb42922d2", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596279254c57819cb42922d2", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "_id": "596279254c57819cb42922d2" - } - ] -} -2017-07-09 20:42:45 updated user 596279254c57819cb42922d2. -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "_id": "596279254c57819cb42922d2" - } - ] -} -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tmeasday", role: "editor", id: "596279254c57819cb42922d2", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596279254c57819cb42922d2", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "_id": "596279254c57819cb42922d2" - } - ] -} -2017-07-09 20:42:45 ERROR Not authorized to update field "role" -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tmeasday", role: "editor", id: "596279254c57819cb42922d2", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "_id": "596279254c57819cb42922d2" - } - ] -} -2017-07-09 20:42:45 ERROR remove user failed for finalQuery: { - "_id": "583291a1638566b3c5a92ca1", - "$or": [ - { - "_id": "596279254c57819cb42922d2" - } - ] -} -2017-07-09 20:42:45 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tmeasday", role: "editor", id: "596279254c57819cb42922d2", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "596279254c57819cb42922d2", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "authorId": "596279254c57819cb42922d2" - } - ] -} -2017-07-09 20:42:45 inserted tweet 596279254c57819cb42922d3. -2017-07-09 20:42:45 pubsub tweetInserted readOne with user tmeasday is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tmeasday", role: "editor", id: "596279254c57819cb42922d2", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "authorId": "596279254c57819cb42922d2" - } - ] -} -2017-07-09 20:42:45 ERROR Not authorized to insert tweet -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tmeasday", role: "editor", id: "596279254c57819cb42922d2", -Operation: "", variables: "", -Query: -{ - tweet(id: "596279254c57819cb42922d3") { - author { - id - } - body - } -} - -2017-07-09 20:42:45 tweet readOne with user tmeasday is authorized -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "_id": "596279254c57819cb42922d2" - } - ] -} -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tmeasday", role: "editor", id: "596279254c57819cb42922d2", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 20:42:45 tweet readOne with user tmeasday is authorized -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "_id": "596279254c57819cb42922d2" - } - ] -} -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tmeasday", role: "editor", id: "596279254c57819cb42922d2", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "596279254c57819cb42922d3", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:42:45 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "authorId": "596279254c57819cb42922d2" - }, - { - "coauthorsIds": "596279254c57819cb42922d2" - } - ] -} -2017-07-09 20:42:45 updated tweet 596279254c57819cb42922d3. -2017-07-09 20:42:45 pubsub tweetUpdated readOne with user tmeasday is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tmeasday", role: "editor", id: "596279254c57819cb42922d2", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 20:42:45 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "authorId": "596279254c57819cb42922d2" - }, - { - "coauthorsIds": "596279254c57819cb42922d2" - } - ] -} -2017-07-09 20:42:45 ERROR update tweet failed finalQuery: { - "_id": "583676d3618530145474e352", - "$or": [ - { - "authorId": "596279254c57819cb42922d2" - }, - { - "coauthorsIds": "596279254c57819cb42922d2" - } - ] -} -2017-07-09 20:42:45 ERROR update tweet failed for docToUpdate: { - "$set": { - "body": "This is a modified test tweet", - "updatedAt": 1499625765847, - "updatedById": "596279254c57819cb42922d2" - } -} -2017-07-09 20:42:45 ERROR update tweet not possible for 583676d3618530145474e352. -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tmeasday", role: "editor", id: "596279254c57819cb42922d2", -Operation: "", variables: "", -Query: -{ - tweet(id: "596279254c57819cb42922d3") { - body - } -} - -2017-07-09 20:42:45 tweet readOne with user tmeasday is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tmeasday", role: "editor", id: "596279254c57819cb42922d2", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "596279254c57819cb42922d3") -} - -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "authorId": "596279254c57819cb42922d2" - } - ] -} -2017-07-09 20:42:45 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized -2017-07-09 20:42:45 removed tweet 596279254c57819cb42922d3. -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tmeasday", role: "editor", id: "596279254c57819cb42922d2", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "authorId": "596279254c57819cb42922d2" - } - ] -} -2017-07-09 20:42:45 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized -2017-07-09 20:42:45 ERROR remove tweet failed for finalQuery: { - "_id": "583676d3618530145474e352", - "$or": [ - { - "authorId": "596279254c57819cb42922d2" - } - ] -} -2017-07-09 20:42:45 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tmeasday", role: "editor", id: "596279254c57819cb42922d2", -Operation: "", variables: "", -Query: -{ - tweet(id: "596279254c57819cb42922d3") { - body - } -} - -2017-07-09 20:42:45 tweet readOne with user tmeasday is authorized -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "tmeasday", role: "editor", id: "596279254c57819cb42922d2", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "596279254c57819cb42922d2") -} - -2017-07-09 20:42:45 authQuery: { - "$or": [ - { - "_id": "596279254c57819cb42922d2" - } - ] -} -2017-07-09 20:42:45 removed user 596279254c57819cb42922d2. -2017-07-09 20:42:45 -------------------------------------------------------------------------------- -2017-07-09 20:42:45 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "596279254c57819cb42922d2") { - username - bio - role - } -} - -2017-07-09 20:42:45 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 20:46:10 Logger started -2017-07-09 21:06:09 -------------------------------------------------------------------------------- -2017-07-09 21:06:09 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - role - username - } -} - -2017-07-09 21:06:19 user readOne with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - role - username - } -} - -2017-07-09 21:06:19 user readOne with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca2") { - role - username - } -} - -2017-07-09 21:06:19 user readOne with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - id - username - bio - } -} - -2017-07-09 21:06:19 user readOne with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users { - username - createdAt - } -} - -2017-07-09 21:06:19 users readMany with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(limit: 1) { - username - createdAt - } -} - -2017-07-09 21:06:19 users readMany with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993) { - username - createdAt - } -} - -2017-07-09 21:06:19 users readMany with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } -} - -2017-07-09 21:06:19 users readMany with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers { - username - createdAt - } - } -} - -2017-07-09 21:06:19 user readOne with user stubailo is authorized -2017-07-09 21:06:19 followers readMany with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(limit: 1) { - username - createdAt - } - } -} - -2017-07-09 21:06:19 user readOne with user stubailo is authorized -2017-07-09 21:06:19 followers readMany with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-07-09 21:06:19 user readOne with user stubailo is authorized -2017-07-09 21:06:19 followers readMany with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-07-09 21:06:19 user readOne with user stubailo is authorized -2017-07-09 21:06:19 followers readMany with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following { - username - createdAt - } - } -} - -2017-07-09 21:06:19 user readOne with user stubailo is authorized -2017-07-09 21:06:19 following readMany with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(limit: 1) { - username - createdAt - } - } -} - -2017-07-09 21:06:19 user readOne with user stubailo is authorized -2017-07-09 21:06:19 following readMany with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-07-09 21:06:19 user readOne with user stubailo is authorized -2017-07-09 21:06:19 following readMany with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993, limit: 1) { + author { username - createdAt - } - } -} - -2017-07-09 21:06:19 user readOne with user stubailo is authorized -2017-07-09 21:06:19 following readMany with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets { - id - createdAt - } - } -} - -2017-07-09 21:06:19 user readOne with user stubailo is authorized -2017-07-09 21:06:19 tweets readMany with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(limit: 1) { - id - createdAt - } - } -} - -2017-07-09 21:06:19 user readOne with user stubailo is authorized -2017-07-09 21:06:19 tweets readMany with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } - } -} - -2017-07-09 21:06:19 user readOne with user stubailo is authorized -2017-07-09 21:06:19 tweets readMany with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } - } -} - -2017-07-09 21:06:19 user readOne with user stubailo is authorized -2017-07-09 21:06:19 tweets readMany with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked { - id - createdAt - } - } -} - -2017-07-09 21:06:19 user readOne with user stubailo is authorized -2017-07-09 21:06:19 liked readMany with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(limit: 1) { - id - createdAt - } - } -} - -2017-07-09 21:06:19 user readOne with user stubailo is authorized -2017-07-09 21:06:19 liked readMany with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334) { - id - createdAt - } - } -} - -2017-07-09 21:06:19 user readOne with user stubailo is authorized -2017-07-09 21:06:19 liked readMany with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334, limit: 1) { - id - createdAt } } } -2017-07-09 21:06:19 user readOne with user stubailo is authorized -2017-07-09 21:06:19 liked readMany with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -14844,22 +410,11 @@ Query: } } -2017-07-09 21:06:19 tweet readOne with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - author { - username - } - } -} - -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: +2017-07-09 21:12:33 tweet readOne with user stubailo is authorized +2017-07-09 21:12:33 tweet readOne with user stubailo is authorized +2017-07-09 21:12:33 author readOne with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -14870,11 +425,9 @@ Query: } } -2017-07-09 21:06:19 tweets readMany with user stubailo is authorized -2017-07-09 21:06:19 tweet readOne with user stubailo is authorized -2017-07-09 21:06:19 author readOne with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: +2017-07-09 21:12:33 tweets readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -14885,9 +438,9 @@ Query: } } -2017-07-09 21:06:19 tweets readMany with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: +2017-07-09 21:12:33 tweets readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -14898,9 +451,9 @@ Query: } } -2017-07-09 21:06:19 tweets readMany with user stubailo is authorized -2017-07-09 21:06:19 -------------------------------------------------------------------------------- -2017-07-09 21:06:19 Request: +2017-07-09 21:12:33 tweets readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -14911,9 +464,9 @@ Query: } } -2017-07-09 21:06:19 tweets readMany with user stubailo is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: +2017-07-09 21:12:33 tweets readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -14926,10 +479,10 @@ Query: } } -2017-07-09 21:06:20 tweet readOne with user stubailo is authorized -2017-07-09 21:06:20 likers readMany with user stubailo is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: +2017-07-09 21:12:33 tweet readOne with user stubailo is authorized +2017-07-09 21:12:33 likers readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -14942,10 +495,10 @@ Query: } } -2017-07-09 21:06:20 tweet readOne with user stubailo is authorized -2017-07-09 21:06:20 likers readMany with user stubailo is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: +2017-07-09 21:12:33 tweet readOne with user stubailo is authorized +2017-07-09 21:12:33 likers readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -14958,10 +511,10 @@ Query: } } -2017-07-09 21:06:20 tweet readOne with user stubailo is authorized -2017-07-09 21:06:20 likers readMany with user stubailo is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: +2017-07-09 21:12:33 tweet readOne with user stubailo is authorized +2017-07-09 21:12:33 likers readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -14974,10 +527,10 @@ Query: } } -2017-07-09 21:06:20 tweet readOne with user stubailo is authorized -2017-07-09 21:06:20 likers readMany with user stubailo is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: +2017-07-09 21:12:33 tweet readOne with user stubailo is authorized +2017-07-09 21:12:33 likers readMany with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -14988,12 +541,12 @@ mutation { } } -2017-07-09 21:06:20 insert user create with user stubailo is authorized -2017-07-09 21:06:20 inserted user 59627eac2157d09ddf9d728c. -2017-07-09 21:06:20 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +2017-07-09 21:12:33 insert user create with user stubailo is authorized +2017-07-09 21:12:33 inserted user 596280212157d09ddf9d7294. +2017-07-09 21:12:33 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: +User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", Operation: "", variables: "", Query: mutation { @@ -15002,165 +555,165 @@ mutation { } } -2017-07-09 21:06:20 insert user create with user tobkle is authorized -2017-07-09 21:06:20 inserted user 59627eac2157d09ddf9d728d. -2017-07-09 21:06:20 pubsub userInserted readOne with user tobkle is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +2017-07-09 21:12:33 insert user create with user tobkle is authorized +2017-07-09 21:12:33 inserted user 596280212157d09ddf9d7295. +2017-07-09 21:12:33 pubsub userInserted readOne with user tobkle is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: +User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", Operation: "", variables: "", Query: { - user(id: "59627eac2157d09ddf9d728d") { + user(id: "596280212157d09ddf9d7295") { username bio role } } -2017-07-09 21:06:20 user readOne with user tobkle is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +2017-07-09 21:12:33 user readOne with user tobkle is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: +User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", Operation: "", variables: "", Query: { - user(id: "59627eac2157d09ddf9d728c") { + user(id: "596280212157d09ddf9d7294") { username role } } -2017-07-09 21:06:20 user readOne with user tobkle is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +2017-07-09 21:12:33 user readOne with user tobkle is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: +User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", Operation: "", variables: "", Query: mutation { - updateUser(id: "59627eac2157d09ddf9d728d", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + updateUser(id: "596280212157d09ddf9d7295", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { username bio role } } -2017-07-09 21:06:20 update user update with user tobkle is authorized -2017-07-09 21:06:20 updated user 59627eac2157d09ddf9d728d. -2017-07-09 21:06:20 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +2017-07-09 21:12:33 update user update with user tobkle is authorized +2017-07-09 21:12:33 updated user 596280212157d09ddf9d7295. +2017-07-09 21:12:33 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: +User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", Operation: "", variables: "", Query: mutation { - updateUser(id: "59627eac2157d09ddf9d728c", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + updateUser(id: "596280212157d09ddf9d7294", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { username bio role } } -2017-07-09 21:06:20 update user update with user tobkle is authorized -2017-07-09 21:06:20 updated user 59627eac2157d09ddf9d728c. -2017-07-09 21:06:20 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +2017-07-09 21:12:33 update user update with user tobkle is authorized +2017-07-09 21:12:33 updated user 596280212157d09ddf9d7294. +2017-07-09 21:12:33 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: +User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", Operation: "", variables: "", Query: mutation { - updateUser(id: "59627eac2157d09ddf9d728d", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + updateUser(id: "596280212157d09ddf9d7295", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { username bio role } } -2017-07-09 21:06:20 update user update with user tobkle is authorized -2017-07-09 21:06:20 updated user 59627eac2157d09ddf9d728d. -2017-07-09 21:06:20 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +2017-07-09 21:12:33 update user update with user tobkle is authorized +2017-07-09 21:12:33 updated user 596280212157d09ddf9d7295. +2017-07-09 21:12:33 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: +User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", Operation: "", variables: "", Query: mutation { - updateUser(id: "59627eac2157d09ddf9d728c", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + updateUser(id: "596280212157d09ddf9d7294", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { username bio role } } -2017-07-09 21:06:20 update user update with user tobkle is authorized -2017-07-09 21:06:20 updated user 59627eac2157d09ddf9d728c. -2017-07-09 21:06:20 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "editor", id: "59627eac2157d09ddf9d728c", +2017-07-09 21:12:33 update user update with user tobkle is authorized +2017-07-09 21:12:33 updated user 596280212157d09ddf9d7294. +2017-07-09 21:12:33 pubsub userUpdated readOne with user tobkle is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: +User: "tobkle", role: "editor", id: "596280212157d09ddf9d7294", Operation: "", variables: "", Query: mutation { - updateUser(id: "59627eac2157d09ddf9d728c", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + updateUser(id: "596280212157d09ddf9d7294", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { username bio role } } -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:33 authQuery: { "$or": [ { - "_id": "59627eac2157d09ddf9d728c" + "_id": "596280212157d09ddf9d7294" } ] } -2017-07-09 21:06:20 ERROR Not authorized to update field "role" -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "zoltan", role: "admin", id: "59627eac2157d09ddf9d728d", +2017-07-09 21:12:33 ERROR Not authorized to update field "role" +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: +User: "zoltan", role: "admin", id: "596280212157d09ddf9d7295", Operation: "", variables: "", Query: mutation { - updateUser(id: "59627eac2157d09ddf9d728c", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + updateUser(id: "596280212157d09ddf9d7294", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { username bio role } } -2017-07-09 21:06:20 update user update with user zoltan is authorized -2017-07-09 21:06:20 updated user 59627eac2157d09ddf9d728c. -2017-07-09 21:06:20 pubsub userUpdated readOne with user zoltan is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +2017-07-09 21:12:33 update user update with user zoltan is authorized +2017-07-09 21:12:33 updated user 596280212157d09ddf9d7294. +2017-07-09 21:12:33 pubsub userUpdated readOne with user zoltan is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: +User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", Operation: "", variables: "", Query: mutation { - removeUser(id: "59627eac2157d09ddf9d728d") + removeUser(id: "596280212157d09ddf9d7295") } -2017-07-09 21:06:20 removeUser delete with user tobkle is authorized -2017-07-09 21:06:20 removed user 59627eac2157d09ddf9d728d. -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +2017-07-09 21:12:33 removeUser delete with user tobkle is authorized +2017-07-09 21:12:33 removed user 596280212157d09ddf9d7295. +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: +User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", Operation: "", variables: "", Query: mutation { - createTweet(input: {authorId: "59627eac2157d09ddf9d728c", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + createTweet(input: {authorId: "596280212157d09ddf9d7294", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { id } } -2017-07-09 21:06:20 insert tweet create with user tobkle is authorized -2017-07-09 21:06:20 inserted tweet 59627eac2157d09ddf9d728e. -2017-07-09 21:06:20 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +2017-07-09 21:12:33 insert tweet create with user tobkle is authorized +2017-07-09 21:12:33 inserted tweet 596280212157d09ddf9d7296. +2017-07-09 21:12:33 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: +User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", Operation: "", variables: "", Query: mutation { @@ -15169,14 +722,14 @@ mutation { } } -2017-07-09 21:06:20 insert tweet create with user tobkle is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +2017-07-09 21:12:33 insert tweet create with user tobkle is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: +User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", Operation: "", variables: "", Query: { - tweet(id: "59627eac2157d09ddf9d728e") { + tweet(id: "596280212157d09ddf9d7296") { author { id } @@ -15184,13 +737,13 @@ Query: } } -2017-07-09 21:06:20 tweet readOne with user tobkle is authorized -2017-07-09 21:06:20 inserted tweet 59627eac2157d09ddf9d728f. -2017-07-09 21:06:20 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 21:06:20 author readOne with user tobkle is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +2017-07-09 21:12:33 tweet readOne with user tobkle is authorized +2017-07-09 21:12:33 inserted tweet 596280212157d09ddf9d7297. +2017-07-09 21:12:33 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 21:12:33 author readOne with user tobkle is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: +User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", Operation: "", variables: "", Query: { @@ -15202,113 +755,113 @@ Query: } } -2017-07-09 21:06:20 tweet readOne with user tobkle is authorized -2017-07-09 21:06:20 author readOne with user tobkle is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +2017-07-09 21:12:33 tweet readOne with user tobkle is authorized +2017-07-09 21:12:33 author readOne with user tobkle is authorized +2017-07-09 21:12:33 -------------------------------------------------------------------------------- +2017-07-09 21:12:33 Request: +User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", Operation: "", variables: "", Query: mutation { - updateTweet(id: "59627eac2157d09ddf9d728e", input: {body: "This is a modified test tweet"}) { + updateTweet(id: "596280212157d09ddf9d7296", input: {body: "This is a modified test tweet"}) { body } } -2017-07-09 21:06:20 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 21:06:20 update tweet update with user tobkle is authorized -2017-07-09 21:06:20 updated tweet 59627eac2157d09ddf9d728e. -2017-07-09 21:06:20 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +2017-07-09 21:12:33 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 21:12:33 update tweet update with user tobkle is authorized +2017-07-09 21:12:33 updated tweet 596280212157d09ddf9d7296. +2017-07-09 21:12:33 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", Operation: "", variables: "", Query: mutation { - updateTweet(id: "59627eac2157d09ddf9d728f", input: {body: "This is a modified test tweet"}) { + updateTweet(id: "596280212157d09ddf9d7297", input: {body: "This is a modified test tweet"}) { body } } -2017-07-09 21:06:20 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 21:06:20 update tweet update with user tobkle is authorized -2017-07-09 21:06:20 updated tweet 59627eac2157d09ddf9d728f. -2017-07-09 21:06:20 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +2017-07-09 21:12:34 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 21:12:34 update tweet update with user tobkle is authorized +2017-07-09 21:12:34 updated tweet 596280212157d09ddf9d7297. +2017-07-09 21:12:34 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", Operation: "", variables: "", Query: { - tweet(id: "59627eac2157d09ddf9d728e") { + tweet(id: "596280212157d09ddf9d7296") { body } } -2017-07-09 21:06:20 tweet readOne with user tobkle is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +2017-07-09 21:12:34 tweet readOne with user tobkle is authorized +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", Operation: "", variables: "", Query: mutation { - removeTweet(id: "59627eac2157d09ddf9d728e") + removeTweet(id: "596280212157d09ddf9d7296") } -2017-07-09 21:06:20 removeTweet delete with user tobkle is authorized -2017-07-09 21:06:20 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 21:06:20 removed tweet 59627eac2157d09ddf9d728e. -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +2017-07-09 21:12:34 removeTweet delete with user tobkle is authorized +2017-07-09 21:12:34 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 21:12:34 removed tweet 596280212157d09ddf9d7296. +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", Operation: "", variables: "", Query: mutation { - removeTweet(id: "59627eac2157d09ddf9d728f") + removeTweet(id: "596280212157d09ddf9d7297") } -2017-07-09 21:06:20 removeTweet delete with user tobkle is authorized -2017-07-09 21:06:20 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 21:06:20 removed tweet 59627eac2157d09ddf9d728f. -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +2017-07-09 21:12:34 removeTweet delete with user tobkle is authorized +2017-07-09 21:12:34 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 21:12:34 removed tweet 596280212157d09ddf9d7297. +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", Operation: "", variables: "", Query: { - tweet(id: "59627eac2157d09ddf9d728e") { + tweet(id: "596280212157d09ddf9d7296") { body } } -2017-07-09 21:06:20 tweet readOne with user tobkle is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "admin", id: "59627eac2157d09ddf9d728c", +2017-07-09 21:12:34 tweet readOne with user tobkle is authorized +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", Operation: "", variables: "", Query: mutation { - removeUser(id: "59627eac2157d09ddf9d728c") + removeUser(id: "596280212157d09ddf9d7294") } -2017-07-09 21:06:20 removeUser delete with user tobkle is authorized -2017-07-09 21:06:20 removed user 59627eac2157d09ddf9d728c. -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: +2017-07-09 21:12:34 removeUser delete with user tobkle is authorized +2017-07-09 21:12:34 removed user 596280212157d09ddf9d7294. +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: { - user(id: "59627eac2157d09ddf9d728c") { + user(id: "596280212157d09ddf9d7294") { username bio role } } -2017-07-09 21:06:20 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: +2017-07-09 21:12:34 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -15318,9 +871,9 @@ mutation { } } -2017-07-09 21:06:20 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: +2017-07-09 21:12:34 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -15332,9 +885,9 @@ Query: } } -2017-07-09 21:06:20 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: +2017-07-09 21:12:34 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -15346,9 +899,9 @@ mutation { } } -2017-07-09 21:06:20 ERROR Authorization: Not authorized to update in update user. -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: +2017-07-09 21:12:34 ERROR Authorization: Not authorized to update in update user. +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -15356,9 +909,9 @@ mutation { removeUser(id: "583291a1638566b3c5a92ca1") } -2017-07-09 21:06:20 ERROR Authorization: Not authorized to delete in removeUser. -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: +2017-07-09 21:12:34 ERROR Authorization: Not authorized to delete in removeUser. +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -15368,8 +921,8 @@ mutation { } } -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -15379,9 +932,9 @@ mutation { } } -2017-07-09 21:06:20 ERROR Authorization: Not authorized to create in insert tweet. -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: +2017-07-09 21:12:34 ERROR Authorization: Not authorized to create in insert tweet. +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -15394,10 +947,10 @@ Query: } } -2017-07-09 21:06:20 tweet readOne with user is authorized -2017-07-09 21:06:20 ERROR Authorization: Not authorized to readOne in author. -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: +2017-07-09 21:12:34 tweet readOne with user is authorized +2017-07-09 21:12:34 ERROR Authorization: Not authorized to readOne in author. +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -15407,10 +960,10 @@ mutation { } } -2017-07-09 21:06:20 tweet getOneById in updateById for docBefore readOne with user is authorized -2017-07-09 21:06:20 ERROR Authorization: Not authorized to update in update tweet. -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: +2017-07-09 21:12:34 tweet getOneById in updateById for docBefore readOne with user is authorized +2017-07-09 21:12:34 ERROR Authorization: Not authorized to update in update tweet. +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -15420,10 +973,10 @@ mutation { } } -2017-07-09 21:06:20 tweet getOneById in updateById for docBefore readOne with user is authorized -2017-07-09 21:06:20 ERROR Authorization: Not authorized to update in update tweet. -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: +2017-07-09 21:12:34 tweet getOneById in updateById for docBefore readOne with user is authorized +2017-07-09 21:12:34 ERROR Authorization: Not authorized to update in update tweet. +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -15431,10 +984,10 @@ mutation { removeTweet(id: "583676d3618530145474e352") } -2017-07-09 21:06:20 ERROR Authorization: Not authorized to delete in removeTweet. -2017-07-09 21:06:20 tweet getOneById in removeById for docBefore readOne with user is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: +2017-07-09 21:12:34 ERROR Authorization: Not authorized to delete in removeTweet. +2017-07-09 21:12:34 tweet getOneById in removeById for docBefore readOne with user is authorized +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -15445,12 +998,12 @@ mutation { } } -2017-07-09 21:06:20 insert user create with user stubailo is authorized -2017-07-09 21:06:20 inserted user 59627eac2157d09ddf9d7290. -2017-07-09 21:06:20 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +2017-07-09 21:12:34 insert user create with user stubailo is authorized +2017-07-09 21:12:34 inserted user 596280222157d09ddf9d7298. +2017-07-09 21:12:34 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", Operation: "", variables: "", Query: mutation { @@ -15459,13 +1012,13 @@ mutation { } } -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 authQuery: { "$or": [] } -2017-07-09 21:06:20 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +2017-07-09 21:12:34 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", Operation: "", variables: "", Query: { @@ -15476,53 +1029,53 @@ Query: } } -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 authQuery: { "$or": [ { - "_id": "59627eac2157d09ddf9d7290" + "_id": "596280222157d09ddf9d7298" } ] } -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", Operation: "", variables: "", Query: { - user(id: "59627eac2157d09ddf9d7290") { + user(id: "596280222157d09ddf9d7298") { username } } -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 authQuery: { "$or": [ { - "_id": "59627eac2157d09ddf9d7290" + "_id": "596280222157d09ddf9d7298" } ] } -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", Operation: "", variables: "", Query: { - user(id: "59627eac2157d09ddf9d7290") { + user(id: "596280222157d09ddf9d7298") { username role } } -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 authQuery: { "$or": [ { - "_id": "59627eac2157d09ddf9d7290" + "_id": "596280222157d09ddf9d7298" } ] } -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", Operation: "", variables: "", Query: mutation { @@ -15533,110 +1086,110 @@ mutation { } } -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 authQuery: { "$or": [ { - "_id": "59627eac2157d09ddf9d7290" + "_id": "596280222157d09ddf9d7298" } ] } -2017-07-09 21:06:20 ERROR Not authorized to update field "role" -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +2017-07-09 21:12:34 ERROR Not authorized to update field "role" +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", Operation: "", variables: "", Query: mutation { - updateUser(id: "59627eac2157d09ddf9d7290", input: {username: "tobkle", bio: "Maker of things, I guess"}) { + updateUser(id: "596280222157d09ddf9d7298", input: {username: "tobkle", bio: "Maker of things, I guess"}) { username bio } } -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 authQuery: { "$or": [ { - "_id": "59627eac2157d09ddf9d7290" + "_id": "596280222157d09ddf9d7298" } ] } -2017-07-09 21:06:20 updated user 59627eac2157d09ddf9d7290. -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 updated user 596280222157d09ddf9d7298. +2017-07-09 21:12:34 authQuery: { "$or": [ { - "_id": "59627eac2157d09ddf9d7290" + "_id": "596280222157d09ddf9d7298" } ] } -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", Operation: "", variables: "", Query: mutation { - updateUser(id: "59627eac2157d09ddf9d7290", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + updateUser(id: "596280222157d09ddf9d7298", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { username bio role } } -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 authQuery: { "$or": [ { - "_id": "59627eac2157d09ddf9d7290" + "_id": "596280222157d09ddf9d7298" } ] } -2017-07-09 21:06:20 ERROR Not authorized to update field "role" -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +2017-07-09 21:12:34 ERROR Not authorized to update field "role" +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", Operation: "", variables: "", Query: mutation { removeUser(id: "583291a1638566b3c5a92ca1") } -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 authQuery: { "$or": [ { - "_id": "59627eac2157d09ddf9d7290" + "_id": "596280222157d09ddf9d7298" } ] } -2017-07-09 21:06:20 ERROR remove user failed for finalQuery: { +2017-07-09 21:12:34 ERROR remove user failed for finalQuery: { "_id": "583291a1638566b3c5a92ca1", "$or": [ { - "_id": "59627eac2157d09ddf9d7290" + "_id": "596280222157d09ddf9d7298" } ] } -2017-07-09 21:06:20 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +2017-07-09 21:12:34 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", Operation: "", variables: "", Query: mutation { - createTweet(input: {authorId: "59627eac2157d09ddf9d7290", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + createTweet(input: {authorId: "596280222157d09ddf9d7298", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { id } } -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 authQuery: { "$or": [ { - "authorId": "59627eac2157d09ddf9d7290" + "authorId": "596280222157d09ddf9d7298" } ] } -2017-07-09 21:06:20 inserted tweet 59627eac2157d09ddf9d7291. -2017-07-09 21:06:20 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +2017-07-09 21:12:34 inserted tweet 596280222157d09ddf9d7299. +2017-07-09 21:12:34 pubsub tweetInserted readOne with user tobkle is authorized +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", Operation: "", variables: "", Query: mutation { @@ -15645,21 +1198,21 @@ mutation { } } -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 authQuery: { "$or": [ { - "authorId": "59627eac2157d09ddf9d7290" + "authorId": "596280222157d09ddf9d7298" } ] } -2017-07-09 21:06:20 ERROR Not authorized to insert tweet -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +2017-07-09 21:12:34 ERROR Not authorized to insert tweet +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", Operation: "", variables: "", Query: { - tweet(id: "59627eac2157d09ddf9d7291") { + tweet(id: "596280222157d09ddf9d7299") { author { id } @@ -15667,17 +1220,17 @@ Query: } } -2017-07-09 21:06:20 tweet readOne with user tobkle is authorized -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 tweet readOne with user tobkle is authorized +2017-07-09 21:12:34 authQuery: { "$or": [ { - "_id": "59627eac2157d09ddf9d7290" + "_id": "596280222157d09ddf9d7298" } ] } -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", Operation: "", variables: "", Query: { @@ -15689,41 +1242,41 @@ Query: } } -2017-07-09 21:06:20 tweet readOne with user tobkle is authorized -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 tweet readOne with user tobkle is authorized +2017-07-09 21:12:34 authQuery: { "$or": [ { - "_id": "59627eac2157d09ddf9d7290" + "_id": "596280222157d09ddf9d7298" } ] } -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", Operation: "", variables: "", Query: mutation { - updateTweet(id: "59627eac2157d09ddf9d7291", input: {body: "This is a modified test tweet"}) { + updateTweet(id: "596280222157d09ddf9d7299", input: {body: "This is a modified test tweet"}) { body } } -2017-07-09 21:06:20 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 21:12:34 authQuery: { "$or": [ { - "authorId": "59627eac2157d09ddf9d7290" + "authorId": "596280222157d09ddf9d7298" }, { - "coauthorsIds": "59627eac2157d09ddf9d7290" + "coauthorsIds": "596280222157d09ddf9d7298" } ] } -2017-07-09 21:06:20 updated tweet 59627eac2157d09ddf9d7291. -2017-07-09 21:06:20 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +2017-07-09 21:12:34 updated tweet 596280222157d09ddf9d7299. +2017-07-09 21:12:34 pubsub tweetUpdated readOne with user tobkle is authorized +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", Operation: "", variables: "", Query: mutation { @@ -15732,137 +1285,137 @@ mutation { } } -2017-07-09 21:06:20 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized +2017-07-09 21:12:34 authQuery: { "$or": [ { - "authorId": "59627eac2157d09ddf9d7290" + "authorId": "596280222157d09ddf9d7298" }, { - "coauthorsIds": "59627eac2157d09ddf9d7290" + "coauthorsIds": "596280222157d09ddf9d7298" } ] } -2017-07-09 21:06:20 ERROR update tweet failed finalQuery: { +2017-07-09 21:12:34 ERROR update tweet failed finalQuery: { "_id": "583676d3618530145474e352", "$or": [ { - "authorId": "59627eac2157d09ddf9d7290" + "authorId": "596280222157d09ddf9d7298" }, { - "coauthorsIds": "59627eac2157d09ddf9d7290" + "coauthorsIds": "596280222157d09ddf9d7298" } ] } -2017-07-09 21:06:20 ERROR update tweet failed for docToUpdate: { +2017-07-09 21:12:34 ERROR update tweet failed for docToUpdate: { "$set": { "body": "This is a modified test tweet", - "updatedAt": 1499627180595, - "updatedById": "59627eac2157d09ddf9d7290" + "updatedAt": 1499627554277, + "updatedById": "596280222157d09ddf9d7298" } } -2017-07-09 21:06:20 ERROR update tweet not possible for 583676d3618530145474e352. -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +2017-07-09 21:12:34 ERROR update tweet not possible for 583676d3618530145474e352. +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", Operation: "", variables: "", Query: { - tweet(id: "59627eac2157d09ddf9d7291") { + tweet(id: "596280222157d09ddf9d7299") { body } } -2017-07-09 21:06:20 tweet readOne with user tobkle is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +2017-07-09 21:12:34 tweet readOne with user tobkle is authorized +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", Operation: "", variables: "", Query: mutation { - removeTweet(id: "59627eac2157d09ddf9d7291") + removeTweet(id: "596280222157d09ddf9d7299") } -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 authQuery: { "$or": [ { - "authorId": "59627eac2157d09ddf9d7290" + "authorId": "596280222157d09ddf9d7298" } ] } -2017-07-09 21:06:20 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 21:06:20 removed tweet 59627eac2157d09ddf9d7291. -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +2017-07-09 21:12:34 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 21:12:34 removed tweet 596280222157d09ddf9d7299. +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", Operation: "", variables: "", Query: mutation { removeTweet(id: "583676d3618530145474e352") } -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 authQuery: { "$or": [ { - "authorId": "59627eac2157d09ddf9d7290" + "authorId": "596280222157d09ddf9d7298" } ] } -2017-07-09 21:06:20 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 21:06:20 ERROR remove tweet failed for finalQuery: { +2017-07-09 21:12:34 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized +2017-07-09 21:12:34 ERROR remove tweet failed for finalQuery: { "_id": "583676d3618530145474e352", "$or": [ { - "authorId": "59627eac2157d09ddf9d7290" + "authorId": "596280222157d09ddf9d7298" } ] } -2017-07-09 21:06:20 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +2017-07-09 21:12:34 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", Operation: "", variables: "", Query: { - tweet(id: "59627eac2157d09ddf9d7291") { + tweet(id: "596280222157d09ddf9d7299") { body } } -2017-07-09 21:06:20 tweet readOne with user tobkle is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "user", id: "59627eac2157d09ddf9d7290", +2017-07-09 21:12:34 tweet readOne with user tobkle is authorized +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", Operation: "", variables: "", Query: mutation { - removeUser(id: "59627eac2157d09ddf9d7290") + removeUser(id: "596280222157d09ddf9d7298") } -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 authQuery: { "$or": [ { - "_id": "59627eac2157d09ddf9d7290" + "_id": "596280222157d09ddf9d7298" } ] } -2017-07-09 21:06:20 removed user 59627eac2157d09ddf9d7290. -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: +2017-07-09 21:12:34 removed user 596280222157d09ddf9d7298. +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: { - user(id: "59627eac2157d09ddf9d7290") { + user(id: "596280222157d09ddf9d7298") { username bio role } } -2017-07-09 21:06:20 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: +2017-07-09 21:12:34 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -15873,12 +1426,12 @@ mutation { } } -2017-07-09 21:06:20 insert user create with user stubailo is authorized -2017-07-09 21:06:20 inserted user 59627eac2157d09ddf9d7292. -2017-07-09 21:06:20 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "editor", id: "59627eac2157d09ddf9d7292", +2017-07-09 21:12:34 insert user create with user stubailo is authorized +2017-07-09 21:12:34 inserted user 596280222157d09ddf9d729a. +2017-07-09 21:12:34 pubsub userInserted readOne with user stubailo is authorized +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "editor", id: "596280222157d09ddf9d729a", Operation: "", variables: "", Query: mutation { @@ -15887,13 +1440,13 @@ mutation { } } -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 authQuery: { "$or": [] } -2017-07-09 21:06:20 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "editor", id: "59627eac2157d09ddf9d7292", +2017-07-09 21:12:34 ERROR Authorization: Not authorized to create in insert user. +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "editor", id: "596280222157d09ddf9d729a", Operation: "", variables: "", Query: { @@ -15904,35 +1457,35 @@ Query: } } -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 authQuery: { "$or": [ { - "_id": "59627eac2157d09ddf9d7292" + "_id": "596280222157d09ddf9d729a" } ] } -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "editor", id: "59627eac2157d09ddf9d7292", +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "editor", id: "596280222157d09ddf9d729a", Operation: "", variables: "", Query: { - user(id: "59627eac2157d09ddf9d7292") { + user(id: "596280222157d09ddf9d729a") { username role } } -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 authQuery: { "$or": [ { - "_id": "59627eac2157d09ddf9d7292" + "_id": "596280222157d09ddf9d729a" } ] } -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "editor", id: "59627eac2157d09ddf9d7292", +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "editor", id: "596280222157d09ddf9d729a", Operation: "", variables: "", Query: mutation { @@ -15943,110 +1496,110 @@ mutation { } } -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 authQuery: { "$or": [ { - "_id": "59627eac2157d09ddf9d7292" + "_id": "596280222157d09ddf9d729a" } ] } -2017-07-09 21:06:20 ERROR Not authorized to update field "role" -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tobkle", role: "editor", id: "59627eac2157d09ddf9d7292", +2017-07-09 21:12:34 ERROR Not authorized to update field "role" +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tobkle", role: "editor", id: "596280222157d09ddf9d729a", Operation: "", variables: "", Query: mutation { - updateUser(id: "59627eac2157d09ddf9d7292", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { + updateUser(id: "596280222157d09ddf9d729a", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { username bio } } -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 authQuery: { "$or": [ { - "_id": "59627eac2157d09ddf9d7292" + "_id": "596280222157d09ddf9d729a" } ] } -2017-07-09 21:06:20 updated user 59627eac2157d09ddf9d7292. -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 updated user 596280222157d09ddf9d729a. +2017-07-09 21:12:34 authQuery: { "$or": [ { - "_id": "59627eac2157d09ddf9d7292" + "_id": "596280222157d09ddf9d729a" } ] } -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tmeasday", role: "editor", id: "59627eac2157d09ddf9d7292", +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tmeasday", role: "editor", id: "596280222157d09ddf9d729a", Operation: "", variables: "", Query: mutation { - updateUser(id: "59627eac2157d09ddf9d7292", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { + updateUser(id: "596280222157d09ddf9d729a", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { username bio role } } -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 authQuery: { "$or": [ { - "_id": "59627eac2157d09ddf9d7292" + "_id": "596280222157d09ddf9d729a" } ] } -2017-07-09 21:06:20 ERROR Not authorized to update field "role" -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tmeasday", role: "editor", id: "59627eac2157d09ddf9d7292", +2017-07-09 21:12:34 ERROR Not authorized to update field "role" +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tmeasday", role: "editor", id: "596280222157d09ddf9d729a", Operation: "", variables: "", Query: mutation { removeUser(id: "583291a1638566b3c5a92ca1") } -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 authQuery: { "$or": [ { - "_id": "59627eac2157d09ddf9d7292" + "_id": "596280222157d09ddf9d729a" } ] } -2017-07-09 21:06:20 ERROR remove user failed for finalQuery: { +2017-07-09 21:12:34 ERROR remove user failed for finalQuery: { "_id": "583291a1638566b3c5a92ca1", "$or": [ { - "_id": "59627eac2157d09ddf9d7292" + "_id": "596280222157d09ddf9d729a" } ] } -2017-07-09 21:06:20 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tmeasday", role: "editor", id: "59627eac2157d09ddf9d7292", +2017-07-09 21:12:34 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tmeasday", role: "editor", id: "596280222157d09ddf9d729a", Operation: "", variables: "", Query: mutation { - createTweet(input: {authorId: "59627eac2157d09ddf9d7292", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + createTweet(input: {authorId: "596280222157d09ddf9d729a", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { id } } -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 authQuery: { "$or": [ { - "authorId": "59627eac2157d09ddf9d7292" + "authorId": "596280222157d09ddf9d729a" } ] } -2017-07-09 21:06:20 inserted tweet 59627eac2157d09ddf9d7293. -2017-07-09 21:06:20 pubsub tweetInserted readOne with user tmeasday is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tmeasday", role: "editor", id: "59627eac2157d09ddf9d7292", +2017-07-09 21:12:34 inserted tweet 596280222157d09ddf9d729b. +2017-07-09 21:12:34 pubsub tweetInserted readOne with user tmeasday is authorized +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tmeasday", role: "editor", id: "596280222157d09ddf9d729a", Operation: "", variables: "", Query: mutation { @@ -16055,21 +1608,21 @@ mutation { } } -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 authQuery: { "$or": [ { - "authorId": "59627eac2157d09ddf9d7292" + "authorId": "596280222157d09ddf9d729a" } ] } -2017-07-09 21:06:20 ERROR Not authorized to insert tweet -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tmeasday", role: "editor", id: "59627eac2157d09ddf9d7292", +2017-07-09 21:12:34 ERROR Not authorized to insert tweet +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tmeasday", role: "editor", id: "596280222157d09ddf9d729a", Operation: "", variables: "", Query: { - tweet(id: "59627eac2157d09ddf9d7293") { + tweet(id: "596280222157d09ddf9d729b") { author { id } @@ -16077,17 +1630,17 @@ Query: } } -2017-07-09 21:06:20 tweet readOne with user tmeasday is authorized -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 tweet readOne with user tmeasday is authorized +2017-07-09 21:12:34 authQuery: { "$or": [ { - "_id": "59627eac2157d09ddf9d7292" + "_id": "596280222157d09ddf9d729a" } ] } -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tmeasday", role: "editor", id: "59627eac2157d09ddf9d7292", +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tmeasday", role: "editor", id: "596280222157d09ddf9d729a", Operation: "", variables: "", Query: { @@ -16099,41 +1652,41 @@ Query: } } -2017-07-09 21:06:20 tweet readOne with user tmeasday is authorized -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 tweet readOne with user tmeasday is authorized +2017-07-09 21:12:34 authQuery: { "$or": [ { - "_id": "59627eac2157d09ddf9d7292" + "_id": "596280222157d09ddf9d729a" } ] } -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tmeasday", role: "editor", id: "59627eac2157d09ddf9d7292", +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tmeasday", role: "editor", id: "596280222157d09ddf9d729a", Operation: "", variables: "", Query: mutation { - updateTweet(id: "59627eac2157d09ddf9d7293", input: {body: "This is a modified test tweet"}) { + updateTweet(id: "596280222157d09ddf9d729b", input: {body: "This is a modified test tweet"}) { body } } -2017-07-09 21:06:20 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized +2017-07-09 21:12:34 authQuery: { "$or": [ { - "authorId": "59627eac2157d09ddf9d7292" + "authorId": "596280222157d09ddf9d729a" }, { - "coauthorsIds": "59627eac2157d09ddf9d7292" + "coauthorsIds": "596280222157d09ddf9d729a" } ] } -2017-07-09 21:06:20 updated tweet 59627eac2157d09ddf9d7293. -2017-07-09 21:06:20 pubsub tweetUpdated readOne with user tmeasday is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tmeasday", role: "editor", id: "59627eac2157d09ddf9d7292", +2017-07-09 21:12:34 updated tweet 596280222157d09ddf9d729b. +2017-07-09 21:12:34 pubsub tweetUpdated readOne with user tmeasday is authorized +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tmeasday", role: "editor", id: "596280222157d09ddf9d729a", Operation: "", variables: "", Query: mutation { @@ -16142,132 +1695,132 @@ mutation { } } -2017-07-09 21:06:20 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized +2017-07-09 21:12:34 authQuery: { "$or": [ { - "authorId": "59627eac2157d09ddf9d7292" + "authorId": "596280222157d09ddf9d729a" }, { - "coauthorsIds": "59627eac2157d09ddf9d7292" + "coauthorsIds": "596280222157d09ddf9d729a" } ] } -2017-07-09 21:06:20 ERROR update tweet failed finalQuery: { +2017-07-09 21:12:34 ERROR update tweet failed finalQuery: { "_id": "583676d3618530145474e352", "$or": [ { - "authorId": "59627eac2157d09ddf9d7292" + "authorId": "596280222157d09ddf9d729a" }, { - "coauthorsIds": "59627eac2157d09ddf9d7292" + "coauthorsIds": "596280222157d09ddf9d729a" } ] } -2017-07-09 21:06:20 ERROR update tweet failed for docToUpdate: { +2017-07-09 21:12:34 ERROR update tweet failed for docToUpdate: { "$set": { "body": "This is a modified test tweet", - "updatedAt": 1499627180803, - "updatedById": "59627eac2157d09ddf9d7292" + "updatedAt": 1499627554467, + "updatedById": "596280222157d09ddf9d729a" } } -2017-07-09 21:06:20 ERROR update tweet not possible for 583676d3618530145474e352. -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tmeasday", role: "editor", id: "59627eac2157d09ddf9d7292", +2017-07-09 21:12:34 ERROR update tweet not possible for 583676d3618530145474e352. +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tmeasday", role: "editor", id: "596280222157d09ddf9d729a", Operation: "", variables: "", Query: { - tweet(id: "59627eac2157d09ddf9d7293") { + tweet(id: "596280222157d09ddf9d729b") { body } } -2017-07-09 21:06:20 tweet readOne with user tmeasday is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tmeasday", role: "editor", id: "59627eac2157d09ddf9d7292", +2017-07-09 21:12:34 tweet readOne with user tmeasday is authorized +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tmeasday", role: "editor", id: "596280222157d09ddf9d729a", Operation: "", variables: "", Query: mutation { - removeTweet(id: "59627eac2157d09ddf9d7293") + removeTweet(id: "596280222157d09ddf9d729b") } -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 authQuery: { "$or": [ { - "authorId": "59627eac2157d09ddf9d7292" + "authorId": "596280222157d09ddf9d729a" } ] } -2017-07-09 21:06:20 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized -2017-07-09 21:06:20 removed tweet 59627eac2157d09ddf9d7293. -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tmeasday", role: "editor", id: "59627eac2157d09ddf9d7292", +2017-07-09 21:12:34 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized +2017-07-09 21:12:34 removed tweet 596280222157d09ddf9d729b. +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tmeasday", role: "editor", id: "596280222157d09ddf9d729a", Operation: "", variables: "", Query: mutation { removeTweet(id: "583676d3618530145474e352") } -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 authQuery: { "$or": [ { - "authorId": "59627eac2157d09ddf9d7292" + "authorId": "596280222157d09ddf9d729a" } ] } -2017-07-09 21:06:20 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized -2017-07-09 21:06:20 ERROR remove tweet failed for finalQuery: { +2017-07-09 21:12:34 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized +2017-07-09 21:12:34 ERROR remove tweet failed for finalQuery: { "_id": "583676d3618530145474e352", "$or": [ { - "authorId": "59627eac2157d09ddf9d7292" + "authorId": "596280222157d09ddf9d729a" } ] } -2017-07-09 21:06:20 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tmeasday", role: "editor", id: "59627eac2157d09ddf9d7292", +2017-07-09 21:12:34 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tmeasday", role: "editor", id: "596280222157d09ddf9d729a", Operation: "", variables: "", Query: { - tweet(id: "59627eac2157d09ddf9d7293") { + tweet(id: "596280222157d09ddf9d729b") { body } } -2017-07-09 21:06:20 tweet readOne with user tmeasday is authorized -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: -User: "tmeasday", role: "editor", id: "59627eac2157d09ddf9d7292", +2017-07-09 21:12:34 tweet readOne with user tmeasday is authorized +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: +User: "tmeasday", role: "editor", id: "596280222157d09ddf9d729a", Operation: "", variables: "", Query: mutation { - removeUser(id: "59627eac2157d09ddf9d7292") + removeUser(id: "596280222157d09ddf9d729a") } -2017-07-09 21:06:20 authQuery: { +2017-07-09 21:12:34 authQuery: { "$or": [ { - "_id": "59627eac2157d09ddf9d7292" + "_id": "596280222157d09ddf9d729a" } ] } -2017-07-09 21:06:20 removed user 59627eac2157d09ddf9d7292. -2017-07-09 21:06:20 -------------------------------------------------------------------------------- -2017-07-09 21:06:20 Request: +2017-07-09 21:12:34 removed user 596280222157d09ddf9d729a. +2017-07-09 21:12:34 -------------------------------------------------------------------------------- +2017-07-09 21:12:34 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: { - user(id: "59627eac2157d09ddf9d7292") { + user(id: "596280222157d09ddf9d729a") { username bio role } } -2017-07-09 21:06:20 ERROR Authorization: Not authorized to readOne in user. +2017-07-09 21:12:34 ERROR Authorization: Not authorized to readOne in user. From cf68cc420695ee9ee2c5f37d94f664a9e822920a Mon Sep 17 00:00:00 2001 From: Tom Coleman Date: Thu, 13 Jul 2017 14:47:00 +1000 Subject: [PATCH 44/69] Pass the logger rather than all the bits it needs --- test/output-app/README.md | 42 ++++++++++++++++++++++++++------------- 1 file changed, 28 insertions(+), 14 deletions(-) diff --git a/test/output-app/README.md b/test/output-app/README.md index ee5c74e..f5278d7 100644 --- a/test/output-app/README.md +++ b/test/output-app/README.md @@ -101,7 +101,7 @@ export default class { this.loaders = (_user = {}, resolver = '') => ({ readOne: new DataLoader(ids => new Promise( async (resolve, reject) => { try { - const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readOne', { User: this.context.User }, resolver); + const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readOne', _user)); const result = await findByIds(this.collection, ids, authQuery); resolve(result); } catch (err) { reject(err); } @@ -120,7 +120,7 @@ async getOneById(id, _user = {}, resolver = 'tweet getOneById') { all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = 'tweet all') { try { const baseQuery = { createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readMany', { User: this.context.User }, resolver); + const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', _user)); const finalQuery = {...baseQuery, ...authQuery}; return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } catch (err){ log.error(err.message); } @@ -145,14 +145,14 @@ export default class Tweet { this.loaders = (_user = {}, resolver = '') => ({ readOne: new DataLoader(ids => new Promise( async (resolve, reject) => { try { - const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readOne', { User: this.context.User }, resolver); + const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readOne', _user)); const result = await findByIds(this.collection, ids, authQuery); resolve(result); } catch (err) { reject(err); } })), // readMany: new DataLoader(ids => new Promise( async (resolve, reject) => { // try { - // const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readMany', { User: this.context.User }, resolver); + // const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', _user)); // const result = await findByIds(this.collection, ids, authQuery); // resolve(result); // } catch (err) { reject(err); } @@ -170,7 +170,7 @@ export default class Tweet { all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = 'tweet all') { try { const baseQuery = { createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readMany', { User: this.context.User }, resolver); + const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', _user)); const finalQuery = {...baseQuery, ...authQuery}; return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } catch (err){ log.error(err.message); } @@ -206,14 +206,14 @@ export default class User { })), readOne: new DataLoader(ids => new Promise( async (resolve, reject) => { try { - const authQuery = queryForRoles(_user, ['admin'], ['_id'], 'readOne', { User: this.context.User }, resolver); + const authQuery = queryForRoles(_user, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'readOne', _user)); const result = await findByIds(this.collection, ids, authQuery); resolve(result); } catch (err) { reject(err); } })), // readMany: new DataLoader(ids => new Promise( async (resolve, reject) => { // try { - // const authQuery = queryForRoles(_user, ['admin'], [], 'readMany', { User: this.context.User }, resolver); + // const authQuery = queryForRoles(_user, ['admin'], [], { User: this.context.User }, authlog(resolver, 'readMany', _user)); // const result = await findByIds(this.collection, ids, authQuery); // resolve(result); // } catch (err) { reject(err); } @@ -244,7 +244,7 @@ export default class User { all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = 'user all') { try { const baseQuery = { createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, ['admin'], [], 'readMany', { User: this.context.User }, resolver); + const authQuery = queryForRoles(_user, ['admin'], [], { User: this.context.User }, authlog(resolver, 'readMany', _user)); const restrictedFields = (Object.keys(authQuery).length === 0) ? {} : { role: 0 }; const finalQuery = {...baseQuery, ...authQuery}; return this.collection.find(finalQuery).sort({ createdAt: 1 }).project(restrictedFields).limit(limit).toArray(); @@ -278,10 +278,10 @@ Use function queryForRoles to generate an authQuery object. It expects the following arguments: ```javascript // creates an authQuery object with additional query arguments, to implement authorization restrictions for mongodb access -export function queryForRoles(user = {}, userRoles = [], docRoles = [], mode = '', { User }, resolver = '') { +export function queryForRoles(user = {}, userRoles = [], docRoles = [], { User }, logger) { // Build query for the case: The logged in user's role is authorized - if (roleAuthorizedForDoc(user, userRoles, docRoles, mode, { User }, resolver)) { + if (roleAuthorizedForDoc(user, userRoles, docRoles, { User }, logger)) { return {}; // empty authQuery means, do operation with no access restrictions } @@ -289,12 +289,12 @@ export function queryForRoles(user = {}, userRoles = [], docRoles = [], mode = ' const query = { $or: [] }; if (loggedIn(user)){ docRoles.forEach(docRole => query.$or.push( { [docRole]: user._id } ) ); - log.debug('authQuery:', JSON.stringify(query, null, 2)); + logger.debug(user, `authQuery: ${JSON.stringify(query, null, 2)}`); if (query.$or.length > 0) return query; } // Not Authorized - throw new Error(`Authorization: Not authorized to ${mode} in ${resolver}.`); + logger.error(user, 'Not authorized'); } ``` @@ -317,11 +317,11 @@ This helper function is used by queryForRoles, and decides, if a user gains the For example: If a user has a field "role" in his user document and it contains the value "admin". So it checks if a user's role is admin, and allows all operations for admins. ```javascript // returns true, if the user's role is authorized for a document -export function roleAuthorizedForDoc(user = {}, userRoles = [], docRoles = [], mode = '', { User }, resolver = ''){ +export function roleAuthorizedForDoc(user = {}, userRoles = [], docRoles = [], { User }, logger){ const role = User.authRole(user); if ( userRoles.includes('world') || role && role !== '' && role !== '' && userRoles.length > 0 && userRoles.includes(role) ) { - log.debug(`${resolver} ${mode} with user ${user.username ? user.username : ''} is authorized`); + logger.debug(user, 'is authorized'); return true; } @@ -394,6 +394,20 @@ export function fieldContainsUserId(docRoleField, userId) { } ``` +### function authlog + +A logging function that understands "resolvers", "modes" and "users". Simple wrapper around whatever logging function we use + +```js +export function authlog(resolver, mode, user) { + const makeMessage = (message) => `${resolver} ${mode} with user ${user.username ? user.username : ''} ${message}`; + return { + debug: (message) => logger.debug(makeMessage(message)), + error: (message) => throw new Error(makeMessage(message)) + }; +} +``` + ### ./resolver/User.js In the resolver interfaces, there are different objects: * the root object "tweet", contains the document fields From 318814466f5a9cbd15ace66ca872ac18d4a04eea Mon Sep 17 00:00:00 2001 From: Tom Coleman Date: Thu, 13 Jul 2017 14:56:28 +1000 Subject: [PATCH 45/69] Simplify authorized loader. Thoughts here: 1. We only need one authorized loader (for the `readOne` case). 2. We can determine the `authQuery` at initialization time, assuming that a single user will be used for all queries (this is the case). 3. We can have the user at initialization time, although this will require refactoring the way the context is initialized here: https://github.com/tobkle/create-graphql-server/blob/master/skel/server/index.js i. We need to add the models to the context *after* the authentication, i.e. here: https://github.com/tobkle/create-graphql-server/blob/master/skel/server/index.js#L44 ii. This will mean that we need a different reference to the mongo collection in the `passport.authenticate` call. But we can make that work I think, it doesn't really need the proper user collection. --- test/output-app/README.md | 1136 +++++++++++++---- .../server/logs/all-logs-readable.log | 2 + 2 files changed, 859 insertions(+), 279 deletions(-) diff --git a/test/output-app/README.md b/test/output-app/README.md index f5278d7..1f06567 100644 --- a/test/output-app/README.md +++ b/test/output-app/README.md @@ -1,16 +1,176 @@ # create-graphql-server - This is a generated create-graphql-server app. +* Authentication: Identifies an user +* Authorization: Defines all actions a user is allowed to perform + +## Implementing Authentication +The authentication is performed in those locations: +* ./server/index.js +* ./server/authenticate.js +* ./model/index.js + +### ./server/index.js +In the server, the database is started, and the UserCollection is defined. That's where the server accesses the user documents in the database. + +In ```js authenticate(app, UserCollection)``` the authentication is prepared and processed. Later, if a user sends a 'graphql' request, the user is determined with ```js passport.authenticate(...)```. After that, the user is whether an anonymous user or an authenticated user. You find the identified user in the object "me". Then the type models have to be initialized with the user "me" authorizations: ```js req.context = addModelsToContext({... me ...})```. + +```javascript +... +async function startServer() { + log.info('Logger started'); + + const db = await MongoClient.connect(MONGO_URL); + const UserCollection = db.collection('user'); + + const app = express().use('*', cors()); + app.use(bodyParser.urlencoded({ extended: true })); + app.use(bodyParser.json()); + app.use(morgan("dev", { "stream": stream })); + + authenticate(app, UserCollection); + + app.use('/graphql', (req, res, next) => { + passport.authenticate('jwt', { session: false }, (err, me) => { + req.context = addModelsToContext({ db, pubsub, me, UserCollection }); + graphqlExpress(() => { + // Get the query, the same way express-graphql does it + // https://github.com/graphql/express-graphql/blob/3fa6e68582d6d933d37fa9e841da5d2aa39261cd/src/index.js#L257 + const {variables, operationName} = req.body; + const {_id, username, role} = me; + const query = req.query.query || req.body.query; + log.debug('-'.repeat(80)); + log.debug(`Request:\nUser: "${(username) ? username: ''}", role: "${(role) ? role : ''}", id: "${(_id) ? _id : ''}",\nOperation: "${operationName ? operationName : ''}", variables: "${variables ? JSON.stringify(variables) : ''}",\nQuery:\n${print(parse(query))}`); + if (query && query.length > 4000) { + // None of our app's queries are this long + // Probably indicates someone trying to send an overly expensive query + log.error('Query too large.'); + throw new Error('Query too large.'); + } + return { + schema, + context: Object.assign({ me }, req.context), + debug: true, + formatError(e) { + console.log(e); + return e; + }, + }; + })(req, res, next); + })(req, res, next); + }); + ... +} +``` + +By-the-way: The server/index.js is able to access the User collection directly by the following two lines. This is used in the server/authenticate.js during authenticate. +```js +... +const UserCollection = db.collection('user'); +... +authenticate(app, UserCollection); +... +``` + +### ./model/index.js +If there is a User model generated, then we load it as the first model. It defines the model, which will be used in the other models as well, to perform the authorization checks. + +```javascript +const models = {}; + +export default function addModelsToContext(context) { + const newContext = Object.assign({}, context); + + // User model has to be first, to initialize the other models with correct authorizations + if (models['User']){ + newContext['User'] = new models['User'](newContext); + } + + Object.keys(models).forEach((key) => { + if (key !== 'User') newContext[key] = new models[key](newContext); + }); + return newContext; +} + +import Tweet from './Tweet'; +models.Tweet = Tweet; + +import User from './User'; +models.User = User; +``` + +### ./server/authenticate.js +Here, the real identification of an user is performed. After a user requested a '/login' url with user and password. The user's email is searched in the database. If it is there, it checks if the user's encrypted hash is equal to the encrypted password. If so, a user is identified and a JWT token is generated and transfered back to the requesting user. This JWT token is usually stored in the client's browsers local storage and added to the next call in the Authorization header. With all the next requests of that user, he sends an header like... +```javacript +authorization JWT calculated.JWT.token +``` +This JWT token is decrypted with an internal secret KEY to get the user id. This user is then read from the cache/database within userFromPayload and returned to the request as the user object "me", which is then used in all "/graphql" calls. + +```javascript +import passport from 'passport'; +import { Strategy, ExtractJwt } from 'passport-jwt'; +import jwt from 'jwt-simple'; +import { ObjectId } from 'mongodb'; +import nodeify from 'nodeify'; +import bcrypt from 'bcrypt'; +import DataLoader from 'dataloader'; +import { findByIds } from 'create-graphql-server-authorization'; + +const KEY = 'test-key'; +let Loader; + +async function userFromPayload(request, jwtPayload) { + if (!jwtPayload.userId) { + throw new Error('No userId in JWT'); + } + return await Loader.load(ObjectId(jwtPayload.userId)); +} + +passport.use(new Strategy({ + jwtFromRequest: ExtractJwt.fromAuthHeader(), + secretOrKey: KEY, + passReqToCallback: true, +}, (request, jwtPayload, done) => { + nodeify(userFromPayload(request, jwtPayload), done); +})); + +export default function addPassport(app, User) { + Loader = new DataLoader(ids => findByIds(User, ids)); + + app.use(passport.initialize()); + + app.post('/login', async (req, res, next) => { + try { + const { email, password } = req.body; + + if (!email || !password) { + throw new Error('Username or password not set on request'); + } + + const user = await User.findOne({ email }); + if (!user || !(await bcrypt.compare(password, user.hash))) { + throw new Error('User not found matching email/password combination'); + } + + const payload = { + userId: user._id.toString(), + }; + + const token = jwt.encode(payload, KEY); + res.json({ token }); + } catch (e) { + next(e); + } + }); +} +``` + ## Implementing Authorizations Use the @authorize directive in a \.graphql input file, to define which authorizations should be generated by create-graphql-server. You can define user-roles and document-roles to control authorizations. * user-roles: e.g. User.role = "admin", all admins are allowed to do create, read, update, delete,... * document-roles: e.g. Tweet.authorId = User._id, only authors are allowed to create, update, delete a document -On field level you can control access also by the @authorize directive -e.g. updating the User with set role = "admin", shouldn't be allowed by for all users. So we need a way to restrict the create, read, update, delete operations also on field level if required. - Use the following syntax for the Tweet.graphql input file:: ```javascript type Tweet @@ -30,29 +190,28 @@ type Tweet likers: [User!] @hasAndBelongsToMany(as: "liked") } ``` + This has the following meaning: -* user-roles: "admin", "world" are created (user roles don't have own fields of type User or [User] in the document) - This will check, if the logged in user has a role "admin". Or if there is a special role "world", which just means every known or unknown user, for "world" you don't have to be logged in. +* user-roles: "admin", "world" are created. (user-roles don't have own fields of type User or [User] in the document). + Thus it will check, if the logged in user has a role "admin". Or if there is a special role "world", which just means every known or unknown user is allowed. For "world" authorization you don't have to be logged in. So each "admin" user will be able to create, read, update or delete the Tweet document. Everyone ("world") will be allowed to read all Tweets. -* document-roles: "author", "coauthors" are created (document roles have fields in the document) +* document-roles: "author", "coauthors" are created. (Document-roles have a corresponding field in the document.) Look for the fields with the directive @authRole("...") Only the author of a Tweet is allowed to create, read, update, delete its single Tweet. Only a coauthor of a Tweet is allowed to read and update a Tweet, but he is not allowed to create a Tweet for a different author, and also not to delete a tweet of a different user. - and for the User.graphql input file: ```javascript type User @authorize( admin: ["create", "read", "update", "delete"] - this: ["readOne", "update", "delete"] + this: ["read", "update", "delete"] ) { - role: String! @authRole("admin") @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) - + role: String @authRole("admin") username: String! bio: String @@ -67,208 +226,501 @@ type User ``` This has the following meaning: -* user-role: "admin", is created (user roles don't have own fields of type User or [User] in the document) +* user-role: "admin", is created. (user roles don't have own fields of type User or [User] in the document) It is a String field with: **role: String! @authRole("admin")** This will check, if the logged in user has a role "admin". So each "admin" user will be able to create, read, update or delete any User document. * document-role: "this", is created (document roles have own fields in the document, but this is a special case for the field _id, which is not shown in the input type, but will be generated in the later schema file.) Only the user id of "this" meaning _id is allowed to readOne, update, delete its single User document. -Here we use also the @authorize directive on field level for the field role: -```javascript -... -role: String! @authRole("admin") @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) -... -``` -This adds additional authorization checks on the field level just for this field "role". -Every time this field "role" appears in any document, it will be checked, if the user is authorized to do the operation on this document containing this field. If the field is not in the document, it skips the field check. - -In this case it checks: -* if the user-role "admin" is the authorized user, then it allows him to create, read, update, delete operations also on the document, if it contains the field "role" -* if the document-role "this" (=owner of the document user._id_ = doc._id_) to do the operations "readOne" on the User document, but it doesn't allow him to upgrade/update his own User.role. - -Use create-graphql-server cli to generate the according schema, resolver, model files with the create-graphql-server command line interface. After its generation, you will find the generated files in the sub folders: schema, resolvers, model folders. The generated model files will use the following functions to implement the authorization logic. +Use create-graphql-server command to generate the according schema, resolver, model files with the create-graphql-server command line interface. After its generation, you will find the generated files in the sub folders: schema, resolvers, model. The generated model files will use the following functions to implement the authorization logic. ### model.js +This is an example of a database model of type . ```javascript import DataLoader from 'dataloader'; -import { queryForRoles, findByIds } from '../server/authorize'; +import { findByIds, queryForRoles, getLogFilename, logger, authlog, checkAuthDoc } from 'create-graphql-server-authorization'; +const log = logger(getLogFilename()); export default class { - constructor(context){ - ... - this.loaders = (_user = {}, resolver = '') => ({ - readOne: new DataLoader(ids => new Promise( async (resolve, reject) => { - try { - const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readOne', _user)); - const result = await findByIds(this.collection, ids, authQuery); - resolve(result); - } catch (err) { reject(err); } - })), - }); - ... + constructor(context) { + this.context = context; + this.collection = context.db.collection(''); + this.pubsub = context.pubsub; + let authQuery; + try { + const { me, User } = context; + authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User }, authlog(' findOneById', 'readOne', me)); + } catch (err) { + log.error(err.message); + authQuery = {_id: false}; // otherwise admin access + } + this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); } -... -async getOneById(id, _user = {}, resolver = 'tweet getOneById') { - try { - const result = await this.loaders(_user, resolver).readOne.load(id); - return result; - } catch (err) { log.error(err.message); } -} -all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = 'tweet all') { - try { - const baseQuery = { createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', _user)); - const finalQuery = {...baseQuery, ...authQuery}; - return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); - } catch (err){ log.error(err.message); } -} + async findOneById(id, me, resolver) { + try { + return await this.authorizedLoader.load(id); + } catch (err) { log.error(err.message); } + } + + find({ lastCreatedAt = 0, limit = 10, baseQuery = {} }, me, resolver) { + try { + const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); + const finalQuery = {...baseQuery, ...authQuery, createdAt: { $gt: lastCreatedAt }}; + return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + } catch (err){ log.error(err.message); } + } ... } ``` ### ./model/Tweet.js -generated model file for the above input type Tweet.graphql: -this.auth is generated by the @authorize directive. You can see, the directive argument "read" is used to express "readOne" and "readMany" at the same time. Instead you can use "readOne" and "readMany" for fine grained control on read operations, to allow access to just one record or many records. +generated model file for the above input type Tweet.graphql considering the @authorize directive. You can see, the directive argument "read" is used to express "readOne" and "readMany" at the same time. Instead you can use "readOne" and "readMany" for fine grained control on read operations, to allow access to just one record or many records. ```javascript -import log from '../server/logger'; import DataLoader from 'dataloader'; -import { findByIds, queryForRoles, fieldContainsUserId } from '../server/authorize'; +import { findByIds, queryForRoles, getLogFilename, logger, authlog, checkAuthDoc } from 'create-graphql-server-authorization'; +const log = logger(getLogFilename()); export default class Tweet { constructor(context) { this.context = context; this.collection = context.db.collection('tweet'); this.pubsub = context.pubsub; - this.loaders = (_user = {}, resolver = '') => ({ - readOne: new DataLoader(ids => new Promise( async (resolve, reject) => { - try { - const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readOne', _user)); - const result = await findByIds(this.collection, ids, authQuery); - resolve(result); - } catch (err) { reject(err); } - })), - // readMany: new DataLoader(ids => new Promise( async (resolve, reject) => { - // try { - // const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', _user)); - // const result = await findByIds(this.collection, ids, authQuery); - // resolve(result); - // } catch (err) { reject(err); } - // })), - }); + let authQuery; + try { + const { me, User } = context; + authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User }, authlog('tweet findOneById', 'readOne', me)); + } catch (err) { + log.error(err.message); + authQuery = {_id: false}; // otherwise admin access + } + this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); } - async getOneById(id, _user = {}, resolver = 'tweet getOneById') { + async findOneById(id, me, resolver) { try { - const result = await this.loaders(_user, resolver).readOne.load(id); - return result; + return await this.authorizedLoader.load(id); } catch (err) { log.error(err.message); } } - all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = 'tweet all') { + find({ lastCreatedAt = 0, limit = 10, baseQuery = {} }, me, resolver) { try { - const baseQuery = { createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', _user)); - const finalQuery = {...baseQuery, ...authQuery}; + const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); + const finalQuery = {...baseQuery, ...authQuery, createdAt: { $gt: lastCreatedAt }}; return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } catch (err){ log.error(err.message); } } - author(tweet, _user, resolver = 'tweet author') { - return this.context.User.getOneById(tweet.authorId, _user, resolver); + createdBy(tweet, me, resolver) { + return this.context.User.findOneById(tweet.createdById, me, resolver); + } + + updatedBy(tweet, me, resolver) { + return this.context.User.findOneById(tweet.updatedById, me, resolver); + } + + author(tweet, me, resolver) { + return this.context.User.findOneById(tweet.authorId, me, resolver); + } + + coauthors(tweet, { lastCreatedAt = 0, limit = 10 }, me, resolver) { + const baseQuery = {_id: { $in: tweet.coauthorsIds } }; + return this.context.User.find({ lastCreatedAt, limit, baseQuery }, me, resolver); + } + + likers(tweet, { lastCreatedAt = 0, limit = 10 }, me, resolver) { + const baseQuery = {likedIds: tweet._id, createdAt: { $gt: lastCreatedAt } }; + return this.context.User.find({ lastCreatedAt, limit, baseQuery }, me, resolver); + } + + async insert(doc, me, resolver) { + try { + + let docToInsert = Object.assign({}, doc, { + createdAt: Date.now(), + updatedAt: Date.now(), + createdById: (me && me._id) ? me._id : 'unknown', + updatedById: (me && me._id) ? me._id : 'unknown', + }); + log.debug(JSON.stringify(docToInsert, null, 2)); + + checkAuthDoc(docToInsert, me, ['admin'], ['authorId'], { User: this.context.User }, authlog(resolver, 'create', me)); + const id = (await this.collection.insertOne(docToInsert)).insertedId; + if (!id) { + throw new Error(`insert tweet not possible.`); + } + + log.debug(`inserted tweet ${id}.`); + const insertedDoc = this.findOneById(id, me, 'pubsub tweetInserted'); + this.pubsub.publish('tweetInserted', insertedDoc); + return insertedDoc; + + } catch (err){ log.error(err.message); } + } + + async updateById(id, doc, me, resolver) { + try { + + let docToUpdate = {$set: Object.assign({}, doc, { + updatedAt: Date.now(), + updatedById: (me && me._id) ? me._id : 'unknown', + })}; + + const baseQuery = {_id: id}; + const authQuery = queryForRoles(me, ['admin'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'update', me)); + const finalQuery = {...baseQuery, ...authQuery}; + const result = await this.collection.updateOne(finalQuery, docToUpdate); + if (result.result.ok !== 1 || result.result.n !== 1){ + throw new Error(`update tweet not possible for ${id}.`); + } + + log.debug(`updated tweet ${id}.`); + this.authorizedLoader.clear(id); + const updatedDoc = this.findOneById(id, me, 'pubsub tweetUpdated'); + this.pubsub.publish('tweetUpdated', updatedDoc); + return updatedDoc; + + } catch (err){ log.error(err.message); } + } + + async removeById(id, me, resolver) { + try { + + const baseQuery = {_id: id}; + const authQuery = queryForRoles(me, ['admin'], ['authorId'], { User: this.context.User }, authlog(resolver, 'delete', me)); + const finalQuery = {...baseQuery, ...authQuery}; + const result = await this.collection.remove(finalQuery); + if (result.result.ok !== 1 || result.result.n !== 1){ + throw new Error(`remove tweet not possible for ${id}.`); + } + + log.debug(`removed tweet ${id}.`); + this.authorizedLoader.clear(id); + this.pubsub.publish('tweetRemoved', id); + return result; + + } catch (err){ log.error(err.message); } } - ... } ``` ### ./model/User.js -generated model file for the above input type User.graphql: -this.auth is generated by the @authorize directive. Here also with field authorizations. +generated model file for the above input type User.graphql considering the @authorize directive. ```javascript -import log from '../server/logger'; import DataLoader from 'dataloader'; -import { findByIds, queryForRoles, fieldContainsUserId } from '../server/authorize'; +import { findByIds, queryForRoles, getLogFilename, logger, authlog, checkAuthDoc, protectFields } from 'create-graphql-server-authorization'; +const log = logger(getLogFilename()); export default class User { constructor(context) { this.context = context; this.collection = context.db.collection('user'); this.pubsub = context.pubsub; - this._user = {}; - this.loaders = (_user = {}, resolver = '') => ({ - readOneWithoutAuth: new DataLoader(ids => new Promise( async (resolve, reject) => { - try { - const result = await findByIds(this.collection, ids, {}); - resolve(result); - } catch (err) { reject(err); } - })), - readOne: new DataLoader(ids => new Promise( async (resolve, reject) => { - try { - const authQuery = queryForRoles(_user, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'readOne', _user)); - const result = await findByIds(this.collection, ids, authQuery); - resolve(result); - } catch (err) { reject(err); } - })), - // readMany: new DataLoader(ids => new Promise( async (resolve, reject) => { - // try { - // const authQuery = queryForRoles(_user, ['admin'], [], { User: this.context.User }, authlog(resolver, 'readMany', _user)); - // const result = await findByIds(this.collection, ids, authQuery); - // resolve(result); - // } catch (err) { reject(err); } - // })), - }); + this.authRole = User.authRole; + let authQuery; + try { + const { me } = context; + authQuery = queryForRoles(me, ['admin'], ['_id'], { User }, authlog('user findOneById', 'readOne', me)); + } catch (err) { + log.error(err.message); + authQuery = {_id: false}; // otherwise admin access + } + this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); } - authRole(user){ - return (user && user.role) ? user.role : ''; + static authRole(user){ + return (user && user.role) ? user.role : null; } - // used from server calls, without authorization checks, NOT for use in resolvers - async findOneById(id, _user = {}, resolver = 'user findOneById') { + async findOneById(id, me, resolver) { try { - const result = await this.loaders(_user, resolver).readOneWithoutAuth.load(id); - return result; + return await this.authorizedLoader.load(id); } catch (err) { log.error(err.message); } } - // used for api calls, with authorization checks, for use in resolvers - async getOneById(id, _user = {}, resolver = 'user getOneById') { + find({ lastCreatedAt = 0, limit = 10, baseQuery = { createdAt: { $gt: lastCreatedAt } } }, me, resolver) { try { - const result = await this.loaders(_user, resolver).readOne.load(id); - return result; + const authQuery = queryForRoles(me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'readMany', me)); + const finalQuery = {...baseQuery, ...authQuery}; + return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } catch (err) { log.error(err.message); } } - all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = 'user all') { - try { - const baseQuery = { createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, ['admin'], [], { User: this.context.User }, authlog(resolver, 'readMany', _user)); - const restrictedFields = (Object.keys(authQuery).length === 0) ? {} : { role: 0 }; + tweets(user, { minLikes, lastCreatedAt = 0, limit = 10 }, me, resolver) { + const baseQuery = { authorId: user._id, createdAt: { $gt: lastCreatedAt } }; + return this.context.Tweet.find({ lastCreatedAt, limit, baseQuery }, me, resolver); + } + + liked(user, { lastCreatedAt = 0, limit = 10 }, me, resolver) { + const baseQuery = { _id: { $in: user.likedIds || [] }, createdAt: { $gt: lastCreatedAt } }; + return this.context.Tweet.find({ lastCreatedAt, limit, baseQuery }, me, resolver); + } + + following(user, { lastCreatedAt = 0, limit = 10 }, me, resolver) { + const baseQuery = { _id: { $in: user.followingIds || [] }, createdAt: { $gt: lastCreatedAt } }; + return this.context.User.find({ lastCreatedAt, limit, baseQuery }, me, resolver); + } + + followers(user, { lastCreatedAt = 0, limit = 10 }, me, resolver) { + const baseQuery = { followingIds: user._id, createdAt: { $gt: lastCreatedAt } }; + return this.context.User.find({ lastCreatedAt, limit, baseQuery }, me, resolver); + } + + createdBy(user, me, resolver) { + return this.context.User.findOneById(user.createdById, me, resolver); + } + + updatedBy(user, me, resolver) { + return this.context.User.findOneById(user.updatedById, me, resolver); + } + + async insert(doc, me, resolver) { + try { + let docToInsert = Object.assign({}, doc, { + createdAt: Date.now(), + updatedAt: Date.now(), + createdById: (me && me._id) ? me._id : 'unknown', + updatedById: (me && me._id) ? me._id : 'unknown', + }); + checkAuthDoc(docToInsert, me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'create', me)); + docToInsert = protectFields(me, ['admin'], ['role'], docToInsert, { User: this.context.User }); + const id = (await this.collection.insertOne(docToInsert)).insertedId; + if (!id) { + throw new Error(`insert user not possible.`); + } + log.debug(`inserted user ${id}.`); + const insertedDoc = this.findOneById(id, me, 'pubsub userInserted'); + this.pubsub.publish('userInserted', insertedDoc); + return insertedDoc; + } catch (err) { log.error(err.message); } + } + + async updateById(id, doc, me, resolver) { + try { + let docToUpdate = {$set: Object.assign({}, doc, { + updatedAt: Date.now(), + updatedById: (me && me._id) ? me._id : 'unknown', + })}; + const baseQuery = {_id: id}; + const authQuery = queryForRoles(me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'update', me)); const finalQuery = {...baseQuery, ...authQuery}; - return this.collection.find(finalQuery).sort({ createdAt: 1 }).project(restrictedFields).limit(limit).toArray(); + docToUpdate.$set = protectFields(me, ['admin'], ['role'], docToUpdate.$set, { User: this.context.User }); + const result = await this.collection.updateOne(finalQuery, docToUpdate); + if (result.result.ok !== 1 || result.result.n !== 1){ + throw new Error(`update user not possible for ${id}.`); + } + log.debug(`updated user ${id}.`); + this.authorizedLoader.clear(id); + const updatedDoc = this.findOneById(id, me, 'pubsub userUpdated') + this.pubsub.publish('userUpdated', updatedDoc); + return updatedDoc; } catch (err) { log.error(err.message); } } - ... + async removeById(id, me, resolver) { + try { + const baseQuery = {_id: id}; + const authQuery = queryForRoles(me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'delete', me)); + const finalQuery = {...baseQuery, ...authQuery}; + const result = await this.collection.remove(finalQuery); + if (result.result.ok !== 1 || result.result.n !== 1){ + throw new Error(`remove user not possible for ${id}.`); + } + log.debug(`removed user ${id}.`); + this.authorizedLoader.clear(id); + this.pubsub.publish('userRemoved', id); + return result; + } catch (err) { log.error(err.message); } + } } ``` +As you can see in both model header lines, we are using a specialized npm package "create-graphql-server-authorization". + +## create-graphql-server-authorization +Install it with: +```bash +npm install create-graphql-server-authorization +``` +[Github: create-graphql-server-authorization](https://github.com/tobkle/create-graphql-server-authorization) + +This uses the following functions from that module: + +### function authlog +A logging function that understands "resolvers", "modes" and "users". Simple wrapper around whatever logging function we use. + +```javascript +/* + * Central logger for authorization checks + * @param {string} resolver + * @param {string} mode + * @param {object} me + * @return { + * debug {function}, + * error {function} + * } + */ +function authlog(resolver = "", mode = "", me = {}) { + const logFilename = getLogFilename(); + const log = logger(logFilename); + + const makeMessage = message => + `Authorize ${mode} "${resolver}" with user "${me.username + ? me.username + : ""}" ${message}`; + + return { + debug: message => { + const resultMessage = makeMessage(message); + log.debug(resultMessage); + return resultMessage; + }, + error: message => { + const resultMessage = makeMessage(message); + log.error(resultMessage); + throw new Error(makeMessage(message)); + } + }; +} +``` ### function findByIds This is an extended version of [mongo-find-by-ids](https://github.com/tmeasday/mongo-find-by-ids). The enhancement is only to provide an additional authQuery object, to extend the query to meet additional authorizations. ```javascript -// enhanced version of tmeasday's findByIds plus authQuery handling -export function findByIds(collection, ids = [], authQuery) { - const baseQuery = { _id: { $in: ids } }; - const finalQuery = {...baseQuery, ...authQuery}; - return collection.find(finalQuery).toArray().then(docs => { - const idMap = {}; - docs.forEach(d => { idMap[d._id] = d; }); - return ids.map(id => idMap[id]); - }); +/* + * find a record by id (cached with dataloader) + * returns the record, cached if already read, checks authorization if set + * enhancement of tmeasday'findByIds + * @param {string, array} docRoleField + * @param {object} userId + * @return {boolean} foundUserId + */ +function findByIds(collection, ids = [], authQuery) { + const baseQuery = { _id: { $in: ids } }; + const finalQuery = { ...baseQuery, ...authQuery }; + return collection.find(finalQuery).toArray().then(docs => { + const idMap = {}; + docs.forEach(d => { + idMap[d._id] = d; + }); + return ids.map(id => idMap[id]); + }); +} + +module.exports = findByIds; +``` + +### function protectFields +Use function protectFields to protect single fields from access. Provide signed in user in "me", the authorized User roles for the protected field(s) - meaning the user who is allowed to access the field -, provide an array with protected fields, and the current document object, which is to be checked for protected fields and the User model context. + +```javascript +/* + * Protects a field based on authorizations + * @param {object} me + * @param {array} authorizedUserRoles + * @param {array} protectedFields + * @param {object} inputObject + * @param {object} User + * @return {object} result + */ +function protectFields( + me = {}, + authorizedUserRoles = [], + protectedFields = [], + inputObject = {}, + { User } = { User: dummyUserContext } +) { + // pure function + const result = Object.assign({}, inputObject); + + // getting role of current User + const role = User.authRole(me); + + // if user is not allowed to access specific fields, remove field from object... + if (!authorizedUserRoles.includes(role)) { + protectedFields.forEach(protectedField => { + if (result[protectedField]) delete result[protectedField]; + }); + } + + return result; +} +``` + +### function checkAuthDoc +Use function checkAuthDoc to check and get back the document. Especially used in insert operations, to figure out, if the toBeInsertedDoc is valid to be added by this userRole, docRole and action. + +```javascript +/* + * Returns an authorized document + * @param {object} doc + * @param {object} me + * @param {array} userRoles + * @param {array} docRoles + * @param {object} User + * @param {function} logger + * @return {object} doc + */ + +function checkAuthDoc( + doc = {}, + me = {}, + userRoles = [], + docRoles = [], + { User }, + logger = defaultLogger +) { + let resultDoc = Object.assign({}, doc); + + // get the User's role + const role = User.authRole(me); + + // check if userRole entitles current user for this action + if (userRoleAuthorized(me, userRoles, { User }, logger)) { + logger.debug(`and role: "${role}" is authorized by userRole.`); + return resultDoc; + } + + // check if docRole entitles current user for this document and action + let authorized = false; + docRoles.every(field => { + if ( + resultDoc[field] && + me._id && + fieldContainsUserId(resultDoc[field], me._id) + ) { + authorized = true; + } + }); + if (authorized) { + logger.debug(`and role: "${role}" is authorized by docRole.`); + return resultDoc; + } + + // Not Authorized, throw exception in logger.error + logger.error(`and role: "${role}" is not authorized.`); +} +``` + + +### function loggedIn +Use function loggedIn, to check if a user is logged in. + +```javascript +/* + * Checks if an user is logged in + * @param {object} me + * @return {boolean} loggedIn + */ + +function loggedIn(me) { + if (me && me._id && me._id.toString() !== "") { + return true; + } + return false; } ``` @@ -277,54 +729,126 @@ Use function queryForRoles to generate an authQuery object. It expects the following arguments: ```javascript -// creates an authQuery object with additional query arguments, to implement authorization restrictions for mongodb access -export function queryForRoles(user = {}, userRoles = [], docRoles = [], { User }, logger) { +/* + * Prepare a query object for mongodb operations with authorization queries + * creates an authQuery object with additional query arguments, to implement authorization restrictions for mongodb access + * @param {object} me + * @param {array} userRoles + * @param {array} docRoles + * @param {object} inputObject + * @param {object} User + * @param {object} logger + * @return {object, exception} queryObject + * + * @example: const authQuery = queryForRoles(me, userRoles, docRoles, { User }, authlog(resolver, mode, me ) ); + */ +function queryForRoles( + me = {}, + userRoles = [], + docRoles = [], + { User } = { User: dummyUserContext }, + logger = defaultLogger +) { + // on insufficient authorization data, it cannot be authorized, throws exception + if (!User || !User.authRole || !me || (!userRoles && !docRoles)) + logger.error(` is not authorized, due to authorization data.`); + + // get current User's role + const role = User.authRole(me); // Build query for the case: The logged in user's role is authorized - if (roleAuthorizedForDoc(user, userRoles, docRoles, { User }, logger)) { - return {}; // empty authQuery means, do operation with no access restrictions + if (userRoleAuthorized(me, userRoles, { User }, logger)) { + return {}; // empty authQuery means, do operation with no access restrictions } // Build query for the case: The user is listed in any document field const query = { $or: [] }; - if (loggedIn(user)){ - docRoles.forEach(docRole => query.$or.push( { [docRole]: user._id } ) ); - logger.debug(user, `authQuery: ${JSON.stringify(query, null, 2)}`); - if (query.$or.length > 0) return query; + // makes only sense, if user is logged in - otherwise no userId + if (loggedIn(me)) { + // prepare selection criterias as "authQuery" object + // for later mongodb "find(...baseQuery, ...authQuery)" + // ... AND ...{ field1 OR field2} + // which will be also considered during the database access + // as an "$or: [ { field1: userId}, { field2: userId} ]" + // with all document roles as fields for the later selection. + // At least one of those fields must match the userId, + // otherwise, whether no data found or not authorized to access data + docRoles.forEach(docRole => query.$or.push({ [docRole]: me._id })); + // return this authQuery only, if there was at least 1 field added + // otherwise it will result in an unlimited access + if (query.$or.length > 0) { + // for easier debugging write into the authorzation logs + logger.debug( + `and role: "${role ? role : ""}" with + authQuery: ${JSON.stringify(query, null, 2)}` + ); + // return the query as authQuery for later selection + return query; + } } - // Not Authorized - logger.error(user, 'Not authorized'); + // Not Authorized - throw exception in logger.error + const message = `and role: "${role}" is not authorized.`; + logger.error(message); } ``` It expects the following arguments with the meanings: -* **user:** this is the logged in user object out of the resolver's context +* **me:** this is the logged in user object out of the resolver's context * **userRoles:** an array with userRoles, which was generated by the @authorize directives in the .graphql file * **docRoles:** an array with docRoles, which was generated by the @authorize directives in the .graphql file -* **mode:** this is the current mode of operation: - * **create:** insert a record to the database - * **read:** read a record or many records from the database - * **readOne:** read only a single record from the database - * **readMany:** read many records from the the database - * **update:** update a record in the database - * **delete:** remove a record from the database * **User:** User context to access the User model -* **resolver:** this is a string with the resolver's name, optional, only for easier debugging - -### function roleAuthorizedForDoc +* **logger:** logging function e.g. ```js authlog(resolver, mode, me) ``` + * **resolver:** this is a string with the resolver's name, optional, only for easier debugging + * **mode:** this is the current mode of operation: + * **create:** insert a record to the database + * **read:** read a record or many records from the database + * **readOne:** read only a single record from the database + * **readMany:** read many records from the the database + * **update:** update a record in the database + * **delete:** remove a record from the database + * **me:** the user object, who is executing the request, and who is checked for authorization + +### function userRoleAuthorized This helper function is used by queryForRoles, and decides, if a user gains the authorization by its role. For example: If a user has a field "role" in his user document and it contains the value "admin". So it checks if a user's role is admin, and allows all operations for admins. ```javascript -// returns true, if the user's role is authorized for a document -export function roleAuthorizedForDoc(user = {}, userRoles = [], docRoles = [], { User }, logger){ - const role = User.authRole(user); +/* + * Is a user's role authorized for a document + * @param {object} me + * @param {array} userRoles + * @param {object} User + * @param {object} logger + * @return {boolean} authorized + */ - if ( userRoles.includes('world') || role && role !== '' && role !== '' && userRoles.length > 0 && userRoles.includes(role) ) { - logger.debug(user, 'is authorized'); +// returns true, if the user's role is authorized for a document +function userRoleAuthorized( + me = {}, + userRoles = [], + { User } = { User: dummyUserContext }, + logger = defaultLogger +) { + // on insufficient authorization data, it cannot be authorized + if (!User || !User.authRole || !me || !userRoles) return false; + + // get current User's role + const role = User.authRole(me); + + // determine, if the given userRoles authorize the current User by its role + if ( + // userRole: "world" should authorize everyone - known and unknown users + userRoles.includes("world") || + // or there must be a userRole given, and current user must have a role + // and the current user's role must be in the given userRoles + (role && role !== "" && userRoles.length > 0 && userRoles.includes(role)) + ) { + // => authorized + logger.debug(`and role "${role ? role : ""}" is authorized`); return true; } + // => not authorized return false; } ``` @@ -332,79 +856,66 @@ export function roleAuthorizedForDoc(user = {}, userRoles = [], docRoles = [], { ### function fieldContainsUserId This helper function is used in the models and checks, if the provided field of types: array, object or string contains the userId. ```javascript -// returns true, if a field of type array/object/string contains the userId -export function fieldContainsUserId(docRoleField, userId) { +/* + * checks, if a field contains a user's id + * returns true, if a field of type array/object/string contains the userId + * @param {string, object, array} docRoleField + * @param {string, object} userId + * @return {boolean} foundUserId + */ +function fieldContainsUserId(docRoleField, compressedUserId) { let found = false; - // empty userId is not a valid userId - if (userId.toString() === '') return false; + // empty docRoleField is not a valid docRoleField + if (!docRoleField || docRoleField === "" || docRoleField.length === 0) + return false; - // handle a simple id field - if (docRoleField.toString() === userId.toString()){ - return true; - } + // empty (compressed) userId is not a valid userId + if ( + !compressedUserId || + compressedUserId === "" || + compressedUserId.toString() === "" + ) + return false; - // handle an array - if (_.isArray(docRoleField)){ - docRoleField.every(field => { - if (fieldContainsUserId(field, userId)) { + // extract userId, if it is a mongoID field + const userId = extractUserId(compressedUserId); + + // empty (uncompressed) userId is not a valid userId + if (!userId || userId === "") return false; + + // docRoleField of type Array + if (_.isArray(docRoleField)) { + docRoleField.forEach(field => { + if (fieldContainsUserId(field, userId)) { found = true; - return true; - } + } }); if (found) return true; + return false; } - // handle an object - if (_.isObject(docRoleField)){ - Object.keys(docRoleField).every(field => { - - // handle a field - if (docRoleField[field] && docRoleField[field].toString() === userId.toString()){ + // docRoleField of type Object + if (_.isObject(docRoleField)) { + // For each field in the object + Object.keys(docRoleField).forEach(field => { + if ( + fieldContainsUserId(docRoleField[field], userId) || + fieldContainsUserId(field, userId) + ) { found = true; - return true; - } - - // handle an array - if (_.isArray(docRoleField[field])){ - docRoleField[field].every(innerField => { - if (fieldContainsUserId(innerField, userId)) { - found = true; - return true; - } - }) - if (found) return true; - } - - // handle an object - if (_.isObject(docRoleField[field])){ - Object.keys(docRoleField[field]).every(innerField => { - if (fieldContainsUserId(docRoleField[field][innerField], userId)) { - found = true; - return true; - } - }); - if (found) return true; } - }); - + if (found) return true; + return false; } - return found; -} -``` - -### function authlog -A logging function that understands "resolvers", "modes" and "users". Simple wrapper around whatever logging function we use + // docRoleField of type field + if (docRoleField.toString() === userId.toString()) { + return true; + } -```js -export function authlog(resolver, mode, user) { - const makeMessage = (message) => `${resolver} ${mode} with user ${user.username ? user.username : ''} ${message}`; - return { - debug: (message) => logger.debug(makeMessage(message)), - error: (message) => throw new Error(makeMessage(message)) - }; + return false; } ``` @@ -413,70 +924,137 @@ In the resolver interfaces, there are different objects: * the root object "tweet", contains the document fields * the args object "args", contains arguments from the graphql query/mutation * the context object "Tweet", contains the access to the database model of the Tweet collection -* the context object "_user", contains the current logged in user -if logged in-, which is provided from the server's passport implementation +* the context object "me", contains the current logged in user -if logged in-, which is provided from the server's passport implementation * the last argument in the resolver function is the resolver's name, which is optional and only to enhance the logging in debugging mode by additional information. If you have to analyze authorization outcomes, this helps a lot to figure out, which resolvers authorization rule fired. -```javascript - const resolvers = { - User: { - id(user) { - return user._id; - }, - - createdBy(user, args, { User, _user }) { - return User.createdBy(user, _user, 'createdBy'); - }, - updatedBy(user, args, { User, _user }) { - return User.updatedBy(user, _user, 'updatedBy'); - }, - - tweets(user, { minLikes, lastCreatedAt, limit }, { User, _user }) { - return User.tweets(user, { minLikes, lastCreatedAt, limit }, _user, 'tweets'); - }, - - liked(user, { lastCreatedAt, limit }, { User, _user }) { - return User.liked(user, { lastCreatedAt, limit }, _user, 'liked'); - }, - - following(user, { lastCreatedAt, limit }, { User, _user }) { - return User.following(user, { lastCreatedAt, limit }, _user, 'following'); - }, +```javascript + const resolvers = { + User: { + id(user) { + return user._id; + }, + + createdBy(user, args, { User, me }) { + return User.createdBy(user, me, 'user createdBy'); + }, + + updatedBy(user, args, { User, me }) { + return User.updatedBy(user, me, 'user updatedBy'); + }, + + tweets(user, { minLikes, lastCreatedAt, limit }, { User, me }) { + return User.tweets(user, { minLikes, lastCreatedAt, limit }, me, 'user tweets'); + }, + + liked(user, { lastCreatedAt, limit }, { User, me }) { + return User.liked(user, { lastCreatedAt, limit }, me, 'user liked'); + }, + + following(user, { lastCreatedAt, limit }, { User, me }) { + return User.following(user, { lastCreatedAt, limit }, me, 'user following'); + }, + + followers(user, { lastCreatedAt, limit }, { User, me }) { + return User.followers(user, { lastCreatedAt, limit }, me, 'user followers'); + }, + }, + Query: { + users(root, { lastCreatedAt, limit }, { User, me }) { + return User.find({ lastCreatedAt, limit }, me, 'users'); + }, + + user(root, { id }, { User, me }) { + return User.findOneById(id, me, 'user'); + }, + }, + Mutation: { + async createUser(root, { input }, { User, me }) { + return await User.insert(input, me, 'createUser'); + }, + + async updateUser(root, { id, input }, { User, me }) { + return await User.updateById(id, input, me, 'updateUser'); + }, + + async removeUser(root, { id }, { User, me }) { + return await User.removeById(id, me, 'removeUser'); + }, + }, + Subscription: { + userCreated: user => user, + userUpdated: user => user, + userRemoved: id => id, + }, + }; + + export default resolvers; +``` - followers(user, { lastCreatedAt, limit }, { User, _user }) { - return User.followers(user, { lastCreatedAt, limit }, _user, 'followers'); - }, - }, - Query: { - users(root, { lastCreatedAt, limit }, { User, _user }) { - return User.all({ lastCreatedAt, limit }, _user, 'users'); - }, +### ./resolver/Tweet.js +In the resolver interfaces, there are different objects: +* the root object "tweet", contains the document fields +* the args object "args", contains arguments from the graphql query/mutation +* the context object "Tweet", contains the access to the database model of the Tweet collection +* the context object "me", contains the current logged in user -if logged in-, which is provided from the server's passport implementation +* the last argument in the resolver function is the resolver's name, which is optional and only to enhance the logging in debugging mode by additional information. If you have to analyze authorization outcomes, this helps a lot to figure out, which resolvers authorization rule fired. - user(root, { id }, { User, _user }) { - return User.getOneById(id, _user, 'user'); +```javascript + const resolvers = { + Tweet: { + id(tweet) { + return tweet._id; + }, + + author(tweet, args, { Tweet, me }) { + return Tweet.author(tweet, me, 'tweet author'); + }, + + createdBy(tweet, args, { Tweet, me }) { + return Tweet.createdBy(tweet, me, 'tweet createdBy'); + }, + + updatedBy(tweet, args, { Tweet, me }) { + return Tweet.updatedBy(tweet, me, 'tweet updatedBy'); + }, + + coauthors(tweet, { lastCreatedAt, limit }, { Tweet, me }) { + return Tweet.coauthors(tweet, { lastCreatedAt, limit }, me, 'tweet coauthors'); + }, + + likers(tweet, { lastCreatedAt, limit }, { Tweet, me }) { + return Tweet.likers(tweet, { lastCreatedAt, limit }, me, 'tweet likers'); + }, }, - }, - Mutation: { - async createUser(root, { input }, { User, _user }) { - return await User.insert(input, _user); + Query: { + tweets(root, { lastCreatedAt, limit }, { Tweet, me }) { + return Tweet.find({ lastCreatedAt, limit }, me, 'tweets'); + }, + + tweet(root, { id }, { Tweet, me }) { + return Tweet.findOneById(id, me, 'tweet'); + }, }, - - async updateUser(root, { id, input }, { User, _user }) { - return await User.updateById(id, input, _user); + Mutation: { + async createTweet(root, { input }, { Tweet, me }) { + return await Tweet.insert(input, me, 'createTweet'); + }, + + async updateTweet(root, { id, input }, { Tweet, me }) { + return await Tweet.updateById(id, input, me, 'updateTweet'); + }, + + async removeTweet(root, { id }, { Tweet, me }) { + return await Tweet.removeById(id, me, 'removeTweet'); + }, }, - - async removeUser(root, { id }, { User, _user }) { - return await User.removeById(id, _user, 'removeUser'); + Subscription: { + tweetCreated: tweet => tweet, + tweetUpdated: tweet => tweet, + tweetRemoved: id => id, }, - }, - Subscription: { - userCreated: user => user, - userUpdated: user => user, - userRemoved: id => id, - }, -}; - -export default resolvers; + }; + export default resolvers; ``` ### Testing @@ -490,9 +1068,10 @@ If you want to test with the http://localhost:3000/graphiql frontend, best downl ```bash brew cask install graphiql ``` -...and generate a JWT token for your test user by running: +...and have a look into the file **./test/output-app-end-to-end/scripts/JWTs.txt**, or generate this file by running: ```bash -babel-node ./test/output-app-end-to-end/scripts/generateJWT.js +cd ./test/output-app-end-to-end/scripts +babel-node ./generateJWT.js > JWTs.txt ``` This generates JWT tokens for the different test users from the ./test/seeds/User.json. Copy the wanted JWT token of the different users, and start the GraphiQL app with the following entries: @@ -505,4 +1084,3 @@ This generates JWT tokens for the different test users from the ./test/seeds/Use ...and write and execute your queries/mutations in the GraphiQL window. If you use different user's JWT tokens, you can simulate the different user roles such as "admin", "editor" and "user" manually. - diff --git a/test/output-app/server/logs/all-logs-readable.log b/test/output-app/server/logs/all-logs-readable.log index d9f355c..6c1975e 100644 --- a/test/output-app/server/logs/all-logs-readable.log +++ b/test/output-app/server/logs/all-logs-readable.log @@ -1824,3 +1824,5 @@ Query: } 2017-07-09 21:12:34 ERROR Authorization: Not authorized to readOne in user. +2017-08-18 18:06:03 Logger started +2017-08-18 18:06:29 Logger started From 66cb5ce40dbf265bd9172812075fb7932858065a Mon Sep 17 00:00:00 2001 From: Tobias Klemmer Date: Sun, 16 Jul 2017 11:44:55 +0200 Subject: [PATCH 46/69] handle conflicts --- test/output-app/README.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/test/output-app/README.md b/test/output-app/README.md index 1f06567..02659d7 100644 --- a/test/output-app/README.md +++ b/test/output-app/README.md @@ -244,6 +244,7 @@ import { findByIds, queryForRoles, getLogFilename, logger, authlog, checkAuthDoc const log = logger(getLogFilename()); export default class { +<<<<<<< HEAD constructor(context) { this.context = context; this.collection = context.db.collection(''); @@ -257,6 +258,17 @@ export default class { authQuery = {_id: false}; // otherwise admin access } this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); +======= + constructor(context){ + ... + + this.unauthorizedLoader = new DataLoader(ids => findByIds(this.collection, ids)); + + const { user: me, User } = context; + const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readOne', { User }, 'findOneLoader'); + this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); + ... +>>>>>>> handle conflicts } async findOneById(id, me, resolver) { From 06cfb9b8d1230f92ee9636598b8867eef4f85788 Mon Sep 17 00:00:00 2001 From: Tobias Klemmer Date: Sun, 16 Jul 2017 12:01:44 +0200 Subject: [PATCH 47/69] applied changes --- test/output-app/README.md | 33 +++++++++++++++++++++++++++++++-- 1 file changed, 31 insertions(+), 2 deletions(-) diff --git a/test/output-app/README.md b/test/output-app/README.md index 02659d7..106855c 100644 --- a/test/output-app/README.md +++ b/test/output-app/README.md @@ -261,9 +261,7 @@ export default class { ======= constructor(context){ ... - this.unauthorizedLoader = new DataLoader(ids => findByIds(this.collection, ids)); - const { user: me, User } = context; const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readOne', { User }, 'findOneLoader'); this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); @@ -300,6 +298,7 @@ export default class Tweet { this.context = context; this.collection = context.db.collection('tweet'); this.pubsub = context.pubsub; +<<<<<<< HEAD let authQuery; try { const { me, User } = context; @@ -309,6 +308,17 @@ export default class Tweet { authQuery = {_id: false}; // otherwise admin access } this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); +======= + this.loaders = (_user = {}, resolver = '') => ({ + readOne: new DataLoader(ids => new Promise( async (resolve, reject) => { + try { + const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readOne', _user)); + const result = await findByIds(this.collection, ids, authQuery); + resolve(result); + } catch (err) { reject(err); } + })), + }); +>>>>>>> applied changes } async findOneById(id, me, resolver) { @@ -430,6 +440,7 @@ export default class User { this.context = context; this.collection = context.db.collection('user'); this.pubsub = context.pubsub; +<<<<<<< HEAD this.authRole = User.authRole; let authQuery; try { @@ -440,6 +451,24 @@ export default class User { authQuery = {_id: false}; // otherwise admin access } this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); +======= + this._user = {}; + this.loaders = (_user = {}, resolver = '') => ({ + readOneWithoutAuth: new DataLoader(ids => new Promise( async (resolve, reject) => { + try { + const result = await findByIds(this.collection, ids, {}); + resolve(result); + } catch (err) { reject(err); } + })), + readOne: new DataLoader(ids => new Promise( async (resolve, reject) => { + try { + const authQuery = queryForRoles(_user, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'readOne', _user)); + const result = await findByIds(this.collection, ids, authQuery); + resolve(result); + } catch (err) { reject(err); } + })), + }); +>>>>>>> applied changes } static authRole(user){ From 0a59e6707309eac529d006655435739800f56116 Mon Sep 17 00:00:00 2001 From: Tobias Klemmer Date: Mon, 17 Jul 2017 00:30:14 +0200 Subject: [PATCH 48/69] new authorization version from 2017-07-17 --- test/input/User.graphql | 2 +- test/output-app-end-to-end/scripts/JWTs.txt | 49 + .../scripts/generateJWT.js | 3 +- .../test-3-mutations-with-user-role-admin.js | 6 +- .../test-5-mutations-with-user-role-user.js | 6 +- .../test-6-mutations-with-user-role-editor.js | 6 +- test/output-app/README.md | 729 +++++++ test/output-app/model/Tweet.js | 100 +- test/output-app/model/User.js | 154 +- test/output-app/model/index.js | 8 +- test/output-app/resolvers/Tweet.js | 40 +- test/output-app/resolvers/User.js | 44 +- test/output-app/schema/User.graphql | 2 +- test/output-app/server/authenticate.js | 12 +- test/output-app/server/authorize.js | 131 +- test/output-app/server/index.js | 15 +- .../server/logs/all-logs-readable.log | 1828 ----------------- 17 files changed, 1103 insertions(+), 2032 deletions(-) create mode 100644 test/output-app-end-to-end/scripts/JWTs.txt delete mode 100644 test/output-app/server/logs/all-logs-readable.log diff --git a/test/input/User.graphql b/test/input/User.graphql index 8b6259a..fb57e40 100644 --- a/test/input/User.graphql +++ b/test/input/User.graphql @@ -6,7 +6,7 @@ type User ) { - role: String! @authRole("admin") @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) + role: String @authRole("admin") @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) username: String! diff --git a/test/output-app-end-to-end/scripts/JWTs.txt b/test/output-app-end-to-end/scripts/JWTs.txt new file mode 100644 index 0000000..e8f7f53 --- /dev/null +++ b/test/output-app-end-to-end/scripts/JWTs.txt @@ -0,0 +1,49 @@ +{ _id: { '$oid': '583291a1638566b3c5a92ca1' }, + bio: 'tech lead @meteorjs @apollographql', + createdAt: 1479776905993, + followingIds: [ { '$oid': '583291a1638566b3c5a92ca0' } ], + likedIds: + [ { '$oid': '583676d3618530145474e350' }, + { '$oid': '583676d3618530145474e351' } ], + updatedAt: 1479776905993, + username: 'stubailo', + role: 'admin', + createdById: { '$oid': '583291a1638566b3c5a92ca1' }, + updatedById: { '$oid': '583291a1638566b3c5a92ca1' } } +Generated JWT Token for tests: +JWT eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VySWQiOiI1ODMyOTFhMTYzODU2NmIzYzVhOTJjYTEifQ.QaJYP81K7kgB8FVw6bOK7XSZYI6_gn9GCOlDToQcu0Q +###################################### +{ _id: { '$oid': '583291a1638566b3c5a92ca0' }, + bio: 'I build things with @percolatestudio. Author of @discovermeteor. Exploring how to improve user experience through technology, design and performance.', + createdAt: 1479776904993, + followingIds: + [ { '$oid': '583291a1638566b3c5a92ca1' }, + { '$oid': '583291a1638566b3c5a92ca2' } ], + likedIds: + [ { '$oid': '583676d3618530145474e352' }, + { '$oid': '583676d3618530145474e353' }, + { '$oid': '583676d3618530145474e354' } ], + updatedAt: 1479776904993, + username: 'tmeasday', + role: 'editor', + hash: '$2a$10$SeepHv0X3GZfSzl0uqlXmucLsP2VjdI.nuA0UJnmOtEecLSx.RiWe', + createdById: { '$oid': '583291a1638566b3c5a92ca1' }, + updatedById: { '$oid': '583291a1638566b3c5a92ca1' } } +Generated JWT Token for tests: +JWT eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VySWQiOiI1ODMyOTFhMTYzODU2NmIzYzVhOTJjYTAifQ.9Vv99jJ1EyJyp7Q8G09vs7qdjtBicq0UlU4GeNKZ5Dc +###################################### +{ _id: { '$oid': '583291a1638566b3c5a92ca2' }, + bio: 'Co-founder of Parse, now at Facebook. Ex Google search quality, game developer & math contester.', + createdAt: 1479776906993, + followingIds: [ { '$oid': '583291a1638566b3c5a92ca1' } ], + likedIds: + [ { '$oid': '583676d3618530145474e350' }, + { '$oid': '583676d3618530145474e353' } ], + updatedAt: 1479776906993, + username: 'lacker', + role: 'user', + createdById: { '$oid': '583291a1638566b3c5a92ca1' }, + updatedById: { '$oid': '583291a1638566b3c5a92ca1' } } +Generated JWT Token for tests: +JWT eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VySWQiOiI1ODMyOTFhMTYzODU2NmIzYzVhOTJjYTIifQ.qfw1KGMp2tZ28csjYwkkv44SMMh4V0-VSLP3c5iC49Y +###################################### diff --git a/test/output-app-end-to-end/scripts/generateJWT.js b/test/output-app-end-to-end/scripts/generateJWT.js index bfe46ae..5282cb0 100755 --- a/test/output-app-end-to-end/scripts/generateJWT.js +++ b/test/output-app-end-to-end/scripts/generateJWT.js @@ -10,13 +10,12 @@ let arr; while ((arr = re.exec(userFile)) !== null) { let user = JSON.parse(arr[0]); console.log(user); - console.log('------------------------------------'); console.log('Generated JWT Token for tests:'); const payload = { userId: user._id.$oid.toString(), }; const token = jwt.encode(payload, KEY); - console.log(token); + console.log('JWT', token); console.log('######################################'); } diff --git a/test/output-app-end-to-end/test-3-mutations-with-user-role-admin.js b/test/output-app-end-to-end/test-3-mutations-with-user-role-admin.js index 8cd55d0..7724602 100644 --- a/test/output-app-end-to-end/test-3-mutations-with-user-role-admin.js +++ b/test/output-app-end-to-end/test-3-mutations-with-user-role-admin.js @@ -217,7 +217,11 @@ describe('test-3: user with role "admin"', () => { } } `, { - updateUser: null + updateUser: { + bio: 'Maker of things, I guess', + role: 'editor', + username: 'tobkle', + } }, newUser) }); diff --git a/test/output-app-end-to-end/test-5-mutations-with-user-role-user.js b/test/output-app-end-to-end/test-5-mutations-with-user-role-user.js index 1f8e5d1..0e994fb 100644 --- a/test/output-app-end-to-end/test-5-mutations-with-user-role-user.js +++ b/test/output-app-end-to-end/test-5-mutations-with-user-role-user.js @@ -174,7 +174,11 @@ describe('test-5: user with role "user"', () => { } } `, { - updateUser: null + updateUser: { + bio: 'Maker of things, I guess', + role: 'user', + username: 'tobkle', + } }, newUser) }); diff --git a/test/output-app-end-to-end/test-6-mutations-with-user-role-editor.js b/test/output-app-end-to-end/test-6-mutations-with-user-role-editor.js index 9419eeb..cf3b7e5 100644 --- a/test/output-app-end-to-end/test-6-mutations-with-user-role-editor.js +++ b/test/output-app-end-to-end/test-6-mutations-with-user-role-editor.js @@ -163,7 +163,11 @@ describe('test-6: user with role "editor"', () => { } } `, { - updateUser: null + updateUser: { + bio: 'Maker of things, I guess', + role: 'editor', + username: 'tmeasday', + } }, newUser) }); diff --git a/test/output-app/README.md b/test/output-app/README.md index 106855c..4c6e91c 100644 --- a/test/output-app/README.md +++ b/test/output-app/README.md @@ -7,6 +7,7 @@ This is a generated create-graphql-server app. ## Implementing Authentication The authentication is performed in those locations: * ./server/index.js +<<<<<<< HEAD * ./server/authenticate.js * ./model/index.js @@ -14,6 +15,15 @@ The authentication is performed in those locations: In the server, the database is started, and the UserCollection is defined. That's where the server accesses the user documents in the database. In ```js authenticate(app, UserCollection)``` the authentication is prepared and processed. Later, if a user sends a 'graphql' request, the user is determined with ```js passport.authenticate(...)```. After that, the user is whether an anonymous user or an authenticated user. You find the identified user in the object "me". Then the type models have to be initialized with the user "me" authorizations: ```js req.context = addModelsToContext({... me ...})```. +======= +* ./model/index.js +* ./server/authenticate.js + +### ./server/index.js +In the server, the database is started, and the UserCollection is defined. That's who the server accesses the user documents in the database. + +In ```js authenticate(app, UserCollection)``` the authentication is prepared and processed. Later if a user sends a 'graphql' request, the user is determined with ```js passport.authenticate(...)```. After that, the user is whether an anonymous user or an authenticated user. You find the identified user in the object "me". Then the type models have to be initialized with the user "me" authorizations: ```js req.context = addModelsToContext({... me ...})```. +>>>>>>> new authorization version from 2017-07-17 ```javascript ... @@ -51,10 +61,14 @@ async function startServer() { schema, context: Object.assign({ me }, req.context), debug: true, +<<<<<<< HEAD formatError(e) { console.log(e); return e; }, +======= + // formatError(e) { console.log(e) }, +>>>>>>> new authorization version from 2017-07-17 }; })(req, res, next); })(req, res, next); @@ -63,6 +77,7 @@ async function startServer() { } ``` +<<<<<<< HEAD By-the-way: The server/index.js is able to access the User collection directly by the following two lines. This is used in the server/authenticate.js during authenticate. ```js ... @@ -74,6 +89,10 @@ authenticate(app, UserCollection); ### ./model/index.js If there is a User model generated, then we load it as the first model. It defines the model, which will be used in the other models as well, to perform the authorization checks. +======= +### ./model/index.js +If there is a User model generated, then we load it as the first model. It defines the model, which will be used in the other models as well, to perform the authorization checks. +>>>>>>> new authorization version from 2017-07-17 ```javascript const models = {}; @@ -100,7 +119,11 @@ models.User = User; ``` ### ./server/authenticate.js +<<<<<<< HEAD Here, the real identification of an user is performed. After a user requested a '/login' url with user and password. The user's email is searched in the database. If it is there, it checks if the user's encrypted hash is equal to the encrypted password. If so, a user is identified and a JWT token is generated and transfered back to the requesting user. This JWT token is usually stored in the client's browsers local storage and added to the next call in the Authorization header. With all the next requests of that user, he sends an header like... +======= +Here the real identification of an user is performed. After a user requested a '/login' with user and password. The user's email is searched in the database. If it is there, it checks if the user's encrypted hash is equal to the encrypted password, if so, a user is identified and a JWT token is generated and transfered back to the requesting user. With all the next requests of that user, he sends an header like... +>>>>>>> new authorization version from 2017-07-17 ```javacript authorization JWT calculated.JWT.token ``` @@ -114,7 +137,11 @@ import { ObjectId } from 'mongodb'; import nodeify from 'nodeify'; import bcrypt from 'bcrypt'; import DataLoader from 'dataloader'; +<<<<<<< HEAD import { findByIds } from 'create-graphql-server-authorization'; +======= +import { findByIds } from './authorize'; +>>>>>>> new authorization version from 2017-07-17 const KEY = 'test-key'; let Loader; @@ -211,7 +238,12 @@ type User ) { +<<<<<<< HEAD role: String @authRole("admin") +======= + role: String @authRole("admin") @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) + +>>>>>>> new authorization version from 2017-07-17 username: String! bio: String @@ -233,7 +265,24 @@ This has the following meaning: * document-role: "this", is created (document roles have own fields in the document, but this is a special case for the field _id, which is not shown in the input type, but will be generated in the later schema file.) Only the user id of "this" meaning _id is allowed to readOne, update, delete its single User document. +<<<<<<< HEAD Use create-graphql-server command to generate the according schema, resolver, model files with the create-graphql-server command line interface. After its generation, you will find the generated files in the sub folders: schema, resolvers, model. The generated model files will use the following functions to implement the authorization logic. +======= +Here we use also the @authorize directive on field level for the field role: +```javascript +... +role: String @authRole("admin") @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) +... +``` +This adds additional authorization checks on the field level just for this field "role". +Every time this field "role" appears in any document, it will be checked, if the user is authorized to do the operation on this document containing this field. If the field is not in the document, it skips the field check. + +In this case it checks: +* if the user-role "admin" is the authorized user, then it allows him to create, read, update, delete operations also on the document, if it contains the field "role" +* if the document-role "this" (=owner of the document user._id_ = doc._id_) to do the operations "readOne" on the User document, but it doesn't allow him to upgrade/update his own User.role. + +Use create-graphql-server cli to generate the according schema, resolver, model files with the create-graphql-server command line interface. After its generation, you will find the generated files in the sub folders: schema, resolvers, model folders. The generated model files will use the following functions to implement the authorization logic. +>>>>>>> new authorization version from 2017-07-17 ### model.js This is an example of a database model of type . @@ -260,6 +309,7 @@ export default class { this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); ======= constructor(context){ +<<<<<<< HEAD ... this.unauthorizedLoader = new DataLoader(ids => findByIds(this.collection, ids)); const { user: me, User } = context; @@ -282,6 +332,45 @@ export default class { return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } catch (err){ log.error(err.message); } } +======= + ... + const { me, User } = context; + let authQuery; + try { + authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User }, authlog('tweet findOneLoader', 'readOne', me)); + } catch (err) { + log.error(err.message); + authQuery = {_id: false}; + } + this.unauthorizedLoader = new DataLoader(ids => findByIds(this.collection, ids)); + this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); + ... + } +... +// used from server calls, without authorization checks, NOT for use in resolvers +async findOneById(id, me = {}, resolver = 'tweet findOneById') { + try { + return await this.unauthorizedLoader.load(id); + } catch (err) { log.error(err.message); } +} + +// used for api calls, with authorization checks, for use in resolvers +async getOneById(id, me = {}, resolver = 'tweet getOneById') { + try { + const result = await this.authorizedLoader.load(id); + return result; + } catch (err) { log.error(err.message); } +} + +all({ lastCreatedAt = 0, limit = 10 }, me, resolver = 'tweet all') { + try { + const baseQuery = { createdAt: { $gt: lastCreatedAt } }; + const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); + const finalQuery = {...baseQuery, ...authQuery}; + return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + } catch (err){ log.error(err.message); } +} +>>>>>>> new authorization version from 2017-07-17 ... } ``` @@ -289,15 +378,22 @@ export default class { ### ./model/Tweet.js generated model file for the above input type Tweet.graphql considering the @authorize directive. You can see, the directive argument "read" is used to express "readOne" and "readMany" at the same time. Instead you can use "readOne" and "readMany" for fine grained control on read operations, to allow access to just one record or many records. ```javascript +<<<<<<< HEAD import DataLoader from 'dataloader'; import { findByIds, queryForRoles, getLogFilename, logger, authlog, checkAuthDoc } from 'create-graphql-server-authorization'; const log = logger(getLogFilename()); +======= +iimport log from '../server/logger'; +import DataLoader from 'dataloader'; +import { findByIds, queryForRoles, fieldForRoles, fieldContainsUserId, authorizedFields, authlog } from '../server/authorize'; +>>>>>>> new authorization version from 2017-07-17 export default class Tweet { constructor(context) { this.context = context; this.collection = context.db.collection('tweet'); this.pubsub = context.pubsub; +<<<<<<< HEAD <<<<<<< HEAD let authQuery; try { @@ -331,10 +427,45 @@ export default class Tweet { try { const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); const finalQuery = {...baseQuery, ...authQuery, createdAt: { $gt: lastCreatedAt }}; +======= + const { me, User } = context; + let authQuery; + try { + authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User }, authlog('tweet findOneLoader', 'readOne', me)); + } catch (err) { + log.error(err.message); + authQuery = {_id: false}; + } + this.unauthorizedLoader = new DataLoader(ids => findByIds(this.collection, ids)); + this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); + } + + // used from server calls, without authorization checks, NOT for use in resolvers + async findOneById(id, me = {}, resolver = 'tweet findOneById') { + try { + return await this.unauthorizedLoader.load(id); + } catch (err) { log.error(err.message); } + } + + // used for api calls, with authorization checks, for use in resolvers + async getOneById(id, me = {}, resolver = 'tweet getOneById') { + try { + const result = await this.authorizedLoader.load(id); + return result; + } catch (err) { log.error(err.message); } + } + + all({ lastCreatedAt = 0, limit = 10 }, me, resolver = 'tweet all') { + try { + const baseQuery = { createdAt: { $gt: lastCreatedAt } }; + const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); + const finalQuery = {...baseQuery, ...authQuery}; +>>>>>>> new authorization version from 2017-07-17 return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } catch (err){ log.error(err.message); } } +<<<<<<< HEAD createdBy(tweet, me, resolver) { return this.context.User.findOneById(tweet.createdById, me, resolver); } @@ -360,12 +491,48 @@ export default class Tweet { async insert(doc, me, resolver) { try { +======= + author(tweet, me, resolver = 'tweet author') { + return this.context.User.getOneById(tweet.authorId, me, resolver); + } + + createdBy(tweet, me, resolver = 'tweet createdBy') { + return this.context.User.getOneById(tweet.createdById, me, resolver); + } + + updatedBy(tweet, me, resolver = 'tweet updatedBy') { + return this.context.User.getOneById(tweet.updatedById, me, resolver); + } + + coauthors(tweet, { lastCreatedAt = 0, limit = 10 }, me, resolver = 'tweet coauthors') { + try { + const baseQuery = {_id: { $in: tweet.coauthorsIds }, createdAt: { $gt: lastCreatedAt } }; + const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); + const finalQuery = {...baseQuery, ...authQuery}; + return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + } catch (err){ log.error(err.message); } + } + + likers(tweet, { lastCreatedAt = 0, limit = 10 }, me, resolver = 'tweet likers') { + try { + const baseQuery = {likedIds: tweet._id, createdAt: { $gt: lastCreatedAt } }; + const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); + const finalQuery = {...baseQuery, ...authQuery}; + return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + } catch (err){ log.error(err.message); } + } + + async insert(doc, me, resolver = 'insert tweet') { + try { + let insertedDoc = null; +>>>>>>> new authorization version from 2017-07-17 let docToInsert = Object.assign({}, doc, { createdAt: Date.now(), updatedAt: Date.now(), createdById: (me && me._id) ? me._id : 'unknown', updatedById: (me && me._id) ? me._id : 'unknown', }); +<<<<<<< HEAD log.debug(JSON.stringify(docToInsert, null, 2)); checkAuthDoc(docToInsert, me, ['admin'], ['authorId'], { User: this.context.User }, authlog(resolver, 'create', me)); @@ -376,15 +543,40 @@ export default class Tweet { log.debug(`inserted tweet ${id}.`); const insertedDoc = this.findOneById(id, me, 'pubsub tweetInserted'); +======= + + const authQuery = queryForRoles(me, ['admin'], ['authorId'], { User: this.context.User }, authlog(resolver, 'create', me)); + + const docRoleFields = ['authorId'].map(key => ({ [key]: docToInsert[key] }) ); + if (Object.keys(authQuery).length > 0 && !fieldContainsUserId(docRoleFields, me._id)) { + throw new Error('Not authorized to insert tweet'); + } + + const id = (await this.collection.insertOne(docToInsert)).insertedId; + if (!id) { + log.error('insert tweet failed for docToInsert:', JSON.stringify(docToInsert, null, 2)); + throw new Error(`insert tweet not possible for ${id}.`); + } + + log.debug(`inserted tweet ${id}.`); + insertedDoc = this.getOneById(id, me, 'pubsub tweetInserted'); +>>>>>>> new authorization version from 2017-07-17 this.pubsub.publish('tweetInserted', insertedDoc); return insertedDoc; } catch (err){ log.error(err.message); } } +<<<<<<< HEAD async updateById(id, doc, me, resolver) { try { +======= + async updateById(id, doc, me, resolver = 'update tweet') { + try { + let updatedDoc = null; + const docBefore = await this.getOneById(id, me, 'tweet getOneById in updateById for docBefore'); +>>>>>>> new authorization version from 2017-07-17 let docToUpdate = {$set: Object.assign({}, doc, { updatedAt: Date.now(), updatedById: (me && me._id) ? me._id : 'unknown', @@ -392,54 +584,102 @@ export default class Tweet { const baseQuery = {_id: id}; const authQuery = queryForRoles(me, ['admin'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'update', me)); +<<<<<<< HEAD + const finalQuery = {...baseQuery, ...authQuery}; + const result = await this.collection.updateOne(finalQuery, docToUpdate); + if (result.result.ok !== 1 || result.result.n !== 1){ +======= + const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.updateOne(finalQuery, docToUpdate); if (result.result.ok !== 1 || result.result.n !== 1){ + log.error(`update tweet failed finalQuery:`, JSON.stringify(finalQuery, null, 2)); + log.error('update tweet failed for docToUpdate:', JSON.stringify(docToUpdate, null, 2)); +>>>>>>> new authorization version from 2017-07-17 throw new Error(`update tweet not possible for ${id}.`); } log.debug(`updated tweet ${id}.`); +<<<<<<< HEAD this.authorizedLoader.clear(id); const updatedDoc = this.findOneById(id, me, 'pubsub tweetUpdated'); +======= + this.unauthorizedLoader.clear(id); + this.authorizedLoader.clear(id); + + updatedDoc = this.getOneById(id, me, 'pubsub tweetUpdated'); +>>>>>>> new authorization version from 2017-07-17 this.pubsub.publish('tweetUpdated', updatedDoc); return updatedDoc; } catch (err){ log.error(err.message); } } +<<<<<<< HEAD async removeById(id, me, resolver) { try { +======= + async removeById(id, me, resolver = 'remove tweet') { + try { + const docBefore = this.getOneById(id, me, 'tweet getOneById in removeById for docBefore'); +>>>>>>> new authorization version from 2017-07-17 const baseQuery = {_id: id}; const authQuery = queryForRoles(me, ['admin'], ['authorId'], { User: this.context.User }, authlog(resolver, 'delete', me)); const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.remove(finalQuery); +<<<<<<< HEAD + if (result.result.ok !== 1 || result.result.n !== 1){ +======= + if (result.result.ok !== 1 || result.result.n !== 1){ + log.error(`remove tweet failed for finalQuery:`, JSON.stringify(finalQuery, null, 2)); +>>>>>>> new authorization version from 2017-07-17 throw new Error(`remove tweet not possible for ${id}.`); } log.debug(`removed tweet ${id}.`); +<<<<<<< HEAD this.authorizedLoader.clear(id); this.pubsub.publish('tweetRemoved', id); return result; +======= + this.unauthorizedLoader.clear(id); + this.authorizedLoader.clear(id); + + this.pubsub.publish('tweetRemoved', id); + return result; + +>>>>>>> new authorization version from 2017-07-17 } catch (err){ log.error(err.message); } } } ``` ### ./model/User.js +<<<<<<< HEAD generated model file for the above input type User.graphql considering the @authorize directive. +======= +generated model file for the above input type User.graphql: +this.auth is generated by the @authorize directive. Here also with field authorizations. + +>>>>>>> new authorization version from 2017-07-17 ```javascript import DataLoader from 'dataloader'; +<<<<<<< HEAD import { findByIds, queryForRoles, getLogFilename, logger, authlog, checkAuthDoc, protectFields } from 'create-graphql-server-authorization'; const log = logger(getLogFilename()); +======= +import { findByIds, queryForRoles, fieldForRoles, fieldContainsUserId, authorizedFields, authlog } from '../server/authorize'; +>>>>>>> new authorization version from 2017-07-17 export default class User { constructor(context) { this.context = context; this.collection = context.db.collection('user'); this.pubsub = context.pubsub; +<<<<<<< HEAD <<<<<<< HEAD this.authRole = User.authRole; let authQuery; @@ -471,10 +711,27 @@ export default class User { >>>>>>> applied changes } +======= + const { me } = context; + this.authRole = User.authRole; // otherwise not accessible in queryForRoles + let authQuery; + try { + authQuery = queryForRoles(me, ['admin'], ['_id'], { User }, authlog('user findOneLoader', 'readOne', me)); + } catch (err) { + log.error(err.message); + authQuery = {_id: false}; + } + this.unauthorizedLoader = new DataLoader(ids => findByIds(this.collection, ids)); + this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); + } + + // returns the role of the user +>>>>>>> new authorization version from 2017-07-17 static authRole(user){ return (user && user.role) ? user.role : null; } +<<<<<<< HEAD async findOneById(id, me, resolver) { try { return await this.authorizedLoader.load(id); @@ -562,22 +819,199 @@ export default class User { async removeById(id, me, resolver) { try { +======= + // used from server calls, without authorization checks, NOT for use in resolvers + async findOneById(id, me = {}, resolver = 'user findOneById') { + try { + return await this.unauthorizedLoader.load(id); + } catch (err) { log.error(err.message); } + } + + // used for api calls, with authorization checks, for use in resolvers + async getOneById(id, me = {}, resolver = 'user getOneById') { + try { + const result = await this.authorizedLoader.load(id); + // role: @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) + // ===== ====== ==== ======= + return authorizedFields(result, 'role', me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver + 'field "role"', 'readOne', me)); + } catch (err) { log.error(err.message); } + } + + all({ lastCreatedAt = 0, limit = 10 }, me, resolver = 'user all') { + try { + const baseQuery = { createdAt: { $gt: lastCreatedAt } }; + const authQuery = queryForRoles(me, ['admin'], [], { User: this.context.User }, authlog(resolver, 'readMany', me)); + // role: @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) + // ===== ====== + let authFields = {}; + authFields = fieldForRoles(authFields, 'role', me, ['admin'], [], { User: this.context.User }, authlog(resolver + 'field "role"', 'readMany', me)); + const finalQuery = {...baseQuery, ...authQuery}; + return this.collection.find(finalQuery).sort({ createdAt: 1 }).project(authFields).limit(limit).toArray(); + } catch (err) { log.error(err.message); } + } + + tweets(user, { minLikes, lastCreatedAt = 0, limit = 10 }, me, resolver = 'user tweets') { + try { + const baseQuery = { + authorId: user._id, + createdAt: { $gt: lastCreatedAt }, + }; + const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); + const finalQuery = {...baseQuery, ...authQuery}; + return this.context.Tweet.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + } catch (err) { log.error(err.message); } + } + + liked(user, { lastCreatedAt = 0, limit = 10 }, me, resolver = 'user liked') { + try { + const baseQuery = { + _id: { $in: user.likedIds }, + createdAt: { $gt: lastCreatedAt }, + }; + const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); + const finalQuery = {...baseQuery, ...authQuery}; + return this.context.Tweet.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + } catch (err) { log.error(err.message); } + } + + following(user, { lastCreatedAt = 0, limit = 10 }, me, resolver = 'user following') { + try { + const baseQuery = { + _id: { $in: user.followingIds || [] }, + createdAt: { $gt: lastCreatedAt }, + }; + const authQuery = queryForRoles(me, ['admin'], [], { User: this.context.User }, authlog(resolver, 'readMany', me)); + // role: @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) + // ====== + let authFields = {}; + authFields = fieldForRoles(authFields, 'role', me, ['admin'], [], { User: this.context.User }, authlog(resolver + 'field "role"', 'readMany', me)); + const finalQuery = {...baseQuery, ...authQuery}; + return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).project(authFields).limit(limit).toArray(); + } catch (err) { log.error(err.message); } + } + + followers(user, { lastCreatedAt = 0, limit = 10 }, me, resolver = 'user followers') { + try { + const baseQuery = { + followingIds: user._id, + createdAt: { $gt: lastCreatedAt }, + }; + const authQuery = queryForRoles(me, ['admin'], [], { User: this.context.User }, authlog(resolver, 'readMany', me)); + // role: @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) + // ====== + let authFields = {}; + authFields = fieldForRoles(authFields, 'role', me, ['admin'], [], { User: this.context.User }, authlog(resolver + 'field "role"', 'readMany', me)); + const finalQuery = {...baseQuery, ...authQuery}; + return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).project(authFields).limit(limit).toArray(); + } catch (err) { log.error(err.message); } + } + + createdBy(user, me, resolver = 'user createdBy') { + return this.context.User.getOneById(user.createdById, me, resolver); + } + + updatedBy(user, me, resolver = 'user updatedBy') { + return this.context.User.getOneById(user.updatedById, me, resolver); + } + + async insert(doc, me, resolver = 'insert user') { + try { + let insertedDoc = null; + let docToInsert = Object.assign({}, doc, { + createdAt: Date.now(), + updatedAt: Date.now(), + createdById: (me && me._id) ? me._id : 'unknown', + updatedById: (me && me._id) ? me._id : 'unknown', + }); + + const authQuery = queryForRoles(me, ['admin'], [], { User: this.context.User }, authlog(resolver, 'create', me)); + // role: @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) + // ===== ====== + docToInsert = authorizedFields(docToInsert, 'role', me, ['admin'], [], { User: this.context.User }, authlog(resolver + 'field "role"', 'create', me)); + + const id = (await this.collection.insertOne(docToInsert)).insertedId; + if (!id) { + log.error('insert user failed for:', JSON.stringify(docToInsert, null, 2)); + throw new Error(`insert user not possible for user ${id}.`); + } + + log.debug(`inserted user ${id}.`); + insertedDoc = this.getOneById(id, me, 'pubsub userInserted'); + this.pubsub.publish('userInserted', insertedDoc); + return insertedDoc; + + } catch (err) { log.error(err.message); } + } + + async updateById(id, doc, me, resolver = 'update user') { + try { + let updatedDoc = null; + const docBefore = await this.findOneById(id, me, 'user findOneById in updateById for docBefore'); + let docToUpdate = {$set: Object.assign({}, doc, { + updatedAt: Date.now(), + updatedById: (me && me._id) ? me._id : 'unknown', + })}; + + const baseQuery = {_id: id}; + const authQuery = queryForRoles(me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'update', me)); + // role: @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) + // ===== ====== + docToUpdate.$set = authorizedFields(docToUpdate.$set, 'role', me, ['admin'], [], { User: this.context.User }, authlog(resolver + 'field "role"', 'update', me)); + + const finalQuery = {...baseQuery, ...authQuery}; + const result = await this.collection.updateOne(finalQuery, docToUpdate); + if (result.result.ok !== 1){ + log.error(`update user failed finalQuery:`, JSON.stringify(finalQuery, null, 2)); + log.error('update user failed for docToUpdate:', JSON.stringify(docToUpdate, null, 2)); + throw new Error(`update user not possible for ${id}.`); + } + + log.debug(`updated user ${id}.`); + this.unauthorizedLoader.clear(id); + this.authorizedLoader.clear(id); + + updatedDoc = this.getOneById(id, me, 'pubsub userUpdated') + this.pubsub.publish('userUpdated', updatedDoc); + return updatedDoc; + + } catch (err) { log.error(err.message); } + } + + async removeById(id, me, resolver = 'remove user') { + try { + const docBefore = await this.findOneById(id, me, 'user findOneById in removeById for docBefore'); +>>>>>>> new authorization version from 2017-07-17 const baseQuery = {_id: id}; const authQuery = queryForRoles(me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'delete', me)); const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.remove(finalQuery); if (result.result.ok !== 1 || result.result.n !== 1){ +<<<<<<< HEAD + throw new Error(`remove user not possible for ${id}.`); + } + log.debug(`removed user ${id}.`); + this.authorizedLoader.clear(id); + this.pubsub.publish('userRemoved', id); + return result; +======= + log.error(`remove user failed for finalQuery:`, JSON.stringify(finalQuery, null, 2)); throw new Error(`remove user not possible for ${id}.`); } + log.debug(`removed user ${id}.`); + this.unauthorizedLoader.clear(id); this.authorizedLoader.clear(id); + this.pubsub.publish('userRemoved', id); return result; + +>>>>>>> new authorization version from 2017-07-17 } catch (err) { log.error(err.message); } } } ``` +<<<<<<< HEAD As you can see in both model header lines, we are using a specialized npm package "create-graphql-server-authorization". ## create-graphql-server-authorization @@ -589,10 +1023,13 @@ npm install create-graphql-server-authorization This uses the following functions from that module: +======= +>>>>>>> new authorization version from 2017-07-17 ### function authlog A logging function that understands "resolvers", "modes" and "users". Simple wrapper around whatever logging function we use. ```javascript +<<<<<<< HEAD /* * Central logger for authorization checks * @param {string} resolver @@ -623,6 +1060,14 @@ function authlog(resolver = "", mode = "", me = {}) { log.error(resultMessage); throw new Error(makeMessage(message)); } +======= +// central logger for authorization checks +export function authlog(resolver = '', mode = '', me = {}) { + const makeMessage = (message) => `Authorize ${mode} "${resolver}" with user "${me.username ? me.username : ''}" ${message}`; + return { + debug: (message) => log.debug(makeMessage(message)), + error: (message) => {throw new Error(makeMessage(message))}, +>>>>>>> new authorization version from 2017-07-17 }; } ``` @@ -631,6 +1076,7 @@ function authlog(resolver = "", mode = "", me = {}) { This is an extended version of [mongo-find-by-ids](https://github.com/tmeasday/mongo-find-by-ids). The enhancement is only to provide an additional authQuery object, to extend the query to meet additional authorizations. ```javascript +<<<<<<< HEAD /* * find a record by id (cached with dataloader) * returns the record, cached if already read, checks authorization if set @@ -762,6 +1208,146 @@ function loggedIn(me) { return true; } return false; +======= +// returns the record, cached if already read, checks authorization if set +// enhancement of tmeasday'findByIds +export function findByIds(collection, ids = [], authQuery) { + const baseQuery = { _id: { $in: ids } }; + const finalQuery = {...baseQuery, ...authQuery}; + return collection.find(finalQuery).toArray().then(docs => { + const idMap = {}; + docs.forEach(d => { idMap[d._id] = d; }); + return ids.map(id => idMap[id]); + }); +>>>>>>> new authorization version from 2017-07-17 +} +``` + +### function loggedIn +Use function loggedIn, to check if a user is logged in. + +```javascript +// returns true, if user is logged in +export function loggedIn(me) { + if(me && me._id && me._id.toString() !== '') { + return true; + } + return false; +} +``` + +### function fieldAuthorized +User function fieldAuthorized, to check, if a user is allowed to access a specific field e.g. field "role" in the User model. + +```javascript +// returns true, if authorized to get field +// returns false, if NOT authorized to get field +export function fieldAuthorized(me = {}, userRoles = [], docRoles = [], { User }, logger){ + // The logged in user's role is authorized for the field + if (roleAuthorizedForDoc(me, userRoles, docRoles, { User }, logger)) { + return true; + } + // The user might be listed in any document field + if (loggedIn(me) && docRoles.length > 0){ + return true; + } + return false; +} +``` + +### function fieldForRoles +Use function fieldForRoles to prepare an authField object, which can be used in db calls, to get only those fields, the user is allowed to access. Use it like... + +```javascript +const authField = fieldForRoles(...) +this.collection.find(finalQuery).sort({ createdAt: 1 }).project(authFields).limit(limit).toArray(); +``` + + +```javascript +// returns a projection query of fields not to be shown, e.g. { role: 0 } +export function fieldForRoles(projection, field, me = {}, userRoles = [], docRoles = [], { User }, logger){ + const role = User.authRole(me); + // The logged in user's role is authorized for the field + if (roleAuthorizedForDoc(me, userRoles, docRoles, { User }, logger)) { + return projection; + } + // The user is listed in any document field + if (loggedIn(me) && docRoles.length > 0){ + return projection; + } + const authFields = Object.assign({}, { [field]: 0 }, projection); + logger.debug(`and role "${role ? role : ''}" not authorized to access field "${field}".`) + return authFields; +} +``` + +### function authorizedFields +Use function authorizedFields, to filter documents, to contain only the fields, which the user is allowed to access. E.g. pass in a result variable, which can be whether an array of documents or a document. It returns the documents without the field "role", if the user is not allowed to access the field role. + +```javascript +// imports a result (which is document or an array of documents), and returns the result, +// but it removes the field without authorization from documents, +// e.g. field "role" is removed from all result documents, if the user/role is not allowed to access it +export function authorizedFields(result, field, me, userRoles = [], docRoles = [], { User }, logger){ + const role = User.authRole(me) || ''; + + // if any userRole authorizes field + if (roleAuthorizedForDoc(me, userRoles, docRoles, { User }, logger)) { + return result; + } + + // if any docRole authorizes field + // The user is listed in any document field + if (loggedIn(me) && docRoles.length > 0){ + + // if the result was an array of documents, check each doc and field + if (_.isArray(result)){ + const authorizedResult = []; + // check all documents in the result array + result.every(doc => { + let fieldAuthorized = false; + // check all docRoles if any of them authorizes field + docRoles.every(docRole => { + // if one docRole authorizes the field, then fieldAuthorized = true + if (doc[docRole] && fieldContainsUserId(doc[docRole], me._id)){ + fieldAuthorized = true; + } + }); + if (!fieldAuthorized && doc[field]){ + delete doc[field]; + logger.debug(`with role "${role}" field "${field}" removed from document id "${doc._id}". No authorization.`); + } + authorizedResult.push(doc); + }); + return authorizedResult; + } + + // if the result was a document + if (_.isObject(result)){ + // check with all docRoles + let fieldAuthorized = false; + docRoles.every(docRole => { + // if one docRole authorizes the field, then fieldAuthorized = true + if (result[docRole] && fieldContainsUserId(result[docRole], me._id)){ + fieldAuthorized = true; + } + }); + if (!fieldAuthorized && result[field]){ + delete result[field]; + logger.debug(`with role "${role}" field "${field}" removed from document id "${result._id}". No authorization.`); + } + return result; + } + + } + + // not authorized to access field + if (result[field]){ + delete result[field]; + logger.debug(`with role "${role}" field "${field}" removed from document id "${result._id}". No authorization.`); + } + return result; } ``` @@ -770,6 +1356,7 @@ Use function queryForRoles to generate an authQuery object. It expects the following arguments: ```javascript +<<<<<<< HEAD /* * Prepare a query object for mongodb operations with authorization queries * creates an authQuery object with additional query arguments, to implement authorization restrictions for mongodb access @@ -800,10 +1387,20 @@ function queryForRoles( // Build query for the case: The logged in user's role is authorized if (userRoleAuthorized(me, userRoles, { User }, logger)) { return {}; // empty authQuery means, do operation with no access restrictions +======= +// creates an authQuery object with additional query arguments, to implement authorization restrictions for mongodb access +export function queryForRoles(me = {}, userRoles = [], docRoles = [], { User }, logger) { + const role = User.authRole(me); + + // Build query for the case: The logged in user's role is authorized + if (roleAuthorizedForDoc(me, userRoles, docRoles, { User }, logger)) { + return {}; // empty authQuery means, do operation with no access restrictions +>>>>>>> new authorization version from 2017-07-17 } // Build query for the case: The user is listed in any document field const query = { $or: [] }; +<<<<<<< HEAD // makes only sense, if user is logged in - otherwise no userId if (loggedIn(me)) { // prepare selection criterias as "authQuery" object @@ -829,6 +1426,15 @@ function queryForRoles( } // Not Authorized - throw exception in logger.error +======= + if (loggedIn(me)){ + docRoles.forEach(docRole => query.$or.push( { [docRole]: me._id } ) ); + logger.debug(`and role: "${role ? role : ''}" with \nauthQuery: ${JSON.stringify(query, null, 2)}`); + if (query.$or.length > 0) return query; + } + + // Not Authorized +>>>>>>> new authorization version from 2017-07-17 const message = `and role: "${role}" is not authorized.`; logger.error(message); } @@ -839,8 +1445,12 @@ It expects the following arguments with the meanings: * **userRoles:** an array with userRoles, which was generated by the @authorize directives in the .graphql file * **docRoles:** an array with docRoles, which was generated by the @authorize directives in the .graphql file * **User:** User context to access the User model +<<<<<<< HEAD * **logger:** logging function e.g. ```js authlog(resolver, mode, me) ``` * **resolver:** this is a string with the resolver's name, optional, only for easier debugging +======= +* **logger:** logging function e.g. authlog(resolver, mode, me) +>>>>>>> new authorization version from 2017-07-17 * **mode:** this is the current mode of operation: * **create:** insert a record to the database * **read:** read a record or many records from the database @@ -848,6 +1458,7 @@ It expects the following arguments with the meanings: * **readMany:** read many records from the the database * **update:** update a record in the database * **delete:** remove a record from the database +<<<<<<< HEAD * **me:** the user object, who is executing the request, and who is checked for authorization ### function userRoleAuthorized @@ -886,6 +1497,21 @@ function userRoleAuthorized( ) { // => authorized logger.debug(`and role "${role ? role : ""}" is authorized`); +======= + * **resolver:** this is a string with the resolver's name, optional, only for easier debugging + * **me:** the user object, who is executing the request, and who is checked for authorization + +### function roleAuthorizedForDoc +This helper function is used by queryForRoles, and decides, if a user gains the authorization by its role. +For example: If a user has a field "role" in his user document and it contains the value "admin". So it checks if a user's role is admin, and allows all operations for admins. +```javascript +// returns true, if the user's role is authorized for a document +export function roleAuthorizedForDoc(me = {}, userRoles = [], docRoles = [], { User }, logger){ + const role = User.authRole(me); + + if ( userRoles.includes('world') || role && userRoles.length > 0 && userRoles.includes(role) ) { + logger.debug(`and role "${role ? role : ''}" is authorized`); +>>>>>>> new authorization version from 2017-07-17 return true; } @@ -950,6 +1576,7 @@ function fieldContainsUserId(docRoleField, compressedUserId) { if (found) return true; return false; } +<<<<<<< HEAD // docRoleField of type field if (docRoleField.toString() === userId.toString()) { @@ -957,6 +1584,9 @@ function fieldContainsUserId(docRoleField, compressedUserId) { } return false; +======= + return found; +>>>>>>> new authorization version from 2017-07-17 } ``` @@ -969,6 +1599,7 @@ In the resolver interfaces, there are different objects: * the last argument in the resolver function is the resolver's name, which is optional and only to enhance the logging in debugging mode by additional information. If you have to analyze authorization outcomes, this helps a lot to figure out, which resolvers authorization rule fired. ```javascript +<<<<<<< HEAD const resolvers = { User: { id(user) { @@ -1029,6 +1660,68 @@ In the resolver interfaces, there are different objects: }; export default resolvers; +======= + const resolvers = { + User: { + id(user) { + return user._id; + }, + + createdBy(user, args, { User, me }) { + return User.createdBy(user, me, 'createdBy'); + }, + + updatedBy(user, args, { User, me }) { + return User.updatedBy(user, me, 'updatedBy'); + }, + + tweets(user, { minLikes, lastCreatedAt, limit }, { User, me }) { + return User.tweets(user, { minLikes, lastCreatedAt, limit }, me, 'tweets'); + }, + + liked(user, { lastCreatedAt, limit }, { User, me }) { + return User.liked(user, { lastCreatedAt, limit }, me, 'liked'); + }, + + following(user, { lastCreatedAt, limit }, { User, me }) { + return User.following(user, { lastCreatedAt, limit }, me, 'following'); + }, + + followers(user, { lastCreatedAt, limit }, { User, me }) { + return User.followers(user, { lastCreatedAt, limit }, me, 'followers'); + }, + }, + Query: { + users(root, { lastCreatedAt, limit }, { User, me }) { + return User.all({ lastCreatedAt, limit }, me, 'users'); + }, + + user(root, { id }, { User, me }) { + return User.getOneById(id, me, 'user'); + }, + }, + Mutation: { + async createUser(root, { input }, { User, me }) { + return await User.insert(input, me); + }, + + async updateUser(root, { id, input }, { User, me }) { + return await User.updateById(id, input, me); + }, + + async removeUser(root, { id }, { User, me }) { + return await User.removeById(id, me, 'removeUser'); + }, + }, + Subscription: { + userCreated: user => user, + userUpdated: user => user, + userRemoved: id => id, + }, + }; + + export default resolvers; +>>>>>>> new authorization version from 2017-07-17 ``` ### ./resolver/Tweet.js @@ -1047,6 +1740,7 @@ In the resolver interfaces, there are different objects: }, author(tweet, args, { Tweet, me }) { +<<<<<<< HEAD return Tweet.author(tweet, me, 'tweet author'); }, @@ -1064,24 +1758,59 @@ In the resolver interfaces, there are different objects: likers(tweet, { lastCreatedAt, limit }, { Tweet, me }) { return Tweet.likers(tweet, { lastCreatedAt, limit }, me, 'tweet likers'); +======= + return Tweet.author(tweet, me, 'author'); + }, + + createdBy(tweet, args, { Tweet, me }) { + return Tweet.createdBy(tweet, me, 'createdBy'); + }, + + updatedBy(tweet, args, { Tweet, me }) { + return Tweet.updatedBy(tweet, me, 'updatedBy'); + }, + + coauthors(tweet, { lastCreatedAt, limit }, { Tweet, me }) { + return Tweet.coauthors(tweet, { lastCreatedAt, limit }, me, 'coauthors'); + }, + + likers(tweet, { lastCreatedAt, limit }, { Tweet, me }) { + return Tweet.likers(tweet, { lastCreatedAt, limit }, me, 'likers'); +>>>>>>> new authorization version from 2017-07-17 }, }, Query: { tweets(root, { lastCreatedAt, limit }, { Tweet, me }) { +<<<<<<< HEAD return Tweet.find({ lastCreatedAt, limit }, me, 'tweets'); }, tweet(root, { id }, { Tweet, me }) { return Tweet.findOneById(id, me, 'tweet'); +======= + return Tweet.all({ lastCreatedAt, limit }, me, 'tweets'); + }, + + tweet(root, { id }, { Tweet, me }) { + return Tweet.getOneById(id, me, 'tweet'); +>>>>>>> new authorization version from 2017-07-17 }, }, Mutation: { async createTweet(root, { input }, { Tweet, me }) { +<<<<<<< HEAD return await Tweet.insert(input, me, 'createTweet'); }, async updateTweet(root, { id, input }, { Tweet, me }) { return await Tweet.updateById(id, input, me, 'updateTweet'); +======= + return await Tweet.insert(input, me); + }, + + async updateTweet(root, { id, input }, { Tweet, me }) { + return await Tweet.updateById(id, input, me); +>>>>>>> new authorization version from 2017-07-17 }, async removeTweet(root, { id }, { Tweet, me }) { diff --git a/test/output-app/model/Tweet.js b/test/output-app/model/Tweet.js index 2e936eb..cd02baa 100644 --- a/test/output-app/model/Tweet.js +++ b/test/output-app/model/Tweet.js @@ -1,90 +1,92 @@ import log from '../server/logger'; import DataLoader from 'dataloader'; -import { findByIds, queryForRoles, fieldContainsUserId } from '../server/authorize'; +import { findByIds, queryForRoles, fieldForRoles, fieldContainsUserId, authorizedFields, authlog } from '../server/authorize'; export default class Tweet { constructor(context) { this.context = context; this.collection = context.db.collection('tweet'); this.pubsub = context.pubsub; - this.loaders = (_user = {}, resolver = '') => ({ - readOne: new DataLoader(ids => new Promise( async (resolve, reject) => { - try { - const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readOne', { User: this.context.User }, resolver); - const result = await findByIds(this.collection, ids, authQuery); - resolve(result); - } catch (err) { reject(err); } - })), - // readMany: new DataLoader(ids => new Promise( async (resolve, reject) => { - // try { - // const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readMany', { User: this.context.User }, resolver); - // const result = await findByIds(this.collection, ids, authQuery); - // resolve(result); - // } catch (err) { reject(err); } - // })), - }); + const { me, User } = context; + let authQuery; + try { + authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User }, authlog('tweet findOneLoader', 'readOne', me)); + } catch (err) { + log.error(err.message); + authQuery = {_id: false}; + } + this.unauthorizedLoader = new DataLoader(ids => findByIds(this.collection, ids)); + this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); + } + + // used from server calls, without authorization checks, NOT for use in resolvers + async findOneById(id, me = {}, resolver = 'tweet findOneById') { + try { + return await this.unauthorizedLoader.load(id); + } catch (err) { log.error(err.message); } } - async getOneById(id, _user = {}, resolver = 'tweet getOneById') { + // used for api calls, with authorization checks, for use in resolvers + async getOneById(id, me = {}, resolver = 'tweet getOneById') { try { - const result = await this.loaders(_user, resolver).readOne.load(id); + const result = await this.authorizedLoader.load(id); return result; } catch (err) { log.error(err.message); } } - all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = 'tweet all') { + all({ lastCreatedAt = 0, limit = 10 }, me, resolver = 'tweet all') { try { const baseQuery = { createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readMany', { User: this.context.User }, resolver); + const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); const finalQuery = {...baseQuery, ...authQuery}; return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } catch (err){ log.error(err.message); } } - author(tweet, _user, resolver = 'tweet author') { - return this.context.User.getOneById(tweet.authorId, _user, resolver); + author(tweet, me, resolver = 'tweet author') { + return this.context.User.getOneById(tweet.authorId, me, resolver); } - createdBy(tweet, _user, resolver = 'tweet createdBy') { - return this.context.User.getOneById(tweet.createdById, _user, resolver); + createdBy(tweet, me, resolver = 'tweet createdBy') { + return this.context.User.getOneById(tweet.createdById, me, resolver); } - updatedBy(tweet, _user, resolver = 'tweet updatedBy') { - return this.context.User.getOneById(tweet.updatedById, _user, resolver); + updatedBy(tweet, me, resolver = 'tweet updatedBy') { + return this.context.User.getOneById(tweet.updatedById, me, resolver); } - coauthors(tweet, { lastCreatedAt = 0, limit = 10 }, _user, resolver = 'tweet coauthors') { + coauthors(tweet, { lastCreatedAt = 0, limit = 10 }, me, resolver = 'tweet coauthors') { try { const baseQuery = {_id: { $in: tweet.coauthorsIds }, createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readMany', { User: this.context.User }, resolver); + const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); const finalQuery = {...baseQuery, ...authQuery}; return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } catch (err){ log.error(err.message); } } - likers(tweet, { lastCreatedAt = 0, limit = 10 }, _user, resolver = 'tweet likers') { + likers(tweet, { lastCreatedAt = 0, limit = 10 }, me, resolver = 'tweet likers') { try { const baseQuery = {likedIds: tweet._id, createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readMany', { User: this.context.User }, resolver); + const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); const finalQuery = {...baseQuery, ...authQuery}; return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } catch (err){ log.error(err.message); } } - async insert(doc, _user, resolver = 'insert tweet') { + async insert(doc, me, resolver = 'insert tweet') { try { let insertedDoc = null; let docToInsert = Object.assign({}, doc, { createdAt: Date.now(), updatedAt: Date.now(), - createdById: (_user && _user._id) ? _user._id : 'unknown', - updatedById: (_user && _user._id) ? _user._id : 'unknown', + createdById: (me && me._id) ? me._id : 'unknown', + updatedById: (me && me._id) ? me._id : 'unknown', }); - const authQuery = queryForRoles(_user, ['admin'], ['authorId'], 'create', { User: this.context.User }, resolver); + const authQuery = queryForRoles(me, ['admin'], ['authorId'], { User: this.context.User }, authlog(resolver, 'create', me)); const docRoleFields = ['authorId'].map(key => ({ [key]: docToInsert[key] }) ); - if (Object.keys(authQuery).length > 0 && !fieldContainsUserId(docRoleFields, _user._id)) { + if (Object.keys(authQuery).length > 0 && !fieldContainsUserId(docRoleFields, me._id)) { throw new Error('Not authorized to insert tweet'); } @@ -95,24 +97,24 @@ export default class Tweet { } log.debug(`inserted tweet ${id}.`); - insertedDoc = this.getOneById(id, _user, 'pubsub tweetInserted'); + insertedDoc = this.getOneById(id, me, 'pubsub tweetInserted'); this.pubsub.publish('tweetInserted', insertedDoc); return insertedDoc; } catch (err){ log.error(err.message); } } - async updateById(id, doc, _user, resolver = 'update tweet') { + async updateById(id, doc, me, resolver = 'update tweet') { try { let updatedDoc = null; - const docBefore = await this.getOneById(id, _user, 'tweet getOneById in updateById for docBefore'); + const docBefore = await this.getOneById(id, me, 'tweet getOneById in updateById for docBefore'); let docToUpdate = {$set: Object.assign({}, doc, { updatedAt: Date.now(), - updatedById: (_user && _user._id) ? _user._id : 'unknown', + updatedById: (me && me._id) ? me._id : 'unknown', })}; const baseQuery = {_id: id}; - const authQuery = queryForRoles(_user, ['admin'], ['authorId', 'coauthorsIds'], 'update', { User: this.context.User }, resolver); + const authQuery = queryForRoles(me, ['admin'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'update', me)); const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.updateOne(finalQuery, docToUpdate); @@ -123,21 +125,21 @@ export default class Tweet { } log.debug(`updated tweet ${id}.`); - this.loaders().readOne.clear(id); - // this.loaders().readMany.clear(id); + this.unauthorizedLoader.clear(id); + this.authorizedLoader.clear(id); - updatedDoc = this.getOneById(id, _user, 'pubsub tweetUpdated'); + updatedDoc = this.getOneById(id, me, 'pubsub tweetUpdated'); this.pubsub.publish('tweetUpdated', updatedDoc); return updatedDoc; } catch (err){ log.error(err.message); } } - async removeById(id, _user, resolver = 'remove tweet') { + async removeById(id, me, resolver = 'remove tweet') { try { - const docBefore = this.getOneById(id, _user, 'tweet getOneById in removeById for docBefore'); + const docBefore = this.getOneById(id, me, 'tweet getOneById in removeById for docBefore'); const baseQuery = {_id: id}; - const authQuery = queryForRoles(_user, ['admin'], ['authorId'], 'delete', { User: this.context.User }, resolver); + const authQuery = queryForRoles(me, ['admin'], ['authorId'], { User: this.context.User }, authlog(resolver, 'delete', me)); const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.remove(finalQuery); @@ -147,8 +149,8 @@ export default class Tweet { } log.debug(`removed tweet ${id}.`); - this.loaders().readOne.clear(id); - // this.loaders().readMany.clear(id); + this.unauthorizedLoader.clear(id); + this.authorizedLoader.clear(id); this.pubsub.publish('tweetRemoved', id); return result; diff --git a/test/output-app/model/User.js b/test/output-app/model/User.js index 4e8392f..90902ac 100644 --- a/test/output-app/model/User.js +++ b/test/output-app/model/User.js @@ -1,141 +1,138 @@ import log from '../server/logger'; import DataLoader from 'dataloader'; -import { findByIds, queryForRoles, fieldContainsUserId } from '../server/authorize'; +import { findByIds, queryForRoles, fieldForRoles, fieldContainsUserId, authorizedFields, authlog } from '../server/authorize'; export default class User { constructor(context) { this.context = context; this.collection = context.db.collection('user'); this.pubsub = context.pubsub; - this._user = {}; - this.loaders = (_user = {}, resolver = '') => ({ - readOneWithoutAuth: new DataLoader(ids => new Promise( async (resolve, reject) => { - try { - const result = await findByIds(this.collection, ids, {}); - resolve(result); - } catch (err) { reject(err); } - })), - readOne: new DataLoader(ids => new Promise( async (resolve, reject) => { - try { - const authQuery = queryForRoles(_user, ['admin'], ['_id'], 'readOne', { User: this.context.User }, resolver); - const result = await findByIds(this.collection, ids, authQuery); - resolve(result); - } catch (err) { reject(err); } - })), - // readMany: new DataLoader(ids => new Promise( async (resolve, reject) => { - // try { - // const authQuery = queryForRoles(_user, ['admin'], [], 'readMany', { User: this.context.User }, resolver); - // const result = await findByIds(this.collection, ids, authQuery); - // resolve(result); - // } catch (err) { reject(err); } - // })), - }); + const { me } = context; + this.authRole = User.authRole; // otherwise not accessible in queryForRoles + let authQuery; + try { + authQuery = queryForRoles(me, ['admin'], ['_id'], { User }, authlog('user findOneLoader', 'readOne', me)); + } catch (err) { + log.error(err.message); + authQuery = {_id: false}; + } + this.unauthorizedLoader = new DataLoader(ids => findByIds(this.collection, ids)); + this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); } - authRole(user){ - return (user && user.role) ? user.role : ''; + // returns the role of the user + static authRole(user){ + return (user && user.role) ? user.role : null; } // used from server calls, without authorization checks, NOT for use in resolvers - async findOneById(id, _user = {}, resolver = 'user findOneById') { + async findOneById(id, me = {}, resolver = 'user findOneById') { try { - const result = await this.loaders(_user, resolver).readOneWithoutAuth.load(id); - return result; + return await this.unauthorizedLoader.load(id); } catch (err) { log.error(err.message); } } // used for api calls, with authorization checks, for use in resolvers - async getOneById(id, _user = {}, resolver = 'user getOneById') { + async getOneById(id, me = {}, resolver = 'user getOneById') { try { - const result = await this.loaders(_user, resolver).readOne.load(id); - return result; + const result = await this.authorizedLoader.load(id); + // role: @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) + // ===== ====== ==== ======= + return authorizedFields(result, 'role', me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver + 'field "role"', 'readOne', me)); } catch (err) { log.error(err.message); } } - all({ lastCreatedAt = 0, limit = 10 }, _user, resolver = 'user all') { + all({ lastCreatedAt = 0, limit = 10 }, me, resolver = 'user all') { try { const baseQuery = { createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(_user, ['admin'], [], 'readMany', { User: this.context.User }, resolver); - const restrictedFields = (Object.keys(authQuery).length === 0) ? {} : { role: 0 }; + const authQuery = queryForRoles(me, ['admin'], [], { User: this.context.User }, authlog(resolver, 'readMany', me)); + // role: @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) + // ===== ====== + let authFields = {}; + authFields = fieldForRoles(authFields, 'role', me, ['admin'], [], { User: this.context.User }, authlog(resolver + 'field "role"', 'readMany', me)); const finalQuery = {...baseQuery, ...authQuery}; - return this.collection.find(finalQuery).sort({ createdAt: 1 }).project(restrictedFields).limit(limit).toArray(); + return this.collection.find(finalQuery).sort({ createdAt: 1 }).project(authFields).limit(limit).toArray(); } catch (err) { log.error(err.message); } } - tweets(user, { minLikes, lastCreatedAt = 0, limit = 10 }, _user, resolver = 'user tweets') { + tweets(user, { minLikes, lastCreatedAt = 0, limit = 10 }, me, resolver = 'user tweets') { try { const baseQuery = { authorId: user._id, createdAt: { $gt: lastCreatedAt }, }; - const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readMany', { User: this.context.User }, resolver); + const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); const finalQuery = {...baseQuery, ...authQuery}; return this.context.Tweet.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } catch (err) { log.error(err.message); } } - liked(user, { lastCreatedAt = 0, limit = 10 }, _user, resolver = 'user liked') { + liked(user, { lastCreatedAt = 0, limit = 10 }, me, resolver = 'user liked') { try { const baseQuery = { _id: { $in: user.likedIds }, createdAt: { $gt: lastCreatedAt }, }; - const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readMany', { User: this.context.User }, resolver); + const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); const finalQuery = {...baseQuery, ...authQuery}; return this.context.Tweet.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } catch (err) { log.error(err.message); } } - following(user, { lastCreatedAt = 0, limit = 10 }, _user, resolver = 'user following') { + following(user, { lastCreatedAt = 0, limit = 10 }, me, resolver = 'user following') { try { const baseQuery = { _id: { $in: user.followingIds || [] }, createdAt: { $gt: lastCreatedAt }, }; - const authQuery = queryForRoles(_user, ['admin'], [], 'readMany', { User: this.context.User }, resolver); - const restrictedFields = (Object.keys(authQuery).length === 0) ? {} : { role: 0 }; + const authQuery = queryForRoles(me, ['admin'], [], { User: this.context.User }, authlog(resolver, 'readMany', me)); + // role: @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) + // ====== + let authFields = {}; + authFields = fieldForRoles(authFields, 'role', me, ['admin'], [], { User: this.context.User }, authlog(resolver + 'field "role"', 'readMany', me)); const finalQuery = {...baseQuery, ...authQuery}; - return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).project(restrictedFields).limit(limit).toArray(); + return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).project(authFields).limit(limit).toArray(); } catch (err) { log.error(err.message); } } - followers(user, { lastCreatedAt = 0, limit = 10 }, _user, resolver = 'user followers') { + followers(user, { lastCreatedAt = 0, limit = 10 }, me, resolver = 'user followers') { try { const baseQuery = { followingIds: user._id, createdAt: { $gt: lastCreatedAt }, }; - const authQuery = queryForRoles(_user, ['admin'], [], 'readMany', { User: this.context.User }, resolver); - const restrictedFields = (Object.keys(authQuery).length === 0) ? {} : { role: 0 }; + const authQuery = queryForRoles(me, ['admin'], [], { User: this.context.User }, authlog(resolver, 'readMany', me)); + // role: @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) + // ====== + let authFields = {}; + authFields = fieldForRoles(authFields, 'role', me, ['admin'], [], { User: this.context.User }, authlog(resolver + 'field "role"', 'readMany', me)); const finalQuery = {...baseQuery, ...authQuery}; - return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).project(restrictedFields).limit(limit).toArray(); + return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).project(authFields).limit(limit).toArray(); } catch (err) { log.error(err.message); } } - createdBy(user, _user, resolver = 'user createdBy') { - return this.context.User.getOneById(user.createdById, _user, resolver); + createdBy(user, me, resolver = 'user createdBy') { + return this.context.User.getOneById(user.createdById, me, resolver); } - updatedBy(user, _user, resolver = 'user updatedBy') { - return this.context.User.getOneById(user.updatedById, _user, resolver); + updatedBy(user, me, resolver = 'user updatedBy') { + return this.context.User.getOneById(user.updatedById, me, resolver); } - async insert(doc, _user, resolver = 'insert user') { + async insert(doc, me, resolver = 'insert user') { try { let insertedDoc = null; let docToInsert = Object.assign({}, doc, { createdAt: Date.now(), updatedAt: Date.now(), - createdById: (_user && _user._id) ? _user._id : 'unknown', - updatedById: (_user && _user._id) ? _user._id : 'unknown', + createdById: (me && me._id) ? me._id : 'unknown', + updatedById: (me && me._id) ? me._id : 'unknown', }); - const authQuery = queryForRoles(_user, ['admin'], [], 'create', { User: this.context.User }, resolver); - - const docRoleFields = [].map(key => ({ [key]: docToInsert[key] }) ); - if (Object.keys(authQuery).length > 0 && !fieldContainsUserId(docRoleFields, _user._id)) { - throw new Error('Not authorized to insert user'); - } + const authQuery = queryForRoles(me, ['admin'], [], { User: this.context.User }, authlog(resolver, 'create', me)); + // role: @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) + // ===== ====== + docToInsert = authorizedFields(docToInsert, 'role', me, ['admin'], [], { User: this.context.User }, authlog(resolver + 'field "role"', 'create', me)); const id = (await this.collection.insertOne(docToInsert)).insertedId; if (!id) { @@ -144,28 +141,27 @@ export default class User { } log.debug(`inserted user ${id}.`); - insertedDoc = this.getOneById(id, _user, 'pubsub userInserted'); + insertedDoc = this.getOneById(id, me, 'pubsub userInserted'); this.pubsub.publish('userInserted', insertedDoc); return insertedDoc; } catch (err) { log.error(err.message); } } - async updateById(id, doc, _user, resolver = 'update user') { + async updateById(id, doc, me, resolver = 'update user') { try { let updatedDoc = null; - const docBefore = await this.findOneById(id, _user, 'user findOneById in updateById for docBefore'); + const docBefore = await this.findOneById(id, me, 'user findOneById in updateById for docBefore'); let docToUpdate = {$set: Object.assign({}, doc, { updatedAt: Date.now(), - updatedById: (_user && _user._id) ? _user._id : 'unknown', + updatedById: (me && me._id) ? me._id : 'unknown', })}; const baseQuery = {_id: id}; - const authQuery = queryForRoles(_user, ['admin'], ['_id'], 'update', { User: this.context.User }, resolver); - - if (doc['role'] && Object.keys(authQuery).length > 0) { - throw new Error('Not authorized to update field "role"'); - } + const authQuery = queryForRoles(me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'update', me)); + // role: @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) + // ===== ====== + docToUpdate.$set = authorizedFields(docToUpdate.$set, 'role', me, ['admin'], [], { User: this.context.User }, authlog(resolver + 'field "role"', 'update', me)); const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.updateOne(finalQuery, docToUpdate); @@ -176,22 +172,21 @@ export default class User { } log.debug(`updated user ${id}.`); - this.loaders().readOneWithoutAuth.clear(id); - this.loaders().readOne.clear(id); - // this.loaders().readMany.clear(id); + this.unauthorizedLoader.clear(id); + this.authorizedLoader.clear(id); - updatedDoc = this.getOneById(id, _user, 'pubsub userUpdated') + updatedDoc = this.getOneById(id, me, 'pubsub userUpdated') this.pubsub.publish('userUpdated', updatedDoc); return updatedDoc; } catch (err) { log.error(err.message); } } - async removeById(id, _user, resolver = 'remove user') { + async removeById(id, me, resolver = 'remove user') { try { - const docBefore = await this.findOneById(id, _user, 'user findOneById in removeById for docBefore'); + const docBefore = await this.findOneById(id, me, 'user findOneById in removeById for docBefore'); const baseQuery = {_id: id}; - const authQuery = queryForRoles(_user, ['admin'], ['_id'], 'delete', { User: this.context.User }, resolver); + const authQuery = queryForRoles(me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'delete', me)); const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.remove(finalQuery); if (result.result.ok !== 1 || result.result.n !== 1){ @@ -200,9 +195,8 @@ export default class User { } log.debug(`removed user ${id}.`); - this.loaders().readOneWithoutAuth.clear(id); - this.loaders().readOne.clear(id); - // this.loaders().readMany.clear(id); + this.unauthorizedLoader.clear(id); + this.authorizedLoader.clear(id); this.pubsub.publish('userRemoved', id); return result; diff --git a/test/output-app/model/index.js b/test/output-app/model/index.js index 99f9412..ab03af2 100644 --- a/test/output-app/model/index.js +++ b/test/output-app/model/index.js @@ -2,8 +2,14 @@ const models = {}; export default function addModelsToContext(context) { const newContext = Object.assign({}, context); + + // User model has to be first, to initialize the other models with correct authorizations + if (models['User']){ + newContext['User'] = new models['User'](newContext); + } + Object.keys(models).forEach((key) => { - newContext[key] = new models[key](newContext); + if (key !== 'User') newContext[key] = new models[key](newContext); }); return newContext; } diff --git a/test/output-app/resolvers/Tweet.js b/test/output-app/resolvers/Tweet.js index a8fb88c..1de962c 100644 --- a/test/output-app/resolvers/Tweet.js +++ b/test/output-app/resolvers/Tweet.js @@ -4,46 +4,46 @@ const resolvers = { return tweet._id; }, - author(tweet, args, { Tweet, _user }) { - return Tweet.author(tweet, _user, 'author'); + author(tweet, args, { Tweet, me }) { + return Tweet.author(tweet, me, 'author'); }, - createdBy(tweet, args, { Tweet, _user }) { - return Tweet.createdBy(tweet, _user, 'createdBy'); + createdBy(tweet, args, { Tweet, me }) { + return Tweet.createdBy(tweet, me, 'createdBy'); }, - updatedBy(tweet, args, { Tweet, _user }) { - return Tweet.updatedBy(tweet, _user, 'updatedBy'); + updatedBy(tweet, args, { Tweet, me }) { + return Tweet.updatedBy(tweet, me, 'updatedBy'); }, - coauthors(tweet, { lastCreatedAt, limit }, { Tweet, _user }) { - return Tweet.coauthors(tweet, { lastCreatedAt, limit }, _user, 'coauthors'); + coauthors(tweet, { lastCreatedAt, limit }, { Tweet, me }) { + return Tweet.coauthors(tweet, { lastCreatedAt, limit }, me, 'coauthors'); }, - likers(tweet, { lastCreatedAt, limit }, { Tweet, _user }) { - return Tweet.likers(tweet, { lastCreatedAt, limit }, _user, 'likers'); + likers(tweet, { lastCreatedAt, limit }, { Tweet, me }) { + return Tweet.likers(tweet, { lastCreatedAt, limit }, me, 'likers'); }, }, Query: { - tweets(root, { lastCreatedAt, limit }, { Tweet, _user }) { - return Tweet.all({ lastCreatedAt, limit }, _user, 'tweets'); + tweets(root, { lastCreatedAt, limit }, { Tweet, me }) { + return Tweet.all({ lastCreatedAt, limit }, me, 'tweets'); }, - tweet(root, { id }, { Tweet, _user }) { - return Tweet.getOneById(id, _user, 'tweet'); + tweet(root, { id }, { Tweet, me }) { + return Tweet.getOneById(id, me, 'tweet'); }, }, Mutation: { - async createTweet(root, { input }, { Tweet, _user }) { - return await Tweet.insert(input, _user); + async createTweet(root, { input }, { Tweet, me }) { + return await Tweet.insert(input, me); }, - async updateTweet(root, { id, input }, { Tweet, _user }) { - return await Tweet.updateById(id, input, _user); + async updateTweet(root, { id, input }, { Tweet, me }) { + return await Tweet.updateById(id, input, me); }, - async removeTweet(root, { id }, { Tweet, _user }) { - return await Tweet.removeById(id, _user, 'removeTweet'); + async removeTweet(root, { id }, { Tweet, me }) { + return await Tweet.removeById(id, me, 'removeTweet'); }, }, Subscription: { diff --git a/test/output-app/resolvers/User.js b/test/output-app/resolvers/User.js index fa33f84..c22d379 100644 --- a/test/output-app/resolvers/User.js +++ b/test/output-app/resolvers/User.js @@ -4,50 +4,50 @@ return user._id; }, - createdBy(user, args, { User, _user }) { - return User.createdBy(user, _user, 'createdBy'); + createdBy(user, args, { User, me }) { + return User.createdBy(user, me, 'createdBy'); }, - updatedBy(user, args, { User, _user }) { - return User.updatedBy(user, _user, 'updatedBy'); + updatedBy(user, args, { User, me }) { + return User.updatedBy(user, me, 'updatedBy'); }, - tweets(user, { minLikes, lastCreatedAt, limit }, { User, _user }) { - return User.tweets(user, { minLikes, lastCreatedAt, limit }, _user, 'tweets'); + tweets(user, { minLikes, lastCreatedAt, limit }, { User, me }) { + return User.tweets(user, { minLikes, lastCreatedAt, limit }, me, 'tweets'); }, - liked(user, { lastCreatedAt, limit }, { User, _user }) { - return User.liked(user, { lastCreatedAt, limit }, _user, 'liked'); + liked(user, { lastCreatedAt, limit }, { User, me }) { + return User.liked(user, { lastCreatedAt, limit }, me, 'liked'); }, - following(user, { lastCreatedAt, limit }, { User, _user }) { - return User.following(user, { lastCreatedAt, limit }, _user, 'following'); + following(user, { lastCreatedAt, limit }, { User, me }) { + return User.following(user, { lastCreatedAt, limit }, me, 'following'); }, - followers(user, { lastCreatedAt, limit }, { User, _user }) { - return User.followers(user, { lastCreatedAt, limit }, _user, 'followers'); + followers(user, { lastCreatedAt, limit }, { User, me }) { + return User.followers(user, { lastCreatedAt, limit }, me, 'followers'); }, }, Query: { - users(root, { lastCreatedAt, limit }, { User, _user }) { - return User.all({ lastCreatedAt, limit }, _user, 'users'); + users(root, { lastCreatedAt, limit }, { User, me }) { + return User.all({ lastCreatedAt, limit }, me, 'users'); }, - user(root, { id }, { User, _user }) { - return User.getOneById(id, _user, 'user'); + user(root, { id }, { User, me }) { + return User.getOneById(id, me, 'user'); }, }, Mutation: { - async createUser(root, { input }, { User, _user }) { - return await User.insert(input, _user); + async createUser(root, { input }, { User, me }) { + return await User.insert(input, me); }, - async updateUser(root, { id, input }, { User, _user }) { - return await User.updateById(id, input, _user); + async updateUser(root, { id, input }, { User, me }) { + return await User.updateById(id, input, me); }, - async removeUser(root, { id }, { User, _user }) { - return await User.removeById(id, _user, 'removeUser'); + async removeUser(root, { id }, { User, me }) { + return await User.removeById(id, me, 'removeUser'); }, }, Subscription: { diff --git a/test/output-app/schema/User.graphql b/test/output-app/schema/User.graphql index 61d6fa3..c0d28a8 100644 --- a/test/output-app/schema/User.graphql +++ b/test/output-app/schema/User.graphql @@ -1,6 +1,6 @@ type User { id: ObjID! - role: String! + role: String username: String! bio: String notify: Boolean diff --git a/test/output-app/server/authenticate.js b/test/output-app/server/authenticate.js index c09fdf6..5ea4d39 100644 --- a/test/output-app/server/authenticate.js +++ b/test/output-app/server/authenticate.js @@ -4,15 +4,17 @@ import jwt from 'jwt-simple'; import { ObjectId } from 'mongodb'; import nodeify from 'nodeify'; import bcrypt from 'bcrypt'; -import log from '../server/logger'; +import DataLoader from 'dataloader'; +import { findByIds } from './authorize'; const KEY = 'test-key'; +let Loader; async function userFromPayload(request, jwtPayload) { if (!jwtPayload.userId) { throw new Error('No userId in JWT'); } - return await request.context.User.findOneById(ObjectId(jwtPayload.userId)); + return await Loader.load(ObjectId(jwtPayload.userId)); } passport.use(new Strategy({ @@ -23,7 +25,9 @@ passport.use(new Strategy({ nodeify(userFromPayload(request, jwtPayload), done); })); -export default function addPassport(app) { +export default function addPassport(app, User) { + Loader = new DataLoader(ids => findByIds(User, ids)); + app.use(passport.initialize()); app.post('/login', async (req, res, next) => { @@ -34,7 +38,7 @@ export default function addPassport(app) { throw new Error('Username or password not set on request'); } - const user = await req.context.User.collection.findOne({ email }); + const user = await User.findOne({ email }); if (!user || !(await bcrypt.compare(password, user.hash))) { throw new Error('User not found matching email/password combination'); } diff --git a/test/output-app/server/authorize.js b/test/output-app/server/authorize.js index 32444e5..53f9e72 100644 --- a/test/output-app/server/authorize.js +++ b/test/output-app/server/authorize.js @@ -1,6 +1,17 @@ import _ from 'lodash'; import log from '../server/logger'; +// central logger for authorization checks +export function authlog(resolver = '', mode = '', me = {}) { + const makeMessage = (message) => `Authorize ${mode} "${resolver}" with user "${me.username ? me.username : ''}" ${message}`; + return { + debug: (message) => log.debug(makeMessage(message)), + error: (message) => {throw new Error(makeMessage(message))}, + }; +} + +// returns the record, cached if already read, checks authorization if set +// enhancement of tmeasday'findByIds export function findByIds(collection, ids = [], authQuery) { const baseQuery = { _id: { $in: ids } }; const finalQuery = {...baseQuery, ...authQuery}; @@ -12,39 +23,135 @@ export function findByIds(collection, ids = [], authQuery) { } // returns true, if user is logged in -export function loggedIn(user) { - if(user && user._id && user._id.toString() !== '') { +export function loggedIn(me) { + if(me && me._id && me._id.toString() !== '') { + return true; + } + return false; +} + +// returns true, if authorized to get field +// returns false, if NOT authorized to get field +export function fieldAuthorized(me = {}, userRoles = [], docRoles = [], { User }, logger){ + // The logged in user's role is authorized for the field + if (roleAuthorizedForDoc(me, userRoles, docRoles, { User }, logger)) { + return true; + } + // The user might be listed in any document field + if (loggedIn(me) && docRoles.length > 0){ return true; } return false; } +// returns a projection query of fields not to be shown, e.g. { role: 0 } +export function fieldForRoles(projection, field, me = {}, userRoles = [], docRoles = [], { User }, logger){ + const role = User.authRole(me); + // The logged in user's role is authorized for the field + if (roleAuthorizedForDoc(me, userRoles, docRoles, { User }, logger)) { + return projection; + } + // The user is listed in any document field + if (loggedIn(me) && docRoles.length > 0){ + return projection; + } + const authFields = Object.assign({}, { [field]: 0 }, projection); + logger.debug(`and role "${role ? role : ''}" not authorized to access field "${field}".`) + return authFields; +} + +// imports a result (which is document or an array of documents), and returns the result, +// but it removes the field without authorization from documents, +// e.g. field "role" is removed from all result documents, if the user/role is not allowed to access it +export function authorizedFields(result, field, me, userRoles = [], docRoles = [], { User }, logger){ + const role = User.authRole(me) || ''; + + // if any userRole authorizes field + if (roleAuthorizedForDoc(me, userRoles, docRoles, { User }, logger)) { + return result; + } + + // if any docRole authorizes field + // The user is listed in any document field + if (loggedIn(me) && docRoles.length > 0){ + + // if the result was an array of documents, check each doc and field + if (_.isArray(result)){ + const authorizedResult = []; + // check all documents in the result array + result.every(doc => { + let fieldAuthorized = false; + // check all docRoles if any of them authorizes field + docRoles.every(docRole => { + // if one docRole authorizes the field, then fieldAuthorized = true + if (doc[docRole] && fieldContainsUserId(doc[docRole], me._id)){ + fieldAuthorized = true; + } + }); + if (!fieldAuthorized && doc[field]){ + delete doc[field]; + logger.debug(`with role "${role}" field "${field}" removed from document id "${doc._id}". No authorization.`); + } + authorizedResult.push(doc); + }); + return authorizedResult; + } + + // if the result was a document + if (_.isObject(result)){ + // check with all docRoles + let fieldAuthorized = false; + docRoles.every(docRole => { + // if one docRole authorizes the field, then fieldAuthorized = true + if (result[docRole] && fieldContainsUserId(result[docRole], me._id)){ + fieldAuthorized = true; + } + }); + if (!fieldAuthorized && result[field]){ + delete result[field]; + logger.debug(`with role "${role}" field "${field}" removed from document id "${result._id}". No authorization.`); + } + return result; + } + + } + + // not authorized to access field + if (result[field]){ + delete result[field]; + logger.debug(`with role "${role}" field "${field}" removed from document id "${result._id}". No authorization.`); + } + return result; +} + // creates an authQuery object with additional query arguments, to implement authorization restrictions for mongodb access -export function queryForRoles(user = {}, userRoles = [], docRoles = [], mode = '', { User }, resolver = '') { +export function queryForRoles(me = {}, userRoles = [], docRoles = [], { User }, logger) { + const role = User.authRole(me); // Build query for the case: The logged in user's role is authorized - if (roleAuthorizedForDoc(user, userRoles, docRoles, mode, { User }, resolver)) { + if (roleAuthorizedForDoc(me, userRoles, docRoles, { User }, logger)) { return {}; // empty authQuery means, do operation with no access restrictions } // Build query for the case: The user is listed in any document field const query = { $or: [] }; - if (loggedIn(user)){ - docRoles.forEach(docRole => query.$or.push( { [docRole]: user._id } ) ); - log.debug('authQuery:', JSON.stringify(query, null, 2)); + if (loggedIn(me)){ + docRoles.forEach(docRole => query.$or.push( { [docRole]: me._id } ) ); + logger.debug(`and role: "${role ? role : ''}" with \nauthQuery: ${JSON.stringify(query, null, 2)}`); if (query.$or.length > 0) return query; } // Not Authorized - throw new Error(`Authorization: Not authorized to ${mode} in ${resolver}.`); + const message = `and role: "${role}" is not authorized.`; + logger.error(message); } // returns true, if the user's role is authorized for a document -export function roleAuthorizedForDoc(user = {}, userRoles = [], docRoles = [], mode = '', { User }, resolver = ''){ - const role = User.authRole(user); +export function roleAuthorizedForDoc(me = {}, userRoles = [], docRoles = [], { User }, logger){ + const role = User.authRole(me); - if ( userRoles.includes('world') || role && role !== '' && role !== '' && userRoles.length > 0 && userRoles.includes(role) ) { - log.debug(`${resolver} ${mode} with user ${user.username ? user.username : ''} is authorized`); + if ( userRoles.includes('world') || role && userRoles.length > 0 && userRoles.includes(role) ) { + logger.debug(`and role "${role ? role : ''}" is authorized`); return true; } diff --git a/test/output-app/server/index.js b/test/output-app/server/index.js index c9d452b..84d01ce 100644 --- a/test/output-app/server/index.js +++ b/test/output-app/server/index.js @@ -32,26 +32,23 @@ async function startServer() { log.info('Logger started'); const db = await MongoClient.connect(MONGO_URL); + const UserCollection = db.collection('user'); const app = express().use('*', cors()); app.use(bodyParser.urlencoded({ extended: true })); app.use(bodyParser.json()); app.use(morgan("dev", { "stream": stream })); - app.use((req, res, next) => { - req.context = addModelsToContext({ db, pubsub }); - next(); - }); - - authenticate(app); + authenticate(app, UserCollection); app.use('/graphql', (req, res, next) => { - passport.authenticate('jwt', { session: false }, (err, _user) => { + passport.authenticate('jwt', { session: false }, (err, me) => { + req.context = addModelsToContext({ db, pubsub, me, UserCollection }); graphqlExpress(() => { // Get the query, the same way express-graphql does it // https://github.com/graphql/express-graphql/blob/3fa6e68582d6d933d37fa9e841da5d2aa39261cd/src/index.js#L257 const {variables, operationName} = req.body; - const {_id, username, role} = _user; + const {_id, username, role} = me; const query = req.query.query || req.body.query; log.debug('-'.repeat(80)); log.debug(`Request:\nUser: "${(username) ? username: ''}", role: "${(role) ? role : ''}", id: "${(_id) ? _id : ''}",\nOperation: "${operationName ? operationName : ''}", variables: "${variables ? JSON.stringify(variables) : ''}",\nQuery:\n${print(parse(query))}`); @@ -63,7 +60,7 @@ async function startServer() { } return { schema, - context: Object.assign({ _user }, req.context), + context: Object.assign({ me }, req.context), debug: true, // formatError(e) { console.log(e) }, }; diff --git a/test/output-app/server/logs/all-logs-readable.log b/test/output-app/server/logs/all-logs-readable.log deleted file mode 100644 index 6c1975e..0000000 --- a/test/output-app/server/logs/all-logs-readable.log +++ /dev/null @@ -1,1828 +0,0 @@ -2017-07-09 21:12:22 -------------------------------------------------------------------------------- -2017-07-09 21:12:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - role - username - } -} - -2017-07-09 21:12:33 user readOne with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - role - username - } -} - -2017-07-09 21:12:33 user readOne with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca2") { - role - username - } -} - -2017-07-09 21:12:33 user readOne with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - id - username - bio - } -} - -2017-07-09 21:12:33 user readOne with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users { - username - createdAt - } -} - -2017-07-09 21:12:33 users readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(limit: 1) { - username - createdAt - } -} - -2017-07-09 21:12:33 users readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993) { - username - createdAt - } -} - -2017-07-09 21:12:33 users readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } -} - -2017-07-09 21:12:33 users readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers { - username - createdAt - } - } -} - -2017-07-09 21:12:33 user readOne with user stubailo is authorized -2017-07-09 21:12:33 followers readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(limit: 1) { - username - createdAt - } - } -} - -2017-07-09 21:12:33 user readOne with user stubailo is authorized -2017-07-09 21:12:33 followers readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-07-09 21:12:33 user readOne with user stubailo is authorized -2017-07-09 21:12:33 followers readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-07-09 21:12:33 user readOne with user stubailo is authorized -2017-07-09 21:12:33 followers readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following { - username - createdAt - } - } -} - -2017-07-09 21:12:33 user readOne with user stubailo is authorized -2017-07-09 21:12:33 following readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(limit: 1) { - username - createdAt - } - } -} - -2017-07-09 21:12:33 user readOne with user stubailo is authorized -2017-07-09 21:12:33 following readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-07-09 21:12:33 user readOne with user stubailo is authorized -2017-07-09 21:12:33 following readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-07-09 21:12:33 user readOne with user stubailo is authorized -2017-07-09 21:12:33 following readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets { - id - createdAt - } - } -} - -2017-07-09 21:12:33 user readOne with user stubailo is authorized -2017-07-09 21:12:33 tweets readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(limit: 1) { - id - createdAt - } - } -} - -2017-07-09 21:12:33 user readOne with user stubailo is authorized -2017-07-09 21:12:33 tweets readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } - } -} - -2017-07-09 21:12:33 user readOne with user stubailo is authorized -2017-07-09 21:12:33 tweets readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } - } -} - -2017-07-09 21:12:33 user readOne with user stubailo is authorized -2017-07-09 21:12:33 tweets readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked { - id - createdAt - } - } -} - -2017-07-09 21:12:33 user readOne with user stubailo is authorized -2017-07-09 21:12:33 liked readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(limit: 1) { - id - createdAt - } - } -} - -2017-07-09 21:12:33 user readOne with user stubailo is authorized -2017-07-09 21:12:33 liked readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334) { - id - createdAt - } - } -} - -2017-07-09 21:12:33 user readOne with user stubailo is authorized -2017-07-09 21:12:33 liked readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334, limit: 1) { - id - createdAt - } - } -} - -2017-07-09 21:12:33 user readOne with user stubailo is authorized -2017-07-09 21:12:33 liked readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - author { - username - } - } -} - -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - id - body - } -} - -2017-07-09 21:12:33 tweet readOne with user stubailo is authorized -2017-07-09 21:12:33 tweet readOne with user stubailo is authorized -2017-07-09 21:12:33 author readOne with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets { - id - createdAt - } -} - -2017-07-09 21:12:33 tweets readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(limit: 1) { - id - createdAt - } -} - -2017-07-09 21:12:33 tweets readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } -} - -2017-07-09 21:12:33 tweets readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } -} - -2017-07-09 21:12:33 tweets readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers { - username - createdAt - } - } -} - -2017-07-09 21:12:33 tweet readOne with user stubailo is authorized -2017-07-09 21:12:33 likers readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(limit: 1) { - username - createdAt - } - } -} - -2017-07-09 21:12:33 tweet readOne with user stubailo is authorized -2017-07-09 21:12:33 likers readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993) { - username - createdAt - } - } -} - -2017-07-09 21:12:33 tweet readOne with user stubailo is authorized -2017-07-09 21:12:33 likers readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } - } -} - -2017-07-09 21:12:33 tweet readOne with user stubailo is authorized -2017-07-09 21:12:33 likers readMany with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { - id - role - } -} - -2017-07-09 21:12:33 insert user create with user stubailo is authorized -2017-07-09 21:12:33 inserted user 596280212157d09ddf9d7294. -2017-07-09 21:12:33 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-07-09 21:12:33 insert user create with user tobkle is authorized -2017-07-09 21:12:33 inserted user 596280212157d09ddf9d7295. -2017-07-09 21:12:33 pubsub userInserted readOne with user tobkle is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", -Operation: "", variables: "", -Query: -{ - user(id: "596280212157d09ddf9d7295") { - username - bio - role - } -} - -2017-07-09 21:12:33 user readOne with user tobkle is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", -Operation: "", variables: "", -Query: -{ - user(id: "596280212157d09ddf9d7294") { - username - role - } -} - -2017-07-09 21:12:33 user readOne with user tobkle is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596280212157d09ddf9d7295", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-07-09 21:12:33 update user update with user tobkle is authorized -2017-07-09 21:12:33 updated user 596280212157d09ddf9d7295. -2017-07-09 21:12:33 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596280212157d09ddf9d7294", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 21:12:33 update user update with user tobkle is authorized -2017-07-09 21:12:33 updated user 596280212157d09ddf9d7294. -2017-07-09 21:12:33 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596280212157d09ddf9d7295", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 21:12:33 update user update with user tobkle is authorized -2017-07-09 21:12:33 updated user 596280212157d09ddf9d7295. -2017-07-09 21:12:33 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596280212157d09ddf9d7294", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-07-09 21:12:33 update user update with user tobkle is authorized -2017-07-09 21:12:33 updated user 596280212157d09ddf9d7294. -2017-07-09 21:12:33 pubsub userUpdated readOne with user tobkle is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "tobkle", role: "editor", id: "596280212157d09ddf9d7294", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596280212157d09ddf9d7294", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 21:12:33 authQuery: { - "$or": [ - { - "_id": "596280212157d09ddf9d7294" - } - ] -} -2017-07-09 21:12:33 ERROR Not authorized to update field "role" -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "zoltan", role: "admin", id: "596280212157d09ddf9d7295", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596280212157d09ddf9d7294", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 21:12:33 update user update with user zoltan is authorized -2017-07-09 21:12:33 updated user 596280212157d09ddf9d7294. -2017-07-09 21:12:33 pubsub userUpdated readOne with user zoltan is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "596280212157d09ddf9d7295") -} - -2017-07-09 21:12:33 removeUser delete with user tobkle is authorized -2017-07-09 21:12:33 removed user 596280212157d09ddf9d7295. -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "596280212157d09ddf9d7294", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 21:12:33 insert tweet create with user tobkle is authorized -2017-07-09 21:12:33 inserted tweet 596280212157d09ddf9d7296. -2017-07-09 21:12:33 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 21:12:33 insert tweet create with user tobkle is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", -Operation: "", variables: "", -Query: -{ - tweet(id: "596280212157d09ddf9d7296") { - author { - id - } - body - } -} - -2017-07-09 21:12:33 tweet readOne with user tobkle is authorized -2017-07-09 21:12:33 inserted tweet 596280212157d09ddf9d7297. -2017-07-09 21:12:33 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 21:12:33 author readOne with user tobkle is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 21:12:33 tweet readOne with user tobkle is authorized -2017-07-09 21:12:33 author readOne with user tobkle is authorized -2017-07-09 21:12:33 -------------------------------------------------------------------------------- -2017-07-09 21:12:33 Request: -User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "596280212157d09ddf9d7296", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 21:12:33 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 21:12:33 update tweet update with user tobkle is authorized -2017-07-09 21:12:33 updated tweet 596280212157d09ddf9d7296. -2017-07-09 21:12:33 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "596280212157d09ddf9d7297", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 21:12:34 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 21:12:34 update tweet update with user tobkle is authorized -2017-07-09 21:12:34 updated tweet 596280212157d09ddf9d7297. -2017-07-09 21:12:34 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", -Operation: "", variables: "", -Query: -{ - tweet(id: "596280212157d09ddf9d7296") { - body - } -} - -2017-07-09 21:12:34 tweet readOne with user tobkle is authorized -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "596280212157d09ddf9d7296") -} - -2017-07-09 21:12:34 removeTweet delete with user tobkle is authorized -2017-07-09 21:12:34 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 21:12:34 removed tweet 596280212157d09ddf9d7296. -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "596280212157d09ddf9d7297") -} - -2017-07-09 21:12:34 removeTweet delete with user tobkle is authorized -2017-07-09 21:12:34 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 21:12:34 removed tweet 596280212157d09ddf9d7297. -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", -Operation: "", variables: "", -Query: -{ - tweet(id: "596280212157d09ddf9d7296") { - body - } -} - -2017-07-09 21:12:34 tweet readOne with user tobkle is authorized -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "admin", id: "596280212157d09ddf9d7294", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "596280212157d09ddf9d7294") -} - -2017-07-09 21:12:34 removeUser delete with user tobkle is authorized -2017-07-09 21:12:34 removed user 596280212157d09ddf9d7294. -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "596280212157d09ddf9d7294") { - username - bio - role - } -} - -2017-07-09 21:12:34 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-07-09 21:12:34 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-07-09 21:12:34 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 21:12:34 ERROR Authorization: Not authorized to update in update user. -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-07-09 21:12:34 ERROR Authorization: Not authorized to delete in removeUser. -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 21:12:34 ERROR Authorization: Not authorized to create in insert tweet. -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 21:12:34 tweet readOne with user is authorized -2017-07-09 21:12:34 ERROR Authorization: Not authorized to readOne in author. -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 21:12:34 tweet getOneById in updateById for docBefore readOne with user is authorized -2017-07-09 21:12:34 ERROR Authorization: Not authorized to update in update tweet. -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 21:12:34 tweet getOneById in updateById for docBefore readOne with user is authorized -2017-07-09 21:12:34 ERROR Authorization: Not authorized to update in update tweet. -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-07-09 21:12:34 ERROR Authorization: Not authorized to delete in removeTweet. -2017-07-09 21:12:34 tweet getOneById in removeById for docBefore readOne with user is authorized -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { - id - role - } -} - -2017-07-09 21:12:34 insert user create with user stubailo is authorized -2017-07-09 21:12:34 inserted user 596280222157d09ddf9d7298. -2017-07-09 21:12:34 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-07-09 21:12:34 authQuery: { - "$or": [] -} -2017-07-09 21:12:34 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-07-09 21:12:34 authQuery: { - "$or": [ - { - "_id": "596280222157d09ddf9d7298" - } - ] -} -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", -Operation: "", variables: "", -Query: -{ - user(id: "596280222157d09ddf9d7298") { - username - } -} - -2017-07-09 21:12:34 authQuery: { - "$or": [ - { - "_id": "596280222157d09ddf9d7298" - } - ] -} -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", -Operation: "", variables: "", -Query: -{ - user(id: "596280222157d09ddf9d7298") { - username - role - } -} - -2017-07-09 21:12:34 authQuery: { - "$or": [ - { - "_id": "596280222157d09ddf9d7298" - } - ] -} -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 21:12:34 authQuery: { - "$or": [ - { - "_id": "596280222157d09ddf9d7298" - } - ] -} -2017-07-09 21:12:34 ERROR Not authorized to update field "role" -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596280222157d09ddf9d7298", input: {username: "tobkle", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-07-09 21:12:34 authQuery: { - "$or": [ - { - "_id": "596280222157d09ddf9d7298" - } - ] -} -2017-07-09 21:12:34 updated user 596280222157d09ddf9d7298. -2017-07-09 21:12:34 authQuery: { - "$or": [ - { - "_id": "596280222157d09ddf9d7298" - } - ] -} -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596280222157d09ddf9d7298", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 21:12:34 authQuery: { - "$or": [ - { - "_id": "596280222157d09ddf9d7298" - } - ] -} -2017-07-09 21:12:34 ERROR Not authorized to update field "role" -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-07-09 21:12:34 authQuery: { - "$or": [ - { - "_id": "596280222157d09ddf9d7298" - } - ] -} -2017-07-09 21:12:34 ERROR remove user failed for finalQuery: { - "_id": "583291a1638566b3c5a92ca1", - "$or": [ - { - "_id": "596280222157d09ddf9d7298" - } - ] -} -2017-07-09 21:12:34 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "596280222157d09ddf9d7298", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 21:12:34 authQuery: { - "$or": [ - { - "authorId": "596280222157d09ddf9d7298" - } - ] -} -2017-07-09 21:12:34 inserted tweet 596280222157d09ddf9d7299. -2017-07-09 21:12:34 pubsub tweetInserted readOne with user tobkle is authorized -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 21:12:34 authQuery: { - "$or": [ - { - "authorId": "596280222157d09ddf9d7298" - } - ] -} -2017-07-09 21:12:34 ERROR Not authorized to insert tweet -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", -Operation: "", variables: "", -Query: -{ - tweet(id: "596280222157d09ddf9d7299") { - author { - id - } - body - } -} - -2017-07-09 21:12:34 tweet readOne with user tobkle is authorized -2017-07-09 21:12:34 authQuery: { - "$or": [ - { - "_id": "596280222157d09ddf9d7298" - } - ] -} -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 21:12:34 tweet readOne with user tobkle is authorized -2017-07-09 21:12:34 authQuery: { - "$or": [ - { - "_id": "596280222157d09ddf9d7298" - } - ] -} -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "596280222157d09ddf9d7299", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 21:12:34 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 21:12:34 authQuery: { - "$or": [ - { - "authorId": "596280222157d09ddf9d7298" - }, - { - "coauthorsIds": "596280222157d09ddf9d7298" - } - ] -} -2017-07-09 21:12:34 updated tweet 596280222157d09ddf9d7299. -2017-07-09 21:12:34 pubsub tweetUpdated readOne with user tobkle is authorized -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 21:12:34 tweet getOneById in updateById for docBefore readOne with user tobkle is authorized -2017-07-09 21:12:34 authQuery: { - "$or": [ - { - "authorId": "596280222157d09ddf9d7298" - }, - { - "coauthorsIds": "596280222157d09ddf9d7298" - } - ] -} -2017-07-09 21:12:34 ERROR update tweet failed finalQuery: { - "_id": "583676d3618530145474e352", - "$or": [ - { - "authorId": "596280222157d09ddf9d7298" - }, - { - "coauthorsIds": "596280222157d09ddf9d7298" - } - ] -} -2017-07-09 21:12:34 ERROR update tweet failed for docToUpdate: { - "$set": { - "body": "This is a modified test tweet", - "updatedAt": 1499627554277, - "updatedById": "596280222157d09ddf9d7298" - } -} -2017-07-09 21:12:34 ERROR update tweet not possible for 583676d3618530145474e352. -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", -Operation: "", variables: "", -Query: -{ - tweet(id: "596280222157d09ddf9d7299") { - body - } -} - -2017-07-09 21:12:34 tweet readOne with user tobkle is authorized -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "596280222157d09ddf9d7299") -} - -2017-07-09 21:12:34 authQuery: { - "$or": [ - { - "authorId": "596280222157d09ddf9d7298" - } - ] -} -2017-07-09 21:12:34 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 21:12:34 removed tweet 596280222157d09ddf9d7299. -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-07-09 21:12:34 authQuery: { - "$or": [ - { - "authorId": "596280222157d09ddf9d7298" - } - ] -} -2017-07-09 21:12:34 tweet getOneById in removeById for docBefore readOne with user tobkle is authorized -2017-07-09 21:12:34 ERROR remove tweet failed for finalQuery: { - "_id": "583676d3618530145474e352", - "$or": [ - { - "authorId": "596280222157d09ddf9d7298" - } - ] -} -2017-07-09 21:12:34 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", -Operation: "", variables: "", -Query: -{ - tweet(id: "596280222157d09ddf9d7299") { - body - } -} - -2017-07-09 21:12:34 tweet readOne with user tobkle is authorized -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "user", id: "596280222157d09ddf9d7298", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "596280222157d09ddf9d7298") -} - -2017-07-09 21:12:34 authQuery: { - "$or": [ - { - "_id": "596280222157d09ddf9d7298" - } - ] -} -2017-07-09 21:12:34 removed user 596280222157d09ddf9d7298. -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "596280222157d09ddf9d7298") { - username - bio - role - } -} - -2017-07-09 21:12:34 ERROR Authorization: Not authorized to readOne in user. -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { - id - role - } -} - -2017-07-09 21:12:34 insert user create with user stubailo is authorized -2017-07-09 21:12:34 inserted user 596280222157d09ddf9d729a. -2017-07-09 21:12:34 pubsub userInserted readOne with user stubailo is authorized -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "editor", id: "596280222157d09ddf9d729a", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-07-09 21:12:34 authQuery: { - "$or": [] -} -2017-07-09 21:12:34 ERROR Authorization: Not authorized to create in insert user. -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "editor", id: "596280222157d09ddf9d729a", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-07-09 21:12:34 authQuery: { - "$or": [ - { - "_id": "596280222157d09ddf9d729a" - } - ] -} -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "editor", id: "596280222157d09ddf9d729a", -Operation: "", variables: "", -Query: -{ - user(id: "596280222157d09ddf9d729a") { - username - role - } -} - -2017-07-09 21:12:34 authQuery: { - "$or": [ - { - "_id": "596280222157d09ddf9d729a" - } - ] -} -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "editor", id: "596280222157d09ddf9d729a", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 21:12:34 authQuery: { - "$or": [ - { - "_id": "596280222157d09ddf9d729a" - } - ] -} -2017-07-09 21:12:34 ERROR Not authorized to update field "role" -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tobkle", role: "editor", id: "596280222157d09ddf9d729a", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596280222157d09ddf9d729a", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-07-09 21:12:34 authQuery: { - "$or": [ - { - "_id": "596280222157d09ddf9d729a" - } - ] -} -2017-07-09 21:12:34 updated user 596280222157d09ddf9d729a. -2017-07-09 21:12:34 authQuery: { - "$or": [ - { - "_id": "596280222157d09ddf9d729a" - } - ] -} -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tmeasday", role: "editor", id: "596280222157d09ddf9d729a", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "596280222157d09ddf9d729a", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-07-09 21:12:34 authQuery: { - "$or": [ - { - "_id": "596280222157d09ddf9d729a" - } - ] -} -2017-07-09 21:12:34 ERROR Not authorized to update field "role" -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tmeasday", role: "editor", id: "596280222157d09ddf9d729a", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-07-09 21:12:34 authQuery: { - "$or": [ - { - "_id": "596280222157d09ddf9d729a" - } - ] -} -2017-07-09 21:12:34 ERROR remove user failed for finalQuery: { - "_id": "583291a1638566b3c5a92ca1", - "$or": [ - { - "_id": "596280222157d09ddf9d729a" - } - ] -} -2017-07-09 21:12:34 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tmeasday", role: "editor", id: "596280222157d09ddf9d729a", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "596280222157d09ddf9d729a", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-07-09 21:12:34 authQuery: { - "$or": [ - { - "authorId": "596280222157d09ddf9d729a" - } - ] -} -2017-07-09 21:12:34 inserted tweet 596280222157d09ddf9d729b. -2017-07-09 21:12:34 pubsub tweetInserted readOne with user tmeasday is authorized -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tmeasday", role: "editor", id: "596280222157d09ddf9d729a", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-07-09 21:12:34 authQuery: { - "$or": [ - { - "authorId": "596280222157d09ddf9d729a" - } - ] -} -2017-07-09 21:12:34 ERROR Not authorized to insert tweet -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tmeasday", role: "editor", id: "596280222157d09ddf9d729a", -Operation: "", variables: "", -Query: -{ - tweet(id: "596280222157d09ddf9d729b") { - author { - id - } - body - } -} - -2017-07-09 21:12:34 tweet readOne with user tmeasday is authorized -2017-07-09 21:12:34 authQuery: { - "$or": [ - { - "_id": "596280222157d09ddf9d729a" - } - ] -} -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tmeasday", role: "editor", id: "596280222157d09ddf9d729a", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-07-09 21:12:34 tweet readOne with user tmeasday is authorized -2017-07-09 21:12:34 authQuery: { - "$or": [ - { - "_id": "596280222157d09ddf9d729a" - } - ] -} -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tmeasday", role: "editor", id: "596280222157d09ddf9d729a", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "596280222157d09ddf9d729b", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 21:12:34 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized -2017-07-09 21:12:34 authQuery: { - "$or": [ - { - "authorId": "596280222157d09ddf9d729a" - }, - { - "coauthorsIds": "596280222157d09ddf9d729a" - } - ] -} -2017-07-09 21:12:34 updated tweet 596280222157d09ddf9d729b. -2017-07-09 21:12:34 pubsub tweetUpdated readOne with user tmeasday is authorized -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tmeasday", role: "editor", id: "596280222157d09ddf9d729a", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-07-09 21:12:34 tweet getOneById in updateById for docBefore readOne with user tmeasday is authorized -2017-07-09 21:12:34 authQuery: { - "$or": [ - { - "authorId": "596280222157d09ddf9d729a" - }, - { - "coauthorsIds": "596280222157d09ddf9d729a" - } - ] -} -2017-07-09 21:12:34 ERROR update tweet failed finalQuery: { - "_id": "583676d3618530145474e352", - "$or": [ - { - "authorId": "596280222157d09ddf9d729a" - }, - { - "coauthorsIds": "596280222157d09ddf9d729a" - } - ] -} -2017-07-09 21:12:34 ERROR update tweet failed for docToUpdate: { - "$set": { - "body": "This is a modified test tweet", - "updatedAt": 1499627554467, - "updatedById": "596280222157d09ddf9d729a" - } -} -2017-07-09 21:12:34 ERROR update tweet not possible for 583676d3618530145474e352. -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tmeasday", role: "editor", id: "596280222157d09ddf9d729a", -Operation: "", variables: "", -Query: -{ - tweet(id: "596280222157d09ddf9d729b") { - body - } -} - -2017-07-09 21:12:34 tweet readOne with user tmeasday is authorized -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tmeasday", role: "editor", id: "596280222157d09ddf9d729a", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "596280222157d09ddf9d729b") -} - -2017-07-09 21:12:34 authQuery: { - "$or": [ - { - "authorId": "596280222157d09ddf9d729a" - } - ] -} -2017-07-09 21:12:34 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized -2017-07-09 21:12:34 removed tweet 596280222157d09ddf9d729b. -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tmeasday", role: "editor", id: "596280222157d09ddf9d729a", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-07-09 21:12:34 authQuery: { - "$or": [ - { - "authorId": "596280222157d09ddf9d729a" - } - ] -} -2017-07-09 21:12:34 tweet getOneById in removeById for docBefore readOne with user tmeasday is authorized -2017-07-09 21:12:34 ERROR remove tweet failed for finalQuery: { - "_id": "583676d3618530145474e352", - "$or": [ - { - "authorId": "596280222157d09ddf9d729a" - } - ] -} -2017-07-09 21:12:34 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tmeasday", role: "editor", id: "596280222157d09ddf9d729a", -Operation: "", variables: "", -Query: -{ - tweet(id: "596280222157d09ddf9d729b") { - body - } -} - -2017-07-09 21:12:34 tweet readOne with user tmeasday is authorized -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "tmeasday", role: "editor", id: "596280222157d09ddf9d729a", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "596280222157d09ddf9d729a") -} - -2017-07-09 21:12:34 authQuery: { - "$or": [ - { - "_id": "596280222157d09ddf9d729a" - } - ] -} -2017-07-09 21:12:34 removed user 596280222157d09ddf9d729a. -2017-07-09 21:12:34 -------------------------------------------------------------------------------- -2017-07-09 21:12:34 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "596280222157d09ddf9d729a") { - username - bio - role - } -} - -2017-07-09 21:12:34 ERROR Authorization: Not authorized to readOne in user. -2017-08-18 18:06:03 Logger started -2017-08-18 18:06:29 Logger started From 720fbd3ce3cc40396b63c624625e000b5d4b567d Mon Sep 17 00:00:00 2001 From: Tobias Klemmer Date: Mon, 17 Jul 2017 00:46:36 +0200 Subject: [PATCH 49/69] merge correction --- test/output-app/README.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/test/output-app/README.md b/test/output-app/README.md index 4c6e91c..e43e402 100644 --- a/test/output-app/README.md +++ b/test/output-app/README.md @@ -309,6 +309,7 @@ export default class { this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); ======= constructor(context){ +<<<<<<< HEAD <<<<<<< HEAD ... this.unauthorizedLoader = new DataLoader(ids => findByIds(this.collection, ids)); @@ -333,6 +334,8 @@ export default class { } catch (err){ log.error(err.message); } } ======= +======= +>>>>>>> merge correction ... const { me, User } = context; let authQuery; From 4f3856b540d823533852e2ea643aec9bfd16bc44 Mon Sep 17 00:00:00 2001 From: Tobias Klemmer Date: Tue, 18 Jul 2017 23:55:55 +0200 Subject: [PATCH 50/69] authorization-simple --- test/input/User.graphql | 5 +- .../scripts/run-end-to-end-tests.sh | 9 +- .../test-5-mutations-with-user-role-user.js | 8 + .../test-6-mutations-with-user-role-editor.js | 8 + test/output-app/README.md | 578 ++--- test/output-app/log/all-logs-readable.log | 0 test/output-app/model/Tweet.js | 101 +- test/output-app/model/User.js | 167 +- test/output-app/resolvers/Tweet.js | 18 +- test/output-app/resolvers/User.js | 20 +- test/output-app/server/authorize.js | 119 +- .../server/logs/all-logs-readable.log | 2144 +++++++++++++++++ 12 files changed, 2587 insertions(+), 590 deletions(-) create mode 100644 test/output-app/log/all-logs-readable.log create mode 100644 test/output-app/server/logs/all-logs-readable.log diff --git a/test/input/User.graphql b/test/input/User.graphql index fb57e40..86b3007 100644 --- a/test/input/User.graphql +++ b/test/input/User.graphql @@ -2,12 +2,11 @@ type User @authorize( admin: ["create", "read", "update", "delete"] - this: ["readOne", "update", "delete"] + this: ["read", "update", "delete"] ) { - role: String @authRole("admin") @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) - + role: String @authRole("admin") username: String! bio: String diff --git a/test/output-app-end-to-end/scripts/run-end-to-end-tests.sh b/test/output-app-end-to-end/scripts/run-end-to-end-tests.sh index 5d2d677..6746686 100755 --- a/test/output-app-end-to-end/scripts/run-end-to-end-tests.sh +++ b/test/output-app-end-to-end/scripts/run-end-to-end-tests.sh @@ -27,10 +27,8 @@ mongoimport --drop --host 127.0.0.1:3002 --db database --collection tweet "$SEED echo "running tests" -$MOCHA "$TEST_DIR" - -echo "Please consider the log file for debugging $LOG_FILE" -echo "" +# Test all... + $MOCHA "$TEST_DIR" # Test only specific test files... # $MOCHA "$TEST_DIR/test-1-roles.js" @@ -39,3 +37,6 @@ echo "" # $MOCHA "$TEST_DIR/test-4-mutations-with-unknown-user.js" # $MOCHA "$TEST_DIR/test-5-mutations-with-user-role-user.js" # $MOCHA "$TEST_DIR/test-6-mutations-with-user-role-editor.js" + +echo "Please consider the log file for debugging $LOG_FILE" +echo "" diff --git a/test/output-app-end-to-end/test-5-mutations-with-user-role-user.js b/test/output-app-end-to-end/test-5-mutations-with-user-role-user.js index 0e994fb..aa585f8 100644 --- a/test/output-app-end-to-end/test-5-mutations-with-user-role-user.js +++ b/test/output-app-end-to-end/test-5-mutations-with-user-role-user.js @@ -59,6 +59,10 @@ describe('test-5: user with role "user"', () => { newUser = result.data.createUser.id; done(); }) + .catch(err => { + console.log(err); + done(); + }); }); describe('on type "user" (part 1)...', () => { @@ -235,6 +239,10 @@ describe('test-5: user with role "user"', () => { tweetId = result.data.createTweet.id; done(); }) + .catch(err => { + console.log(err); + done(); + }); }); it('can create tweet for himself', () => { diff --git a/test/output-app-end-to-end/test-6-mutations-with-user-role-editor.js b/test/output-app-end-to-end/test-6-mutations-with-user-role-editor.js index cf3b7e5..5cdc327 100644 --- a/test/output-app-end-to-end/test-6-mutations-with-user-role-editor.js +++ b/test/output-app-end-to-end/test-6-mutations-with-user-role-editor.js @@ -59,6 +59,10 @@ describe('test-6: user with role "editor"', () => { newUser = result.data.createUser.id; done(); }) + .catch(err => { + console.log(err); + done(); + }); }); describe('on type "user" (part 1)...', () => { @@ -224,6 +228,10 @@ describe('test-6: user with role "editor"', () => { tweetId = result.data.createTweet.id; done(); }) + .catch(err => { + console.log(err); + done(); + }); }); it('can create tweet for himself', () => { diff --git a/test/output-app/README.md b/test/output-app/README.md index e43e402..f385534 100644 --- a/test/output-app/README.md +++ b/test/output-app/README.md @@ -238,12 +238,16 @@ type User ) { +<<<<<<< HEAD <<<<<<< HEAD role: String @authRole("admin") ======= role: String @authRole("admin") @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) >>>>>>> new authorization version from 2017-07-17 +======= + role: String @authRole("admin") +>>>>>>> authorization-simple username: String! bio: String @@ -265,6 +269,7 @@ This has the following meaning: * document-role: "this", is created (document roles have own fields in the document, but this is a special case for the field _id, which is not shown in the input type, but will be generated in the later schema file.) Only the user id of "this" meaning _id is allowed to readOne, update, delete its single User document. +<<<<<<< HEAD <<<<<<< HEAD Use create-graphql-server command to generate the according schema, resolver, model files with the create-graphql-server command line interface. After its generation, you will find the generated files in the sub folders: schema, resolvers, model. The generated model files will use the following functions to implement the authorization logic. ======= @@ -281,6 +286,8 @@ In this case it checks: * if the user-role "admin" is the authorized user, then it allows him to create, read, update, delete operations also on the document, if it contains the field "role" * if the document-role "this" (=owner of the document user._id_ = doc._id_) to do the operations "readOne" on the User document, but it doesn't allow him to upgrade/update his own User.role. +======= +>>>>>>> authorization-simple Use create-graphql-server cli to generate the according schema, resolver, model files with the create-graphql-server command line interface. After its generation, you will find the generated files in the sub folders: schema, resolvers, model folders. The generated model files will use the following functions to implement the authorization logic. >>>>>>> new authorization version from 2017-07-17 @@ -293,6 +300,7 @@ import { findByIds, queryForRoles, getLogFilename, logger, authlog, checkAuthDoc const log = logger(getLogFilename()); export default class { +<<<<<<< HEAD <<<<<<< HEAD constructor(context) { this.context = context; @@ -349,25 +357,29 @@ export default class { this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); ... } +======= + constructor(context) { + ... + let authQuery; + try { + const { me, User } = context; + authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User }, authlog('tweet findOneById', 'readOne', me)); + } catch (err) { + log.error(err.message); + authQuery = {_id: false}; // otherwise admin access + } + this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); + } +>>>>>>> authorization-simple ... -// used from server calls, without authorization checks, NOT for use in resolvers -async findOneById(id, me = {}, resolver = 'tweet findOneById') { +async findOneById(id, me, resolver) { try { - return await this.unauthorizedLoader.load(id); + return await this.authorizedLoader.load(id); } catch (err) { log.error(err.message); } } -// used for api calls, with authorization checks, for use in resolvers -async getOneById(id, me = {}, resolver = 'tweet getOneById') { +find({ lastCreatedAt = 0, limit = 10, baseQuery = { createdAt: { $gt: lastCreatedAt } } }, me, resolver) { try { - const result = await this.authorizedLoader.load(id); - return result; - } catch (err) { log.error(err.message); } -} - -all({ lastCreatedAt = 0, limit = 10 }, me, resolver = 'tweet all') { - try { - const baseQuery = { createdAt: { $gt: lastCreatedAt } }; const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); const finalQuery = {...baseQuery, ...authQuery}; return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); @@ -382,6 +394,7 @@ all({ lastCreatedAt = 0, limit = 10 }, me, resolver = 'tweet all') { generated model file for the above input type Tweet.graphql considering the @authorize directive. You can see, the directive argument "read" is used to express "readOne" and "readMany" at the same time. Instead you can use "readOne" and "readMany" for fine grained control on read operations, to allow access to just one record or many records. ```javascript <<<<<<< HEAD +<<<<<<< HEAD import DataLoader from 'dataloader'; import { findByIds, queryForRoles, getLogFilename, logger, authlog, checkAuthDoc } from 'create-graphql-server-authorization'; const log = logger(getLogFilename()); @@ -390,6 +403,11 @@ iimport log from '../server/logger'; import DataLoader from 'dataloader'; import { findByIds, queryForRoles, fieldForRoles, fieldContainsUserId, authorizedFields, authlog } from '../server/authorize'; >>>>>>> new authorization version from 2017-07-17 +======= +import log from '../server/logger'; +import DataLoader from 'dataloader'; +import { findByIds, queryForRoles, authlog, checkAuthDoc } from '../server/authorize'; +>>>>>>> authorization-simple export default class Tweet { constructor(context) { @@ -397,6 +415,7 @@ export default class Tweet { this.collection = context.db.collection('tweet'); this.pubsub = context.pubsub; <<<<<<< HEAD +<<<<<<< HEAD <<<<<<< HEAD let authQuery; try { @@ -432,35 +451,27 @@ export default class Tweet { const finalQuery = {...baseQuery, ...authQuery, createdAt: { $gt: lastCreatedAt }}; ======= const { me, User } = context; +======= +>>>>>>> authorization-simple let authQuery; try { - authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User }, authlog('tweet findOneLoader', 'readOne', me)); + const { me, User } = context; + authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User }, authlog('tweet findOneById', 'readOne', me)); } catch (err) { log.error(err.message); - authQuery = {_id: false}; + authQuery = {_id: false}; // otherwise admin access } - this.unauthorizedLoader = new DataLoader(ids => findByIds(this.collection, ids)); this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); } - // used from server calls, without authorization checks, NOT for use in resolvers - async findOneById(id, me = {}, resolver = 'tweet findOneById') { - try { - return await this.unauthorizedLoader.load(id); - } catch (err) { log.error(err.message); } - } - - // used for api calls, with authorization checks, for use in resolvers - async getOneById(id, me = {}, resolver = 'tweet getOneById') { + async findOneById(id, me, resolver) { try { - const result = await this.authorizedLoader.load(id); - return result; + return await this.authorizedLoader.load(id); } catch (err) { log.error(err.message); } } - all({ lastCreatedAt = 0, limit = 10 }, me, resolver = 'tweet all') { + find({ lastCreatedAt = 0, limit = 10, baseQuery = { createdAt: { $gt: lastCreatedAt } } }, me, resolver) { try { - const baseQuery = { createdAt: { $gt: lastCreatedAt } }; const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); const finalQuery = {...baseQuery, ...authQuery}; >>>>>>> new authorization version from 2017-07-17 @@ -468,6 +479,7 @@ export default class Tweet { } catch (err){ log.error(err.message); } } +<<<<<<< HEAD <<<<<<< HEAD createdBy(tweet, me, resolver) { return this.context.User.findOneById(tweet.createdById, me, resolver); @@ -497,44 +509,44 @@ export default class Tweet { ======= author(tweet, me, resolver = 'tweet author') { return this.context.User.getOneById(tweet.authorId, me, resolver); +======= + createdBy(tweet, me, resolver) { + return this.context.User.findOneById(tweet.createdById, me, resolver); +>>>>>>> authorization-simple } - createdBy(tweet, me, resolver = 'tweet createdBy') { - return this.context.User.getOneById(tweet.createdById, me, resolver); + updatedBy(tweet, me, resolver) { + return this.context.User.findOneById(tweet.updatedById, me, resolver); } - updatedBy(tweet, me, resolver = 'tweet updatedBy') { - return this.context.User.getOneById(tweet.updatedById, me, resolver); + author(tweet, me, resolver) { + return this.context.User.findOneById(tweet.authorId, me, resolver); } - coauthors(tweet, { lastCreatedAt = 0, limit = 10 }, me, resolver = 'tweet coauthors') { - try { - const baseQuery = {_id: { $in: tweet.coauthorsIds }, createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); - const finalQuery = {...baseQuery, ...authQuery}; - return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); - } catch (err){ log.error(err.message); } + coauthors(tweet, { lastCreatedAt = 0, limit = 10 }, me, resolver) { + const baseQuery = {_id: { $in: tweet.coauthorsIds }, createdAt: { $gt: lastCreatedAt } }; + return this.context.User.find({ lastCreatedAt, limit, baseQuery }, me, resolver); } - likers(tweet, { lastCreatedAt = 0, limit = 10 }, me, resolver = 'tweet likers') { - try { - const baseQuery = {likedIds: tweet._id, createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); - const finalQuery = {...baseQuery, ...authQuery}; - return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); - } catch (err){ log.error(err.message); } + likers(tweet, { lastCreatedAt = 0, limit = 10 }, me, resolver) { + const baseQuery = {likedIds: tweet._id, createdAt: { $gt: lastCreatedAt } }; + return this.context.User.find({ lastCreatedAt, limit, baseQuery }, me, resolver); } - async insert(doc, me, resolver = 'insert tweet') { + async insert(doc, me, resolver) { try { +<<<<<<< HEAD let insertedDoc = null; >>>>>>> new authorization version from 2017-07-17 +======= +>>>>>>> authorization-simple let docToInsert = Object.assign({}, doc, { createdAt: Date.now(), updatedAt: Date.now(), createdById: (me && me._id) ? me._id : 'unknown', updatedById: (me && me._id) ? me._id : 'unknown', }); +<<<<<<< HEAD <<<<<<< HEAD log.debug(JSON.stringify(docToInsert, null, 2)); @@ -555,21 +567,28 @@ export default class Tweet { throw new Error('Not authorized to insert tweet'); } +======= + log.debug(JSON.stringify(docToInsert, null, 2)); + // const authQuery = queryForRoles(me, ['admin'], ['authorId'], { User: this.context.User }, authlog(resolver, 'create', me)); + checkAuthDoc(docToInsert, me, ['admin'], ['authorId'], { User: this.context.User }, authlog(resolver, 'create', me)); +>>>>>>> authorization-simple const id = (await this.collection.insertOne(docToInsert)).insertedId; if (!id) { - log.error('insert tweet failed for docToInsert:', JSON.stringify(docToInsert, null, 2)); - throw new Error(`insert tweet not possible for ${id}.`); + throw new Error(`insert tweet not possible.`); } - log.debug(`inserted tweet ${id}.`); +<<<<<<< HEAD insertedDoc = this.getOneById(id, me, 'pubsub tweetInserted'); >>>>>>> new authorization version from 2017-07-17 +======= + const insertedDoc = this.findOneById(id, me, 'pubsub tweetInserted'); +>>>>>>> authorization-simple this.pubsub.publish('tweetInserted', insertedDoc); return insertedDoc; - } catch (err){ log.error(err.message); } } +<<<<<<< HEAD <<<<<<< HEAD async updateById(id, doc, me, resolver) { try { @@ -580,13 +599,17 @@ export default class Tweet { let updatedDoc = null; const docBefore = await this.getOneById(id, me, 'tweet getOneById in updateById for docBefore'); >>>>>>> new authorization version from 2017-07-17 +======= + async updateById(id, doc, me, resolver) { + try { +>>>>>>> authorization-simple let docToUpdate = {$set: Object.assign({}, doc, { updatedAt: Date.now(), updatedById: (me && me._id) ? me._id : 'unknown', })}; - const baseQuery = {_id: id}; const authQuery = queryForRoles(me, ['admin'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'update', me)); +<<<<<<< HEAD <<<<<<< HEAD const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.updateOne(finalQuery, docToUpdate); @@ -599,10 +622,15 @@ export default class Tweet { log.error(`update tweet failed finalQuery:`, JSON.stringify(finalQuery, null, 2)); log.error('update tweet failed for docToUpdate:', JSON.stringify(docToUpdate, null, 2)); >>>>>>> new authorization version from 2017-07-17 +======= + const finalQuery = {...baseQuery, ...authQuery}; + const result = await this.collection.updateOne(finalQuery, docToUpdate); + if (result.result.ok !== 1 || result.result.n !== 1){ +>>>>>>> authorization-simple throw new Error(`update tweet not possible for ${id}.`); } - log.debug(`updated tweet ${id}.`); +<<<<<<< HEAD <<<<<<< HEAD this.authorizedLoader.clear(id); const updatedDoc = this.findOneById(id, me, 'pubsub tweetUpdated'); @@ -612,12 +640,16 @@ export default class Tweet { updatedDoc = this.getOneById(id, me, 'pubsub tweetUpdated'); >>>>>>> new authorization version from 2017-07-17 +======= + this.authorizedLoader.clear(id); + const updatedDoc = this.findOneById(id, me, 'pubsub tweetUpdated'); +>>>>>>> authorization-simple this.pubsub.publish('tweetUpdated', updatedDoc); return updatedDoc; - } catch (err){ log.error(err.message); } } +<<<<<<< HEAD <<<<<<< HEAD async removeById(id, me, resolver) { try { @@ -627,10 +659,15 @@ export default class Tweet { try { const docBefore = this.getOneById(id, me, 'tweet getOneById in removeById for docBefore'); >>>>>>> new authorization version from 2017-07-17 +======= + async removeById(id, me, resolver) { + try { +>>>>>>> authorization-simple const baseQuery = {_id: id}; const authQuery = queryForRoles(me, ['admin'], ['authorId'], { User: this.context.User }, authlog(resolver, 'delete', me)); const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.remove(finalQuery); +<<<<<<< HEAD <<<<<<< HEAD if (result.result.ok !== 1 || result.result.n !== 1){ ======= @@ -638,10 +675,13 @@ export default class Tweet { if (result.result.ok !== 1 || result.result.n !== 1){ log.error(`remove tweet failed for finalQuery:`, JSON.stringify(finalQuery, null, 2)); >>>>>>> new authorization version from 2017-07-17 +======= + if (result.result.ok !== 1 || result.result.n !== 1){ +>>>>>>> authorization-simple throw new Error(`remove tweet not possible for ${id}.`); } - log.debug(`removed tweet ${id}.`); +<<<<<<< HEAD <<<<<<< HEAD this.authorizedLoader.clear(id); this.pubsub.publish('tweetRemoved', id); @@ -649,12 +689,16 @@ export default class Tweet { ======= this.unauthorizedLoader.clear(id); +======= +>>>>>>> authorization-simple this.authorizedLoader.clear(id); - this.pubsub.publish('tweetRemoved', id); return result; +<<<<<<< HEAD >>>>>>> new authorization version from 2017-07-17 +======= +>>>>>>> authorization-simple } catch (err){ log.error(err.message); } } } @@ -671,11 +715,15 @@ this.auth is generated by the @authorize directive. Here also with field authori ```javascript import DataLoader from 'dataloader'; <<<<<<< HEAD +<<<<<<< HEAD import { findByIds, queryForRoles, getLogFilename, logger, authlog, checkAuthDoc, protectFields } from 'create-graphql-server-authorization'; const log = logger(getLogFilename()); ======= import { findByIds, queryForRoles, fieldForRoles, fieldContainsUserId, authorizedFields, authlog } from '../server/authorize'; >>>>>>> new authorization version from 2017-07-17 +======= +import { findByIds, queryForRoles, authlog, checkAuthDoc } from '../server/authorize'; +>>>>>>> authorization-simple export default class User { constructor(context) { @@ -683,6 +731,7 @@ export default class User { this.collection = context.db.collection('user'); this.pubsub = context.pubsub; <<<<<<< HEAD +<<<<<<< HEAD <<<<<<< HEAD this.authRole = User.authRole; let authQuery; @@ -717,23 +766,30 @@ export default class User { ======= const { me } = context; this.authRole = User.authRole; // otherwise not accessible in queryForRoles +======= + this.authRole = User.authRole; +>>>>>>> authorization-simple let authQuery; try { - authQuery = queryForRoles(me, ['admin'], ['_id'], { User }, authlog('user findOneLoader', 'readOne', me)); + const { me } = context; + authQuery = queryForRoles(me, ['admin'], ['_id'], { User }, authlog('user findOneById', 'readOne', me)); } catch (err) { log.error(err.message); - authQuery = {_id: false}; + authQuery = {_id: false}; // otherwise admin access } - this.unauthorizedLoader = new DataLoader(ids => findByIds(this.collection, ids)); this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); } +<<<<<<< HEAD // returns the role of the user >>>>>>> new authorization version from 2017-07-17 +======= +>>>>>>> authorization-simple static authRole(user){ return (user && user.role) ? user.role : null; } +<<<<<<< HEAD <<<<<<< HEAD async findOneById(id, me, resolver) { try { @@ -825,170 +881,123 @@ export default class User { ======= // used from server calls, without authorization checks, NOT for use in resolvers async findOneById(id, me = {}, resolver = 'user findOneById') { +======= + async findOneById(id, me, resolver) { +>>>>>>> authorization-simple try { - return await this.unauthorizedLoader.load(id); + return await this.authorizedLoader.load(id); } catch (err) { log.error(err.message); } } - // used for api calls, with authorization checks, for use in resolvers - async getOneById(id, me = {}, resolver = 'user getOneById') { + find({ lastCreatedAt = 0, limit = 10, baseQuery = { createdAt: { $gt: lastCreatedAt } } }, me, resolver) { try { - const result = await this.authorizedLoader.load(id); - // role: @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) - // ===== ====== ==== ======= - return authorizedFields(result, 'role', me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver + 'field "role"', 'readOne', me)); + const authQuery = queryForRoles(me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'readMany', me)); + const finalQuery = {...baseQuery, ...authQuery}; + return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } catch (err) { log.error(err.message); } } - all({ lastCreatedAt = 0, limit = 10 }, me, resolver = 'user all') { - try { - const baseQuery = { createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(me, ['admin'], [], { User: this.context.User }, authlog(resolver, 'readMany', me)); - // role: @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) - // ===== ====== - let authFields = {}; - authFields = fieldForRoles(authFields, 'role', me, ['admin'], [], { User: this.context.User }, authlog(resolver + 'field "role"', 'readMany', me)); - const finalQuery = {...baseQuery, ...authQuery}; - return this.collection.find(finalQuery).sort({ createdAt: 1 }).project(authFields).limit(limit).toArray(); - } catch (err) { log.error(err.message); } + tweets(user, { minLikes, lastCreatedAt = 0, limit = 10 }, me, resolver) { + const baseQuery = { authorId: user._id, createdAt: { $gt: lastCreatedAt } }; + return this.context.Tweet.find({ lastCreatedAt, limit, baseQuery }, me, resolver); } - tweets(user, { minLikes, lastCreatedAt = 0, limit = 10 }, me, resolver = 'user tweets') { - try { - const baseQuery = { - authorId: user._id, - createdAt: { $gt: lastCreatedAt }, - }; - const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); - const finalQuery = {...baseQuery, ...authQuery}; - return this.context.Tweet.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); - } catch (err) { log.error(err.message); } + liked(user, { lastCreatedAt = 0, limit = 10 }, me, resolver) { + const baseQuery = { _id: { $in: user.likedIds || [] }, createdAt: { $gt: lastCreatedAt } }; + return this.context.Tweet.find({ lastCreatedAt, limit, baseQuery }, me, resolver); } - liked(user, { lastCreatedAt = 0, limit = 10 }, me, resolver = 'user liked') { - try { - const baseQuery = { - _id: { $in: user.likedIds }, - createdAt: { $gt: lastCreatedAt }, - }; - const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); - const finalQuery = {...baseQuery, ...authQuery}; - return this.context.Tweet.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); - } catch (err) { log.error(err.message); } + following(user, { lastCreatedAt = 0, limit = 10 }, me, resolver) { + const baseQuery = { _id: { $in: user.followingIds || [] }, createdAt: { $gt: lastCreatedAt } }; + return this.context.User.find({ lastCreatedAt, limit, baseQuery }, me, resolver); } - following(user, { lastCreatedAt = 0, limit = 10 }, me, resolver = 'user following') { - try { - const baseQuery = { - _id: { $in: user.followingIds || [] }, - createdAt: { $gt: lastCreatedAt }, - }; - const authQuery = queryForRoles(me, ['admin'], [], { User: this.context.User }, authlog(resolver, 'readMany', me)); - // role: @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) - // ====== - let authFields = {}; - authFields = fieldForRoles(authFields, 'role', me, ['admin'], [], { User: this.context.User }, authlog(resolver + 'field "role"', 'readMany', me)); - const finalQuery = {...baseQuery, ...authQuery}; - return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).project(authFields).limit(limit).toArray(); - } catch (err) { log.error(err.message); } + followers(user, { lastCreatedAt = 0, limit = 10 }, me, resolver) { + const baseQuery = { followingIds: user._id, createdAt: { $gt: lastCreatedAt } }; + return this.context.User.find({ lastCreatedAt, limit, baseQuery }, me, resolver); } - followers(user, { lastCreatedAt = 0, limit = 10 }, me, resolver = 'user followers') { - try { - const baseQuery = { - followingIds: user._id, - createdAt: { $gt: lastCreatedAt }, - }; - const authQuery = queryForRoles(me, ['admin'], [], { User: this.context.User }, authlog(resolver, 'readMany', me)); - // role: @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) - // ====== - let authFields = {}; - authFields = fieldForRoles(authFields, 'role', me, ['admin'], [], { User: this.context.User }, authlog(resolver + 'field "role"', 'readMany', me)); - const finalQuery = {...baseQuery, ...authQuery}; - return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).project(authFields).limit(limit).toArray(); - } catch (err) { log.error(err.message); } + createdBy(user, me, resolver) { + return this.context.User.findOneById(user.createdById, me, resolver); } - createdBy(user, me, resolver = 'user createdBy') { - return this.context.User.getOneById(user.createdById, me, resolver); + updatedBy(user, me, resolver) { + return this.context.User.findOneById(user.updatedById, me, resolver); } - updatedBy(user, me, resolver = 'user updatedBy') { - return this.context.User.getOneById(user.updatedById, me, resolver); + // Begin of user inserted method + protectFields(me, authorizedUserRoles, protectedFields, inputObject){ + const result = Object.assign({}, inputObject); + const role = this.context.User.authRole(me); + // if user is not allowed to access specific fields... + if (!authorizedUserRoles.includes(role)){ + protectedFields.every(protectedField => { + if (result[protectedField]) delete result[protectedField]; + }); + } + return result; } + // End of user inserted method - async insert(doc, me, resolver = 'insert user') { + async insert(doc, me, resolver) { try { - let insertedDoc = null; let docToInsert = Object.assign({}, doc, { createdAt: Date.now(), updatedAt: Date.now(), createdById: (me && me._id) ? me._id : 'unknown', updatedById: (me && me._id) ? me._id : 'unknown', }); - - const authQuery = queryForRoles(me, ['admin'], [], { User: this.context.User }, authlog(resolver, 'create', me)); - // role: @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) - // ===== ====== - docToInsert = authorizedFields(docToInsert, 'role', me, ['admin'], [], { User: this.context.User }, authlog(resolver + 'field "role"', 'create', me)); - + // const authQuery = queryForRoles(me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'create', me)); + checkAuthDoc(docToInsert, me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'create', me)); + // User inserted line: + docToInsert = this.protectFields(me, ['admin'], ['role'], docToInsert); const id = (await this.collection.insertOne(docToInsert)).insertedId; if (!id) { - log.error('insert user failed for:', JSON.stringify(docToInsert, null, 2)); - throw new Error(`insert user not possible for user ${id}.`); + throw new Error(`insert user not possible.`); } - log.debug(`inserted user ${id}.`); - insertedDoc = this.getOneById(id, me, 'pubsub userInserted'); + const insertedDoc = this.findOneById(id, me, 'pubsub userInserted'); this.pubsub.publish('userInserted', insertedDoc); return insertedDoc; - } catch (err) { log.error(err.message); } } - async updateById(id, doc, me, resolver = 'update user') { + async updateById(id, doc, me, resolver) { try { - let updatedDoc = null; - const docBefore = await this.findOneById(id, me, 'user findOneById in updateById for docBefore'); let docToUpdate = {$set: Object.assign({}, doc, { updatedAt: Date.now(), updatedById: (me && me._id) ? me._id : 'unknown', })}; - const baseQuery = {_id: id}; const authQuery = queryForRoles(me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'update', me)); - // role: @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) - // ===== ====== - docToUpdate.$set = authorizedFields(docToUpdate.$set, 'role', me, ['admin'], [], { User: this.context.User }, authlog(resolver + 'field "role"', 'update', me)); - const finalQuery = {...baseQuery, ...authQuery}; + // User inserted line: + docToUpdate.$set = this.protectFields(me, ['admin'], ['role'], docToUpdate.$set); const result = await this.collection.updateOne(finalQuery, docToUpdate); - if (result.result.ok !== 1){ - log.error(`update user failed finalQuery:`, JSON.stringify(finalQuery, null, 2)); - log.error('update user failed for docToUpdate:', JSON.stringify(docToUpdate, null, 2)); + if (result.result.ok !== 1 || result.result.n !== 1){ throw new Error(`update user not possible for ${id}.`); } - log.debug(`updated user ${id}.`); - this.unauthorizedLoader.clear(id); this.authorizedLoader.clear(id); - - updatedDoc = this.getOneById(id, me, 'pubsub userUpdated') + const updatedDoc = this.findOneById(id, me, 'pubsub userUpdated') this.pubsub.publish('userUpdated', updatedDoc); return updatedDoc; - } catch (err) { log.error(err.message); } } - async removeById(id, me, resolver = 'remove user') { + async removeById(id, me, resolver) { try { +<<<<<<< HEAD const docBefore = await this.findOneById(id, me, 'user findOneById in removeById for docBefore'); >>>>>>> new authorization version from 2017-07-17 +======= +>>>>>>> authorization-simple const baseQuery = {_id: id}; const authQuery = queryForRoles(me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'delete', me)); const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.remove(finalQuery); if (result.result.ok !== 1 || result.result.n !== 1){ +<<<<<<< HEAD <<<<<<< HEAD throw new Error(`remove user not possible for ${id}.`); } @@ -998,17 +1007,19 @@ export default class User { return result; ======= log.error(`remove user failed for finalQuery:`, JSON.stringify(finalQuery, null, 2)); +======= +>>>>>>> authorization-simple throw new Error(`remove user not possible for ${id}.`); } - log.debug(`removed user ${id}.`); - this.unauthorizedLoader.clear(id); this.authorizedLoader.clear(id); - this.pubsub.publish('userRemoved', id); return result; +<<<<<<< HEAD >>>>>>> new authorization version from 2017-07-17 +======= +>>>>>>> authorization-simple } catch (err) { log.error(err.message); } } } @@ -1226,131 +1237,47 @@ export function findByIds(collection, ids = [], authQuery) { } ``` -### function loggedIn -Use function loggedIn, to check if a user is logged in. +### function checkAuthDoc +Use function checkAuthDoc to check and get back the document. Especially used in insert operations, to figure out, if the toBeInsertedDoc is valid to be added by this userRole, docRole and action. ```javascript -// returns true, if user is logged in -export function loggedIn(me) { - if(me && me._id && me._id.toString() !== '') { - return true; - } - return false; -} -``` - -### function fieldAuthorized -User function fieldAuthorized, to check, if a user is allowed to access a specific field e.g. field "role" in the User model. +export function checkAuthDoc(doc, me, userRoles, docRoles, { User }, logger){ + const role = User.authRole(me); -```javascript -// returns true, if authorized to get field -// returns false, if NOT authorized to get field -export function fieldAuthorized(me = {}, userRoles = [], docRoles = [], { User }, logger){ - // The logged in user's role is authorized for the field - if (roleAuthorizedForDoc(me, userRoles, docRoles, { User }, logger)) { - return true; - } - // The user might be listed in any document field - if (loggedIn(me) && docRoles.length > 0){ - return true; + // check if userRole entitles current user for this action + if (userRoleAuthorized(me, userRoles, { User }, logger)) { + logger.debug(`and role: "${role}" is authorized by userRole.`); + return doc; } - return false; -} -``` - -### function fieldForRoles -Use function fieldForRoles to prepare an authField object, which can be used in db calls, to get only those fields, the user is allowed to access. Use it like... - -```javascript -const authField = fieldForRoles(...) -this.collection.find(finalQuery).sort({ createdAt: 1 }).project(authFields).limit(limit).toArray(); -``` - -```javascript -// returns a projection query of fields not to be shown, e.g. { role: 0 } -export function fieldForRoles(projection, field, me = {}, userRoles = [], docRoles = [], { User }, logger){ - const role = User.authRole(me); - // The logged in user's role is authorized for the field - if (roleAuthorizedForDoc(me, userRoles, docRoles, { User }, logger)) { - return projection; - } - // The user is listed in any document field - if (loggedIn(me) && docRoles.length > 0){ - return projection; + // check if docRole entitles current user for this document and action + let authorized = false; + docRoles.every(field => { + if (fieldContainsUserId(doc[field], me._id)){ + authorized = true; + } + }) + if (authorized) { + logger.debug(`and role: "${role}" is authorized by docRole.`); + return doc; } - const authFields = Object.assign({}, { [field]: 0 }, projection); - logger.debug(`and role "${role ? role : ''}" not authorized to access field "${field}".`) - return authFields; + + // Not Authorized + logger.error(`and role: "${role}" is not authorized.`); } ``` -### function authorizedFields -Use function authorizedFields, to filter documents, to contain only the fields, which the user is allowed to access. E.g. pass in a result variable, which can be whether an array of documents or a document. It returns the documents without the field "role", if the user is not allowed to access the field role. - -```javascript -// imports a result (which is document or an array of documents), and returns the result, -// but it removes the field without authorization from documents, -// e.g. field "role" is removed from all result documents, if the user/role is not allowed to access it -export function authorizedFields(result, field, me, userRoles = [], docRoles = [], { User }, logger){ - const role = User.authRole(me) || ''; - - // if any userRole authorizes field - if (roleAuthorizedForDoc(me, userRoles, docRoles, { User }, logger)) { - return result; - } - - // if any docRole authorizes field - // The user is listed in any document field - if (loggedIn(me) && docRoles.length > 0){ - - // if the result was an array of documents, check each doc and field - if (_.isArray(result)){ - const authorizedResult = []; - // check all documents in the result array - result.every(doc => { - let fieldAuthorized = false; - // check all docRoles if any of them authorizes field - docRoles.every(docRole => { - // if one docRole authorizes the field, then fieldAuthorized = true - if (doc[docRole] && fieldContainsUserId(doc[docRole], me._id)){ - fieldAuthorized = true; - } - }); - if (!fieldAuthorized && doc[field]){ - delete doc[field]; - logger.debug(`with role "${role}" field "${field}" removed from document id "${doc._id}". No authorization.`); - } - authorizedResult.push(doc); - }); - return authorizedResult; - } - - // if the result was a document - if (_.isObject(result)){ - // check with all docRoles - let fieldAuthorized = false; - docRoles.every(docRole => { - // if one docRole authorizes the field, then fieldAuthorized = true - if (result[docRole] && fieldContainsUserId(result[docRole], me._id)){ - fieldAuthorized = true; - } - }); - if (!fieldAuthorized && result[field]){ - delete result[field]; - logger.debug(`with role "${role}" field "${field}" removed from document id "${result._id}". No authorization.`); - } - return result; - } - } +### function loggedIn +Use function loggedIn, to check if a user is logged in. - // not authorized to access field - if (result[field]){ - delete result[field]; - logger.debug(`with role "${role}" field "${field}" removed from document id "${result._id}". No authorization.`); +```javascript +// returns true, if user is logged in +export function loggedIn(me) { + if(me && me._id && me._id.toString() !== '') { + return true; } - return result; + return false; } ``` @@ -1396,7 +1323,7 @@ export function queryForRoles(me = {}, userRoles = [], docRoles = [], { User }, const role = User.authRole(me); // Build query for the case: The logged in user's role is authorized - if (roleAuthorizedForDoc(me, userRoles, docRoles, { User }, logger)) { + if (userRoleAuthorized(me, userRoles, { User }, logger)) { return {}; // empty authQuery means, do operation with no access restrictions >>>>>>> new authorization version from 2017-07-17 } @@ -1504,12 +1431,12 @@ function userRoleAuthorized( * **resolver:** this is a string with the resolver's name, optional, only for easier debugging * **me:** the user object, who is executing the request, and who is checked for authorization -### function roleAuthorizedForDoc +### function userRoleAuthorized This helper function is used by queryForRoles, and decides, if a user gains the authorization by its role. For example: If a user has a field "role" in his user document and it contains the value "admin". So it checks if a user's role is admin, and allows all operations for admins. ```javascript // returns true, if the user's role is authorized for a document -export function roleAuthorizedForDoc(me = {}, userRoles = [], docRoles = [], { User }, logger){ +export function userRoleAuthorized(me = {}, userRoles = [], { User }, logger){ const role = User.authRole(me); if ( userRoles.includes('world') || role && userRoles.length > 0 && userRoles.includes(role) ) { @@ -1602,6 +1529,7 @@ In the resolver interfaces, there are different objects: * the last argument in the resolver function is the resolver's name, which is optional and only to enhance the logging in debugging mode by additional information. If you have to analyze authorization outcomes, this helps a lot to figure out, which resolvers authorization rule fired. ```javascript +<<<<<<< HEAD <<<<<<< HEAD const resolvers = { User: { @@ -1725,6 +1653,68 @@ In the resolver interfaces, there are different objects: export default resolvers; >>>>>>> new authorization version from 2017-07-17 +======= + const resolvers = { + User: { + id(user) { + return user._id; + }, + + createdBy(user, args, { User, me }) { + return User.createdBy(user, me, 'user createdBy'); + }, + + updatedBy(user, args, { User, me }) { + return User.updatedBy(user, me, 'user updatedBy'); + }, + + tweets(user, { minLikes, lastCreatedAt, limit }, { User, me }) { + return User.tweets(user, { minLikes, lastCreatedAt, limit }, me, 'user tweets'); + }, + + liked(user, { lastCreatedAt, limit }, { User, me }) { + return User.liked(user, { lastCreatedAt, limit }, me, 'user liked'); + }, + + following(user, { lastCreatedAt, limit }, { User, me }) { + return User.following(user, { lastCreatedAt, limit }, me, 'user following'); + }, + + followers(user, { lastCreatedAt, limit }, { User, me }) { + return User.followers(user, { lastCreatedAt, limit }, me, 'user followers'); + }, + }, + Query: { + users(root, { lastCreatedAt, limit }, { User, me }) { + return User.find({ lastCreatedAt, limit }, me, 'users'); + }, + + user(root, { id }, { User, me }) { + return User.findOneById(id, me, 'user'); + }, + }, + Mutation: { + async createUser(root, { input }, { User, me }) { + return await User.insert(input, me, 'createUser'); + }, + + async updateUser(root, { id, input }, { User, me }) { + return await User.updateById(id, input, me, 'updateUser'); + }, + + async removeUser(root, { id }, { User, me }) { + return await User.removeById(id, me, 'removeUser'); + }, + }, + Subscription: { + userCreated: user => user, + userUpdated: user => user, + userRemoved: id => id, + }, + }; + + export default resolvers; +>>>>>>> authorization-simple ``` ### ./resolver/Tweet.js @@ -1743,6 +1733,7 @@ In the resolver interfaces, there are different objects: }, author(tweet, args, { Tweet, me }) { +<<<<<<< HEAD <<<<<<< HEAD return Tweet.author(tweet, me, 'tweet author'); }, @@ -1763,27 +1754,35 @@ In the resolver interfaces, there are different objects: return Tweet.likers(tweet, { lastCreatedAt, limit }, me, 'tweet likers'); ======= return Tweet.author(tweet, me, 'author'); +======= + return Tweet.author(tweet, me, 'tweet author'); +>>>>>>> authorization-simple }, createdBy(tweet, args, { Tweet, me }) { - return Tweet.createdBy(tweet, me, 'createdBy'); + return Tweet.createdBy(tweet, me, 'tweet createdBy'); }, updatedBy(tweet, args, { Tweet, me }) { - return Tweet.updatedBy(tweet, me, 'updatedBy'); + return Tweet.updatedBy(tweet, me, 'tweet updatedBy'); }, coauthors(tweet, { lastCreatedAt, limit }, { Tweet, me }) { - return Tweet.coauthors(tweet, { lastCreatedAt, limit }, me, 'coauthors'); + return Tweet.coauthors(tweet, { lastCreatedAt, limit }, me, 'tweet coauthors'); }, likers(tweet, { lastCreatedAt, limit }, { Tweet, me }) { +<<<<<<< HEAD return Tweet.likers(tweet, { lastCreatedAt, limit }, me, 'likers'); >>>>>>> new authorization version from 2017-07-17 +======= + return Tweet.likers(tweet, { lastCreatedAt, limit }, me, 'tweet likers'); +>>>>>>> authorization-simple }, }, Query: { tweets(root, { lastCreatedAt, limit }, { Tweet, me }) { +<<<<<<< HEAD <<<<<<< HEAD return Tweet.find({ lastCreatedAt, limit }, me, 'tweets'); }, @@ -1797,10 +1796,18 @@ In the resolver interfaces, there are different objects: tweet(root, { id }, { Tweet, me }) { return Tweet.getOneById(id, me, 'tweet'); >>>>>>> new authorization version from 2017-07-17 +======= + return Tweet.find({ lastCreatedAt, limit }, me, 'tweets'); + }, + + tweet(root, { id }, { Tweet, me }) { + return Tweet.findOneById(id, me, 'tweet'); +>>>>>>> authorization-simple }, }, Mutation: { async createTweet(root, { input }, { Tweet, me }) { +<<<<<<< HEAD <<<<<<< HEAD return await Tweet.insert(input, me, 'createTweet'); }, @@ -1814,6 +1821,13 @@ In the resolver interfaces, there are different objects: async updateTweet(root, { id, input }, { Tweet, me }) { return await Tweet.updateById(id, input, me); >>>>>>> new authorization version from 2017-07-17 +======= + return await Tweet.insert(input, me, 'createTweet'); + }, + + async updateTweet(root, { id, input }, { Tweet, me }) { + return await Tweet.updateById(id, input, me, 'updateTweet'); +>>>>>>> authorization-simple }, async removeTweet(root, { id }, { Tweet, me }) { diff --git a/test/output-app/log/all-logs-readable.log b/test/output-app/log/all-logs-readable.log new file mode 100644 index 0000000..e69de29 diff --git a/test/output-app/model/Tweet.js b/test/output-app/model/Tweet.js index cd02baa..e2c19bc 100644 --- a/test/output-app/model/Tweet.js +++ b/test/output-app/model/Tweet.js @@ -1,160 +1,115 @@ import log from '../server/logger'; import DataLoader from 'dataloader'; -import { findByIds, queryForRoles, fieldForRoles, fieldContainsUserId, authorizedFields, authlog } from '../server/authorize'; +import { findByIds, queryForRoles, authlog, checkAuthDoc } from '../server/authorize'; export default class Tweet { constructor(context) { this.context = context; this.collection = context.db.collection('tweet'); this.pubsub = context.pubsub; - const { me, User } = context; let authQuery; try { - authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User }, authlog('tweet findOneLoader', 'readOne', me)); + const { me, User } = context; + authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User }, authlog('tweet findOneById', 'readOne', me)); } catch (err) { log.error(err.message); - authQuery = {_id: false}; + authQuery = {_id: false}; // otherwise admin access } - this.unauthorizedLoader = new DataLoader(ids => findByIds(this.collection, ids)); this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); } - // used from server calls, without authorization checks, NOT for use in resolvers - async findOneById(id, me = {}, resolver = 'tweet findOneById') { + async findOneById(id, me, resolver) { try { - return await this.unauthorizedLoader.load(id); + return await this.authorizedLoader.load(id); } catch (err) { log.error(err.message); } } - // used for api calls, with authorization checks, for use in resolvers - async getOneById(id, me = {}, resolver = 'tweet getOneById') { + find({ lastCreatedAt = 0, limit = 10, baseQuery = { createdAt: { $gt: lastCreatedAt } } }, me, resolver) { try { - const result = await this.authorizedLoader.load(id); - return result; - } catch (err) { log.error(err.message); } - } - - all({ lastCreatedAt = 0, limit = 10 }, me, resolver = 'tweet all') { - try { - const baseQuery = { createdAt: { $gt: lastCreatedAt } }; const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); const finalQuery = {...baseQuery, ...authQuery}; return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } catch (err){ log.error(err.message); } } - author(tweet, me, resolver = 'tweet author') { - return this.context.User.getOneById(tweet.authorId, me, resolver); + createdBy(tweet, me, resolver) { + return this.context.User.findOneById(tweet.createdById, me, resolver); } - createdBy(tweet, me, resolver = 'tweet createdBy') { - return this.context.User.getOneById(tweet.createdById, me, resolver); + updatedBy(tweet, me, resolver) { + return this.context.User.findOneById(tweet.updatedById, me, resolver); } - updatedBy(tweet, me, resolver = 'tweet updatedBy') { - return this.context.User.getOneById(tweet.updatedById, me, resolver); + author(tweet, me, resolver) { + return this.context.User.findOneById(tweet.authorId, me, resolver); } - coauthors(tweet, { lastCreatedAt = 0, limit = 10 }, me, resolver = 'tweet coauthors') { - try { - const baseQuery = {_id: { $in: tweet.coauthorsIds }, createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); - const finalQuery = {...baseQuery, ...authQuery}; - return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); - } catch (err){ log.error(err.message); } + coauthors(tweet, { lastCreatedAt = 0, limit = 10 }, me, resolver) { + const baseQuery = {_id: { $in: tweet.coauthorsIds }, createdAt: { $gt: lastCreatedAt } }; + return this.context.User.find({ lastCreatedAt, limit, baseQuery }, me, resolver); } - likers(tweet, { lastCreatedAt = 0, limit = 10 }, me, resolver = 'tweet likers') { - try { - const baseQuery = {likedIds: tweet._id, createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); - const finalQuery = {...baseQuery, ...authQuery}; - return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); - } catch (err){ log.error(err.message); } + likers(tweet, { lastCreatedAt = 0, limit = 10 }, me, resolver) { + const baseQuery = {likedIds: tweet._id, createdAt: { $gt: lastCreatedAt } }; + return this.context.User.find({ lastCreatedAt, limit, baseQuery }, me, resolver); } - async insert(doc, me, resolver = 'insert tweet') { + async insert(doc, me, resolver) { try { - let insertedDoc = null; let docToInsert = Object.assign({}, doc, { createdAt: Date.now(), updatedAt: Date.now(), createdById: (me && me._id) ? me._id : 'unknown', updatedById: (me && me._id) ? me._id : 'unknown', }); - - const authQuery = queryForRoles(me, ['admin'], ['authorId'], { User: this.context.User }, authlog(resolver, 'create', me)); - - const docRoleFields = ['authorId'].map(key => ({ [key]: docToInsert[key] }) ); - if (Object.keys(authQuery).length > 0 && !fieldContainsUserId(docRoleFields, me._id)) { - throw new Error('Not authorized to insert tweet'); - } - + log.debug(JSON.stringify(docToInsert, null, 2)); + // const authQuery = queryForRoles(me, ['admin'], ['authorId'], { User: this.context.User }, authlog(resolver, 'create', me)); + checkAuthDoc(docToInsert, me, ['admin'], ['authorId'], { User: this.context.User }, authlog(resolver, 'create', me)); const id = (await this.collection.insertOne(docToInsert)).insertedId; if (!id) { - log.error('insert tweet failed for docToInsert:', JSON.stringify(docToInsert, null, 2)); - throw new Error(`insert tweet not possible for ${id}.`); + throw new Error(`insert tweet not possible.`); } - log.debug(`inserted tweet ${id}.`); - insertedDoc = this.getOneById(id, me, 'pubsub tweetInserted'); + const insertedDoc = this.findOneById(id, me, 'pubsub tweetInserted'); this.pubsub.publish('tweetInserted', insertedDoc); return insertedDoc; - } catch (err){ log.error(err.message); } } - async updateById(id, doc, me, resolver = 'update tweet') { + async updateById(id, doc, me, resolver) { try { - let updatedDoc = null; - const docBefore = await this.getOneById(id, me, 'tweet getOneById in updateById for docBefore'); let docToUpdate = {$set: Object.assign({}, doc, { updatedAt: Date.now(), updatedById: (me && me._id) ? me._id : 'unknown', })}; - const baseQuery = {_id: id}; const authQuery = queryForRoles(me, ['admin'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'update', me)); - const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.updateOne(finalQuery, docToUpdate); if (result.result.ok !== 1 || result.result.n !== 1){ - log.error(`update tweet failed finalQuery:`, JSON.stringify(finalQuery, null, 2)); - log.error('update tweet failed for docToUpdate:', JSON.stringify(docToUpdate, null, 2)); throw new Error(`update tweet not possible for ${id}.`); } - log.debug(`updated tweet ${id}.`); - this.unauthorizedLoader.clear(id); this.authorizedLoader.clear(id); - - updatedDoc = this.getOneById(id, me, 'pubsub tweetUpdated'); + const updatedDoc = this.findOneById(id, me, 'pubsub tweetUpdated'); this.pubsub.publish('tweetUpdated', updatedDoc); return updatedDoc; - } catch (err){ log.error(err.message); } } - async removeById(id, me, resolver = 'remove tweet') { + async removeById(id, me, resolver) { try { - const docBefore = this.getOneById(id, me, 'tweet getOneById in removeById for docBefore'); const baseQuery = {_id: id}; const authQuery = queryForRoles(me, ['admin'], ['authorId'], { User: this.context.User }, authlog(resolver, 'delete', me)); const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.remove(finalQuery); - if (result.result.ok !== 1 || result.result.n !== 1){ - log.error(`remove tweet failed for finalQuery:`, JSON.stringify(finalQuery, null, 2)); throw new Error(`remove tweet not possible for ${id}.`); } - log.debug(`removed tweet ${id}.`); - this.unauthorizedLoader.clear(id); this.authorizedLoader.clear(id); - this.pubsub.publish('tweetRemoved', id); return result; - } catch (err){ log.error(err.message); } } } diff --git a/test/output-app/model/User.js b/test/output-app/model/User.js index 90902ac..7446a96 100644 --- a/test/output-app/model/User.js +++ b/test/output-app/model/User.js @@ -1,206 +1,143 @@ import log from '../server/logger'; import DataLoader from 'dataloader'; -import { findByIds, queryForRoles, fieldForRoles, fieldContainsUserId, authorizedFields, authlog } from '../server/authorize'; +import { findByIds, queryForRoles, authlog, checkAuthDoc } from '../server/authorize'; export default class User { constructor(context) { this.context = context; this.collection = context.db.collection('user'); this.pubsub = context.pubsub; - const { me } = context; - this.authRole = User.authRole; // otherwise not accessible in queryForRoles + this.authRole = User.authRole; let authQuery; try { - authQuery = queryForRoles(me, ['admin'], ['_id'], { User }, authlog('user findOneLoader', 'readOne', me)); + const { me } = context; + authQuery = queryForRoles(me, ['admin'], ['_id'], { User }, authlog('user findOneById', 'readOne', me)); } catch (err) { log.error(err.message); - authQuery = {_id: false}; + authQuery = {_id: false}; // otherwise admin access } - this.unauthorizedLoader = new DataLoader(ids => findByIds(this.collection, ids)); this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); } - // returns the role of the user static authRole(user){ return (user && user.role) ? user.role : null; } - // used from server calls, without authorization checks, NOT for use in resolvers - async findOneById(id, me = {}, resolver = 'user findOneById') { + async findOneById(id, me, resolver) { try { - return await this.unauthorizedLoader.load(id); + return await this.authorizedLoader.load(id); } catch (err) { log.error(err.message); } } - // used for api calls, with authorization checks, for use in resolvers - async getOneById(id, me = {}, resolver = 'user getOneById') { + find({ lastCreatedAt = 0, limit = 10, baseQuery = { createdAt: { $gt: lastCreatedAt } } }, me, resolver) { try { - const result = await this.authorizedLoader.load(id); - // role: @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) - // ===== ====== ==== ======= - return authorizedFields(result, 'role', me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver + 'field "role"', 'readOne', me)); + const authQuery = queryForRoles(me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'readMany', me)); + const finalQuery = {...baseQuery, ...authQuery}; + return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } catch (err) { log.error(err.message); } } - all({ lastCreatedAt = 0, limit = 10 }, me, resolver = 'user all') { - try { - const baseQuery = { createdAt: { $gt: lastCreatedAt } }; - const authQuery = queryForRoles(me, ['admin'], [], { User: this.context.User }, authlog(resolver, 'readMany', me)); - // role: @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) - // ===== ====== - let authFields = {}; - authFields = fieldForRoles(authFields, 'role', me, ['admin'], [], { User: this.context.User }, authlog(resolver + 'field "role"', 'readMany', me)); - const finalQuery = {...baseQuery, ...authQuery}; - return this.collection.find(finalQuery).sort({ createdAt: 1 }).project(authFields).limit(limit).toArray(); - } catch (err) { log.error(err.message); } + tweets(user, { minLikes, lastCreatedAt = 0, limit = 10 }, me, resolver) { + const baseQuery = { authorId: user._id, createdAt: { $gt: lastCreatedAt } }; + return this.context.Tweet.find({ lastCreatedAt, limit, baseQuery }, me, resolver); } - tweets(user, { minLikes, lastCreatedAt = 0, limit = 10 }, me, resolver = 'user tweets') { - try { - const baseQuery = { - authorId: user._id, - createdAt: { $gt: lastCreatedAt }, - }; - const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); - const finalQuery = {...baseQuery, ...authQuery}; - return this.context.Tweet.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); - } catch (err) { log.error(err.message); } + liked(user, { lastCreatedAt = 0, limit = 10 }, me, resolver) { + const baseQuery = { _id: { $in: user.likedIds || [] }, createdAt: { $gt: lastCreatedAt } }; + return this.context.Tweet.find({ lastCreatedAt, limit, baseQuery }, me, resolver); } - liked(user, { lastCreatedAt = 0, limit = 10 }, me, resolver = 'user liked') { - try { - const baseQuery = { - _id: { $in: user.likedIds }, - createdAt: { $gt: lastCreatedAt }, - }; - const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); - const finalQuery = {...baseQuery, ...authQuery}; - return this.context.Tweet.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); - } catch (err) { log.error(err.message); } + following(user, { lastCreatedAt = 0, limit = 10 }, me, resolver) { + const baseQuery = { _id: { $in: user.followingIds || [] }, createdAt: { $gt: lastCreatedAt } }; + return this.context.User.find({ lastCreatedAt, limit, baseQuery }, me, resolver); } - following(user, { lastCreatedAt = 0, limit = 10 }, me, resolver = 'user following') { - try { - const baseQuery = { - _id: { $in: user.followingIds || [] }, - createdAt: { $gt: lastCreatedAt }, - }; - const authQuery = queryForRoles(me, ['admin'], [], { User: this.context.User }, authlog(resolver, 'readMany', me)); - // role: @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) - // ====== - let authFields = {}; - authFields = fieldForRoles(authFields, 'role', me, ['admin'], [], { User: this.context.User }, authlog(resolver + 'field "role"', 'readMany', me)); - const finalQuery = {...baseQuery, ...authQuery}; - return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).project(authFields).limit(limit).toArray(); - } catch (err) { log.error(err.message); } + followers(user, { lastCreatedAt = 0, limit = 10 }, me, resolver) { + const baseQuery = { followingIds: user._id, createdAt: { $gt: lastCreatedAt } }; + return this.context.User.find({ lastCreatedAt, limit, baseQuery }, me, resolver); } - followers(user, { lastCreatedAt = 0, limit = 10 }, me, resolver = 'user followers') { - try { - const baseQuery = { - followingIds: user._id, - createdAt: { $gt: lastCreatedAt }, - }; - const authQuery = queryForRoles(me, ['admin'], [], { User: this.context.User }, authlog(resolver, 'readMany', me)); - // role: @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) - // ====== - let authFields = {}; - authFields = fieldForRoles(authFields, 'role', me, ['admin'], [], { User: this.context.User }, authlog(resolver + 'field "role"', 'readMany', me)); - const finalQuery = {...baseQuery, ...authQuery}; - return this.context.User.collection.find(finalQuery).sort({ createdAt: 1 }).project(authFields).limit(limit).toArray(); - } catch (err) { log.error(err.message); } + createdBy(user, me, resolver) { + return this.context.User.findOneById(user.createdById, me, resolver); } - createdBy(user, me, resolver = 'user createdBy') { - return this.context.User.getOneById(user.createdById, me, resolver); + updatedBy(user, me, resolver) { + return this.context.User.findOneById(user.updatedById, me, resolver); } - updatedBy(user, me, resolver = 'user updatedBy') { - return this.context.User.getOneById(user.updatedById, me, resolver); + // Begin of user inserted method + protectFields(me, authorizedUserRoles, protectedFields, inputObject){ + const result = Object.assign({}, inputObject); + const role = this.context.User.authRole(me); + // if user is not allowed to access specific fields... + if (!authorizedUserRoles.includes(role)){ + protectedFields.every(protectedField => { + if (result[protectedField]) delete result[protectedField]; + }); + } + return result; } + // End of user inserted method - async insert(doc, me, resolver = 'insert user') { + async insert(doc, me, resolver) { try { - let insertedDoc = null; let docToInsert = Object.assign({}, doc, { createdAt: Date.now(), updatedAt: Date.now(), createdById: (me && me._id) ? me._id : 'unknown', updatedById: (me && me._id) ? me._id : 'unknown', }); - - const authQuery = queryForRoles(me, ['admin'], [], { User: this.context.User }, authlog(resolver, 'create', me)); - // role: @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) - // ===== ====== - docToInsert = authorizedFields(docToInsert, 'role', me, ['admin'], [], { User: this.context.User }, authlog(resolver + 'field "role"', 'create', me)); - + // const authQuery = queryForRoles(me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'create', me)); + checkAuthDoc(docToInsert, me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'create', me)); + // User inserted line: + docToInsert = this.protectFields(me, ['admin'], ['role'], docToInsert); const id = (await this.collection.insertOne(docToInsert)).insertedId; if (!id) { - log.error('insert user failed for:', JSON.stringify(docToInsert, null, 2)); - throw new Error(`insert user not possible for user ${id}.`); + throw new Error(`insert user not possible.`); } - log.debug(`inserted user ${id}.`); - insertedDoc = this.getOneById(id, me, 'pubsub userInserted'); + const insertedDoc = this.findOneById(id, me, 'pubsub userInserted'); this.pubsub.publish('userInserted', insertedDoc); return insertedDoc; - } catch (err) { log.error(err.message); } } - async updateById(id, doc, me, resolver = 'update user') { + async updateById(id, doc, me, resolver) { try { - let updatedDoc = null; - const docBefore = await this.findOneById(id, me, 'user findOneById in updateById for docBefore'); let docToUpdate = {$set: Object.assign({}, doc, { updatedAt: Date.now(), updatedById: (me && me._id) ? me._id : 'unknown', })}; - const baseQuery = {_id: id}; const authQuery = queryForRoles(me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'update', me)); - // role: @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) - // ===== ====== - docToUpdate.$set = authorizedFields(docToUpdate.$set, 'role', me, ['admin'], [], { User: this.context.User }, authlog(resolver + 'field "role"', 'update', me)); - const finalQuery = {...baseQuery, ...authQuery}; + // User inserted line: + docToUpdate.$set = this.protectFields(me, ['admin'], ['role'], docToUpdate.$set); const result = await this.collection.updateOne(finalQuery, docToUpdate); - if (result.result.ok !== 1){ - log.error(`update user failed finalQuery:`, JSON.stringify(finalQuery, null, 2)); - log.error('update user failed for docToUpdate:', JSON.stringify(docToUpdate, null, 2)); + if (result.result.ok !== 1 || result.result.n !== 1){ throw new Error(`update user not possible for ${id}.`); } - log.debug(`updated user ${id}.`); - this.unauthorizedLoader.clear(id); this.authorizedLoader.clear(id); - - updatedDoc = this.getOneById(id, me, 'pubsub userUpdated') + const updatedDoc = this.findOneById(id, me, 'pubsub userUpdated') this.pubsub.publish('userUpdated', updatedDoc); return updatedDoc; - } catch (err) { log.error(err.message); } } - async removeById(id, me, resolver = 'remove user') { + async removeById(id, me, resolver) { try { - const docBefore = await this.findOneById(id, me, 'user findOneById in removeById for docBefore'); const baseQuery = {_id: id}; const authQuery = queryForRoles(me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'delete', me)); const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.remove(finalQuery); if (result.result.ok !== 1 || result.result.n !== 1){ - log.error(`remove user failed for finalQuery:`, JSON.stringify(finalQuery, null, 2)); throw new Error(`remove user not possible for ${id}.`); } - log.debug(`removed user ${id}.`); - this.unauthorizedLoader.clear(id); this.authorizedLoader.clear(id); - this.pubsub.publish('userRemoved', id); return result; - } catch (err) { log.error(err.message); } } } diff --git a/test/output-app/resolvers/Tweet.js b/test/output-app/resolvers/Tweet.js index 1de962c..b361041 100644 --- a/test/output-app/resolvers/Tweet.js +++ b/test/output-app/resolvers/Tweet.js @@ -5,41 +5,41 @@ const resolvers = { }, author(tweet, args, { Tweet, me }) { - return Tweet.author(tweet, me, 'author'); + return Tweet.author(tweet, me, 'tweet author'); }, createdBy(tweet, args, { Tweet, me }) { - return Tweet.createdBy(tweet, me, 'createdBy'); + return Tweet.createdBy(tweet, me, 'tweet createdBy'); }, updatedBy(tweet, args, { Tweet, me }) { - return Tweet.updatedBy(tweet, me, 'updatedBy'); + return Tweet.updatedBy(tweet, me, 'tweet updatedBy'); }, coauthors(tweet, { lastCreatedAt, limit }, { Tweet, me }) { - return Tweet.coauthors(tweet, { lastCreatedAt, limit }, me, 'coauthors'); + return Tweet.coauthors(tweet, { lastCreatedAt, limit }, me, 'tweet coauthors'); }, likers(tweet, { lastCreatedAt, limit }, { Tweet, me }) { - return Tweet.likers(tweet, { lastCreatedAt, limit }, me, 'likers'); + return Tweet.likers(tweet, { lastCreatedAt, limit }, me, 'tweet likers'); }, }, Query: { tweets(root, { lastCreatedAt, limit }, { Tweet, me }) { - return Tweet.all({ lastCreatedAt, limit }, me, 'tweets'); + return Tweet.find({ lastCreatedAt, limit }, me, 'tweets'); }, tweet(root, { id }, { Tweet, me }) { - return Tweet.getOneById(id, me, 'tweet'); + return Tweet.findOneById(id, me, 'tweet'); }, }, Mutation: { async createTweet(root, { input }, { Tweet, me }) { - return await Tweet.insert(input, me); + return await Tweet.insert(input, me, 'createTweet'); }, async updateTweet(root, { id, input }, { Tweet, me }) { - return await Tweet.updateById(id, input, me); + return await Tweet.updateById(id, input, me, 'updateTweet'); }, async removeTweet(root, { id }, { Tweet, me }) { diff --git a/test/output-app/resolvers/User.js b/test/output-app/resolvers/User.js index c22d379..72eedad 100644 --- a/test/output-app/resolvers/User.js +++ b/test/output-app/resolvers/User.js @@ -5,45 +5,45 @@ }, createdBy(user, args, { User, me }) { - return User.createdBy(user, me, 'createdBy'); + return User.createdBy(user, me, 'user createdBy'); }, updatedBy(user, args, { User, me }) { - return User.updatedBy(user, me, 'updatedBy'); + return User.updatedBy(user, me, 'user updatedBy'); }, tweets(user, { minLikes, lastCreatedAt, limit }, { User, me }) { - return User.tweets(user, { minLikes, lastCreatedAt, limit }, me, 'tweets'); + return User.tweets(user, { minLikes, lastCreatedAt, limit }, me, 'user tweets'); }, liked(user, { lastCreatedAt, limit }, { User, me }) { - return User.liked(user, { lastCreatedAt, limit }, me, 'liked'); + return User.liked(user, { lastCreatedAt, limit }, me, 'user liked'); }, following(user, { lastCreatedAt, limit }, { User, me }) { - return User.following(user, { lastCreatedAt, limit }, me, 'following'); + return User.following(user, { lastCreatedAt, limit }, me, 'user following'); }, followers(user, { lastCreatedAt, limit }, { User, me }) { - return User.followers(user, { lastCreatedAt, limit }, me, 'followers'); + return User.followers(user, { lastCreatedAt, limit }, me, 'user followers'); }, }, Query: { users(root, { lastCreatedAt, limit }, { User, me }) { - return User.all({ lastCreatedAt, limit }, me, 'users'); + return User.find({ lastCreatedAt, limit }, me, 'users'); }, user(root, { id }, { User, me }) { - return User.getOneById(id, me, 'user'); + return User.findOneById(id, me, 'user'); }, }, Mutation: { async createUser(root, { input }, { User, me }) { - return await User.insert(input, me); + return await User.insert(input, me, 'createUser'); }, async updateUser(root, { id, input }, { User, me }) { - return await User.updateById(id, input, me); + return await User.updateById(id, input, me, 'updateUser'); }, async removeUser(root, { id }, { User, me }) { diff --git a/test/output-app/server/authorize.js b/test/output-app/server/authorize.js index 53f9e72..dd0a7b9 100644 --- a/test/output-app/server/authorize.js +++ b/test/output-app/server/authorize.js @@ -22,106 +22,37 @@ export function findByIds(collection, ids = [], authQuery) { }); } -// returns true, if user is logged in -export function loggedIn(me) { - if(me && me._id && me._id.toString() !== '') { - return true; - } - return false; -} - -// returns true, if authorized to get field -// returns false, if NOT authorized to get field -export function fieldAuthorized(me = {}, userRoles = [], docRoles = [], { User }, logger){ - // The logged in user's role is authorized for the field - if (roleAuthorizedForDoc(me, userRoles, docRoles, { User }, logger)) { - return true; - } - // The user might be listed in any document field - if (loggedIn(me) && docRoles.length > 0){ - return true; - } - return false; -} - -// returns a projection query of fields not to be shown, e.g. { role: 0 } -export function fieldForRoles(projection, field, me = {}, userRoles = [], docRoles = [], { User }, logger){ +export function checkAuthDoc(doc, me, userRoles, docRoles, { User }, logger){ const role = User.authRole(me); - // The logged in user's role is authorized for the field - if (roleAuthorizedForDoc(me, userRoles, docRoles, { User }, logger)) { - return projection; - } - // The user is listed in any document field - if (loggedIn(me) && docRoles.length > 0){ - return projection; - } - const authFields = Object.assign({}, { [field]: 0 }, projection); - logger.debug(`and role "${role ? role : ''}" not authorized to access field "${field}".`) - return authFields; -} - -// imports a result (which is document or an array of documents), and returns the result, -// but it removes the field without authorization from documents, -// e.g. field "role" is removed from all result documents, if the user/role is not allowed to access it -export function authorizedFields(result, field, me, userRoles = [], docRoles = [], { User }, logger){ - const role = User.authRole(me) || ''; - // if any userRole authorizes field - if (roleAuthorizedForDoc(me, userRoles, docRoles, { User }, logger)) { - return result; + // check if userRole entitles current user for this action + if (userRoleAuthorized(me, userRoles, { User }, logger)) { + logger.debug(`and role: "${role}" is authorized by userRole.`); + return doc; } - // if any docRole authorizes field - // The user is listed in any document field - if (loggedIn(me) && docRoles.length > 0){ - - // if the result was an array of documents, check each doc and field - if (_.isArray(result)){ - const authorizedResult = []; - // check all documents in the result array - result.every(doc => { - let fieldAuthorized = false; - // check all docRoles if any of them authorizes field - docRoles.every(docRole => { - // if one docRole authorizes the field, then fieldAuthorized = true - if (doc[docRole] && fieldContainsUserId(doc[docRole], me._id)){ - fieldAuthorized = true; - } - }); - if (!fieldAuthorized && doc[field]){ - delete doc[field]; - logger.debug(`with role "${role}" field "${field}" removed from document id "${doc._id}". No authorization.`); - } - authorizedResult.push(doc); - }); - return authorizedResult; - } - - // if the result was a document - if (_.isObject(result)){ - // check with all docRoles - let fieldAuthorized = false; - docRoles.every(docRole => { - // if one docRole authorizes the field, then fieldAuthorized = true - if (result[docRole] && fieldContainsUserId(result[docRole], me._id)){ - fieldAuthorized = true; - } - }); - if (!fieldAuthorized && result[field]){ - delete result[field]; - logger.debug(`with role "${role}" field "${field}" removed from document id "${result._id}". No authorization.`); - } - return result; + // check if docRole entitles current user for this document and action + let authorized = false; + docRoles.every(field => { + if (fieldContainsUserId(doc[field], me._id)){ + authorized = true; } - + }) + if (authorized) { + logger.debug(`and role: "${role}" is authorized by docRole.`); + return doc; } - // not authorized to access field - if (result[field]){ - delete result[field]; - logger.debug(`with role "${role}" field "${field}" removed from document id "${result._id}". No authorization.`); + // Not Authorized + logger.error(`and role: "${role}" is not authorized.`); +} + +// returns true, if user is logged in +export function loggedIn(me) { + if(me && me._id && me._id.toString() !== '') { + return true; } - return result; + return false; } // creates an authQuery object with additional query arguments, to implement authorization restrictions for mongodb access @@ -129,7 +60,7 @@ export function queryForRoles(me = {}, userRoles = [], docRoles = [], { User }, const role = User.authRole(me); // Build query for the case: The logged in user's role is authorized - if (roleAuthorizedForDoc(me, userRoles, docRoles, { User }, logger)) { + if (userRoleAuthorized(me, userRoles, { User }, logger)) { return {}; // empty authQuery means, do operation with no access restrictions } @@ -147,7 +78,7 @@ export function queryForRoles(me = {}, userRoles = [], docRoles = [], { User }, } // returns true, if the user's role is authorized for a document -export function roleAuthorizedForDoc(me = {}, userRoles = [], docRoles = [], { User }, logger){ +export function userRoleAuthorized(me = {}, userRoles = [], { User }, logger){ const role = User.authRole(me); if ( userRoles.includes('world') || role && userRoles.length > 0 && userRoles.includes(role) ) { diff --git a/test/output-app/server/logs/all-logs-readable.log b/test/output-app/server/logs/all-logs-readable.log new file mode 100644 index 0000000..f7c7bd7 --- /dev/null +++ b/test/output-app/server/logs/all-logs-readable.log @@ -0,0 +1,2144 @@ +x2017-07-18 23:42:06 Logger started +2017-07-18 23:42:35 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:35 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:35 -------------------------------------------------------------------------------- +2017-07-18 23:42:35 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + role + username + } +} + +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + role + username + } +} + +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca2") { + role + username + } +} + +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + id + username + bio + } +} + +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users { + username + createdAt + } +} + +2017-07-18 23:42:49 Authorize readMany "users" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(limit: 1) { + username + createdAt + } +} + +2017-07-18 23:42:49 Authorize readMany "users" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993) { + username + createdAt + } +} + +2017-07-18 23:42:49 Authorize readMany "users" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } +} + +2017-07-18 23:42:49 Authorize readMany "users" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers { + username + createdAt + } + } +} + +2017-07-18 23:42:49 Authorize readMany "user followers" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(limit: 1) { + username + createdAt + } + } +} + +2017-07-18 23:42:49 Authorize readMany "user followers" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-07-18 23:42:49 Authorize readMany "user followers" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-07-18 23:42:49 Authorize readMany "user followers" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following { + username + createdAt + } + } +} + +2017-07-18 23:42:49 Authorize readMany "user following" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(limit: 1) { + username + createdAt + } + } +} + +2017-07-18 23:42:49 Authorize readMany "user following" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-07-18 23:42:49 Authorize readMany "user following" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-07-18 23:42:49 Authorize readMany "user following" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets { + id + createdAt + } + } +} + +2017-07-18 23:42:49 Authorize readMany "user tweets" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(limit: 1) { + id + createdAt + } + } +} + +2017-07-18 23:42:49 Authorize readMany "user tweets" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } + } +} + +2017-07-18 23:42:49 Authorize readMany "user tweets" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } + } +} + +2017-07-18 23:42:49 Authorize readMany "user tweets" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked { + id + createdAt + } + } +} + +2017-07-18 23:42:49 Authorize readMany "user liked" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(limit: 1) { + id + createdAt + } + } +} + +2017-07-18 23:42:49 Authorize readMany "user liked" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334) { + id + createdAt + } + } +} + +2017-07-18 23:42:49 Authorize readMany "user liked" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334, limit: 1) { + id + createdAt + } + } +} + +2017-07-18 23:42:49 Authorize readMany "user liked" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + id + body + } +} + +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + author { + username + } + } +} + +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets { + id + createdAt + } +} + +2017-07-18 23:42:49 Authorize readMany "tweets" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(limit: 1) { + id + createdAt + } +} + +2017-07-18 23:42:49 Authorize readMany "tweets" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } +} + +2017-07-18 23:42:49 Authorize readMany "tweets" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } +} + +2017-07-18 23:42:49 Authorize readMany "tweets" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers { + username + createdAt + } + } +} + +2017-07-18 23:42:49 Authorize readMany "tweet likers" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(limit: 1) { + username + createdAt + } + } +} + +2017-07-18 23:42:49 Authorize readMany "tweet likers" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993) { + username + createdAt + } + } +} + +2017-07-18 23:42:49 Authorize readMany "tweet likers" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } + } +} + +2017-07-18 23:42:49 Authorize readMany "tweet likers" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { + id + role + } +} + +2017-07-18 23:42:49 Authorize create "createUser" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:49 Authorize create "createUser" with user "stubailo" and role: "admin" is authorized by userRole. +2017-07-18 23:42:49 inserted user 596e80d9aba34620ffa518b7. +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: +User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-07-18 23:42:49 Authorize create "createUser" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:49 Authorize create "createUser" with user "tobkle" and role: "admin" is authorized by userRole. +2017-07-18 23:42:49 inserted user 596e80d9aba34620ffa518b8. +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: +User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +Operation: "", variables: "", +Query: +{ + user(id: "596e80d9aba34620ffa518b8") { + username + bio + role + } +} + +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: +User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +Operation: "", variables: "", +Query: +{ + user(id: "596e80d9aba34620ffa518b7") { + username + role + } +} + +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: +User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596e80d9aba34620ffa518b8", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-07-18 23:42:49 Authorize update "updateUser" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:49 updated user 596e80d9aba34620ffa518b8. +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: +User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596e80d9aba34620ffa518b7", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-18 23:42:49 Authorize update "updateUser" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:49 updated user 596e80d9aba34620ffa518b7. +2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:49 -------------------------------------------------------------------------------- +2017-07-18 23:42:49 Request: +User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596e80d9aba34620ffa518b8", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + username + bio + role + } +} + +2017-07-18 23:42:49 Authorize update "updateUser" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:49 updated user 596e80d9aba34620ffa518b8. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596e80d9aba34620ffa518b7", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-07-18 23:42:50 Authorize update "updateUser" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 updated user 596e80d9aba34620ffa518b7. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "editor" with +authQuery: { + "$or": [ + { + "_id": "596e80d9aba34620ffa518b7" + } + ] +} +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "editor" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "editor", id: "596e80d9aba34620ffa518b7", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596e80d9aba34620ffa518b7", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-18 23:42:50 Authorize update "updateUser" with user "tobkle" and role: "editor" with +authQuery: { + "$or": [ + { + "_id": "596e80d9aba34620ffa518b7" + } + ] +} +2017-07-18 23:42:50 updated user 596e80d9aba34620ffa518b7. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "zoltan" and role "admin" is authorized +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "zoltan" and role "admin" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "zoltan", role: "admin", id: "596e80d9aba34620ffa518b8", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596e80d9aba34620ffa518b7", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-18 23:42:50 Authorize update "updateUser" with user "zoltan" and role "admin" is authorized +2017-07-18 23:42:50 updated user 596e80d9aba34620ffa518b7. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "596e80d9aba34620ffa518b8") +} + +2017-07-18 23:42:50 Authorize delete "removeUser" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 removed user 596e80d9aba34620ffa518b8. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "596e80d9aba34620ffa518b7", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-18 23:42:50 { + "authorId": "596e80d9aba34620ffa518b7", + "body": "This is a test tweet of user tobkle", + "coauthorsIds": [], + "createdAt": 1500414170065, + "updatedAt": 1500414170065, + "createdById": "596e80d9aba34620ffa518b7", + "updatedById": "596e80d9aba34620ffa518b7" +} +2017-07-18 23:42:50 Authorize create "createTweet" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 Authorize create "createTweet" with user "tobkle" and role: "admin" is authorized by userRole. +2017-07-18 23:42:50 inserted tweet 596e80daaba34620ffa518b9. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-18 23:42:50 { + "authorId": "583291a1638566b3c5a92ca1", + "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", + "coauthorsIds": [], + "createdAt": 1500414170102, + "updatedAt": 1500414170102, + "createdById": "596e80d9aba34620ffa518b7", + "updatedById": "596e80d9aba34620ffa518b7" +} +2017-07-18 23:42:50 Authorize create "createTweet" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 Authorize create "createTweet" with user "tobkle" and role: "admin" is authorized by userRole. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +Operation: "", variables: "", +Query: +{ + tweet(id: "596e80daaba34620ffa518b9") { + author { + id + } + body + } +} + +2017-07-18 23:42:50 inserted tweet 596e80daaba34620ffa518ba. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "596e80daaba34620ffa518b9", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-18 23:42:50 Authorize update "updateTweet" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 updated tweet 596e80daaba34620ffa518b9. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "596e80daaba34620ffa518ba", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-18 23:42:50 Authorize update "updateTweet" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 updated tweet 596e80daaba34620ffa518ba. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +Operation: "", variables: "", +Query: +{ + tweet(id: "596e80daaba34620ffa518b9") { + body + } +} + +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "596e80daaba34620ffa518b9") +} + +2017-07-18 23:42:50 Authorize delete "removeTweet" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 removed tweet 596e80daaba34620ffa518b9. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "596e80daaba34620ffa518ba") +} + +2017-07-18 23:42:50 Authorize delete "removeTweet" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 removed tweet 596e80daaba34620ffa518ba. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +Operation: "", variables: "", +Query: +{ + tweet(id: "596e80daaba34620ffa518b9") { + body + } +} + +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "596e80d9aba34620ffa518b7") +} + +2017-07-18 23:42:50 Authorize delete "removeUser" with user "tobkle" and role "admin" is authorized +2017-07-18 23:42:50 removed user 596e80d9aba34620ffa518b7. +2017-07-18 23:42:50 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "" and role "" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "596e80d9aba34620ffa518b7") { + username + bio + role + } +} + +2017-07-18 23:42:50 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "" and role "" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-07-18 23:42:50 ERROR Cannot read property 'toString' of undefined +2017-07-18 23:42:50 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "" and role "" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-18 23:42:50 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "" and role "" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-18 23:42:50 ERROR Authorize update "updateUser" with user "" and role: "null" is not authorized. +2017-07-18 23:42:50 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "" and role "" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-18 23:42:50 ERROR Authorize delete "removeUser" with user "" and role: "null" is not authorized. +2017-07-18 23:42:50 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "" and role "" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-18 23:42:50 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "" and role "" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-18 23:42:50 { + "authorId": "583291a1638566b3c5a92ca1", + "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", + "coauthorsIds": [], + "createdAt": 1500414170256, + "updatedAt": 1500414170256, + "createdById": "unknown", + "updatedById": "unknown" +} +2017-07-18 23:42:50 ERROR Cannot read property 'toString' of undefined +2017-07-18 23:42:50 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "" and role "" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-18 23:42:50 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "" and role "" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-18 23:42:50 ERROR Authorize update "updateTweet" with user "" and role: "null" is not authorized. +2017-07-18 23:42:50 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "" and role "" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-18 23:42:50 ERROR Authorize update "updateTweet" with user "" and role: "null" is not authorized. +2017-07-18 23:42:50 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "" and role "" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-18 23:42:50 ERROR Authorize delete "removeTweet" with user "" and role: "null" is not authorized. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { + id + role + } +} + +2017-07-18 23:42:50 Authorize create "createUser" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:50 Authorize create "createUser" with user "stubailo" and role: "admin" is authorized by userRole. +2017-07-18 23:42:50 inserted user 596e80daaba34620ffa518bb. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +authQuery: { + "$or": [ + { + "_id": "596e80daaba34620ffa518bb" + } + ] +} +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-07-18 23:42:50 ERROR Cannot read property 'toString' of undefined +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +authQuery: { + "$or": [ + { + "_id": "596e80daaba34620ffa518bb" + } + ] +} +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +authQuery: { + "$or": [ + { + "_id": "596e80daaba34620ffa518bb" + } + ] +} +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +Operation: "", variables: "", +Query: +{ + user(id: "596e80daaba34620ffa518bb") { + username + } +} + +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +authQuery: { + "$or": [ + { + "_id": "596e80daaba34620ffa518bb" + } + ] +} +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +Operation: "", variables: "", +Query: +{ + user(id: "596e80daaba34620ffa518bb") { + username + role + } +} + +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +authQuery: { + "$or": [ + { + "_id": "596e80daaba34620ffa518bb" + } + ] +} +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-18 23:42:50 Authorize update "updateUser" with user "tobkle" and role: "user" with +authQuery: { + "$or": [ + { + "_id": "596e80daaba34620ffa518bb" + } + ] +} +2017-07-18 23:42:50 ERROR update user not possible for 583291a1638566b3c5a92ca1. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +authQuery: { + "$or": [ + { + "_id": "596e80daaba34620ffa518bb" + } + ] +} +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596e80daaba34620ffa518bb", input: {username: "tobkle", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-07-18 23:42:50 Authorize update "updateUser" with user "tobkle" and role: "user" with +authQuery: { + "$or": [ + { + "_id": "596e80daaba34620ffa518bb" + } + ] +} +2017-07-18 23:42:50 updated user 596e80daaba34620ffa518bb. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +authQuery: { + "$or": [ + { + "_id": "596e80daaba34620ffa518bb" + } + ] +} +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596e80daaba34620ffa518bb", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-18 23:42:50 Authorize update "updateUser" with user "tobkle" and role: "user" with +authQuery: { + "$or": [ + { + "_id": "596e80daaba34620ffa518bb" + } + ] +} +2017-07-18 23:42:50 updated user 596e80daaba34620ffa518bb. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +authQuery: { + "$or": [ + { + "_id": "596e80daaba34620ffa518bb" + } + ] +} +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-18 23:42:50 Authorize delete "removeUser" with user "tobkle" and role: "user" with +authQuery: { + "$or": [ + { + "_id": "596e80daaba34620ffa518bb" + } + ] +} +2017-07-18 23:42:50 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +authQuery: { + "$or": [ + { + "_id": "596e80daaba34620ffa518bb" + } + ] +} +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "596e80daaba34620ffa518bb", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-18 23:42:50 { + "authorId": "596e80daaba34620ffa518bb", + "body": "This is a test tweet of user tobkle", + "coauthorsIds": [], + "createdAt": 1500414170485, + "updatedAt": 1500414170485, + "createdById": "596e80daaba34620ffa518bb", + "updatedById": "596e80daaba34620ffa518bb" +} +2017-07-18 23:42:50 Authorize create "createTweet" with user "tobkle" and role: "user" is authorized by docRole. +2017-07-18 23:42:50 inserted tweet 596e80daaba34620ffa518bc. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +authQuery: { + "$or": [ + { + "_id": "596e80daaba34620ffa518bb" + } + ] +} +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-18 23:42:50 { + "authorId": "583291a1638566b3c5a92ca1", + "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", + "coauthorsIds": [], + "createdAt": 1500414170510, + "updatedAt": 1500414170510, + "createdById": "596e80daaba34620ffa518bb", + "updatedById": "596e80daaba34620ffa518bb" +} +2017-07-18 23:42:50 ERROR Authorize create "createTweet" with user "tobkle" and role: "user" is not authorized. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +authQuery: { + "$or": [ + { + "_id": "596e80daaba34620ffa518bb" + } + ] +} +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +Operation: "", variables: "", +Query: +{ + tweet(id: "596e80daaba34620ffa518bc") { + author { + id + } + body + } +} + +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +authQuery: { + "$or": [ + { + "_id": "596e80daaba34620ffa518bb" + } + ] +} +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +authQuery: { + "$or": [ + { + "_id": "596e80daaba34620ffa518bb" + } + ] +} +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "596e80daaba34620ffa518bc", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-18 23:42:50 Authorize update "updateTweet" with user "tobkle" and role: "user" with +authQuery: { + "$or": [ + { + "authorId": "596e80daaba34620ffa518bb" + }, + { + "coauthorsIds": "596e80daaba34620ffa518bb" + } + ] +} +2017-07-18 23:42:50 updated tweet 596e80daaba34620ffa518bc. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +authQuery: { + "$or": [ + { + "_id": "596e80daaba34620ffa518bb" + } + ] +} +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-18 23:42:50 Authorize update "updateTweet" with user "tobkle" and role: "user" with +authQuery: { + "$or": [ + { + "authorId": "596e80daaba34620ffa518bb" + }, + { + "coauthorsIds": "596e80daaba34620ffa518bb" + } + ] +} +2017-07-18 23:42:50 ERROR update tweet not possible for 583676d3618530145474e352. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +authQuery: { + "$or": [ + { + "_id": "596e80daaba34620ffa518bb" + } + ] +} +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +Operation: "", variables: "", +Query: +{ + tweet(id: "596e80daaba34620ffa518bc") { + body + } +} + +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +authQuery: { + "$or": [ + { + "_id": "596e80daaba34620ffa518bb" + } + ] +} +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "596e80daaba34620ffa518bc") +} + +2017-07-18 23:42:50 Authorize delete "removeTweet" with user "tobkle" and role: "user" with +authQuery: { + "$or": [ + { + "authorId": "596e80daaba34620ffa518bb" + } + ] +} +2017-07-18 23:42:50 removed tweet 596e80daaba34620ffa518bc. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +authQuery: { + "$or": [ + { + "_id": "596e80daaba34620ffa518bb" + } + ] +} +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-18 23:42:50 Authorize delete "removeTweet" with user "tobkle" and role: "user" with +authQuery: { + "$or": [ + { + "authorId": "596e80daaba34620ffa518bb" + } + ] +} +2017-07-18 23:42:50 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +authQuery: { + "$or": [ + { + "_id": "596e80daaba34620ffa518bb" + } + ] +} +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +Operation: "", variables: "", +Query: +{ + tweet(id: "596e80daaba34620ffa518bc") { + body + } +} + +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +authQuery: { + "$or": [ + { + "_id": "596e80daaba34620ffa518bb" + } + ] +} +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "596e80daaba34620ffa518bb") +} + +2017-07-18 23:42:50 Authorize delete "removeUser" with user "tobkle" and role: "user" with +authQuery: { + "$or": [ + { + "_id": "596e80daaba34620ffa518bb" + } + ] +} +2017-07-18 23:42:50 removed user 596e80daaba34620ffa518bb. +2017-07-18 23:42:50 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "" and role "" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "596e80daaba34620ffa518bb") { + username + bio + role + } +} + +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { + id + role + } +} + +2017-07-18 23:42:50 Authorize create "createUser" with user "stubailo" and role "admin" is authorized +2017-07-18 23:42:50 Authorize create "createUser" with user "stubailo" and role: "admin" is authorized by userRole. +2017-07-18 23:42:50 inserted user 596e80daaba34620ffa518bd. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "editor" with +authQuery: { + "$or": [ + { + "_id": "596e80daaba34620ffa518bd" + } + ] +} +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "editor" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "editor", id: "596e80daaba34620ffa518bd", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-07-18 23:42:50 ERROR Cannot read property 'toString' of undefined +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "editor" with +authQuery: { + "$or": [ + { + "_id": "596e80daaba34620ffa518bd" + } + ] +} +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "editor" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "editor", id: "596e80daaba34620ffa518bd", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "editor" with +authQuery: { + "$or": [ + { + "_id": "596e80daaba34620ffa518bd" + } + ] +} +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "editor" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "editor", id: "596e80daaba34620ffa518bd", +Operation: "", variables: "", +Query: +{ + user(id: "596e80daaba34620ffa518bd") { + username + role + } +} + +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "editor" with +authQuery: { + "$or": [ + { + "_id": "596e80daaba34620ffa518bd" + } + ] +} +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "editor" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "editor", id: "596e80daaba34620ffa518bd", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-18 23:42:50 Authorize update "updateUser" with user "tobkle" and role: "editor" with +authQuery: { + "$or": [ + { + "_id": "596e80daaba34620ffa518bd" + } + ] +} +2017-07-18 23:42:50 ERROR update user not possible for 583291a1638566b3c5a92ca1. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "editor" with +authQuery: { + "$or": [ + { + "_id": "596e80daaba34620ffa518bd" + } + ] +} +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "editor" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tobkle", role: "editor", id: "596e80daaba34620ffa518bd", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596e80daaba34620ffa518bd", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-07-18 23:42:50 Authorize update "updateUser" with user "tobkle" and role: "editor" with +authQuery: { + "$or": [ + { + "_id": "596e80daaba34620ffa518bd" + } + ] +} +2017-07-18 23:42:50 updated user 596e80daaba34620ffa518bd. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with +authQuery: { + "$or": [ + { + "_id": "596e80daaba34620ffa518bd" + } + ] +} +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tmeasday", role: "editor", id: "596e80daaba34620ffa518bd", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "596e80daaba34620ffa518bd", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-07-18 23:42:50 Authorize update "updateUser" with user "tmeasday" and role: "editor" with +authQuery: { + "$or": [ + { + "_id": "596e80daaba34620ffa518bd" + } + ] +} +2017-07-18 23:42:50 updated user 596e80daaba34620ffa518bd. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with +authQuery: { + "$or": [ + { + "_id": "596e80daaba34620ffa518bd" + } + ] +} +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tmeasday", role: "editor", id: "596e80daaba34620ffa518bd", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-07-18 23:42:50 Authorize delete "removeUser" with user "tmeasday" and role: "editor" with +authQuery: { + "$or": [ + { + "_id": "596e80daaba34620ffa518bd" + } + ] +} +2017-07-18 23:42:50 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with +authQuery: { + "$or": [ + { + "_id": "596e80daaba34620ffa518bd" + } + ] +} +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tmeasday", role: "editor", id: "596e80daaba34620ffa518bd", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "596e80daaba34620ffa518bd", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-07-18 23:42:50 { + "authorId": "596e80daaba34620ffa518bd", + "body": "This is a test tweet of user tobkle", + "coauthorsIds": [], + "createdAt": 1500414170722, + "updatedAt": 1500414170722, + "createdById": "596e80daaba34620ffa518bd", + "updatedById": "596e80daaba34620ffa518bd" +} +2017-07-18 23:42:50 Authorize create "createTweet" with user "tmeasday" and role: "editor" is authorized by docRole. +2017-07-18 23:42:50 inserted tweet 596e80daaba34620ffa518be. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with +authQuery: { + "$or": [ + { + "_id": "596e80daaba34620ffa518bd" + } + ] +} +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tmeasday", role: "editor", id: "596e80daaba34620ffa518bd", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-07-18 23:42:50 { + "authorId": "583291a1638566b3c5a92ca1", + "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", + "coauthorsIds": [], + "createdAt": 1500414170729, + "updatedAt": 1500414170729, + "createdById": "596e80daaba34620ffa518bd", + "updatedById": "596e80daaba34620ffa518bd" +} +2017-07-18 23:42:50 ERROR Authorize create "createTweet" with user "tmeasday" and role: "editor" is not authorized. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with +authQuery: { + "$or": [ + { + "_id": "596e80daaba34620ffa518bd" + } + ] +} +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tmeasday", role: "editor", id: "596e80daaba34620ffa518bd", +Operation: "", variables: "", +Query: +{ + tweet(id: "596e80daaba34620ffa518be") { + author { + id + } + body + } +} + +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with +authQuery: { + "$or": [ + { + "_id": "596e80daaba34620ffa518bd" + } + ] +} +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tmeasday", role: "editor", id: "596e80daaba34620ffa518bd", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with +authQuery: { + "$or": [ + { + "_id": "596e80daaba34620ffa518bd" + } + ] +} +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tmeasday", role: "editor", id: "596e80daaba34620ffa518bd", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "596e80daaba34620ffa518be", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-18 23:42:50 Authorize update "updateTweet" with user "tmeasday" and role: "editor" with +authQuery: { + "$or": [ + { + "authorId": "596e80daaba34620ffa518bd" + }, + { + "coauthorsIds": "596e80daaba34620ffa518bd" + } + ] +} +2017-07-18 23:42:50 updated tweet 596e80daaba34620ffa518be. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with +authQuery: { + "$or": [ + { + "_id": "596e80daaba34620ffa518bd" + } + ] +} +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tmeasday", role: "editor", id: "596e80daaba34620ffa518bd", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-07-18 23:42:50 Authorize update "updateTweet" with user "tmeasday" and role: "editor" with +authQuery: { + "$or": [ + { + "authorId": "596e80daaba34620ffa518bd" + }, + { + "coauthorsIds": "596e80daaba34620ffa518bd" + } + ] +} +2017-07-18 23:42:50 ERROR update tweet not possible for 583676d3618530145474e352. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with +authQuery: { + "$or": [ + { + "_id": "596e80daaba34620ffa518bd" + } + ] +} +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tmeasday", role: "editor", id: "596e80daaba34620ffa518bd", +Operation: "", variables: "", +Query: +{ + tweet(id: "596e80daaba34620ffa518be") { + body + } +} + +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with +authQuery: { + "$or": [ + { + "_id": "596e80daaba34620ffa518bd" + } + ] +} +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tmeasday", role: "editor", id: "596e80daaba34620ffa518bd", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "596e80daaba34620ffa518be") +} + +2017-07-18 23:42:50 Authorize delete "removeTweet" with user "tmeasday" and role: "editor" with +authQuery: { + "$or": [ + { + "authorId": "596e80daaba34620ffa518bd" + } + ] +} +2017-07-18 23:42:50 removed tweet 596e80daaba34620ffa518be. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with +authQuery: { + "$or": [ + { + "_id": "596e80daaba34620ffa518bd" + } + ] +} +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tmeasday", role: "editor", id: "596e80daaba34620ffa518bd", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-07-18 23:42:50 Authorize delete "removeTweet" with user "tmeasday" and role: "editor" with +authQuery: { + "$or": [ + { + "authorId": "596e80daaba34620ffa518bd" + } + ] +} +2017-07-18 23:42:50 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with +authQuery: { + "$or": [ + { + "_id": "596e80daaba34620ffa518bd" + } + ] +} +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tmeasday", role: "editor", id: "596e80daaba34620ffa518bd", +Operation: "", variables: "", +Query: +{ + tweet(id: "596e80daaba34620ffa518be") { + body + } +} + +2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with +authQuery: { + "$or": [ + { + "_id": "596e80daaba34620ffa518bd" + } + ] +} +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "tmeasday", role: "editor", id: "596e80daaba34620ffa518bd", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "596e80daaba34620ffa518bd") +} + +2017-07-18 23:42:50 Authorize delete "removeUser" with user "tmeasday" and role: "editor" with +authQuery: { + "$or": [ + { + "_id": "596e80daaba34620ffa518bd" + } + ] +} +2017-07-18 23:42:50 removed user 596e80daaba34620ffa518bd. +2017-07-18 23:42:50 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. +2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "" and role "" is authorized +2017-07-18 23:42:50 -------------------------------------------------------------------------------- +2017-07-18 23:42:50 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "596e80daaba34620ffa518bd") { + username + bio + role + } +} + +2017-08-18 18:15:59 Logger started From a39a9fffcd766c91c94696d417f15ff4ebde6b31 Mon Sep 17 00:00:00 2001 From: tobkle Date: Thu, 3 Aug 2017 19:12:12 +0200 Subject: [PATCH 51/69] authorization --- test/output-app/README.md | 51 +- test/output-app/model/User.js | 23 +- test/output-app/server/authorize.js | 13 + test/output-app/server/index.js | 5 +- .../server/logs/all-logs-readable.log | 1522 ++++++++--------- 5 files changed, 813 insertions(+), 801 deletions(-) diff --git a/test/output-app/README.md b/test/output-app/README.md index f385534..6d57b04 100644 --- a/test/output-app/README.md +++ b/test/output-app/README.md @@ -61,6 +61,7 @@ async function startServer() { schema, context: Object.assign({ me }, req.context), debug: true, +<<<<<<< HEAD <<<<<<< HEAD formatError(e) { console.log(e); @@ -69,6 +70,12 @@ async function startServer() { ======= // formatError(e) { console.log(e) }, >>>>>>> new authorization version from 2017-07-17 +======= + formatError(e) { + console.log(e); + return e; + }, +>>>>>>> authorization }; })(req, res, next); })(req, res, next); @@ -702,6 +709,7 @@ export default class Tweet { } catch (err){ log.error(err.message); } } } + ``` ### ./model/User.js @@ -716,6 +724,7 @@ this.auth is generated by the @authorize directive. Here also with field authori import DataLoader from 'dataloader'; <<<<<<< HEAD <<<<<<< HEAD +<<<<<<< HEAD import { findByIds, queryForRoles, getLogFilename, logger, authlog, checkAuthDoc, protectFields } from 'create-graphql-server-authorization'; const log = logger(getLogFilename()); ======= @@ -724,6 +733,9 @@ import { findByIds, queryForRoles, fieldForRoles, fieldContainsUserId, authorize ======= import { findByIds, queryForRoles, authlog, checkAuthDoc } from '../server/authorize'; >>>>>>> authorization-simple +======= +import { findByIds, queryForRoles, authlog, checkAuthDoc, protectFields } from '../server/authorize'; +>>>>>>> authorization export default class User { constructor(context) { @@ -925,20 +937,6 @@ export default class User { return this.context.User.findOneById(user.updatedById, me, resolver); } - // Begin of user inserted method - protectFields(me, authorizedUserRoles, protectedFields, inputObject){ - const result = Object.assign({}, inputObject); - const role = this.context.User.authRole(me); - // if user is not allowed to access specific fields... - if (!authorizedUserRoles.includes(role)){ - protectedFields.every(protectedField => { - if (result[protectedField]) delete result[protectedField]; - }); - } - return result; - } - // End of user inserted method - async insert(doc, me, resolver) { try { let docToInsert = Object.assign({}, doc, { @@ -947,10 +945,8 @@ export default class User { createdById: (me && me._id) ? me._id : 'unknown', updatedById: (me && me._id) ? me._id : 'unknown', }); - // const authQuery = queryForRoles(me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'create', me)); checkAuthDoc(docToInsert, me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'create', me)); - // User inserted line: - docToInsert = this.protectFields(me, ['admin'], ['role'], docToInsert); + docToInsert = this.protectFields(me, ['admin'], ['role'], docToInsert, { User: this.context.User }); const id = (await this.collection.insertOne(docToInsert)).insertedId; if (!id) { throw new Error(`insert user not possible.`); @@ -971,8 +967,7 @@ export default class User { const baseQuery = {_id: id}; const authQuery = queryForRoles(me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'update', me)); const finalQuery = {...baseQuery, ...authQuery}; - // User inserted line: - docToUpdate.$set = this.protectFields(me, ['admin'], ['role'], docToUpdate.$set); + docToUpdate.$set = this.protectFields(me, ['admin'], ['role'], docToUpdate.$set, { User: this.context.User }); const result = await this.collection.updateOne(finalQuery, docToUpdate); if (result.result.ok !== 1 || result.result.n !== 1){ throw new Error(`update user not possible for ${id}.`); @@ -1237,6 +1232,24 @@ export function findByIds(collection, ids = [], authQuery) { } ``` +### function protectFields +Use function protectFields to protect single fields from access. Provide signed in user in "me", the authorized User roles for the protected field(s) - meaning the user who is allowed to access the field -, provide an array with protected fields, and the current document object, which is to be checked for protected fields and the User model context. + +```javascript +// returns whether the authorized record, or the record without not authorized field(s) +export function protectFields(me, authorizedUserRoles, protectedFields, inputObject, { User }){ + const result = Object.assign({}, inputObject); + const role = User.authRole(me); + // if user is not allowed to access specific fields, remove field from object... + if (!authorizedUserRoles.includes(role)){ + protectedFields.every(protectedField => { + if (result[protectedField]) delete result[protectedField]; + }); + } + return result; +} +``` + ### function checkAuthDoc Use function checkAuthDoc to check and get back the document. Especially used in insert operations, to figure out, if the toBeInsertedDoc is valid to be added by this userRole, docRole and action. diff --git a/test/output-app/model/User.js b/test/output-app/model/User.js index 7446a96..7c6b165 100644 --- a/test/output-app/model/User.js +++ b/test/output-app/model/User.js @@ -1,6 +1,6 @@ import log from '../server/logger'; import DataLoader from 'dataloader'; -import { findByIds, queryForRoles, authlog, checkAuthDoc } from '../server/authorize'; +import { findByIds, queryForRoles, authlog, checkAuthDoc, protectFields } from '../server/authorize'; export default class User { constructor(context) { @@ -65,20 +65,6 @@ export default class User { return this.context.User.findOneById(user.updatedById, me, resolver); } - // Begin of user inserted method - protectFields(me, authorizedUserRoles, protectedFields, inputObject){ - const result = Object.assign({}, inputObject); - const role = this.context.User.authRole(me); - // if user is not allowed to access specific fields... - if (!authorizedUserRoles.includes(role)){ - protectedFields.every(protectedField => { - if (result[protectedField]) delete result[protectedField]; - }); - } - return result; - } - // End of user inserted method - async insert(doc, me, resolver) { try { let docToInsert = Object.assign({}, doc, { @@ -87,10 +73,8 @@ export default class User { createdById: (me && me._id) ? me._id : 'unknown', updatedById: (me && me._id) ? me._id : 'unknown', }); - // const authQuery = queryForRoles(me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'create', me)); checkAuthDoc(docToInsert, me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'create', me)); - // User inserted line: - docToInsert = this.protectFields(me, ['admin'], ['role'], docToInsert); + docToInsert = protectFields(me, ['admin'], ['role'], docToInsert, { User: this.context.User }); const id = (await this.collection.insertOne(docToInsert)).insertedId; if (!id) { throw new Error(`insert user not possible.`); @@ -111,8 +95,7 @@ export default class User { const baseQuery = {_id: id}; const authQuery = queryForRoles(me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'update', me)); const finalQuery = {...baseQuery, ...authQuery}; - // User inserted line: - docToUpdate.$set = this.protectFields(me, ['admin'], ['role'], docToUpdate.$set); + docToUpdate.$set = protectFields(me, ['admin'], ['role'], docToUpdate.$set, { User: this.context.User }); const result = await this.collection.updateOne(finalQuery, docToUpdate); if (result.result.ok !== 1 || result.result.n !== 1){ throw new Error(`update user not possible for ${id}.`); diff --git a/test/output-app/server/authorize.js b/test/output-app/server/authorize.js index dd0a7b9..f8d8ef8 100644 --- a/test/output-app/server/authorize.js +++ b/test/output-app/server/authorize.js @@ -22,6 +22,19 @@ export function findByIds(collection, ids = [], authQuery) { }); } +// returns whether the authorized record, or the record without not authorized field(s) +export function protectFields(me, authorizedUserRoles, protectedFields, inputObject, { User }){ + const result = Object.assign({}, inputObject); + const role = User.authRole(me); + // if user is not allowed to access specific fields, remove field from object... + if (!authorizedUserRoles.includes(role)){ + protectedFields.every(protectedField => { + if (result[protectedField]) delete result[protectedField]; + }); + } + return result; +} + export function checkAuthDoc(doc, me, userRoles, docRoles, { User }, logger){ const role = User.authRole(me); diff --git a/test/output-app/server/index.js b/test/output-app/server/index.js index 84d01ce..0b9bcd0 100644 --- a/test/output-app/server/index.js +++ b/test/output-app/server/index.js @@ -62,7 +62,10 @@ async function startServer() { schema, context: Object.assign({ me }, req.context), debug: true, - // formatError(e) { console.log(e) }, + formatError(e) { + console.log(e); + return e; + }, }; })(req, res, next); })(req, res, next); diff --git a/test/output-app/server/logs/all-logs-readable.log b/test/output-app/server/logs/all-logs-readable.log index f7c7bd7..2a22689 100644 --- a/test/output-app/server/logs/all-logs-readable.log +++ b/test/output-app/server/logs/all-logs-readable.log @@ -1,8 +1,7 @@ -x2017-07-18 23:42:06 Logger started -2017-07-18 23:42:35 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:35 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:35 -------------------------------------------------------------------------------- -2017-07-18 23:42:35 Request: +2017-08-03 19:11:27 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:27 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:27 -------------------------------------------------------------------------------- +2017-08-03 19:11:27 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -14,10 +13,10 @@ Query: } } -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -29,10 +28,10 @@ Query: } } -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -43,10 +42,10 @@ Query: } } -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -57,10 +56,10 @@ Query: } } -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -71,10 +70,10 @@ Query: } } -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -86,10 +85,10 @@ Query: } } -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -100,11 +99,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "users" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "users" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -115,11 +114,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "users" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "users" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -130,11 +129,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "users" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "users" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -145,11 +144,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "users" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "users" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -162,11 +161,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "user followers" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "user followers" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -179,11 +178,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "user followers" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "user followers" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -196,11 +195,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "user followers" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "user followers" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -213,11 +212,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "user followers" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "user followers" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -230,11 +229,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "user following" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "user following" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -247,11 +246,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "user following" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "user following" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -264,11 +263,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "user following" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "user following" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -281,11 +280,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "user following" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "user following" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -298,11 +297,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "user tweets" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "user tweets" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -315,11 +314,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "user tweets" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "user tweets" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -332,11 +331,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "user tweets" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "user tweets" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -349,11 +348,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "user tweets" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "user tweets" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -366,11 +365,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "user liked" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "user liked" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -383,11 +382,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "user liked" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "user liked" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -400,11 +399,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "user liked" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "user liked" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -417,11 +416,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "user liked" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "user liked" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -432,10 +431,10 @@ Query: } } -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -447,10 +446,10 @@ Query: } } -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -461,11 +460,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "tweets" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "tweets" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -476,11 +475,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "tweets" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "tweets" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -491,11 +490,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "tweets" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "tweets" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -506,11 +505,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "tweets" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "tweets" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -523,11 +522,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "tweet likers" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "tweet likers" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -540,11 +539,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "tweet likers" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "tweet likers" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -557,11 +556,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "tweet likers" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "tweet likers" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -574,11 +573,11 @@ Query: } } -2017-07-18 23:42:49 Authorize readMany "tweet likers" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: +2017-08-03 19:11:36 Authorize readMany "tweet likers" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -589,14 +588,14 @@ mutation { } } -2017-07-18 23:42:49 Authorize create "createUser" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:49 Authorize create "createUser" with user "stubailo" and role: "admin" is authorized by userRole. -2017-07-18 23:42:49 inserted user 596e80d9aba34620ffa518b7. -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: -User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +2017-08-03 19:11:36 Authorize create "createUser" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:36 Authorize create "createUser" with user "stubailo" and role: "admin" is authorized by userRole. +2017-08-03 19:11:36 inserted user 59835948075def94489f4100. +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: +User: "tobkle", role: "admin", id: "59835948075def94489f4100", Operation: "", variables: "", Query: mutation { @@ -605,197 +604,197 @@ mutation { } } -2017-07-18 23:42:49 Authorize create "createUser" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:49 Authorize create "createUser" with user "tobkle" and role: "admin" is authorized by userRole. -2017-07-18 23:42:49 inserted user 596e80d9aba34620ffa518b8. -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: -User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +2017-08-03 19:11:36 Authorize create "createUser" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 Authorize create "createUser" with user "tobkle" and role: "admin" is authorized by userRole. +2017-08-03 19:11:36 inserted user 59835948075def94489f4101. +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: +User: "tobkle", role: "admin", id: "59835948075def94489f4100", Operation: "", variables: "", Query: { - user(id: "596e80d9aba34620ffa518b8") { + user(id: "59835948075def94489f4101") { username bio role } } -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: -User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: +User: "tobkle", role: "admin", id: "59835948075def94489f4100", Operation: "", variables: "", Query: { - user(id: "596e80d9aba34620ffa518b7") { + user(id: "59835948075def94489f4100") { username role } } -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: -User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: +User: "tobkle", role: "admin", id: "59835948075def94489f4100", Operation: "", variables: "", Query: mutation { - updateUser(id: "596e80d9aba34620ffa518b8", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + updateUser(id: "59835948075def94489f4101", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { username bio role } } -2017-07-18 23:42:49 Authorize update "updateUser" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:49 updated user 596e80d9aba34620ffa518b8. -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: -User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +2017-08-03 19:11:36 Authorize update "updateUser" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 updated user 59835948075def94489f4101. +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: +User: "tobkle", role: "admin", id: "59835948075def94489f4100", Operation: "", variables: "", Query: mutation { - updateUser(id: "596e80d9aba34620ffa518b7", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + updateUser(id: "59835948075def94489f4100", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { username bio role } } -2017-07-18 23:42:49 Authorize update "updateUser" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:49 updated user 596e80d9aba34620ffa518b7. -2017-07-18 23:42:49 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:49 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:49 -------------------------------------------------------------------------------- -2017-07-18 23:42:49 Request: -User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +2017-08-03 19:11:36 Authorize update "updateUser" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 updated user 59835948075def94489f4100. +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: +User: "tobkle", role: "admin", id: "59835948075def94489f4100", Operation: "", variables: "", Query: mutation { - updateUser(id: "596e80d9aba34620ffa518b8", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + updateUser(id: "59835948075def94489f4101", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { username bio role } } -2017-07-18 23:42:49 Authorize update "updateUser" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:49 updated user 596e80d9aba34620ffa518b8. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +2017-08-03 19:11:36 Authorize update "updateUser" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 updated user 59835948075def94489f4101. +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: +User: "tobkle", role: "admin", id: "59835948075def94489f4100", Operation: "", variables: "", Query: mutation { - updateUser(id: "596e80d9aba34620ffa518b7", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + updateUser(id: "59835948075def94489f4100", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { username bio role } } -2017-07-18 23:42:50 Authorize update "updateUser" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 updated user 596e80d9aba34620ffa518b7. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "editor" with +2017-08-03 19:11:36 Authorize update "updateUser" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 updated user 59835948075def94489f4100. +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role: "editor" with authQuery: { "$or": [ { - "_id": "596e80d9aba34620ffa518b7" + "_id": "59835948075def94489f4100" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "editor" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "editor", id: "596e80d9aba34620ffa518b7", +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "editor" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: +User: "tobkle", role: "editor", id: "59835948075def94489f4100", Operation: "", variables: "", Query: mutation { - updateUser(id: "596e80d9aba34620ffa518b7", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + updateUser(id: "59835948075def94489f4100", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { username bio role } } -2017-07-18 23:42:50 Authorize update "updateUser" with user "tobkle" and role: "editor" with +2017-08-03 19:11:36 Authorize update "updateUser" with user "tobkle" and role: "editor" with authQuery: { "$or": [ { - "_id": "596e80d9aba34620ffa518b7" + "_id": "59835948075def94489f4100" } ] } -2017-07-18 23:42:50 updated user 596e80d9aba34620ffa518b7. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "zoltan" and role "admin" is authorized -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "zoltan" and role "admin" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "zoltan", role: "admin", id: "596e80d9aba34620ffa518b8", +2017-08-03 19:11:36 updated user 59835948075def94489f4100. +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "zoltan" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "zoltan" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: +User: "zoltan", role: "admin", id: "59835948075def94489f4101", Operation: "", variables: "", Query: mutation { - updateUser(id: "596e80d9aba34620ffa518b7", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + updateUser(id: "59835948075def94489f4100", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { username bio role } } -2017-07-18 23:42:50 Authorize update "updateUser" with user "zoltan" and role "admin" is authorized -2017-07-18 23:42:50 updated user 596e80d9aba34620ffa518b7. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +2017-08-03 19:11:36 Authorize update "updateUser" with user "zoltan" and role "admin" is authorized +2017-08-03 19:11:36 updated user 59835948075def94489f4100. +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: +User: "tobkle", role: "admin", id: "59835948075def94489f4100", Operation: "", variables: "", Query: mutation { - removeUser(id: "596e80d9aba34620ffa518b8") + removeUser(id: "59835948075def94489f4101") } -2017-07-18 23:42:50 Authorize delete "removeUser" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 removed user 596e80d9aba34620ffa518b8. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +2017-08-03 19:11:36 Authorize delete "removeUser" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 removed user 59835948075def94489f4101. +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: +User: "tobkle", role: "admin", id: "59835948075def94489f4100", Operation: "", variables: "", Query: mutation { - createTweet(input: {authorId: "596e80d9aba34620ffa518b7", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + createTweet(input: {authorId: "59835948075def94489f4100", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { id } } -2017-07-18 23:42:50 { - "authorId": "596e80d9aba34620ffa518b7", +2017-08-03 19:11:36 { + "authorId": "59835948075def94489f4100", "body": "This is a test tweet of user tobkle", "coauthorsIds": [], - "createdAt": 1500414170065, - "updatedAt": 1500414170065, - "createdById": "596e80d9aba34620ffa518b7", - "updatedById": "596e80d9aba34620ffa518b7" + "createdAt": 1501780296690, + "updatedAt": 1501780296690, + "createdById": "59835948075def94489f4100", + "updatedById": "59835948075def94489f4100" } -2017-07-18 23:42:50 Authorize create "createTweet" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 Authorize create "createTweet" with user "tobkle" and role: "admin" is authorized by userRole. -2017-07-18 23:42:50 inserted tweet 596e80daaba34620ffa518b9. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +2017-08-03 19:11:36 Authorize create "createTweet" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 Authorize create "createTweet" with user "tobkle" and role: "admin" is authorized by userRole. +2017-08-03 19:11:36 inserted tweet 59835948075def94489f4102. +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: +User: "tobkle", role: "admin", id: "59835948075def94489f4100", Operation: "", variables: "", Query: mutation { @@ -804,26 +803,26 @@ mutation { } } -2017-07-18 23:42:50 { +2017-08-03 19:11:36 { "authorId": "583291a1638566b3c5a92ca1", "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", "coauthorsIds": [], - "createdAt": 1500414170102, - "updatedAt": 1500414170102, - "createdById": "596e80d9aba34620ffa518b7", - "updatedById": "596e80d9aba34620ffa518b7" + "createdAt": 1501780296700, + "updatedAt": 1501780296700, + "createdById": "59835948075def94489f4100", + "updatedById": "59835948075def94489f4100" } -2017-07-18 23:42:50 Authorize create "createTweet" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 Authorize create "createTweet" with user "tobkle" and role: "admin" is authorized by userRole. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +2017-08-03 19:11:36 Authorize create "createTweet" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 Authorize create "createTweet" with user "tobkle" and role: "admin" is authorized by userRole. +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: +User: "tobkle", role: "admin", id: "59835948075def94489f4100", Operation: "", variables: "", Query: { - tweet(id: "596e80daaba34620ffa518b9") { + tweet(id: "59835948075def94489f4102") { author { id } @@ -831,12 +830,12 @@ Query: } } -2017-07-18 23:42:50 inserted tweet 596e80daaba34620ffa518ba. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +2017-08-03 19:11:36 inserted tweet 59835948075def94489f4103. +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: +User: "tobkle", role: "admin", id: "59835948075def94489f4100", Operation: "", variables: "", Query: { @@ -848,120 +847,120 @@ Query: } } -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: +User: "tobkle", role: "admin", id: "59835948075def94489f4100", Operation: "", variables: "", Query: mutation { - updateTweet(id: "596e80daaba34620ffa518b9", input: {body: "This is a modified test tweet"}) { + updateTweet(id: "59835948075def94489f4102", input: {body: "This is a modified test tweet"}) { body } } -2017-07-18 23:42:50 Authorize update "updateTweet" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 updated tweet 596e80daaba34620ffa518b9. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +2017-08-03 19:11:36 Authorize update "updateTweet" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 updated tweet 59835948075def94489f4102. +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: +User: "tobkle", role: "admin", id: "59835948075def94489f4100", Operation: "", variables: "", Query: mutation { - updateTweet(id: "596e80daaba34620ffa518ba", input: {body: "This is a modified test tweet"}) { + updateTweet(id: "59835948075def94489f4103", input: {body: "This is a modified test tweet"}) { body } } -2017-07-18 23:42:50 Authorize update "updateTweet" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 updated tweet 596e80daaba34620ffa518ba. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +2017-08-03 19:11:36 Authorize update "updateTweet" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 updated tweet 59835948075def94489f4103. +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: +User: "tobkle", role: "admin", id: "59835948075def94489f4100", Operation: "", variables: "", Query: { - tweet(id: "596e80daaba34620ffa518b9") { + tweet(id: "59835948075def94489f4102") { body } } -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: +User: "tobkle", role: "admin", id: "59835948075def94489f4100", Operation: "", variables: "", Query: mutation { - removeTweet(id: "596e80daaba34620ffa518b9") + removeTweet(id: "59835948075def94489f4102") } -2017-07-18 23:42:50 Authorize delete "removeTweet" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 removed tweet 596e80daaba34620ffa518b9. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +2017-08-03 19:11:36 Authorize delete "removeTweet" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 removed tweet 59835948075def94489f4102. +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: +User: "tobkle", role: "admin", id: "59835948075def94489f4100", Operation: "", variables: "", Query: mutation { - removeTweet(id: "596e80daaba34620ffa518ba") + removeTweet(id: "59835948075def94489f4103") } -2017-07-18 23:42:50 Authorize delete "removeTweet" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 removed tweet 596e80daaba34620ffa518ba. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +2017-08-03 19:11:36 Authorize delete "removeTweet" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 removed tweet 59835948075def94489f4103. +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: +User: "tobkle", role: "admin", id: "59835948075def94489f4100", Operation: "", variables: "", Query: { - tweet(id: "596e80daaba34620ffa518b9") { + tweet(id: "59835948075def94489f4102") { body } } -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "admin", id: "596e80d9aba34620ffa518b7", +2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: +User: "tobkle", role: "admin", id: "59835948075def94489f4100", Operation: "", variables: "", Query: mutation { - removeUser(id: "596e80d9aba34620ffa518b7") + removeUser(id: "59835948075def94489f4100") } -2017-07-18 23:42:50 Authorize delete "removeUser" with user "tobkle" and role "admin" is authorized -2017-07-18 23:42:50 removed user 596e80d9aba34620ffa518b7. -2017-07-18 23:42:50 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "" and role "" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: +2017-08-03 19:11:36 Authorize delete "removeUser" with user "tobkle" and role "admin" is authorized +2017-08-03 19:11:36 removed user 59835948075def94489f4100. +2017-08-03 19:11:36 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "" and role "" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: { - user(id: "596e80d9aba34620ffa518b7") { + user(id: "59835948075def94489f4100") { username bio role } } -2017-07-18 23:42:50 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "" and role "" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: +2017-08-03 19:11:36 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "" and role "" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -971,11 +970,11 @@ mutation { } } -2017-07-18 23:42:50 ERROR Cannot read property 'toString' of undefined -2017-07-18 23:42:50 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "" and role "" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: +2017-08-03 19:11:36 ERROR Cannot read property 'toString' of undefined +2017-08-03 19:11:36 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "" and role "" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -987,10 +986,10 @@ Query: } } -2017-07-18 23:42:50 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "" and role "" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: +2017-08-03 19:11:36 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "" and role "" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -1002,11 +1001,11 @@ mutation { } } -2017-07-18 23:42:50 ERROR Authorize update "updateUser" with user "" and role: "null" is not authorized. -2017-07-18 23:42:50 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "" and role "" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: +2017-08-03 19:11:36 ERROR Authorize update "updateUser" with user "" and role: "null" is not authorized. +2017-08-03 19:11:36 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "" and role "" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -1014,11 +1013,11 @@ mutation { removeUser(id: "583291a1638566b3c5a92ca1") } -2017-07-18 23:42:50 ERROR Authorize delete "removeUser" with user "" and role: "null" is not authorized. -2017-07-18 23:42:50 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "" and role "" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: +2017-08-03 19:11:36 ERROR Authorize delete "removeUser" with user "" and role: "null" is not authorized. +2017-08-03 19:11:36 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "" and role "" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -1028,10 +1027,10 @@ mutation { } } -2017-07-18 23:42:50 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "" and role "" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: +2017-08-03 19:11:36 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "" and role "" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -1041,20 +1040,20 @@ mutation { } } -2017-07-18 23:42:50 { +2017-08-03 19:11:36 { "authorId": "583291a1638566b3c5a92ca1", "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", "coauthorsIds": [], - "createdAt": 1500414170256, - "updatedAt": 1500414170256, + "createdAt": 1501780296965, + "updatedAt": 1501780296965, "createdById": "unknown", "updatedById": "unknown" } -2017-07-18 23:42:50 ERROR Cannot read property 'toString' of undefined -2017-07-18 23:42:50 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "" and role "" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: +2017-08-03 19:11:36 ERROR Cannot read property 'toString' of undefined +2017-08-03 19:11:36 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "" and role "" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -1067,10 +1066,10 @@ Query: } } -2017-07-18 23:42:50 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "" and role "" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: +2017-08-03 19:11:36 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. +2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "" and role "" is authorized +2017-08-03 19:11:36 -------------------------------------------------------------------------------- +2017-08-03 19:11:36 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -1080,11 +1079,11 @@ mutation { } } -2017-07-18 23:42:50 ERROR Authorize update "updateTweet" with user "" and role: "null" is not authorized. -2017-07-18 23:42:50 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "" and role "" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: +2017-08-03 19:11:37 ERROR Authorize update "updateTweet" with user "" and role: "null" is not authorized. +2017-08-03 19:11:37 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "" and role "" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -1094,11 +1093,11 @@ mutation { } } -2017-07-18 23:42:50 ERROR Authorize update "updateTweet" with user "" and role: "null" is not authorized. -2017-07-18 23:42:50 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "" and role "" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: +2017-08-03 19:11:37 ERROR Authorize update "updateTweet" with user "" and role: "null" is not authorized. +2017-08-03 19:11:37 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "" and role "" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -1106,11 +1105,11 @@ mutation { removeTweet(id: "583676d3618530145474e352") } -2017-07-18 23:42:50 ERROR Authorize delete "removeTweet" with user "" and role: "null" is not authorized. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: +2017-08-03 19:11:37 ERROR Authorize delete "removeTweet" with user "" and role: "null" is not authorized. +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -1121,21 +1120,21 @@ mutation { } } -2017-07-18 23:42:50 Authorize create "createUser" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:50 Authorize create "createUser" with user "stubailo" and role: "admin" is authorized by userRole. -2017-07-18 23:42:50 inserted user 596e80daaba34620ffa518bb. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 Authorize create "createUser" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:37 Authorize create "createUser" with user "stubailo" and role: "admin" is authorized by userRole. +2017-08-03 19:11:37 inserted user 59835949075def94489f4104. +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bb" + "_id": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tobkle", role: "user", id: "59835949075def94489f4104", Operation: "", variables: "", Query: mutation { @@ -1144,19 +1143,19 @@ mutation { } } -2017-07-18 23:42:50 ERROR Cannot read property 'toString' of undefined -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 ERROR Cannot read property 'toString' of undefined +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bb" + "_id": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tobkle", role: "user", id: "59835949075def94489f4104", Operation: "", variables: "", Query: { @@ -1167,59 +1166,59 @@ Query: } } -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bb" + "_id": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tobkle", role: "user", id: "59835949075def94489f4104", Operation: "", variables: "", Query: { - user(id: "596e80daaba34620ffa518bb") { + user(id: "59835949075def94489f4104") { username } } -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bb" + "_id": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tobkle", role: "user", id: "59835949075def94489f4104", Operation: "", variables: "", Query: { - user(id: "596e80daaba34620ffa518bb") { + user(id: "59835949075def94489f4104") { username role } } -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bb" + "_id": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tobkle", role: "user", id: "59835949075def94489f4104", Operation: "", variables: "", Query: mutation { @@ -1230,146 +1229,146 @@ mutation { } } -2017-07-18 23:42:50 Authorize update "updateUser" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 Authorize update "updateUser" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bb" + "_id": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 ERROR update user not possible for 583291a1638566b3c5a92ca1. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 ERROR update user not possible for 583291a1638566b3c5a92ca1. +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bb" + "_id": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tobkle", role: "user", id: "59835949075def94489f4104", Operation: "", variables: "", Query: mutation { - updateUser(id: "596e80daaba34620ffa518bb", input: {username: "tobkle", bio: "Maker of things, I guess"}) { + updateUser(id: "59835949075def94489f4104", input: {username: "tobkle", bio: "Maker of things, I guess"}) { username bio } } -2017-07-18 23:42:50 Authorize update "updateUser" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 Authorize update "updateUser" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bb" + "_id": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 updated user 596e80daaba34620ffa518bb. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 updated user 59835949075def94489f4104. +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bb" + "_id": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tobkle", role: "user", id: "59835949075def94489f4104", Operation: "", variables: "", Query: mutation { - updateUser(id: "596e80daaba34620ffa518bb", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + updateUser(id: "59835949075def94489f4104", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { username bio role } } -2017-07-18 23:42:50 Authorize update "updateUser" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 Authorize update "updateUser" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bb" + "_id": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 updated user 596e80daaba34620ffa518bb. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 updated user 59835949075def94489f4104. +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bb" + "_id": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tobkle", role: "user", id: "59835949075def94489f4104", Operation: "", variables: "", Query: mutation { removeUser(id: "583291a1638566b3c5a92ca1") } -2017-07-18 23:42:50 Authorize delete "removeUser" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 Authorize delete "removeUser" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bb" + "_id": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bb" + "_id": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tobkle", role: "user", id: "59835949075def94489f4104", Operation: "", variables: "", Query: mutation { - createTweet(input: {authorId: "596e80daaba34620ffa518bb", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + createTweet(input: {authorId: "59835949075def94489f4104", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { id } } -2017-07-18 23:42:50 { - "authorId": "596e80daaba34620ffa518bb", +2017-08-03 19:11:37 { + "authorId": "59835949075def94489f4104", "body": "This is a test tweet of user tobkle", "coauthorsIds": [], - "createdAt": 1500414170485, - "updatedAt": 1500414170485, - "createdById": "596e80daaba34620ffa518bb", - "updatedById": "596e80daaba34620ffa518bb" -} -2017-07-18 23:42:50 Authorize create "createTweet" with user "tobkle" and role: "user" is authorized by docRole. -2017-07-18 23:42:50 inserted tweet 596e80daaba34620ffa518bc. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with + "createdAt": 1501780297175, + "updatedAt": 1501780297175, + "createdById": "59835949075def94489f4104", + "updatedById": "59835949075def94489f4104" +} +2017-08-03 19:11:37 Authorize create "createTweet" with user "tobkle" and role: "user" is authorized by docRole. +2017-08-03 19:11:37 inserted tweet 59835949075def94489f4105. +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bb" + "_id": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tobkle", role: "user", id: "59835949075def94489f4104", Operation: "", variables: "", Query: mutation { @@ -1378,32 +1377,32 @@ mutation { } } -2017-07-18 23:42:50 { +2017-08-03 19:11:37 { "authorId": "583291a1638566b3c5a92ca1", "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", "coauthorsIds": [], - "createdAt": 1500414170510, - "updatedAt": 1500414170510, - "createdById": "596e80daaba34620ffa518bb", - "updatedById": "596e80daaba34620ffa518bb" + "createdAt": 1501780297182, + "updatedAt": 1501780297182, + "createdById": "59835949075def94489f4104", + "updatedById": "59835949075def94489f4104" } -2017-07-18 23:42:50 ERROR Authorize create "createTweet" with user "tobkle" and role: "user" is not authorized. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 ERROR Authorize create "createTweet" with user "tobkle" and role: "user" is not authorized. +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bb" + "_id": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tobkle", role: "user", id: "59835949075def94489f4104", Operation: "", variables: "", Query: { - tweet(id: "596e80daaba34620ffa518bc") { + tweet(id: "59835949075def94489f4105") { author { id } @@ -1411,18 +1410,18 @@ Query: } } -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bb" + "_id": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tobkle", role: "user", id: "59835949075def94489f4104", Operation: "", variables: "", Query: { @@ -1434,50 +1433,50 @@ Query: } } -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bb" + "_id": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tobkle", role: "user", id: "59835949075def94489f4104", Operation: "", variables: "", Query: mutation { - updateTweet(id: "596e80daaba34620ffa518bc", input: {body: "This is a modified test tweet"}) { + updateTweet(id: "59835949075def94489f4105", input: {body: "This is a modified test tweet"}) { body } } -2017-07-18 23:42:50 Authorize update "updateTweet" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 Authorize update "updateTweet" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "authorId": "596e80daaba34620ffa518bb" + "authorId": "59835949075def94489f4104" }, { - "coauthorsIds": "596e80daaba34620ffa518bb" + "coauthorsIds": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 updated tweet 596e80daaba34620ffa518bc. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 updated tweet 59835949075def94489f4105. +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bb" + "_id": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tobkle", role: "user", id: "59835949075def94489f4104", Operation: "", variables: "", Query: mutation { @@ -1486,158 +1485,158 @@ mutation { } } -2017-07-18 23:42:50 Authorize update "updateTweet" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 Authorize update "updateTweet" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "authorId": "596e80daaba34620ffa518bb" + "authorId": "59835949075def94489f4104" }, { - "coauthorsIds": "596e80daaba34620ffa518bb" + "coauthorsIds": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 ERROR update tweet not possible for 583676d3618530145474e352. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 ERROR update tweet not possible for 583676d3618530145474e352. +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bb" + "_id": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tobkle", role: "user", id: "59835949075def94489f4104", Operation: "", variables: "", Query: { - tweet(id: "596e80daaba34620ffa518bc") { + tweet(id: "59835949075def94489f4105") { body } } -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bb" + "_id": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tobkle", role: "user", id: "59835949075def94489f4104", Operation: "", variables: "", Query: mutation { - removeTweet(id: "596e80daaba34620ffa518bc") + removeTweet(id: "59835949075def94489f4105") } -2017-07-18 23:42:50 Authorize delete "removeTweet" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 Authorize delete "removeTweet" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "authorId": "596e80daaba34620ffa518bb" + "authorId": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 removed tweet 596e80daaba34620ffa518bc. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 removed tweet 59835949075def94489f4105. +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bb" + "_id": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tobkle", role: "user", id: "59835949075def94489f4104", Operation: "", variables: "", Query: mutation { removeTweet(id: "583676d3618530145474e352") } -2017-07-18 23:42:50 Authorize delete "removeTweet" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 Authorize delete "removeTweet" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "authorId": "596e80daaba34620ffa518bb" + "authorId": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bb" + "_id": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tobkle", role: "user", id: "59835949075def94489f4104", Operation: "", variables: "", Query: { - tweet(id: "596e80daaba34620ffa518bc") { + tweet(id: "59835949075def94489f4105") { body } } -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bb" + "_id": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "user", id: "596e80daaba34620ffa518bb", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tobkle", role: "user", id: "59835949075def94489f4104", Operation: "", variables: "", Query: mutation { - removeUser(id: "596e80daaba34620ffa518bb") + removeUser(id: "59835949075def94489f4104") } -2017-07-18 23:42:50 Authorize delete "removeUser" with user "tobkle" and role: "user" with +2017-08-03 19:11:37 Authorize delete "removeUser" with user "tobkle" and role: "user" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bb" + "_id": "59835949075def94489f4104" } ] } -2017-07-18 23:42:50 removed user 596e80daaba34620ffa518bb. -2017-07-18 23:42:50 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "" and role "" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: +2017-08-03 19:11:37 removed user 59835949075def94489f4104. +2017-08-03 19:11:37 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "" and role "" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: { - user(id: "596e80daaba34620ffa518bb") { + user(id: "59835949075def94489f4104") { username bio role } } -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -1648,21 +1647,21 @@ mutation { } } -2017-07-18 23:42:50 Authorize create "createUser" with user "stubailo" and role "admin" is authorized -2017-07-18 23:42:50 Authorize create "createUser" with user "stubailo" and role: "admin" is authorized by userRole. -2017-07-18 23:42:50 inserted user 596e80daaba34620ffa518bd. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "editor" with +2017-08-03 19:11:37 Authorize create "createUser" with user "stubailo" and role "admin" is authorized +2017-08-03 19:11:37 Authorize create "createUser" with user "stubailo" and role: "admin" is authorized by userRole. +2017-08-03 19:11:37 inserted user 59835949075def94489f4106. +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "editor" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bd" + "_id": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "editor" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "editor", id: "596e80daaba34620ffa518bd", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "editor" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tobkle", role: "editor", id: "59835949075def94489f4106", Operation: "", variables: "", Query: mutation { @@ -1671,19 +1670,19 @@ mutation { } } -2017-07-18 23:42:50 ERROR Cannot read property 'toString' of undefined -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "editor" with +2017-08-03 19:11:37 ERROR Cannot read property 'toString' of undefined +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "editor" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bd" + "_id": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "editor" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "editor", id: "596e80daaba34620ffa518bd", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "editor" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tobkle", role: "editor", id: "59835949075def94489f4106", Operation: "", variables: "", Query: { @@ -1694,39 +1693,39 @@ Query: } } -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "editor" with +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "editor" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bd" + "_id": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "editor" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "editor", id: "596e80daaba34620ffa518bd", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "editor" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tobkle", role: "editor", id: "59835949075def94489f4106", Operation: "", variables: "", Query: { - user(id: "596e80daaba34620ffa518bd") { + user(id: "59835949075def94489f4106") { username role } } -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "editor" with +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "editor" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bd" + "_id": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "editor" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "editor", id: "596e80daaba34620ffa518bd", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "editor" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tobkle", role: "editor", id: "59835949075def94489f4106", Operation: "", variables: "", Query: mutation { @@ -1737,146 +1736,146 @@ mutation { } } -2017-07-18 23:42:50 Authorize update "updateUser" with user "tobkle" and role: "editor" with +2017-08-03 19:11:37 Authorize update "updateUser" with user "tobkle" and role: "editor" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bd" + "_id": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 ERROR update user not possible for 583291a1638566b3c5a92ca1. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tobkle" and role: "editor" with +2017-08-03 19:11:37 ERROR update user not possible for 583291a1638566b3c5a92ca1. +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "editor" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bd" + "_id": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tobkle" and role "editor" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tobkle", role: "editor", id: "596e80daaba34620ffa518bd", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "editor" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tobkle", role: "editor", id: "59835949075def94489f4106", Operation: "", variables: "", Query: mutation { - updateUser(id: "596e80daaba34620ffa518bd", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { + updateUser(id: "59835949075def94489f4106", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { username bio } } -2017-07-18 23:42:50 Authorize update "updateUser" with user "tobkle" and role: "editor" with +2017-08-03 19:11:37 Authorize update "updateUser" with user "tobkle" and role: "editor" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bd" + "_id": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 updated user 596e80daaba34620ffa518bd. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with +2017-08-03 19:11:37 updated user 59835949075def94489f4106. +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bd" + "_id": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tmeasday", role: "editor", id: "596e80daaba34620ffa518bd", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tmeasday", role: "editor", id: "59835949075def94489f4106", Operation: "", variables: "", Query: mutation { - updateUser(id: "596e80daaba34620ffa518bd", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { + updateUser(id: "59835949075def94489f4106", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { username bio role } } -2017-07-18 23:42:50 Authorize update "updateUser" with user "tmeasday" and role: "editor" with +2017-08-03 19:11:37 Authorize update "updateUser" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bd" + "_id": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 updated user 596e80daaba34620ffa518bd. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with +2017-08-03 19:11:37 updated user 59835949075def94489f4106. +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bd" + "_id": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tmeasday", role: "editor", id: "596e80daaba34620ffa518bd", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tmeasday", role: "editor", id: "59835949075def94489f4106", Operation: "", variables: "", Query: mutation { removeUser(id: "583291a1638566b3c5a92ca1") } -2017-07-18 23:42:50 Authorize delete "removeUser" with user "tmeasday" and role: "editor" with +2017-08-03 19:11:37 Authorize delete "removeUser" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bd" + "_id": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with +2017-08-03 19:11:37 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bd" + "_id": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tmeasday", role: "editor", id: "596e80daaba34620ffa518bd", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tmeasday", role: "editor", id: "59835949075def94489f4106", Operation: "", variables: "", Query: mutation { - createTweet(input: {authorId: "596e80daaba34620ffa518bd", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + createTweet(input: {authorId: "59835949075def94489f4106", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { id } } -2017-07-18 23:42:50 { - "authorId": "596e80daaba34620ffa518bd", +2017-08-03 19:11:37 { + "authorId": "59835949075def94489f4106", "body": "This is a test tweet of user tobkle", "coauthorsIds": [], - "createdAt": 1500414170722, - "updatedAt": 1500414170722, - "createdById": "596e80daaba34620ffa518bd", - "updatedById": "596e80daaba34620ffa518bd" -} -2017-07-18 23:42:50 Authorize create "createTweet" with user "tmeasday" and role: "editor" is authorized by docRole. -2017-07-18 23:42:50 inserted tweet 596e80daaba34620ffa518be. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with + "createdAt": 1501780297472, + "updatedAt": 1501780297472, + "createdById": "59835949075def94489f4106", + "updatedById": "59835949075def94489f4106" +} +2017-08-03 19:11:37 Authorize create "createTweet" with user "tmeasday" and role: "editor" is authorized by docRole. +2017-08-03 19:11:37 inserted tweet 59835949075def94489f4107. +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bd" + "_id": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tmeasday", role: "editor", id: "596e80daaba34620ffa518bd", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tmeasday", role: "editor", id: "59835949075def94489f4106", Operation: "", variables: "", Query: mutation { @@ -1885,32 +1884,32 @@ mutation { } } -2017-07-18 23:42:50 { +2017-08-03 19:11:37 { "authorId": "583291a1638566b3c5a92ca1", "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", "coauthorsIds": [], - "createdAt": 1500414170729, - "updatedAt": 1500414170729, - "createdById": "596e80daaba34620ffa518bd", - "updatedById": "596e80daaba34620ffa518bd" + "createdAt": 1501780297510, + "updatedAt": 1501780297510, + "createdById": "59835949075def94489f4106", + "updatedById": "59835949075def94489f4106" } -2017-07-18 23:42:50 ERROR Authorize create "createTweet" with user "tmeasday" and role: "editor" is not authorized. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with +2017-08-03 19:11:37 ERROR Authorize create "createTweet" with user "tmeasday" and role: "editor" is not authorized. +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bd" + "_id": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tmeasday", role: "editor", id: "596e80daaba34620ffa518bd", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tmeasday", role: "editor", id: "59835949075def94489f4106", Operation: "", variables: "", Query: { - tweet(id: "596e80daaba34620ffa518be") { + tweet(id: "59835949075def94489f4107") { author { id } @@ -1918,18 +1917,18 @@ Query: } } -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bd" + "_id": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tmeasday", role: "editor", id: "596e80daaba34620ffa518bd", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tmeasday", role: "editor", id: "59835949075def94489f4106", Operation: "", variables: "", Query: { @@ -1941,50 +1940,50 @@ Query: } } -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bd" + "_id": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tmeasday", role: "editor", id: "596e80daaba34620ffa518bd", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tmeasday", role: "editor", id: "59835949075def94489f4106", Operation: "", variables: "", Query: mutation { - updateTweet(id: "596e80daaba34620ffa518be", input: {body: "This is a modified test tweet"}) { + updateTweet(id: "59835949075def94489f4107", input: {body: "This is a modified test tweet"}) { body } } -2017-07-18 23:42:50 Authorize update "updateTweet" with user "tmeasday" and role: "editor" with +2017-08-03 19:11:37 Authorize update "updateTweet" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "authorId": "596e80daaba34620ffa518bd" + "authorId": "59835949075def94489f4106" }, { - "coauthorsIds": "596e80daaba34620ffa518bd" + "coauthorsIds": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 updated tweet 596e80daaba34620ffa518be. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with +2017-08-03 19:11:37 updated tweet 59835949075def94489f4107. +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bd" + "_id": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tmeasday", role: "editor", id: "596e80daaba34620ffa518bd", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tmeasday", role: "editor", id: "59835949075def94489f4106", Operation: "", variables: "", Query: mutation { @@ -1993,148 +1992,148 @@ mutation { } } -2017-07-18 23:42:50 Authorize update "updateTweet" with user "tmeasday" and role: "editor" with +2017-08-03 19:11:37 Authorize update "updateTweet" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "authorId": "596e80daaba34620ffa518bd" + "authorId": "59835949075def94489f4106" }, { - "coauthorsIds": "596e80daaba34620ffa518bd" + "coauthorsIds": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 ERROR update tweet not possible for 583676d3618530145474e352. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with +2017-08-03 19:11:37 ERROR update tweet not possible for 583676d3618530145474e352. +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bd" + "_id": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tmeasday", role: "editor", id: "596e80daaba34620ffa518bd", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tmeasday", role: "editor", id: "59835949075def94489f4106", Operation: "", variables: "", Query: { - tweet(id: "596e80daaba34620ffa518be") { + tweet(id: "59835949075def94489f4107") { body } } -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bd" + "_id": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tmeasday", role: "editor", id: "596e80daaba34620ffa518bd", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tmeasday", role: "editor", id: "59835949075def94489f4106", Operation: "", variables: "", Query: mutation { - removeTweet(id: "596e80daaba34620ffa518be") + removeTweet(id: "59835949075def94489f4107") } -2017-07-18 23:42:50 Authorize delete "removeTweet" with user "tmeasday" and role: "editor" with +2017-08-03 19:11:37 Authorize delete "removeTweet" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "authorId": "596e80daaba34620ffa518bd" + "authorId": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 removed tweet 596e80daaba34620ffa518be. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with +2017-08-03 19:11:37 removed tweet 59835949075def94489f4107. +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bd" + "_id": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tmeasday", role: "editor", id: "596e80daaba34620ffa518bd", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tmeasday", role: "editor", id: "59835949075def94489f4106", Operation: "", variables: "", Query: mutation { removeTweet(id: "583676d3618530145474e352") } -2017-07-18 23:42:50 Authorize delete "removeTweet" with user "tmeasday" and role: "editor" with +2017-08-03 19:11:37 Authorize delete "removeTweet" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "authorId": "596e80daaba34620ffa518bd" + "authorId": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with +2017-08-03 19:11:37 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bd" + "_id": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tmeasday", role: "editor", id: "596e80daaba34620ffa518bd", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tmeasday", role: "editor", id: "59835949075def94489f4106", Operation: "", variables: "", Query: { - tweet(id: "596e80daaba34620ffa518be") { + tweet(id: "59835949075def94489f4107") { body } } -2017-07-18 23:42:50 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with +2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bd" + "_id": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: -User: "tmeasday", role: "editor", id: "596e80daaba34620ffa518bd", +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: +User: "tmeasday", role: "editor", id: "59835949075def94489f4106", Operation: "", variables: "", Query: mutation { - removeUser(id: "596e80daaba34620ffa518bd") + removeUser(id: "59835949075def94489f4106") } -2017-07-18 23:42:50 Authorize delete "removeUser" with user "tmeasday" and role: "editor" with +2017-08-03 19:11:37 Authorize delete "removeUser" with user "tmeasday" and role: "editor" with authQuery: { "$or": [ { - "_id": "596e80daaba34620ffa518bd" + "_id": "59835949075def94489f4106" } ] } -2017-07-18 23:42:50 removed user 596e80daaba34620ffa518bd. -2017-07-18 23:42:50 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. -2017-07-18 23:42:50 Authorize readOne "tweet findOneById" with user "" and role "" is authorized -2017-07-18 23:42:50 -------------------------------------------------------------------------------- -2017-07-18 23:42:50 Request: +2017-08-03 19:11:37 removed user 59835949075def94489f4106. +2017-08-03 19:11:37 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. +2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "" and role "" is authorized +2017-08-03 19:11:37 -------------------------------------------------------------------------------- +2017-08-03 19:11:37 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: { - user(id: "596e80daaba34620ffa518bd") { + user(id: "59835949075def94489f4106") { username bio role @@ -2142,3 +2141,4 @@ Query: } 2017-08-18 18:15:59 Logger started +2017-08-18 18:17:15 Logger started From 4179971ba2b2f84b1fd14220c26f8156f5ebebbb Mon Sep 17 00:00:00 2001 From: tobkle Date: Mon, 8 May 2017 23:47:33 +0200 Subject: [PATCH 52/69] add-user and authorization prototype --- CHANGELOG.md | 5 + README.md | 149 ++++++++++++ bin/create-graphql-server.js | 87 +++++-- generate/authorization/index.js | 220 +++++++++++++++++ generate/index.js | 11 +- generate/model/index.js | 41 ++-- generate/model/templates/user.js.template | 55 +++++ generate/resolvers/index.js | 26 +- generate/resolvers/templates/base.js.template | 56 ++++- generate/schema/index.js | 118 ++++++--- package.json | 4 + skel/authorization/index.js | 194 +++++++++++++++ test/input-authorization/Post1.graphql | 5 + test/input-authorization/Post2.graphql | 14 ++ test/input-authorization/User1.graphql | 3 + test/input-authorization/User2.graphql | 13 + test/test-authorization.sh | 228 ++++++++++++++++++ yarn.lock | 152 ++++++++++++ 18 files changed, 1281 insertions(+), 100 deletions(-) create mode 100644 generate/authorization/index.js create mode 100644 generate/model/templates/user.js.template create mode 100644 skel/authorization/index.js create mode 100644 test/input-authorization/Post1.graphql create mode 100644 test/input-authorization/Post2.graphql create mode 100644 test/input-authorization/User1.graphql create mode 100644 test/input-authorization/User2.graphql create mode 100755 test/test-authorization.sh diff --git a/CHANGELOG.md b/CHANGELOG.md index 60c9b82..bc17703 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,4 +1,9 @@ +0.5.5 + +- Added an authorization generator +- Added a command add-user to generate user resolvers automatically + 0.5.4 - Added the possibility to run "add-type" several times, which overwrites existing types diff --git a/README.md b/README.md index a6002d8..b39ceca 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,152 @@ +*** WORK IN PROGRESS -- NOT YET FINISHED *** +development is not yet finalized, and not yet tested +This is to discuss the current approach to introduce a generator for authorizations also. + +# Command **add-user** +To add a new User type, use the following command: +```bash + create-graphql-server add-user path/to/user-input-type.graphql +``` + +This generates a new user with the input type file. A new command was necessary, as the user type has a different resolver to handle password and hash. + +If important fields with dependent logics are missing, they are added automatically by the generator, such as the fields: **email**, **password**, **role**. + +# Authorization for types +Use the new directive @authorize in the type definition to control the authorization settings: +```javascript + type User + @authorize( + create: ["owner"] + read: ["world"] + update: ["owner", "admin"] + delete: ["owner", "admin"] + ownerField: "id" + roleField: "role" + defaultUserRole: 'user', + firstUserRole: 'admin', + adminUserRole: 'admin', + ) + { + email: String! + name: String + role: String! + } +``` +or: +```javascript + type Post + @authorize( + create: ["owner"] + read: ["world"] + update: ["owner", "admin"] + delete: ["owner", "admin"] + ownerField: "ownerId" + roleField: "role" + ) + { + post: String! + comment: String + owner: User1 @belongsTo + } +``` + +Meaning of the directive's arguments: +* create = Authorization for a create mutation +* read = Authorization for a read query +* update = Authorization for a update mutation +* delete = Authorization for a delete mutation +* +Add the authorized users in the array with... +* "owner" = the user, who created the document +* "world" = everyone is authorized +* "admin" = the administrator, of the system +* role = add any role, in the role field + +The generator will create a new folder named authorization. In that folder, a new index.js file is copied into, which hosts the authorization logic. This authorization logic exposes only one central function **authorize()**, which will be called for each resolver's data handler. This authorize function should be only used in the resolver. It can send and receive whether an array or a document. It has the following signature: + +```javascript +const authorized_data = await authorize('TypeName', TypeName, 'mode', user, data); +``` +whereas: 'TypeName' is a string with the current type name of the resolver, the passed TypeName contains the context of the resolver (Model,...), 'mode' contains a string with any of the available modes of the data access: 'create', 'read', 'update', 'delete', to inform the authorization module, what kind of data operation it shall authorize, user is the context object of the authenticated user, and input is the data which should be checked. The authorize function returns checked and authorized data. If for example one document of the data array is not accessible by the authenticated user, then it is filtered out and not included in the returned array/object. + +Also, for each generated type, it creates an additional file in the authorization folder named by its type.js. In that file, all rules for a successfull authorization check is stored. You can adjust this file directly also afterwards as it keeps only data, with the following rules: + +```javascript +let defaultAuthorization = { + name: ObjectTypeDefinition.name.value || 'nameNotFound', + field: { + ownerField: 'ownerId', + roleField: 'role', + }, + rules: [ + { + mode: 'create', + roles: ['owner'], + removeFields: [], + }, + { + mode: 'read', + roles: ['owner'], + removeFields: [], + }, + { + mode: 'update', + roles: ['owner', 'admin'], + removeFields: [], + }, + { + mode: 'delete', + roles: ['owner', 'admin'], + removeFields: [], + }, + ] +}; +``` + +```javascript +let defaultUserAuthorization = { + name: ObjectTypeDefinition.name.value || 'nameNotFound', + isUser: true, + defaultUserRole: 'user', + firstUserRole: 'admin', + adminUserRole: 'admin', + field: { + ownerField: 'id', + roleField: 'role', + }, + rules: [ + { + mode: 'create', + roles: ['world'], + removeFields: ['role'], + }, + { + mode: 'read', + roles: ['world'], + removeFields: [], + }, + { + mode: 'update', + roles: ['owner'], + removeFields: ['role'], + }, + { + mode: 'update', + roles: ['admin'], + removeFields: [], + }, + { + mode: 'delete', + roles: ['owner', 'admin'], + removeFields: [], + }, + ] +}; +``` + +If you don't enter any @authorize directive in your input file. It will generate the above rules for you automatically. + # Create GraphQL Server This is a simple scaffolding tool for GraphQL apps, built on MongoDB. diff --git a/bin/create-graphql-server.js b/bin/create-graphql-server.js index b34fc6d..1ce8a8d 100755 --- a/bin/create-graphql-server.js +++ b/bin/create-graphql-server.js @@ -39,6 +39,7 @@ function usage() { console.log(' - create-graphql-server init project-dir'); console.log(' - create-graphql-server add-type path/to/type.graphql'); console.log(' - create-graphql-server add-type path'); + console.log(' - create-graphql-server add-user path/to/UserType.graphql'); console.log(' - create-graphql-server remove-type path/to/type.graphql'); console.log(' - create-graphql-server remove-type path'); console.log(' - create-graphql-server remove-type typename'); @@ -70,18 +71,21 @@ function usage() { process.exit(1); } -function adjustTypeName(typeName){ +function adjustTypeName(typeName) { return typeName.charAt(0).toUpperCase() + typeName.slice(1).toLowerCase(); } function getFileUpdateList(inputSchemaFile, mode) { let inputSchemaStr = ''; // in add mode or if a graphql path/file name was provided, the input file must be there, - if (mode === 'add' || inputSchemaFile.includes('.graphql') || inputSchemaFile.includes('/')) { - if (! fs.existsSync(inputSchemaFile)) { - console.error( - chalk.bold.red('Error: Cannot read file', inputSchemaFile) - ); + if ( + mode === 'add-type' || + mode === 'add-user' || + inputSchemaFile.includes('.graphql') || + inputSchemaFile.includes('/') + ) { + if (!fs.existsSync(inputSchemaFile)) { + console.error(chalk.bold.red('Error: Cannot read file', inputSchemaFile)); console.log(''); process.exit(1); } @@ -100,7 +104,8 @@ function getFileUpdateList(inputSchemaFile, mode) { outputSchemaStr, resolversStr, modelStr, - } = generate(inputSchemaStr); + authorizationStr, + } = generate(inputSchemaStr, mode); // do validation checks // shouldn't be necessary, but... @@ -115,7 +120,8 @@ function getFileUpdateList(inputSchemaFile, mode) { !modelStr || outputSchemaStr === '' || resolversStr === '' || - modelStr === '' + modelStr === '' || + authorizationStr === '' ) { console.error('Error: Error while generating target Code.'); process.exit(0); @@ -153,6 +159,13 @@ function getFileUpdateList(inputSchemaFile, mode) { indexPattern: `\nimport ${TypeName} from './${TypeName}';\n` + `models.${TypeName} = ${TypeName};\n`, }, + { + typePath: path.join('authorization', `${TypeName}.js`), + typeString: authorizationStr, + indexPath: path.join('authorization', 'index.js'), + indexPattern: `\nimport ${TypeName} from './${TypeName}';\n` + + `authorizations.${TypeName} = ${TypeName};\n`, + }, ]; } @@ -390,16 +403,19 @@ function addPatternToFiles(fileUpdateList) { function getFilesRecursively(folder, filetype) { // getting all files of a path and of a specific filetype recursively - let list = [], stats, - files = fs.readdirSync(folder); + let list = []; + let stats; + const files = fs.readdirSync(folder); - files.forEach(file => { + files.forEach((file) => { stats = fs.lstatSync(path.join(folder, file)); - if(stats.isDirectory()) { - list = list.concat(getFilesRecursively(path.join(folder, file), filetype)); + if (stats.isDirectory()) { + list = list.concat( + getFilesRecursively(path.join(folder, file), filetype) + ); } else if (file.includes(filetype)) { - console.log('found:', path.join(folder, file)); - list.push(path.join(folder, file)); + console.log('found:', path.join(folder, file)); + list.push(path.join(folder, file)); } }); @@ -408,10 +424,10 @@ function getFilesRecursively(folder, filetype) { // MAIN FUNCTIONS -function addType(inputSchemaFile, options) { +function addType(inputSchemaFile, options, mode) { // generates a new data type with all its files and references console.log(chalk.bold.blue('Running add-type')); - const fileUpdateList = getFileUpdateList(inputSchemaFile, 'add'); + const fileUpdateList = getFileUpdateList(inputSchemaFile, mode); checkForFileChanges(fileUpdateList, options['force-update']); createTypeFiles(fileUpdateList); addPatternToFiles(fileUpdateList); @@ -455,15 +471,18 @@ if (commands[0] === 'init') { if (!inputSchemaFile) { usage(); } - if (fs.existsSync(inputSchemaFile) && fs.lstatSync(inputSchemaFile).isDirectory()) { - //directory name entered + if ( + fs.existsSync(inputSchemaFile) && + fs.lstatSync(inputSchemaFile).isDirectory() + ) { + // directory name entered const files = getFilesRecursively(inputSchemaFile, '.graphql'); - files.forEach(file => { - addType(file, argv); + files.forEach((file) => { + addType(file, argv, commands[0]); }); } else { // single file entered - addType(inputSchemaFile, argv); + addType(inputSchemaFile, argv, commands[0]); } process.exit(0); } else if (commands[0] === 'remove-type') { @@ -471,10 +490,13 @@ if (commands[0] === 'init') { if (!inputSchemaFile) { usage(); } - if (fs.existsSync(inputSchemaFile) && fs.lstatSync(inputSchemaFile).isDirectory()) { + if ( + fs.existsSync(inputSchemaFile) && + fs.lstatSync(inputSchemaFile).isDirectory() + ) { // directory name entered const files = getFilesRecursively(inputSchemaFile, '.graphql'); - files.forEach(file => { + files.forEach((file) => { removeType(file, argv); }); } else { @@ -482,6 +504,23 @@ if (commands[0] === 'init') { removeType(inputSchemaFile, argv); } process.exit(0); +} else if (commands[0] === 'add-user') { + const inputSchemaFile = commands[1]; + if (!inputSchemaFile) { + usage(); + } + if ( + fs.existsSync(inputSchemaFile) && + fs.lstatSync(inputSchemaFile).isDirectory() + ) { + // directory name entered + console.error('Please enter a User Type instead of a directory.'); + process.exit(0); + } else { + // single file entered + addType(inputSchemaFile, argv, commands[0]); + } + process.exit(0); } else { usage(); } diff --git a/generate/authorization/index.js b/generate/authorization/index.js new file mode 100644 index 0000000..93c133d --- /dev/null +++ b/generate/authorization/index.js @@ -0,0 +1,220 @@ +import assert from 'assert'; + +export default function generateAuthorization(inputSchema, mode) { + // Check that the input looks like we expect -- a single ObjectType definition + assert(inputSchema.kind === 'Document'); + assert(inputSchema.definitions.length === 1); + + let ObjectTypeDefinition = inputSchema.definitions.filter((node) => { + return node.kind === 'ObjectTypeDefinition'; + }); + if (ObjectTypeDefinition.length > 1) { + throw new Error( + 'generateAuthorization: only one type definition per file allowed' + ); } + if (ObjectTypeDefinition.length < 1) { + throw new Error('generateAuthorization: no type definition found in file'); + } + ObjectTypeDefinition = ObjectTypeDefinition[0]; + + let defaultAuthorization = { + name: ObjectTypeDefinition.name.value || 'nameNotFound', + field: { + ownerField: 'ownerId', + roleField: 'role', + }, + rules: [ + { + mode: 'create', + roles: ['owner'], + removeFields: [], + }, + { + mode: 'read', + roles: ['owner'], + removeFields: [], + }, + { + mode: 'update', + roles: ['owner', 'admin'], + removeFields: [], + }, + { + mode: 'delete', + roles: ['owner', 'admin'], + removeFields: [], + }, + ], + }; + + const defaultUserAuthorization = { + name: ObjectTypeDefinition.name.value || 'nameNotFound', + isUser: true, + defaultUserRole: 'user', + firstUserRole: 'admin', + adminUserRole: 'admin', + field: { + ownerField: 'id', + roleField: 'role', + }, + rules: [ + { + mode: 'create', + roles: ['world'], + removeFields: ['role'], + }, + { + mode: 'read', + roles: ['world'], + removeFields: [], + }, + { + mode: 'update', + roles: ['owner'], + removeFields: ['role'], + }, + { + mode: 'update', + roles: ['admin'], + removeFields: [], + }, + { + mode: 'delete', + roles: ['owner', 'admin'], + removeFields: [], + }, + ], + }; + + let authorization = {}; + + if (mode === 'add-user') { + defaultAuthorization = defaultUserAuthorization; + } + authorization = Object.assign({}, defaultAuthorization); + authorization.rules = []; + + // Reading Directives out of type file if available + if (ObjectTypeDefinition.directives) { + ObjectTypeDefinition.directives.forEach((directive) => { + if ( + directive.kind && + directive.kind === 'Directive' && + directive.name && + directive.name.kind && + directive.name.kind === 'Name' && + directive.name.value && + directive.name.value === 'authorize' && + directive.arguments && + directive.arguments.length > 0 + ) { + // Directive "@authorized" found in type definition with arguments + directive.arguments.forEach((argument) => { + // handle the different arguments now + + // RULES create/read/update/delete + if ( + argument.kind && + argument.kind === 'Argument' && + argument.name && + argument.name.kind && + argument.name.kind === 'Name' && + argument.name.value && + (argument.name.value === 'create' || + argument.name.value === 'read' || + argument.name.value === 'update' || + argument.name.value === 'delete') && + argument.value + ) { + if (argument.value.kind && argument.value.kind === 'ListValue') { + // it is a List + const roles = []; + argument.value.values.forEach((value) => { + if ( + value.kind && + value.kind === 'StringValue' && + value.value !== '' + ) { + roles.push(value.value); + } + }); // each value + authorization.rules.push({ + mode: argument.name.value, + roles, + removeFields: [], + }); + } // ListValue + + if ( + argument.value.kind && + argument.value.kind === 'StringValue' && + argument.value.value !== '' + ) { + // it is a List + authorization.rules.push({ + mode: argument.name.value, + roles: [argument.value.value], + removeFields: [], + }); + } // StringValue + } // create/read/update/delete + + // FIELD ownerField, roleField + if ( + argument.kind && + argument.kind === 'Argument' && + argument.name && + argument.name.kind && + argument.name.kind === 'Name' && + argument.name.value && + (argument.name.value === 'ownerField' || + argument.name.value === 'roleField') && + argument.value + ) { + if ( + argument.value.kind && + argument.value.kind === 'StringValue' && + argument.value.value !== '' + ) { + // it is a List + authorization.field[argument.name.value] = argument.value.value; + } // StringValue + } // ownerField / roleField + + // FIELDS: + // defaultUserRole: 'user', + // firstUserRole: 'admin', + // adminUserRole: 'admin', + if ( + argument.kind && + argument.kind === 'Argument' && + argument.name && + argument.name.kind && + argument.name.kind === 'Name' && + argument.name.value && + (argument.name.value === 'defaultUserRole' || + argument.name.value === 'firstUserRole' || + argument.name.value === 'adminUserRole') && + argument.value + ) { + if ( + argument.value.kind && + argument.value.kind === 'StringValue' && + argument.value.value !== '' + ) { + // it is a List + authorization[argument.name.value] = argument.value.value; + } // StringValue + } // defaultUserRole, firstUserRole, adminUserRole + }); // forEach(argument) + } // directive authorize + }); // forEach directive + } // directive there + + // Check if Directives were available: + if (authorization.rules.length === 0) { + authorization.rules = defaultAuthorization.rules; + } + + return `export default ${JSON.stringify(authorization, null, 2)};`; +} diff --git a/generate/index.js b/generate/index.js index 0574627..7ac8242 100644 --- a/generate/index.js +++ b/generate/index.js @@ -6,18 +6,20 @@ import { parse, print } from 'graphql'; import generateSchema from './schema'; import generateResolvers from './resolvers'; import generateModel from './model'; +import generateAuthorization from './authorization'; import { lcFirst } from './util/capitalization'; -export default function generate(inputSchemaStr) { +export default function generate(inputSchemaStr, mode) { const inputSchema = parse(inputSchemaStr); const type = inputSchema.definitions[0]; const TypeName = type.name.value; - const outputSchema = generateSchema(inputSchema); + const outputSchema = generateSchema(inputSchema, mode); const outputSchemaStr = print(outputSchema); - const resolversStr = generateResolvers(inputSchema); - const modelStr = generateModel(inputSchema); + const resolversStr = generateResolvers(inputSchema, mode); + const modelStr = generateModel(inputSchema, mode); + const authorizationStr = generateAuthorization(inputSchema, mode); return { typeName: lcFirst(TypeName), @@ -25,5 +27,6 @@ export default function generate(inputSchemaStr) { outputSchemaStr, resolversStr, modelStr, + authorizationStr, }; } diff --git a/generate/model/index.js b/generate/model/index.js index cfbb1cb..3734773 100644 --- a/generate/model/index.js +++ b/generate/model/index.js @@ -11,17 +11,15 @@ function read(name) { const templates = { base: read('base'), + user: read('user'), singularAssociation: read('singularAssociation'), paginatedAssociation: read('paginatedAssociation'), }; -function buildAst(template, { - typeName, - fieldName, - argsStr, - ReturnTypeName, - query, -}) { +function buildAst( + template, + { typeName, fieldName, argsStr, ReturnTypeName, query } +) { const argsWithDefaultsStr = argsStr .replace('lastCreatedAt', 'lastCreatedAt = 0') .replace('limit', 'limit = 10'); @@ -34,9 +32,11 @@ function buildAst(template, { }); } - const generators = { - base({ typeName, TypeName }) { + base({ typeName, TypeName }, mode) { + if (mode === 'add-user') { + return templateToAst(templates.user, { typeName, TypeName }); + } return templateToAst(templates.base, { typeName, TypeName }); }, belongsTo(replacements) { @@ -73,26 +73,29 @@ const generators = { }, }; -export function generateModelAst(inputSchema) { +export function generateModelAst(inputSchema, mode) { const type = inputSchema.definitions[0]; const TypeName = type.name.value; const typeName = lcFirst(TypeName); - const ast = generators.base({ TypeName, typeName }); + const ast = generators.base({ TypeName, typeName }, mode); + + let startWith = 2; + if (mode === 'add-user') { + startWith = 4; + } // XXX: rather than hardcoding in array indices it would be less brittle to // walk the tree using https://github.com/benjamn/ast-types - const classMethodsAst = ast.program.body[2] // export - .declaration // class declaration - .body.body; + const classMethodsAst = + ast.program.body[startWith].declaration.body.body; // export // class declaration const findOneMethod = classMethodsAst.find(m => m.key.name === 'all'); let nextIndex = classMethodsAst.indexOf(findOneMethod) + 1; - generatePerField(type, generators).forEach((resolverFunctionAst) => { - const classMethodAst = resolverFunctionAst.program.body[0] // class declaration - .body.body[0]; // classMethod + const classMethodAst = + resolverFunctionAst.program.body[0].body.body[0]; // class declaration // classMethod classMethodsAst.splice(nextIndex, 0, classMethodAst); nextIndex += 1; @@ -101,7 +104,7 @@ export function generateModelAst(inputSchema) { return ast; } -export default function generateModel(inputSchema) { - const ast = generateModelAst(inputSchema); +export default function generateModel(inputSchema, mode) { + const ast = generateModelAst(inputSchema, mode); return print(ast, { trailingComma: true }).code; } diff --git a/generate/model/templates/user.js.template b/generate/model/templates/user.js.template new file mode 100644 index 0000000..346d675 --- /dev/null +++ b/generate/model/templates/user.js.template @@ -0,0 +1,55 @@ +import DataLoader from 'dataloader'; +import findByIds from 'mongo-find-by-ids'; +import bcrypt from 'bcrypt'; +const SALT_ROUNDS = 10; + +export default class TypeName { + constructor(context) { + this.context = context; + this.collection = context.db.collection('typeName'); + this.pubsub = context.pubsub; + this.loader = new DataLoader(ids => findByIds(this.collection, ids)); + } + + findOneById(id) { + return this.loader.load(id); + } + + all({ lastCreatedAt = 0, limit = 10 }) { + return this.collection.find({ + createdAt: { $gt: lastCreatedAt }, + }).sort({ createdAt: 1 }).limit(limit).toArray(); + } + + async insert(doc) { + const { password } = doc; + delete doc.password; + const hash = await bcrypt.hash(password, SALT_ROUNDS); + const docToInsert = Object.assign({}, doc, { + hash, + createdAt: Date.now(), + updatedAt: Date.now(), + }); + const id = (await this.collection.insertOne(docToInsert)).insertedId; + this.pubsub.publish('typeNameInserted', await this.findOneById(id)); + return id; + } + + async updateById(id, doc) { + const ret = await this.collection.update({ _id: id }, { + $set: Object.assign({}, doc, { + updatedAt: Date.now(), + }), + }); + this.loader.clear(id); + this.pubsub.publish('typeNameUpdated', await this.findOneById(id)); + return ret; + } + + async removeById(id) { + const ret = this.collection.remove({ _id: id }); + this.loader.clear(id); + this.pubsub.publish('typeNameRemoved', id); + return ret; + } +} diff --git a/generate/resolvers/index.js b/generate/resolvers/index.js index b983b3c..5fecd3c 100644 --- a/generate/resolvers/index.js +++ b/generate/resolvers/index.js @@ -11,6 +11,7 @@ function read(name) { const templates = { base: read('base'), + user: read('base'), fieldOfType: read('fieldOfType'), paginatedField: read('paginatedField'), }; @@ -22,7 +23,10 @@ function generateResolver(template) { } const generators = { - base({ typeName, TypeName }) { + base({ typeName, TypeName }, mode) { + if (mode === 'add-user') { + return templateToAst(templates.user, { typeName, TypeName }); + } return templateToAst(templates.base, { typeName, TypeName }); }, belongsTo: generateResolver(templates.fieldOfType), @@ -32,23 +36,23 @@ const generators = { hasAndBelongsToMany: generateResolver(templates.paginatedField), }; -export function generateResolversAst(inputSchema) { +export function generateResolversAst(inputSchema, mode) { const type = inputSchema.definitions[0]; const TypeName = type.name.value; const typeName = lcFirst(TypeName); - const ast = generators.base({ TypeName, typeName }); + const ast = generators.base({ TypeName, typeName }, mode); // XXX: rather than hardcoding in array indices it would be less brittle to // walk the tree using https://github.com/benjamn/ast-types - const typeResolversAst = ast.program.body[0] // const - .declarations[0].init // object expression - .properties[0].value; // object value + const typeResolversAst = + ast.program.body[1].declarations[0].init.properties[0].value; + // const // object expression // object value generatePerField(type, generators).forEach((resolverFunctionAst) => { - const resolverProperty = resolverFunctionAst.program.body[0] // variable declaration - .declarations[0].init // object expression - .properties[0]; + const resolverProperty = + resolverFunctionAst.program.body[0].declarations[0].init.properties[0]; + // variable declaration // object expression typeResolversAst.properties.push(resolverProperty); }); @@ -56,7 +60,7 @@ export function generateResolversAst(inputSchema) { return ast; } -export default function generateResolvers(inputSchema) { - const ast = generateResolversAst(inputSchema); +export default function generateResolvers(inputSchema, mode) { + const ast = generateResolversAst(inputSchema, mode); return print(ast, { trailingComma: true }).code; } diff --git a/generate/resolvers/templates/base.js.template b/generate/resolvers/templates/base.js.template index 158c416..61f36b4 100644 --- a/generate/resolvers/templates/base.js.template +++ b/generate/resolvers/templates/base.js.template @@ -1,3 +1,4 @@ +import authorize from '../authorization'; const resolvers = { TypeName: { id(typeName) { @@ -5,27 +6,58 @@ const resolvers = { }, }, Query: { - typeNames(root, { lastCreatedAt, limit }, { TypeName }) { - return TypeName.all({ lastCreatedAt, limit }); + typeNames(root, { lastCreatedAt, limit }, { TypeName, user }) { + return TypeName.all({ lastCreatedAt, limit }) + .then(data => { + if (data.length > 0){ + async () => { + return await authorize('TypeName', TypeName, 'read', user, data); + } + } + return data; + }); }, - typeName(root, { id }, { TypeName }) { - return TypeName.findOneById(id); + typeName(root, { id }, { TypeName, user }) { + return TypeName.findOneById(id) + .then(data => { + if (data.length > 0){ + async () => { + return await authorize('TypeName', TypeName, 'read', user, data); + } + } + return data; + }); }, }, Mutation: { - async createTypeName(root, { input }, { TypeName }) { - const id = await TypeName.insert(input); - return TypeName.findOneById(id); + async createTypeName(root, { input }, { TypeName, user }) { + const authorized = await authorize('TypeName', TypeName, 'create', user, input); + if (authorized){ + const id = await TypeName.insert(authorized); + return TypeName.findOneById(id); + } + throw new Error('Not authorized to create TypeName'); }, - async updateTypeName(root, { id, input }, { TypeName }) { - await TypeName.updateById(id, input); - return TypeName.findOneById(id); + async updateTypeName(root, { id, input }, { TypeName, user }) { + const data = await TypeName.findOneById(id); + const authorized = await authorize('TypeName', TypeName, 'update', user, data); + if (authorized){ + console.log('authorized in resolver', JSON.stringify(authorized, null, 2)); + await TypeName.updateById(id, input); + return TypeName.findOneById(id); + } + throw new Error('Not authorized to update TypeName'); }, - removeTypeName(root, { id }, { TypeName }) { - return TypeName.removeById(id); + async removeTypeName(root, { id }, { TypeName, user }) { + const data = await TypeName.findOneById(id); + const authorized = await authorize('TypeName', TypeName, 'delete', user, data); + if (authorized){ + return TypeName.removeById(authorized.id); + } + throw new Error('Not authorized to delete TypeName'); }, }, Subscription: { diff --git a/generate/schema/index.js b/generate/schema/index.js index 2ef641d..1a8be11 100644 --- a/generate/schema/index.js +++ b/generate/schema/index.js @@ -15,11 +15,15 @@ import { /* eslint-disable no-param-reassign */ -export default function generateSchema(inputSchema) { +export default function generateSchema(inputSchema, mode) { // Check that the input looks like we expect -- a single ObjectType definition assert(inputSchema.kind === 'Document'); assert(inputSchema.definitions.length === 1); + let emailFieldIncluded = false; + let passwordFieldIncluded = false; + let roleFieldIncluded = false; + const outputSchema = cloneDeep(inputSchema); const type = outputSchema.definitions[0]; @@ -34,6 +38,10 @@ export default function generateSchema(inputSchema) { applyCustomDirectives(field); }); + if (field.name === 'email') emailFieldIncluded = true; + if (field.name === 'password') passwordFieldIncluded = true; + if (field.name === 'role') roleFieldIncluded = true; + // XXX: Not sure if this the correct logic but it makes my tests pass // TODO: check for @unmodifiable let possibleInputType = field.type; @@ -44,12 +52,19 @@ export default function generateSchema(inputSchema) { } if (possibleInputType.kind === 'NamedType') { - const isScalarField = includes(SCALAR_TYPE_NAMES, possibleInputType.name.value); + const isScalarField = includes( + SCALAR_TYPE_NAMES, + possibleInputType.name.value + ); let inputField; if (isScalarField || !!directivesByName.enum) { inputField = field; } else { - inputField = buildField(`${field.name.value}Id`, [], `ObjID${inputTypeModifier}`); + inputField = buildField( + `${field.name.value}Id`, + [], + `ObjID${inputTypeModifier}` + ); } createInputFields.push(inputField); @@ -61,51 +76,94 @@ export default function generateSchema(inputSchema) { field.directives = []; }); + if (mode === 'add-user') { + if (!emailFieldIncluded) { + createInputFields.push(buildField('email', [], 'String!')); + updateInputFields.push(buildField('email', [], 'String')); + type.fields.push(buildField('email', [], 'String!')); + } + if (!passwordFieldIncluded) { + createInputFields.push(buildField('password', [], 'String!')); + updateInputFields.push(buildField('password', [], 'String')); + // no type field, as it won't be stored, is only for input/update + } + if (!roleFieldIncluded) { + createInputFields.push(buildField('role', [], 'String!')); + updateInputFields.push(buildField('role', [], 'String')); + type.fields.push(buildField('role', [], 'String!')); + } + } + type.fields.unshift(buildField('id', [], 'ObjID!')); type.fields.push(buildField('createdAt', [], 'Float!')); type.fields.push(buildField('updatedAt', [], 'Float!')); - const queryOneField = buildField(typeName.toLowerCase(), [idArgument()], typeName); - const queryAllField = buildField(`${typeName.toLowerCase()}s`, [], `[${typeName}!]`); + const queryOneField = buildField( + typeName.toLowerCase(), + [idArgument()], + typeName + ); + const queryAllField = buildField( + `${typeName.toLowerCase()}s`, + [], + `[${typeName}!]` + ); addPaginationArguments(queryAllField); outputSchema.definitions.push( - buildTypeExtension(buildTypeDefinition('Query', [queryAllField, queryOneField])) + buildTypeExtension( + buildTypeDefinition('Query', [queryAllField, queryOneField]) + ) ); const createInputTypeName = `Create${typeName}Input`; outputSchema.definitions.push( - buildTypeDefinition(createInputTypeName, createInputFields, 'InputObjectTypeDefinition') + buildTypeDefinition( + createInputTypeName, + createInputFields, + 'InputObjectTypeDefinition' + ) ); const updateInputTypeName = `Update${typeName}Input`; outputSchema.definitions.push( - buildTypeDefinition(updateInputTypeName, updateInputFields, 'InputObjectTypeDefinition') + buildTypeDefinition( + updateInputTypeName, + updateInputFields, + 'InputObjectTypeDefinition' + ) ); // Create update input type if readonly fields - outputSchema.definitions.push(buildTypeExtension( - buildTypeDefinition('Mutation', [ - buildField(`create${typeName}`, [ - buildArgument('input', `${createInputTypeName}!`), - ], typeName), - - buildField(`update${typeName}`, [ - idArgument(), - buildArgument('input', `${updateInputTypeName}!`), - ], typeName), - - buildField(`remove${typeName}`, [idArgument()], 'Boolean'), - ]) - )); - - outputSchema.definitions.push(buildTypeExtension( - buildTypeDefinition('Subscription', [ - buildField(`${typeName.toLowerCase()}Created`, [], typeName), - buildField(`${typeName.toLowerCase()}Updated`, [], typeName), - buildField(`${typeName.toLowerCase()}Removed`, [], 'ObjID'), - ]) - )); + outputSchema.definitions.push( + buildTypeExtension( + buildTypeDefinition('Mutation', [ + buildField( + `create${typeName}`, + [buildArgument('input', `${createInputTypeName}!`)], + typeName + ), + + buildField( + `update${typeName}`, + [idArgument(), buildArgument('input', `${updateInputTypeName}!`)], + typeName + ), + + buildField(`remove${typeName}`, [idArgument()], 'Boolean'), + ]) + ) + ); + + outputSchema.definitions.push( + buildTypeExtension( + buildTypeDefinition('Subscription', [ + buildField(`${typeName.toLowerCase()}Created`, [], typeName), + buildField(`${typeName.toLowerCase()}Updated`, [], typeName), + buildField(`${typeName.toLowerCase()}Removed`, [], 'ObjID'), + ]) + ) + ); return outputSchema; } diff --git a/package.json b/package.json index 1dc3327..aebe96b 100644 --- a/package.json +++ b/package.json @@ -18,6 +18,8 @@ "output-app-generation-test": "./test/output-app-generation-test.sh", "pretest-add-update-remove": "npm run build", "test-add-update-remove": "./test/test-add-update-remove.sh", + "pretest-authorization": "npm run build", + "test-authorization": "./test/test-authorization.sh", "clean": "rm -rf dist/*", "build": "npm run clean && babel bin --out-dir dist/bin && babel generate -D --out-dir dist/generate && cp -r skel dist", "prepublish": "npm run build" @@ -44,7 +46,9 @@ "node-fetch": "^1.6.3" }, "dependencies": { + "ast-types": "^0.9.11", "babylon": "^6.14.1", + "bcrypt": "^1.0.2", "chalk": "^1.1.3", "cpr": "^2.0.0", "denodeify": "^1.2.1", diff --git a/skel/authorization/index.js b/skel/authorization/index.js new file mode 100644 index 0000000..041d9f0 --- /dev/null +++ b/skel/authorization/index.js @@ -0,0 +1,194 @@ +const authorizations = {}; + +function isArray(anything) { + // for easier reading + if (Object.prototype.toString.call(anything) === '[object Array]') { + return true; + } + return false; +} + +function isObject(anything) { + // for easier reading + if (typeof anything === 'object') { + return true; + } + return false; +} + +function removeFields(doc, rmFields) { + // remove the fields from the document, which aren't allowed to query or mutate + const newDoc = Object.assign({}, doc); + if (rmFields && isArray(rmFields)) { + rmFields.forEach((field) => { + if (field && field !== '' && newDoc[field]) { + delete newDoc[field]; + } + }); + } + return newDoc; +} + +function getConfig(type) { + return authorizations[type] + ? authorizations[type] + : { + name: '', + field: { + ownerField: 'ownerId', + roleField: 'role', + }, + rules: [ + { + mode: 'create', + roles: ['owner'], + removeFields: [], + }, + { + mode: 'read', + roles: ['owner'], + removeFields: [], + }, + { + mode: 'update', + roles: ['owner', 'admin'], + removeFields: [], + }, + { + mode: 'delete', + roles: ['owner', 'admin'], + removeFields: [], + }, + ], + }; +} + +async function makeFirstUserAdmin(type, Type, mode, user, doc) { + const config = getConfig(type); + let newDoc = Object.assign({}, doc); + if (config.isUser && mode === 'create') { + let role = 'user'; + delete newDoc.role; + const countUser = await Type.collection.find().count(); + if (countUser === 0) { + role = config.firstUserRole || 'admin'; + } else { + role = config.defaultUserRole || 'user'; + } + const newRole = { [config.field.roleField]: role }; + newDoc = Object.assign({}, newDoc, newRole); + } + return newDoc; +} + +function isUserDocumentOwner(user, doc, fieldContainingOwner) { + // checks if the authenticated user is the owner of the document + if ( + user && + doc && + doc[fieldContainingOwner] && + user.id === doc[fieldContainingOwner] + ) { + return true; + } + return false; +} + +function hasUserRole(user, role, fieldContainingRole) { + // checks if the authenticated user has the necessary role to be authorized + if ( + user && + role && + user[fieldContainingRole] && + user[fieldContainingRole] === role + ) { + return true; + } + return false; +} + +async function check_rules(type, Type, mode, user, doc) { + // check all provided rules from the type, only if one leads to an authorization + // the document will be returned + const config = getConfig(type); + let authorized = false; + let newDoc = Object.assign({}, doc); + // check all rules, now... + config.rules.forEach((rule) => { + if (rule.mode === mode) { + // check only the rules for the current mode: e.g. create, read, update, delete + + rule.roles.forEach((role) => { + // check all roles, if one fires + + if (role === 'world') { + // everyone is authorized + // console.log('authorize rule:', mode, role, 'authorized'); + authorized = true; + // if some fields aren't allowed for the world, removing them here + newDoc = Object.assign({}, removeFields(doc, rule.removeFields)); + } + + if (role === 'owner') { + // only the owner of the document should be allowed + // we need to know, which field contains the owner id, see type input file for generator + if (isUserDocumentOwner(user, doc, config.field.ownerField)) { + // owner is authorized, + // console.log('authorize rule:', mode, role, 'authorized'); + authorized = true; + // if some fields aren't allowed for the owner, removing them here + newDoc = Object.assign({}, removeFields(doc, rule.removeFields)); + } + } + + if (hasUserRole(user, role, config.field.roleField)) { + // specific role is authorized: e.g. admin, user, etc. + // console.log('authorize rule:', mode, role, 'authorized'); + authorized = true; + // if some fields aren't allowed for this role, removing them here + newDoc = Object.assign({}, removeFields(doc, rule.removeFields)); + } + }); + } + }); + + if (authorized) { + if (config.isUser && mode === 'create') { + newDoc = Object.assign( + {}, + await makeFirstUserAdmin(type, Type, mode, user, newDoc) + ); + } + // at least one rule fired, so the authenticated user is allowed to work with the document + return newDoc; + } + + // user or role was NOT authorized, return null + return null; +} + +export default async function authorize(type, Type, mode, user, data) { + // main authorize function, which is called by all resolvers + if (isArray(data)) { + // if data is an array, check each document individually + const result = []; + data.forEach((doc) => { + return async () => { + const newDoc = await check_rules(type, Type, mode, user, doc); + if (newDoc) result.push(newDoc); + }; + }); + return result; + } else if (isObject(data)) { + // if data is an object, check it directly + const doc = data; + const newDoc = await check_rules(type, Type, mode, user, doc); + return newDoc; + } + // otherwise return nothing + /* console.error( + 'Error in authorize: authorization rules for type not available.' + ); + */ + return null; +} diff --git a/test/input-authorization/Post1.graphql b/test/input-authorization/Post1.graphql new file mode 100644 index 0000000..4af28a6 --- /dev/null +++ b/test/input-authorization/Post1.graphql @@ -0,0 +1,5 @@ +type Post1 +{ + post: String! + owner: User1 @belongsTo +} \ No newline at end of file diff --git a/test/input-authorization/Post2.graphql b/test/input-authorization/Post2.graphql new file mode 100644 index 0000000..7872935 --- /dev/null +++ b/test/input-authorization/Post2.graphql @@ -0,0 +1,14 @@ +type Post2 +@authorize( + create: ["owner"] + read: ["world"] + update: ["owner", "admin"] + delete: ["owner", "admin"] + ownerField: "ownerId" + roleField: "role" +) +{ + post: String! + comment: String + owner: User1 @belongsTo +} \ No newline at end of file diff --git a/test/input-authorization/User1.graphql b/test/input-authorization/User1.graphql new file mode 100644 index 0000000..2c40ea6 --- /dev/null +++ b/test/input-authorization/User1.graphql @@ -0,0 +1,3 @@ +type User1 { + name: String +} \ No newline at end of file diff --git a/test/input-authorization/User2.graphql b/test/input-authorization/User2.graphql new file mode 100644 index 0000000..faccbd3 --- /dev/null +++ b/test/input-authorization/User2.graphql @@ -0,0 +1,13 @@ +type User2 +@authorize( + create: ["owner"] + read: ["world"] + update: ["owner", "admin"] + delete: ["owner", "admin"] + ownerField: "ownerId" + roleField: "role" +) +{ + name: String + bio: String +} \ No newline at end of file diff --git a/test/test-authorization.sh b/test/test-authorization.sh new file mode 100755 index 0000000..5893f07 --- /dev/null +++ b/test/test-authorization.sh @@ -0,0 +1,228 @@ +#!/bin/bash +pushd "$(dirname $0)/.." > /dev/null +PACKAGE_DIR=`pwd` +popd > /dev/null + +CGS="$PACKAGE_DIR/dist/bin/create-graphql-server.js" +INPUT_DIR="$PACKAGE_DIR/test/input-authorization" +chmod +x $CGS + +set -e + +MD5HASH="" +TMPDIR1=`mktemp -d 2>/dev/null || mktemp -d -t 'cgs-test-authorization'` + +chmod -R 777 $TMPDIR1 + +function finish { + rm -rf $TMPDIR1 + echo + echo + echo "Test failed" +} +trap finish EXIT + +function exists { + if [ -f $1 ] ; then + return 0 + else + echo "Error: File is missing: " $1 + return 1 + fi +} + +function ifDirExistsRemove { + if [ -d $1 ] ; then + rm -rf $1 + fi +} + +function hasRef { + if [ -f $1 ] ; then + if [ `grep -o $2 $1 | wc -l` -eq $3 ] ; then + return 0 + else + echo "Error: File" $1 "contains" `grep -o $2 $1 | wc -l` "times the string '"$2"'. Expected are" $3 "times." + return 1 + fi + else + echo "Error: File is missing: " $1 + return 1 + fi +} + +function getMD5 { + # Detect Operating system + OS=$(uname) + MD5HASH="" + case "$OS" in + "Darwin") + { + MD5HASH=$(md5 -q $1) + } ;; + "Linux") + { + MD5HASH=($(md5sum $1)) + } ;; + *) + { + echo "Test failed. Unsopported OS" + exit + } ;; + esac + echo "$MD5HASH" +} + +function openDevEnv { + OS=$(uname) + MD5HASH="" + case "$OS" in + "Darwin") + { + PWD=$(pwd) + open $PWD + # open -a iTerm $PWD + subl . & + yarn install && yarn start + } ;; + esac +} + +# Prepare directory +echo 'cd $TMPDIR1' +cd $TMPDIR1 +ifDirExistsRemove output-app-start + +echo 'JWT_KEY=test-key $CGS init output-app-start' +JWT_KEY='test-key' $CGS init output-app-start + +echo 'cd output-app-start' +cd output-app-start + +echo '$CGS add-user "$INPUT_DIR/User1.graphql"' +$CGS add-user "$INPUT_DIR/User1.graphql" + +echo '$CGS add-user "$INPUT_DIR/User2.graphql"' +$CGS add-user "$INPUT_DIR/User2.graphql" + +echo '$CGS add-type "$INPUT_DIR/Post1.graphql"' +$CGS add-type "$INPUT_DIR/Post1.graphql" + +echo '$CGS add-type "$INPUT_DIR/Post2.graphql"' +$CGS add-type "$INPUT_DIR/Post2.graphql" + +# TEST1: Testing of 4 add-types +# it (should be pattern User1, User2, Post1, Post2 in model/index.js) +# it (should be pattern User1, User2, Post1, Post2 in resolvers/index.js) +# it (should be pattern User1, User2, Post1, Post2 in schema/index.js) +# it (should be pattern User1, User2, Post1, Post2 in authorization/index.js) +# it (should be a model/User1.js, resolver/User1.js, schema/User1.graphql, authorization/User1.js) +# it (should be a model/User2.js, resolver/User2.js, schema/User2.graphql, authorization/User2.js) +# it (should be a model/Post1.js, resolver/Post1.js, schema/Post1.graphql, authorization/Post1.js) +# it (should be a model/Post2.js, resolver/Post2.js, schema/Post2.graphql, authorization/Post2.js) +# testing files for existence: + +if exists "./model/User1.js" && + exists "./model/User2.js" && + exists "./model/Post1.js" && + exists "./model/Post2.js" && + + exists "./resolvers/User1.js" && + exists "./resolvers/User2.js" && + exists "./resolvers/Post1.js" && + exists "./resolvers/Post2.js" && + + exists "./schema/User1.graphql" && + exists "./schema/User2.graphql" && + exists "./schema/Post1.graphql" && + exists "./schema/Post2.graphql" && + + exists "./authorization/User1.js" && + exists "./authorization/User2.js" && + exists "./authorization/Post1.js" && + exists "./authorization/Post2.js" && + + hasRef "./model/index.js" "User1" 4 && + hasRef "./model/index.js" "User2" 4 && + hasRef "./model/index.js" "Post1" 4 && + hasRef "./model/index.js" "Post2" 4 && + + hasRef "./resolvers/index.js" "user1Resolvers" 2 && + hasRef "./resolvers/index.js" "user2Resolvers" 2 && + hasRef "./resolvers/index.js" "post1Resolvers" 2 && + hasRef "./resolvers/index.js" "post2Resolvers" 2 && + + hasRef "./schema/index.js" "./User1.graphql" 1 && + hasRef "./schema/index.js" "./User2.graphql" 1 && + hasRef "./schema/index.js" "./Post1.graphql" 1 && + hasRef "./schema/index.js" "./Post2.graphql" 1 && + + hasRef "./authorization/User1.js" "isUser" 1 && + hasRef "./authorization/User1.js" "defaultUserRole" 1 && + hasRef "./authorization/User1.js" "firstUserRole" 1 && + hasRef "./authorization/User1.js" "adminUserRole" 1 && + hasRef "./authorization/User1.js" "ownerField" 1 && + hasRef "./authorization/User1.js" "roleField" 1 && + hasRef "./authorization/User1.js" "create" 1 && + hasRef "./authorization/User1.js" "read" 1 && + hasRef "./authorization/User1.js" "update" 2 && + hasRef "./authorization/User1.js" "delete" 1 && + + hasRef "./authorization/User2.js" "isUser" 1 && + hasRef "./authorization/User2.js" "defaultUserRole" 1 && + hasRef "./authorization/User2.js" "firstUserRole" 1 && + hasRef "./authorization/User2.js" "adminUserRole" 1 && + hasRef "./authorization/User2.js" "ownerField" 1 && + hasRef "./authorization/User2.js" "roleField" 1 && + hasRef "./authorization/User2.js" "create" 1 && + hasRef "./authorization/User2.js" "read" 1 && + hasRef "./authorization/User2.js" "update" 1 && + hasRef "./authorization/User2.js" "delete" 1 && + + hasRef "./authorization/Post2.js" "ownerField" 1 && + hasRef "./authorization/Post2.js" "roleField" 1 && + hasRef "./authorization/Post2.js" "create" 1 && + hasRef "./authorization/Post2.js" "read" 1 && + hasRef "./authorization/Post2.js" "update" 1 && + hasRef "./authorization/Post2.js" "delete" 1 && + + hasRef "./authorization/Post2.js" "ownerField" 1 && + hasRef "./authorization/Post2.js" "roleField" 1 && + hasRef "./authorization/Post2.js" "create" 1 && + hasRef "./authorization/Post2.js" "read" 1 && + hasRef "./authorization/Post2.js" "update" 1 && + hasRef "./authorization/Post2.js" "delete" 1 && + + hasRef "./schema/User1.graphql" "name" 3 && + hasRef "./schema/User1.graphql" "email" 3 && + hasRef "./schema/User1.graphql" "password" 2 && + hasRef "./schema/User1.graphql" "role:" 3 && + + hasRef "./schema/User2.graphql" "name" 3 && + hasRef "./schema/User2.graphql" "email" 3 && + hasRef "./schema/User2.graphql" "password" 2 && + hasRef "./schema/User2.graphql" "role:" 3 && + + hasRef "./schema/Post1.graphql" "post:" 3 && + hasRef "./schema/Post1.graphql" "owner:" 1 && + hasRef "./schema/Post1.graphql" "ownerId:" 2 && + + hasRef "./schema/Post2.graphql" "post:" 3 && + hasRef "./schema/Post2.graphql" "owner:" 1 && + hasRef "./schema/Post2.graphql" "ownerId:" 2 && + + hasRef "./authorization/index.js" "User1" 4 && + hasRef "./authorization/index.js" "User2" 4 && + hasRef "./authorization/index.js" "Post1" 4 && + hasRef "./authorization/index.js" "Post2" 4 ; then + echo "Test Passed Test1: 4 add-types" + openDevEnv +else + echo "Test Failed Test1: 4 add-types" +fi + +set +e +trap - EXIT +echo " " +echo "ALL TESTS PASSED" +echo " " \ No newline at end of file diff --git a/yarn.lock b/yarn.lock index 830cd5d..140ff49 100644 --- a/yarn.lock +++ b/yarn.lock @@ -31,9 +31,22 @@ ajv@^4.7.0: co "^4.6.0" json-stable-stringify "^1.0.1" +<<<<<<< HEAD ansi-escapes@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/ansi-escapes/-/ansi-escapes-2.0.0.tgz#5bae52be424878dd9783e8910e3fc2922e83c81b" +======= +ajv@^4.9.1: + version "4.11.8" + resolved "https://registry.yarnpkg.com/ajv/-/ajv-4.11.8.tgz#82ffb02b29e662ae53bdc20af15947706739c536" + dependencies: + co "^4.6.0" + json-stable-stringify "^1.0.1" + +ansi-escapes@^1.1.0: + version "1.4.0" + resolved "https://registry.yarnpkg.com/ansi-escapes/-/ansi-escapes-1.4.0.tgz#d3a8a83b319aa67793662b13e761c7911422306e" +>>>>>>> add-user and authorization prototype ansi-regex@^2.0.0: version "2.0.0" @@ -119,6 +132,10 @@ ast-types@0.9.2: version "0.9.2" resolved "https://registry.yarnpkg.com/ast-types/-/ast-types-0.9.2.tgz#2cc19979d15c655108bf565323b8e7ee38751f6b" +ast-types@^0.9.11: + version "0.9.11" + resolved "https://registry.yarnpkg.com/ast-types/-/ast-types-0.9.11.tgz#371177bb59232ff5ceaa1d09ee5cad705b1a5aa9" + async-each@^1.0.0: version "1.0.1" resolved "https://registry.yarnpkg.com/async-each/-/async-each-1.0.1.tgz#19d386a1d9edc6e7c1c85d388aedbcc56d33602d" @@ -829,8 +846,13 @@ babylon, babylon@^6.11.0: resolved "https://registry.yarnpkg.com/babylon/-/babylon-6.14.1.tgz#956275fab72753ad9b3435d7afe58f8bf0a29815" babylon@^6.15.0, babylon@^6.17.0: +<<<<<<< HEAD version "6.17.1" resolved "https://registry.yarnpkg.com/babylon/-/babylon-6.17.1.tgz#17f14fddf361b695981fe679385e4f1c01ebd86f" +======= + version "6.17.0" + resolved "https://registry.yarnpkg.com/babylon/-/babylon-6.17.0.tgz#37da948878488b9c4e3c4038893fa3314b3fc932" +>>>>>>> add-user and authorization prototype balanced-match@^0.4.1: version "0.4.2" @@ -846,6 +868,14 @@ bcrypt-pbkdf@^1.0.0: dependencies: tweetnacl "^0.14.3" +bcrypt@^1.0.2: + version "1.0.2" + resolved "https://registry.yarnpkg.com/bcrypt/-/bcrypt-1.0.2.tgz#d05fc5d223173e0e28ec381c0f00cc25ffaf2736" + dependencies: + bindings "1.2.1" + nan "2.5.0" + node-pre-gyp "0.6.32" + bin-version-check@^2.1.0: version "2.1.0" resolved "https://registry.yarnpkg.com/bin-version-check/-/bin-version-check-2.1.0.tgz#e4e5df290b9069f7d111324031efc13fdd11a5b0" @@ -865,6 +895,10 @@ binary-extensions@^1.0.0: version "1.7.0" resolved "https://registry.yarnpkg.com/binary-extensions/-/binary-extensions-1.7.0.tgz#6c1610db163abfb34edfe42fa423343a1e01185d" +bindings@1.2.1: + version "1.2.1" + resolved "https://registry.yarnpkg.com/bindings/-/bindings-1.2.1.tgz#14ad6113812d2d37d72e67b4cacb4bb726505f11" + block-stream@*: version "0.0.9" resolved "https://registry.yarnpkg.com/block-stream/-/block-stream-0.0.9.tgz#13ebfe778a03205cfe03751481ebb4b3300c126a" @@ -936,6 +970,10 @@ caseless@~0.11.0: version "0.11.0" resolved "https://registry.yarnpkg.com/caseless/-/caseless-0.11.0.tgz#715b96ea9841593cc33067923f5ec60ebda4f7d7" +caseless@~0.12.0: + version "0.12.0" + resolved "https://registry.yarnpkg.com/caseless/-/caseless-0.12.0.tgz#1b681c21ff84033c826543090689420d187151dc" + chai: version "3.5.0" resolved "https://registry.yarnpkg.com/chai/-/chai-3.5.0.tgz#4d02637b067fe958bdbfdd3a40ec56fef7373247" @@ -1560,6 +1598,19 @@ gauge@~2.6.0: strip-ansi "^3.0.1" wide-align "^1.1.0" +gauge@~2.7.3: + version "2.7.4" + resolved "https://registry.yarnpkg.com/gauge/-/gauge-2.7.4.tgz#2c03405c7538c39d7eb37b317022e325fb018bf7" + dependencies: + aproba "^1.0.3" + console-control-strings "^1.0.0" + has-unicode "^2.0.0" + object-assign "^4.1.0" + signal-exit "^3.0.0" + string-width "^1.0.1" + strip-ansi "^3.0.1" + wide-align "^1.1.0" + generate-function@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/generate-function/-/generate-function-2.0.0.tgz#6858fe7c0969b7d4e9093337647ac79f60dfbe74" @@ -1680,6 +1731,10 @@ growl@1.9.2: version "1.9.2" resolved "https://registry.yarnpkg.com/growl/-/growl-1.9.2.tgz#0ea7743715db8d8de2c5ede1775e1b45ac85c02f" +har-schema@^1.0.5: + version "1.0.5" + resolved "https://registry.yarnpkg.com/har-schema/-/har-schema-1.0.5.tgz#d263135f43307c02c602afc8fe95970c0151369e" + har-validator@~2.0.6: version "2.0.6" resolved "https://registry.yarnpkg.com/har-validator/-/har-validator-2.0.6.tgz#cdcbc08188265ad119b6a5a7c8ab70eecfb5d27d" @@ -1689,6 +1744,13 @@ har-validator@~2.0.6: is-my-json-valid "^2.12.4" pinkie-promise "^2.0.0" +har-validator@~4.2.1: + version "4.2.1" + resolved "https://registry.yarnpkg.com/har-validator/-/har-validator-4.2.1.tgz#33481d0f1bbff600dd203d75812a6a5fba002e2a" + dependencies: + ajv "^4.9.1" + har-schema "^1.0.5" + has-ansi@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/has-ansi/-/has-ansi-2.0.0.tgz#34f5049ce1ecdf2b0649af3ef24e45ed35416d91" @@ -1973,9 +2035,15 @@ js-tokens@^3.0.0: version "3.0.1" resolved "https://registry.yarnpkg.com/js-tokens/-/js-tokens-3.0.1.tgz#08e9f132484a2c45a30907e9dc4d5567b7f114d7" +<<<<<<< HEAD js-yaml@^3.8.4: version "3.8.4" resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-3.8.4.tgz#520b4564f86573ba96662af85a8cafa7b4b5a6f6" +======= +js-yaml@^3.5.1: + version "3.7.0" + resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-3.7.0.tgz#5c967ddd837a9bfdca5f2de84253abe8a1c03b80" +>>>>>>> add-user and authorization prototype dependencies: argparse "^1.0.7" esprima "^3.1.1" @@ -2139,11 +2207,15 @@ lodash.merge@^4.6.0: version "4.6.0" resolved "https://registry.yarnpkg.com/lodash.merge/-/lodash.merge-4.6.0.tgz#69884ba144ac33fe699737a6086deffadd0f89c5" +<<<<<<< HEAD lodash@^4.0.0, lodash@^4.17.4: version "4.17.4" resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.4.tgz#78203a4d1c328ae1d86dca6460e369b57f4055ae" lodash@^4.2.0, lodash@^4.3.0: +======= +lodash@^4.0.0, lodash@^4.2.0, lodash@^4.3.0: +>>>>>>> add-user and authorization prototype version "4.16.6" resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.16.6.tgz#d22c9ac660288f3843e16ba7d2b5d06cca27d777" @@ -2289,6 +2361,10 @@ mute-stream@0.0.7: version "0.0.7" resolved "https://registry.yarnpkg.com/mute-stream/-/mute-stream-0.0.7.tgz#3075ce93bc21b8fab43e1bc4da7e8115ed1e7bab" +nan@2.5.0: + version "2.5.0" + resolved "https://registry.yarnpkg.com/nan/-/nan-2.5.0.tgz#aa8f1e34531d807e9e27755b234b4a6ec0c152a8" + nan@^2.3.0: version "2.4.0" resolved "https://registry.yarnpkg.com/nan/-/nan-2.4.0.tgz#fb3c59d45fe4effe215f0b890f8adf6eb32d2232" @@ -2304,6 +2380,20 @@ node-fetch: encoding "^0.1.11" is-stream "^1.0.1" +node-pre-gyp@0.6.32: + version "0.6.32" + resolved "https://registry.yarnpkg.com/node-pre-gyp/-/node-pre-gyp-0.6.32.tgz#fc452b376e7319b3d255f5f34853ef6fd8fe1fd5" + dependencies: + mkdirp "~0.5.1" + nopt "~3.0.6" + npmlog "^4.0.1" + rc "~1.1.6" + request "^2.79.0" + rimraf "~2.5.4" + semver "~5.3.0" + tar "~2.2.1" + tar-pack "~3.3.0" + node-pre-gyp@^0.6.29: version "0.6.31" resolved "https://registry.yarnpkg.com/node-pre-gyp/-/node-pre-gyp-0.6.31.tgz#d8a00ddaa301a940615dbcc8caad4024d58f6017" @@ -2350,6 +2440,15 @@ npmlog@^4.0.0: gauge "~2.6.0" set-blocking "~2.0.0" +npmlog@^4.0.1: + version "4.1.0" + resolved "https://registry.yarnpkg.com/npmlog/-/npmlog-4.1.0.tgz#dc59bee85f64f00ed424efb2af0783df25d1c0b5" + dependencies: + are-we-there-yet "~1.1.2" + console-control-strings "~1.1.0" + gauge "~2.7.3" + set-blocking "~2.0.0" + number-is-nan@^1.0.0: version "1.0.1" resolved "https://registry.yarnpkg.com/number-is-nan/-/number-is-nan-1.0.1.tgz#097b602b53422a522c1afb8790318336941a011d" @@ -2451,6 +2550,10 @@ path-type@^1.0.0: pify "^2.0.0" pinkie-promise "^2.0.0" +performance-now@^0.2.0: + version "0.2.0" + resolved "https://registry.yarnpkg.com/performance-now/-/performance-now-0.2.0.tgz#33ef30c5c77d4ea21c5a53869d91b56d8f2555e5" + pify@^2.0.0: version "2.3.0" resolved "https://registry.yarnpkg.com/pify/-/pify-2.3.0.tgz#ed141a6ac043a849ea588498e7dca8b15330e90c" @@ -2513,6 +2616,10 @@ qs@~6.3.0: version "6.3.0" resolved "https://registry.yarnpkg.com/qs/-/qs-6.3.0.tgz#f403b264f23bc01228c74131b407f18d5ea5d442" +qs@~6.4.0: + version "6.4.0" + resolved "https://registry.yarnpkg.com/qs/-/qs-6.4.0.tgz#13e26d28ad6b0ffaa91312cd3bf708ed351e7233" + randomatic@^1.1.3: version "1.1.5" resolved "https://registry.yarnpkg.com/randomatic/-/randomatic-1.1.5.tgz#5e9ef5f2d573c67bd2b8124ae90b5156e457840b" @@ -2680,7 +2787,38 @@ request@^2.65.0, request@^2.75.0: tough-cookie "~2.3.0" tunnel-agent "~0.4.1" +<<<<<<< HEAD require-uncached@^1.0.3: +======= +request@^2.79.0: + version "2.81.0" + resolved "https://registry.yarnpkg.com/request/-/request-2.81.0.tgz#c6928946a0e06c5f8d6f8a9333469ffda46298a0" + dependencies: + aws-sign2 "~0.6.0" + aws4 "^1.2.1" + caseless "~0.12.0" + combined-stream "~1.0.5" + extend "~3.0.0" + forever-agent "~0.6.1" + form-data "~2.1.1" + har-validator "~4.2.1" + hawk "~3.1.3" + http-signature "~1.1.0" + is-typedarray "~1.0.0" + isstream "~0.1.2" + json-stringify-safe "~5.0.1" + mime-types "~2.1.7" + oauth-sign "~0.8.1" + performance-now "^0.2.0" + qs "~6.4.0" + safe-buffer "^5.0.1" + stringstream "~0.0.4" + tough-cookie "~2.3.0" + tunnel-agent "^0.6.0" + uuid "^3.0.0" + +require-uncached@^1.0.2: +>>>>>>> add-user and authorization prototype version "1.0.3" resolved "https://registry.yarnpkg.com/require-uncached/-/require-uncached-1.0.3.tgz#4e0d56d6c9662fd31e43011c4b95aa49955421d3" dependencies: @@ -2728,6 +2866,10 @@ safe-buffer@~5.0.1: version "5.0.1" resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.0.1.tgz#d263ca54696cd8a306b5ca6551e92de57918fbe7" +safe-buffer@^5.0.1: + version "5.0.1" + resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.0.1.tgz#d263ca54696cd8a306b5ca6551e92de57918fbe7" + semver-regex@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/semver-regex/-/semver-regex-1.0.0.tgz#92a4969065f9c70c694753d55248fc68f8f652c9" @@ -2952,6 +3094,12 @@ tryit@^1.0.1: version "1.0.3" resolved "https://registry.yarnpkg.com/tryit/-/tryit-1.0.3.tgz#393be730a9446fd1ead6da59a014308f36c289cb" +tunnel-agent@^0.6.0: + version "0.6.0" + resolved "https://registry.yarnpkg.com/tunnel-agent/-/tunnel-agent-0.6.0.tgz#27a5dea06b36b04a0a9966774b290868f0fc40fd" + dependencies: + safe-buffer "^5.0.1" + tunnel-agent@~0.4.1: version "0.4.3" resolved "https://registry.yarnpkg.com/tunnel-agent/-/tunnel-agent-0.4.3.tgz#6373db76909fe570e08d73583365ed828a74eeeb" @@ -2990,6 +3138,10 @@ util-deprecate@~1.0.1: version "1.0.2" resolved "https://registry.yarnpkg.com/util-deprecate/-/util-deprecate-1.0.2.tgz#450d4dc9fa70de732762fbd2d4a28981419a0ccf" +uuid@^3.0.0: + version "3.0.1" + resolved "https://registry.yarnpkg.com/uuid/-/uuid-3.0.1.tgz#6544bba2dfda8c1cf17e629a3a305e2bb1fee6c1" + v8flags@^2.0.10: version "2.0.11" resolved "https://registry.yarnpkg.com/v8flags/-/v8flags-2.0.11.tgz#bca8f30f0d6d60612cc2c00641e6962d42ae6881" From c92f5981126197d23ff45d8d28a12860a122839e Mon Sep 17 00:00:00 2001 From: tobkle Date: Thu, 3 Aug 2017 19:30:34 +0200 Subject: [PATCH 53/69] Revert "add-user and authorization prototype" This reverts commit d5a4c322d549f970919a0aa00788eee4478153ea. --- CHANGELOG.md | 5 - README.md | 149 ------------ bin/create-graphql-server.js | 87 ++----- generate/authorization/index.js | 220 ----------------- generate/index.js | 11 +- generate/model/index.js | 41 ++-- generate/model/templates/user.js.template | 55 ----- generate/resolvers/index.js | 26 +- generate/resolvers/templates/base.js.template | 56 +---- generate/schema/index.js | 118 +++------ package.json | 4 - skel/authorization/index.js | 194 --------------- test/input-authorization/Post1.graphql | 5 - test/input-authorization/Post2.graphql | 14 -- test/input-authorization/User1.graphql | 3 - test/input-authorization/User2.graphql | 13 - test/test-authorization.sh | 228 ------------------ yarn.lock | 180 +++----------- 18 files changed, 129 insertions(+), 1280 deletions(-) delete mode 100644 generate/authorization/index.js delete mode 100644 generate/model/templates/user.js.template delete mode 100644 skel/authorization/index.js delete mode 100644 test/input-authorization/Post1.graphql delete mode 100644 test/input-authorization/Post2.graphql delete mode 100644 test/input-authorization/User1.graphql delete mode 100644 test/input-authorization/User2.graphql delete mode 100755 test/test-authorization.sh diff --git a/CHANGELOG.md b/CHANGELOG.md index bc17703..60c9b82 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,9 +1,4 @@ -0.5.5 - -- Added an authorization generator -- Added a command add-user to generate user resolvers automatically - 0.5.4 - Added the possibility to run "add-type" several times, which overwrites existing types diff --git a/README.md b/README.md index b39ceca..a6002d8 100644 --- a/README.md +++ b/README.md @@ -1,152 +1,3 @@ -*** WORK IN PROGRESS -- NOT YET FINISHED *** -development is not yet finalized, and not yet tested -This is to discuss the current approach to introduce a generator for authorizations also. - -# Command **add-user** -To add a new User type, use the following command: -```bash - create-graphql-server add-user path/to/user-input-type.graphql -``` - -This generates a new user with the input type file. A new command was necessary, as the user type has a different resolver to handle password and hash. - -If important fields with dependent logics are missing, they are added automatically by the generator, such as the fields: **email**, **password**, **role**. - -# Authorization for types -Use the new directive @authorize in the type definition to control the authorization settings: -```javascript - type User - @authorize( - create: ["owner"] - read: ["world"] - update: ["owner", "admin"] - delete: ["owner", "admin"] - ownerField: "id" - roleField: "role" - defaultUserRole: 'user', - firstUserRole: 'admin', - adminUserRole: 'admin', - ) - { - email: String! - name: String - role: String! - } -``` -or: -```javascript - type Post - @authorize( - create: ["owner"] - read: ["world"] - update: ["owner", "admin"] - delete: ["owner", "admin"] - ownerField: "ownerId" - roleField: "role" - ) - { - post: String! - comment: String - owner: User1 @belongsTo - } -``` - -Meaning of the directive's arguments: -* create = Authorization for a create mutation -* read = Authorization for a read query -* update = Authorization for a update mutation -* delete = Authorization for a delete mutation -* -Add the authorized users in the array with... -* "owner" = the user, who created the document -* "world" = everyone is authorized -* "admin" = the administrator, of the system -* role = add any role, in the role field - -The generator will create a new folder named authorization. In that folder, a new index.js file is copied into, which hosts the authorization logic. This authorization logic exposes only one central function **authorize()**, which will be called for each resolver's data handler. This authorize function should be only used in the resolver. It can send and receive whether an array or a document. It has the following signature: - -```javascript -const authorized_data = await authorize('TypeName', TypeName, 'mode', user, data); -``` -whereas: 'TypeName' is a string with the current type name of the resolver, the passed TypeName contains the context of the resolver (Model,...), 'mode' contains a string with any of the available modes of the data access: 'create', 'read', 'update', 'delete', to inform the authorization module, what kind of data operation it shall authorize, user is the context object of the authenticated user, and input is the data which should be checked. The authorize function returns checked and authorized data. If for example one document of the data array is not accessible by the authenticated user, then it is filtered out and not included in the returned array/object. - -Also, for each generated type, it creates an additional file in the authorization folder named by its type.js. In that file, all rules for a successfull authorization check is stored. You can adjust this file directly also afterwards as it keeps only data, with the following rules: - -```javascript -let defaultAuthorization = { - name: ObjectTypeDefinition.name.value || 'nameNotFound', - field: { - ownerField: 'ownerId', - roleField: 'role', - }, - rules: [ - { - mode: 'create', - roles: ['owner'], - removeFields: [], - }, - { - mode: 'read', - roles: ['owner'], - removeFields: [], - }, - { - mode: 'update', - roles: ['owner', 'admin'], - removeFields: [], - }, - { - mode: 'delete', - roles: ['owner', 'admin'], - removeFields: [], - }, - ] -}; -``` - -```javascript -let defaultUserAuthorization = { - name: ObjectTypeDefinition.name.value || 'nameNotFound', - isUser: true, - defaultUserRole: 'user', - firstUserRole: 'admin', - adminUserRole: 'admin', - field: { - ownerField: 'id', - roleField: 'role', - }, - rules: [ - { - mode: 'create', - roles: ['world'], - removeFields: ['role'], - }, - { - mode: 'read', - roles: ['world'], - removeFields: [], - }, - { - mode: 'update', - roles: ['owner'], - removeFields: ['role'], - }, - { - mode: 'update', - roles: ['admin'], - removeFields: [], - }, - { - mode: 'delete', - roles: ['owner', 'admin'], - removeFields: [], - }, - ] -}; -``` - -If you don't enter any @authorize directive in your input file. It will generate the above rules for you automatically. - # Create GraphQL Server This is a simple scaffolding tool for GraphQL apps, built on MongoDB. diff --git a/bin/create-graphql-server.js b/bin/create-graphql-server.js index 1ce8a8d..b34fc6d 100755 --- a/bin/create-graphql-server.js +++ b/bin/create-graphql-server.js @@ -39,7 +39,6 @@ function usage() { console.log(' - create-graphql-server init project-dir'); console.log(' - create-graphql-server add-type path/to/type.graphql'); console.log(' - create-graphql-server add-type path'); - console.log(' - create-graphql-server add-user path/to/UserType.graphql'); console.log(' - create-graphql-server remove-type path/to/type.graphql'); console.log(' - create-graphql-server remove-type path'); console.log(' - create-graphql-server remove-type typename'); @@ -71,21 +70,18 @@ function usage() { process.exit(1); } -function adjustTypeName(typeName) { +function adjustTypeName(typeName){ return typeName.charAt(0).toUpperCase() + typeName.slice(1).toLowerCase(); } function getFileUpdateList(inputSchemaFile, mode) { let inputSchemaStr = ''; // in add mode or if a graphql path/file name was provided, the input file must be there, - if ( - mode === 'add-type' || - mode === 'add-user' || - inputSchemaFile.includes('.graphql') || - inputSchemaFile.includes('/') - ) { - if (!fs.existsSync(inputSchemaFile)) { - console.error(chalk.bold.red('Error: Cannot read file', inputSchemaFile)); + if (mode === 'add' || inputSchemaFile.includes('.graphql') || inputSchemaFile.includes('/')) { + if (! fs.existsSync(inputSchemaFile)) { + console.error( + chalk.bold.red('Error: Cannot read file', inputSchemaFile) + ); console.log(''); process.exit(1); } @@ -104,8 +100,7 @@ function getFileUpdateList(inputSchemaFile, mode) { outputSchemaStr, resolversStr, modelStr, - authorizationStr, - } = generate(inputSchemaStr, mode); + } = generate(inputSchemaStr); // do validation checks // shouldn't be necessary, but... @@ -120,8 +115,7 @@ function getFileUpdateList(inputSchemaFile, mode) { !modelStr || outputSchemaStr === '' || resolversStr === '' || - modelStr === '' || - authorizationStr === '' + modelStr === '' ) { console.error('Error: Error while generating target Code.'); process.exit(0); @@ -159,13 +153,6 @@ function getFileUpdateList(inputSchemaFile, mode) { indexPattern: `\nimport ${TypeName} from './${TypeName}';\n` + `models.${TypeName} = ${TypeName};\n`, }, - { - typePath: path.join('authorization', `${TypeName}.js`), - typeString: authorizationStr, - indexPath: path.join('authorization', 'index.js'), - indexPattern: `\nimport ${TypeName} from './${TypeName}';\n` + - `authorizations.${TypeName} = ${TypeName};\n`, - }, ]; } @@ -403,19 +390,16 @@ function addPatternToFiles(fileUpdateList) { function getFilesRecursively(folder, filetype) { // getting all files of a path and of a specific filetype recursively - let list = []; - let stats; - const files = fs.readdirSync(folder); + let list = [], stats, + files = fs.readdirSync(folder); - files.forEach((file) => { + files.forEach(file => { stats = fs.lstatSync(path.join(folder, file)); - if (stats.isDirectory()) { - list = list.concat( - getFilesRecursively(path.join(folder, file), filetype) - ); + if(stats.isDirectory()) { + list = list.concat(getFilesRecursively(path.join(folder, file), filetype)); } else if (file.includes(filetype)) { - console.log('found:', path.join(folder, file)); - list.push(path.join(folder, file)); + console.log('found:', path.join(folder, file)); + list.push(path.join(folder, file)); } }); @@ -424,10 +408,10 @@ function getFilesRecursively(folder, filetype) { // MAIN FUNCTIONS -function addType(inputSchemaFile, options, mode) { +function addType(inputSchemaFile, options) { // generates a new data type with all its files and references console.log(chalk.bold.blue('Running add-type')); - const fileUpdateList = getFileUpdateList(inputSchemaFile, mode); + const fileUpdateList = getFileUpdateList(inputSchemaFile, 'add'); checkForFileChanges(fileUpdateList, options['force-update']); createTypeFiles(fileUpdateList); addPatternToFiles(fileUpdateList); @@ -471,18 +455,15 @@ if (commands[0] === 'init') { if (!inputSchemaFile) { usage(); } - if ( - fs.existsSync(inputSchemaFile) && - fs.lstatSync(inputSchemaFile).isDirectory() - ) { - // directory name entered + if (fs.existsSync(inputSchemaFile) && fs.lstatSync(inputSchemaFile).isDirectory()) { + //directory name entered const files = getFilesRecursively(inputSchemaFile, '.graphql'); - files.forEach((file) => { - addType(file, argv, commands[0]); + files.forEach(file => { + addType(file, argv); }); } else { // single file entered - addType(inputSchemaFile, argv, commands[0]); + addType(inputSchemaFile, argv); } process.exit(0); } else if (commands[0] === 'remove-type') { @@ -490,13 +471,10 @@ if (commands[0] === 'init') { if (!inputSchemaFile) { usage(); } - if ( - fs.existsSync(inputSchemaFile) && - fs.lstatSync(inputSchemaFile).isDirectory() - ) { + if (fs.existsSync(inputSchemaFile) && fs.lstatSync(inputSchemaFile).isDirectory()) { // directory name entered const files = getFilesRecursively(inputSchemaFile, '.graphql'); - files.forEach((file) => { + files.forEach(file => { removeType(file, argv); }); } else { @@ -504,23 +482,6 @@ if (commands[0] === 'init') { removeType(inputSchemaFile, argv); } process.exit(0); -} else if (commands[0] === 'add-user') { - const inputSchemaFile = commands[1]; - if (!inputSchemaFile) { - usage(); - } - if ( - fs.existsSync(inputSchemaFile) && - fs.lstatSync(inputSchemaFile).isDirectory() - ) { - // directory name entered - console.error('Please enter a User Type instead of a directory.'); - process.exit(0); - } else { - // single file entered - addType(inputSchemaFile, argv, commands[0]); - } - process.exit(0); } else { usage(); } diff --git a/generate/authorization/index.js b/generate/authorization/index.js deleted file mode 100644 index 93c133d..0000000 --- a/generate/authorization/index.js +++ /dev/null @@ -1,220 +0,0 @@ -import assert from 'assert'; - -export default function generateAuthorization(inputSchema, mode) { - // Check that the input looks like we expect -- a single ObjectType definition - assert(inputSchema.kind === 'Document'); - assert(inputSchema.definitions.length === 1); - - let ObjectTypeDefinition = inputSchema.definitions.filter((node) => { - return node.kind === 'ObjectTypeDefinition'; - }); - if (ObjectTypeDefinition.length > 1) { - throw new Error( - 'generateAuthorization: only one type definition per file allowed' - ); } - if (ObjectTypeDefinition.length < 1) { - throw new Error('generateAuthorization: no type definition found in file'); - } - ObjectTypeDefinition = ObjectTypeDefinition[0]; - - let defaultAuthorization = { - name: ObjectTypeDefinition.name.value || 'nameNotFound', - field: { - ownerField: 'ownerId', - roleField: 'role', - }, - rules: [ - { - mode: 'create', - roles: ['owner'], - removeFields: [], - }, - { - mode: 'read', - roles: ['owner'], - removeFields: [], - }, - { - mode: 'update', - roles: ['owner', 'admin'], - removeFields: [], - }, - { - mode: 'delete', - roles: ['owner', 'admin'], - removeFields: [], - }, - ], - }; - - const defaultUserAuthorization = { - name: ObjectTypeDefinition.name.value || 'nameNotFound', - isUser: true, - defaultUserRole: 'user', - firstUserRole: 'admin', - adminUserRole: 'admin', - field: { - ownerField: 'id', - roleField: 'role', - }, - rules: [ - { - mode: 'create', - roles: ['world'], - removeFields: ['role'], - }, - { - mode: 'read', - roles: ['world'], - removeFields: [], - }, - { - mode: 'update', - roles: ['owner'], - removeFields: ['role'], - }, - { - mode: 'update', - roles: ['admin'], - removeFields: [], - }, - { - mode: 'delete', - roles: ['owner', 'admin'], - removeFields: [], - }, - ], - }; - - let authorization = {}; - - if (mode === 'add-user') { - defaultAuthorization = defaultUserAuthorization; - } - authorization = Object.assign({}, defaultAuthorization); - authorization.rules = []; - - // Reading Directives out of type file if available - if (ObjectTypeDefinition.directives) { - ObjectTypeDefinition.directives.forEach((directive) => { - if ( - directive.kind && - directive.kind === 'Directive' && - directive.name && - directive.name.kind && - directive.name.kind === 'Name' && - directive.name.value && - directive.name.value === 'authorize' && - directive.arguments && - directive.arguments.length > 0 - ) { - // Directive "@authorized" found in type definition with arguments - directive.arguments.forEach((argument) => { - // handle the different arguments now - - // RULES create/read/update/delete - if ( - argument.kind && - argument.kind === 'Argument' && - argument.name && - argument.name.kind && - argument.name.kind === 'Name' && - argument.name.value && - (argument.name.value === 'create' || - argument.name.value === 'read' || - argument.name.value === 'update' || - argument.name.value === 'delete') && - argument.value - ) { - if (argument.value.kind && argument.value.kind === 'ListValue') { - // it is a List - const roles = []; - argument.value.values.forEach((value) => { - if ( - value.kind && - value.kind === 'StringValue' && - value.value !== '' - ) { - roles.push(value.value); - } - }); // each value - authorization.rules.push({ - mode: argument.name.value, - roles, - removeFields: [], - }); - } // ListValue - - if ( - argument.value.kind && - argument.value.kind === 'StringValue' && - argument.value.value !== '' - ) { - // it is a List - authorization.rules.push({ - mode: argument.name.value, - roles: [argument.value.value], - removeFields: [], - }); - } // StringValue - } // create/read/update/delete - - // FIELD ownerField, roleField - if ( - argument.kind && - argument.kind === 'Argument' && - argument.name && - argument.name.kind && - argument.name.kind === 'Name' && - argument.name.value && - (argument.name.value === 'ownerField' || - argument.name.value === 'roleField') && - argument.value - ) { - if ( - argument.value.kind && - argument.value.kind === 'StringValue' && - argument.value.value !== '' - ) { - // it is a List - authorization.field[argument.name.value] = argument.value.value; - } // StringValue - } // ownerField / roleField - - // FIELDS: - // defaultUserRole: 'user', - // firstUserRole: 'admin', - // adminUserRole: 'admin', - if ( - argument.kind && - argument.kind === 'Argument' && - argument.name && - argument.name.kind && - argument.name.kind === 'Name' && - argument.name.value && - (argument.name.value === 'defaultUserRole' || - argument.name.value === 'firstUserRole' || - argument.name.value === 'adminUserRole') && - argument.value - ) { - if ( - argument.value.kind && - argument.value.kind === 'StringValue' && - argument.value.value !== '' - ) { - // it is a List - authorization[argument.name.value] = argument.value.value; - } // StringValue - } // defaultUserRole, firstUserRole, adminUserRole - }); // forEach(argument) - } // directive authorize - }); // forEach directive - } // directive there - - // Check if Directives were available: - if (authorization.rules.length === 0) { - authorization.rules = defaultAuthorization.rules; - } - - return `export default ${JSON.stringify(authorization, null, 2)};`; -} diff --git a/generate/index.js b/generate/index.js index 7ac8242..0574627 100644 --- a/generate/index.js +++ b/generate/index.js @@ -6,20 +6,18 @@ import { parse, print } from 'graphql'; import generateSchema from './schema'; import generateResolvers from './resolvers'; import generateModel from './model'; -import generateAuthorization from './authorization'; import { lcFirst } from './util/capitalization'; -export default function generate(inputSchemaStr, mode) { +export default function generate(inputSchemaStr) { const inputSchema = parse(inputSchemaStr); const type = inputSchema.definitions[0]; const TypeName = type.name.value; - const outputSchema = generateSchema(inputSchema, mode); + const outputSchema = generateSchema(inputSchema); const outputSchemaStr = print(outputSchema); - const resolversStr = generateResolvers(inputSchema, mode); - const modelStr = generateModel(inputSchema, mode); - const authorizationStr = generateAuthorization(inputSchema, mode); + const resolversStr = generateResolvers(inputSchema); + const modelStr = generateModel(inputSchema); return { typeName: lcFirst(TypeName), @@ -27,6 +25,5 @@ export default function generate(inputSchemaStr, mode) { outputSchemaStr, resolversStr, modelStr, - authorizationStr, }; } diff --git a/generate/model/index.js b/generate/model/index.js index 3734773..cfbb1cb 100644 --- a/generate/model/index.js +++ b/generate/model/index.js @@ -11,15 +11,17 @@ function read(name) { const templates = { base: read('base'), - user: read('user'), singularAssociation: read('singularAssociation'), paginatedAssociation: read('paginatedAssociation'), }; -function buildAst( - template, - { typeName, fieldName, argsStr, ReturnTypeName, query } -) { +function buildAst(template, { + typeName, + fieldName, + argsStr, + ReturnTypeName, + query, +}) { const argsWithDefaultsStr = argsStr .replace('lastCreatedAt', 'lastCreatedAt = 0') .replace('limit', 'limit = 10'); @@ -32,11 +34,9 @@ function buildAst( }); } + const generators = { - base({ typeName, TypeName }, mode) { - if (mode === 'add-user') { - return templateToAst(templates.user, { typeName, TypeName }); - } + base({ typeName, TypeName }) { return templateToAst(templates.base, { typeName, TypeName }); }, belongsTo(replacements) { @@ -73,29 +73,26 @@ const generators = { }, }; -export function generateModelAst(inputSchema, mode) { +export function generateModelAst(inputSchema) { const type = inputSchema.definitions[0]; const TypeName = type.name.value; const typeName = lcFirst(TypeName); - const ast = generators.base({ TypeName, typeName }, mode); - - let startWith = 2; - if (mode === 'add-user') { - startWith = 4; - } + const ast = generators.base({ TypeName, typeName }); // XXX: rather than hardcoding in array indices it would be less brittle to // walk the tree using https://github.com/benjamn/ast-types - const classMethodsAst = - ast.program.body[startWith].declaration.body.body; // export // class declaration + const classMethodsAst = ast.program.body[2] // export + .declaration // class declaration + .body.body; const findOneMethod = classMethodsAst.find(m => m.key.name === 'all'); let nextIndex = classMethodsAst.indexOf(findOneMethod) + 1; + generatePerField(type, generators).forEach((resolverFunctionAst) => { - const classMethodAst = - resolverFunctionAst.program.body[0].body.body[0]; // class declaration // classMethod + const classMethodAst = resolverFunctionAst.program.body[0] // class declaration + .body.body[0]; // classMethod classMethodsAst.splice(nextIndex, 0, classMethodAst); nextIndex += 1; @@ -104,7 +101,7 @@ export function generateModelAst(inputSchema, mode) { return ast; } -export default function generateModel(inputSchema, mode) { - const ast = generateModelAst(inputSchema, mode); +export default function generateModel(inputSchema) { + const ast = generateModelAst(inputSchema); return print(ast, { trailingComma: true }).code; } diff --git a/generate/model/templates/user.js.template b/generate/model/templates/user.js.template deleted file mode 100644 index 346d675..0000000 --- a/generate/model/templates/user.js.template +++ /dev/null @@ -1,55 +0,0 @@ -import DataLoader from 'dataloader'; -import findByIds from 'mongo-find-by-ids'; -import bcrypt from 'bcrypt'; -const SALT_ROUNDS = 10; - -export default class TypeName { - constructor(context) { - this.context = context; - this.collection = context.db.collection('typeName'); - this.pubsub = context.pubsub; - this.loader = new DataLoader(ids => findByIds(this.collection, ids)); - } - - findOneById(id) { - return this.loader.load(id); - } - - all({ lastCreatedAt = 0, limit = 10 }) { - return this.collection.find({ - createdAt: { $gt: lastCreatedAt }, - }).sort({ createdAt: 1 }).limit(limit).toArray(); - } - - async insert(doc) { - const { password } = doc; - delete doc.password; - const hash = await bcrypt.hash(password, SALT_ROUNDS); - const docToInsert = Object.assign({}, doc, { - hash, - createdAt: Date.now(), - updatedAt: Date.now(), - }); - const id = (await this.collection.insertOne(docToInsert)).insertedId; - this.pubsub.publish('typeNameInserted', await this.findOneById(id)); - return id; - } - - async updateById(id, doc) { - const ret = await this.collection.update({ _id: id }, { - $set: Object.assign({}, doc, { - updatedAt: Date.now(), - }), - }); - this.loader.clear(id); - this.pubsub.publish('typeNameUpdated', await this.findOneById(id)); - return ret; - } - - async removeById(id) { - const ret = this.collection.remove({ _id: id }); - this.loader.clear(id); - this.pubsub.publish('typeNameRemoved', id); - return ret; - } -} diff --git a/generate/resolvers/index.js b/generate/resolvers/index.js index 5fecd3c..b983b3c 100644 --- a/generate/resolvers/index.js +++ b/generate/resolvers/index.js @@ -11,7 +11,6 @@ function read(name) { const templates = { base: read('base'), - user: read('base'), fieldOfType: read('fieldOfType'), paginatedField: read('paginatedField'), }; @@ -23,10 +22,7 @@ function generateResolver(template) { } const generators = { - base({ typeName, TypeName }, mode) { - if (mode === 'add-user') { - return templateToAst(templates.user, { typeName, TypeName }); - } + base({ typeName, TypeName }) { return templateToAst(templates.base, { typeName, TypeName }); }, belongsTo: generateResolver(templates.fieldOfType), @@ -36,23 +32,23 @@ const generators = { hasAndBelongsToMany: generateResolver(templates.paginatedField), }; -export function generateResolversAst(inputSchema, mode) { +export function generateResolversAst(inputSchema) { const type = inputSchema.definitions[0]; const TypeName = type.name.value; const typeName = lcFirst(TypeName); - const ast = generators.base({ TypeName, typeName }, mode); + const ast = generators.base({ TypeName, typeName }); // XXX: rather than hardcoding in array indices it would be less brittle to // walk the tree using https://github.com/benjamn/ast-types - const typeResolversAst = - ast.program.body[1].declarations[0].init.properties[0].value; - // const // object expression // object value + const typeResolversAst = ast.program.body[0] // const + .declarations[0].init // object expression + .properties[0].value; // object value generatePerField(type, generators).forEach((resolverFunctionAst) => { - const resolverProperty = - resolverFunctionAst.program.body[0].declarations[0].init.properties[0]; - // variable declaration // object expression + const resolverProperty = resolverFunctionAst.program.body[0] // variable declaration + .declarations[0].init // object expression + .properties[0]; typeResolversAst.properties.push(resolverProperty); }); @@ -60,7 +56,7 @@ export function generateResolversAst(inputSchema, mode) { return ast; } -export default function generateResolvers(inputSchema, mode) { - const ast = generateResolversAst(inputSchema, mode); +export default function generateResolvers(inputSchema) { + const ast = generateResolversAst(inputSchema); return print(ast, { trailingComma: true }).code; } diff --git a/generate/resolvers/templates/base.js.template b/generate/resolvers/templates/base.js.template index 61f36b4..158c416 100644 --- a/generate/resolvers/templates/base.js.template +++ b/generate/resolvers/templates/base.js.template @@ -1,4 +1,3 @@ -import authorize from '../authorization'; const resolvers = { TypeName: { id(typeName) { @@ -6,58 +5,27 @@ const resolvers = { }, }, Query: { - typeNames(root, { lastCreatedAt, limit }, { TypeName, user }) { - return TypeName.all({ lastCreatedAt, limit }) - .then(data => { - if (data.length > 0){ - async () => { - return await authorize('TypeName', TypeName, 'read', user, data); - } - } - return data; - }); + typeNames(root, { lastCreatedAt, limit }, { TypeName }) { + return TypeName.all({ lastCreatedAt, limit }); }, - typeName(root, { id }, { TypeName, user }) { - return TypeName.findOneById(id) - .then(data => { - if (data.length > 0){ - async () => { - return await authorize('TypeName', TypeName, 'read', user, data); - } - } - return data; - }); + typeName(root, { id }, { TypeName }) { + return TypeName.findOneById(id); }, }, Mutation: { - async createTypeName(root, { input }, { TypeName, user }) { - const authorized = await authorize('TypeName', TypeName, 'create', user, input); - if (authorized){ - const id = await TypeName.insert(authorized); - return TypeName.findOneById(id); - } - throw new Error('Not authorized to create TypeName'); + async createTypeName(root, { input }, { TypeName }) { + const id = await TypeName.insert(input); + return TypeName.findOneById(id); }, - async updateTypeName(root, { id, input }, { TypeName, user }) { - const data = await TypeName.findOneById(id); - const authorized = await authorize('TypeName', TypeName, 'update', user, data); - if (authorized){ - console.log('authorized in resolver', JSON.stringify(authorized, null, 2)); - await TypeName.updateById(id, input); - return TypeName.findOneById(id); - } - throw new Error('Not authorized to update TypeName'); + async updateTypeName(root, { id, input }, { TypeName }) { + await TypeName.updateById(id, input); + return TypeName.findOneById(id); }, - async removeTypeName(root, { id }, { TypeName, user }) { - const data = await TypeName.findOneById(id); - const authorized = await authorize('TypeName', TypeName, 'delete', user, data); - if (authorized){ - return TypeName.removeById(authorized.id); - } - throw new Error('Not authorized to delete TypeName'); + removeTypeName(root, { id }, { TypeName }) { + return TypeName.removeById(id); }, }, Subscription: { diff --git a/generate/schema/index.js b/generate/schema/index.js index 1a8be11..2ef641d 100644 --- a/generate/schema/index.js +++ b/generate/schema/index.js @@ -15,15 +15,11 @@ import { /* eslint-disable no-param-reassign */ -export default function generateSchema(inputSchema, mode) { +export default function generateSchema(inputSchema) { // Check that the input looks like we expect -- a single ObjectType definition assert(inputSchema.kind === 'Document'); assert(inputSchema.definitions.length === 1); - let emailFieldIncluded = false; - let passwordFieldIncluded = false; - let roleFieldIncluded = false; - const outputSchema = cloneDeep(inputSchema); const type = outputSchema.definitions[0]; @@ -38,10 +34,6 @@ export default function generateSchema(inputSchema, mode) { applyCustomDirectives(field); }); - if (field.name === 'email') emailFieldIncluded = true; - if (field.name === 'password') passwordFieldIncluded = true; - if (field.name === 'role') roleFieldIncluded = true; - // XXX: Not sure if this the correct logic but it makes my tests pass // TODO: check for @unmodifiable let possibleInputType = field.type; @@ -52,19 +44,12 @@ export default function generateSchema(inputSchema, mode) { } if (possibleInputType.kind === 'NamedType') { - const isScalarField = includes( - SCALAR_TYPE_NAMES, - possibleInputType.name.value - ); + const isScalarField = includes(SCALAR_TYPE_NAMES, possibleInputType.name.value); let inputField; if (isScalarField || !!directivesByName.enum) { inputField = field; } else { - inputField = buildField( - `${field.name.value}Id`, - [], - `ObjID${inputTypeModifier}` - ); + inputField = buildField(`${field.name.value}Id`, [], `ObjID${inputTypeModifier}`); } createInputFields.push(inputField); @@ -76,94 +61,51 @@ export default function generateSchema(inputSchema, mode) { field.directives = []; }); - if (mode === 'add-user') { - if (!emailFieldIncluded) { - createInputFields.push(buildField('email', [], 'String!')); - updateInputFields.push(buildField('email', [], 'String')); - type.fields.push(buildField('email', [], 'String!')); - } - if (!passwordFieldIncluded) { - createInputFields.push(buildField('password', [], 'String!')); - updateInputFields.push(buildField('password', [], 'String')); - // no type field, as it won't be stored, is only for input/update - } - if (!roleFieldIncluded) { - createInputFields.push(buildField('role', [], 'String!')); - updateInputFields.push(buildField('role', [], 'String')); - type.fields.push(buildField('role', [], 'String!')); - } - } - type.fields.unshift(buildField('id', [], 'ObjID!')); type.fields.push(buildField('createdAt', [], 'Float!')); type.fields.push(buildField('updatedAt', [], 'Float!')); - const queryOneField = buildField( - typeName.toLowerCase(), - [idArgument()], - typeName - ); - const queryAllField = buildField( - `${typeName.toLowerCase()}s`, - [], - `[${typeName}!]` - ); + const queryOneField = buildField(typeName.toLowerCase(), [idArgument()], typeName); + const queryAllField = buildField(`${typeName.toLowerCase()}s`, [], `[${typeName}!]`); addPaginationArguments(queryAllField); outputSchema.definitions.push( - buildTypeExtension( - buildTypeDefinition('Query', [queryAllField, queryOneField]) - ) + buildTypeExtension(buildTypeDefinition('Query', [queryAllField, queryOneField])) ); const createInputTypeName = `Create${typeName}Input`; outputSchema.definitions.push( - buildTypeDefinition( - createInputTypeName, - createInputFields, - 'InputObjectTypeDefinition' - ) + buildTypeDefinition(createInputTypeName, createInputFields, 'InputObjectTypeDefinition') ); const updateInputTypeName = `Update${typeName}Input`; outputSchema.definitions.push( - buildTypeDefinition( - updateInputTypeName, - updateInputFields, - 'InputObjectTypeDefinition' - ) + buildTypeDefinition(updateInputTypeName, updateInputFields, 'InputObjectTypeDefinition') ); // Create update input type if readonly fields - outputSchema.definitions.push( - buildTypeExtension( - buildTypeDefinition('Mutation', [ - buildField( - `create${typeName}`, - [buildArgument('input', `${createInputTypeName}!`)], - typeName - ), - - buildField( - `update${typeName}`, - [idArgument(), buildArgument('input', `${updateInputTypeName}!`)], - typeName - ), - - buildField(`remove${typeName}`, [idArgument()], 'Boolean'), - ]) - ) - ); - - outputSchema.definitions.push( - buildTypeExtension( - buildTypeDefinition('Subscription', [ - buildField(`${typeName.toLowerCase()}Created`, [], typeName), - buildField(`${typeName.toLowerCase()}Updated`, [], typeName), - buildField(`${typeName.toLowerCase()}Removed`, [], 'ObjID'), - ]) - ) - ); + outputSchema.definitions.push(buildTypeExtension( + buildTypeDefinition('Mutation', [ + buildField(`create${typeName}`, [ + buildArgument('input', `${createInputTypeName}!`), + ], typeName), + + buildField(`update${typeName}`, [ + idArgument(), + buildArgument('input', `${updateInputTypeName}!`), + ], typeName), + + buildField(`remove${typeName}`, [idArgument()], 'Boolean'), + ]) + )); + + outputSchema.definitions.push(buildTypeExtension( + buildTypeDefinition('Subscription', [ + buildField(`${typeName.toLowerCase()}Created`, [], typeName), + buildField(`${typeName.toLowerCase()}Updated`, [], typeName), + buildField(`${typeName.toLowerCase()}Removed`, [], 'ObjID'), + ]) + )); return outputSchema; } diff --git a/package.json b/package.json index aebe96b..1dc3327 100644 --- a/package.json +++ b/package.json @@ -18,8 +18,6 @@ "output-app-generation-test": "./test/output-app-generation-test.sh", "pretest-add-update-remove": "npm run build", "test-add-update-remove": "./test/test-add-update-remove.sh", - "pretest-authorization": "npm run build", - "test-authorization": "./test/test-authorization.sh", "clean": "rm -rf dist/*", "build": "npm run clean && babel bin --out-dir dist/bin && babel generate -D --out-dir dist/generate && cp -r skel dist", "prepublish": "npm run build" @@ -46,9 +44,7 @@ "node-fetch": "^1.6.3" }, "dependencies": { - "ast-types": "^0.9.11", "babylon": "^6.14.1", - "bcrypt": "^1.0.2", "chalk": "^1.1.3", "cpr": "^2.0.0", "denodeify": "^1.2.1", diff --git a/skel/authorization/index.js b/skel/authorization/index.js deleted file mode 100644 index 041d9f0..0000000 --- a/skel/authorization/index.js +++ /dev/null @@ -1,194 +0,0 @@ -const authorizations = {}; - -function isArray(anything) { - // for easier reading - if (Object.prototype.toString.call(anything) === '[object Array]') { - return true; - } - return false; -} - -function isObject(anything) { - // for easier reading - if (typeof anything === 'object') { - return true; - } - return false; -} - -function removeFields(doc, rmFields) { - // remove the fields from the document, which aren't allowed to query or mutate - const newDoc = Object.assign({}, doc); - if (rmFields && isArray(rmFields)) { - rmFields.forEach((field) => { - if (field && field !== '' && newDoc[field]) { - delete newDoc[field]; - } - }); - } - return newDoc; -} - -function getConfig(type) { - return authorizations[type] - ? authorizations[type] - : { - name: '', - field: { - ownerField: 'ownerId', - roleField: 'role', - }, - rules: [ - { - mode: 'create', - roles: ['owner'], - removeFields: [], - }, - { - mode: 'read', - roles: ['owner'], - removeFields: [], - }, - { - mode: 'update', - roles: ['owner', 'admin'], - removeFields: [], - }, - { - mode: 'delete', - roles: ['owner', 'admin'], - removeFields: [], - }, - ], - }; -} - -async function makeFirstUserAdmin(type, Type, mode, user, doc) { - const config = getConfig(type); - let newDoc = Object.assign({}, doc); - if (config.isUser && mode === 'create') { - let role = 'user'; - delete newDoc.role; - const countUser = await Type.collection.find().count(); - if (countUser === 0) { - role = config.firstUserRole || 'admin'; - } else { - role = config.defaultUserRole || 'user'; - } - const newRole = { [config.field.roleField]: role }; - newDoc = Object.assign({}, newDoc, newRole); - } - return newDoc; -} - -function isUserDocumentOwner(user, doc, fieldContainingOwner) { - // checks if the authenticated user is the owner of the document - if ( - user && - doc && - doc[fieldContainingOwner] && - user.id === doc[fieldContainingOwner] - ) { - return true; - } - return false; -} - -function hasUserRole(user, role, fieldContainingRole) { - // checks if the authenticated user has the necessary role to be authorized - if ( - user && - role && - user[fieldContainingRole] && - user[fieldContainingRole] === role - ) { - return true; - } - return false; -} - -async function check_rules(type, Type, mode, user, doc) { - // check all provided rules from the type, only if one leads to an authorization - // the document will be returned - const config = getConfig(type); - let authorized = false; - let newDoc = Object.assign({}, doc); - // check all rules, now... - config.rules.forEach((rule) => { - if (rule.mode === mode) { - // check only the rules for the current mode: e.g. create, read, update, delete - - rule.roles.forEach((role) => { - // check all roles, if one fires - - if (role === 'world') { - // everyone is authorized - // console.log('authorize rule:', mode, role, 'authorized'); - authorized = true; - // if some fields aren't allowed for the world, removing them here - newDoc = Object.assign({}, removeFields(doc, rule.removeFields)); - } - - if (role === 'owner') { - // only the owner of the document should be allowed - // we need to know, which field contains the owner id, see type input file for generator - if (isUserDocumentOwner(user, doc, config.field.ownerField)) { - // owner is authorized, - // console.log('authorize rule:', mode, role, 'authorized'); - authorized = true; - // if some fields aren't allowed for the owner, removing them here - newDoc = Object.assign({}, removeFields(doc, rule.removeFields)); - } - } - - if (hasUserRole(user, role, config.field.roleField)) { - // specific role is authorized: e.g. admin, user, etc. - // console.log('authorize rule:', mode, role, 'authorized'); - authorized = true; - // if some fields aren't allowed for this role, removing them here - newDoc = Object.assign({}, removeFields(doc, rule.removeFields)); - } - }); - } - }); - - if (authorized) { - if (config.isUser && mode === 'create') { - newDoc = Object.assign( - {}, - await makeFirstUserAdmin(type, Type, mode, user, newDoc) - ); - } - // at least one rule fired, so the authenticated user is allowed to work with the document - return newDoc; - } - - // user or role was NOT authorized, return null - return null; -} - -export default async function authorize(type, Type, mode, user, data) { - // main authorize function, which is called by all resolvers - if (isArray(data)) { - // if data is an array, check each document individually - const result = []; - data.forEach((doc) => { - return async () => { - const newDoc = await check_rules(type, Type, mode, user, doc); - if (newDoc) result.push(newDoc); - }; - }); - return result; - } else if (isObject(data)) { - // if data is an object, check it directly - const doc = data; - const newDoc = await check_rules(type, Type, mode, user, doc); - return newDoc; - } - // otherwise return nothing - /* console.error( - 'Error in authorize: authorization rules for type not available.' - ); - */ - return null; -} diff --git a/test/input-authorization/Post1.graphql b/test/input-authorization/Post1.graphql deleted file mode 100644 index 4af28a6..0000000 --- a/test/input-authorization/Post1.graphql +++ /dev/null @@ -1,5 +0,0 @@ -type Post1 -{ - post: String! - owner: User1 @belongsTo -} \ No newline at end of file diff --git a/test/input-authorization/Post2.graphql b/test/input-authorization/Post2.graphql deleted file mode 100644 index 7872935..0000000 --- a/test/input-authorization/Post2.graphql +++ /dev/null @@ -1,14 +0,0 @@ -type Post2 -@authorize( - create: ["owner"] - read: ["world"] - update: ["owner", "admin"] - delete: ["owner", "admin"] - ownerField: "ownerId" - roleField: "role" -) -{ - post: String! - comment: String - owner: User1 @belongsTo -} \ No newline at end of file diff --git a/test/input-authorization/User1.graphql b/test/input-authorization/User1.graphql deleted file mode 100644 index 2c40ea6..0000000 --- a/test/input-authorization/User1.graphql +++ /dev/null @@ -1,3 +0,0 @@ -type User1 { - name: String -} \ No newline at end of file diff --git a/test/input-authorization/User2.graphql b/test/input-authorization/User2.graphql deleted file mode 100644 index faccbd3..0000000 --- a/test/input-authorization/User2.graphql +++ /dev/null @@ -1,13 +0,0 @@ -type User2 -@authorize( - create: ["owner"] - read: ["world"] - update: ["owner", "admin"] - delete: ["owner", "admin"] - ownerField: "ownerId" - roleField: "role" -) -{ - name: String - bio: String -} \ No newline at end of file diff --git a/test/test-authorization.sh b/test/test-authorization.sh deleted file mode 100755 index 5893f07..0000000 --- a/test/test-authorization.sh +++ /dev/null @@ -1,228 +0,0 @@ -#!/bin/bash -pushd "$(dirname $0)/.." > /dev/null -PACKAGE_DIR=`pwd` -popd > /dev/null - -CGS="$PACKAGE_DIR/dist/bin/create-graphql-server.js" -INPUT_DIR="$PACKAGE_DIR/test/input-authorization" -chmod +x $CGS - -set -e - -MD5HASH="" -TMPDIR1=`mktemp -d 2>/dev/null || mktemp -d -t 'cgs-test-authorization'` - -chmod -R 777 $TMPDIR1 - -function finish { - rm -rf $TMPDIR1 - echo - echo - echo "Test failed" -} -trap finish EXIT - -function exists { - if [ -f $1 ] ; then - return 0 - else - echo "Error: File is missing: " $1 - return 1 - fi -} - -function ifDirExistsRemove { - if [ -d $1 ] ; then - rm -rf $1 - fi -} - -function hasRef { - if [ -f $1 ] ; then - if [ `grep -o $2 $1 | wc -l` -eq $3 ] ; then - return 0 - else - echo "Error: File" $1 "contains" `grep -o $2 $1 | wc -l` "times the string '"$2"'. Expected are" $3 "times." - return 1 - fi - else - echo "Error: File is missing: " $1 - return 1 - fi -} - -function getMD5 { - # Detect Operating system - OS=$(uname) - MD5HASH="" - case "$OS" in - "Darwin") - { - MD5HASH=$(md5 -q $1) - } ;; - "Linux") - { - MD5HASH=($(md5sum $1)) - } ;; - *) - { - echo "Test failed. Unsopported OS" - exit - } ;; - esac - echo "$MD5HASH" -} - -function openDevEnv { - OS=$(uname) - MD5HASH="" - case "$OS" in - "Darwin") - { - PWD=$(pwd) - open $PWD - # open -a iTerm $PWD - subl . & - yarn install && yarn start - } ;; - esac -} - -# Prepare directory -echo 'cd $TMPDIR1' -cd $TMPDIR1 -ifDirExistsRemove output-app-start - -echo 'JWT_KEY=test-key $CGS init output-app-start' -JWT_KEY='test-key' $CGS init output-app-start - -echo 'cd output-app-start' -cd output-app-start - -echo '$CGS add-user "$INPUT_DIR/User1.graphql"' -$CGS add-user "$INPUT_DIR/User1.graphql" - -echo '$CGS add-user "$INPUT_DIR/User2.graphql"' -$CGS add-user "$INPUT_DIR/User2.graphql" - -echo '$CGS add-type "$INPUT_DIR/Post1.graphql"' -$CGS add-type "$INPUT_DIR/Post1.graphql" - -echo '$CGS add-type "$INPUT_DIR/Post2.graphql"' -$CGS add-type "$INPUT_DIR/Post2.graphql" - -# TEST1: Testing of 4 add-types -# it (should be pattern User1, User2, Post1, Post2 in model/index.js) -# it (should be pattern User1, User2, Post1, Post2 in resolvers/index.js) -# it (should be pattern User1, User2, Post1, Post2 in schema/index.js) -# it (should be pattern User1, User2, Post1, Post2 in authorization/index.js) -# it (should be a model/User1.js, resolver/User1.js, schema/User1.graphql, authorization/User1.js) -# it (should be a model/User2.js, resolver/User2.js, schema/User2.graphql, authorization/User2.js) -# it (should be a model/Post1.js, resolver/Post1.js, schema/Post1.graphql, authorization/Post1.js) -# it (should be a model/Post2.js, resolver/Post2.js, schema/Post2.graphql, authorization/Post2.js) -# testing files for existence: - -if exists "./model/User1.js" && - exists "./model/User2.js" && - exists "./model/Post1.js" && - exists "./model/Post2.js" && - - exists "./resolvers/User1.js" && - exists "./resolvers/User2.js" && - exists "./resolvers/Post1.js" && - exists "./resolvers/Post2.js" && - - exists "./schema/User1.graphql" && - exists "./schema/User2.graphql" && - exists "./schema/Post1.graphql" && - exists "./schema/Post2.graphql" && - - exists "./authorization/User1.js" && - exists "./authorization/User2.js" && - exists "./authorization/Post1.js" && - exists "./authorization/Post2.js" && - - hasRef "./model/index.js" "User1" 4 && - hasRef "./model/index.js" "User2" 4 && - hasRef "./model/index.js" "Post1" 4 && - hasRef "./model/index.js" "Post2" 4 && - - hasRef "./resolvers/index.js" "user1Resolvers" 2 && - hasRef "./resolvers/index.js" "user2Resolvers" 2 && - hasRef "./resolvers/index.js" "post1Resolvers" 2 && - hasRef "./resolvers/index.js" "post2Resolvers" 2 && - - hasRef "./schema/index.js" "./User1.graphql" 1 && - hasRef "./schema/index.js" "./User2.graphql" 1 && - hasRef "./schema/index.js" "./Post1.graphql" 1 && - hasRef "./schema/index.js" "./Post2.graphql" 1 && - - hasRef "./authorization/User1.js" "isUser" 1 && - hasRef "./authorization/User1.js" "defaultUserRole" 1 && - hasRef "./authorization/User1.js" "firstUserRole" 1 && - hasRef "./authorization/User1.js" "adminUserRole" 1 && - hasRef "./authorization/User1.js" "ownerField" 1 && - hasRef "./authorization/User1.js" "roleField" 1 && - hasRef "./authorization/User1.js" "create" 1 && - hasRef "./authorization/User1.js" "read" 1 && - hasRef "./authorization/User1.js" "update" 2 && - hasRef "./authorization/User1.js" "delete" 1 && - - hasRef "./authorization/User2.js" "isUser" 1 && - hasRef "./authorization/User2.js" "defaultUserRole" 1 && - hasRef "./authorization/User2.js" "firstUserRole" 1 && - hasRef "./authorization/User2.js" "adminUserRole" 1 && - hasRef "./authorization/User2.js" "ownerField" 1 && - hasRef "./authorization/User2.js" "roleField" 1 && - hasRef "./authorization/User2.js" "create" 1 && - hasRef "./authorization/User2.js" "read" 1 && - hasRef "./authorization/User2.js" "update" 1 && - hasRef "./authorization/User2.js" "delete" 1 && - - hasRef "./authorization/Post2.js" "ownerField" 1 && - hasRef "./authorization/Post2.js" "roleField" 1 && - hasRef "./authorization/Post2.js" "create" 1 && - hasRef "./authorization/Post2.js" "read" 1 && - hasRef "./authorization/Post2.js" "update" 1 && - hasRef "./authorization/Post2.js" "delete" 1 && - - hasRef "./authorization/Post2.js" "ownerField" 1 && - hasRef "./authorization/Post2.js" "roleField" 1 && - hasRef "./authorization/Post2.js" "create" 1 && - hasRef "./authorization/Post2.js" "read" 1 && - hasRef "./authorization/Post2.js" "update" 1 && - hasRef "./authorization/Post2.js" "delete" 1 && - - hasRef "./schema/User1.graphql" "name" 3 && - hasRef "./schema/User1.graphql" "email" 3 && - hasRef "./schema/User1.graphql" "password" 2 && - hasRef "./schema/User1.graphql" "role:" 3 && - - hasRef "./schema/User2.graphql" "name" 3 && - hasRef "./schema/User2.graphql" "email" 3 && - hasRef "./schema/User2.graphql" "password" 2 && - hasRef "./schema/User2.graphql" "role:" 3 && - - hasRef "./schema/Post1.graphql" "post:" 3 && - hasRef "./schema/Post1.graphql" "owner:" 1 && - hasRef "./schema/Post1.graphql" "ownerId:" 2 && - - hasRef "./schema/Post2.graphql" "post:" 3 && - hasRef "./schema/Post2.graphql" "owner:" 1 && - hasRef "./schema/Post2.graphql" "ownerId:" 2 && - - hasRef "./authorization/index.js" "User1" 4 && - hasRef "./authorization/index.js" "User2" 4 && - hasRef "./authorization/index.js" "Post1" 4 && - hasRef "./authorization/index.js" "Post2" 4 ; then - echo "Test Passed Test1: 4 add-types" - openDevEnv -else - echo "Test Failed Test1: 4 add-types" -fi - -set +e -trap - EXIT -echo " " -echo "ALL TESTS PASSED" -echo " " \ No newline at end of file diff --git a/yarn.lock b/yarn.lock index 140ff49..eec5f48 100644 --- a/yarn.lock +++ b/yarn.lock @@ -31,6 +31,7 @@ ajv@^4.7.0: co "^4.6.0" json-stable-stringify "^1.0.1" +<<<<<<< HEAD <<<<<<< HEAD ansi-escapes@^2.0.0: version "2.0.0" @@ -43,6 +44,8 @@ ajv@^4.9.1: co "^4.6.0" json-stable-stringify "^1.0.1" +======= +>>>>>>> Revert "add-user and authorization prototype" ansi-escapes@^1.1.0: version "1.4.0" resolved "https://registry.yarnpkg.com/ansi-escapes/-/ansi-escapes-1.4.0.tgz#d3a8a83b319aa67793662b13e761c7911422306e" @@ -132,10 +135,6 @@ ast-types@0.9.2: version "0.9.2" resolved "https://registry.yarnpkg.com/ast-types/-/ast-types-0.9.2.tgz#2cc19979d15c655108bf565323b8e7ee38751f6b" -ast-types@^0.9.11: - version "0.9.11" - resolved "https://registry.yarnpkg.com/ast-types/-/ast-types-0.9.11.tgz#371177bb59232ff5ceaa1d09ee5cad705b1a5aa9" - async-each@^1.0.0: version "1.0.1" resolved "https://registry.yarnpkg.com/async-each/-/async-each-1.0.1.tgz#19d386a1d9edc6e7c1c85d388aedbcc56d33602d" @@ -186,14 +185,6 @@ babel-code-frame@^6.16.0: esutils "^2.0.2" js-tokens "^2.0.0" -babel-code-frame@^6.22.0: - version "6.22.0" - resolved "https://registry.yarnpkg.com/babel-code-frame/-/babel-code-frame-6.22.0.tgz#027620bee567a88c32561574e7fd0801d33118e4" - dependencies: - chalk "^1.1.0" - esutils "^2.0.2" - js-tokens "^3.0.0" - babel-core@6.17.0, babel-core@^6.16.0: version "6.17.0" resolved "https://registry.yarnpkg.com/babel-core/-/babel-core-6.17.0.tgz#6c4576447df479e241e58c807e4bc7da4db7f425" @@ -220,14 +211,14 @@ babel-core@6.17.0, babel-core@^6.16.0: slash "^1.0.0" source-map "^0.5.0" -babel-eslint@^7.0.0: - version "7.2.3" - resolved "https://registry.yarnpkg.com/babel-eslint/-/babel-eslint-7.2.3.tgz#b2fe2d80126470f5c19442dc757253a897710827" +babel-eslint@7.0.0: + version "7.0.0" + resolved "https://registry.yarnpkg.com/babel-eslint/-/babel-eslint-7.0.0.tgz#54e51b4033f54ac81326ecea4c646a779935196d" dependencies: - babel-code-frame "^6.22.0" - babel-traverse "^6.23.1" - babel-types "^6.23.0" - babylon "^6.17.0" + babel-traverse "^6.15.0" + babel-types "^6.15.0" + babylon "^6.11.2" + lodash.pickby "^4.6.0" babel-generator@^6.17.0: version "6.18.0" @@ -368,12 +359,6 @@ babel-helpers@^6.16.0: babel-runtime "^6.0.0" babel-template "^6.16.0" -babel-messages@^6.23.0: - version "6.23.0" - resolved "https://registry.yarnpkg.com/babel-messages/-/babel-messages-6.23.0.tgz#f3cdf4703858035b2a2951c6ec5edf6c62f2630e" - dependencies: - babel-runtime "^6.22.0" - babel-messages@^6.8.0: version "6.8.0" resolved "https://registry.yarnpkg.com/babel-messages/-/babel-messages-6.8.0.tgz#bf504736ca967e6d65ef0adb5a2a5f947c8e0eb9" @@ -778,13 +763,6 @@ babel-runtime@^6.0.0, babel-runtime@^6.11.6, babel-runtime@^6.9.0, babel-runtime core-js "^2.4.0" regenerator-runtime "^0.9.5" -babel-runtime@^6.22.0: - version "6.23.0" - resolved "https://registry.yarnpkg.com/babel-runtime/-/babel-runtime-6.23.0.tgz#0a9489f144de70efb3ce4300accdb329e2fc543b" - dependencies: - core-js "^2.4.0" - regenerator-runtime "^0.10.0" - babel-template@^6.14.0, babel-template@^6.15.0, babel-template@^6.16.0, babel-template@^6.8.0: version "6.16.0" resolved "https://registry.yarnpkg.com/babel-template/-/babel-template-6.16.0.tgz#e149dd1a9f03a35f817ddbc4d0481988e7ebc8ca" @@ -795,7 +773,7 @@ babel-template@^6.14.0, babel-template@^6.15.0, babel-template@^6.16.0, babel-te babylon "^6.11.0" lodash "^4.2.0" -babel-traverse@^6.16.0: +babel-traverse@^6.15.0, babel-traverse@^6.16.0, babel-traverse@^6.18.0: version "6.18.0" resolved "https://registry.yarnpkg.com/babel-traverse/-/babel-traverse-6.18.0.tgz#5aeaa980baed2a07c8c47329cd90c3b90c80f05e" dependencies: @@ -809,30 +787,7 @@ babel-traverse@^6.16.0: invariant "^2.2.0" lodash "^4.2.0" -babel-traverse@^6.18.0, babel-traverse@^6.23.1: - version "6.24.1" - resolved "https://registry.yarnpkg.com/babel-traverse/-/babel-traverse-6.24.1.tgz#ab36673fd356f9a0948659e7b338d5feadb31695" - dependencies: - babel-code-frame "^6.22.0" - babel-messages "^6.23.0" - babel-runtime "^6.22.0" - babel-types "^6.24.1" - babylon "^6.15.0" - debug "^2.2.0" - globals "^9.0.0" - invariant "^2.2.0" - lodash "^4.2.0" - -babel-types@^6.13.0, babel-types@^6.18.0, babel-types@^6.23.0, babel-types@^6.24.1, babel-types@^6.8.0, babel-types@^6.9.0: - version "6.24.1" - resolved "https://registry.yarnpkg.com/babel-types/-/babel-types-6.24.1.tgz#a136879dc15b3606bda0d90c1fc74304c2ff0975" - dependencies: - babel-runtime "^6.22.0" - esutils "^2.0.2" - lodash "^4.2.0" - to-fast-properties "^1.0.1" - -babel-types@^6.16.0: +babel-types@^6.13.0, babel-types@^6.15.0, babel-types@^6.16.0, babel-types@^6.18.0, babel-types@^6.8.0, babel-types@^6.9.0: version "6.18.0" resolved "https://registry.yarnpkg.com/babel-types/-/babel-types-6.18.0.tgz#1f7d5a73474c59eb9151b2417bbff4e4fce7c3f8" dependencies: @@ -841,10 +796,11 @@ babel-types@^6.16.0: lodash "^4.2.0" to-fast-properties "^1.0.1" -babylon, babylon@^6.11.0: +babylon, babylon@^6.11.0, babylon@^6.11.2: version "6.14.1" resolved "https://registry.yarnpkg.com/babylon/-/babylon-6.14.1.tgz#956275fab72753ad9b3435d7afe58f8bf0a29815" +<<<<<<< HEAD babylon@^6.15.0, babylon@^6.17.0: <<<<<<< HEAD version "6.17.1" @@ -854,6 +810,8 @@ babylon@^6.15.0, babylon@^6.17.0: resolved "https://registry.yarnpkg.com/babylon/-/babylon-6.17.0.tgz#37da948878488b9c4e3c4038893fa3314b3fc932" >>>>>>> add-user and authorization prototype +======= +>>>>>>> Revert "add-user and authorization prototype" balanced-match@^0.4.1: version "0.4.2" resolved "https://registry.yarnpkg.com/balanced-match/-/balanced-match-0.4.2.tgz#cb3f3e3c732dc0f01ee70b403f302e61d7709838" @@ -868,14 +826,6 @@ bcrypt-pbkdf@^1.0.0: dependencies: tweetnacl "^0.14.3" -bcrypt@^1.0.2: - version "1.0.2" - resolved "https://registry.yarnpkg.com/bcrypt/-/bcrypt-1.0.2.tgz#d05fc5d223173e0e28ec381c0f00cc25ffaf2736" - dependencies: - bindings "1.2.1" - nan "2.5.0" - node-pre-gyp "0.6.32" - bin-version-check@^2.1.0: version "2.1.0" resolved "https://registry.yarnpkg.com/bin-version-check/-/bin-version-check-2.1.0.tgz#e4e5df290b9069f7d111324031efc13fdd11a5b0" @@ -895,10 +845,6 @@ binary-extensions@^1.0.0: version "1.7.0" resolved "https://registry.yarnpkg.com/binary-extensions/-/binary-extensions-1.7.0.tgz#6c1610db163abfb34edfe42fa423343a1e01185d" -bindings@1.2.1: - version "1.2.1" - resolved "https://registry.yarnpkg.com/bindings/-/bindings-1.2.1.tgz#14ad6113812d2d37d72e67b4cacb4bb726505f11" - block-stream@*: version "0.0.9" resolved "https://registry.yarnpkg.com/block-stream/-/block-stream-0.0.9.tgz#13ebfe778a03205cfe03751481ebb4b3300c126a" @@ -970,10 +916,6 @@ caseless@~0.11.0: version "0.11.0" resolved "https://registry.yarnpkg.com/caseless/-/caseless-0.11.0.tgz#715b96ea9841593cc33067923f5ec60ebda4f7d7" -caseless@~0.12.0: - version "0.12.0" - resolved "https://registry.yarnpkg.com/caseless/-/caseless-0.12.0.tgz#1b681c21ff84033c826543090689420d187151dc" - chai: version "3.5.0" resolved "https://registry.yarnpkg.com/chai/-/chai-3.5.0.tgz#4d02637b067fe958bdbfdd3a40ec56fef7373247" @@ -1598,19 +1540,6 @@ gauge@~2.6.0: strip-ansi "^3.0.1" wide-align "^1.1.0" -gauge@~2.7.3: - version "2.7.4" - resolved "https://registry.yarnpkg.com/gauge/-/gauge-2.7.4.tgz#2c03405c7538c39d7eb37b317022e325fb018bf7" - dependencies: - aproba "^1.0.3" - console-control-strings "^1.0.0" - has-unicode "^2.0.0" - object-assign "^4.1.0" - signal-exit "^3.0.0" - string-width "^1.0.1" - strip-ansi "^3.0.1" - wide-align "^1.1.0" - generate-function@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/generate-function/-/generate-function-2.0.0.tgz#6858fe7c0969b7d4e9093337647ac79f60dfbe74" @@ -1731,10 +1660,6 @@ growl@1.9.2: version "1.9.2" resolved "https://registry.yarnpkg.com/growl/-/growl-1.9.2.tgz#0ea7743715db8d8de2c5ede1775e1b45ac85c02f" -har-schema@^1.0.5: - version "1.0.5" - resolved "https://registry.yarnpkg.com/har-schema/-/har-schema-1.0.5.tgz#d263135f43307c02c602afc8fe95970c0151369e" - har-validator@~2.0.6: version "2.0.6" resolved "https://registry.yarnpkg.com/har-validator/-/har-validator-2.0.6.tgz#cdcbc08188265ad119b6a5a7c8ab70eecfb5d27d" @@ -1744,13 +1669,6 @@ har-validator@~2.0.6: is-my-json-valid "^2.12.4" pinkie-promise "^2.0.0" -har-validator@~4.2.1: - version "4.2.1" - resolved "https://registry.yarnpkg.com/har-validator/-/har-validator-4.2.1.tgz#33481d0f1bbff600dd203d75812a6a5fba002e2a" - dependencies: - ajv "^4.9.1" - har-schema "^1.0.5" - has-ansi@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/has-ansi/-/has-ansi-2.0.0.tgz#34f5049ce1ecdf2b0649af3ef24e45ed35416d91" @@ -2031,6 +1949,7 @@ js-tokens@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/js-tokens/-/js-tokens-2.0.0.tgz#79903f5563ee778cc1162e6dcf1a0027c97f9cb5" +<<<<<<< HEAD js-tokens@^3.0.0: version "3.0.1" resolved "https://registry.yarnpkg.com/js-tokens/-/js-tokens-3.0.1.tgz#08e9f132484a2c45a30907e9dc4d5567b7f114d7" @@ -2040,6 +1959,8 @@ js-yaml@^3.8.4: version "3.8.4" resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-3.8.4.tgz#520b4564f86573ba96662af85a8cafa7b4b5a6f6" ======= +======= +>>>>>>> Revert "add-user and authorization prototype" js-yaml@^3.5.1: version "3.7.0" resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-3.7.0.tgz#5c967ddd837a9bfdca5f2de84253abe8a1c03b80" @@ -2207,6 +2128,7 @@ lodash.merge@^4.6.0: version "4.6.0" resolved "https://registry.yarnpkg.com/lodash.merge/-/lodash.merge-4.6.0.tgz#69884ba144ac33fe699737a6086deffadd0f89c5" +<<<<<<< HEAD <<<<<<< HEAD lodash@^4.0.0, lodash@^4.17.4: version "4.17.4" @@ -2214,6 +2136,12 @@ lodash@^4.0.0, lodash@^4.17.4: lodash@^4.2.0, lodash@^4.3.0: ======= +======= +lodash.pickby@^4.6.0: + version "4.6.0" + resolved "https://registry.yarnpkg.com/lodash.pickby/-/lodash.pickby-4.6.0.tgz#7dea21d8c18d7703a27c704c15d3b84a67e33aff" + +>>>>>>> Revert "add-user and authorization prototype" lodash@^4.0.0, lodash@^4.2.0, lodash@^4.3.0: >>>>>>> add-user and authorization prototype version "4.16.6" @@ -2361,10 +2289,6 @@ mute-stream@0.0.7: version "0.0.7" resolved "https://registry.yarnpkg.com/mute-stream/-/mute-stream-0.0.7.tgz#3075ce93bc21b8fab43e1bc4da7e8115ed1e7bab" -nan@2.5.0: - version "2.5.0" - resolved "https://registry.yarnpkg.com/nan/-/nan-2.5.0.tgz#aa8f1e34531d807e9e27755b234b4a6ec0c152a8" - nan@^2.3.0: version "2.4.0" resolved "https://registry.yarnpkg.com/nan/-/nan-2.4.0.tgz#fb3c59d45fe4effe215f0b890f8adf6eb32d2232" @@ -2380,20 +2304,6 @@ node-fetch: encoding "^0.1.11" is-stream "^1.0.1" -node-pre-gyp@0.6.32: - version "0.6.32" - resolved "https://registry.yarnpkg.com/node-pre-gyp/-/node-pre-gyp-0.6.32.tgz#fc452b376e7319b3d255f5f34853ef6fd8fe1fd5" - dependencies: - mkdirp "~0.5.1" - nopt "~3.0.6" - npmlog "^4.0.1" - rc "~1.1.6" - request "^2.79.0" - rimraf "~2.5.4" - semver "~5.3.0" - tar "~2.2.1" - tar-pack "~3.3.0" - node-pre-gyp@^0.6.29: version "0.6.31" resolved "https://registry.yarnpkg.com/node-pre-gyp/-/node-pre-gyp-0.6.31.tgz#d8a00ddaa301a940615dbcc8caad4024d58f6017" @@ -2440,15 +2350,6 @@ npmlog@^4.0.0: gauge "~2.6.0" set-blocking "~2.0.0" -npmlog@^4.0.1: - version "4.1.0" - resolved "https://registry.yarnpkg.com/npmlog/-/npmlog-4.1.0.tgz#dc59bee85f64f00ed424efb2af0783df25d1c0b5" - dependencies: - are-we-there-yet "~1.1.2" - console-control-strings "~1.1.0" - gauge "~2.7.3" - set-blocking "~2.0.0" - number-is-nan@^1.0.0: version "1.0.1" resolved "https://registry.yarnpkg.com/number-is-nan/-/number-is-nan-1.0.1.tgz#097b602b53422a522c1afb8790318336941a011d" @@ -2550,10 +2451,6 @@ path-type@^1.0.0: pify "^2.0.0" pinkie-promise "^2.0.0" -performance-now@^0.2.0: - version "0.2.0" - resolved "https://registry.yarnpkg.com/performance-now/-/performance-now-0.2.0.tgz#33ef30c5c77d4ea21c5a53869d91b56d8f2555e5" - pify@^2.0.0: version "2.3.0" resolved "https://registry.yarnpkg.com/pify/-/pify-2.3.0.tgz#ed141a6ac043a849ea588498e7dca8b15330e90c" @@ -2616,10 +2513,6 @@ qs@~6.3.0: version "6.3.0" resolved "https://registry.yarnpkg.com/qs/-/qs-6.3.0.tgz#f403b264f23bc01228c74131b407f18d5ea5d442" -qs@~6.4.0: - version "6.4.0" - resolved "https://registry.yarnpkg.com/qs/-/qs-6.4.0.tgz#13e26d28ad6b0ffaa91312cd3bf708ed351e7233" - randomatic@^1.1.3: version "1.1.5" resolved "https://registry.yarnpkg.com/randomatic/-/randomatic-1.1.5.tgz#5e9ef5f2d573c67bd2b8124ae90b5156e457840b" @@ -2715,10 +2608,6 @@ regenerate@^1.2.1: version "1.3.2" resolved "https://registry.yarnpkg.com/regenerate/-/regenerate-1.3.2.tgz#d1941c67bad437e1be76433add5b385f95b19260" -regenerator-runtime@^0.10.0: - version "0.10.5" - resolved "https://registry.yarnpkg.com/regenerator-runtime/-/regenerator-runtime-0.10.5.tgz#336c3efc1220adcedda2c9fab67b5a7955a33658" - regenerator-runtime@^0.9.5: version "0.9.6" resolved "https://registry.yarnpkg.com/regenerator-runtime/-/regenerator-runtime-0.9.6.tgz#d33eb95d0d2001a4be39659707c51b0cb71ce029" @@ -2787,6 +2676,7 @@ request@^2.65.0, request@^2.75.0: tough-cookie "~2.3.0" tunnel-agent "~0.4.1" +<<<<<<< HEAD <<<<<<< HEAD require-uncached@^1.0.3: ======= @@ -2817,6 +2707,8 @@ request@^2.79.0: tunnel-agent "^0.6.0" uuid "^3.0.0" +======= +>>>>>>> Revert "add-user and authorization prototype" require-uncached@^1.0.2: >>>>>>> add-user and authorization prototype version "1.0.3" @@ -2866,10 +2758,6 @@ safe-buffer@~5.0.1: version "5.0.1" resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.0.1.tgz#d263ca54696cd8a306b5ca6551e92de57918fbe7" -safe-buffer@^5.0.1: - version "5.0.1" - resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.0.1.tgz#d263ca54696cd8a306b5ca6551e92de57918fbe7" - semver-regex@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/semver-regex/-/semver-regex-1.0.0.tgz#92a4969065f9c70c694753d55248fc68f8f652c9" @@ -3094,12 +2982,6 @@ tryit@^1.0.1: version "1.0.3" resolved "https://registry.yarnpkg.com/tryit/-/tryit-1.0.3.tgz#393be730a9446fd1ead6da59a014308f36c289cb" -tunnel-agent@^0.6.0: - version "0.6.0" - resolved "https://registry.yarnpkg.com/tunnel-agent/-/tunnel-agent-0.6.0.tgz#27a5dea06b36b04a0a9966774b290868f0fc40fd" - dependencies: - safe-buffer "^5.0.1" - tunnel-agent@~0.4.1: version "0.4.3" resolved "https://registry.yarnpkg.com/tunnel-agent/-/tunnel-agent-0.4.3.tgz#6373db76909fe570e08d73583365ed828a74eeeb" @@ -3138,10 +3020,6 @@ util-deprecate@~1.0.1: version "1.0.2" resolved "https://registry.yarnpkg.com/util-deprecate/-/util-deprecate-1.0.2.tgz#450d4dc9fa70de732762fbd2d4a28981419a0ccf" -uuid@^3.0.0: - version "3.0.1" - resolved "https://registry.yarnpkg.com/uuid/-/uuid-3.0.1.tgz#6544bba2dfda8c1cf17e629a3a305e2bb1fee6c1" - v8flags@^2.0.10: version "2.0.11" resolved "https://registry.yarnpkg.com/v8flags/-/v8flags-2.0.11.tgz#bca8f30f0d6d60612cc2c00641e6962d42ae6881" From ab3cb9a29098179fb32fbfa859b10f9b6187337a Mon Sep 17 00:00:00 2001 From: tobkle Date: Sun, 13 Aug 2017 23:30:57 +0200 Subject: [PATCH 54/69] PR adjustments + npm package --- .gitignore | 1 + README.md | 102 +++++++- npm-debug.log | 51 ++++ package.json | 4 + test/output-app/.gitignore | 2 +- test/output-app/README.md | 295 ++++++++++++++++++++-- test/output-app/index.js | 3 +- test/output-app/log/all-logs-readable.log | 1 + test/output-app/model/Tweet.js | 22 +- test/output-app/model/User.js | 4 +- test/output-app/package.json | 5 +- test/output-app/server/authenticate.js | 2 +- test/output-app/server/authorize.js | 164 ------------ test/output-app/server/index.js | 10 +- test/output-app/server/logger.js | 65 ----- test/output-app/yarn.lock | 53 +++- yarn.lock | 167 ++++++++---- 17 files changed, 630 insertions(+), 321 deletions(-) create mode 100644 npm-debug.log delete mode 100644 test/output-app/server/authorize.js delete mode 100644 test/output-app/server/logger.js diff --git a/.gitignore b/.gitignore index 4e43788..d3b3fa9 100644 --- a/.gitignore +++ b/.gitignore @@ -6,3 +6,4 @@ dev.sqlite3 db ./output dist +log/all-logs-readable.log diff --git a/README.md b/README.md index a6002d8..7f8ccde 100644 --- a/README.md +++ b/README.md @@ -151,7 +151,107 @@ class User { } ``` -### Client side code +## Authorization + +create-graphql-server can also handle authorizations. There are two ways to control authorizations: +* Authorization by User-Roles +* Authorization by Document-Roles + +**User-Roles** are stored in the User type. They group a number of users together, having all the same authorizations, defined with their role they play. Use it to define a user as a "super-administrator", "administrator", "publisher", "editor" or a "default-user". You are free to define your own names and numbers of User-Roles. + +**Document-Roles** are stored in document fields which are referencing a User._id. They are there, to define fine grained authorizations for individual documents based on single user level. Use it to define an "owner", "creator", author" or "coauthor" of a document. Define the authorization they are allowed to do with this specific document. Here, the userId will be stored in the corresponding document field instead. If a user wants the specific authorization, it is tested, if this userId is stored in the document, if so, he gains access, if not, it is not allowed. + +You can combine both models to define your authorization logic. + +Add authorization logic by using a simple @authorize directive within your type definition. Use the following syntax: +```javascript +type ... +@authorize( + : [] + : [] + : [] +) +... +: String @authRole("") // User-Role: Stores the Role name in the User type +: User @authRole("") // Document-Role: Stores Single UserId +: [User] @authRole("") // Document-Role: Stores Multiple UserIds +... +``` + +A \ can be any name, you want to use for, to describe the authorizations of a group of users. A user can be assigned this \ in a user type of any \. You have to mark the relevant field name with the directive @authRole("\"). + +A list of authorizations can be: +* create: role is authorized to create a record of this type. +* read: role is authorized to readOne and readMany of this type. + * readOne: role is authorized to only readOne of this type. + * readMany: role is authorized to readMany of this type. +* update: role is authorized to update a record of this type. +* delete: role is authorized to delete a record of this type. + +You can add any number of roles within a @authorize directive. + +There is one pre-defined User-Role called "world". The world role includes all users, signed-in and not signed-in anonymous users. Use this role to define an authorization-list valid for all users. + +#### Example on type User +```javascript +type User + +@authorize( + admin: ["create", "read", "update", "delete"] // User-Role + this: ["read", "update", "delete"] // Document-Role +) + +{ + role: String @authRole("admin") + username: String! + + bio: String + notify: Boolean + + tweets(minLikes: Int): [Tweet!] @hasMany(as: "author") + liked: [Tweet!] @belongsToMany + + following: [User!] @belongsToMany + followers: [User!] @hasAndBelongsToMany(as: "following") +} +``` + +#### Example on type Tweet + +```javascript +type Tweet + +@authorize( + admin: ["create", "read", "update", "delete"], // User-Role + world: ["read"] // User-Role + author: ["create", "read", "update", "delete"], // Document-Role + coauthors: ["read", "update"], // Document-Role +) + +{ + author: User! @unmodifiable @belongsTo @authRole("author") + coauthors: [User] @belongsTo @authRole("coauthors") + body: String! + + likers: [User!] @hasAndBelongsToMany(as: "liked") +} +``` + +If you add these types with the create-graphql-server command-line-interface: +```bash +create-graphql-server add-type path/to/input.graphql +``` + +It will add automatically the authorization code in the model/\.js files. Have a look into the generated code or in the test application: "test/output-app/model/User.js". + +You can manually change the code to protect also single fields of a type. Do it by the usage of this function: +```javascript +// userRole secretField document +docToInsert = protectFields(me, ['admin'], ['role'], docToInsert, { User: this.context.User }); +``` +By this, only a User (me) with role "admin" is allowed to access the field "docToInsert.role". For any other user, this field is removed from the docToInsert during the protectFields run. + +## Client side code To create users, simply call your generated `createUser` mutation (you may want to add authorization to the resolver, feel free to modify it). diff --git a/npm-debug.log b/npm-debug.log new file mode 100644 index 0000000..117132f --- /dev/null +++ b/npm-debug.log @@ -0,0 +1,51 @@ +0 info it worked if it ends with ok +1 verbose cli [ '/usr/local/bin/node', +1 verbose cli '/usr/local/bin/npm', +1 verbose cli 'run', +1 verbose cli 'testonly', +1 verbose cli '--', +1 verbose cli './test/output-app-end-to-end' ] +2 info using npm@3.10.8 +3 info using node@v7.0.0 +4 verbose run-script [ 'pretestonly', 'testonly', 'posttestonly' ] +5 info lifecycle create-graphql-server@0.5.3~pretestonly: create-graphql-server@0.5.3 +6 silly lifecycle create-graphql-server@0.5.3~pretestonly: no script for pretestonly, continuing +7 info lifecycle create-graphql-server@0.5.3~testonly: create-graphql-server@0.5.3 +8 verbose lifecycle create-graphql-server@0.5.3~testonly: unsafe-perm in lifecycle true +9 verbose lifecycle create-graphql-server@0.5.3~testonly: PATH: /usr/local/lib/node_modules/npm/bin/node-gyp-bin:/Users/Toby/MICRO/create-graphql-server-3/node_modules/.bin:/Users/Toby/MICRO/create-graphql-server-3/node_modules/.bin:/Users/Toby/.config/yarn/link/node_modules/.bin:/Users/Toby/MICRO/create-graphql-server-3/node_modules/.bin:/Users/Toby/.config/yarn/link/node_modules/.bin:/usr/local/Cellar/yarn/0.17.10/libexec/lib/node_modules/yarn/bin/node-gyp-bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/share/dotnet:/Library/Frameworks/Mono.framework/Versions/Current/Commands:/Users/Toby/.nvm/versions/node/v7.0.0/bin:/Library/Frameworks/Python.framework/Versions/2.7/bin:~/Library/Android/sdk/tools:~/Library/Android/sdk/platform-tools:/usr/local/terraform/bin:/Users/Toby/terraform:/Applications/MAMP/bin/php/php7.0.8/bin:/Library/Frameworks/Python.framework/Versions/3.5/bin +10 verbose lifecycle create-graphql-server@0.5.3~testonly: CWD: /Users/Toby/MICRO/create-graphql-server-3 +11 silly lifecycle create-graphql-server@0.5.3~testonly: Args: [ '-c', +11 silly lifecycle 'mocha --require babel-register "./test/output-app-end-to-end"' ] +12 silly lifecycle create-graphql-server@0.5.3~testonly: Returned: code: 3 signal: null +13 info lifecycle create-graphql-server@0.5.3~testonly: Failed to exec testonly script +14 verbose stack Error: create-graphql-server@0.5.3 testonly: `mocha --require babel-register "./test/output-app-end-to-end"` +14 verbose stack Exit status 3 +14 verbose stack at EventEmitter. (/usr/local/lib/node_modules/npm/lib/utils/lifecycle.js:255:16) +14 verbose stack at emitTwo (events.js:106:13) +14 verbose stack at EventEmitter.emit (events.js:191:7) +14 verbose stack at ChildProcess. (/usr/local/lib/node_modules/npm/lib/utils/spawn.js:40:14) +14 verbose stack at emitTwo (events.js:106:13) +14 verbose stack at ChildProcess.emit (events.js:191:7) +14 verbose stack at maybeClose (internal/child_process.js:877:16) +14 verbose stack at Process.ChildProcess._handle.onexit (internal/child_process.js:226:5) +15 verbose pkgid create-graphql-server@0.5.3 +16 verbose cwd /Users/Toby/MICRO/create-graphql-server-3 +17 error Darwin 16.7.0 +18 error argv "/usr/local/bin/node" "/usr/local/bin/npm" "run" "testonly" "--" "./test/output-app-end-to-end" +19 error node v7.0.0 +20 error npm v3.10.8 +21 error code ELIFECYCLE +22 error create-graphql-server@0.5.3 testonly: `mocha --require babel-register "./test/output-app-end-to-end"` +22 error Exit status 3 +23 error Failed at the create-graphql-server@0.5.3 testonly script 'mocha --require babel-register "./test/output-app-end-to-end"'. +23 error Make sure you have the latest version of node.js and npm installed. +23 error If you do, this is most likely a problem with the create-graphql-server package, +23 error not with npm itself. +23 error Tell the author that this fails on your system: +23 error mocha --require babel-register "./test/output-app-end-to-end" +23 error You can get information on how to open an issue for this project with: +23 error npm bugs create-graphql-server +23 error Or if that isn't available, you can get their info via: +23 error npm owner ls create-graphql-server +23 error There is likely additional logging output above. +24 verbose exit [ 1, true ] diff --git a/package.json b/package.json index 1dc3327..e640b2f 100644 --- a/package.json +++ b/package.json @@ -22,6 +22,9 @@ "build": "npm run clean && babel bin --out-dir dist/bin && babel generate -D --out-dir dist/generate && cp -r skel dist", "prepublish": "npm run build" }, + "config": { + "logfile": "log/all-logs-readable.log" + }, "author": "Tom Coleman", "license": "MIT", "devDependencies": { @@ -47,6 +50,7 @@ "babylon": "^6.14.1", "chalk": "^1.1.3", "cpr": "^2.0.0", + "create-graphql-server-authorization": "^0.0.12", "denodeify": "^1.2.1", "escape-string-regexp": "^1.0.5", "global": "^4.3.2", diff --git a/test/output-app/.gitignore b/test/output-app/.gitignore index 5b29f10..7866035 100644 --- a/test/output-app/.gitignore +++ b/test/output-app/.gitignore @@ -1,4 +1,4 @@ node_modules /db /input -server/logs/all-logs.log +log/all-logs-readable.log diff --git a/test/output-app/README.md b/test/output-app/README.md index 6d57b04..6e7f80e 100644 --- a/test/output-app/README.md +++ b/test/output-app/README.md @@ -8,6 +8,7 @@ This is a generated create-graphql-server app. The authentication is performed in those locations: * ./server/index.js <<<<<<< HEAD +<<<<<<< HEAD * ./server/authenticate.js * ./model/index.js @@ -17,13 +18,20 @@ In the server, the database is started, and the UserCollection is defined. That' In ```js authenticate(app, UserCollection)``` the authentication is prepared and processed. Later, if a user sends a 'graphql' request, the user is determined with ```js passport.authenticate(...)```. After that, the user is whether an anonymous user or an authenticated user. You find the identified user in the object "me". Then the type models have to be initialized with the user "me" authorizations: ```js req.context = addModelsToContext({... me ...})```. ======= * ./model/index.js +======= +>>>>>>> PR adjustments + npm package * ./server/authenticate.js +* ./model/index.js ### ./server/index.js -In the server, the database is started, and the UserCollection is defined. That's who the server accesses the user documents in the database. +In the server, the database is started, and the UserCollection is defined. That's where the server accesses the user documents in the database. +<<<<<<< HEAD In ```js authenticate(app, UserCollection)``` the authentication is prepared and processed. Later if a user sends a 'graphql' request, the user is determined with ```js passport.authenticate(...)```. After that, the user is whether an anonymous user or an authenticated user. You find the identified user in the object "me". Then the type models have to be initialized with the user "me" authorizations: ```js req.context = addModelsToContext({... me ...})```. >>>>>>> new authorization version from 2017-07-17 +======= +In ```js authenticate(app, UserCollection)``` the authentication is prepared and processed. Later, if a user sends a 'graphql' request, the user is determined with ```js passport.authenticate(...)```. After that, the user is whether an anonymous user or an authenticated user. You find the identified user in the object "me". Then the type models have to be initialized with the user "me" authorizations: ```js req.context = addModelsToContext({... me ...})```. +>>>>>>> PR adjustments + npm package ```javascript ... @@ -72,8 +80,8 @@ async function startServer() { >>>>>>> new authorization version from 2017-07-17 ======= formatError(e) { - console.log(e); - return e; + console.log(e); + return e; }, >>>>>>> authorization }; @@ -85,6 +93,9 @@ async function startServer() { ``` <<<<<<< HEAD +<<<<<<< HEAD +======= +>>>>>>> PR adjustments + npm package By-the-way: The server/index.js is able to access the User collection directly by the following two lines. This is used in the server/authenticate.js during authenticate. ```js ... @@ -94,12 +105,17 @@ authenticate(app, UserCollection); ... ``` +<<<<<<< HEAD ### ./model/index.js If there is a User model generated, then we load it as the first model. It defines the model, which will be used in the other models as well, to perform the authorization checks. ======= ### ./model/index.js If there is a User model generated, then we load it as the first model. It defines the model, which will be used in the other models as well, to perform the authorization checks. >>>>>>> new authorization version from 2017-07-17 +======= +### ./model/index.js +If there is a User model generated, then we load it as the first model. It defines the model, which will be used in the other models as well, to perform the authorization checks. +>>>>>>> PR adjustments + npm package ```javascript const models = {}; @@ -127,10 +143,14 @@ models.User = User; ### ./server/authenticate.js <<<<<<< HEAD +<<<<<<< HEAD Here, the real identification of an user is performed. After a user requested a '/login' url with user and password. The user's email is searched in the database. If it is there, it checks if the user's encrypted hash is equal to the encrypted password. If so, a user is identified and a JWT token is generated and transfered back to the requesting user. This JWT token is usually stored in the client's browsers local storage and added to the next call in the Authorization header. With all the next requests of that user, he sends an header like... ======= Here the real identification of an user is performed. After a user requested a '/login' with user and password. The user's email is searched in the database. If it is there, it checks if the user's encrypted hash is equal to the encrypted password, if so, a user is identified and a JWT token is generated and transfered back to the requesting user. With all the next requests of that user, he sends an header like... >>>>>>> new authorization version from 2017-07-17 +======= +Here, the real identification of an user is performed. After a user requested a '/login' url with user and password. The user's email is searched in the database. If it is there, it checks if the user's encrypted hash is equal to the encrypted password. If so, a user is identified and a JWT token is generated and transfered back to the requesting user. This JWT token is usually stored in the client's browsers local storage and added to the next call in the Authorization header. With all the next requests of that user, he sends an header like... +>>>>>>> PR adjustments + npm package ```javacript authorization JWT calculated.JWT.token ``` @@ -145,10 +165,14 @@ import nodeify from 'nodeify'; import bcrypt from 'bcrypt'; import DataLoader from 'dataloader'; <<<<<<< HEAD +<<<<<<< HEAD import { findByIds } from 'create-graphql-server-authorization'; ======= import { findByIds } from './authorize'; >>>>>>> new authorization version from 2017-07-17 +======= +import { findByIds } from 'create-graphql-server-authorization'; +>>>>>>> PR adjustments + npm package const KEY = 'test-key'; let Loader; @@ -276,6 +300,7 @@ This has the following meaning: * document-role: "this", is created (document roles have own fields in the document, but this is a special case for the field _id, which is not shown in the input type, but will be generated in the later schema file.) Only the user id of "this" meaning _id is allowed to readOne, update, delete its single User document. +<<<<<<< HEAD <<<<<<< HEAD <<<<<<< HEAD Use create-graphql-server command to generate the according schema, resolver, model files with the create-graphql-server command line interface. After its generation, you will find the generated files in the sub folders: schema, resolvers, model. The generated model files will use the following functions to implement the authorization logic. @@ -297,6 +322,9 @@ In this case it checks: >>>>>>> authorization-simple Use create-graphql-server cli to generate the according schema, resolver, model files with the create-graphql-server command line interface. After its generation, you will find the generated files in the sub folders: schema, resolvers, model folders. The generated model files will use the following functions to implement the authorization logic. >>>>>>> new authorization version from 2017-07-17 +======= +Use create-graphql-server command to generate the according schema, resolver, model files with the create-graphql-server command line interface. After its generation, you will find the generated files in the sub folders: schema, resolvers, model. The generated model files will use the following functions to implement the authorization logic. +>>>>>>> PR adjustments + npm package ### model.js This is an example of a database model of type . @@ -309,6 +337,9 @@ const log = logger(getLogFilename()); export default class { <<<<<<< HEAD <<<<<<< HEAD +<<<<<<< HEAD +======= +>>>>>>> PR adjustments + npm package constructor(context) { this.context = context; this.collection = context.db.collection(''); @@ -322,6 +353,7 @@ export default class { authQuery = {_id: false}; // otherwise admin access } this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); +<<<<<<< HEAD ======= constructor(context){ <<<<<<< HEAD @@ -393,6 +425,23 @@ find({ lastCreatedAt = 0, limit = 10, baseQuery = { createdAt: { $gt: lastCreate } catch (err){ log.error(err.message); } } >>>>>>> new authorization version from 2017-07-17 +======= + } + + async findOneById(id, me, resolver) { + try { + return await this.authorizedLoader.load(id); + } catch (err) { log.error(err.message); } + } + + find({ lastCreatedAt = 0, limit = 10, baseQuery = {} }, me, resolver) { + try { + const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); + const finalQuery = {...baseQuery, ...authQuery, createdAt: { $gt: lastCreatedAt }}; + return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + } catch (err){ log.error(err.message); } + } +>>>>>>> PR adjustments + npm package ... } ``` @@ -402,6 +451,7 @@ generated model file for the above input type Tweet.graphql considering the @aut ```javascript <<<<<<< HEAD <<<<<<< HEAD +<<<<<<< HEAD import DataLoader from 'dataloader'; import { findByIds, queryForRoles, getLogFilename, logger, authlog, checkAuthDoc } from 'create-graphql-server-authorization'; const log = logger(getLogFilename()); @@ -415,6 +465,11 @@ import log from '../server/logger'; import DataLoader from 'dataloader'; import { findByIds, queryForRoles, authlog, checkAuthDoc } from '../server/authorize'; >>>>>>> authorization-simple +======= +import DataLoader from 'dataloader'; +import { findByIds, queryForRoles, getLogFilename, logger, authlog, checkAuthDoc } from 'create-graphql-server-authorization'; +const log = logger(getLogFilename()); +>>>>>>> PR adjustments + npm package export default class Tweet { constructor(context) { @@ -477,11 +532,15 @@ export default class Tweet { } catch (err) { log.error(err.message); } } - find({ lastCreatedAt = 0, limit = 10, baseQuery = { createdAt: { $gt: lastCreatedAt } } }, me, resolver) { + find({ lastCreatedAt = 0, limit = 10, baseQuery = {} }, me, resolver) { try { const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); +<<<<<<< HEAD const finalQuery = {...baseQuery, ...authQuery}; >>>>>>> new authorization version from 2017-07-17 +======= + const finalQuery = {...baseQuery, ...authQuery, createdAt: { $gt: lastCreatedAt }}; +>>>>>>> PR adjustments + npm package return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } catch (err){ log.error(err.message); } } @@ -502,6 +561,7 @@ export default class Tweet { coauthors(tweet, { lastCreatedAt = 0, limit = 10 }, me, resolver) { const baseQuery = {_id: { $in: tweet.coauthorsIds } }; +<<<<<<< HEAD return this.context.User.find({ lastCreatedAt, limit, baseQuery }, me, resolver); } @@ -532,6 +592,8 @@ export default class Tweet { coauthors(tweet, { lastCreatedAt = 0, limit = 10 }, me, resolver) { const baseQuery = {_id: { $in: tweet.coauthorsIds }, createdAt: { $gt: lastCreatedAt } }; +======= +>>>>>>> PR adjustments + npm package return this.context.User.find({ lastCreatedAt, limit, baseQuery }, me, resolver); } @@ -542,11 +604,15 @@ export default class Tweet { async insert(doc, me, resolver) { try { +<<<<<<< HEAD <<<<<<< HEAD let insertedDoc = null; >>>>>>> new authorization version from 2017-07-17 ======= >>>>>>> authorization-simple +======= + +>>>>>>> PR adjustments + npm package let docToInsert = Object.assign({}, doc, { createdAt: Date.now(), updatedAt: Date.now(), @@ -576,13 +642,14 @@ export default class Tweet { ======= log.debug(JSON.stringify(docToInsert, null, 2)); - // const authQuery = queryForRoles(me, ['admin'], ['authorId'], { User: this.context.User }, authlog(resolver, 'create', me)); + checkAuthDoc(docToInsert, me, ['admin'], ['authorId'], { User: this.context.User }, authlog(resolver, 'create', me)); >>>>>>> authorization-simple const id = (await this.collection.insertOne(docToInsert)).insertedId; if (!id) { throw new Error(`insert tweet not possible.`); } + log.debug(`inserted tweet ${id}.`); <<<<<<< HEAD insertedDoc = this.getOneById(id, me, 'pubsub tweetInserted'); @@ -592,6 +659,7 @@ export default class Tweet { >>>>>>> authorization-simple this.pubsub.publish('tweetInserted', insertedDoc); return insertedDoc; + } catch (err){ log.error(err.message); } } @@ -609,11 +677,16 @@ export default class Tweet { ======= async updateById(id, doc, me, resolver) { try { +<<<<<<< HEAD >>>>>>> authorization-simple +======= + +>>>>>>> PR adjustments + npm package let docToUpdate = {$set: Object.assign({}, doc, { updatedAt: Date.now(), updatedById: (me && me._id) ? me._id : 'unknown', })}; + const baseQuery = {_id: id}; const authQuery = queryForRoles(me, ['admin'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'update', me)); <<<<<<< HEAD @@ -636,6 +709,7 @@ export default class Tweet { >>>>>>> authorization-simple throw new Error(`update tweet not possible for ${id}.`); } + log.debug(`updated tweet ${id}.`); <<<<<<< HEAD <<<<<<< HEAD @@ -653,6 +727,7 @@ export default class Tweet { >>>>>>> authorization-simple this.pubsub.publish('tweetUpdated', updatedDoc); return updatedDoc; + } catch (err){ log.error(err.message); } } @@ -669,7 +744,11 @@ export default class Tweet { ======= async removeById(id, me, resolver) { try { +<<<<<<< HEAD >>>>>>> authorization-simple +======= + +>>>>>>> PR adjustments + npm package const baseQuery = {_id: id}; const authQuery = queryForRoles(me, ['admin'], ['authorId'], { User: this.context.User }, authlog(resolver, 'delete', me)); const finalQuery = {...baseQuery, ...authQuery}; @@ -687,6 +766,7 @@ export default class Tweet { >>>>>>> authorization-simple throw new Error(`remove tweet not possible for ${id}.`); } + log.debug(`removed tweet ${id}.`); <<<<<<< HEAD <<<<<<< HEAD @@ -702,18 +782,22 @@ export default class Tweet { this.pubsub.publish('tweetRemoved', id); return result; <<<<<<< HEAD +<<<<<<< HEAD >>>>>>> new authorization version from 2017-07-17 ======= >>>>>>> authorization-simple +======= + +>>>>>>> PR adjustments + npm package } catch (err){ log.error(err.message); } } } - ``` ### ./model/User.js <<<<<<< HEAD +<<<<<<< HEAD generated model file for the above input type User.graphql considering the @authorize directive. ======= generated model file for the above input type User.graphql: @@ -736,6 +820,13 @@ import { findByIds, queryForRoles, authlog, checkAuthDoc } from '../server/autho ======= import { findByIds, queryForRoles, authlog, checkAuthDoc, protectFields } from '../server/authorize'; >>>>>>> authorization +======= +generated model file for the above input type User.graphql considering the @authorize directive. +```javascript +import DataLoader from 'dataloader'; +import { findByIds, queryForRoles, getLogFilename, logger, authlog, checkAuthDoc, protectFields } from 'create-graphql-server-authorization'; +const log = logger(getLogFilename()); +>>>>>>> PR adjustments + npm package export default class User { constructor(context) { @@ -946,7 +1037,7 @@ export default class User { updatedById: (me && me._id) ? me._id : 'unknown', }); checkAuthDoc(docToInsert, me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'create', me)); - docToInsert = this.protectFields(me, ['admin'], ['role'], docToInsert, { User: this.context.User }); + docToInsert = protectFields(me, ['admin'], ['role'], docToInsert, { User: this.context.User }); const id = (await this.collection.insertOne(docToInsert)).insertedId; if (!id) { throw new Error(`insert user not possible.`); @@ -967,7 +1058,7 @@ export default class User { const baseQuery = {_id: id}; const authQuery = queryForRoles(me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'update', me)); const finalQuery = {...baseQuery, ...authQuery}; - docToUpdate.$set = this.protectFields(me, ['admin'], ['role'], docToUpdate.$set, { User: this.context.User }); + docToUpdate.$set = protectFields(me, ['admin'], ['role'], docToUpdate.$set, { User: this.context.User }); const result = await this.collection.updateOne(finalQuery, docToUpdate); if (result.result.ok !== 1 || result.result.n !== 1){ throw new Error(`update user not possible for ${id}.`); @@ -1021,6 +1112,9 @@ export default class User { ``` <<<<<<< HEAD +<<<<<<< HEAD +======= +>>>>>>> PR adjustments + npm package As you can see in both model header lines, we are using a specialized npm package "create-graphql-server-authorization". ## create-graphql-server-authorization @@ -1032,13 +1126,19 @@ npm install create-graphql-server-authorization This uses the following functions from that module: +<<<<<<< HEAD ======= >>>>>>> new authorization version from 2017-07-17 +======= +>>>>>>> PR adjustments + npm package ### function authlog A logging function that understands "resolvers", "modes" and "users". Simple wrapper around whatever logging function we use. ```javascript <<<<<<< HEAD +<<<<<<< HEAD +======= +>>>>>>> PR adjustments + npm package /* * Central logger for authorization checks * @param {string} resolver @@ -1058,6 +1158,7 @@ function authlog(resolver = "", mode = "", me = {}) { ? me.username : ""}" ${message}`; +<<<<<<< HEAD return { debug: message => { const resultMessage = makeMessage(message); @@ -1077,6 +1178,19 @@ export function authlog(resolver = '', mode = '', me = {}) { debug: (message) => log.debug(makeMessage(message)), error: (message) => {throw new Error(makeMessage(message))}, >>>>>>> new authorization version from 2017-07-17 +======= + return { + debug: message => { + const resultMessage = makeMessage(message); + log.debug(resultMessage); + return resultMessage; + }, + error: message => { + const resultMessage = makeMessage(message); + log.error(resultMessage); + throw new Error(makeMessage(message)); + } +>>>>>>> PR adjustments + npm package }; } ``` @@ -1086,6 +1200,9 @@ This is an extended version of [mongo-find-by-ids](https://github.com/tmeasday/m The enhancement is only to provide an additional authQuery object, to extend the query to meet additional authorizations. ```javascript <<<<<<< HEAD +<<<<<<< HEAD +======= +>>>>>>> PR adjustments + npm package /* * find a record by id (cached with dataloader) * returns the record, cached if already read, checks authorization if set @@ -1104,6 +1221,7 @@ function findByIds(collection, ids = [], authQuery) { }); return ids.map(id => idMap[id]); }); +<<<<<<< HEAD } module.exports = findByIds; @@ -1229,23 +1347,46 @@ export function findByIds(collection, ids = [], authQuery) { return ids.map(id => idMap[id]); }); >>>>>>> new authorization version from 2017-07-17 +======= +>>>>>>> PR adjustments + npm package } + +module.exports = findByIds; ``` ### function protectFields Use function protectFields to protect single fields from access. Provide signed in user in "me", the authorized User roles for the protected field(s) - meaning the user who is allowed to access the field -, provide an array with protected fields, and the current document object, which is to be checked for protected fields and the User model context. ```javascript -// returns whether the authorized record, or the record without not authorized field(s) -export function protectFields(me, authorizedUserRoles, protectedFields, inputObject, { User }){ +/* + * Protects a field based on authorizations + * @param {object} me + * @param {array} authorizedUserRoles + * @param {array} protectedFields + * @param {object} inputObject + * @param {object} User + * @return {object} result + */ +function protectFields( + me = {}, + authorizedUserRoles = [], + protectedFields = [], + inputObject = {}, + { User } = { User: dummyUserContext } +) { + // pure function const result = Object.assign({}, inputObject); + + // getting role of current User const role = User.authRole(me); + // if user is not allowed to access specific fields, remove field from object... - if (!authorizedUserRoles.includes(role)){ - protectedFields.every(protectedField => { + if (!authorizedUserRoles.includes(role)) { + protectedFields.forEach(protectedField => { if (result[protectedField]) delete result[protectedField]; }); } + return result; } ``` @@ -1254,28 +1395,53 @@ export function protectFields(me, authorizedUserRoles, protectedFields, inputObj Use function checkAuthDoc to check and get back the document. Especially used in insert operations, to figure out, if the toBeInsertedDoc is valid to be added by this userRole, docRole and action. ```javascript -export function checkAuthDoc(doc, me, userRoles, docRoles, { User }, logger){ +/* + * Returns an authorized document + * @param {object} doc + * @param {object} me + * @param {array} userRoles + * @param {array} docRoles + * @param {object} User + * @param {function} logger + * @return {object} doc + */ + +function checkAuthDoc( + doc = {}, + me = {}, + userRoles = [], + docRoles = [], + { User }, + logger = defaultLogger +) { + let resultDoc = Object.assign({}, doc); + + // get the User's role const role = User.authRole(me); // check if userRole entitles current user for this action if (userRoleAuthorized(me, userRoles, { User }, logger)) { logger.debug(`and role: "${role}" is authorized by userRole.`); - return doc; + return resultDoc; } // check if docRole entitles current user for this document and action let authorized = false; docRoles.every(field => { - if (fieldContainsUserId(doc[field], me._id)){ + if ( + resultDoc[field] && + me._id && + fieldContainsUserId(resultDoc[field], me._id) + ) { authorized = true; } - }) + }); if (authorized) { logger.debug(`and role: "${role}" is authorized by docRole.`); - return doc; + return resultDoc; } - // Not Authorized + // Not Authorized, throw exception in logger.error logger.error(`and role: "${role}" is not authorized.`); } ``` @@ -1285,9 +1451,14 @@ export function checkAuthDoc(doc, me, userRoles, docRoles, { User }, logger){ Use function loggedIn, to check if a user is logged in. ```javascript -// returns true, if user is logged in -export function loggedIn(me) { - if(me && me._id && me._id.toString() !== '') { +/* + * Checks if an user is logged in + * @param {object} me + * @return {boolean} loggedIn + */ + +function loggedIn(me) { + if (me && me._id && me._id.toString() !== "") { return true; } return false; @@ -1300,6 +1471,9 @@ Use function queryForRoles to generate an authQuery object. It expects the following arguments: ```javascript <<<<<<< HEAD +<<<<<<< HEAD +======= +>>>>>>> PR adjustments + npm package /* * Prepare a query object for mongodb operations with authorization queries * creates an authQuery object with additional query arguments, to implement authorization restrictions for mongodb access @@ -1325,6 +1499,7 @@ function queryForRoles( logger.error(` is not authorized, due to authorization data.`); // get current User's role +<<<<<<< HEAD const role = User.authRole(me); // Build query for the case: The logged in user's role is authorized @@ -1333,17 +1508,26 @@ function queryForRoles( ======= // creates an authQuery object with additional query arguments, to implement authorization restrictions for mongodb access export function queryForRoles(me = {}, userRoles = [], docRoles = [], { User }, logger) { +======= +>>>>>>> PR adjustments + npm package const role = User.authRole(me); // Build query for the case: The logged in user's role is authorized if (userRoleAuthorized(me, userRoles, { User }, logger)) { +<<<<<<< HEAD return {}; // empty authQuery means, do operation with no access restrictions >>>>>>> new authorization version from 2017-07-17 +======= + return {}; // empty authQuery means, do operation with no access restrictions +>>>>>>> PR adjustments + npm package } // Build query for the case: The user is listed in any document field const query = { $or: [] }; <<<<<<< HEAD +<<<<<<< HEAD +======= +>>>>>>> PR adjustments + npm package // makes only sense, if user is logged in - otherwise no userId if (loggedIn(me)) { // prepare selection criterias as "authQuery" object @@ -1366,6 +1550,7 @@ export function queryForRoles(me = {}, userRoles = [], docRoles = [], { User }, // return the query as authQuery for later selection return query; } +<<<<<<< HEAD } // Not Authorized - throw exception in logger.error @@ -1378,6 +1563,11 @@ export function queryForRoles(me = {}, userRoles = [], docRoles = [], { User }, // Not Authorized >>>>>>> new authorization version from 2017-07-17 +======= + } + + // Not Authorized - throw exception in logger.error +>>>>>>> PR adjustments + npm package const message = `and role: "${role}" is not authorized.`; logger.error(message); } @@ -1389,11 +1579,16 @@ It expects the following arguments with the meanings: * **docRoles:** an array with docRoles, which was generated by the @authorize directives in the .graphql file * **User:** User context to access the User model <<<<<<< HEAD +<<<<<<< HEAD * **logger:** logging function e.g. ```js authlog(resolver, mode, me) ``` * **resolver:** this is a string with the resolver's name, optional, only for easier debugging ======= * **logger:** logging function e.g. authlog(resolver, mode, me) >>>>>>> new authorization version from 2017-07-17 +======= +* **logger:** logging function e.g. ```js authlog(resolver, mode, me) ``` + * **resolver:** this is a string with the resolver's name, optional, only for easier debugging +>>>>>>> PR adjustments + npm package * **mode:** this is the current mode of operation: * **create:** insert a record to the database * **read:** read a record or many records from the database @@ -1401,6 +1596,7 @@ It expects the following arguments with the meanings: * **readMany:** read many records from the the database * **update:** update a record in the database * **delete:** remove a record from the database +<<<<<<< HEAD <<<<<<< HEAD * **me:** the user object, who is executing the request, and who is checked for authorization @@ -1442,19 +1638,52 @@ function userRoleAuthorized( logger.debug(`and role "${role ? role : ""}" is authorized`); ======= * **resolver:** this is a string with the resolver's name, optional, only for easier debugging +======= +>>>>>>> PR adjustments + npm package * **me:** the user object, who is executing the request, and who is checked for authorization ### function userRoleAuthorized This helper function is used by queryForRoles, and decides, if a user gains the authorization by its role. For example: If a user has a field "role" in his user document and it contains the value "admin". So it checks if a user's role is admin, and allows all operations for admins. ```javascript +/* + * Is a user's role authorized for a document + * @param {object} me + * @param {array} userRoles + * @param {object} User + * @param {object} logger + * @return {boolean} authorized + */ + // returns true, if the user's role is authorized for a document -export function userRoleAuthorized(me = {}, userRoles = [], { User }, logger){ +function userRoleAuthorized( + me = {}, + userRoles = [], + { User } = { User: dummyUserContext }, + logger = defaultLogger +) { + // on insufficient authorization data, it cannot be authorized + if (!User || !User.authRole || !me || !userRoles) return false; + + // get current User's role const role = User.authRole(me); +<<<<<<< HEAD if ( userRoles.includes('world') || role && userRoles.length > 0 && userRoles.includes(role) ) { logger.debug(`and role "${role ? role : ''}" is authorized`); >>>>>>> new authorization version from 2017-07-17 +======= + // determine, if the given userRoles authorize the current User by its role + if ( + // userRole: "world" should authorize everyone - known and unknown users + userRoles.includes("world") || + // or there must be a userRole given, and current user must have a role + // and the current user's role must be in the given userRoles + (role && role !== "" && userRoles.length > 0 && userRoles.includes(role)) + ) { + // => authorized + logger.debug(`and role "${role ? role : ""}" is authorized`); +>>>>>>> PR adjustments + npm package return true; } @@ -1487,6 +1716,15 @@ function fieldContainsUserId(docRoleField, compressedUserId) { compressedUserId.toString() === "" ) return false; +<<<<<<< HEAD + + // extract userId, if it is a mongoID field + const userId = extractUserId(compressedUserId); + + // empty (uncompressed) userId is not a valid userId + if (!userId || userId === "") return false; + +======= // extract userId, if it is a mongoID field const userId = extractUserId(compressedUserId); @@ -1494,6 +1732,7 @@ function fieldContainsUserId(docRoleField, compressedUserId) { // empty (uncompressed) userId is not a valid userId if (!userId || userId === "") return false; +>>>>>>> PR adjustments + npm package // docRoleField of type Array if (_.isArray(docRoleField)) { docRoleField.forEach(field => { @@ -1520,6 +1759,9 @@ function fieldContainsUserId(docRoleField, compressedUserId) { return false; } <<<<<<< HEAD +<<<<<<< HEAD +======= +>>>>>>> PR adjustments + npm package // docRoleField of type field if (docRoleField.toString() === userId.toString()) { @@ -1527,9 +1769,12 @@ function fieldContainsUserId(docRoleField, compressedUserId) { } return false; +<<<<<<< HEAD ======= return found; >>>>>>> new authorization version from 2017-07-17 +======= +>>>>>>> PR adjustments + npm package } ``` @@ -1544,6 +1789,9 @@ In the resolver interfaces, there are different objects: ```javascript <<<<<<< HEAD <<<<<<< HEAD +<<<<<<< HEAD +======= +>>>>>>> PR adjustments + npm package const resolvers = { User: { id(user) { @@ -1604,6 +1852,7 @@ In the resolver interfaces, there are different objects: }; export default resolvers; +<<<<<<< HEAD ======= const resolvers = { User: { @@ -1728,6 +1977,8 @@ In the resolver interfaces, there are different objects: export default resolvers; >>>>>>> authorization-simple +======= +>>>>>>> PR adjustments + npm package ``` ### ./resolver/Tweet.js diff --git a/test/output-app/index.js b/test/output-app/index.js index 588f13f..0035126 100644 --- a/test/output-app/index.js +++ b/test/output-app/index.js @@ -102,8 +102,7 @@ if (!MONGO_URL) { nodemon({ script: path.join('server', 'index.js'), ext: 'js graphql', - exec: 'babel-node --inspect', // with debugger - // exec: 'babel-node', // without debugger + exec: 'babel-node', }).on('restart', () => console.log('Restarting server due to file change\n')); diff --git a/test/output-app/log/all-logs-readable.log b/test/output-app/log/all-logs-readable.log index e69de29..ae828aa 100644 --- a/test/output-app/log/all-logs-readable.log +++ b/test/output-app/log/all-logs-readable.log @@ -0,0 +1 @@ +2017-08-18 18:18:08 Logger started diff --git a/test/output-app/model/Tweet.js b/test/output-app/model/Tweet.js index e2c19bc..4c16217 100644 --- a/test/output-app/model/Tweet.js +++ b/test/output-app/model/Tweet.js @@ -1,6 +1,6 @@ -import log from '../server/logger'; import DataLoader from 'dataloader'; -import { findByIds, queryForRoles, authlog, checkAuthDoc } from '../server/authorize'; +import { findByIds, queryForRoles, getLogFilename, logger, authlog, checkAuthDoc } from 'create-graphql-server-authorization'; +const log = logger(getLogFilename()); export default class Tweet { constructor(context) { @@ -24,10 +24,10 @@ export default class Tweet { } catch (err) { log.error(err.message); } } - find({ lastCreatedAt = 0, limit = 10, baseQuery = { createdAt: { $gt: lastCreatedAt } } }, me, resolver) { + find({ lastCreatedAt = 0, limit = 10, baseQuery = {} }, me, resolver) { try { const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); - const finalQuery = {...baseQuery, ...authQuery}; + const finalQuery = {...baseQuery, ...authQuery, createdAt: { $gt: lastCreatedAt }}; return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } catch (err){ log.error(err.message); } } @@ -45,7 +45,7 @@ export default class Tweet { } coauthors(tweet, { lastCreatedAt = 0, limit = 10 }, me, resolver) { - const baseQuery = {_id: { $in: tweet.coauthorsIds }, createdAt: { $gt: lastCreatedAt } }; + const baseQuery = {_id: { $in: tweet.coauthorsIds } }; return this.context.User.find({ lastCreatedAt, limit, baseQuery }, me, resolver); } @@ -56,6 +56,7 @@ export default class Tweet { async insert(doc, me, resolver) { try { + let docToInsert = Object.assign({}, doc, { createdAt: Date.now(), updatedAt: Date.now(), @@ -63,25 +64,29 @@ export default class Tweet { updatedById: (me && me._id) ? me._id : 'unknown', }); log.debug(JSON.stringify(docToInsert, null, 2)); - // const authQuery = queryForRoles(me, ['admin'], ['authorId'], { User: this.context.User }, authlog(resolver, 'create', me)); + checkAuthDoc(docToInsert, me, ['admin'], ['authorId'], { User: this.context.User }, authlog(resolver, 'create', me)); const id = (await this.collection.insertOne(docToInsert)).insertedId; if (!id) { throw new Error(`insert tweet not possible.`); } + log.debug(`inserted tweet ${id}.`); const insertedDoc = this.findOneById(id, me, 'pubsub tweetInserted'); this.pubsub.publish('tweetInserted', insertedDoc); return insertedDoc; + } catch (err){ log.error(err.message); } } async updateById(id, doc, me, resolver) { try { + let docToUpdate = {$set: Object.assign({}, doc, { updatedAt: Date.now(), updatedById: (me && me._id) ? me._id : 'unknown', })}; + const baseQuery = {_id: id}; const authQuery = queryForRoles(me, ['admin'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'update', me)); const finalQuery = {...baseQuery, ...authQuery}; @@ -89,16 +94,19 @@ export default class Tweet { if (result.result.ok !== 1 || result.result.n !== 1){ throw new Error(`update tweet not possible for ${id}.`); } + log.debug(`updated tweet ${id}.`); this.authorizedLoader.clear(id); const updatedDoc = this.findOneById(id, me, 'pubsub tweetUpdated'); this.pubsub.publish('tweetUpdated', updatedDoc); return updatedDoc; + } catch (err){ log.error(err.message); } } async removeById(id, me, resolver) { try { + const baseQuery = {_id: id}; const authQuery = queryForRoles(me, ['admin'], ['authorId'], { User: this.context.User }, authlog(resolver, 'delete', me)); const finalQuery = {...baseQuery, ...authQuery}; @@ -106,10 +114,12 @@ export default class Tweet { if (result.result.ok !== 1 || result.result.n !== 1){ throw new Error(`remove tweet not possible for ${id}.`); } + log.debug(`removed tweet ${id}.`); this.authorizedLoader.clear(id); this.pubsub.publish('tweetRemoved', id); return result; + } catch (err){ log.error(err.message); } } } diff --git a/test/output-app/model/User.js b/test/output-app/model/User.js index 7c6b165..45eb645 100644 --- a/test/output-app/model/User.js +++ b/test/output-app/model/User.js @@ -1,6 +1,6 @@ -import log from '../server/logger'; import DataLoader from 'dataloader'; -import { findByIds, queryForRoles, authlog, checkAuthDoc, protectFields } from '../server/authorize'; +import { findByIds, queryForRoles, getLogFilename, logger, authlog, checkAuthDoc, protectFields } from 'create-graphql-server-authorization'; +const log = logger(getLogFilename()); export default class User { constructor(context) { diff --git a/test/output-app/package.json b/test/output-app/package.json index debfa7c..6695148 100644 --- a/test/output-app/package.json +++ b/test/output-app/package.json @@ -5,6 +5,9 @@ "scripts": { "start": "babel-node index.js" }, + "config": { + "logfile": "log/all-logs-readable.log" + }, "private": true, "author": "", "license": "MIT", @@ -33,7 +36,7 @@ "bcrypt": "^1.0.2", "body-parser": "1.15.2", "cors": "^2.8.1", - "create-graphql-server-authorization": "^0.0.2", + "create-graphql-server-authorization": "^0.0.14", "dataloader": "^1.2.0", "denodeify": "^1.2.1", "dotenv": "2.0.0", diff --git a/test/output-app/server/authenticate.js b/test/output-app/server/authenticate.js index 5ea4d39..283964a 100644 --- a/test/output-app/server/authenticate.js +++ b/test/output-app/server/authenticate.js @@ -5,7 +5,7 @@ import { ObjectId } from 'mongodb'; import nodeify from 'nodeify'; import bcrypt from 'bcrypt'; import DataLoader from 'dataloader'; -import { findByIds } from './authorize'; +import { findByIds } from 'create-graphql-server-authorization'; const KEY = 'test-key'; let Loader; diff --git a/test/output-app/server/authorize.js b/test/output-app/server/authorize.js deleted file mode 100644 index f8d8ef8..0000000 --- a/test/output-app/server/authorize.js +++ /dev/null @@ -1,164 +0,0 @@ -import _ from 'lodash'; -import log from '../server/logger'; - -// central logger for authorization checks -export function authlog(resolver = '', mode = '', me = {}) { - const makeMessage = (message) => `Authorize ${mode} "${resolver}" with user "${me.username ? me.username : ''}" ${message}`; - return { - debug: (message) => log.debug(makeMessage(message)), - error: (message) => {throw new Error(makeMessage(message))}, - }; -} - -// returns the record, cached if already read, checks authorization if set -// enhancement of tmeasday'findByIds -export function findByIds(collection, ids = [], authQuery) { - const baseQuery = { _id: { $in: ids } }; - const finalQuery = {...baseQuery, ...authQuery}; - return collection.find(finalQuery).toArray().then(docs => { - const idMap = {}; - docs.forEach(d => { idMap[d._id] = d; }); - return ids.map(id => idMap[id]); - }); -} - -// returns whether the authorized record, or the record without not authorized field(s) -export function protectFields(me, authorizedUserRoles, protectedFields, inputObject, { User }){ - const result = Object.assign({}, inputObject); - const role = User.authRole(me); - // if user is not allowed to access specific fields, remove field from object... - if (!authorizedUserRoles.includes(role)){ - protectedFields.every(protectedField => { - if (result[protectedField]) delete result[protectedField]; - }); - } - return result; -} - -export function checkAuthDoc(doc, me, userRoles, docRoles, { User }, logger){ - const role = User.authRole(me); - - // check if userRole entitles current user for this action - if (userRoleAuthorized(me, userRoles, { User }, logger)) { - logger.debug(`and role: "${role}" is authorized by userRole.`); - return doc; - } - - // check if docRole entitles current user for this document and action - let authorized = false; - docRoles.every(field => { - if (fieldContainsUserId(doc[field], me._id)){ - authorized = true; - } - }) - if (authorized) { - logger.debug(`and role: "${role}" is authorized by docRole.`); - return doc; - } - - // Not Authorized - logger.error(`and role: "${role}" is not authorized.`); -} - -// returns true, if user is logged in -export function loggedIn(me) { - if(me && me._id && me._id.toString() !== '') { - return true; - } - return false; -} - -// creates an authQuery object with additional query arguments, to implement authorization restrictions for mongodb access -export function queryForRoles(me = {}, userRoles = [], docRoles = [], { User }, logger) { - const role = User.authRole(me); - - // Build query for the case: The logged in user's role is authorized - if (userRoleAuthorized(me, userRoles, { User }, logger)) { - return {}; // empty authQuery means, do operation with no access restrictions - } - - // Build query for the case: The user is listed in any document field - const query = { $or: [] }; - if (loggedIn(me)){ - docRoles.forEach(docRole => query.$or.push( { [docRole]: me._id } ) ); - logger.debug(`and role: "${role ? role : ''}" with \nauthQuery: ${JSON.stringify(query, null, 2)}`); - if (query.$or.length > 0) return query; - } - - // Not Authorized - const message = `and role: "${role}" is not authorized.`; - logger.error(message); -} - -// returns true, if the user's role is authorized for a document -export function userRoleAuthorized(me = {}, userRoles = [], { User }, logger){ - const role = User.authRole(me); - - if ( userRoles.includes('world') || role && userRoles.length > 0 && userRoles.includes(role) ) { - logger.debug(`and role "${role ? role : ''}" is authorized`); - return true; - } - - return false; -} - -// returns true, if a field of type array/object/string contains the userId -export function fieldContainsUserId(docRoleField, userId) { - let found = false; - - // empty userId is not a valid userId - if (userId.toString() === '') return false; - - // handle a simple id field - if (docRoleField.toString() === userId.toString()){ - return true; - } - - // handle an array - if (_.isArray(docRoleField)){ - docRoleField.every(field => { - if (fieldContainsUserId(field, userId)) { - found = true; - return true; - } - }); - if (found) return true; - } - - // handle an object - if (_.isObject(docRoleField)){ - Object.keys(docRoleField).every(field => { - - // handle a field - if (docRoleField[field] && docRoleField[field].toString() === userId.toString()){ - found = true; - return true; - } - - // handle an array - if (_.isArray(docRoleField[field])){ - docRoleField[field].every(innerField => { - if (fieldContainsUserId(innerField, userId)) { - found = true; - return true; - } - }) - if (found) return true; - } - - // handle an object - if (_.isObject(docRoleField[field])){ - Object.keys(docRoleField[field]).every(innerField => { - if (fieldContainsUserId(docRoleField[field][innerField], userId)) { - found = true; - return true; - } - }); - if (found) return true; - } - - }); - - } - return found; -} diff --git a/test/output-app/server/index.js b/test/output-app/server/index.js index 0b9bcd0..686e6f1 100644 --- a/test/output-app/server/index.js +++ b/test/output-app/server/index.js @@ -8,16 +8,20 @@ import { MongoClient } from 'mongodb'; import cors from 'cors'; import passport from 'passport'; import morgan from 'morgan'; -import log, { stream } from './logger'; - +import { getLogFilename, logger } from 'create-graphql-server-authorization'; import typeDefs from '../schema'; import resolvers from '../resolvers'; import addModelsToContext from '../model'; import authenticate from './authenticate'; import { parse, print } from 'graphql'; - import { pubsub, subscriptionManager } from './subscriptions'; +const log = logger(getLogFilename()); +const stream = { + write: function(message, encoding) { + // log.debug(message); + } +}; const schema = makeExecutableSchema({ typeDefs, resolvers }); const { diff --git a/test/output-app/server/logger.js b/test/output-app/server/logger.js deleted file mode 100644 index c29154a..0000000 --- a/test/output-app/server/logger.js +++ /dev/null @@ -1,65 +0,0 @@ -import winston from 'winston'; - -winston.emitErrs = true; - -const timestamp = function() { - return new Date(Date.now()).toLocaleString(); -}; - -const formatter = function(options) { - return options.timestamp() + - ' ' + - (options.level === 'error' ? ' ' + options.level.toUpperCase() : '' ) + - ' ' + - (options.message ? options.message : '') + - (options.meta && Object.keys(options.meta).length ? '\n\t'+ JSON.stringify(options.meta) : '' ) - ; -} - -const logger = new winston.Logger({ - transports: [ - - // new winston.transports.File({ - // level: 'debug', - // filename: './server/logs/all-logs.log', - // handleExceptions: true, - // json: true, - // maxsize: 5242880, //5MB - // maxFiles: 5, - // colorize: false - // }), - - new winston.transports.File({ - level: 'debug', - filename: './server/logs/all-logs-readable.log', - handleExceptions: true, - json: false, - maxsize: 5242880, //5MB - maxFiles: 5, - colorize: false, - timestamp: timestamp, - formatter: formatter - }), - - new winston.transports.Console({ - level: 'debug', - handleExceptions: true, - json: false, - colorize: true, - timestamp: timestamp, - formatter: formatter - }) - - ], - - exitOnError: false - -}); - -export default logger; - -export const stream = { - write: function(message, encoding) { - // logger.debug(message); - } -}; diff --git a/test/output-app/yarn.lock b/test/output-app/yarn.lock index 67d8e74..f951766 100644 --- a/test/output-app/yarn.lock +++ b/test/output-app/yarn.lock @@ -956,6 +956,10 @@ bson@~1.0.0: version "1.0.1" resolved "https://registry.yarnpkg.com/bson/-/bson-1.0.1.tgz#3a5addb0f2ff88bc3436e708e4bdb8637602d72d" +bson@~1.0.4: + version "1.0.4" + resolved "https://registry.yarnpkg.com/bson/-/bson-1.0.4.tgz#93c10d39eaa5b58415cbc4052f3e53e562b0b72c" + buffer-crc32@~0.2.3: version "0.2.13" resolved "https://registry.yarnpkg.com/buffer-crc32/-/buffer-crc32-0.2.13.tgz#0d333e3f00eac50aa1454abd30ef8c2a5d9a7242" @@ -964,7 +968,7 @@ buffer-equal-constant-time@1.0.1: version "1.0.1" resolved "https://registry.yarnpkg.com/buffer-equal-constant-time/-/buffer-equal-constant-time-1.0.1.tgz#f8e71132f7ffe6e01a5c9697a4c6f3e48d5cc819" -buffer-shims@^1.0.0: +buffer-shims@^1.0.0, buffer-shims@~1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/buffer-shims/-/buffer-shims-1.0.0.tgz#9978ce317388c649ad8793028c3477ef044a8b51" @@ -1188,9 +1192,13 @@ crc@3.4.0: version "3.4.0" resolved "https://registry.yarnpkg.com/crc/-/crc-3.4.0.tgz#4258e351613a74ef1153dfcb05e820c3e9715d7f" -create-graphql-server-authorization@^0.0.2: - version "0.0.2" - resolved "https://registry.yarnpkg.com/create-graphql-server-authorization/-/create-graphql-server-authorization-0.0.2.tgz#6449d9e32eeea8191bdd0e72a47dda78a696835f" +create-graphql-server-authorization@^0.0.14: + version "0.0.14" + resolved "https://registry.yarnpkg.com/create-graphql-server-authorization/-/create-graphql-server-authorization-0.0.14.tgz#26bd07dc0775a0e74a07fcc5a99daa046099e216" + dependencies: + lodash "4.16.4" + mongodb "^2.2.31" + winston "^2.3.1" cryptiles@2.x.x: version "2.0.5" @@ -2888,6 +2896,13 @@ mongodb-core@2.1.0: bson "~1.0.0" require_optional "~1.0.0" +mongodb-core@2.1.15: + version "2.1.15" + resolved "https://registry.yarnpkg.com/mongodb-core/-/mongodb-core-2.1.15.tgz#841f53b87ffff4c7458189c35c8ae827e1169764" + dependencies: + bson "~1.0.4" + require_optional "~1.0.0" + mongodb-download@^1.3.2: version "1.3.2" resolved "https://registry.yarnpkg.com/mongodb-download/-/mongodb-download-1.3.2.tgz#0a2e8868eaea6c18e2a7f7cb7c8048ff10809337" @@ -2915,6 +2930,14 @@ mongodb@^2.2.11: mongodb-core "2.1.0" readable-stream "2.1.5" +mongodb@^2.2.31: + version "2.2.31" + resolved "https://registry.yarnpkg.com/mongodb/-/mongodb-2.2.31.tgz#1940445c661e19217bb3bf8245d9854aaef548db" + dependencies: + es6-promise "3.2.1" + mongodb-core "2.1.15" + readable-stream "2.2.7" + morgan@^1.8.2: version "1.8.2" resolved "https://registry.yarnpkg.com/morgan/-/morgan-1.8.2.tgz#784ac7734e4a453a9c6e6e8680a9329275c8b687" @@ -3387,6 +3410,18 @@ readable-stream@2.1.5, readable-stream@^2.0.0, "readable-stream@^2.0.0 || ^1.1.1 string_decoder "~0.10.x" util-deprecate "~1.0.1" +readable-stream@2.2.7: + version "2.2.7" + resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.2.7.tgz#07057acbe2467b22042d36f98c5ad507054e95b1" + dependencies: + buffer-shims "~1.0.0" + core-util-is "~1.0.0" + inherits "~2.0.1" + isarray "~1.0.0" + process-nextick-args "~1.0.6" + string_decoder "~1.0.0" + util-deprecate "~1.0.1" + "readable-stream@>=1.0.33-1 <1.1.0-0": version "1.0.34" resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-1.0.34.tgz#125820e34bc842d2f2aaafafe4c2916ee32c157c" @@ -3572,6 +3607,10 @@ safe-buffer@^5.0.1: version "5.0.1" resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.0.1.tgz#d263ca54696cd8a306b5ca6551e92de57918fbe7" +safe-buffer@~5.1.0: + version "5.1.1" + resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.1.1.tgz#893312af69b2123def71f57889001671eeb2c853" + seek-bzip@^1.0.3: version "1.0.5" resolved "https://registry.yarnpkg.com/seek-bzip/-/seek-bzip-1.0.5.tgz#cfe917cb3d274bcffac792758af53173eb1fabdc" @@ -3785,6 +3824,12 @@ string_decoder@~0.10.x: version "0.10.31" resolved "https://registry.yarnpkg.com/string_decoder/-/string_decoder-0.10.31.tgz#62e203bc41766c6c28c9fc84301dab1c5310fa94" +string_decoder@~1.0.0: + version "1.0.3" + resolved "https://registry.yarnpkg.com/string_decoder/-/string_decoder-1.0.3.tgz#0fc67d7c141825de94282dd536bec6b9bce860ab" + dependencies: + safe-buffer "~5.1.0" + stringstream@~0.0.4: version "0.0.5" resolved "https://registry.yarnpkg.com/stringstream/-/stringstream-0.0.5.tgz#4e484cd4de5a0bbbee18e46307710a8a81621878" diff --git a/yarn.lock b/yarn.lock index eec5f48..4b2830a 100644 --- a/yarn.lock +++ b/yarn.lock @@ -139,6 +139,10 @@ async-each@^1.0.0: version "1.0.1" resolved "https://registry.yarnpkg.com/async-each/-/async-each-1.0.1.tgz#19d386a1d9edc6e7c1c85d388aedbcc56d33602d" +async@~1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/async/-/async-1.0.0.tgz#f8fc04ca3a13784ade9e1641af98578cfbd647a9" + asynckit@^0.4.0: version "0.4.0" resolved "https://registry.yarnpkg.com/asynckit/-/asynckit-0.4.0.tgz#c79ed97f7f34cb8f2ba1bc9790bcc366474b4b79" @@ -883,7 +887,11 @@ browser-stdout@1.3.0: version "1.3.0" resolved "https://registry.yarnpkg.com/browser-stdout/-/browser-stdout-1.3.0.tgz#f351d32969d32fa5d7a5567154263d928ae3bd1f" -buffer-shims@^1.0.0: +bson@~1.0.4: + version "1.0.4" + resolved "https://registry.yarnpkg.com/bson/-/bson-1.0.4.tgz#93c10d39eaa5b58415cbc4052f3e53e562b0b72c" + +buffer-shims@^1.0.0, buffer-shims@~1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/buffer-shims/-/buffer-shims-1.0.0.tgz#9978ce317388c649ad8793028c3477ef044a8b51" @@ -991,6 +999,10 @@ code-point-at@^1.0.0: version "1.1.0" resolved "https://registry.yarnpkg.com/code-point-at/-/code-point-at-1.1.0.tgz#0d070b4d043a5bea33a2f1a40e2edb3d9a4ccf77" +colors@1.0.x: + version "1.0.3" + resolved "https://registry.yarnpkg.com/colors/-/colors-1.0.3.tgz#0433f44d809680fdeb60ed260f1b0c262e82a40b" + combined-stream@^1.0.5, combined-stream@~1.0.5: version "1.0.5" resolved "https://registry.yarnpkg.com/combined-stream/-/combined-stream-1.0.5.tgz#938370a57b4a51dea2c77c15d5c5fdf895164009" @@ -1044,6 +1056,14 @@ cpr: mkdirp "~0.5.1" rimraf "^2.5.4" +create-graphql-server-authorization@^0.0.12: + version "0.0.12" + resolved "https://registry.yarnpkg.com/create-graphql-server-authorization/-/create-graphql-server-authorization-0.0.12.tgz#df00e443b13622d14dd53b588e1f44ef990763e2" + dependencies: + lodash "4.16.4" + mongodb "^2.2.31" + winston "^2.3.1" + crypt@~0.0.1: version "0.0.2" resolved "https://registry.yarnpkg.com/crypt/-/crypt-0.0.2.tgz#88d7ff7ec0dfb86f713dc87bbb42d044d3e6c41b" @@ -1060,6 +1080,10 @@ currently-unhandled@^0.4.1: dependencies: array-find-index "^1.0.1" +cycle@1.0.x: + version "1.0.3" + resolved "https://registry.yarnpkg.com/cycle/-/cycle-1.0.3.tgz#21e80b2be8580f98b468f379430662b046c34ad2" + d@^0.1.1, d@~0.1.1: version "0.1.1" resolved "https://registry.yarnpkg.com/d/-/d-0.1.1.tgz#da184c535d18d8ee7ba2aa229b914009fae11309" @@ -1082,13 +1106,13 @@ debug@2.2.0, debug@~2.2.0: dependencies: ms "0.7.1" -debug@^2.1.1, debug@^2.2.0: +debug@^2.1.1: version "2.3.2" resolved "https://registry.yarnpkg.com/debug/-/debug-2.3.2.tgz#94cb466ef7d6d2c7e5245cdd6e4104f2d0d70d30" dependencies: ms "0.7.2" -debug@^2.6.8: +debug@^2.2.0, debug@^2.6.8: version "2.6.8" resolved "https://registry.yarnpkg.com/debug/-/debug-2.6.8.tgz#e731531ca2ede27d188222427da17821d68ff4fc" dependencies: @@ -1212,6 +1236,10 @@ es6-map@^0.1.3: es6-symbol "~3.1.0" event-emitter "~0.3.4" +es6-promise@3.2.1: + version "3.2.1" + resolved "https://registry.yarnpkg.com/es6-promise/-/es6-promise-3.2.1.tgz#ec56233868032909207170c39448e24449dd1fc4" + es6-set@^0.1.4, es6-set@~0.1.3: version "0.1.4" resolved "https://registry.yarnpkg.com/es6-set/-/es6-set-0.1.4.tgz#9516b6761c2964b92ff479456233a247dc707ce8" @@ -1412,6 +1440,10 @@ extsprintf@1.0.2: version "1.0.2" resolved "https://registry.yarnpkg.com/extsprintf/-/extsprintf-1.0.2.tgz#e1080e0658e300b06294990cc70e1502235fd550" +eyes@0.1.x: + version "0.1.8" + resolved "https://registry.yarnpkg.com/eyes/-/eyes-0.1.8.tgz#62cf120234c683785d902348a800ef3e0cc20bc0" + fast-levenshtein@~2.0.4: version "2.0.5" resolved "https://registry.yarnpkg.com/fast-levenshtein/-/fast-levenshtein-2.0.5.tgz#bd33145744519ab1c36c3ee9f31f08e9079b67f2" @@ -1594,25 +1626,25 @@ glob@^5.0.5: once "^1.3.0" path-is-absolute "^1.0.0" -glob@^7.0.3, glob@^7.0.5: - version "7.1.1" - resolved "https://registry.yarnpkg.com/glob/-/glob-7.1.1.tgz#805211df04faaf1c63a3600306cdf5ade50b2ec8" +glob@^7.0.3, glob@^7.1.2: + version "7.1.2" + resolved "https://registry.yarnpkg.com/glob/-/glob-7.1.2.tgz#c19c9df9a028702d678612384a6552404c636d15" dependencies: fs.realpath "^1.0.0" inflight "^1.0.4" inherits "2" - minimatch "^3.0.2" + minimatch "^3.0.4" once "^1.3.0" path-is-absolute "^1.0.0" -glob@^7.1.2: - version "7.1.2" - resolved "https://registry.yarnpkg.com/glob/-/glob-7.1.2.tgz#c19c9df9a028702d678612384a6552404c636d15" +glob@^7.0.5: + version "7.1.1" + resolved "https://registry.yarnpkg.com/glob/-/glob-7.1.1.tgz#805211df04faaf1c63a3600306cdf5ade50b2ec8" dependencies: fs.realpath "^1.0.0" inflight "^1.0.4" inherits "2" - minimatch "^3.0.4" + minimatch "^3.0.2" once "^1.3.0" path-is-absolute "^1.0.0" @@ -1623,11 +1655,7 @@ global@^4.3.2: min-document "^2.19.0" process "~0.5.1" -globals@^9.0.0: - version "9.13.0" - resolved "https://registry.yarnpkg.com/globals/-/globals-9.13.0.tgz#d97706b61600d8dbe94708c367d3fdcf48470b8f" - -globals@^9.17.0: +globals@^9.0.0, globals@^9.17.0: version "9.18.0" resolved "https://registry.yarnpkg.com/globals/-/globals-9.18.0.tgz#aa3896b3e69b487f17e31ed2143d69a8e30c2d8a" @@ -1847,16 +1875,7 @@ is-glob@^2.0.0, is-glob@^2.0.1: dependencies: is-extglob "^1.0.0" -is-my-json-valid@^2.12.4: - version "2.15.0" - resolved "https://registry.yarnpkg.com/is-my-json-valid/-/is-my-json-valid-2.15.0.tgz#936edda3ca3c211fd98f3b2d3e08da43f7b2915b" - dependencies: - generate-function "^2.0.0" - generate-object-property "^1.1.0" - jsonpointer "^4.0.0" - xtend "^4.0.0" - -is-my-json-valid@^2.16.0: +is-my-json-valid@^2.12.4, is-my-json-valid@^2.16.0: version "2.16.0" resolved "https://registry.yarnpkg.com/is-my-json-valid/-/is-my-json-valid-2.16.0.tgz#f079dd9bfdae65ee2038aae8acbc86ab109e3693" dependencies: @@ -1931,7 +1950,7 @@ isobject@^2.0.0: dependencies: isarray "1.0.0" -isstream@~0.1.2: +isstream@0.1.x, isstream@~0.1.2: version "0.1.2" resolved "https://registry.yarnpkg.com/isstream/-/isstream-0.1.2.tgz#47e63f7af55afa6f92e1500e690eb8b8529c099a" @@ -2128,6 +2147,7 @@ lodash.merge@^4.6.0: version "4.6.0" resolved "https://registry.yarnpkg.com/lodash.merge/-/lodash.merge-4.6.0.tgz#69884ba144ac33fe699737a6086deffadd0f89c5" +<<<<<<< HEAD <<<<<<< HEAD <<<<<<< HEAD lodash@^4.0.0, lodash@^4.17.4: @@ -2144,6 +2164,17 @@ lodash.pickby@^4.6.0: >>>>>>> Revert "add-user and authorization prototype" lodash@^4.0.0, lodash@^4.2.0, lodash@^4.3.0: >>>>>>> add-user and authorization prototype +======= +lodash@4.16.4: + version "4.16.4" + resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.16.4.tgz#01ce306b9bad1319f2a5528674f88297aeb70127" + +lodash@^4.0.0, lodash@^4.17.4, lodash@^4.3.0: + version "4.17.4" + resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.4.tgz#78203a4d1c328ae1d86dca6460e369b57f4055ae" + +lodash@^4.2.0: +>>>>>>> PR adjustments + npm package version "4.16.6" resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.16.6.tgz#d22c9ac660288f3843e16ba7d2b5d06cca27d777" @@ -2231,13 +2262,13 @@ min-document@^2.19.0: dependencies: dom-walk "^0.1.0" -"minimatch@2 || 3", minimatch@^3.0.0, minimatch@^3.0.2, minimatch@^3.0.3: +"minimatch@2 || 3", minimatch@^3.0.2, minimatch@^3.0.3: version "3.0.3" resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-3.0.3.tgz#2a4e4090b96b2db06a9d7df01055a62a77c9b774" dependencies: brace-expansion "^1.0.0" -minimatch@^3.0.4: +minimatch@^3.0.0, minimatch@^3.0.4: version "3.0.4" resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-3.0.4.tgz#5166e286457f03306064be5497e8dbb0c3d32083" dependencies: @@ -2273,6 +2304,21 @@ mocha: mkdirp "0.5.1" supports-color "3.1.2" +mongodb-core@2.1.15: + version "2.1.15" + resolved "https://registry.yarnpkg.com/mongodb-core/-/mongodb-core-2.1.15.tgz#841f53b87ffff4c7458189c35c8ae827e1169764" + dependencies: + bson "~1.0.4" + require_optional "~1.0.0" + +mongodb@^2.2.31: + version "2.2.31" + resolved "https://registry.yarnpkg.com/mongodb/-/mongodb-2.2.31.tgz#1940445c661e19217bb3bf8245d9854aaef548db" + dependencies: + es6-promise "3.2.1" + mongodb-core "2.1.15" + readable-stream "2.2.7" + ms@0.7.1: version "0.7.1" resolved "https://registry.yarnpkg.com/ms/-/ms-0.7.1.tgz#9cd13c03adbff25b65effde7ce864ee952017098" @@ -2544,39 +2590,40 @@ read-pkg@^1.0.0: normalize-package-data "^2.3.2" path-type "^1.0.0" -"readable-stream@^2.0.0 || ^1.1.13", readable-stream@~2.1.4: - version "2.1.5" - resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.1.5.tgz#66fa8b720e1438b364681f2ad1a63c618448c9d0" +readable-stream@2.2.7: + version "2.2.7" + resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.2.7.tgz#07057acbe2467b22042d36f98c5ad507054e95b1" dependencies: - buffer-shims "^1.0.0" + buffer-shims "~1.0.0" core-util-is "~1.0.0" inherits "~2.0.1" isarray "~1.0.0" process-nextick-args "~1.0.6" - string_decoder "~0.10.x" + string_decoder "~1.0.0" util-deprecate "~1.0.1" -readable-stream@^2.0.2: - version "2.0.6" - resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.0.6.tgz#8f90341e68a53ccc928788dacfcd11b36eb9b78e" +"readable-stream@^2.0.0 || ^1.1.13", readable-stream@^2.0.2, readable-stream@^2.2.2: + version "2.2.11" + resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.2.11.tgz#0796b31f8d7688007ff0b93a8088d34aa17c0f72" dependencies: core-util-is "~1.0.0" inherits "~2.0.1" isarray "~1.0.0" process-nextick-args "~1.0.6" - string_decoder "~0.10.x" + safe-buffer "~5.0.1" + string_decoder "~1.0.0" util-deprecate "~1.0.1" -readable-stream@^2.2.2: - version "2.2.11" - resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.2.11.tgz#0796b31f8d7688007ff0b93a8088d34aa17c0f72" +readable-stream@~2.1.4: + version "2.1.5" + resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.1.5.tgz#66fa8b720e1438b364681f2ad1a63c618448c9d0" dependencies: + buffer-shims "^1.0.0" core-util-is "~1.0.0" inherits "~2.0.1" isarray "~1.0.0" process-nextick-args "~1.0.6" - safe-buffer "~5.0.1" - string_decoder "~1.0.0" + string_decoder "~0.10.x" util-deprecate "~1.0.1" readdirp@^2.0.0: @@ -2717,10 +2764,21 @@ require-uncached@^1.0.2: caller-path "^0.1.0" resolve-from "^1.0.0" +require_optional@~1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/require_optional/-/require_optional-1.0.1.tgz#4cf35a4247f64ca3df8c2ef208cc494b1ca8fc2e" + dependencies: + resolve-from "^2.0.0" + semver "^5.1.0" + resolve-from@^1.0.0: version "1.0.1" resolved "https://registry.yarnpkg.com/resolve-from/-/resolve-from-1.0.1.tgz#26cbfe935d1aeeeabb29bc3fe5aeb01e93d44226" +resolve-from@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/resolve-from/-/resolve-from-2.0.0.tgz#9480ab20e94ffa1d9e80a804c7ea147611966b57" + resolve@^1.1.6: version "1.1.7" resolved "https://registry.yarnpkg.com/resolve/-/resolve-1.1.7.tgz#203114d82ad2c5ed9e8e0411b3932875e889e97b" @@ -2768,7 +2826,7 @@ semver-truncate@^1.0.0: dependencies: semver "^5.3.0" -"semver@2 || 3 || 4 || 5", semver@^5.3.0, semver@~5.3.0: +"semver@2 || 3 || 4 || 5", semver@^5.1.0, semver@^5.3.0, semver@~5.3.0: version "5.3.0" resolved "https://registry.yarnpkg.com/semver/-/semver-5.3.0.tgz#9b2ce5d3de02d17c6012ad326aa6b4d0cf54f94f" @@ -2788,11 +2846,7 @@ shebang-regex@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/shebang-regex/-/shebang-regex-1.0.0.tgz#da42f49740c0b42db2ca9728571cb190c98efea3" -signal-exit@^3.0.0: - version "3.0.1" - resolved "https://registry.yarnpkg.com/signal-exit/-/signal-exit-3.0.1.tgz#5a4c884992b63a7acd9badb7894c3ee9cfccad81" - -signal-exit@^3.0.2: +signal-exit@^3.0.0, signal-exit@^3.0.2: version "3.0.2" resolved "https://registry.yarnpkg.com/signal-exit/-/signal-exit-3.0.2.tgz#b5fdc08f1287ea1178628e415e25132b73646c6d" @@ -2853,6 +2907,10 @@ sshpk@^1.7.0: jsbn "~0.1.0" tweetnacl "~0.14.0" +stack-trace@0.0.x: + version "0.0.10" + resolved "https://registry.yarnpkg.com/stack-trace/-/stack-trace-0.0.10.tgz#547c70b347e8d32b4e108ea1a2a159e5fdde19c0" + string-width@^1.0.1: version "1.0.2" resolved "https://registry.yarnpkg.com/string-width/-/string-width-1.0.2.tgz#118bdf5b8cdc51a2a7e70d211e07e2b0b9b107d3" @@ -3045,6 +3103,17 @@ wide-align@^1.1.0: dependencies: string-width "^1.0.1" +winston@^2.3.1: + version "2.3.1" + resolved "https://registry.yarnpkg.com/winston/-/winston-2.3.1.tgz#0b48420d978c01804cf0230b648861598225a119" + dependencies: + async "~1.0.0" + colors "1.0.x" + cycle "1.0.x" + eyes "0.1.x" + isstream "0.1.x" + stack-trace "0.0.x" + wordwrap@~1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/wordwrap/-/wordwrap-1.0.0.tgz#27584810891456a4171c8d0226441ade90cbcaeb" From df1defc61a76bd07d1624ff02e4581a31e99c0b0 Mon Sep 17 00:00:00 2001 From: tobkle Date: Fri, 18 Aug 2017 17:48:47 +0200 Subject: [PATCH 55/69] harden --- npm-debug.log | 51 - package.json | 1 - test/output-app/.gitignore | 2 + test/output-app/log/all-logs-readable.log | 1 + test/output-app/model/Tweet.js | 10 +- test/output-app/model/User.js | 10 +- test/output-app/package.json | 2 +- test/output-app/yarn-error.log | 4331 +++++++++++++++++++++ test/output-app/yarn.lock | 67 +- yarn.lock | 94 +- 10 files changed, 4380 insertions(+), 189 deletions(-) delete mode 100644 npm-debug.log create mode 100644 test/output-app/yarn-error.log diff --git a/npm-debug.log b/npm-debug.log deleted file mode 100644 index 117132f..0000000 --- a/npm-debug.log +++ /dev/null @@ -1,51 +0,0 @@ -0 info it worked if it ends with ok -1 verbose cli [ '/usr/local/bin/node', -1 verbose cli '/usr/local/bin/npm', -1 verbose cli 'run', -1 verbose cli 'testonly', -1 verbose cli '--', -1 verbose cli './test/output-app-end-to-end' ] -2 info using npm@3.10.8 -3 info using node@v7.0.0 -4 verbose run-script [ 'pretestonly', 'testonly', 'posttestonly' ] -5 info lifecycle create-graphql-server@0.5.3~pretestonly: create-graphql-server@0.5.3 -6 silly lifecycle create-graphql-server@0.5.3~pretestonly: no script for pretestonly, continuing -7 info lifecycle create-graphql-server@0.5.3~testonly: create-graphql-server@0.5.3 -8 verbose lifecycle create-graphql-server@0.5.3~testonly: unsafe-perm in lifecycle true -9 verbose lifecycle create-graphql-server@0.5.3~testonly: PATH: /usr/local/lib/node_modules/npm/bin/node-gyp-bin:/Users/Toby/MICRO/create-graphql-server-3/node_modules/.bin:/Users/Toby/MICRO/create-graphql-server-3/node_modules/.bin:/Users/Toby/.config/yarn/link/node_modules/.bin:/Users/Toby/MICRO/create-graphql-server-3/node_modules/.bin:/Users/Toby/.config/yarn/link/node_modules/.bin:/usr/local/Cellar/yarn/0.17.10/libexec/lib/node_modules/yarn/bin/node-gyp-bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/share/dotnet:/Library/Frameworks/Mono.framework/Versions/Current/Commands:/Users/Toby/.nvm/versions/node/v7.0.0/bin:/Library/Frameworks/Python.framework/Versions/2.7/bin:~/Library/Android/sdk/tools:~/Library/Android/sdk/platform-tools:/usr/local/terraform/bin:/Users/Toby/terraform:/Applications/MAMP/bin/php/php7.0.8/bin:/Library/Frameworks/Python.framework/Versions/3.5/bin -10 verbose lifecycle create-graphql-server@0.5.3~testonly: CWD: /Users/Toby/MICRO/create-graphql-server-3 -11 silly lifecycle create-graphql-server@0.5.3~testonly: Args: [ '-c', -11 silly lifecycle 'mocha --require babel-register "./test/output-app-end-to-end"' ] -12 silly lifecycle create-graphql-server@0.5.3~testonly: Returned: code: 3 signal: null -13 info lifecycle create-graphql-server@0.5.3~testonly: Failed to exec testonly script -14 verbose stack Error: create-graphql-server@0.5.3 testonly: `mocha --require babel-register "./test/output-app-end-to-end"` -14 verbose stack Exit status 3 -14 verbose stack at EventEmitter. (/usr/local/lib/node_modules/npm/lib/utils/lifecycle.js:255:16) -14 verbose stack at emitTwo (events.js:106:13) -14 verbose stack at EventEmitter.emit (events.js:191:7) -14 verbose stack at ChildProcess. (/usr/local/lib/node_modules/npm/lib/utils/spawn.js:40:14) -14 verbose stack at emitTwo (events.js:106:13) -14 verbose stack at ChildProcess.emit (events.js:191:7) -14 verbose stack at maybeClose (internal/child_process.js:877:16) -14 verbose stack at Process.ChildProcess._handle.onexit (internal/child_process.js:226:5) -15 verbose pkgid create-graphql-server@0.5.3 -16 verbose cwd /Users/Toby/MICRO/create-graphql-server-3 -17 error Darwin 16.7.0 -18 error argv "/usr/local/bin/node" "/usr/local/bin/npm" "run" "testonly" "--" "./test/output-app-end-to-end" -19 error node v7.0.0 -20 error npm v3.10.8 -21 error code ELIFECYCLE -22 error create-graphql-server@0.5.3 testonly: `mocha --require babel-register "./test/output-app-end-to-end"` -22 error Exit status 3 -23 error Failed at the create-graphql-server@0.5.3 testonly script 'mocha --require babel-register "./test/output-app-end-to-end"'. -23 error Make sure you have the latest version of node.js and npm installed. -23 error If you do, this is most likely a problem with the create-graphql-server package, -23 error not with npm itself. -23 error Tell the author that this fails on your system: -23 error mocha --require babel-register "./test/output-app-end-to-end" -23 error You can get information on how to open an issue for this project with: -23 error npm bugs create-graphql-server -23 error Or if that isn't available, you can get their info via: -23 error npm owner ls create-graphql-server -23 error There is likely additional logging output above. -24 verbose exit [ 1, true ] diff --git a/package.json b/package.json index e640b2f..105db52 100644 --- a/package.json +++ b/package.json @@ -50,7 +50,6 @@ "babylon": "^6.14.1", "chalk": "^1.1.3", "cpr": "^2.0.0", - "create-graphql-server-authorization": "^0.0.12", "denodeify": "^1.2.1", "escape-string-regexp": "^1.0.5", "global": "^4.3.2", diff --git a/test/output-app/.gitignore b/test/output-app/.gitignore index 7866035..69edd69 100644 --- a/test/output-app/.gitignore +++ b/test/output-app/.gitignore @@ -2,3 +2,5 @@ node_modules /db /input log/all-logs-readable.log +.DS_Store +log/ diff --git a/test/output-app/log/all-logs-readable.log b/test/output-app/log/all-logs-readable.log index ae828aa..57d1909 100644 --- a/test/output-app/log/all-logs-readable.log +++ b/test/output-app/log/all-logs-readable.log @@ -1 +1,2 @@ 2017-08-18 18:18:08 Logger started +2017-08-18 18:18:25 Logger started diff --git a/test/output-app/model/Tweet.js b/test/output-app/model/Tweet.js index 4c16217..1552b0e 100644 --- a/test/output-app/model/Tweet.js +++ b/test/output-app/model/Tweet.js @@ -7,15 +7,11 @@ export default class Tweet { this.context = context; this.collection = context.db.collection('tweet'); this.pubsub = context.pubsub; - let authQuery; try { const { me, User } = context; - authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User }, authlog('tweet findOneById', 'readOne', me)); - } catch (err) { - log.error(err.message); - authQuery = {_id: false}; // otherwise admin access - } - this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); + const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User }, authlog('tweet findOneById', 'readOne', me)); + this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); + } catch (err) { log.error(err.message); } } async findOneById(id, me, resolver) { diff --git a/test/output-app/model/User.js b/test/output-app/model/User.js index 45eb645..de5c96d 100644 --- a/test/output-app/model/User.js +++ b/test/output-app/model/User.js @@ -8,15 +8,11 @@ export default class User { this.collection = context.db.collection('user'); this.pubsub = context.pubsub; this.authRole = User.authRole; - let authQuery; try { const { me } = context; - authQuery = queryForRoles(me, ['admin'], ['_id'], { User }, authlog('user findOneById', 'readOne', me)); - } catch (err) { - log.error(err.message); - authQuery = {_id: false}; // otherwise admin access - } - this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); + const authQuery = queryForRoles(me, ['admin'], ['_id'], { User }, authlog('user findOneById', 'readOne', me)); + this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); + } catch (err) { log.error(err.message); } } static authRole(user){ diff --git a/test/output-app/package.json b/test/output-app/package.json index 6695148..596fe1c 100644 --- a/test/output-app/package.json +++ b/test/output-app/package.json @@ -36,7 +36,7 @@ "bcrypt": "^1.0.2", "body-parser": "1.15.2", "cors": "^2.8.1", - "create-graphql-server-authorization": "^0.0.14", + "create-graphql-server-authorization": "^0.0.27", "dataloader": "^1.2.0", "denodeify": "^1.2.1", "dotenv": "2.0.0", diff --git a/test/output-app/yarn-error.log b/test/output-app/yarn-error.log new file mode 100644 index 0000000..f92ff39 --- /dev/null +++ b/test/output-app/yarn-error.log @@ -0,0 +1,4331 @@ +Arguments: + /usr/local/bin/node /usr/local/bin/yarn add create-graphql-server-authorization + +PATH: + /usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/share/dotnet:/Library/Frameworks/Mono.framework/Versions/Current/Commands:/Users/Toby/.nvm/versions/node/v7.0.0/bin:/Library/Frameworks/Python.framework/Versions/2.7/bin:~/Library/Android/sdk/tools:~/Library/Android/sdk/platform-tools:/usr/local/terraform/bin:/Users/Toby/terraform:/Applications/MAMP/bin/php/php7.0.8/bin:/Library/Frameworks/Python.framework/Versions/3.5/bin + +Yarn version: + 0.17.10 + +Node version: + 7.0.0 + +Platform: + darwin x64 + +npm manifest: + { + "name": "output-app", + "version": "1.0.0", + "description": "output-app GraphQL Server", + "scripts": { + "start": "babel-node index.js" + }, + "config": { + "logfile": "log/all-logs-readable.log" + }, + "private": true, + "author": "", + "license": "MIT", + "devDependencies": { + "babel-cli": "6.16.0", + "babel-core": "6.17.0", + "babel-eslint": "7.0.0", + "babel-preset-es2015": "6.16.0", + "babel-preset-react": "6.16.0", + "babel-preset-stage-2": "6.17.0", + "babel-register": "6.16.3", + "chai": "^3.5.0", + "eslint": "3.8.1", + "eslint-config-react-app": "^0.4.0", + "eslint-plugin-babel": "3.3.0", + "eslint-plugin-flowtype": "2.21.0", + "eslint-plugin-import": "2.0.1", + "eslint-plugin-jsx-a11y": "2.2.3", + "eslint-plugin-react": "6.4.1", + "mocha": "^3.1.2", + "mongodb-prebuilt": "^5.0.7", + "node-fetch": "^1.6.3", + "nodemon": "1.11.0" + }, + "dependencies": { + "bcrypt": "^1.0.2", + "body-parser": "1.15.2", + "cors": "^2.8.1", + "dataloader": "^1.2.0", + "denodeify": "^1.2.1", + "dotenv": "2.0.0", + "express": "4.14.0", + "express-session": "1.14.1", + "graphql": "0.7.2", + "graphql-server": "^0.3.2", + "graphql-server-express": "^0.4.3", + "graphql-subscriptions": "0.2.0", + "graphql-tools": "^0.8.2", + "jwt-simple": "^0.5.1", + "lodash": "4.16.4", + "mongo-find-by-ids": "^1.0.0", + "mongodb": "^2.2.11", + "morgan": "^1.8.2", + "nodeify": "^1.0.1", + "passport": "^0.3.2", + "passport-jwt": "^2.2.1", + "subscriptions-transport-ws": "0.2.6", + "winston": "^2.3.1" + } + } + +yarn manifest: + No manifest + +Lockfile: + # THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY. + # yarn lockfile v1 + + + "@types/express-serve-static-core@*": + version "4.0.39" + resolved "https://registry.yarnpkg.com/@types/express-serve-static-core/-/express-serve-static-core-4.0.39.tgz#45157f96480d46f254648f45b2c6d70bd9fc9f54" + dependencies: + "@types/node" "*" + + "@types/express@^4.0.33": + version "4.0.34" + resolved "https://registry.yarnpkg.com/@types/express/-/express-4.0.34.tgz#cdc0afd69d70d2295b81b3aa47f26f672afcde1c" + dependencies: + "@types/express-serve-static-core" "*" + "@types/serve-static" "*" + + "@types/mime@*": + version "0.0.29" + resolved "https://registry.yarnpkg.com/@types/mime/-/mime-0.0.29.tgz#fbcfd330573b912ef59eeee14602bface630754b" + + "@types/node@*", "@types/node@^6.0.38": + version "6.0.51" + resolved "https://registry.yarnpkg.com/@types/node/-/node-6.0.51.tgz#84cbf25111516ec9304d0b61469dc0fa9d12ba32" + + "@types/serve-static@*": + version "1.7.31" + resolved "https://registry.yarnpkg.com/@types/serve-static/-/serve-static-1.7.31.tgz#15456de8d98d6b4cff31be6c6af7492ae63f521a" + dependencies: + "@types/express-serve-static-core" "*" + "@types/mime" "*" + + abbrev@1: + version "1.0.9" + resolved "https://registry.yarnpkg.com/abbrev/-/abbrev-1.0.9.tgz#91b4792588a7738c25f35dd6f63752a2f8776135" + + accepts@~1.3.3: + version "1.3.3" + resolved "https://registry.yarnpkg.com/accepts/-/accepts-1.3.3.tgz#c3ca7434938648c3e0d9c1e328dd68b622c284ca" + dependencies: + mime-types "~2.1.11" + negotiator "0.6.1" + + acorn-jsx@^3.0.0, acorn-jsx@^3.0.1: + version "3.0.1" + resolved "https://registry.yarnpkg.com/acorn-jsx/-/acorn-jsx-3.0.1.tgz#afdf9488fb1ecefc8348f6fb22f464e32a58b36b" + dependencies: + acorn "^3.0.4" + + acorn@^3.0.4: + version "3.3.0" + resolved "https://registry.yarnpkg.com/acorn/-/acorn-3.3.0.tgz#45e37fb39e8da3f25baee3ff5369e2bb5f22017a" + + acorn@^4.0.1: + version "4.0.3" + resolved "https://registry.yarnpkg.com/acorn/-/acorn-4.0.3.tgz#1a3e850b428e73ba6b09d1cc527f5aaad4d03ef1" + + agent-base@2: + version "2.0.1" + resolved "https://registry.yarnpkg.com/agent-base/-/agent-base-2.0.1.tgz#bd8f9e86a8eb221fffa07bd14befd55df142815e" + dependencies: + extend "~3.0.0" + semver "~5.0.1" + + ajv-keywords@^1.0.0: + version "1.2.0" + resolved "https://registry.yarnpkg.com/ajv-keywords/-/ajv-keywords-1.2.0.tgz#676c4f087bfe1e8b12dca6fda2f3c74f417b099c" + + ajv@^4.7.0: + version "4.9.2" + resolved "https://registry.yarnpkg.com/ajv/-/ajv-4.9.2.tgz#3f7dcda95b0c34bceb2d69945117d146219f1a2c" + dependencies: + co "^4.6.0" + json-stable-stringify "^1.0.1" + + ansi-escapes@^1.1.0: + version "1.4.0" + resolved "https://registry.yarnpkg.com/ansi-escapes/-/ansi-escapes-1.4.0.tgz#d3a8a83b319aa67793662b13e761c7911422306e" + + ansi-regex@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/ansi-regex/-/ansi-regex-2.0.0.tgz#c5061b6e0ef8a81775e50f5d66151bf6bf371107" + + ansi-styles@^2.1.0, ansi-styles@^2.2.1: + version "2.2.1" + resolved "https://registry.yarnpkg.com/ansi-styles/-/ansi-styles-2.2.1.tgz#b432dd3358b634cf75e1e4664368240533c1ddbe" + + anymatch@^1.3.0: + version "1.3.0" + resolved "https://registry.yarnpkg.com/anymatch/-/anymatch-1.3.0.tgz#a3e52fa39168c825ff57b0248126ce5a8ff95507" + dependencies: + arrify "^1.0.0" + micromatch "^2.1.5" + + aproba@^1.0.3: + version "1.0.4" + resolved "https://registry.yarnpkg.com/aproba/-/aproba-1.0.4.tgz#2713680775e7614c8ba186c065d4e2e52d1072c0" + + are-we-there-yet@~1.1.2: + version "1.1.2" + resolved "https://registry.yarnpkg.com/are-we-there-yet/-/are-we-there-yet-1.1.2.tgz#80e470e95a084794fe1899262c5667c6e88de1b3" + dependencies: + delegates "^1.0.0" + readable-stream "^2.0.0 || ^1.1.13" + + argparse@^1.0.7: + version "1.0.9" + resolved "https://registry.yarnpkg.com/argparse/-/argparse-1.0.9.tgz#73d83bc263f86e97f8cc4f6bae1b0e90a7d22c86" + dependencies: + sprintf-js "~1.0.2" + + arr-diff@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/arr-diff/-/arr-diff-2.0.0.tgz#8f3b827f955a8bd669697e4a4256ac3ceae356cf" + dependencies: + arr-flatten "^1.0.1" + + arr-flatten@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/arr-flatten/-/arr-flatten-1.0.1.tgz#e5ffe54d45e19f32f216e91eb99c8ce892bb604b" + + array-find-index@^1.0.1: + version "1.0.2" + resolved "https://registry.yarnpkg.com/array-find-index/-/array-find-index-1.0.2.tgz#df010aa1287e164bbda6f9723b0a96a1ec4187a1" + + array-flatten@1.1.1: + version "1.1.1" + resolved "https://registry.yarnpkg.com/array-flatten/-/array-flatten-1.1.1.tgz#9a5f699051b1e7073328f2a008968b64ea2955d2" + + array-union@^1.0.1: + version "1.0.2" + resolved "https://registry.yarnpkg.com/array-union/-/array-union-1.0.2.tgz#9a34410e4f4e3da23dea375be5be70f24778ec39" + dependencies: + array-uniq "^1.0.1" + + array-uniq@^1.0.0, array-uniq@^1.0.1: + version "1.0.3" + resolved "https://registry.yarnpkg.com/array-uniq/-/array-uniq-1.0.3.tgz#af6ac877a25cc7f74e058894753858dfdb24fdb6" + + array-unique@^0.2.1: + version "0.2.1" + resolved "https://registry.yarnpkg.com/array-unique/-/array-unique-0.2.1.tgz#a1d97ccafcbc2625cc70fadceb36a50c58b01a53" + + arrify@^1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/arrify/-/arrify-1.0.1.tgz#898508da2226f380df904728456849c1501a4b0d" + + asn1@~0.2.3: + version "0.2.3" + resolved "https://registry.yarnpkg.com/asn1/-/asn1-0.2.3.tgz#dac8787713c9966849fc8180777ebe9c1ddf3b86" + + assert-plus@^0.2.0: + version "0.2.0" + resolved "https://registry.yarnpkg.com/assert-plus/-/assert-plus-0.2.0.tgz#d74e1b87e7affc0db8aadb7021f3fe48101ab234" + + assert-plus@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/assert-plus/-/assert-plus-1.0.0.tgz#f12e0f3c5d77b0b1cdd9146942e4e96c1e4dd525" + + assertion-error@^1.0.1: + version "1.0.2" + resolved "https://registry.yarnpkg.com/assertion-error/-/assertion-error-1.0.2.tgz#13ca515d86206da0bac66e834dd397d87581094c" + + async-each@^1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/async-each/-/async-each-1.0.1.tgz#19d386a1d9edc6e7c1c85d388aedbcc56d33602d" + + async@2.0.1: + version "2.0.1" + resolved "https://registry.yarnpkg.com/async/-/async-2.0.1.tgz#b709cc0280a9c36f09f4536be823c838a9049e25" + dependencies: + lodash "^4.8.0" + + async@~1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/async/-/async-1.0.0.tgz#f8fc04ca3a13784ade9e1641af98578cfbd647a9" + + asynckit@^0.4.0: + version "0.4.0" + resolved "https://registry.yarnpkg.com/asynckit/-/asynckit-0.4.0.tgz#c79ed97f7f34cb8f2ba1bc9790bcc366474b4b79" + + aws-sign2@~0.6.0: + version "0.6.0" + resolved "https://registry.yarnpkg.com/aws-sign2/-/aws-sign2-0.6.0.tgz#14342dd38dbcc94d0e5b87d763cd63612c0e794f" + + aws4@^1.2.1: + version "1.5.0" + resolved "https://registry.yarnpkg.com/aws4/-/aws4-1.5.0.tgz#0a29ffb79c31c9e712eeb087e8e7a64b4a56d755" + + babel-cli@6.16.0: + version "6.16.0" + resolved "https://registry.yarnpkg.com/babel-cli/-/babel-cli-6.16.0.tgz#4e0d1cf40442ef78330f7fef88eb3a0a1b16bd37" + dependencies: + babel-core "^6.16.0" + babel-polyfill "^6.16.0" + babel-register "^6.16.0" + babel-runtime "^6.9.0" + bin-version-check "^2.1.0" + chalk "1.1.1" + commander "^2.8.1" + convert-source-map "^1.1.0" + fs-readdir-recursive "^0.1.0" + glob "^5.0.5" + lodash "^4.2.0" + log-symbols "^1.0.2" + output-file-sync "^1.1.0" + path-exists "^1.0.0" + path-is-absolute "^1.0.0" + request "^2.65.0" + slash "^1.0.0" + source-map "^0.5.0" + v8flags "^2.0.10" + optionalDependencies: + chokidar "^1.0.0" + + babel-code-frame@^6.16.0: + version "6.16.0" + resolved "https://registry.yarnpkg.com/babel-code-frame/-/babel-code-frame-6.16.0.tgz#f90e60da0862909d3ce098733b5d3987c97cb8de" + dependencies: + chalk "^1.1.0" + esutils "^2.0.2" + js-tokens "^2.0.0" + + babel-core@6.17.0, babel-core@^6.16.0: + version "6.17.0" + resolved "https://registry.yarnpkg.com/babel-core/-/babel-core-6.17.0.tgz#6c4576447df479e241e58c807e4bc7da4db7f425" + dependencies: + babel-code-frame "^6.16.0" + babel-generator "^6.17.0" + babel-helpers "^6.16.0" + babel-messages "^6.8.0" + babel-register "^6.16.0" + babel-runtime "^6.9.1" + babel-template "^6.16.0" + babel-traverse "^6.16.0" + babel-types "^6.16.0" + babylon "^6.11.0" + convert-source-map "^1.1.0" + debug "^2.1.1" + json5 "^0.4.0" + lodash "^4.2.0" + minimatch "^3.0.2" + path-exists "^1.0.0" + path-is-absolute "^1.0.0" + private "^0.1.6" + shebang-regex "^1.0.0" + slash "^1.0.0" + source-map "^0.5.0" + + babel-eslint@7.0.0: + version "7.0.0" + resolved "https://registry.yarnpkg.com/babel-eslint/-/babel-eslint-7.0.0.tgz#54e51b4033f54ac81326ecea4c646a779935196d" + dependencies: + babel-traverse "^6.15.0" + babel-types "^6.15.0" + babylon "^6.11.2" + lodash.pickby "^4.6.0" + + babel-generator@^6.17.0: + version "6.19.0" + resolved "https://registry.yarnpkg.com/babel-generator/-/babel-generator-6.19.0.tgz#9b2f244204777a3d6810ec127c673c87b349fac5" + dependencies: + babel-messages "^6.8.0" + babel-runtime "^6.9.0" + babel-types "^6.19.0" + detect-indent "^4.0.0" + jsesc "^1.3.0" + lodash "^4.2.0" + source-map "^0.5.0" + + babel-helper-bindify-decorators@^6.18.0: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-helper-bindify-decorators/-/babel-helper-bindify-decorators-6.18.0.tgz#fc00c573676a6e702fffa00019580892ec8780a5" + dependencies: + babel-runtime "^6.0.0" + babel-traverse "^6.18.0" + babel-types "^6.18.0" + + babel-helper-builder-binary-assignment-operator-visitor@^6.8.0: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-helper-builder-binary-assignment-operator-visitor/-/babel-helper-builder-binary-assignment-operator-visitor-6.18.0.tgz#8ae814989f7a53682152e3401a04fabd0bb333a6" + dependencies: + babel-helper-explode-assignable-expression "^6.18.0" + babel-runtime "^6.0.0" + babel-types "^6.18.0" + + babel-helper-builder-react-jsx@^6.8.0: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-helper-builder-react-jsx/-/babel-helper-builder-react-jsx-6.18.0.tgz#ab02f19a2eb7ace936dd87fa55896d02be59bf71" + dependencies: + babel-runtime "^6.9.0" + babel-types "^6.18.0" + esutils "^2.0.0" + lodash "^4.2.0" + + babel-helper-call-delegate@^6.18.0: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-helper-call-delegate/-/babel-helper-call-delegate-6.18.0.tgz#05b14aafa430884b034097ef29e9f067ea4133bd" + dependencies: + babel-helper-hoist-variables "^6.18.0" + babel-runtime "^6.0.0" + babel-traverse "^6.18.0" + babel-types "^6.18.0" + + babel-helper-define-map@^6.18.0, babel-helper-define-map@^6.8.0: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-helper-define-map/-/babel-helper-define-map-6.18.0.tgz#8d6c85dc7fbb4c19be3de40474d18e97c3676ec2" + dependencies: + babel-helper-function-name "^6.18.0" + babel-runtime "^6.9.0" + babel-types "^6.18.0" + lodash "^4.2.0" + + babel-helper-explode-assignable-expression@^6.18.0: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-helper-explode-assignable-expression/-/babel-helper-explode-assignable-expression-6.18.0.tgz#14b8e8c2d03ad735d4b20f1840b24cd1f65239fe" + dependencies: + babel-runtime "^6.0.0" + babel-traverse "^6.18.0" + babel-types "^6.18.0" + + babel-helper-explode-class@^6.8.0: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-helper-explode-class/-/babel-helper-explode-class-6.18.0.tgz#c44f76f4fa23b9c5d607cbac5d4115e7a76f62cb" + dependencies: + babel-helper-bindify-decorators "^6.18.0" + babel-runtime "^6.0.0" + babel-traverse "^6.18.0" + babel-types "^6.18.0" + + babel-helper-function-name@^6.18.0, babel-helper-function-name@^6.8.0: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-helper-function-name/-/babel-helper-function-name-6.18.0.tgz#68ec71aeba1f3e28b2a6f0730190b754a9bf30e6" + dependencies: + babel-helper-get-function-arity "^6.18.0" + babel-runtime "^6.0.0" + babel-template "^6.8.0" + babel-traverse "^6.18.0" + babel-types "^6.18.0" + + babel-helper-get-function-arity@^6.18.0: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-helper-get-function-arity/-/babel-helper-get-function-arity-6.18.0.tgz#a5b19695fd3f9cdfc328398b47dafcd7094f9f24" + dependencies: + babel-runtime "^6.0.0" + babel-types "^6.18.0" + + babel-helper-hoist-variables@^6.18.0: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-helper-hoist-variables/-/babel-helper-hoist-variables-6.18.0.tgz#a835b5ab8b46d6de9babefae4d98ea41e866b82a" + dependencies: + babel-runtime "^6.0.0" + babel-types "^6.18.0" + + babel-helper-optimise-call-expression@^6.18.0: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-helper-optimise-call-expression/-/babel-helper-optimise-call-expression-6.18.0.tgz#9261d0299ee1a4f08a6dd28b7b7c777348fd8f0f" + dependencies: + babel-runtime "^6.0.0" + babel-types "^6.18.0" + + babel-helper-regex@^6.8.0: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-helper-regex/-/babel-helper-regex-6.18.0.tgz#ae0ebfd77de86cb2f1af258e2cc20b5fe893ecc6" + dependencies: + babel-runtime "^6.9.0" + babel-types "^6.18.0" + lodash "^4.2.0" + + babel-helper-remap-async-to-generator@^6.16.0, babel-helper-remap-async-to-generator@^6.16.2: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-helper-remap-async-to-generator/-/babel-helper-remap-async-to-generator-6.18.0.tgz#336cdf3cab650bb191b02fc16a3708e7be7f9ce5" + dependencies: + babel-helper-function-name "^6.18.0" + babel-runtime "^6.0.0" + babel-template "^6.16.0" + babel-traverse "^6.18.0" + babel-types "^6.18.0" + + babel-helper-replace-supers@^6.18.0, babel-helper-replace-supers@^6.8.0: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-helper-replace-supers/-/babel-helper-replace-supers-6.18.0.tgz#28ec69877be4144dbd64f4cc3a337e89f29a924e" + dependencies: + babel-helper-optimise-call-expression "^6.18.0" + babel-messages "^6.8.0" + babel-runtime "^6.0.0" + babel-template "^6.16.0" + babel-traverse "^6.18.0" + babel-types "^6.18.0" + + babel-helpers@^6.16.0: + version "6.16.0" + resolved "https://registry.yarnpkg.com/babel-helpers/-/babel-helpers-6.16.0.tgz#1095ec10d99279460553e67eb3eee9973d3867e3" + dependencies: + babel-runtime "^6.0.0" + babel-template "^6.16.0" + + babel-messages@^6.8.0: + version "6.8.0" + resolved "https://registry.yarnpkg.com/babel-messages/-/babel-messages-6.8.0.tgz#bf504736ca967e6d65ef0adb5a2a5f947c8e0eb9" + dependencies: + babel-runtime "^6.0.0" + + babel-plugin-check-es2015-constants@^6.3.13: + version "6.8.0" + resolved "https://registry.yarnpkg.com/babel-plugin-check-es2015-constants/-/babel-plugin-check-es2015-constants-6.8.0.tgz#dbf024c32ed37bfda8dee1e76da02386a8d26fe7" + dependencies: + babel-runtime "^6.0.0" + + babel-plugin-syntax-async-functions@^6.8.0: + version "6.13.0" + resolved "https://registry.yarnpkg.com/babel-plugin-syntax-async-functions/-/babel-plugin-syntax-async-functions-6.13.0.tgz#cad9cad1191b5ad634bf30ae0872391e0647be95" + + babel-plugin-syntax-async-generators@^6.5.0: + version "6.13.0" + resolved "https://registry.yarnpkg.com/babel-plugin-syntax-async-generators/-/babel-plugin-syntax-async-generators-6.13.0.tgz#6bc963ebb16eccbae6b92b596eb7f35c342a8b9a" + + babel-plugin-syntax-class-properties@^6.8.0: + version "6.13.0" + resolved "https://registry.yarnpkg.com/babel-plugin-syntax-class-properties/-/babel-plugin-syntax-class-properties-6.13.0.tgz#d7eb23b79a317f8543962c505b827c7d6cac27de" + + babel-plugin-syntax-decorators@^6.13.0: + version "6.13.0" + resolved "https://registry.yarnpkg.com/babel-plugin-syntax-decorators/-/babel-plugin-syntax-decorators-6.13.0.tgz#312563b4dbde3cc806cee3e416cceeaddd11ac0b" + + babel-plugin-syntax-exponentiation-operator@^6.8.0: + version "6.13.0" + resolved "https://registry.yarnpkg.com/babel-plugin-syntax-exponentiation-operator/-/babel-plugin-syntax-exponentiation-operator-6.13.0.tgz#9ee7e8337290da95288201a6a57f4170317830de" + + babel-plugin-syntax-flow@^6.18.0, babel-plugin-syntax-flow@^6.3.13: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-plugin-syntax-flow/-/babel-plugin-syntax-flow-6.18.0.tgz#4c3ab20a2af26aa20cd25995c398c4eb70310c8d" + + babel-plugin-syntax-jsx@^6.3.13, babel-plugin-syntax-jsx@^6.8.0: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-plugin-syntax-jsx/-/babel-plugin-syntax-jsx-6.18.0.tgz#0af32a9a6e13ca7a3fd5069e62d7b0f58d0d8946" + + babel-plugin-syntax-object-rest-spread@^6.8.0: + version "6.13.0" + resolved "https://registry.yarnpkg.com/babel-plugin-syntax-object-rest-spread/-/babel-plugin-syntax-object-rest-spread-6.13.0.tgz#fd6536f2bce13836ffa3a5458c4903a597bb3bf5" + + babel-plugin-syntax-trailing-function-commas@^6.3.13: + version "6.13.0" + resolved "https://registry.yarnpkg.com/babel-plugin-syntax-trailing-function-commas/-/babel-plugin-syntax-trailing-function-commas-6.13.0.tgz#2b84b7d53dd744f94ff1fad7669406274b23f541" + + babel-plugin-transform-async-generator-functions@^6.17.0: + version "6.17.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-async-generator-functions/-/babel-plugin-transform-async-generator-functions-6.17.0.tgz#d0b5a2b2f0940f2b245fa20a00519ed7bc6cae54" + dependencies: + babel-helper-remap-async-to-generator "^6.16.2" + babel-plugin-syntax-async-generators "^6.5.0" + babel-runtime "^6.0.0" + + babel-plugin-transform-async-to-generator@^6.16.0: + version "6.16.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-async-to-generator/-/babel-plugin-transform-async-to-generator-6.16.0.tgz#19ec36cb1486b59f9f468adfa42ce13908ca2999" + dependencies: + babel-helper-remap-async-to-generator "^6.16.0" + babel-plugin-syntax-async-functions "^6.8.0" + babel-runtime "^6.0.0" + + babel-plugin-transform-class-properties@^6.16.0: + version "6.19.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-class-properties/-/babel-plugin-transform-class-properties-6.19.0.tgz#1274b349abaadc835164e2004f4a2444a2788d5f" + dependencies: + babel-helper-function-name "^6.18.0" + babel-plugin-syntax-class-properties "^6.8.0" + babel-runtime "^6.9.1" + babel-template "^6.15.0" + + babel-plugin-transform-decorators@^6.13.0: + version "6.13.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-decorators/-/babel-plugin-transform-decorators-6.13.0.tgz#82d65c1470ae83e2d13eebecb0a1c2476d62da9d" + dependencies: + babel-helper-define-map "^6.8.0" + babel-helper-explode-class "^6.8.0" + babel-plugin-syntax-decorators "^6.13.0" + babel-runtime "^6.0.0" + babel-template "^6.8.0" + babel-types "^6.13.0" + + babel-plugin-transform-es2015-arrow-functions@^6.3.13: + version "6.8.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-arrow-functions/-/babel-plugin-transform-es2015-arrow-functions-6.8.0.tgz#5b63afc3181bdc9a8c4d481b5a4f3f7d7fef3d9d" + dependencies: + babel-runtime "^6.0.0" + + babel-plugin-transform-es2015-block-scoped-functions@^6.3.13: + version "6.8.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-block-scoped-functions/-/babel-plugin-transform-es2015-block-scoped-functions-6.8.0.tgz#ed95d629c4b5a71ae29682b998f70d9833eb366d" + dependencies: + babel-runtime "^6.0.0" + + babel-plugin-transform-es2015-block-scoping@^6.14.0: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-block-scoping/-/babel-plugin-transform-es2015-block-scoping-6.18.0.tgz#3bfdcfec318d46df22525cdea88f1978813653af" + dependencies: + babel-runtime "^6.9.0" + babel-template "^6.15.0" + babel-traverse "^6.18.0" + babel-types "^6.18.0" + lodash "^4.2.0" + + babel-plugin-transform-es2015-classes@^6.14.0: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-classes/-/babel-plugin-transform-es2015-classes-6.18.0.tgz#ffe7a17321bf83e494dcda0ae3fc72df48ffd1d9" + dependencies: + babel-helper-define-map "^6.18.0" + babel-helper-function-name "^6.18.0" + babel-helper-optimise-call-expression "^6.18.0" + babel-helper-replace-supers "^6.18.0" + babel-messages "^6.8.0" + babel-runtime "^6.9.0" + babel-template "^6.14.0" + babel-traverse "^6.18.0" + babel-types "^6.18.0" + + babel-plugin-transform-es2015-computed-properties@^6.3.13: + version "6.8.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-computed-properties/-/babel-plugin-transform-es2015-computed-properties-6.8.0.tgz#f51010fd61b3bd7b6b60a5fdfd307bb7a5279870" + dependencies: + babel-helper-define-map "^6.8.0" + babel-runtime "^6.0.0" + babel-template "^6.8.0" + + babel-plugin-transform-es2015-destructuring@^6.16.0: + version "6.19.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-destructuring/-/babel-plugin-transform-es2015-destructuring-6.19.0.tgz#ff1d911c4b3f4cab621bd66702a869acd1900533" + dependencies: + babel-runtime "^6.9.0" + + babel-plugin-transform-es2015-duplicate-keys@^6.6.0: + version "6.8.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-duplicate-keys/-/babel-plugin-transform-es2015-duplicate-keys-6.8.0.tgz#fd8f7f7171fc108cc1c70c3164b9f15a81c25f7d" + dependencies: + babel-runtime "^6.0.0" + babel-types "^6.8.0" + + babel-plugin-transform-es2015-for-of@^6.6.0: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-for-of/-/babel-plugin-transform-es2015-for-of-6.18.0.tgz#4c517504db64bf8cfc119a6b8f177211f2028a70" + dependencies: + babel-runtime "^6.0.0" + + babel-plugin-transform-es2015-function-name@^6.9.0: + version "6.9.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-function-name/-/babel-plugin-transform-es2015-function-name-6.9.0.tgz#8c135b17dbd064e5bba56ec511baaee2fca82719" + dependencies: + babel-helper-function-name "^6.8.0" + babel-runtime "^6.9.0" + babel-types "^6.9.0" + + babel-plugin-transform-es2015-literals@^6.3.13: + version "6.8.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-literals/-/babel-plugin-transform-es2015-literals-6.8.0.tgz#50aa2e5c7958fc2ab25d74ec117e0cc98f046468" + dependencies: + babel-runtime "^6.0.0" + + babel-plugin-transform-es2015-modules-amd@^6.18.0, babel-plugin-transform-es2015-modules-amd@^6.8.0: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-modules-amd/-/babel-plugin-transform-es2015-modules-amd-6.18.0.tgz#49a054cbb762bdf9ae2d8a807076cfade6141e40" + dependencies: + babel-plugin-transform-es2015-modules-commonjs "^6.18.0" + babel-runtime "^6.0.0" + babel-template "^6.8.0" + + babel-plugin-transform-es2015-modules-commonjs@^6.16.0, babel-plugin-transform-es2015-modules-commonjs@^6.18.0: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-modules-commonjs/-/babel-plugin-transform-es2015-modules-commonjs-6.18.0.tgz#c15ae5bb11b32a0abdcc98a5837baa4ee8d67bcc" + dependencies: + babel-plugin-transform-strict-mode "^6.18.0" + babel-runtime "^6.0.0" + babel-template "^6.16.0" + babel-types "^6.18.0" + + babel-plugin-transform-es2015-modules-systemjs@^6.14.0: + version "6.19.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-modules-systemjs/-/babel-plugin-transform-es2015-modules-systemjs-6.19.0.tgz#50438136eba74527efa00a5b0fefaf1dc4071da6" + dependencies: + babel-helper-hoist-variables "^6.18.0" + babel-runtime "^6.11.6" + babel-template "^6.14.0" + + babel-plugin-transform-es2015-modules-umd@^6.12.0: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-modules-umd/-/babel-plugin-transform-es2015-modules-umd-6.18.0.tgz#23351770ece5c1f8e83ed67cb1d7992884491e50" + dependencies: + babel-plugin-transform-es2015-modules-amd "^6.18.0" + babel-runtime "^6.0.0" + babel-template "^6.8.0" + + babel-plugin-transform-es2015-object-super@^6.3.13: + version "6.8.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-object-super/-/babel-plugin-transform-es2015-object-super-6.8.0.tgz#1b858740a5a4400887c23dcff6f4d56eea4a24c5" + dependencies: + babel-helper-replace-supers "^6.8.0" + babel-runtime "^6.0.0" + + babel-plugin-transform-es2015-parameters@^6.16.0: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-parameters/-/babel-plugin-transform-es2015-parameters-6.18.0.tgz#9b2cfe238c549f1635ba27fc1daa858be70608b1" + dependencies: + babel-helper-call-delegate "^6.18.0" + babel-helper-get-function-arity "^6.18.0" + babel-runtime "^6.9.0" + babel-template "^6.16.0" + babel-traverse "^6.18.0" + babel-types "^6.18.0" + + babel-plugin-transform-es2015-shorthand-properties@^6.3.13: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-shorthand-properties/-/babel-plugin-transform-es2015-shorthand-properties-6.18.0.tgz#e2ede3b7df47bf980151926534d1dd0cbea58f43" + dependencies: + babel-runtime "^6.0.0" + babel-types "^6.18.0" + + babel-plugin-transform-es2015-spread@^6.3.13: + version "6.8.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-spread/-/babel-plugin-transform-es2015-spread-6.8.0.tgz#0217f737e3b821fa5a669f187c6ed59205f05e9c" + dependencies: + babel-runtime "^6.0.0" + + babel-plugin-transform-es2015-sticky-regex@^6.3.13: + version "6.8.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-sticky-regex/-/babel-plugin-transform-es2015-sticky-regex-6.8.0.tgz#e73d300a440a35d5c64f5c2a344dc236e3df47be" + dependencies: + babel-helper-regex "^6.8.0" + babel-runtime "^6.0.0" + babel-types "^6.8.0" + + babel-plugin-transform-es2015-template-literals@^6.6.0: + version "6.8.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-template-literals/-/babel-plugin-transform-es2015-template-literals-6.8.0.tgz#86eb876d0a2c635da4ec048b4f7de9dfc897e66b" + dependencies: + babel-runtime "^6.0.0" + + babel-plugin-transform-es2015-typeof-symbol@^6.6.0: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-typeof-symbol/-/babel-plugin-transform-es2015-typeof-symbol-6.18.0.tgz#0b14c48629c90ff47a0650077f6aa699bee35798" + dependencies: + babel-runtime "^6.0.0" + + babel-plugin-transform-es2015-unicode-regex@^6.3.13: + version "6.11.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-unicode-regex/-/babel-plugin-transform-es2015-unicode-regex-6.11.0.tgz#6298ceabaad88d50a3f4f392d8de997260f6ef2c" + dependencies: + babel-helper-regex "^6.8.0" + babel-runtime "^6.0.0" + regexpu-core "^2.0.0" + + babel-plugin-transform-exponentiation-operator@^6.3.13: + version "6.8.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-exponentiation-operator/-/babel-plugin-transform-exponentiation-operator-6.8.0.tgz#db25742e9339eade676ca9acec46f955599a68a4" + dependencies: + babel-helper-builder-binary-assignment-operator-visitor "^6.8.0" + babel-plugin-syntax-exponentiation-operator "^6.8.0" + babel-runtime "^6.0.0" + + babel-plugin-transform-flow-strip-types@^6.3.13: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-flow-strip-types/-/babel-plugin-transform-flow-strip-types-6.18.0.tgz#4d3e642158661e9b40db457c004a30817fa32592" + dependencies: + babel-plugin-syntax-flow "^6.18.0" + babel-runtime "^6.0.0" + + babel-plugin-transform-object-rest-spread@^6.16.0: + version "6.19.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-object-rest-spread/-/babel-plugin-transform-object-rest-spread-6.19.0.tgz#f6ac428ee3cb4c6aa00943ed1422ce813603b34c" + dependencies: + babel-plugin-syntax-object-rest-spread "^6.8.0" + babel-runtime "^6.0.0" + + babel-plugin-transform-react-display-name@^6.3.13: + version "6.8.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-react-display-name/-/babel-plugin-transform-react-display-name-6.8.0.tgz#f7a084977383d728bdbdc2835bba0159577f660e" + dependencies: + babel-runtime "^6.0.0" + + babel-plugin-transform-react-jsx-self@^6.11.0: + version "6.11.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-react-jsx-self/-/babel-plugin-transform-react-jsx-self-6.11.0.tgz#605c9450c1429f97a930f7e1dfe3f0d9d0dbd0f4" + dependencies: + babel-plugin-syntax-jsx "^6.8.0" + babel-runtime "^6.9.0" + + babel-plugin-transform-react-jsx-source@^6.3.13: + version "6.9.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-react-jsx-source/-/babel-plugin-transform-react-jsx-source-6.9.0.tgz#af684a05c2067a86e0957d4f343295ccf5dccf00" + dependencies: + babel-plugin-syntax-jsx "^6.8.0" + babel-runtime "^6.9.0" + + babel-plugin-transform-react-jsx@^6.3.13: + version "6.8.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-react-jsx/-/babel-plugin-transform-react-jsx-6.8.0.tgz#94759942f70af18c617189aa7f3593f1644a71ab" + dependencies: + babel-helper-builder-react-jsx "^6.8.0" + babel-plugin-syntax-jsx "^6.8.0" + babel-runtime "^6.0.0" + + babel-plugin-transform-regenerator@^6.16.0: + version "6.16.1" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-regenerator/-/babel-plugin-transform-regenerator-6.16.1.tgz#a75de6b048a14154aae14b0122756c5bed392f59" + dependencies: + babel-runtime "^6.9.0" + babel-types "^6.16.0" + private "~0.1.5" + + babel-plugin-transform-strict-mode@^6.18.0: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-strict-mode/-/babel-plugin-transform-strict-mode-6.18.0.tgz#df7cf2991fe046f44163dcd110d5ca43bc652b9d" + dependencies: + babel-runtime "^6.0.0" + babel-types "^6.18.0" + + babel-polyfill@^6.16.0: + version "6.16.0" + resolved "https://registry.yarnpkg.com/babel-polyfill/-/babel-polyfill-6.16.0.tgz#2d45021df87e26a374b6d4d1a9c65964d17f2422" + dependencies: + babel-runtime "^6.9.1" + core-js "^2.4.0" + regenerator-runtime "^0.9.5" + + babel-preset-es2015@6.16.0: + version "6.16.0" + resolved "https://registry.yarnpkg.com/babel-preset-es2015/-/babel-preset-es2015-6.16.0.tgz#59acecd1efbebaf48f89404840f2fe78c4d2ad5c" + dependencies: + babel-plugin-check-es2015-constants "^6.3.13" + babel-plugin-transform-es2015-arrow-functions "^6.3.13" + babel-plugin-transform-es2015-block-scoped-functions "^6.3.13" + babel-plugin-transform-es2015-block-scoping "^6.14.0" + babel-plugin-transform-es2015-classes "^6.14.0" + babel-plugin-transform-es2015-computed-properties "^6.3.13" + babel-plugin-transform-es2015-destructuring "^6.16.0" + babel-plugin-transform-es2015-duplicate-keys "^6.6.0" + babel-plugin-transform-es2015-for-of "^6.6.0" + babel-plugin-transform-es2015-function-name "^6.9.0" + babel-plugin-transform-es2015-literals "^6.3.13" + babel-plugin-transform-es2015-modules-amd "^6.8.0" + babel-plugin-transform-es2015-modules-commonjs "^6.16.0" + babel-plugin-transform-es2015-modules-systemjs "^6.14.0" + babel-plugin-transform-es2015-modules-umd "^6.12.0" + babel-plugin-transform-es2015-object-super "^6.3.13" + babel-plugin-transform-es2015-parameters "^6.16.0" + babel-plugin-transform-es2015-shorthand-properties "^6.3.13" + babel-plugin-transform-es2015-spread "^6.3.13" + babel-plugin-transform-es2015-sticky-regex "^6.3.13" + babel-plugin-transform-es2015-template-literals "^6.6.0" + babel-plugin-transform-es2015-typeof-symbol "^6.6.0" + babel-plugin-transform-es2015-unicode-regex "^6.3.13" + babel-plugin-transform-regenerator "^6.16.0" + + babel-preset-react@6.16.0: + version "6.16.0" + resolved "https://registry.yarnpkg.com/babel-preset-react/-/babel-preset-react-6.16.0.tgz#aa117d60de0928607e343c4828906e4661824316" + dependencies: + babel-plugin-syntax-flow "^6.3.13" + babel-plugin-syntax-jsx "^6.3.13" + babel-plugin-transform-flow-strip-types "^6.3.13" + babel-plugin-transform-react-display-name "^6.3.13" + babel-plugin-transform-react-jsx "^6.3.13" + babel-plugin-transform-react-jsx-self "^6.11.0" + babel-plugin-transform-react-jsx-source "^6.3.13" + + babel-preset-stage-2@6.17.0: + version "6.17.0" + resolved "https://registry.yarnpkg.com/babel-preset-stage-2/-/babel-preset-stage-2-6.17.0.tgz#dc4f84582781353cef36c41247eae5e36c4cae0d" + dependencies: + babel-plugin-transform-class-properties "^6.16.0" + babel-plugin-transform-decorators "^6.13.0" + babel-preset-stage-3 "^6.17.0" + + babel-preset-stage-3@^6.17.0: + version "6.17.0" + resolved "https://registry.yarnpkg.com/babel-preset-stage-3/-/babel-preset-stage-3-6.17.0.tgz#b6638e46db6e91e3f889013d8ce143917c685e39" + dependencies: + babel-plugin-syntax-trailing-function-commas "^6.3.13" + babel-plugin-transform-async-generator-functions "^6.17.0" + babel-plugin-transform-async-to-generator "^6.16.0" + babel-plugin-transform-exponentiation-operator "^6.3.13" + babel-plugin-transform-object-rest-spread "^6.16.0" + + babel-register@6.16.3, babel-register@^6.16.0: + version "6.16.3" + resolved "https://registry.yarnpkg.com/babel-register/-/babel-register-6.16.3.tgz#7b0c0ca7bfdeb9188ba4c27e5fcb7599a497c624" + dependencies: + babel-core "^6.16.0" + babel-runtime "^6.11.6" + core-js "^2.4.0" + home-or-tmp "^1.0.0" + lodash "^4.2.0" + mkdirp "^0.5.1" + path-exists "^1.0.0" + source-map-support "^0.4.2" + + babel-runtime@^6.0.0, babel-runtime@^6.11.6, babel-runtime@^6.9.0, babel-runtime@^6.9.1: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-runtime/-/babel-runtime-6.18.0.tgz#0f4177ffd98492ef13b9f823e9994a02584c9078" + dependencies: + core-js "^2.4.0" + regenerator-runtime "^0.9.5" + + babel-template@^6.14.0, babel-template@^6.15.0, babel-template@^6.16.0, babel-template@^6.8.0: + version "6.16.0" + resolved "https://registry.yarnpkg.com/babel-template/-/babel-template-6.16.0.tgz#e149dd1a9f03a35f817ddbc4d0481988e7ebc8ca" + dependencies: + babel-runtime "^6.9.0" + babel-traverse "^6.16.0" + babel-types "^6.16.0" + babylon "^6.11.0" + lodash "^4.2.0" + + babel-traverse@^6.15.0, babel-traverse@^6.16.0, babel-traverse@^6.18.0: + version "6.19.0" + resolved "https://registry.yarnpkg.com/babel-traverse/-/babel-traverse-6.19.0.tgz#68363fb821e26247d52a519a84b2ceab8df4f55a" + dependencies: + babel-code-frame "^6.16.0" + babel-messages "^6.8.0" + babel-runtime "^6.9.0" + babel-types "^6.19.0" + babylon "^6.11.0" + debug "^2.2.0" + globals "^9.0.0" + invariant "^2.2.0" + lodash "^4.2.0" + + babel-types@^6.13.0, babel-types@^6.15.0, babel-types@^6.16.0, babel-types@^6.18.0, babel-types@^6.19.0, babel-types@^6.8.0, babel-types@^6.9.0: + version "6.19.0" + resolved "https://registry.yarnpkg.com/babel-types/-/babel-types-6.19.0.tgz#8db2972dbed01f1192a8b602ba1e1e4c516240b9" + dependencies: + babel-runtime "^6.9.1" + esutils "^2.0.2" + lodash "^4.2.0" + to-fast-properties "^1.0.1" + + babylon@^6.11.0, babylon@^6.11.2: + version "6.14.1" + resolved "https://registry.yarnpkg.com/babylon/-/babylon-6.14.1.tgz#956275fab72753ad9b3435d7afe58f8bf0a29815" + + backo2@^1.0.2: + version "1.0.2" + resolved "https://registry.yarnpkg.com/backo2/-/backo2-1.0.2.tgz#31ab1ac8b129363463e35b3ebb69f4dfcfba7947" + + balanced-match@^0.4.1: + version "0.4.2" + resolved "https://registry.yarnpkg.com/balanced-match/-/balanced-match-0.4.2.tgz#cb3f3e3c732dc0f01ee70b403f302e61d7709838" + + base64-url@1.3.3: + version "1.3.3" + resolved "https://registry.yarnpkg.com/base64-url/-/base64-url-1.3.3.tgz#f8b6c537f09a4fc58c99cb86e0b0e9c61461a20f" + + base64url@2.0.0, base64url@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/base64url/-/base64url-2.0.0.tgz#eac16e03ea1438eff9423d69baa36262ed1f70bb" + + basic-auth@~1.1.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/basic-auth/-/basic-auth-1.1.0.tgz#45221ee429f7ee1e5035be3f51533f1cdfd29884" + + bcrypt-pbkdf@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.0.tgz#3ca76b85241c7170bf7d9703e7b9aa74630040d4" + dependencies: + tweetnacl "^0.14.3" + + bcrypt@^1.0.2: + version "1.0.2" + resolved "https://registry.yarnpkg.com/bcrypt/-/bcrypt-1.0.2.tgz#d05fc5d223173e0e28ec381c0f00cc25ffaf2736" + dependencies: + bindings "1.2.1" + nan "2.5.0" + node-pre-gyp "0.6.32" + + bin-version-check@^2.1.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/bin-version-check/-/bin-version-check-2.1.0.tgz#e4e5df290b9069f7d111324031efc13fdd11a5b0" + dependencies: + bin-version "^1.0.0" + minimist "^1.1.0" + semver "^4.0.3" + semver-truncate "^1.0.0" + + bin-version@^1.0.0: + version "1.0.4" + resolved "https://registry.yarnpkg.com/bin-version/-/bin-version-1.0.4.tgz#9eb498ee6fd76f7ab9a7c160436f89579435d78e" + dependencies: + find-versions "^1.0.0" + + binary-extensions@^1.0.0: + version "1.8.0" + resolved "https://registry.yarnpkg.com/binary-extensions/-/binary-extensions-1.8.0.tgz#48ec8d16df4377eae5fa5884682480af4d95c774" + + bindings@1.2.1: + version "1.2.1" + resolved "https://registry.yarnpkg.com/bindings/-/bindings-1.2.1.tgz#14ad6113812d2d37d72e67b4cacb4bb726505f11" + + bl@^1.0.0: + version "1.1.2" + resolved "https://registry.yarnpkg.com/bl/-/bl-1.1.2.tgz#fdca871a99713aa00d19e3bbba41c44787a65398" + dependencies: + readable-stream "~2.0.5" + + block-stream@*: + version "0.0.9" + resolved "https://registry.yarnpkg.com/block-stream/-/block-stream-0.0.9.tgz#13ebfe778a03205cfe03751481ebb4b3300c126a" + dependencies: + inherits "~2.0.0" + + body-parser@1.15.2: + version "1.15.2" + resolved "https://registry.yarnpkg.com/body-parser/-/body-parser-1.15.2.tgz#d7578cf4f1d11d5f6ea804cef35dc7a7ff6dae67" + dependencies: + bytes "2.4.0" + content-type "~1.0.2" + debug "~2.2.0" + depd "~1.1.0" + http-errors "~1.5.0" + iconv-lite "0.4.13" + on-finished "~2.3.0" + qs "6.2.0" + raw-body "~2.1.7" + type-is "~1.6.13" + + boom@2.x.x: + version "2.10.1" + resolved "https://registry.yarnpkg.com/boom/-/boom-2.10.1.tgz#39c8918ceff5799f83f9492a848f625add0c766f" + dependencies: + hoek "2.x.x" + + boom@^4.0.0: + version "4.3.0" + resolved "https://registry.yarnpkg.com/boom/-/boom-4.3.0.tgz#1ed1b4b8cd6891b602910debe33e1d511531b847" + dependencies: + hoek "4.x.x" + + brace-expansion@^1.0.0: + version "1.1.6" + resolved "https://registry.yarnpkg.com/brace-expansion/-/brace-expansion-1.1.6.tgz#7197d7eaa9b87e648390ea61fc66c84427420df9" + dependencies: + balanced-match "^0.4.1" + concat-map "0.0.1" + + braces@^1.8.2: + version "1.8.5" + resolved "https://registry.yarnpkg.com/braces/-/braces-1.8.5.tgz#ba77962e12dff969d6b76711e914b737857bf6a7" + dependencies: + expand-range "^1.8.1" + preserve "^0.2.0" + repeat-element "^1.1.2" + + browser-stdout@1.3.0: + version "1.3.0" + resolved "https://registry.yarnpkg.com/browser-stdout/-/browser-stdout-1.3.0.tgz#f351d32969d32fa5d7a5567154263d928ae3bd1f" + + bson@~1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/bson/-/bson-1.0.1.tgz#3a5addb0f2ff88bc3436e708e4bdb8637602d72d" + + buffer-crc32@~0.2.3: + version "0.2.13" + resolved "https://registry.yarnpkg.com/buffer-crc32/-/buffer-crc32-0.2.13.tgz#0d333e3f00eac50aa1454abd30ef8c2a5d9a7242" + + buffer-equal-constant-time@1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/buffer-equal-constant-time/-/buffer-equal-constant-time-1.0.1.tgz#f8e71132f7ffe6e01a5c9697a4c6f3e48d5cc819" + + buffer-shims@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/buffer-shims/-/buffer-shims-1.0.0.tgz#9978ce317388c649ad8793028c3477ef044a8b51" + + buffer-to-vinyl@^1.0.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/buffer-to-vinyl/-/buffer-to-vinyl-1.1.0.tgz#00f15faee3ab7a1dda2cde6d9121bffdd07b2262" + dependencies: + file-type "^3.1.0" + readable-stream "^2.0.2" + uuid "^2.0.1" + vinyl "^1.0.0" + + builtin-modules@^1.0.0, builtin-modules@^1.1.1: + version "1.1.1" + resolved "https://registry.yarnpkg.com/builtin-modules/-/builtin-modules-1.1.1.tgz#270f076c5a72c02f5b65a47df94c5fe3a278892f" + + bytes@2.4.0: + version "2.4.0" + resolved "https://registry.yarnpkg.com/bytes/-/bytes-2.4.0.tgz#7d97196f9d5baf7f6935e25985549edd2a6c2339" + + caller-path@^0.1.0: + version "0.1.0" + resolved "https://registry.yarnpkg.com/caller-path/-/caller-path-0.1.0.tgz#94085ef63581ecd3daa92444a8fe94e82577751f" + dependencies: + callsites "^0.2.0" + + callsites@^0.2.0: + version "0.2.0" + resolved "https://registry.yarnpkg.com/callsites/-/callsites-0.2.0.tgz#afab96262910a7f33c19a5775825c69f34e350ca" + + camelcase-keys@^2.0.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/camelcase-keys/-/camelcase-keys-2.1.0.tgz#308beeaffdf28119051efa1d932213c91b8f92e7" + dependencies: + camelcase "^2.0.0" + map-obj "^1.0.0" + + camelcase@^2.0.0, camelcase@^2.0.1: + version "2.1.1" + resolved "https://registry.yarnpkg.com/camelcase/-/camelcase-2.1.1.tgz#7c1d16d679a1bbe59ca02cacecfb011e201f5a1f" + + caseless@~0.11.0: + version "0.11.0" + resolved "https://registry.yarnpkg.com/caseless/-/caseless-0.11.0.tgz#715b96ea9841593cc33067923f5ec60ebda4f7d7" + + chai@^3.5.0: + version "3.5.0" + resolved "https://registry.yarnpkg.com/chai/-/chai-3.5.0.tgz#4d02637b067fe958bdbfdd3a40ec56fef7373247" + dependencies: + assertion-error "^1.0.1" + deep-eql "^0.1.3" + type-detect "^1.0.0" + + chalk@1.1.1: + version "1.1.1" + resolved "https://registry.yarnpkg.com/chalk/-/chalk-1.1.1.tgz#509afb67066e7499f7eb3535c77445772ae2d019" + dependencies: + ansi-styles "^2.1.0" + escape-string-regexp "^1.0.2" + has-ansi "^2.0.0" + strip-ansi "^3.0.0" + supports-color "^2.0.0" + + chalk@^1.0.0, chalk@^1.1.0, chalk@^1.1.1, chalk@^1.1.3: + version "1.1.3" + resolved "https://registry.yarnpkg.com/chalk/-/chalk-1.1.3.tgz#a8115c55e4a702fe4d150abd3872822a7e09fc98" + dependencies: + ansi-styles "^2.2.1" + escape-string-regexp "^1.0.2" + has-ansi "^2.0.0" + strip-ansi "^3.0.0" + supports-color "^2.0.0" + + chokidar@^1.0.0, chokidar@^1.4.3: + version "1.6.1" + resolved "https://registry.yarnpkg.com/chokidar/-/chokidar-1.6.1.tgz#2f4447ab5e96e50fb3d789fd90d4c72e0e4c70c2" + dependencies: + anymatch "^1.3.0" + async-each "^1.0.0" + glob-parent "^2.0.0" + inherits "^2.0.1" + is-binary-path "^1.0.0" + is-glob "^2.0.0" + path-is-absolute "^1.0.0" + readdirp "^2.0.0" + optionalDependencies: + fsevents "^1.0.0" + + circular-json@^0.3.0: + version "0.3.1" + resolved "https://registry.yarnpkg.com/circular-json/-/circular-json-0.3.1.tgz#be8b36aefccde8b3ca7aa2d6afc07a37242c0d2d" + + cli-cursor@^1.0.1: + version "1.0.2" + resolved "https://registry.yarnpkg.com/cli-cursor/-/cli-cursor-1.0.2.tgz#64da3f7d56a54412e59794bd62dc35295e8f2987" + dependencies: + restore-cursor "^1.0.1" + + cli-width@^2.0.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/cli-width/-/cli-width-2.1.0.tgz#b234ca209b29ef66fc518d9b98d5847b00edf00a" + + cliui@^3.0.3: + version "3.2.0" + resolved "https://registry.yarnpkg.com/cliui/-/cliui-3.2.0.tgz#120601537a916d29940f934da3b48d585a39213d" + dependencies: + string-width "^1.0.1" + strip-ansi "^3.0.1" + wrap-ansi "^2.0.0" + + clone-stats@^0.0.1: + version "0.0.1" + resolved "https://registry.yarnpkg.com/clone-stats/-/clone-stats-0.0.1.tgz#b88f94a82cf38b8791d58046ea4029ad88ca99d1" + + clone@^0.2.0: + version "0.2.0" + resolved "https://registry.yarnpkg.com/clone/-/clone-0.2.0.tgz#c6126a90ad4f72dbf5acdb243cc37724fe93fc1f" + + clone@^1.0.0: + version "1.0.2" + resolved "https://registry.yarnpkg.com/clone/-/clone-1.0.2.tgz#260b7a99ebb1edfe247538175f783243cb19d149" + + co@^4.6.0: + version "4.6.0" + resolved "https://registry.yarnpkg.com/co/-/co-4.6.0.tgz#6ea6bdf3d853ae54ccb8e47bfa0bf3f9031fb184" + + code-point-at@^1.0.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/code-point-at/-/code-point-at-1.1.0.tgz#0d070b4d043a5bea33a2f1a40e2edb3d9a4ccf77" + + colors@1.0.x: + version "1.0.3" + resolved "https://registry.yarnpkg.com/colors/-/colors-1.0.3.tgz#0433f44d809680fdeb60ed260f1b0c262e82a40b" + + combined-stream@^1.0.5, combined-stream@~1.0.5: + version "1.0.5" + resolved "https://registry.yarnpkg.com/combined-stream/-/combined-stream-1.0.5.tgz#938370a57b4a51dea2c77c15d5c5fdf895164009" + dependencies: + delayed-stream "~1.0.0" + + commander@2.9.0, commander@^2.8.1, commander@^2.9.0: + version "2.9.0" + resolved "https://registry.yarnpkg.com/commander/-/commander-2.9.0.tgz#9c99094176e12240cb22d6c5146098400fe0f7d4" + dependencies: + graceful-readlink ">= 1.0.0" + + commander@~2.8.1: + version "2.8.1" + resolved "https://registry.yarnpkg.com/commander/-/commander-2.8.1.tgz#06be367febfda0c330aa1e2a072d3dc9762425d4" + dependencies: + graceful-readlink ">= 1.0.0" + + concat-map@0.0.1: + version "0.0.1" + resolved "https://registry.yarnpkg.com/concat-map/-/concat-map-0.0.1.tgz#d8a96bd77fd68df7793a73036a3ba0d5405d477b" + + concat-stream@^1.4.6, concat-stream@^1.4.7: + version "1.5.2" + resolved "https://registry.yarnpkg.com/concat-stream/-/concat-stream-1.5.2.tgz#708978624d856af41a5a741defdd261da752c266" + dependencies: + inherits "~2.0.1" + readable-stream "~2.0.0" + typedarray "~0.0.5" + + configstore@^1.0.0: + version "1.4.0" + resolved "https://registry.yarnpkg.com/configstore/-/configstore-1.4.0.tgz#c35781d0501d268c25c54b8b17f6240e8a4fb021" + dependencies: + graceful-fs "^4.1.2" + mkdirp "^0.5.0" + object-assign "^4.0.1" + os-tmpdir "^1.0.0" + osenv "^0.1.0" + uuid "^2.0.1" + write-file-atomic "^1.1.2" + xdg-basedir "^2.0.0" + + console-control-strings@^1.0.0, console-control-strings@~1.1.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/console-control-strings/-/console-control-strings-1.1.0.tgz#3d7cf4464db6446ea644bf4b39507f9851008e8e" + + contains-path@^0.1.0: + version "0.1.0" + resolved "https://registry.yarnpkg.com/contains-path/-/contains-path-0.1.0.tgz#fe8cf184ff6670b6baef01a9d4861a5cbec4120a" + + content-disposition@0.5.1: + version "0.5.1" + resolved "https://registry.yarnpkg.com/content-disposition/-/content-disposition-0.5.1.tgz#87476c6a67c8daa87e32e87616df883ba7fb071b" + + content-type@~1.0.2: + version "1.0.2" + resolved "https://registry.yarnpkg.com/content-type/-/content-type-1.0.2.tgz#b7d113aee7a8dd27bd21133c4dc2529df1721eed" + + convert-source-map@^1.1.0, convert-source-map@^1.1.1: + version "1.3.0" + resolved "https://registry.yarnpkg.com/convert-source-map/-/convert-source-map-1.3.0.tgz#e9f3e9c6e2728efc2676696a70eb382f73106a67" + + cookie-signature@1.0.6: + version "1.0.6" + resolved "https://registry.yarnpkg.com/cookie-signature/-/cookie-signature-1.0.6.tgz#e303a882b342cc3ee8ca513a79999734dab3ae2c" + + cookie@0.3.1: + version "0.3.1" + resolved "https://registry.yarnpkg.com/cookie/-/cookie-0.3.1.tgz#e7e0a1f9ef43b4c8ba925c5c5a96e806d16873bb" + + core-js@^2.4.0: + version "2.4.1" + resolved "https://registry.yarnpkg.com/core-js/-/core-js-2.4.1.tgz#4de911e667b0eae9124e34254b53aea6fc618d3e" + + core-util-is@~1.0.0: + version "1.0.2" + resolved "https://registry.yarnpkg.com/core-util-is/-/core-util-is-1.0.2.tgz#b5fd54220aa2bc5ab57aab7140c940754503c1a7" + + cors: + version "2.8.1" + resolved "https://registry.yarnpkg.com/cors/-/cors-2.8.1.tgz#6181aa56abb45a2825be3304703747ae4e9d2383" + dependencies: + vary "^1" + + crc@3.4.0: + version "3.4.0" + resolved "https://registry.yarnpkg.com/crc/-/crc-3.4.0.tgz#4258e351613a74ef1153dfcb05e820c3e9715d7f" + + cryptiles@2.x.x: + version "2.0.5" + resolved "https://registry.yarnpkg.com/cryptiles/-/cryptiles-2.0.5.tgz#3bdfecdc608147c1c67202fa291e7dca59eaa3b8" + dependencies: + boom "2.x.x" + + currently-unhandled@^0.4.1: + version "0.4.1" + resolved "https://registry.yarnpkg.com/currently-unhandled/-/currently-unhandled-0.4.1.tgz#988df33feab191ef799a61369dd76c17adf957ea" + dependencies: + array-find-index "^1.0.1" + + cycle@1.0.x: + version "1.0.3" + resolved "https://registry.yarnpkg.com/cycle/-/cycle-1.0.3.tgz#21e80b2be8580f98b468f379430662b046c34ad2" + + d@^0.1.1, d@~0.1.1: + version "0.1.1" + resolved "https://registry.yarnpkg.com/d/-/d-0.1.1.tgz#da184c535d18d8ee7ba2aa229b914009fae11309" + dependencies: + es5-ext "~0.10.2" + + damerau-levenshtein@^1.0.0: + version "1.0.3" + resolved "https://registry.yarnpkg.com/damerau-levenshtein/-/damerau-levenshtein-1.0.3.tgz#ae4f4ce0b62acae10ff63a01bb08f652f5213af2" + + dashdash@^1.12.0: + version "1.14.1" + resolved "https://registry.yarnpkg.com/dashdash/-/dashdash-1.14.1.tgz#853cfa0f7cbe2fed5de20326b8dd581035f6e2f0" + dependencies: + assert-plus "^1.0.0" + + dataloader@^1.2.0: + version "1.2.0" + resolved "https://registry.yarnpkg.com/dataloader/-/dataloader-1.2.0.tgz#3f73ea657c492c860c1633348adc55ca9bf2107e" + + debug@2, debug@2.6.8, debug@^2.1.1, debug@^2.2.0: + version "2.6.8" + resolved "https://registry.yarnpkg.com/debug/-/debug-2.6.8.tgz#e731531ca2ede27d188222427da17821d68ff4fc" + dependencies: + ms "2.0.0" + + debug@2.2.0, debug@~2.2.0: + version "2.2.0" + resolved "https://registry.yarnpkg.com/debug/-/debug-2.2.0.tgz#f87057e995b1a1f6ae6a4960664137bc56f039da" + dependencies: + ms "0.7.1" + + decamelize@^1.1.1, decamelize@^1.1.2: + version "1.2.0" + resolved "https://registry.yarnpkg.com/decamelize/-/decamelize-1.2.0.tgz#f6534d15148269b20352e7bee26f501f9a191290" + + decompress-tar@^3.0.0: + version "3.1.0" + resolved "https://registry.yarnpkg.com/decompress-tar/-/decompress-tar-3.1.0.tgz#217c789f9b94450efaadc5c5e537978fc333c466" + dependencies: + is-tar "^1.0.0" + object-assign "^2.0.0" + strip-dirs "^1.0.0" + tar-stream "^1.1.1" + through2 "^0.6.1" + vinyl "^0.4.3" + + decompress-tarbz2@^3.0.0: + version "3.1.0" + resolved "https://registry.yarnpkg.com/decompress-tarbz2/-/decompress-tarbz2-3.1.0.tgz#8b23935681355f9f189d87256a0f8bdd96d9666d" + dependencies: + is-bzip2 "^1.0.0" + object-assign "^2.0.0" + seek-bzip "^1.0.3" + strip-dirs "^1.0.0" + tar-stream "^1.1.1" + through2 "^0.6.1" + vinyl "^0.4.3" + + decompress-targz@^3.0.0: + version "3.1.0" + resolved "https://registry.yarnpkg.com/decompress-targz/-/decompress-targz-3.1.0.tgz#b2c13df98166268991b715d6447f642e9696f5a0" + dependencies: + is-gzip "^1.0.0" + object-assign "^2.0.0" + strip-dirs "^1.0.0" + tar-stream "^1.1.1" + through2 "^0.6.1" + vinyl "^0.4.3" + + decompress-unzip@^3.0.0: + version "3.4.0" + resolved "https://registry.yarnpkg.com/decompress-unzip/-/decompress-unzip-3.4.0.tgz#61475b4152066bbe3fee12f9d629d15fe6478eeb" + dependencies: + is-zip "^1.0.0" + read-all-stream "^3.0.0" + stat-mode "^0.2.0" + strip-dirs "^1.0.0" + through2 "^2.0.0" + vinyl "^1.0.0" + yauzl "^2.2.1" + + decompress@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/decompress/-/decompress-3.0.0.tgz#af1dd50d06e3bfc432461d37de11b38c0d991bed" + dependencies: + buffer-to-vinyl "^1.0.0" + concat-stream "^1.4.6" + decompress-tar "^3.0.0" + decompress-tarbz2 "^3.0.0" + decompress-targz "^3.0.0" + decompress-unzip "^3.0.0" + stream-combiner2 "^1.1.1" + vinyl-assign "^1.0.1" + vinyl-fs "^2.2.0" + + deep-eql@^0.1.3: + version "0.1.3" + resolved "https://registry.yarnpkg.com/deep-eql/-/deep-eql-0.1.3.tgz#ef558acab8de25206cd713906d74e56930eb69f2" + dependencies: + type-detect "0.1.1" + + deep-extend@~0.4.0: + version "0.4.1" + resolved "https://registry.yarnpkg.com/deep-extend/-/deep-extend-0.4.1.tgz#efe4113d08085f4e6f9687759810f807469e2253" + + deep-is@~0.1.3: + version "0.1.3" + resolved "https://registry.yarnpkg.com/deep-is/-/deep-is-0.1.3.tgz#b369d6fb5dbc13eecf524f91b070feedc357cf34" + + del@^2.0.2: + version "2.2.2" + resolved "https://registry.yarnpkg.com/del/-/del-2.2.2.tgz#c12c981d067846c84bcaf862cff930d907ffd1a8" + dependencies: + globby "^5.0.0" + is-path-cwd "^1.0.0" + is-path-in-cwd "^1.0.0" + object-assign "^4.0.1" + pify "^2.0.0" + pinkie-promise "^2.0.0" + rimraf "^2.2.8" + + delayed-stream@~1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/delayed-stream/-/delayed-stream-1.0.0.tgz#df3ae199acadfb7d440aaae0b29e2272b24ec619" + + delegates@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/delegates/-/delegates-1.0.0.tgz#84c6e159b81904fdca59a0ef44cd870d31250f9a" + + denodeify@^1.2.1: + version "1.2.1" + resolved "https://registry.yarnpkg.com/denodeify/-/denodeify-1.2.1.tgz#3a36287f5034e699e7577901052c2e6c94251631" + + depd@~1.1.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/depd/-/depd-1.1.0.tgz#e1bd82c6aab6ced965b97b88b17ed3e528ca18c3" + + deprecated-decorator@^0.1.6: + version "0.1.6" + resolved "https://registry.yarnpkg.com/deprecated-decorator/-/deprecated-decorator-0.1.6.tgz#00966317b7a12fe92f3cc831f7583af329b86c37" + + destroy@~1.0.4: + version "1.0.4" + resolved "https://registry.yarnpkg.com/destroy/-/destroy-1.0.4.tgz#978857442c44749e4206613e37946205826abd80" + + detect-indent@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/detect-indent/-/detect-indent-4.0.0.tgz#f76d064352cdf43a1cb6ce619c4ee3a9475de208" + dependencies: + repeating "^2.0.0" + + diff@1.4.0: + version "1.4.0" + resolved "https://registry.yarnpkg.com/diff/-/diff-1.4.0.tgz#7f28d2eb9ee7b15a97efd89ce63dcfdaa3ccbabf" + + doctrine@1.3.x: + version "1.3.0" + resolved "https://registry.yarnpkg.com/doctrine/-/doctrine-1.3.0.tgz#13e75682b55518424276f7c173783456ef913d26" + dependencies: + esutils "^2.0.2" + isarray "^1.0.0" + + doctrine@^1.2.2: + version "1.5.0" + resolved "https://registry.yarnpkg.com/doctrine/-/doctrine-1.5.0.tgz#379dce730f6166f76cefa4e6707a159b02c5a6fa" + dependencies: + esutils "^2.0.2" + isarray "^1.0.0" + + dotenv@2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/dotenv/-/dotenv-2.0.0.tgz#bd759c357aaa70365e01c96b7b0bec08a6e0d949" + + duplexer2@~0.1.0: + version "0.1.4" + resolved "https://registry.yarnpkg.com/duplexer2/-/duplexer2-0.1.4.tgz#8b12dab878c0d69e3e7891051662a32fc6bddcc1" + dependencies: + readable-stream "^2.0.2" + + duplexer@~0.1.1: + version "0.1.1" + resolved "https://registry.yarnpkg.com/duplexer/-/duplexer-0.1.1.tgz#ace6ff808c1ce66b57d1ebf97977acb02334cfc1" + + duplexify@^3.2.0: + version "3.5.0" + resolved "https://registry.yarnpkg.com/duplexify/-/duplexify-3.5.0.tgz#1aa773002e1578457e9d9d4a50b0ccaaebcbd604" + dependencies: + end-of-stream "1.0.0" + inherits "^2.0.1" + readable-stream "^2.0.0" + stream-shift "^1.0.0" + + ecc-jsbn@~0.1.1: + version "0.1.1" + resolved "https://registry.yarnpkg.com/ecc-jsbn/-/ecc-jsbn-0.1.1.tgz#0fc73a9ed5f0d53c38193398523ef7e543777505" + dependencies: + jsbn "~0.1.0" + + ecdsa-sig-formatter@1.0.9: + version "1.0.9" + resolved "https://registry.yarnpkg.com/ecdsa-sig-formatter/-/ecdsa-sig-formatter-1.0.9.tgz#4bc926274ec3b5abb5016e7e1d60921ac262b2a1" + dependencies: + base64url "^2.0.0" + safe-buffer "^5.0.1" + + ee-first@1.1.1: + version "1.1.1" + resolved "https://registry.yarnpkg.com/ee-first/-/ee-first-1.1.1.tgz#590c61156b0ae2f4f0255732a158b266bc56b21d" + + encodeurl@~1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/encodeurl/-/encodeurl-1.0.1.tgz#79e3d58655346909fe6f0f45a5de68103b294d20" + + encoding@^0.1.11: + version "0.1.12" + resolved "https://registry.yarnpkg.com/encoding/-/encoding-0.1.12.tgz#538b66f3ee62cd1ab51ec323829d1f9480c74beb" + dependencies: + iconv-lite "~0.4.13" + + end-of-stream@1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/end-of-stream/-/end-of-stream-1.0.0.tgz#d4596e702734a93e40e9af864319eabd99ff2f0e" + dependencies: + once "~1.3.0" + + end-of-stream@^1.0.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/end-of-stream/-/end-of-stream-1.1.0.tgz#e9353258baa9108965efc41cb0ef8ade2f3cfb07" + dependencies: + once "~1.3.0" + + error-ex@^1.2.0: + version "1.3.0" + resolved "https://registry.yarnpkg.com/error-ex/-/error-ex-1.3.0.tgz#e67b43f3e82c96ea3a584ffee0b9fc3325d802d9" + dependencies: + is-arrayish "^0.2.1" + + es5-ext@^0.10.7, es5-ext@^0.10.8, es5-ext@~0.10.11, es5-ext@~0.10.2, es5-ext@~0.10.7: + version "0.10.12" + resolved "https://registry.yarnpkg.com/es5-ext/-/es5-ext-0.10.12.tgz#aa84641d4db76b62abba5e45fd805ecbab140047" + dependencies: + es6-iterator "2" + es6-symbol "~3.1" + + es6-iterator@2: + version "2.0.0" + resolved "https://registry.yarnpkg.com/es6-iterator/-/es6-iterator-2.0.0.tgz#bd968567d61635e33c0b80727613c9cb4b096bac" + dependencies: + d "^0.1.1" + es5-ext "^0.10.7" + es6-symbol "3" + + es6-map@^0.1.3: + version "0.1.4" + resolved "https://registry.yarnpkg.com/es6-map/-/es6-map-0.1.4.tgz#a34b147be224773a4d7da8072794cefa3632b897" + dependencies: + d "~0.1.1" + es5-ext "~0.10.11" + es6-iterator "2" + es6-set "~0.1.3" + es6-symbol "~3.1.0" + event-emitter "~0.3.4" + + es6-promise@3.2.1: + version "3.2.1" + resolved "https://registry.yarnpkg.com/es6-promise/-/es6-promise-3.2.1.tgz#ec56233868032909207170c39448e24449dd1fc4" + + es6-promise@^3.0.2, es6-promise@^3.2.1: + version "3.3.1" + resolved "https://registry.yarnpkg.com/es6-promise/-/es6-promise-3.3.1.tgz#a08cdde84ccdbf34d027a1451bc91d4bcd28a613" + + es6-set@~0.1.3: + version "0.1.4" + resolved "https://registry.yarnpkg.com/es6-set/-/es6-set-0.1.4.tgz#9516b6761c2964b92ff479456233a247dc707ce8" + dependencies: + d "~0.1.1" + es5-ext "~0.10.11" + es6-iterator "2" + es6-symbol "3" + event-emitter "~0.3.4" + + es6-symbol@3, es6-symbol@~3.1, es6-symbol@~3.1.0: + version "3.1.0" + resolved "https://registry.yarnpkg.com/es6-symbol/-/es6-symbol-3.1.0.tgz#94481c655e7a7cad82eba832d97d5433496d7ffa" + dependencies: + d "~0.1.1" + es5-ext "~0.10.11" + + es6-weak-map@^2.0.1: + version "2.0.1" + resolved "https://registry.yarnpkg.com/es6-weak-map/-/es6-weak-map-2.0.1.tgz#0d2bbd8827eb5fb4ba8f97fbfea50d43db21ea81" + dependencies: + d "^0.1.1" + es5-ext "^0.10.8" + es6-iterator "2" + es6-symbol "3" + + escape-html@~1.0.3: + version "1.0.3" + resolved "https://registry.yarnpkg.com/escape-html/-/escape-html-1.0.3.tgz#0258eae4d3d0c0974de1c169188ef0051d1d1988" + + escape-string-regexp@1.0.5, escape-string-regexp@^1.0.2, escape-string-regexp@^1.0.5: + version "1.0.5" + resolved "https://registry.yarnpkg.com/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz#1b61c0562190a8dff6ae3bb2cf0200ca130b86d4" + + escope@^3.6.0: + version "3.6.0" + resolved "https://registry.yarnpkg.com/escope/-/escope-3.6.0.tgz#e01975e812781a163a6dadfdd80398dc64c889c3" + dependencies: + es6-map "^0.1.3" + es6-weak-map "^2.0.1" + esrecurse "^4.1.0" + estraverse "^4.1.1" + + eslint-config-react-app@^0.4.0: + version "0.4.0" + resolved "https://registry.yarnpkg.com/eslint-config-react-app/-/eslint-config-react-app-0.4.0.tgz#7f87bfd2a35ed7aa17860b6b002b4197fea385d0" + + eslint-import-resolver-node@^0.2.0: + version "0.2.3" + resolved "https://registry.yarnpkg.com/eslint-import-resolver-node/-/eslint-import-resolver-node-0.2.3.tgz#5add8106e8c928db2cba232bcd9efa846e3da16c" + dependencies: + debug "^2.2.0" + object-assign "^4.0.1" + resolve "^1.1.6" + + eslint-module-utils@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/eslint-module-utils/-/eslint-module-utils-1.0.0.tgz#c4a57fd3a53efd8426cc2d5550aadab9bbd05fd0" + dependencies: + debug "2.2.0" + pkg-dir "^1.0.0" + + eslint-plugin-babel@3.3.0: + version "3.3.0" + resolved "https://registry.yarnpkg.com/eslint-plugin-babel/-/eslint-plugin-babel-3.3.0.tgz#2f494aedcf6f4aa4e75b9155980837bc1fbde193" + + eslint-plugin-flowtype@2.21.0: + version "2.21.0" + resolved "https://registry.yarnpkg.com/eslint-plugin-flowtype/-/eslint-plugin-flowtype-2.21.0.tgz#a47e85abcdd181d37a336054bd552149ae387d9c" + dependencies: + lodash "^4.15.0" + + eslint-plugin-import@2.0.1: + version "2.0.1" + resolved "https://registry.yarnpkg.com/eslint-plugin-import/-/eslint-plugin-import-2.0.1.tgz#dcfe96357d476b3f822570d42c29bec66f5d9c5c" + dependencies: + builtin-modules "^1.1.1" + contains-path "^0.1.0" + debug "^2.2.0" + doctrine "1.3.x" + eslint-import-resolver-node "^0.2.0" + eslint-module-utils "^1.0.0" + has "^1.0.1" + lodash.cond "^4.3.0" + minimatch "^3.0.3" + pkg-up "^1.0.0" + + eslint-plugin-jsx-a11y@2.2.3: + version "2.2.3" + resolved "https://registry.yarnpkg.com/eslint-plugin-jsx-a11y/-/eslint-plugin-jsx-a11y-2.2.3.tgz#4e35cb71b8a7db702ac415c806eb8e8d9ea6c65d" + dependencies: + damerau-levenshtein "^1.0.0" + jsx-ast-utils "^1.0.0" + object-assign "^4.0.1" + + eslint-plugin-react@6.4.1: + version "6.4.1" + resolved "https://registry.yarnpkg.com/eslint-plugin-react/-/eslint-plugin-react-6.4.1.tgz#7d1aade747db15892f71eee1fea4addf97bcfa2b" + dependencies: + doctrine "^1.2.2" + jsx-ast-utils "^1.3.1" + + eslint@3.8.1: + version "3.8.1" + resolved "https://registry.yarnpkg.com/eslint/-/eslint-3.8.1.tgz#7d02db44cd5aaf4fa7aa489e1f083baa454342ba" + dependencies: + chalk "^1.1.3" + concat-stream "^1.4.6" + debug "^2.1.1" + doctrine "^1.2.2" + escope "^3.6.0" + espree "^3.3.1" + estraverse "^4.2.0" + esutils "^2.0.2" + file-entry-cache "^2.0.0" + glob "^7.0.3" + globals "^9.2.0" + ignore "^3.1.5" + imurmurhash "^0.1.4" + inquirer "^0.12.0" + is-my-json-valid "^2.10.0" + is-resolvable "^1.0.0" + js-yaml "^3.5.1" + json-stable-stringify "^1.0.0" + levn "^0.3.0" + lodash "^4.0.0" + mkdirp "^0.5.0" + natural-compare "^1.4.0" + optionator "^0.8.2" + path-is-inside "^1.0.1" + pluralize "^1.2.1" + progress "^1.1.8" + require-uncached "^1.0.2" + shelljs "^0.6.0" + strip-bom "^3.0.0" + strip-json-comments "~1.0.1" + table "^3.7.8" + text-table "~0.2.0" + user-home "^2.0.0" + + espree@^3.3.1: + version "3.3.2" + resolved "https://registry.yarnpkg.com/espree/-/espree-3.3.2.tgz#dbf3fadeb4ecb4d4778303e50103b3d36c88b89c" + dependencies: + acorn "^4.0.1" + acorn-jsx "^3.0.0" + + esprima@^2.6.0: + version "2.7.3" + resolved "https://registry.yarnpkg.com/esprima/-/esprima-2.7.3.tgz#96e3b70d5779f6ad49cd032673d1c312767ba581" + + esrecurse@^4.1.0: + version "4.1.0" + resolved "https://registry.yarnpkg.com/esrecurse/-/esrecurse-4.1.0.tgz#4713b6536adf7f2ac4f327d559e7756bff648220" + dependencies: + estraverse "~4.1.0" + object-assign "^4.0.1" + + estraverse@^4.1.1, estraverse@^4.2.0: + version "4.2.0" + resolved "https://registry.yarnpkg.com/estraverse/-/estraverse-4.2.0.tgz#0dee3fed31fcd469618ce7342099fc1afa0bdb13" + + estraverse@~4.1.0: + version "4.1.1" + resolved "https://registry.yarnpkg.com/estraverse/-/estraverse-4.1.1.tgz#f6caca728933a850ef90661d0e17982ba47111a2" + + esutils@^2.0.0, esutils@^2.0.2: + version "2.0.2" + resolved "https://registry.yarnpkg.com/esutils/-/esutils-2.0.2.tgz#0abf4f1caa5bcb1f7a9d8acc6dea4faaa04bac9b" + + etag@~1.7.0: + version "1.7.0" + resolved "https://registry.yarnpkg.com/etag/-/etag-1.7.0.tgz#03d30b5f67dd6e632d2945d30d6652731a34d5d8" + + event-emitter@~0.3.4: + version "0.3.4" + resolved "https://registry.yarnpkg.com/event-emitter/-/event-emitter-0.3.4.tgz#8d63ddfb4cfe1fae3b32ca265c4c720222080bb5" + dependencies: + d "~0.1.1" + es5-ext "~0.10.7" + + event-stream@~3.3.0: + version "3.3.4" + resolved "https://registry.yarnpkg.com/event-stream/-/event-stream-3.3.4.tgz#4ab4c9a0f5a54db9338b4c34d86bfce8f4b35571" + dependencies: + duplexer "~0.1.1" + from "~0" + map-stream "~0.1.0" + pause-stream "0.0.11" + split "0.3" + stream-combiner "~0.0.4" + through "~2.3.1" + + exit-hook@^1.0.0: + version "1.1.1" + resolved "https://registry.yarnpkg.com/exit-hook/-/exit-hook-1.1.1.tgz#f05ca233b48c05d54fff07765df8507e95c02ff8" + + expand-brackets@^0.1.4: + version "0.1.5" + resolved "https://registry.yarnpkg.com/expand-brackets/-/expand-brackets-0.1.5.tgz#df07284e342a807cd733ac5af72411e581d1177b" + dependencies: + is-posix-bracket "^0.1.0" + + expand-range@^1.8.1: + version "1.8.2" + resolved "https://registry.yarnpkg.com/expand-range/-/expand-range-1.8.2.tgz#a299effd335fe2721ebae8e257ec79644fc85337" + dependencies: + fill-range "^2.1.0" + + express-session@1.14.1: + version "1.14.1" + resolved "https://registry.yarnpkg.com/express-session/-/express-session-1.14.1.tgz#600364f0f6bf5dce32649e006770bdeee80aec99" + dependencies: + cookie "0.3.1" + cookie-signature "1.0.6" + crc "3.4.0" + debug "~2.2.0" + depd "~1.1.0" + on-headers "~1.0.1" + parseurl "~1.3.1" + uid-safe "~2.1.2" + utils-merge "1.0.0" + + express@4.14.0: + version "4.14.0" + resolved "https://registry.yarnpkg.com/express/-/express-4.14.0.tgz#c1ee3f42cdc891fb3dc650a8922d51ec847d0d66" + dependencies: + accepts "~1.3.3" + array-flatten "1.1.1" + content-disposition "0.5.1" + content-type "~1.0.2" + cookie "0.3.1" + cookie-signature "1.0.6" + debug "~2.2.0" + depd "~1.1.0" + encodeurl "~1.0.1" + escape-html "~1.0.3" + etag "~1.7.0" + finalhandler "0.5.0" + fresh "0.3.0" + merge-descriptors "1.0.1" + methods "~1.1.2" + on-finished "~2.3.0" + parseurl "~1.3.1" + path-to-regexp "0.1.7" + proxy-addr "~1.1.2" + qs "6.2.0" + range-parser "~1.2.0" + send "0.14.1" + serve-static "~1.11.1" + type-is "~1.6.13" + utils-merge "1.0.0" + vary "~1.1.0" + + extend-shallow@^2.0.1: + version "2.0.1" + resolved "https://registry.yarnpkg.com/extend-shallow/-/extend-shallow-2.0.1.tgz#51af7d614ad9a9f610ea1bafbb989d6b1c56890f" + dependencies: + is-extendable "^0.1.0" + + extend@3, extend@^3.0.0, extend@~3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/extend/-/extend-3.0.0.tgz#5a474353b9f3353ddd8176dfd37b91c83a46f1d4" + + extglob@^0.3.1: + version "0.3.2" + resolved "https://registry.yarnpkg.com/extglob/-/extglob-0.3.2.tgz#2e18ff3d2f49ab2765cec9023f011daa8d8349a1" + dependencies: + is-extglob "^1.0.0" + + extsprintf@1.0.2: + version "1.0.2" + resolved "https://registry.yarnpkg.com/extsprintf/-/extsprintf-1.0.2.tgz#e1080e0658e300b06294990cc70e1502235fd550" + + eyes@0.1.x: + version "0.1.8" + resolved "https://registry.yarnpkg.com/eyes/-/eyes-0.1.8.tgz#62cf120234c683785d902348a800ef3e0cc20bc0" + + fast-levenshtein@~2.0.4: + version "2.0.5" + resolved "https://registry.yarnpkg.com/fast-levenshtein/-/fast-levenshtein-2.0.5.tgz#bd33145744519ab1c36c3ee9f31f08e9079b67f2" + + fd-slicer@~1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/fd-slicer/-/fd-slicer-1.0.1.tgz#8b5bcbd9ec327c5041bf9ab023fd6750f1177e65" + dependencies: + pend "~1.2.0" + + figures@^1.3.5: + version "1.7.0" + resolved "https://registry.yarnpkg.com/figures/-/figures-1.7.0.tgz#cbe1e3affcf1cd44b80cadfed28dc793a9701d2e" + dependencies: + escape-string-regexp "^1.0.5" + object-assign "^4.1.0" + + file-entry-cache@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/file-entry-cache/-/file-entry-cache-2.0.0.tgz#c392990c3e684783d838b8c84a45d8a048458361" + dependencies: + flat-cache "^1.2.1" + object-assign "^4.0.1" + + file-type@^3.1.0: + version "3.9.0" + resolved "https://registry.yarnpkg.com/file-type/-/file-type-3.9.0.tgz#257a078384d1db8087bc449d107d52a52672b9e9" + + filename-regex@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/filename-regex/-/filename-regex-2.0.0.tgz#996e3e80479b98b9897f15a8a58b3d084e926775" + + fill-range@^2.1.0: + version "2.2.3" + resolved "https://registry.yarnpkg.com/fill-range/-/fill-range-2.2.3.tgz#50b77dfd7e469bc7492470963699fe7a8485a723" + dependencies: + is-number "^2.1.0" + isobject "^2.0.0" + randomatic "^1.1.3" + repeat-element "^1.1.2" + repeat-string "^1.5.2" + + finalhandler@0.5.0: + version "0.5.0" + resolved "https://registry.yarnpkg.com/finalhandler/-/finalhandler-0.5.0.tgz#e9508abece9b6dba871a6942a1d7911b91911ac7" + dependencies: + debug "~2.2.0" + escape-html "~1.0.3" + on-finished "~2.3.0" + statuses "~1.3.0" + unpipe "~1.0.0" + + find-up@^1.0.0: + version "1.1.2" + resolved "https://registry.yarnpkg.com/find-up/-/find-up-1.1.2.tgz#6b2e9822b1a2ce0a60ab64d610eccad53cb24d0f" + dependencies: + path-exists "^2.0.0" + pinkie-promise "^2.0.0" + + find-versions@^1.0.0: + version "1.2.1" + resolved "https://registry.yarnpkg.com/find-versions/-/find-versions-1.2.1.tgz#cbde9f12e38575a0af1be1b9a2c5d5fd8f186b62" + dependencies: + array-uniq "^1.0.0" + get-stdin "^4.0.1" + meow "^3.5.0" + semver-regex "^1.0.0" + + first-chunk-stream@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/first-chunk-stream/-/first-chunk-stream-1.0.0.tgz#59bfb50cd905f60d7c394cd3d9acaab4e6ad934e" + + flat-cache@^1.2.1: + version "1.2.1" + resolved "https://registry.yarnpkg.com/flat-cache/-/flat-cache-1.2.1.tgz#6c837d6225a7de5659323740b36d5361f71691ff" + dependencies: + circular-json "^0.3.0" + del "^2.0.2" + graceful-fs "^4.1.2" + write "^0.2.1" + + for-in@^0.1.5: + version "0.1.6" + resolved "https://registry.yarnpkg.com/for-in/-/for-in-0.1.6.tgz#c9f96e89bfad18a545af5ec3ed352a1d9e5b4dc8" + + for-own@^0.1.4: + version "0.1.4" + resolved "https://registry.yarnpkg.com/for-own/-/for-own-0.1.4.tgz#0149b41a39088c7515f51ebe1c1386d45f935072" + dependencies: + for-in "^0.1.5" + + forever-agent@~0.6.1: + version "0.6.1" + resolved "https://registry.yarnpkg.com/forever-agent/-/forever-agent-0.6.1.tgz#fbc71f0c41adeb37f96c577ad1ed42d8fdacca91" + + form-data@~2.1.1: + version "2.1.2" + resolved "https://registry.yarnpkg.com/form-data/-/form-data-2.1.2.tgz#89c3534008b97eada4cbb157d58f6f5df025eae4" + dependencies: + asynckit "^0.4.0" + combined-stream "^1.0.5" + mime-types "^2.1.12" + + forwarded@~0.1.0: + version "0.1.0" + resolved "https://registry.yarnpkg.com/forwarded/-/forwarded-0.1.0.tgz#19ef9874c4ae1c297bcf078fde63a09b66a84363" + + fresh@0.3.0: + version "0.3.0" + resolved "https://registry.yarnpkg.com/fresh/-/fresh-0.3.0.tgz#651f838e22424e7566de161d8358caa199f83d4f" + + from@~0: + version "0.1.3" + resolved "https://registry.yarnpkg.com/from/-/from-0.1.3.tgz#ef63ac2062ac32acf7862e0d40b44b896f22f3bc" + + fs-readdir-recursive@^0.1.0: + version "0.1.2" + resolved "https://registry.yarnpkg.com/fs-readdir-recursive/-/fs-readdir-recursive-0.1.2.tgz#315b4fb8c1ca5b8c47defef319d073dad3568059" + + fs.realpath@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/fs.realpath/-/fs.realpath-1.0.0.tgz#1504ad2523158caa40db4a2787cb01411994ea4f" + + fsevents@^1.0.0: + version "1.0.15" + resolved "https://registry.yarnpkg.com/fsevents/-/fsevents-1.0.15.tgz#fa63f590f3c2ad91275e4972a6cea545fb0aae44" + dependencies: + nan "^2.3.0" + node-pre-gyp "^0.6.29" + + fstream-ignore@~1.0.5: + version "1.0.5" + resolved "https://registry.yarnpkg.com/fstream-ignore/-/fstream-ignore-1.0.5.tgz#9c31dae34767018fe1d249b24dada67d092da105" + dependencies: + fstream "^1.0.0" + inherits "2" + minimatch "^3.0.0" + + fstream@^1.0.0, fstream@^1.0.2, fstream@~1.0.10: + version "1.0.10" + resolved "https://registry.yarnpkg.com/fstream/-/fstream-1.0.10.tgz#604e8a92fe26ffd9f6fae30399d4984e1ab22822" + dependencies: + graceful-fs "^4.1.2" + inherits "~2.0.0" + mkdirp ">=0.5 0" + rimraf "2" + + function-bind@^1.0.2: + version "1.1.0" + resolved "https://registry.yarnpkg.com/function-bind/-/function-bind-1.1.0.tgz#16176714c801798e4e8f2cf7f7529467bb4a5771" + + gauge@~2.7.1: + version "2.7.2" + resolved "https://registry.yarnpkg.com/gauge/-/gauge-2.7.2.tgz#15cecc31b02d05345a5d6b0e171cdb3ad2307774" + dependencies: + aproba "^1.0.3" + console-control-strings "^1.0.0" + has-unicode "^2.0.0" + object-assign "^4.1.0" + signal-exit "^3.0.0" + string-width "^1.0.1" + strip-ansi "^3.0.1" + supports-color "^0.2.0" + wide-align "^1.1.0" + + generate-function@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/generate-function/-/generate-function-2.0.0.tgz#6858fe7c0969b7d4e9093337647ac79f60dfbe74" + + generate-object-property@^1.1.0: + version "1.2.0" + resolved "https://registry.yarnpkg.com/generate-object-property/-/generate-object-property-1.2.0.tgz#9c0e1c40308ce804f4783618b937fa88f99d50d0" + dependencies: + is-property "^1.0.0" + + get-stdin@^4.0.1: + version "4.0.1" + resolved "https://registry.yarnpkg.com/get-stdin/-/get-stdin-4.0.1.tgz#b968c6b0a04384324902e8bf1a5df32579a450fe" + + getos@^2.7.0: + version "2.8.2" + resolved "https://registry.yarnpkg.com/getos/-/getos-2.8.2.tgz#365e7e3b2cf74cb85ebb6d1d8c76633580cee534" + dependencies: + async "2.0.1" + + getpass@^0.1.1: + version "0.1.6" + resolved "https://registry.yarnpkg.com/getpass/-/getpass-0.1.6.tgz#283ffd9fc1256840875311c1b60e8c40187110e6" + dependencies: + assert-plus "^1.0.0" + + glob-base@^0.3.0: + version "0.3.0" + resolved "https://registry.yarnpkg.com/glob-base/-/glob-base-0.3.0.tgz#dbb164f6221b1c0b1ccf82aea328b497df0ea3c4" + dependencies: + glob-parent "^2.0.0" + is-glob "^2.0.0" + + glob-parent@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/glob-parent/-/glob-parent-2.0.0.tgz#81383d72db054fcccf5336daa902f182f6edbb28" + dependencies: + is-glob "^2.0.0" + + glob-parent@^3.0.0: + version "3.0.1" + resolved "https://registry.yarnpkg.com/glob-parent/-/glob-parent-3.0.1.tgz#60021327cc963ddc3b5f085764f500479ecd82ff" + dependencies: + is-glob "^3.1.0" + path-dirname "^1.0.0" + + glob-stream@^5.3.2: + version "5.3.5" + resolved "https://registry.yarnpkg.com/glob-stream/-/glob-stream-5.3.5.tgz#a55665a9a8ccdc41915a87c701e32d4e016fad22" + dependencies: + extend "^3.0.0" + glob "^5.0.3" + glob-parent "^3.0.0" + micromatch "^2.3.7" + ordered-read-streams "^0.3.0" + through2 "^0.6.0" + to-absolute-glob "^0.1.1" + unique-stream "^2.0.2" + + glob@7.0.5: + version "7.0.5" + resolved "https://registry.yarnpkg.com/glob/-/glob-7.0.5.tgz#b4202a69099bbb4d292a7c1b95b6682b67ebdc95" + dependencies: + fs.realpath "^1.0.0" + inflight "^1.0.4" + inherits "2" + minimatch "^3.0.2" + once "^1.3.0" + path-is-absolute "^1.0.0" + + glob@^5.0.3, glob@^5.0.5: + version "5.0.15" + resolved "https://registry.yarnpkg.com/glob/-/glob-5.0.15.tgz#1bc936b9e02f4a603fcc222ecf7633d30b8b93b1" + dependencies: + inflight "^1.0.4" + inherits "2" + minimatch "2 || 3" + once "^1.3.0" + path-is-absolute "^1.0.0" + + glob@^7.0.3, glob@^7.0.5: + version "7.1.1" + resolved "https://registry.yarnpkg.com/glob/-/glob-7.1.1.tgz#805211df04faaf1c63a3600306cdf5ade50b2ec8" + dependencies: + fs.realpath "^1.0.0" + inflight "^1.0.4" + inherits "2" + minimatch "^3.0.2" + once "^1.3.0" + path-is-absolute "^1.0.0" + + globals@^9.0.0, globals@^9.2.0: + version "9.14.0" + resolved "https://registry.yarnpkg.com/globals/-/globals-9.14.0.tgz#8859936af0038741263053b39d0e76ca241e4034" + + globby@^5.0.0: + version "5.0.0" + resolved "https://registry.yarnpkg.com/globby/-/globby-5.0.0.tgz#ebd84667ca0dbb330b99bcfc68eac2bc54370e0d" + dependencies: + array-union "^1.0.1" + arrify "^1.0.0" + glob "^7.0.3" + object-assign "^4.0.1" + pify "^2.0.0" + pinkie-promise "^2.0.0" + + got@^3.2.0: + version "3.3.1" + resolved "https://registry.yarnpkg.com/got/-/got-3.3.1.tgz#e5d0ed4af55fc3eef4d56007769d98192bcb2eca" + dependencies: + duplexify "^3.2.0" + infinity-agent "^2.0.0" + is-redirect "^1.0.0" + is-stream "^1.0.0" + lowercase-keys "^1.0.0" + nested-error-stacks "^1.0.0" + object-assign "^3.0.0" + prepend-http "^1.0.0" + read-all-stream "^3.0.0" + timed-out "^2.0.0" + + graceful-fs@^4.0.0, graceful-fs@^4.1.2, graceful-fs@^4.1.4: + version "4.1.11" + resolved "https://registry.yarnpkg.com/graceful-fs/-/graceful-fs-4.1.11.tgz#0e8bdfe4d1ddb8854d64e04ea7c00e2a026e5658" + + "graceful-readlink@>= 1.0.0": + version "1.0.1" + resolved "https://registry.yarnpkg.com/graceful-readlink/-/graceful-readlink-1.0.1.tgz#4cafad76bc62f02fa039b2f94e9a3dd3a391a725" + + graphql-server-core@^0.4.3: + version "0.4.3" + resolved "https://registry.yarnpkg.com/graphql-server-core/-/graphql-server-core-0.4.3.tgz#3198832ce8703388713f012da023b33a3823be98" + optionalDependencies: + typed-graphql "^1.0.2" + + graphql-server-express@^0.4.3: + version "0.4.3" + resolved "https://registry.yarnpkg.com/graphql-server-express/-/graphql-server-express-0.4.3.tgz#198674e6db4949c060b9959554d3dc4e9cc4ed9b" + dependencies: + graphql-server-core "^0.4.3" + graphql-server-module-graphiql "^0.4.3" + optionalDependencies: + "@types/express" "^4.0.33" + + graphql-server-module-graphiql@^0.4.3: + version "0.4.3" + resolved "https://registry.yarnpkg.com/graphql-server-module-graphiql/-/graphql-server-module-graphiql-0.4.3.tgz#f82b92b99bb1e1b4b285c86bf6fcfa60b3a7a805" + + graphql-server@^0.3.2: + version "0.3.2" + resolved "https://registry.yarnpkg.com/graphql-server/-/graphql-server-0.3.2.tgz#ac3299963221be784fc78a22784d2d9ab7116e5e" + dependencies: + boom "^4.0.0" + http-errors "^1.5.0" + source-map-support "^0.4.2" + + graphql-subscriptions@0.2.0: + version "0.2.0" + resolved "https://registry.yarnpkg.com/graphql-subscriptions/-/graphql-subscriptions-0.2.0.tgz#9aebf19283f797354615b263090e15246a4c6c8d" + dependencies: + es6-promise "^3.2.1" + graphql "^0.7.0" + + graphql-subscriptions@^0.1.3: + version "0.1.5" + resolved "https://registry.yarnpkg.com/graphql-subscriptions/-/graphql-subscriptions-0.1.5.tgz#603422c0a7ea3818b630751d1c9798bfa1a820ee" + dependencies: + es6-promise "^3.2.1" + graphql "^0.7.0" + + graphql-tools@^0.8.2: + version "0.8.3" + resolved "https://registry.yarnpkg.com/graphql-tools/-/graphql-tools-0.8.3.tgz#7766ec1d1cc716dde331bd7813267bda44aefa08" + dependencies: + deprecated-decorator "^0.1.6" + lodash "^4.3.0" + node-uuid "^1.4.7" + optionalDependencies: + typed-graphql "^1.0.2" + + graphql@0.7.2, graphql@^0.7.0: + version "0.7.2" + resolved "https://registry.yarnpkg.com/graphql/-/graphql-0.7.2.tgz#cc894a32823399b8a0cb012b9e9ecad35cd00f72" + dependencies: + iterall "1.0.2" + + growl@1.9.2: + version "1.9.2" + resolved "https://registry.yarnpkg.com/growl/-/growl-1.9.2.tgz#0ea7743715db8d8de2c5ede1775e1b45ac85c02f" + + gulp-sourcemaps@1.6.0: + version "1.6.0" + resolved "https://registry.yarnpkg.com/gulp-sourcemaps/-/gulp-sourcemaps-1.6.0.tgz#b86ff349d801ceb56e1d9e7dc7bbcb4b7dee600c" + dependencies: + convert-source-map "^1.1.1" + graceful-fs "^4.1.2" + strip-bom "^2.0.0" + through2 "^2.0.0" + vinyl "^1.0.0" + + har-validator@~2.0.6: + version "2.0.6" + resolved "https://registry.yarnpkg.com/har-validator/-/har-validator-2.0.6.tgz#cdcbc08188265ad119b6a5a7c8ab70eecfb5d27d" + dependencies: + chalk "^1.1.1" + commander "^2.9.0" + is-my-json-valid "^2.12.4" + pinkie-promise "^2.0.0" + + has-ansi@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/has-ansi/-/has-ansi-2.0.0.tgz#34f5049ce1ecdf2b0649af3ef24e45ed35416d91" + dependencies: + ansi-regex "^2.0.0" + + has-flag@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/has-flag/-/has-flag-1.0.0.tgz#9d9e793165ce017a00f00418c43f942a7b1d11fa" + + has-unicode@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/has-unicode/-/has-unicode-2.0.1.tgz#e0e6fe6a28cf51138855e086d1691e771de2a8b9" + + has@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/has/-/has-1.0.1.tgz#8461733f538b0837c9361e39a9ab9e9704dc2f28" + dependencies: + function-bind "^1.0.2" + + hawk@~3.1.3: + version "3.1.3" + resolved "https://registry.yarnpkg.com/hawk/-/hawk-3.1.3.tgz#078444bd7c1640b0fe540d2c9b73d59678e8e1c4" + dependencies: + boom "2.x.x" + cryptiles "2.x.x" + hoek "2.x.x" + sntp "1.x.x" + + hoek@2.x.x: + version "2.16.3" + resolved "https://registry.yarnpkg.com/hoek/-/hoek-2.16.3.tgz#20bb7403d3cea398e91dc4710a8ff1b8274a25ed" + + hoek@4.x.x: + version "4.1.0" + resolved "https://registry.yarnpkg.com/hoek/-/hoek-4.1.0.tgz#4a4557460f69842ed463aa00628cc26d2683afa7" + + home-or-tmp@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/home-or-tmp/-/home-or-tmp-1.0.0.tgz#4b9f1e40800c3e50c6c27f781676afcce71f3985" + dependencies: + os-tmpdir "^1.0.1" + user-home "^1.1.1" + + hosted-git-info@^2.1.4: + version "2.1.5" + resolved "https://registry.yarnpkg.com/hosted-git-info/-/hosted-git-info-2.1.5.tgz#0ba81d90da2e25ab34a332e6ec77936e1598118b" + + http-errors@^1.5.0, http-errors@~1.5.0: + version "1.5.1" + resolved "https://registry.yarnpkg.com/http-errors/-/http-errors-1.5.1.tgz#788c0d2c1de2c81b9e6e8c01843b6b97eb920750" + dependencies: + inherits "2.0.3" + setprototypeof "1.0.2" + statuses ">= 1.3.1 < 2" + + http-signature@~1.1.0: + version "1.1.1" + resolved "https://registry.yarnpkg.com/http-signature/-/http-signature-1.1.1.tgz#df72e267066cd0ac67fb76adf8e134a8fbcf91bf" + dependencies: + assert-plus "^0.2.0" + jsprim "^1.2.2" + sshpk "^1.7.0" + + https-proxy-agent@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/https-proxy-agent/-/https-proxy-agent-1.0.0.tgz#35f7da6c48ce4ddbfa264891ac593ee5ff8671e6" + dependencies: + agent-base "2" + debug "2" + extend "3" + + iconv-lite@0.4.13, iconv-lite@~0.4.13: + version "0.4.13" + resolved "https://registry.yarnpkg.com/iconv-lite/-/iconv-lite-0.4.13.tgz#1f88aba4ab0b1508e8312acc39345f36e992e2f2" + + ignore-by-default@^1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/ignore-by-default/-/ignore-by-default-1.0.1.tgz#48ca6d72f6c6a3af00a9ad4ae6876be3889e2b09" + + ignore@^3.1.5: + version "3.2.0" + resolved "https://registry.yarnpkg.com/ignore/-/ignore-3.2.0.tgz#8d88f03c3002a0ac52114db25d2c673b0bf1e435" + + imurmurhash@^0.1.4: + version "0.1.4" + resolved "https://registry.yarnpkg.com/imurmurhash/-/imurmurhash-0.1.4.tgz#9218b9b2b928a238b13dc4fb6b6d576f231453ea" + + indent-string@^2.1.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/indent-string/-/indent-string-2.1.0.tgz#8e2d48348742121b4a8218b7a137e9a52049dc80" + dependencies: + repeating "^2.0.0" + + infinity-agent@^2.0.0: + version "2.0.3" + resolved "https://registry.yarnpkg.com/infinity-agent/-/infinity-agent-2.0.3.tgz#45e0e2ff7a9eb030b27d62b74b3744b7a7ac4216" + + inflight@^1.0.4: + version "1.0.6" + resolved "https://registry.yarnpkg.com/inflight/-/inflight-1.0.6.tgz#49bd6331d7d02d0c09bc910a1075ba8165b56df9" + dependencies: + once "^1.3.0" + wrappy "1" + + inherits@2, inherits@2.0.3, inherits@^2.0.1, inherits@~2.0.0, inherits@~2.0.1: + version "2.0.3" + resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.3.tgz#633c2c83e3da42a502f52466022480f4208261de" + + ini@~1.3.0: + version "1.3.4" + resolved "https://registry.yarnpkg.com/ini/-/ini-1.3.4.tgz#0537cb79daf59b59a1a517dff706c86ec039162e" + + inquirer@^0.12.0: + version "0.12.0" + resolved "https://registry.yarnpkg.com/inquirer/-/inquirer-0.12.0.tgz#1ef2bfd63504df0bc75785fff8c2c41df12f077e" + dependencies: + ansi-escapes "^1.1.0" + ansi-regex "^2.0.0" + chalk "^1.0.0" + cli-cursor "^1.0.1" + cli-width "^2.0.0" + figures "^1.3.5" + lodash "^4.3.0" + readline2 "^1.0.1" + run-async "^0.1.0" + rx-lite "^3.1.2" + string-width "^1.0.1" + strip-ansi "^3.0.0" + through "^2.3.6" + + invariant@^2.2.0: + version "2.2.2" + resolved "https://registry.yarnpkg.com/invariant/-/invariant-2.2.2.tgz#9e1f56ac0acdb6bf303306f338be3b204ae60360" + dependencies: + loose-envify "^1.0.0" + + invert-kv@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/invert-kv/-/invert-kv-1.0.0.tgz#104a8e4aaca6d3d8cd157a8ef8bfab2d7a3ffdb6" + + ipaddr.js@1.1.1: + version "1.1.1" + resolved "https://registry.yarnpkg.com/ipaddr.js/-/ipaddr.js-1.1.1.tgz#c791d95f52b29c1247d5df80ada39b8a73647230" + + is-absolute@^0.1.5: + version "0.1.7" + resolved "https://registry.yarnpkg.com/is-absolute/-/is-absolute-0.1.7.tgz#847491119fccb5fb436217cc737f7faad50f603f" + dependencies: + is-relative "^0.1.0" + + is-arrayish@^0.2.1: + version "0.2.1" + resolved "https://registry.yarnpkg.com/is-arrayish/-/is-arrayish-0.2.1.tgz#77c99840527aa8ecb1a8ba697b80645a7a926a9d" + + is-binary-path@^1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/is-binary-path/-/is-binary-path-1.0.1.tgz#75f16642b480f187a711c814161fd3a4a7655898" + dependencies: + binary-extensions "^1.0.0" + + is-buffer@^1.0.2: + version "1.1.4" + resolved "https://registry.yarnpkg.com/is-buffer/-/is-buffer-1.1.4.tgz#cfc86ccd5dc5a52fa80489111c6920c457e2d98b" + + is-builtin-module@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-builtin-module/-/is-builtin-module-1.0.0.tgz#540572d34f7ac3119f8f76c30cbc1b1e037affbe" + dependencies: + builtin-modules "^1.0.0" + + is-bzip2@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-bzip2/-/is-bzip2-1.0.0.tgz#5ee58eaa5a2e9c80e21407bedf23ae5ac091b3fc" + + is-dotfile@^1.0.0: + version "1.0.2" + resolved "https://registry.yarnpkg.com/is-dotfile/-/is-dotfile-1.0.2.tgz#2c132383f39199f8edc268ca01b9b007d205cc4d" + + is-equal-shallow@^0.1.3: + version "0.1.3" + resolved "https://registry.yarnpkg.com/is-equal-shallow/-/is-equal-shallow-0.1.3.tgz#2238098fc221de0bcfa5d9eac4c45d638aa1c534" + dependencies: + is-primitive "^2.0.0" + + is-extendable@^0.1.0, is-extendable@^0.1.1: + version "0.1.1" + resolved "https://registry.yarnpkg.com/is-extendable/-/is-extendable-0.1.1.tgz#62b110e289a471418e3ec36a617d472e301dfc89" + + is-extglob@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-extglob/-/is-extglob-1.0.0.tgz#ac468177c4943405a092fc8f29760c6ffc6206c0" + + is-extglob@^2.1.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/is-extglob/-/is-extglob-2.1.0.tgz#33411a482b046bf95e6b0cb27ee2711af4cf15ad" + + is-finite@^1.0.0: + version "1.0.2" + resolved "https://registry.yarnpkg.com/is-finite/-/is-finite-1.0.2.tgz#cc6677695602be550ef11e8b4aa6305342b6d0aa" + dependencies: + number-is-nan "^1.0.0" + + is-fullwidth-code-point@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-fullwidth-code-point/-/is-fullwidth-code-point-1.0.0.tgz#ef9e31386f031a7f0d643af82fde50c457ef00cb" + dependencies: + number-is-nan "^1.0.0" + + is-fullwidth-code-point@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/is-fullwidth-code-point/-/is-fullwidth-code-point-2.0.0.tgz#a3b30a5c4f199183167aaab93beefae3ddfb654f" + + is-glob@^2.0.0, is-glob@^2.0.1: + version "2.0.1" + resolved "https://registry.yarnpkg.com/is-glob/-/is-glob-2.0.1.tgz#d096f926a3ded5600f3fdfd91198cb0888c2d863" + dependencies: + is-extglob "^1.0.0" + + is-glob@^3.1.0: + version "3.1.0" + resolved "https://registry.yarnpkg.com/is-glob/-/is-glob-3.1.0.tgz#7ba5ae24217804ac70707b96922567486cc3e84a" + dependencies: + is-extglob "^2.1.0" + + is-gzip@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-gzip/-/is-gzip-1.0.0.tgz#6ca8b07b99c77998025900e555ced8ed80879a83" + + is-my-json-valid@^2.10.0, is-my-json-valid@^2.12.4: + version "2.15.0" + resolved "https://registry.yarnpkg.com/is-my-json-valid/-/is-my-json-valid-2.15.0.tgz#936edda3ca3c211fd98f3b2d3e08da43f7b2915b" + dependencies: + generate-function "^2.0.0" + generate-object-property "^1.1.0" + jsonpointer "^4.0.0" + xtend "^4.0.0" + + is-natural-number@^2.0.0: + version "2.1.1" + resolved "https://registry.yarnpkg.com/is-natural-number/-/is-natural-number-2.1.1.tgz#7d4c5728377ef386c3e194a9911bf57c6dc335e7" + + is-npm@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-npm/-/is-npm-1.0.0.tgz#f2fb63a65e4905b406c86072765a1a4dc793b9f4" + + is-number@^2.0.2, is-number@^2.1.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/is-number/-/is-number-2.1.0.tgz#01fcbbb393463a548f2f466cce16dece49db908f" + dependencies: + kind-of "^3.0.2" + + is-path-cwd@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-path-cwd/-/is-path-cwd-1.0.0.tgz#d225ec23132e89edd38fda767472e62e65f1106d" + + is-path-in-cwd@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-path-in-cwd/-/is-path-in-cwd-1.0.0.tgz#6477582b8214d602346094567003be8a9eac04dc" + dependencies: + is-path-inside "^1.0.0" + + is-path-inside@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-path-inside/-/is-path-inside-1.0.0.tgz#fc06e5a1683fbda13de667aff717bbc10a48f37f" + dependencies: + path-is-inside "^1.0.1" + + is-posix-bracket@^0.1.0: + version "0.1.1" + resolved "https://registry.yarnpkg.com/is-posix-bracket/-/is-posix-bracket-0.1.1.tgz#3334dc79774368e92f016e6fbc0a88f5cd6e6bc4" + + is-primitive@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/is-primitive/-/is-primitive-2.0.0.tgz#207bab91638499c07b2adf240a41a87210034575" + + is-promise@~1, is-promise@~1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/is-promise/-/is-promise-1.0.1.tgz#31573761c057e33c2e91aab9e96da08cefbe76e5" + + is-property@^1.0.0: + version "1.0.2" + resolved "https://registry.yarnpkg.com/is-property/-/is-property-1.0.2.tgz#57fe1c4e48474edd65b09911f26b1cd4095dda84" + + is-redirect@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-redirect/-/is-redirect-1.0.0.tgz#1d03dded53bd8db0f30c26e4f95d36fc7c87dc24" + + is-relative@^0.1.0: + version "0.1.3" + resolved "https://registry.yarnpkg.com/is-relative/-/is-relative-0.1.3.tgz#905fee8ae86f45b3ec614bc3c15c869df0876e82" + + is-resolvable@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-resolvable/-/is-resolvable-1.0.0.tgz#8df57c61ea2e3c501408d100fb013cf8d6e0cc62" + dependencies: + tryit "^1.0.1" + + is-stream@^1.0.0, is-stream@^1.0.1: + version "1.1.0" + resolved "https://registry.yarnpkg.com/is-stream/-/is-stream-1.1.0.tgz#12d4a3dd4e68e0b79ceb8dbc84173ae80d91ca44" + + is-tar@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-tar/-/is-tar-1.0.0.tgz#2f6b2e1792c1f5bb36519acaa9d65c0d26fe853d" + + is-typedarray@^1.0.0, is-typedarray@~1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-typedarray/-/is-typedarray-1.0.0.tgz#e479c80858df0c1b11ddda6940f96011fcda4a9a" + + is-utf8@^0.2.0: + version "0.2.1" + resolved "https://registry.yarnpkg.com/is-utf8/-/is-utf8-0.2.1.tgz#4b0da1442104d1b336340e80797e865cf39f7d72" + + is-valid-glob@^0.3.0: + version "0.3.0" + resolved "https://registry.yarnpkg.com/is-valid-glob/-/is-valid-glob-0.3.0.tgz#d4b55c69f51886f9b65c70d6c2622d37e29f48fe" + + is-zip@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-zip/-/is-zip-1.0.0.tgz#47b0a8ff4d38a76431ccfd99a8e15a4c86ba2325" + + isarray@0.0.1: + version "0.0.1" + resolved "https://registry.yarnpkg.com/isarray/-/isarray-0.0.1.tgz#8a18acfca9a8f4177e09abfc6038939b05d1eedf" + + isarray@1.0.0, isarray@^1.0.0, isarray@~1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/isarray/-/isarray-1.0.0.tgz#bb935d48582cba168c06834957a54a3e07124f11" + + isemail@1.x.x: + version "1.2.0" + resolved "https://registry.yarnpkg.com/isemail/-/isemail-1.2.0.tgz#be03df8cc3e29de4d2c5df6501263f1fa4595e9a" + + isobject@^2.0.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/isobject/-/isobject-2.1.0.tgz#f065561096a3f1da2ef46272f815c840d87e0c89" + dependencies: + isarray "1.0.0" + + isstream@0.1.x, isstream@~0.1.2: + version "0.1.2" + resolved "https://registry.yarnpkg.com/isstream/-/isstream-0.1.2.tgz#47e63f7af55afa6f92e1500e690eb8b8529c099a" + + iterall@1.0.2: + version "1.0.2" + resolved "https://registry.yarnpkg.com/iterall/-/iterall-1.0.2.tgz#41a2e96ce9eda5e61c767ee5dc312373bb046e91" + + jodid25519@^1.0.0: + version "1.0.2" + resolved "https://registry.yarnpkg.com/jodid25519/-/jodid25519-1.0.2.tgz#06d4912255093419477d425633606e0e90782967" + dependencies: + jsbn "~0.1.0" + + joi@^6.10.1: + version "6.10.1" + resolved "https://registry.yarnpkg.com/joi/-/joi-6.10.1.tgz#4d50c318079122000fe5f16af1ff8e1917b77e06" + dependencies: + hoek "2.x.x" + isemail "1.x.x" + moment "2.x.x" + topo "1.x.x" + + js-tokens@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/js-tokens/-/js-tokens-2.0.0.tgz#79903f5563ee778cc1162e6dcf1a0027c97f9cb5" + + js-yaml@^3.5.1: + version "3.7.0" + resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-3.7.0.tgz#5c967ddd837a9bfdca5f2de84253abe8a1c03b80" + dependencies: + argparse "^1.0.7" + esprima "^2.6.0" + + jsbn@~0.1.0: + version "0.1.0" + resolved "https://registry.yarnpkg.com/jsbn/-/jsbn-0.1.0.tgz#650987da0dd74f4ebf5a11377a2aa2d273e97dfd" + + jsesc@^1.3.0: + version "1.3.0" + resolved "https://registry.yarnpkg.com/jsesc/-/jsesc-1.3.0.tgz#46c3fec8c1892b12b0833db9bc7622176dbab34b" + + jsesc@~0.5.0: + version "0.5.0" + resolved "https://registry.yarnpkg.com/jsesc/-/jsesc-0.5.0.tgz#e7dee66e35d6fc16f710fe91d5cf69f70f08911d" + + json-schema@0.2.3: + version "0.2.3" + resolved "https://registry.yarnpkg.com/json-schema/-/json-schema-0.2.3.tgz#b480c892e59a2f05954ce727bd3f2a4e882f9e13" + + json-stable-stringify@^1.0.0, json-stable-stringify@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/json-stable-stringify/-/json-stable-stringify-1.0.1.tgz#9a759d39c5f2ff503fd5300646ed445f88c4f9af" + dependencies: + jsonify "~0.0.0" + + json-stringify-safe@~5.0.1: + version "5.0.1" + resolved "https://registry.yarnpkg.com/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz#1296a2d58fd45f19a0f6ce01d65701e2c735b6eb" + + json3@3.3.2: + version "3.3.2" + resolved "https://registry.yarnpkg.com/json3/-/json3-3.3.2.tgz#3c0434743df93e2f5c42aee7b19bcb483575f4e1" + + json5@^0.4.0: + version "0.4.0" + resolved "https://registry.yarnpkg.com/json5/-/json5-0.4.0.tgz#054352e4c4c80c86c0923877d449de176a732c8d" + + jsonify@~0.0.0: + version "0.0.0" + resolved "https://registry.yarnpkg.com/jsonify/-/jsonify-0.0.0.tgz#2c74b6ee41d93ca51b7b5aaee8f503631d252a73" + + jsonpointer@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/jsonpointer/-/jsonpointer-4.0.0.tgz#6661e161d2fc445f19f98430231343722e1fcbd5" + + jsonwebtoken@^7.0.0: + version "7.3.0" + resolved "https://registry.yarnpkg.com/jsonwebtoken/-/jsonwebtoken-7.3.0.tgz#85118d6a70e3fccdf14389f4e7a1c3f9c8a9fbba" + dependencies: + joi "^6.10.1" + jws "^3.1.4" + lodash.once "^4.0.0" + ms "^0.7.1" + xtend "^4.0.1" + + jsprim@^1.2.2: + version "1.3.1" + resolved "https://registry.yarnpkg.com/jsprim/-/jsprim-1.3.1.tgz#2a7256f70412a29ee3670aaca625994c4dcff252" + dependencies: + extsprintf "1.0.2" + json-schema "0.2.3" + verror "1.3.6" + + jsx-ast-utils@^1.0.0, jsx-ast-utils@^1.3.1: + version "1.3.4" + resolved "https://registry.yarnpkg.com/jsx-ast-utils/-/jsx-ast-utils-1.3.4.tgz#0257ed1cc4b1e65b39d7d9940f9fb4f20f7ba0a9" + dependencies: + acorn-jsx "^3.0.1" + object-assign "^4.1.0" + + jwa@^1.1.4: + version "1.1.5" + resolved "https://registry.yarnpkg.com/jwa/-/jwa-1.1.5.tgz#a0552ce0220742cd52e153774a32905c30e756e5" + dependencies: + base64url "2.0.0" + buffer-equal-constant-time "1.0.1" + ecdsa-sig-formatter "1.0.9" + safe-buffer "^5.0.1" + + jws@^3.1.4: + version "3.1.4" + resolved "https://registry.yarnpkg.com/jws/-/jws-3.1.4.tgz#f9e8b9338e8a847277d6444b1464f61880e050a2" + dependencies: + base64url "^2.0.0" + jwa "^1.1.4" + safe-buffer "^5.0.1" + + jwt-simple@^0.5.1: + version "0.5.1" + resolved "https://registry.yarnpkg.com/jwt-simple/-/jwt-simple-0.5.1.tgz#79ea01891b61de6b68e13e67c0b4b5bda937b294" + + kind-of@^3.0.2: + version "3.1.0" + resolved "https://registry.yarnpkg.com/kind-of/-/kind-of-3.1.0.tgz#475d698a5e49ff5e53d14e3e732429dc8bf4cf47" + dependencies: + is-buffer "^1.0.2" + + latest-version@^1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/latest-version/-/latest-version-1.0.1.tgz#72cfc46e3e8d1be651e1ebb54ea9f6ea96f374bb" + dependencies: + package-json "^1.0.0" + + lazystream@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/lazystream/-/lazystream-1.0.0.tgz#f6995fe0f820392f61396be89462407bb77168e4" + dependencies: + readable-stream "^2.0.5" + + lcid@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/lcid/-/lcid-1.0.0.tgz#308accafa0bc483a3867b4b6f2b9506251d1b835" + dependencies: + invert-kv "^1.0.0" + + levn@^0.3.0, levn@~0.3.0: + version "0.3.0" + resolved "https://registry.yarnpkg.com/levn/-/levn-0.3.0.tgz#3b09924edf9f083c0490fdd4c0bc4421e04764ee" + dependencies: + prelude-ls "~1.1.2" + type-check "~0.3.2" + + load-json-file@^1.0.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/load-json-file/-/load-json-file-1.1.0.tgz#956905708d58b4bab4c2261b04f59f31c99374c0" + dependencies: + graceful-fs "^4.1.2" + parse-json "^2.2.0" + pify "^2.0.0" + pinkie-promise "^2.0.0" + strip-bom "^2.0.0" + + lodash._baseassign@^3.0.0: + version "3.2.0" + resolved "https://registry.yarnpkg.com/lodash._baseassign/-/lodash._baseassign-3.2.0.tgz#8c38a099500f215ad09e59f1722fd0c52bfe0a4e" + dependencies: + lodash._basecopy "^3.0.0" + lodash.keys "^3.0.0" + + lodash._basecopy@^3.0.0: + version "3.0.1" + resolved "https://registry.yarnpkg.com/lodash._basecopy/-/lodash._basecopy-3.0.1.tgz#8da0e6a876cf344c0ad8a54882111dd3c5c7ca36" + + lodash._basecreate@^3.0.0: + version "3.0.3" + resolved "https://registry.yarnpkg.com/lodash._basecreate/-/lodash._basecreate-3.0.3.tgz#1bc661614daa7fc311b7d03bf16806a0213cf821" + + lodash._bindcallback@^3.0.0: + version "3.0.1" + resolved "https://registry.yarnpkg.com/lodash._bindcallback/-/lodash._bindcallback-3.0.1.tgz#e531c27644cf8b57a99e17ed95b35c748789392e" + + lodash._createassigner@^3.0.0: + version "3.1.1" + resolved "https://registry.yarnpkg.com/lodash._createassigner/-/lodash._createassigner-3.1.1.tgz#838a5bae2fdaca63ac22dee8e19fa4e6d6970b11" + dependencies: + lodash._bindcallback "^3.0.0" + lodash._isiterateecall "^3.0.0" + lodash.restparam "^3.0.0" + + lodash._getnative@^3.0.0: + version "3.9.1" + resolved "https://registry.yarnpkg.com/lodash._getnative/-/lodash._getnative-3.9.1.tgz#570bc7dede46d61cdcde687d65d3eecbaa3aaff5" + + lodash._isiterateecall@^3.0.0: + version "3.0.9" + resolved "https://registry.yarnpkg.com/lodash._isiterateecall/-/lodash._isiterateecall-3.0.9.tgz#5203ad7ba425fae842460e696db9cf3e6aac057c" + + lodash.assign@^3.0.0: + version "3.2.0" + resolved "https://registry.yarnpkg.com/lodash.assign/-/lodash.assign-3.2.0.tgz#3ce9f0234b4b2223e296b8fa0ac1fee8ebca64fa" + dependencies: + lodash._baseassign "^3.0.0" + lodash._createassigner "^3.0.0" + lodash.keys "^3.0.0" + + lodash.cond@^4.3.0: + version "4.5.2" + resolved "https://registry.yarnpkg.com/lodash.cond/-/lodash.cond-4.5.2.tgz#f471a1da486be60f6ab955d17115523dd1d255d5" + + lodash.create@3.1.1: + version "3.1.1" + resolved "https://registry.yarnpkg.com/lodash.create/-/lodash.create-3.1.1.tgz#d7f2849f0dbda7e04682bb8cd72ab022461debe7" + dependencies: + lodash._baseassign "^3.0.0" + lodash._basecreate "^3.0.0" + lodash._isiterateecall "^3.0.0" + + lodash.defaults@^3.1.2: + version "3.1.2" + resolved "https://registry.yarnpkg.com/lodash.defaults/-/lodash.defaults-3.1.2.tgz#c7308b18dbf8bc9372d701a73493c61192bd2e2c" + dependencies: + lodash.assign "^3.0.0" + lodash.restparam "^3.0.0" + + lodash.isarguments@^3.0.0: + version "3.1.0" + resolved "https://registry.yarnpkg.com/lodash.isarguments/-/lodash.isarguments-3.1.0.tgz#2f573d85c6a24289ff00663b491c1d338ff3458a" + + lodash.isarray@^3.0.0: + version "3.0.4" + resolved "https://registry.yarnpkg.com/lodash.isarray/-/lodash.isarray-3.0.4.tgz#79e4eb88c36a8122af86f844aa9bcd851b5fbb55" + + lodash.isequal@^4.0.0: + version "4.4.0" + resolved "https://registry.yarnpkg.com/lodash.isequal/-/lodash.isequal-4.4.0.tgz#6295768e98e14dc15ce8d362ef6340db82852031" + + lodash.isobject@^3.0.2: + version "3.0.2" + resolved "https://registry.yarnpkg.com/lodash.isobject/-/lodash.isobject-3.0.2.tgz#3c8fb8d5b5bf4bf90ae06e14f2a530a4ed935e1d" + + lodash.isstring@^4.0.1: + version "4.0.1" + resolved "https://registry.yarnpkg.com/lodash.isstring/-/lodash.isstring-4.0.1.tgz#d527dfb5456eca7cc9bb95d5daeaf88ba54a5451" + + lodash.keys@^3.0.0: + version "3.1.2" + resolved "https://registry.yarnpkg.com/lodash.keys/-/lodash.keys-3.1.2.tgz#4dbc0472b156be50a0b286855d1bd0b0c656098a" + dependencies: + lodash._getnative "^3.0.0" + lodash.isarguments "^3.0.0" + lodash.isarray "^3.0.0" + + lodash.once@^4.0.0: + version "4.1.1" + resolved "https://registry.yarnpkg.com/lodash.once/-/lodash.once-4.1.1.tgz#0dd3971213c7c56df880977d504c88fb471a97ac" + + lodash.pickby@^4.6.0: + version "4.6.0" + resolved "https://registry.yarnpkg.com/lodash.pickby/-/lodash.pickby-4.6.0.tgz#7dea21d8c18d7703a27c704c15d3b84a67e33aff" + + lodash.restparam@^3.0.0: + version "3.6.1" + resolved "https://registry.yarnpkg.com/lodash.restparam/-/lodash.restparam-3.6.1.tgz#936a4e309ef330a7645ed4145986c85ae5b20805" + + lodash@4.16.4, lodash@^4.0.0, lodash@^4.15.0, lodash@^4.2.0, lodash@^4.3.0, lodash@^4.8.0: + version "4.16.4" + resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.16.4.tgz#01ce306b9bad1319f2a5528674f88297aeb70127" + + log-symbols@^1.0.2: + version "1.0.2" + resolved "https://registry.yarnpkg.com/log-symbols/-/log-symbols-1.0.2.tgz#376ff7b58ea3086a0f09facc74617eca501e1a18" + dependencies: + chalk "^1.0.0" + + loose-envify@^1.0.0: + version "1.3.0" + resolved "https://registry.yarnpkg.com/loose-envify/-/loose-envify-1.3.0.tgz#6b26248c42f6d4fa4b0d8542f78edfcde35642a8" + dependencies: + js-tokens "^2.0.0" + + loud-rejection@^1.0.0: + version "1.6.0" + resolved "https://registry.yarnpkg.com/loud-rejection/-/loud-rejection-1.6.0.tgz#5b46f80147edee578870f086d04821cf998e551f" + dependencies: + currently-unhandled "^0.4.1" + signal-exit "^3.0.0" + + lowercase-keys@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/lowercase-keys/-/lowercase-keys-1.0.0.tgz#4e3366b39e7f5457e35f1324bdf6f88d0bfc7306" + + map-obj@^1.0.0, map-obj@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/map-obj/-/map-obj-1.0.1.tgz#d933ceb9205d82bdcf4886f6742bdc2b4dea146d" + + map-stream@~0.1.0: + version "0.1.0" + resolved "https://registry.yarnpkg.com/map-stream/-/map-stream-0.1.0.tgz#e56aa94c4c8055a16404a0674b78f215f7c8e194" + + media-typer@0.3.0: + version "0.3.0" + resolved "https://registry.yarnpkg.com/media-typer/-/media-typer-0.3.0.tgz#8710d7af0aa626f8fffa1ce00168545263255748" + + meow@^3.5.0: + version "3.7.0" + resolved "https://registry.yarnpkg.com/meow/-/meow-3.7.0.tgz#72cb668b425228290abbfa856892587308a801fb" + dependencies: + camelcase-keys "^2.0.0" + decamelize "^1.1.2" + loud-rejection "^1.0.0" + map-obj "^1.0.1" + minimist "^1.1.3" + normalize-package-data "^2.3.4" + object-assign "^4.0.1" + read-pkg-up "^1.0.1" + redent "^1.0.0" + trim-newlines "^1.0.0" + + merge-descriptors@1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/merge-descriptors/-/merge-descriptors-1.0.1.tgz#b00aaa556dd8b44568150ec9d1b953f3f90cbb61" + + merge-stream@^1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/merge-stream/-/merge-stream-1.0.1.tgz#4041202d508a342ba00174008df0c251b8c135e1" + dependencies: + readable-stream "^2.0.1" + + methods@~1.1.2: + version "1.1.2" + resolved "https://registry.yarnpkg.com/methods/-/methods-1.1.2.tgz#5529a4d67654134edcc5266656835b0f851afcee" + + micromatch@^2.1.5, micromatch@^2.3.7: + version "2.3.11" + resolved "https://registry.yarnpkg.com/micromatch/-/micromatch-2.3.11.tgz#86677c97d1720b363431d04d0d15293bd38c1565" + dependencies: + arr-diff "^2.0.0" + array-unique "^0.2.1" + braces "^1.8.2" + expand-brackets "^0.1.4" + extglob "^0.3.1" + filename-regex "^2.0.0" + is-extglob "^1.0.0" + is-glob "^2.0.1" + kind-of "^3.0.2" + normalize-path "^2.0.1" + object.omit "^2.0.0" + parse-glob "^3.0.4" + regex-cache "^0.4.2" + + mime-db@~1.25.0: + version "1.25.0" + resolved "https://registry.yarnpkg.com/mime-db/-/mime-db-1.25.0.tgz#c18dbd7c73a5dbf6f44a024dc0d165a1e7b1c392" + + mime-types@^2.1.12, mime-types@~2.1.11, mime-types@~2.1.13, mime-types@~2.1.7: + version "2.1.13" + resolved "https://registry.yarnpkg.com/mime-types/-/mime-types-2.1.13.tgz#e07aaa9c6c6b9a7ca3012c69003ad25a39e92a88" + dependencies: + mime-db "~1.25.0" + + mime@1.3.4: + version "1.3.4" + resolved "https://registry.yarnpkg.com/mime/-/mime-1.3.4.tgz#115f9e3b6b3daf2959983cb38f149a2d40eb5d53" + + "minimatch@2 || 3", minimatch@^3.0.0, minimatch@^3.0.2, minimatch@^3.0.3: + version "3.0.3" + resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-3.0.3.tgz#2a4e4090b96b2db06a9d7df01055a62a77c9b774" + dependencies: + brace-expansion "^1.0.0" + + minimist@0.0.8: + version "0.0.8" + resolved "https://registry.yarnpkg.com/minimist/-/minimist-0.0.8.tgz#857fcabfc3397d2625b8228262e86aa7a011b05d" + + minimist@^1.1.0, minimist@^1.1.3, minimist@^1.2.0: + version "1.2.0" + resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.0.tgz#a35008b20f41383eec1fb914f4cd5df79a264284" + + mkdirp@0.5.1, "mkdirp@>=0.5 0", mkdirp@^0.5.0, mkdirp@^0.5.1, mkdirp@~0.5.1: + version "0.5.1" + resolved "https://registry.yarnpkg.com/mkdirp/-/mkdirp-0.5.1.tgz#30057438eac6cf7f8c4767f38648d6697d75c903" + dependencies: + minimist "0.0.8" + + mocha@^3.1.2: + version "3.2.0" + resolved "https://registry.yarnpkg.com/mocha/-/mocha-3.2.0.tgz#7dc4f45e5088075171a68896814e6ae9eb7a85e3" + dependencies: + browser-stdout "1.3.0" + commander "2.9.0" + debug "2.2.0" + diff "1.4.0" + escape-string-regexp "1.0.5" + glob "7.0.5" + growl "1.9.2" + json3 "3.3.2" + lodash.create "3.1.1" + mkdirp "0.5.1" + supports-color "3.1.2" + + moment@2.x.x: + version "2.17.1" + resolved "https://registry.yarnpkg.com/moment/-/moment-2.17.1.tgz#fed9506063f36b10f066c8b59a144d7faebe1d82" + + mongo-find-by-ids@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/mongo-find-by-ids/-/mongo-find-by-ids-1.0.0.tgz#c4e7a108e2b9fb98f59eb8be5d3801b2bfb52222" + + mongodb-core@2.1.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/mongodb-core/-/mongodb-core-2.1.0.tgz#49a5edf476f6cc16c4ff7d423802a88080d992fb" + dependencies: + bson "~1.0.0" + require_optional "~1.0.0" + + mongodb-download@^1.3.2: + version "1.3.2" + resolved "https://registry.yarnpkg.com/mongodb-download/-/mongodb-download-1.3.2.tgz#0a2e8868eaea6c18e2a7f7cb7c8048ff10809337" + dependencies: + debug "^2.2.0" + getos "^2.7.0" + yargs "^3.26.0" + + mongodb-prebuilt@^5.0.7: + version "5.0.8" + resolved "https://registry.yarnpkg.com/mongodb-prebuilt/-/mongodb-prebuilt-5.0.8.tgz#82eb96336688888c3a614efbf6c5613fb656fbed" + dependencies: + debug "^2.2.0" + decompress "^3.0.0" + https-proxy-agent "^1.0.0" + mongodb-download "^1.3.2" + spawn-sync "1.0.15" + yargs "^3.26.0" + + mongodb@^2.2.11: + version "2.2.13" + resolved "https://registry.yarnpkg.com/mongodb/-/mongodb-2.2.13.tgz#f74315fbf64450265f920481fc7f17491b056b8a" + dependencies: + es6-promise "3.2.1" + mongodb-core "2.1.0" + readable-stream "2.1.5" + + morgan@^1.8.2: + version "1.8.2" + resolved "https://registry.yarnpkg.com/morgan/-/morgan-1.8.2.tgz#784ac7734e4a453a9c6e6e8680a9329275c8b687" + dependencies: + basic-auth "~1.1.0" + debug "2.6.8" + depd "~1.1.0" + on-finished "~2.3.0" + on-headers "~1.0.1" + + ms@0.7.1, ms@^0.7.1: + version "0.7.1" + resolved "https://registry.yarnpkg.com/ms/-/ms-0.7.1.tgz#9cd13c03adbff25b65effde7ce864ee952017098" + + ms@2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/ms/-/ms-2.0.0.tgz#5608aeadfc00be6c2901df5f9861788de0d597c8" + + mute-stream@0.0.5: + version "0.0.5" + resolved "https://registry.yarnpkg.com/mute-stream/-/mute-stream-0.0.5.tgz#8fbfabb0a98a253d3184331f9e8deb7372fac6c0" + + nan@2.5.0, nan@^2.3.0, nan@^2.3.3: + version "2.5.0" + resolved "https://registry.yarnpkg.com/nan/-/nan-2.5.0.tgz#aa8f1e34531d807e9e27755b234b4a6ec0c152a8" + + natural-compare@^1.4.0: + version "1.4.0" + resolved "https://registry.yarnpkg.com/natural-compare/-/natural-compare-1.4.0.tgz#4abebfeed7541f2c27acfb29bdbbd15c8d5ba4f7" + + negotiator@0.6.1: + version "0.6.1" + resolved "https://registry.yarnpkg.com/negotiator/-/negotiator-0.6.1.tgz#2b327184e8992101177b28563fb5e7102acd0ca9" + + nested-error-stacks@^1.0.0: + version "1.0.2" + resolved "https://registry.yarnpkg.com/nested-error-stacks/-/nested-error-stacks-1.0.2.tgz#19f619591519f096769a5ba9a86e6eeec823c3cf" + dependencies: + inherits "~2.0.1" + + node-fetch@^1.6.3: + version "1.6.3" + resolved "https://registry.yarnpkg.com/node-fetch/-/node-fetch-1.6.3.tgz#dc234edd6489982d58e8f0db4f695029abcd8c04" + dependencies: + encoding "^0.1.11" + is-stream "^1.0.1" + + node-pre-gyp@0.6.32, node-pre-gyp@^0.6.29: + version "0.6.32" + resolved "https://registry.yarnpkg.com/node-pre-gyp/-/node-pre-gyp-0.6.32.tgz#fc452b376e7319b3d255f5f34853ef6fd8fe1fd5" + dependencies: + mkdirp "~0.5.1" + nopt "~3.0.6" + npmlog "^4.0.1" + rc "~1.1.6" + request "^2.79.0" + rimraf "~2.5.4" + semver "~5.3.0" + tar "~2.2.1" + tar-pack "~3.3.0" + + node-static@0.5.9: + version "0.5.9" + resolved "https://registry.yarnpkg.com/node-static/-/node-static-0.5.9.tgz#2f5bf30949e1735958266c269413aebce8cbe899" + + node-uuid@^1.4.7: + version "1.4.7" + resolved "https://registry.yarnpkg.com/node-uuid/-/node-uuid-1.4.7.tgz#6da5a17668c4b3dd59623bda11cf7fa4c1f60a6f" + + nodeify@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/nodeify/-/nodeify-1.0.1.tgz#64ab69a7bdbaf03ce107b4f0335c87c0b9e91b1d" + dependencies: + is-promise "~1.0.0" + promise "~1.3.0" + + nodemon@1.11.0: + version "1.11.0" + resolved "https://registry.yarnpkg.com/nodemon/-/nodemon-1.11.0.tgz#226c562bd2a7b13d3d7518b49ad4828a3623d06c" + dependencies: + chokidar "^1.4.3" + debug "^2.2.0" + es6-promise "^3.0.2" + ignore-by-default "^1.0.0" + lodash.defaults "^3.1.2" + minimatch "^3.0.0" + ps-tree "^1.0.1" + touch "1.0.0" + undefsafe "0.0.3" + update-notifier "0.5.0" + + nopt@~1.0.10: + version "1.0.10" + resolved "https://registry.yarnpkg.com/nopt/-/nopt-1.0.10.tgz#6ddd21bd2a31417b92727dd585f8a6f37608ebee" + dependencies: + abbrev "1" + + nopt@~3.0.6: + version "3.0.6" + resolved "https://registry.yarnpkg.com/nopt/-/nopt-3.0.6.tgz#c6465dbf08abcd4db359317f79ac68a646b28ff9" + dependencies: + abbrev "1" + + normalize-package-data@^2.3.2, normalize-package-data@^2.3.4: + version "2.3.5" + resolved "https://registry.yarnpkg.com/normalize-package-data/-/normalize-package-data-2.3.5.tgz#8d924f142960e1777e7ffe170543631cc7cb02df" + dependencies: + hosted-git-info "^2.1.4" + is-builtin-module "^1.0.0" + semver "2 || 3 || 4 || 5" + validate-npm-package-license "^3.0.1" + + normalize-path@^2.0.1: + version "2.0.1" + resolved "https://registry.yarnpkg.com/normalize-path/-/normalize-path-2.0.1.tgz#47886ac1662760d4261b7d979d241709d3ce3f7a" + + npmlog@^4.0.1: + version "4.0.1" + resolved "https://registry.yarnpkg.com/npmlog/-/npmlog-4.0.1.tgz#d14f503b4cd79710375553004ba96e6662fbc0b8" + dependencies: + are-we-there-yet "~1.1.2" + console-control-strings "~1.1.0" + gauge "~2.7.1" + set-blocking "~2.0.0" + + number-is-nan@^1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/number-is-nan/-/number-is-nan-1.0.1.tgz#097b602b53422a522c1afb8790318336941a011d" + + oauth-sign@~0.8.1: + version "0.8.2" + resolved "https://registry.yarnpkg.com/oauth-sign/-/oauth-sign-0.8.2.tgz#46a6ab7f0aead8deae9ec0565780b7d4efeb9d43" + + object-assign@^2.0.0: + version "2.1.1" + resolved "https://registry.yarnpkg.com/object-assign/-/object-assign-2.1.1.tgz#43c36e5d569ff8e4816c4efa8be02d26967c18aa" + + object-assign@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/object-assign/-/object-assign-3.0.0.tgz#9bedd5ca0897949bca47e7ff408062d549f587f2" + + object-assign@^4.0.0, object-assign@^4.0.1, object-assign@^4.1.0: + version "4.1.0" + resolved "https://registry.yarnpkg.com/object-assign/-/object-assign-4.1.0.tgz#7a3b3d0e98063d43f4c03f2e8ae6cd51a86883a0" + + object.omit@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/object.omit/-/object.omit-2.0.1.tgz#1a9c744829f39dbb858c76ca3579ae2a54ebd1fa" + dependencies: + for-own "^0.1.4" + is-extendable "^0.1.1" + + on-finished@~2.3.0: + version "2.3.0" + resolved "https://registry.yarnpkg.com/on-finished/-/on-finished-2.3.0.tgz#20f1336481b083cd75337992a16971aa2d906947" + dependencies: + ee-first "1.1.1" + + on-headers@~1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/on-headers/-/on-headers-1.0.1.tgz#928f5d0f470d49342651ea6794b0857c100693f7" + + once@^1.3.0: + version "1.4.0" + resolved "https://registry.yarnpkg.com/once/-/once-1.4.0.tgz#583b1aa775961d4b113ac17d9c50baef9dd76bd1" + dependencies: + wrappy "1" + + once@~1.3.0, once@~1.3.3: + version "1.3.3" + resolved "https://registry.yarnpkg.com/once/-/once-1.3.3.tgz#b2e261557ce4c314ec8304f3fa82663e4297ca20" + dependencies: + wrappy "1" + + onetime@^1.0.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/onetime/-/onetime-1.1.0.tgz#a1f7838f8314c516f05ecefcbc4ccfe04b4ed789" + + optionator@^0.8.2: + version "0.8.2" + resolved "https://registry.yarnpkg.com/optionator/-/optionator-0.8.2.tgz#364c5e409d3f4d6301d6c0b4c05bba50180aeb64" + dependencies: + deep-is "~0.1.3" + fast-levenshtein "~2.0.4" + levn "~0.3.0" + prelude-ls "~1.1.2" + type-check "~0.3.2" + wordwrap "~1.0.0" + + ordered-read-streams@^0.3.0: + version "0.3.0" + resolved "https://registry.yarnpkg.com/ordered-read-streams/-/ordered-read-streams-0.3.0.tgz#7137e69b3298bb342247a1bbee3881c80e2fd78b" + dependencies: + is-stream "^1.0.1" + readable-stream "^2.0.1" + + os-homedir@^1.0.0: + version "1.0.2" + resolved "https://registry.yarnpkg.com/os-homedir/-/os-homedir-1.0.2.tgz#ffbc4988336e0e833de0c168c7ef152121aa7fb3" + + os-locale@^1.4.0: + version "1.4.0" + resolved "https://registry.yarnpkg.com/os-locale/-/os-locale-1.4.0.tgz#20f9f17ae29ed345e8bde583b13d2009803c14d9" + dependencies: + lcid "^1.0.0" + + os-shim@^0.1.2: + version "0.1.3" + resolved "https://registry.yarnpkg.com/os-shim/-/os-shim-0.1.3.tgz#6b62c3791cf7909ea35ed46e17658bb417cb3917" + + os-tmpdir@^1.0.0, os-tmpdir@^1.0.1: + version "1.0.2" + resolved "https://registry.yarnpkg.com/os-tmpdir/-/os-tmpdir-1.0.2.tgz#bbe67406c79aa85c5cfec766fe5734555dfa1274" + + osenv@^0.1.0: + version "0.1.3" + resolved "https://registry.yarnpkg.com/osenv/-/osenv-0.1.3.tgz#83cf05c6d6458fc4d5ac6362ea325d92f2754217" + dependencies: + os-homedir "^1.0.0" + os-tmpdir "^1.0.0" + + output-file-sync@^1.1.0: + version "1.1.2" + resolved "https://registry.yarnpkg.com/output-file-sync/-/output-file-sync-1.1.2.tgz#d0a33eefe61a205facb90092e826598d5245ce76" + dependencies: + graceful-fs "^4.1.4" + mkdirp "^0.5.1" + object-assign "^4.1.0" + + package-json@^1.0.0: + version "1.2.0" + resolved "https://registry.yarnpkg.com/package-json/-/package-json-1.2.0.tgz#c8ecac094227cdf76a316874ed05e27cc939a0e0" + dependencies: + got "^3.2.0" + registry-url "^3.0.0" + + parse-glob@^3.0.4: + version "3.0.4" + resolved "https://registry.yarnpkg.com/parse-glob/-/parse-glob-3.0.4.tgz#b2c376cfb11f35513badd173ef0bb6e3a388391c" + dependencies: + glob-base "^0.3.0" + is-dotfile "^1.0.0" + is-extglob "^1.0.0" + is-glob "^2.0.0" + + parse-json@^2.2.0: + version "2.2.0" + resolved "https://registry.yarnpkg.com/parse-json/-/parse-json-2.2.0.tgz#f480f40434ef80741f8469099f8dea18f55a4dc9" + dependencies: + error-ex "^1.2.0" + + parseurl@~1.3.1: + version "1.3.1" + resolved "https://registry.yarnpkg.com/parseurl/-/parseurl-1.3.1.tgz#c8ab8c9223ba34888aa64a297b28853bec18da56" + + passport-jwt@^2.2.1: + version "2.2.1" + resolved "https://registry.yarnpkg.com/passport-jwt/-/passport-jwt-2.2.1.tgz#0e004c94071319d673d9d9bcfd1574a868011527" + dependencies: + jsonwebtoken "^7.0.0" + passport-strategy "^1.0.0" + + passport-strategy@1.x.x, passport-strategy@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/passport-strategy/-/passport-strategy-1.0.0.tgz#b5539aa8fc225a3d1ad179476ddf236b440f52e4" + + passport@^0.3.2: + version "0.3.2" + resolved "https://registry.yarnpkg.com/passport/-/passport-0.3.2.tgz#9dd009f915e8fe095b0124a01b8f82da07510102" + dependencies: + passport-strategy "1.x.x" + pause "0.0.1" + + path-dirname@^1.0.0: + version "1.0.2" + resolved "https://registry.yarnpkg.com/path-dirname/-/path-dirname-1.0.2.tgz#cc33d24d525e099a5388c0336c6e32b9160609e0" + + path-exists@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/path-exists/-/path-exists-1.0.0.tgz#d5a8998eb71ef37a74c34eb0d9eba6e878eea081" + + path-exists@^2.0.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/path-exists/-/path-exists-2.1.0.tgz#0feb6c64f0fc518d9a754dd5efb62c7022761f4b" + dependencies: + pinkie-promise "^2.0.0" + + path-is-absolute@^1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/path-is-absolute/-/path-is-absolute-1.0.1.tgz#174b9268735534ffbc7ace6bf53a5a9e1b5c5f5f" + + path-is-inside@^1.0.1: + version "1.0.2" + resolved "https://registry.yarnpkg.com/path-is-inside/-/path-is-inside-1.0.2.tgz#365417dede44430d1c11af61027facf074bdfc53" + + path-to-regexp@0.1.7: + version "0.1.7" + resolved "https://registry.yarnpkg.com/path-to-regexp/-/path-to-regexp-0.1.7.tgz#df604178005f522f15eb4490e7247a1bfaa67f8c" + + path-type@^1.0.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/path-type/-/path-type-1.1.0.tgz#59c44f7ee491da704da415da5a4070ba4f8fe441" + dependencies: + graceful-fs "^4.1.2" + pify "^2.0.0" + pinkie-promise "^2.0.0" + + pause-stream@0.0.11: + version "0.0.11" + resolved "https://registry.yarnpkg.com/pause-stream/-/pause-stream-0.0.11.tgz#fe5a34b0cbce12b5aa6a2b403ee2e73b602f1445" + dependencies: + through "~2.3" + + pause@0.0.1: + version "0.0.1" + resolved "https://registry.yarnpkg.com/pause/-/pause-0.0.1.tgz#1d408b3fdb76923b9543d96fb4c9dfd535d9cb5d" + + pend@~1.2.0: + version "1.2.0" + resolved "https://registry.yarnpkg.com/pend/-/pend-1.2.0.tgz#7a57eb550a6783f9115331fcf4663d5c8e007a50" + + pify@^2.0.0: + version "2.3.0" + resolved "https://registry.yarnpkg.com/pify/-/pify-2.3.0.tgz#ed141a6ac043a849ea588498e7dca8b15330e90c" + + pinkie-promise@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/pinkie-promise/-/pinkie-promise-2.0.1.tgz#2135d6dfa7a358c069ac9b178776288228450ffa" + dependencies: + pinkie "^2.0.0" + + pinkie@^2.0.0: + version "2.0.4" + resolved "https://registry.yarnpkg.com/pinkie/-/pinkie-2.0.4.tgz#72556b80cfa0d48a974e80e77248e80ed4f7f870" + + pkg-dir@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/pkg-dir/-/pkg-dir-1.0.0.tgz#7a4b508a8d5bb2d629d447056ff4e9c9314cf3d4" + dependencies: + find-up "^1.0.0" + + pkg-up@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/pkg-up/-/pkg-up-1.0.0.tgz#3e08fb461525c4421624a33b9f7e6d0af5b05a26" + dependencies: + find-up "^1.0.0" + + pluralize@^1.2.1: + version "1.2.1" + resolved "https://registry.yarnpkg.com/pluralize/-/pluralize-1.2.1.tgz#d1a21483fd22bb41e58a12fa3421823140897c45" + + prelude-ls@~1.1.2: + version "1.1.2" + resolved "https://registry.yarnpkg.com/prelude-ls/-/prelude-ls-1.1.2.tgz#21932a549f5e52ffd9a827f570e04be62a97da54" + + prepend-http@^1.0.0: + version "1.0.4" + resolved "https://registry.yarnpkg.com/prepend-http/-/prepend-http-1.0.4.tgz#d4f4562b0ce3696e41ac52d0e002e57a635dc6dc" + + preserve@^0.2.0: + version "0.2.0" + resolved "https://registry.yarnpkg.com/preserve/-/preserve-0.2.0.tgz#815ed1f6ebc65926f865b310c0713bcb3315ce4b" + + private@^0.1.6, private@~0.1.5: + version "0.1.6" + resolved "https://registry.yarnpkg.com/private/-/private-0.1.6.tgz#55c6a976d0f9bafb9924851350fe47b9b5fbb7c1" + + process-nextick-args@~1.0.6: + version "1.0.7" + resolved "https://registry.yarnpkg.com/process-nextick-args/-/process-nextick-args-1.0.7.tgz#150e20b756590ad3f91093f25a4f2ad8bff30ba3" + + progress@^1.1.8: + version "1.1.8" + resolved "https://registry.yarnpkg.com/progress/-/progress-1.1.8.tgz#e260c78f6161cdd9b0e56cc3e0a85de17c7a57be" + + promise@~1.3.0: + version "1.3.0" + resolved "https://registry.yarnpkg.com/promise/-/promise-1.3.0.tgz#e5cc9a4c8278e4664ffedc01c7da84842b040175" + dependencies: + is-promise "~1" + + proxy-addr@~1.1.2: + version "1.1.2" + resolved "https://registry.yarnpkg.com/proxy-addr/-/proxy-addr-1.1.2.tgz#b4cc5f22610d9535824c123aef9d3cf73c40ba37" + dependencies: + forwarded "~0.1.0" + ipaddr.js "1.1.1" + + ps-tree@^1.0.1: + version "1.1.0" + resolved "https://registry.yarnpkg.com/ps-tree/-/ps-tree-1.1.0.tgz#b421b24140d6203f1ed3c76996b4427b08e8c014" + dependencies: + event-stream "~3.3.0" + + punycode@^1.4.1: + version "1.4.1" + resolved "https://registry.yarnpkg.com/punycode/-/punycode-1.4.1.tgz#c0d5a63b2718800ad8e1eb0fa5269c84dd41845e" + + qs@6.2.0: + version "6.2.0" + resolved "https://registry.yarnpkg.com/qs/-/qs-6.2.0.tgz#3b7848c03c2dece69a9522b0fae8c4126d745f3b" + + qs@~6.3.0: + version "6.3.0" + resolved "https://registry.yarnpkg.com/qs/-/qs-6.3.0.tgz#f403b264f23bc01228c74131b407f18d5ea5d442" + + random-bytes@~1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/random-bytes/-/random-bytes-1.0.0.tgz#4f68a1dc0ae58bd3fb95848c30324db75d64360b" + + randomatic@^1.1.3: + version "1.1.6" + resolved "https://registry.yarnpkg.com/randomatic/-/randomatic-1.1.6.tgz#110dcabff397e9dcff7c0789ccc0a49adf1ec5bb" + dependencies: + is-number "^2.0.2" + kind-of "^3.0.2" + + range-parser@~1.2.0: + version "1.2.0" + resolved "https://registry.yarnpkg.com/range-parser/-/range-parser-1.2.0.tgz#f49be6b487894ddc40dcc94a322f611092e00d5e" + + raw-body@~2.1.7: + version "2.1.7" + resolved "https://registry.yarnpkg.com/raw-body/-/raw-body-2.1.7.tgz#adfeace2e4fb3098058014d08c072dcc59758774" + dependencies: + bytes "2.4.0" + iconv-lite "0.4.13" + unpipe "1.0.0" + + rc@^1.0.1, rc@~1.1.6: + version "1.1.6" + resolved "https://registry.yarnpkg.com/rc/-/rc-1.1.6.tgz#43651b76b6ae53b5c802f1151fa3fc3b059969c9" + dependencies: + deep-extend "~0.4.0" + ini "~1.3.0" + minimist "^1.2.0" + strip-json-comments "~1.0.4" + + read-all-stream@^3.0.0: + version "3.1.0" + resolved "https://registry.yarnpkg.com/read-all-stream/-/read-all-stream-3.1.0.tgz#35c3e177f2078ef789ee4bfafa4373074eaef4fa" + dependencies: + pinkie-promise "^2.0.0" + readable-stream "^2.0.0" + + read-pkg-up@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/read-pkg-up/-/read-pkg-up-1.0.1.tgz#9d63c13276c065918d57f002a57f40a1b643fb02" + dependencies: + find-up "^1.0.0" + read-pkg "^1.0.0" + + read-pkg@^1.0.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/read-pkg/-/read-pkg-1.1.0.tgz#f5ffaa5ecd29cb31c0474bca7d756b6bb29e3f28" + dependencies: + load-json-file "^1.0.0" + normalize-package-data "^2.3.2" + path-type "^1.0.0" + + readable-stream@2.1.5, readable-stream@^2.0.0, "readable-stream@^2.0.0 || ^1.1.13", readable-stream@^2.0.1, readable-stream@^2.0.2, readable-stream@^2.0.4, readable-stream@^2.0.5, readable-stream@^2.1.5, readable-stream@~2.1.4: + version "2.1.5" + resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.1.5.tgz#66fa8b720e1438b364681f2ad1a63c618448c9d0" + dependencies: + buffer-shims "^1.0.0" + core-util-is "~1.0.0" + inherits "~2.0.1" + isarray "~1.0.0" + process-nextick-args "~1.0.6" + string_decoder "~0.10.x" + util-deprecate "~1.0.1" + + "readable-stream@>=1.0.33-1 <1.1.0-0": + version "1.0.34" + resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-1.0.34.tgz#125820e34bc842d2f2aaafafe4c2916ee32c157c" + dependencies: + core-util-is "~1.0.0" + inherits "~2.0.1" + isarray "0.0.1" + string_decoder "~0.10.x" + + readable-stream@~2.0.0, readable-stream@~2.0.5: + version "2.0.6" + resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.0.6.tgz#8f90341e68a53ccc928788dacfcd11b36eb9b78e" + dependencies: + core-util-is "~1.0.0" + inherits "~2.0.1" + isarray "~1.0.0" + process-nextick-args "~1.0.6" + string_decoder "~0.10.x" + util-deprecate "~1.0.1" + + readdirp@^2.0.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/readdirp/-/readdirp-2.1.0.tgz#4ed0ad060df3073300c48440373f72d1cc642d78" + dependencies: + graceful-fs "^4.1.2" + minimatch "^3.0.2" + readable-stream "^2.0.2" + set-immediate-shim "^1.0.1" + + readline2@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/readline2/-/readline2-1.0.1.tgz#41059608ffc154757b715d9989d199ffbf372e35" + dependencies: + code-point-at "^1.0.0" + is-fullwidth-code-point "^1.0.0" + mute-stream "0.0.5" + + redent@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/redent/-/redent-1.0.0.tgz#cf916ab1fd5f1f16dfb20822dd6ec7f730c2afde" + dependencies: + indent-string "^2.1.0" + strip-indent "^1.0.1" + + regenerate@^1.2.1: + version "1.3.2" + resolved "https://registry.yarnpkg.com/regenerate/-/regenerate-1.3.2.tgz#d1941c67bad437e1be76433add5b385f95b19260" + + regenerator-runtime@^0.9.5: + version "0.9.6" + resolved "https://registry.yarnpkg.com/regenerator-runtime/-/regenerator-runtime-0.9.6.tgz#d33eb95d0d2001a4be39659707c51b0cb71ce029" + + regex-cache@^0.4.2: + version "0.4.3" + resolved "https://registry.yarnpkg.com/regex-cache/-/regex-cache-0.4.3.tgz#9b1a6c35d4d0dfcef5711ae651e8e9d3d7114145" + dependencies: + is-equal-shallow "^0.1.3" + is-primitive "^2.0.0" + + regexpu-core@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/regexpu-core/-/regexpu-core-2.0.0.tgz#49d038837b8dcf8bfa5b9a42139938e6ea2ae240" + dependencies: + regenerate "^1.2.1" + regjsgen "^0.2.0" + regjsparser "^0.1.4" + + registry-url@^3.0.0: + version "3.1.0" + resolved "https://registry.yarnpkg.com/registry-url/-/registry-url-3.1.0.tgz#3d4ef870f73dde1d77f0cf9a381432444e174942" + dependencies: + rc "^1.0.1" + + regjsgen@^0.2.0: + version "0.2.0" + resolved "https://registry.yarnpkg.com/regjsgen/-/regjsgen-0.2.0.tgz#6c016adeac554f75823fe37ac05b92d5a4edb1f7" + + regjsparser@^0.1.4: + version "0.1.5" + resolved "https://registry.yarnpkg.com/regjsparser/-/regjsparser-0.1.5.tgz#7ee8f84dc6fa792d3fd0ae228d24bd949ead205c" + dependencies: + jsesc "~0.5.0" + + repeat-element@^1.1.2: + version "1.1.2" + resolved "https://registry.yarnpkg.com/repeat-element/-/repeat-element-1.1.2.tgz#ef089a178d1483baae4d93eb98b4f9e4e11d990a" + + repeat-string@^1.5.2: + version "1.6.1" + resolved "https://registry.yarnpkg.com/repeat-string/-/repeat-string-1.6.1.tgz#8dcae470e1c88abc2d600fff4a776286da75e637" + + repeating@^1.1.2: + version "1.1.3" + resolved "https://registry.yarnpkg.com/repeating/-/repeating-1.1.3.tgz#3d4114218877537494f97f77f9785fab810fa4ac" + dependencies: + is-finite "^1.0.0" + + repeating@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/repeating/-/repeating-2.0.1.tgz#5214c53a926d3552707527fbab415dbc08d06dda" + dependencies: + is-finite "^1.0.0" + + replace-ext@0.0.1: + version "0.0.1" + resolved "https://registry.yarnpkg.com/replace-ext/-/replace-ext-0.0.1.tgz#29bbd92078a739f0bcce2b4ee41e837953522924" + + request@^2.65.0, request@^2.79.0: + version "2.79.0" + resolved "https://registry.yarnpkg.com/request/-/request-2.79.0.tgz#4dfe5bf6be8b8cdc37fcf93e04b65577722710de" + dependencies: + aws-sign2 "~0.6.0" + aws4 "^1.2.1" + caseless "~0.11.0" + combined-stream "~1.0.5" + extend "~3.0.0" + forever-agent "~0.6.1" + form-data "~2.1.1" + har-validator "~2.0.6" + hawk "~3.1.3" + http-signature "~1.1.0" + is-typedarray "~1.0.0" + isstream "~0.1.2" + json-stringify-safe "~5.0.1" + mime-types "~2.1.7" + oauth-sign "~0.8.1" + qs "~6.3.0" + stringstream "~0.0.4" + tough-cookie "~2.3.0" + tunnel-agent "~0.4.1" + uuid "^3.0.0" + + require-uncached@^1.0.2: + version "1.0.3" + resolved "https://registry.yarnpkg.com/require-uncached/-/require-uncached-1.0.3.tgz#4e0d56d6c9662fd31e43011c4b95aa49955421d3" + dependencies: + caller-path "^0.1.0" + resolve-from "^1.0.0" + + require_optional@~1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/require_optional/-/require_optional-1.0.0.tgz#52a86137a849728eb60a55533617f8f914f59abf" + dependencies: + resolve-from "^2.0.0" + semver "^5.1.0" + + resolve-from@^1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/resolve-from/-/resolve-from-1.0.1.tgz#26cbfe935d1aeeeabb29bc3fe5aeb01e93d44226" + + resolve-from@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/resolve-from/-/resolve-from-2.0.0.tgz#9480ab20e94ffa1d9e80a804c7ea147611966b57" + + resolve@^1.1.6: + version "1.1.7" + resolved "https://registry.yarnpkg.com/resolve/-/resolve-1.1.7.tgz#203114d82ad2c5ed9e8e0411b3932875e889e97b" + + restore-cursor@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/restore-cursor/-/restore-cursor-1.0.1.tgz#34661f46886327fed2991479152252df92daa541" + dependencies: + exit-hook "^1.0.0" + onetime "^1.0.0" + + rimraf@2, rimraf@^2.2.8, rimraf@~2.5.1, rimraf@~2.5.4: + version "2.5.4" + resolved "https://registry.yarnpkg.com/rimraf/-/rimraf-2.5.4.tgz#96800093cbf1a0c86bd95b4625467535c29dfa04" + dependencies: + glob "^7.0.5" + + run-async@^0.1.0: + version "0.1.0" + resolved "https://registry.yarnpkg.com/run-async/-/run-async-0.1.0.tgz#c8ad4a5e110661e402a7d21b530e009f25f8e389" + dependencies: + once "^1.3.0" + + rx-lite@^3.1.2: + version "3.1.2" + resolved "https://registry.yarnpkg.com/rx-lite/-/rx-lite-3.1.2.tgz#19ce502ca572665f3b647b10939f97fd1615f102" + + safe-buffer@^5.0.1: + version "5.0.1" + resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.0.1.tgz#d263ca54696cd8a306b5ca6551e92de57918fbe7" + + seek-bzip@^1.0.3: + version "1.0.5" + resolved "https://registry.yarnpkg.com/seek-bzip/-/seek-bzip-1.0.5.tgz#cfe917cb3d274bcffac792758af53173eb1fabdc" + dependencies: + commander "~2.8.1" + + semver-diff@^2.0.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/semver-diff/-/semver-diff-2.1.0.tgz#4bbb8437c8d37e4b0cf1a68fd726ec6d645d6d36" + dependencies: + semver "^5.0.3" + + semver-regex@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/semver-regex/-/semver-regex-1.0.0.tgz#92a4969065f9c70c694753d55248fc68f8f652c9" + + semver-truncate@^1.0.0: + version "1.1.2" + resolved "https://registry.yarnpkg.com/semver-truncate/-/semver-truncate-1.1.2.tgz#57f41de69707a62709a7e0104ba2117109ea47e8" + dependencies: + semver "^5.3.0" + + "semver@2 || 3 || 4 || 5", semver@^5.0.3, semver@^5.1.0, semver@^5.3.0, semver@~5.3.0: + version "5.3.0" + resolved "https://registry.yarnpkg.com/semver/-/semver-5.3.0.tgz#9b2ce5d3de02d17c6012ad326aa6b4d0cf54f94f" + + semver@^4.0.3: + version "4.3.6" + resolved "https://registry.yarnpkg.com/semver/-/semver-4.3.6.tgz#300bc6e0e86374f7ba61068b5b1ecd57fc6532da" + + semver@~5.0.1: + version "5.0.3" + resolved "https://registry.yarnpkg.com/semver/-/semver-5.0.3.tgz#77466de589cd5d3c95f138aa78bc569a3cb5d27a" + + send@0.14.1: + version "0.14.1" + resolved "https://registry.yarnpkg.com/send/-/send-0.14.1.tgz#a954984325392f51532a7760760e459598c89f7a" + dependencies: + debug "~2.2.0" + depd "~1.1.0" + destroy "~1.0.4" + encodeurl "~1.0.1" + escape-html "~1.0.3" + etag "~1.7.0" + fresh "0.3.0" + http-errors "~1.5.0" + mime "1.3.4" + ms "0.7.1" + on-finished "~2.3.0" + range-parser "~1.2.0" + statuses "~1.3.0" + + serve-static@~1.11.1: + version "1.11.1" + resolved "https://registry.yarnpkg.com/serve-static/-/serve-static-1.11.1.tgz#d6cce7693505f733c759de57befc1af76c0f0805" + dependencies: + encodeurl "~1.0.1" + escape-html "~1.0.3" + parseurl "~1.3.1" + send "0.14.1" + + set-blocking@~2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/set-blocking/-/set-blocking-2.0.0.tgz#045f9782d011ae9a6803ddd382b24392b3d890f7" + + set-immediate-shim@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/set-immediate-shim/-/set-immediate-shim-1.0.1.tgz#4b2b1b27eb808a9f8dcc481a58e5e56f599f3f61" + + setprototypeof@1.0.2: + version "1.0.2" + resolved "https://registry.yarnpkg.com/setprototypeof/-/setprototypeof-1.0.2.tgz#81a552141ec104b88e89ce383103ad5c66564d08" + + shebang-regex@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/shebang-regex/-/shebang-regex-1.0.0.tgz#da42f49740c0b42db2ca9728571cb190c98efea3" + + shelljs@^0.6.0: + version "0.6.1" + resolved "https://registry.yarnpkg.com/shelljs/-/shelljs-0.6.1.tgz#ec6211bed1920442088fe0f70b2837232ed2c8a8" + + signal-exit@^3.0.0: + version "3.0.2" + resolved "https://registry.yarnpkg.com/signal-exit/-/signal-exit-3.0.2.tgz#b5fdc08f1287ea1178628e415e25132b73646c6d" + + slash@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/slash/-/slash-1.0.0.tgz#c41f2f6c39fc16d1cd17ad4b5d896114ae470d55" + + slice-ansi@0.0.4: + version "0.0.4" + resolved "https://registry.yarnpkg.com/slice-ansi/-/slice-ansi-0.0.4.tgz#edbf8903f66f7ce2f8eafd6ceed65e264c831b35" + + slide@^1.1.5: + version "1.1.6" + resolved "https://registry.yarnpkg.com/slide/-/slide-1.1.6.tgz#56eb027d65b4d2dce6cb2e2d32c4d4afc9e1d707" + + sntp@1.x.x: + version "1.0.9" + resolved "https://registry.yarnpkg.com/sntp/-/sntp-1.0.9.tgz#6541184cc90aeea6c6e7b35e2659082443c66198" + dependencies: + hoek "2.x.x" + + source-map-support@^0.4.2: + version "0.4.6" + resolved "https://registry.yarnpkg.com/source-map-support/-/source-map-support-0.4.6.tgz#32552aa64b458392a85eab3b0b5ee61527167aeb" + dependencies: + source-map "^0.5.3" + + source-map@^0.5.0, source-map@^0.5.3: + version "0.5.6" + resolved "https://registry.yarnpkg.com/source-map/-/source-map-0.5.6.tgz#75ce38f52bf0733c5a7f0c118d81334a2bb5f412" + + spawn-sync@1.0.15: + version "1.0.15" + resolved "https://registry.yarnpkg.com/spawn-sync/-/spawn-sync-1.0.15.tgz#b00799557eb7fb0c8376c29d44e8a1ea67e57476" + dependencies: + concat-stream "^1.4.7" + os-shim "^0.1.2" + + spdx-correct@~1.0.0: + version "1.0.2" + resolved "https://registry.yarnpkg.com/spdx-correct/-/spdx-correct-1.0.2.tgz#4b3073d933ff51f3912f03ac5519498a4150db40" + dependencies: + spdx-license-ids "^1.0.2" + + spdx-expression-parse@~1.0.0: + version "1.0.4" + resolved "https://registry.yarnpkg.com/spdx-expression-parse/-/spdx-expression-parse-1.0.4.tgz#9bdf2f20e1f40ed447fbe273266191fced51626c" + + spdx-license-ids@^1.0.2: + version "1.2.2" + resolved "https://registry.yarnpkg.com/spdx-license-ids/-/spdx-license-ids-1.2.2.tgz#c9df7a3424594ade6bd11900d596696dc06bac57" + + split@0.3: + version "0.3.3" + resolved "https://registry.yarnpkg.com/split/-/split-0.3.3.tgz#cd0eea5e63a211dfff7eb0f091c4133e2d0dd28f" + dependencies: + through "2" + + sprintf-js@~1.0.2: + version "1.0.3" + resolved "https://registry.yarnpkg.com/sprintf-js/-/sprintf-js-1.0.3.tgz#04e6926f662895354f3dd015203633b857297e2c" + + sshpk@^1.7.0: + version "1.10.1" + resolved "https://registry.yarnpkg.com/sshpk/-/sshpk-1.10.1.tgz#30e1a5d329244974a1af61511339d595af6638b0" + dependencies: + asn1 "~0.2.3" + assert-plus "^1.0.0" + dashdash "^1.12.0" + getpass "^0.1.1" + optionalDependencies: + bcrypt-pbkdf "^1.0.0" + ecc-jsbn "~0.1.1" + jodid25519 "^1.0.0" + jsbn "~0.1.0" + tweetnacl "~0.14.0" + + stack-trace@0.0.x: + version "0.0.10" + resolved "https://registry.yarnpkg.com/stack-trace/-/stack-trace-0.0.10.tgz#547c70b347e8d32b4e108ea1a2a159e5fdde19c0" + + stat-mode@^0.2.0: + version "0.2.2" + resolved "https://registry.yarnpkg.com/stat-mode/-/stat-mode-0.2.2.tgz#e6c80b623123d7d80cf132ce538f346289072502" + + "statuses@>= 1.3.1 < 2", statuses@~1.3.0: + version "1.3.1" + resolved "https://registry.yarnpkg.com/statuses/-/statuses-1.3.1.tgz#faf51b9eb74aaef3b3acf4ad5f61abf24cb7b93e" + + stream-combiner2@^1.1.1: + version "1.1.1" + resolved "https://registry.yarnpkg.com/stream-combiner2/-/stream-combiner2-1.1.1.tgz#fb4d8a1420ea362764e21ad4780397bebcb41cbe" + dependencies: + duplexer2 "~0.1.0" + readable-stream "^2.0.2" + + stream-combiner@~0.0.4: + version "0.0.4" + resolved "https://registry.yarnpkg.com/stream-combiner/-/stream-combiner-0.0.4.tgz#4d5e433c185261dde623ca3f44c586bcf5c4ad14" + dependencies: + duplexer "~0.1.1" + + stream-shift@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/stream-shift/-/stream-shift-1.0.0.tgz#d5c752825e5367e786f78e18e445ea223a155952" + + string-length@^1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/string-length/-/string-length-1.0.1.tgz#56970fb1c38558e9e70b728bf3de269ac45adfac" + dependencies: + strip-ansi "^3.0.0" + + string-width@^1.0.1: + version "1.0.2" + resolved "https://registry.yarnpkg.com/string-width/-/string-width-1.0.2.tgz#118bdf5b8cdc51a2a7e70d211e07e2b0b9b107d3" + dependencies: + code-point-at "^1.0.0" + is-fullwidth-code-point "^1.0.0" + strip-ansi "^3.0.0" + + string-width@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/string-width/-/string-width-2.0.0.tgz#635c5436cc72a6e0c387ceca278d4e2eec52687e" + dependencies: + is-fullwidth-code-point "^2.0.0" + strip-ansi "^3.0.0" + + string_decoder@~0.10.x: + version "0.10.31" + resolved "https://registry.yarnpkg.com/string_decoder/-/string_decoder-0.10.31.tgz#62e203bc41766c6c28c9fc84301dab1c5310fa94" + + stringstream@~0.0.4: + version "0.0.5" + resolved "https://registry.yarnpkg.com/stringstream/-/stringstream-0.0.5.tgz#4e484cd4de5a0bbbee18e46307710a8a81621878" + + strip-ansi@^3.0.0, strip-ansi@^3.0.1: + version "3.0.1" + resolved "https://registry.yarnpkg.com/strip-ansi/-/strip-ansi-3.0.1.tgz#6a385fb8853d952d5ff05d0e8aaf94278dc63dcf" + dependencies: + ansi-regex "^2.0.0" + + strip-bom-stream@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/strip-bom-stream/-/strip-bom-stream-1.0.0.tgz#e7144398577d51a6bed0fa1994fa05f43fd988ee" + dependencies: + first-chunk-stream "^1.0.0" + strip-bom "^2.0.0" + + strip-bom@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/strip-bom/-/strip-bom-2.0.0.tgz#6219a85616520491f35788bdbf1447a99c7e6b0e" + dependencies: + is-utf8 "^0.2.0" + + strip-bom@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/strip-bom/-/strip-bom-3.0.0.tgz#2334c18e9c759f7bdd56fdef7e9ae3d588e68ed3" + + strip-dirs@^1.0.0: + version "1.1.1" + resolved "https://registry.yarnpkg.com/strip-dirs/-/strip-dirs-1.1.1.tgz#960bbd1287844f3975a4558aa103a8255e2456a0" + dependencies: + chalk "^1.0.0" + get-stdin "^4.0.1" + is-absolute "^0.1.5" + is-natural-number "^2.0.0" + minimist "^1.1.0" + sum-up "^1.0.1" + + strip-indent@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/strip-indent/-/strip-indent-1.0.1.tgz#0c7962a6adefa7bbd4ac366460a638552ae1a0a2" + dependencies: + get-stdin "^4.0.1" + + strip-json-comments@~1.0.1, strip-json-comments@~1.0.4: + version "1.0.4" + resolved "https://registry.yarnpkg.com/strip-json-comments/-/strip-json-comments-1.0.4.tgz#1e15fbcac97d3ee99bf2d73b4c656b082bbafb91" + + subscriptions-transport-ws@0.2.6: + version "0.2.6" + resolved "https://registry.yarnpkg.com/subscriptions-transport-ws/-/subscriptions-transport-ws-0.2.6.tgz#433861167c25ef9a2b8697e9403afa2a77656cb3" + dependencies: + "@types/node" "^6.0.38" + backo2 "^1.0.2" + es6-promise "^3.2.1" + graphql-subscriptions "^0.1.3" + lodash.isobject "^3.0.2" + lodash.isstring "^4.0.1" + node-static "0.5.9" + websocket "^1.0.23" + + sum-up@^1.0.1: + version "1.0.3" + resolved "https://registry.yarnpkg.com/sum-up/-/sum-up-1.0.3.tgz#1c661f667057f63bcb7875aa1438bc162525156e" + dependencies: + chalk "^1.0.0" + + supports-color@3.1.2: + version "3.1.2" + resolved "https://registry.yarnpkg.com/supports-color/-/supports-color-3.1.2.tgz#72a262894d9d408b956ca05ff37b2ed8a6e2a2d5" + dependencies: + has-flag "^1.0.0" + + supports-color@^0.2.0: + version "0.2.0" + resolved "https://registry.yarnpkg.com/supports-color/-/supports-color-0.2.0.tgz#d92de2694eb3f67323973d7ae3d8b55b4c22190a" + + supports-color@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/supports-color/-/supports-color-2.0.0.tgz#535d045ce6b6363fa40117084629995e9df324c7" + + table@^3.7.8: + version "3.8.3" + resolved "https://registry.yarnpkg.com/table/-/table-3.8.3.tgz#2bbc542f0fda9861a755d3947fefd8b3f513855f" + dependencies: + ajv "^4.7.0" + ajv-keywords "^1.0.0" + chalk "^1.1.1" + lodash "^4.0.0" + slice-ansi "0.0.4" + string-width "^2.0.0" + + tar-pack@~3.3.0: + version "3.3.0" + resolved "https://registry.yarnpkg.com/tar-pack/-/tar-pack-3.3.0.tgz#30931816418f55afc4d21775afdd6720cee45dae" + dependencies: + debug "~2.2.0" + fstream "~1.0.10" + fstream-ignore "~1.0.5" + once "~1.3.3" + readable-stream "~2.1.4" + rimraf "~2.5.1" + tar "~2.2.1" + uid-number "~0.0.6" + + tar-stream@^1.1.1: + version "1.5.2" + resolved "https://registry.yarnpkg.com/tar-stream/-/tar-stream-1.5.2.tgz#fbc6c6e83c1a19d4cb48c7d96171fc248effc7bf" + dependencies: + bl "^1.0.0" + end-of-stream "^1.0.0" + readable-stream "^2.0.0" + xtend "^4.0.0" + + tar@~2.2.1: + version "2.2.1" + resolved "https://registry.yarnpkg.com/tar/-/tar-2.2.1.tgz#8e4d2a256c0e2185c6b18ad694aec968b83cb1d1" + dependencies: + block-stream "*" + fstream "^1.0.2" + inherits "2" + + text-table@~0.2.0: + version "0.2.0" + resolved "https://registry.yarnpkg.com/text-table/-/text-table-0.2.0.tgz#7f5ee823ae805207c00af2df4a84ec3fcfa570b4" + + through2-filter@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/through2-filter/-/through2-filter-2.0.0.tgz#60bc55a0dacb76085db1f9dae99ab43f83d622ec" + dependencies: + through2 "~2.0.0" + xtend "~4.0.0" + + through2@^0.6.0, through2@^0.6.1: + version "0.6.5" + resolved "https://registry.yarnpkg.com/through2/-/through2-0.6.5.tgz#41ab9c67b29d57209071410e1d7a7a968cd3ad48" + dependencies: + readable-stream ">=1.0.33-1 <1.1.0-0" + xtend ">=4.0.0 <4.1.0-0" + + through2@^2.0.0, through2@~2.0.0: + version "2.0.3" + resolved "https://registry.yarnpkg.com/through2/-/through2-2.0.3.tgz#0004569b37c7c74ba39c43f3ced78d1ad94140be" + dependencies: + readable-stream "^2.1.5" + xtend "~4.0.1" + + through@2, through@^2.3.6, through@~2.3, through@~2.3.1: + version "2.3.8" + resolved "https://registry.yarnpkg.com/through/-/through-2.3.8.tgz#0dd4c9ffaabc357960b1b724115d7e0e86a2e1f5" + + timed-out@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/timed-out/-/timed-out-2.0.0.tgz#f38b0ae81d3747d628001f41dafc652ace671c0a" + + to-absolute-glob@^0.1.1: + version "0.1.1" + resolved "https://registry.yarnpkg.com/to-absolute-glob/-/to-absolute-glob-0.1.1.tgz#1cdfa472a9ef50c239ee66999b662ca0eb39937f" + dependencies: + extend-shallow "^2.0.1" + + to-fast-properties@^1.0.1: + version "1.0.2" + resolved "https://registry.yarnpkg.com/to-fast-properties/-/to-fast-properties-1.0.2.tgz#f3f5c0c3ba7299a7ef99427e44633257ade43320" + + topo@1.x.x: + version "1.1.0" + resolved "https://registry.yarnpkg.com/topo/-/topo-1.1.0.tgz#e9d751615d1bb87dc865db182fa1ca0a5ef536d5" + dependencies: + hoek "2.x.x" + + touch@1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/touch/-/touch-1.0.0.tgz#449cbe2dbae5a8c8038e30d71fa0ff464947c4de" + dependencies: + nopt "~1.0.10" + + tough-cookie@~2.3.0: + version "2.3.2" + resolved "https://registry.yarnpkg.com/tough-cookie/-/tough-cookie-2.3.2.tgz#f081f76e4c85720e6c37a5faced737150d84072a" + dependencies: + punycode "^1.4.1" + + trim-newlines@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/trim-newlines/-/trim-newlines-1.0.0.tgz#5887966bb582a4503a41eb524f7d35011815a613" + + tryit@^1.0.1: + version "1.0.3" + resolved "https://registry.yarnpkg.com/tryit/-/tryit-1.0.3.tgz#393be730a9446fd1ead6da59a014308f36c289cb" + + tunnel-agent@~0.4.1: + version "0.4.3" + resolved "https://registry.yarnpkg.com/tunnel-agent/-/tunnel-agent-0.4.3.tgz#6373db76909fe570e08d73583365ed828a74eeeb" + + tweetnacl@^0.14.3, tweetnacl@~0.14.0: + version "0.14.4" + resolved "https://registry.yarnpkg.com/tweetnacl/-/tweetnacl-0.14.4.tgz#8c9dbfb52795686f166cd2023794bcf103d13c2b" + + type-check@~0.3.2: + version "0.3.2" + resolved "https://registry.yarnpkg.com/type-check/-/type-check-0.3.2.tgz#5884cab512cf1d355e3fb784f30804b2b520db72" + dependencies: + prelude-ls "~1.1.2" + + type-detect@0.1.1: + version "0.1.1" + resolved "https://registry.yarnpkg.com/type-detect/-/type-detect-0.1.1.tgz#0ba5ec2a885640e470ea4e8505971900dac58822" + + type-detect@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/type-detect/-/type-detect-1.0.0.tgz#762217cc06db258ec48908a1298e8b95121e8ea2" + + type-is@~1.6.13: + version "1.6.14" + resolved "https://registry.yarnpkg.com/type-is/-/type-is-1.6.14.tgz#e219639c17ded1ca0789092dd54a03826b817cb2" + dependencies: + media-typer "0.3.0" + mime-types "~2.1.13" + + typed-graphql@^1.0.2: + version "1.0.2" + resolved "https://registry.yarnpkg.com/typed-graphql/-/typed-graphql-1.0.2.tgz#4c0f788775d552df4d4ec3d73f25469252f40fb8" + + typedarray-to-buffer@^3.1.2: + version "3.1.2" + resolved "https://registry.yarnpkg.com/typedarray-to-buffer/-/typedarray-to-buffer-3.1.2.tgz#1017b32d984ff556eba100f501589aba1ace2e04" + dependencies: + is-typedarray "^1.0.0" + + typedarray@~0.0.5: + version "0.0.6" + resolved "https://registry.yarnpkg.com/typedarray/-/typedarray-0.0.6.tgz#867ac74e3864187b1d3d47d996a78ec5c8830777" + + uid-number@~0.0.6: + version "0.0.6" + resolved "https://registry.yarnpkg.com/uid-number/-/uid-number-0.0.6.tgz#0ea10e8035e8eb5b8e4449f06da1c730663baa81" + + uid-safe@~2.1.2: + version "2.1.3" + resolved "https://registry.yarnpkg.com/uid-safe/-/uid-safe-2.1.3.tgz#077e264a00b3187936b270bb7376a26473631071" + dependencies: + base64-url "1.3.3" + random-bytes "~1.0.0" + + undefsafe@0.0.3: + version "0.0.3" + resolved "https://registry.yarnpkg.com/undefsafe/-/undefsafe-0.0.3.tgz#ecca3a03e56b9af17385baac812ac83b994a962f" + + unique-stream@^2.0.2: + version "2.2.1" + resolved "https://registry.yarnpkg.com/unique-stream/-/unique-stream-2.2.1.tgz#5aa003cfbe94c5ff866c4e7d668bb1c4dbadb369" + dependencies: + json-stable-stringify "^1.0.0" + through2-filter "^2.0.0" + + unpipe@1.0.0, unpipe@~1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/unpipe/-/unpipe-1.0.0.tgz#b2bf4ee8514aae6165b4817829d21b2ef49904ec" + + update-notifier@0.5.0: + version "0.5.0" + resolved "https://registry.yarnpkg.com/update-notifier/-/update-notifier-0.5.0.tgz#07b5dc2066b3627ab3b4f530130f7eddda07a4cc" + dependencies: + chalk "^1.0.0" + configstore "^1.0.0" + is-npm "^1.0.0" + latest-version "^1.0.0" + repeating "^1.1.2" + semver-diff "^2.0.0" + string-length "^1.0.0" + + user-home@^1.1.1: + version "1.1.1" + resolved "https://registry.yarnpkg.com/user-home/-/user-home-1.1.1.tgz#2b5be23a32b63a7c9deb8d0f28d485724a3df190" + + user-home@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/user-home/-/user-home-2.0.0.tgz#9c70bfd8169bc1dcbf48604e0f04b8b49cde9e9f" + dependencies: + os-homedir "^1.0.0" + + util-deprecate@~1.0.1: + version "1.0.2" + resolved "https://registry.yarnpkg.com/util-deprecate/-/util-deprecate-1.0.2.tgz#450d4dc9fa70de732762fbd2d4a28981419a0ccf" + + utils-merge@1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/utils-merge/-/utils-merge-1.0.0.tgz#0294fb922bb9375153541c4f7096231f287c8af8" + + uuid@^2.0.1: + version "2.0.3" + resolved "https://registry.yarnpkg.com/uuid/-/uuid-2.0.3.tgz#67e2e863797215530dff318e5bf9dcebfd47b21a" + + uuid@^3.0.0: + version "3.0.1" + resolved "https://registry.yarnpkg.com/uuid/-/uuid-3.0.1.tgz#6544bba2dfda8c1cf17e629a3a305e2bb1fee6c1" + + v8flags@^2.0.10: + version "2.0.11" + resolved "https://registry.yarnpkg.com/v8flags/-/v8flags-2.0.11.tgz#bca8f30f0d6d60612cc2c00641e6962d42ae6881" + dependencies: + user-home "^1.1.1" + + vali-date@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/vali-date/-/vali-date-1.0.0.tgz#1b904a59609fb328ef078138420934f6b86709a6" + + validate-npm-package-license@^3.0.1: + version "3.0.1" + resolved "https://registry.yarnpkg.com/validate-npm-package-license/-/validate-npm-package-license-3.0.1.tgz#2804babe712ad3379459acfbe24746ab2c303fbc" + dependencies: + spdx-correct "~1.0.0" + spdx-expression-parse "~1.0.0" + + vary@^1, vary@~1.1.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/vary/-/vary-1.1.0.tgz#e1e5affbbd16ae768dd2674394b9ad3022653140" + + verror@1.3.6: + version "1.3.6" + resolved "https://registry.yarnpkg.com/verror/-/verror-1.3.6.tgz#cff5df12946d297d2baaefaa2689e25be01c005c" + dependencies: + extsprintf "1.0.2" + + vinyl-assign@^1.0.1: + version "1.2.1" + resolved "https://registry.yarnpkg.com/vinyl-assign/-/vinyl-assign-1.2.1.tgz#4d198891b5515911d771a8cd9c5480a46a074a45" + dependencies: + object-assign "^4.0.1" + readable-stream "^2.0.0" + + vinyl-fs@^2.2.0: + version "2.4.4" + resolved "https://registry.yarnpkg.com/vinyl-fs/-/vinyl-fs-2.4.4.tgz#be6ff3270cb55dfd7d3063640de81f25d7532239" + dependencies: + duplexify "^3.2.0" + glob-stream "^5.3.2" + graceful-fs "^4.0.0" + gulp-sourcemaps "1.6.0" + is-valid-glob "^0.3.0" + lazystream "^1.0.0" + lodash.isequal "^4.0.0" + merge-stream "^1.0.0" + mkdirp "^0.5.0" + object-assign "^4.0.0" + readable-stream "^2.0.4" + strip-bom "^2.0.0" + strip-bom-stream "^1.0.0" + through2 "^2.0.0" + through2-filter "^2.0.0" + vali-date "^1.0.0" + vinyl "^1.0.0" + + vinyl@^0.4.3: + version "0.4.6" + resolved "https://registry.yarnpkg.com/vinyl/-/vinyl-0.4.6.tgz#2f356c87a550a255461f36bbeb2a5ba8bf784847" + dependencies: + clone "^0.2.0" + clone-stats "^0.0.1" + + vinyl@^1.0.0: + version "1.2.0" + resolved "https://registry.yarnpkg.com/vinyl/-/vinyl-1.2.0.tgz#5c88036cf565e5df05558bfc911f8656df218884" + dependencies: + clone "^1.0.0" + clone-stats "^0.0.1" + replace-ext "0.0.1" + + websocket@^1.0.23: + version "1.0.23" + resolved "https://registry.yarnpkg.com/websocket/-/websocket-1.0.23.tgz#20de8ec4a7126b09465578cd5dbb29a9c296aac6" + dependencies: + debug "^2.2.0" + nan "^2.3.3" + typedarray-to-buffer "^3.1.2" + yaeti "^0.0.4" + + wide-align@^1.1.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/wide-align/-/wide-align-1.1.0.tgz#40edde802a71fea1f070da3e62dcda2e7add96ad" + dependencies: + string-width "^1.0.1" + + window-size@^0.1.4: + version "0.1.4" + resolved "https://registry.yarnpkg.com/window-size/-/window-size-0.1.4.tgz#f8e1aa1ee5a53ec5bf151ffa09742a6ad7697876" + + winston@^2.3.1: + version "2.3.1" + resolved "https://registry.yarnpkg.com/winston/-/winston-2.3.1.tgz#0b48420d978c01804cf0230b648861598225a119" + dependencies: + async "~1.0.0" + colors "1.0.x" + cycle "1.0.x" + eyes "0.1.x" + isstream "0.1.x" + stack-trace "0.0.x" + + wordwrap@~1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/wordwrap/-/wordwrap-1.0.0.tgz#27584810891456a4171c8d0226441ade90cbcaeb" + + wrap-ansi@^2.0.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/wrap-ansi/-/wrap-ansi-2.1.0.tgz#d8fc3d284dd05794fe84973caecdd1cf824fdd85" + dependencies: + string-width "^1.0.1" + strip-ansi "^3.0.1" + + wrappy@1: + version "1.0.2" + resolved "https://registry.yarnpkg.com/wrappy/-/wrappy-1.0.2.tgz#b5243d8f3ec1aa35f1364605bc0d1036e30ab69f" + + write-file-atomic@^1.1.2: + version "1.2.0" + resolved "https://registry.yarnpkg.com/write-file-atomic/-/write-file-atomic-1.2.0.tgz#14c66d4e4cb3ca0565c28cf3b7a6f3e4d5938fab" + dependencies: + graceful-fs "^4.1.2" + imurmurhash "^0.1.4" + slide "^1.1.5" + + write@^0.2.1: + version "0.2.1" + resolved "https://registry.yarnpkg.com/write/-/write-0.2.1.tgz#5fc03828e264cea3fe91455476f7a3c566cb0757" + dependencies: + mkdirp "^0.5.1" + + xdg-basedir@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/xdg-basedir/-/xdg-basedir-2.0.0.tgz#edbc903cc385fc04523d966a335504b5504d1bd2" + dependencies: + os-homedir "^1.0.0" + + "xtend@>=4.0.0 <4.1.0-0", xtend@^4.0.0, xtend@^4.0.1, xtend@~4.0.0, xtend@~4.0.1: + version "4.0.1" + resolved "https://registry.yarnpkg.com/xtend/-/xtend-4.0.1.tgz#a5c6d532be656e23db820efb943a1f04998d63af" + + y18n@^3.2.0: + version "3.2.1" + resolved "https://registry.yarnpkg.com/y18n/-/y18n-3.2.1.tgz#6d15fba884c08679c0d77e88e7759e811e07fa41" + + yaeti@^0.0.4: + version "0.0.4" + resolved "https://registry.yarnpkg.com/yaeti/-/yaeti-0.0.4.tgz#89fe739c45ac4491028973193262a837693a66b6" + + yargs@^3.26.0: + version "3.32.0" + resolved "https://registry.yarnpkg.com/yargs/-/yargs-3.32.0.tgz#03088e9ebf9e756b69751611d2a5ef591482c995" + dependencies: + camelcase "^2.0.1" + cliui "^3.0.3" + decamelize "^1.1.1" + os-locale "^1.4.0" + string-width "^1.0.1" + window-size "^0.1.4" + y18n "^3.2.0" + + yauzl@^2.2.1: + version "2.7.0" + resolved "https://registry.yarnpkg.com/yauzl/-/yauzl-2.7.0.tgz#e21d847868b496fc29eaec23ee87fdd33e9b2bce" + dependencies: + buffer-crc32 "~0.2.3" + fd-slicer "~1.0.1" + +Trace: + Error: EEXIST: file already exists, mkdir '/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/create-graphql-server-authorization' diff --git a/test/output-app/yarn.lock b/test/output-app/yarn.lock index f951766..589f997 100644 --- a/test/output-app/yarn.lock +++ b/test/output-app/yarn.lock @@ -56,8 +56,8 @@ acorn@^4.0.1: resolved "https://registry.yarnpkg.com/acorn/-/acorn-4.0.3.tgz#1a3e850b428e73ba6b09d1cc527f5aaad4d03ef1" agent-base@2: - version "2.0.1" - resolved "https://registry.yarnpkg.com/agent-base/-/agent-base-2.0.1.tgz#bd8f9e86a8eb221fffa07bd14befd55df142815e" + version "2.1.1" + resolved "https://registry.yarnpkg.com/agent-base/-/agent-base-2.1.1.tgz#d6de10d5af6132d5bd692427d46fc538539094c7" dependencies: extend "~3.0.0" semver "~5.0.1" @@ -165,11 +165,11 @@ async-each@^1.0.0: version "1.0.1" resolved "https://registry.yarnpkg.com/async-each/-/async-each-1.0.1.tgz#19d386a1d9edc6e7c1c85d388aedbcc56d33602d" -async@2.0.1: - version "2.0.1" - resolved "https://registry.yarnpkg.com/async/-/async-2.0.1.tgz#b709cc0280a9c36f09f4536be823c838a9049e25" +async@2.1.4: + version "2.1.4" + resolved "https://registry.yarnpkg.com/async/-/async-2.1.4.tgz#2d2160c7788032e4dd6cbe2502f1f9a2c8f6cde4" dependencies: - lodash "^4.8.0" + lodash "^4.14.0" async@~1.0.0: version "1.0.0" @@ -895,10 +895,10 @@ bindings@1.2.1: resolved "https://registry.yarnpkg.com/bindings/-/bindings-1.2.1.tgz#14ad6113812d2d37d72e67b4cacb4bb726505f11" bl@^1.0.0: - version "1.1.2" - resolved "https://registry.yarnpkg.com/bl/-/bl-1.1.2.tgz#fdca871a99713aa00d19e3bbba41c44787a65398" + version "1.2.1" + resolved "https://registry.yarnpkg.com/bl/-/bl-1.2.1.tgz#cac328f7bee45730d404b692203fcb590e172d5e" dependencies: - readable-stream "~2.0.5" + readable-stream "^2.0.5" block-stream@*: version "0.0.9" @@ -1192,10 +1192,11 @@ crc@3.4.0: version "3.4.0" resolved "https://registry.yarnpkg.com/crc/-/crc-3.4.0.tgz#4258e351613a74ef1153dfcb05e820c3e9715d7f" -create-graphql-server-authorization@^0.0.14: - version "0.0.14" - resolved "https://registry.yarnpkg.com/create-graphql-server-authorization/-/create-graphql-server-authorization-0.0.14.tgz#26bd07dc0775a0e74a07fcc5a99daa046099e216" +create-graphql-server-authorization@^0.0.27: + version "0.0.27" + resolved "https://registry.yarnpkg.com/create-graphql-server-authorization/-/create-graphql-server-authorization-0.0.27.tgz#c46f465483193e59514a918c1678880ddd24600f" dependencies: + iterall "^1.1.0" lodash "4.16.4" mongodb "^2.2.31" winston "^2.3.1" @@ -1436,18 +1437,12 @@ encoding@^0.1.11: dependencies: iconv-lite "~0.4.13" -end-of-stream@1.0.0: +end-of-stream@1.0.0, end-of-stream@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/end-of-stream/-/end-of-stream-1.0.0.tgz#d4596e702734a93e40e9af864319eabd99ff2f0e" dependencies: once "~1.3.0" -end-of-stream@^1.0.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/end-of-stream/-/end-of-stream-1.1.0.tgz#e9353258baa9108965efc41cb0ef8ade2f3cfb07" - dependencies: - once "~1.3.0" - error-ex@^1.2.0: version "1.3.0" resolved "https://registry.yarnpkg.com/error-ex/-/error-ex-1.3.0.tgz#e67b43f3e82c96ea3a584ffee0b9fc3325d802d9" @@ -1946,10 +1941,10 @@ get-stdin@^4.0.1: resolved "https://registry.yarnpkg.com/get-stdin/-/get-stdin-4.0.1.tgz#b968c6b0a04384324902e8bf1a5df32579a450fe" getos@^2.7.0: - version "2.8.2" - resolved "https://registry.yarnpkg.com/getos/-/getos-2.8.2.tgz#365e7e3b2cf74cb85ebb6d1d8c76633580cee534" + version "2.8.4" + resolved "https://registry.yarnpkg.com/getos/-/getos-2.8.4.tgz#7b8603d3619c28e38cb0fe7a4f63c3acb80d5163" dependencies: - async "2.0.1" + async "2.1.4" getpass@^0.1.1: version "0.1.6" @@ -1971,8 +1966,8 @@ glob-parent@^2.0.0: is-glob "^2.0.0" glob-parent@^3.0.0: - version "3.0.1" - resolved "https://registry.yarnpkg.com/glob-parent/-/glob-parent-3.0.1.tgz#60021327cc963ddc3b5f085764f500479ecd82ff" + version "3.1.0" + resolved "https://registry.yarnpkg.com/glob-parent/-/glob-parent-3.1.0.tgz#9e6af6299d8d3bd2bd40430832bd113df906c5ae" dependencies: is-glob "^3.1.0" path-dirname "^1.0.0" @@ -2334,8 +2329,8 @@ is-extglob@^1.0.0: resolved "https://registry.yarnpkg.com/is-extglob/-/is-extglob-1.0.0.tgz#ac468177c4943405a092fc8f29760c6ffc6206c0" is-extglob@^2.1.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/is-extglob/-/is-extglob-2.1.0.tgz#33411a482b046bf95e6b0cb27ee2711af4cf15ad" + version "2.1.1" + resolved "https://registry.yarnpkg.com/is-extglob/-/is-extglob-2.1.1.tgz#a88c02535791f02ed37c76a1b9ea9773c833f8c2" is-finite@^1.0.0: version "1.0.2" @@ -2488,6 +2483,10 @@ iterall@1.0.2: version "1.0.2" resolved "https://registry.yarnpkg.com/iterall/-/iterall-1.0.2.tgz#41a2e96ce9eda5e61c767ee5dc312373bb046e91" +iterall@^1.1.0: + version "1.1.1" + resolved "https://registry.yarnpkg.com/iterall/-/iterall-1.1.1.tgz#f7f0af11e9a04ec6426260f5019d9fcca4d50214" + jodid25519@^1.0.0: version "1.0.2" resolved "https://registry.yarnpkg.com/jodid25519/-/jodid25519-1.0.2.tgz#06d4912255093419477d425633606e0e90782967" @@ -2714,8 +2713,8 @@ lodash.isarray@^3.0.0: resolved "https://registry.yarnpkg.com/lodash.isarray/-/lodash.isarray-3.0.4.tgz#79e4eb88c36a8122af86f844aa9bcd851b5fbb55" lodash.isequal@^4.0.0: - version "4.4.0" - resolved "https://registry.yarnpkg.com/lodash.isequal/-/lodash.isequal-4.4.0.tgz#6295768e98e14dc15ce8d362ef6340db82852031" + version "4.5.0" + resolved "https://registry.yarnpkg.com/lodash.isequal/-/lodash.isequal-4.5.0.tgz#415c4478f2bcc30120c22ce10ed3226f7d3e18e0" lodash.isobject@^3.0.2: version "3.0.2" @@ -2745,7 +2744,7 @@ lodash.restparam@^3.0.0: version "3.6.1" resolved "https://registry.yarnpkg.com/lodash.restparam/-/lodash.restparam-3.6.1.tgz#936a4e309ef330a7645ed4145986c85ae5b20805" -lodash@4.16.4, lodash@^4.0.0, lodash@^4.15.0, lodash@^4.2.0, lodash@^4.3.0, lodash@^4.8.0: +lodash@4.16.4, lodash@^4.0.0, lodash@^4.14.0, lodash@^4.15.0, lodash@^4.2.0, lodash@^4.3.0: version "4.16.4" resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.16.4.tgz#01ce306b9bad1319f2a5528674f88297aeb70127" @@ -3431,7 +3430,7 @@ readable-stream@2.2.7: isarray "0.0.1" string_decoder "~0.10.x" -readable-stream@~2.0.0, readable-stream@~2.0.5: +readable-stream@~2.0.0: version "2.0.6" resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.0.6.tgz#8f90341e68a53ccc928788dacfcd11b36eb9b78e" dependencies: @@ -3936,8 +3935,8 @@ tar-pack@~3.3.0: uid-number "~0.0.6" tar-stream@^1.1.1: - version "1.5.2" - resolved "https://registry.yarnpkg.com/tar-stream/-/tar-stream-1.5.2.tgz#fbc6c6e83c1a19d4cb48c7d96171fc248effc7bf" + version "1.5.4" + resolved "https://registry.yarnpkg.com/tar-stream/-/tar-stream-1.5.4.tgz#36549cf04ed1aee9b2a30c0143252238daf94016" dependencies: bl "^1.0.0" end-of-stream "^1.0.0" @@ -4289,8 +4288,8 @@ yargs@^3.26.0: y18n "^3.2.0" yauzl@^2.2.1: - version "2.7.0" - resolved "https://registry.yarnpkg.com/yauzl/-/yauzl-2.7.0.tgz#e21d847868b496fc29eaec23ee87fdd33e9b2bce" + version "2.8.0" + resolved "https://registry.yarnpkg.com/yauzl/-/yauzl-2.8.0.tgz#79450aff22b2a9c5a41ef54e02db907ccfbf9ee2" dependencies: buffer-crc32 "~0.2.3" fd-slicer "~1.0.1" diff --git a/yarn.lock b/yarn.lock index 4b2830a..cc4086d 100644 --- a/yarn.lock +++ b/yarn.lock @@ -139,10 +139,6 @@ async-each@^1.0.0: version "1.0.1" resolved "https://registry.yarnpkg.com/async-each/-/async-each-1.0.1.tgz#19d386a1d9edc6e7c1c85d388aedbcc56d33602d" -async@~1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/async/-/async-1.0.0.tgz#f8fc04ca3a13784ade9e1641af98578cfbd647a9" - asynckit@^0.4.0: version "0.4.0" resolved "https://registry.yarnpkg.com/asynckit/-/asynckit-0.4.0.tgz#c79ed97f7f34cb8f2ba1bc9790bcc366474b4b79" @@ -887,11 +883,7 @@ browser-stdout@1.3.0: version "1.3.0" resolved "https://registry.yarnpkg.com/browser-stdout/-/browser-stdout-1.3.0.tgz#f351d32969d32fa5d7a5567154263d928ae3bd1f" -bson@~1.0.4: - version "1.0.4" - resolved "https://registry.yarnpkg.com/bson/-/bson-1.0.4.tgz#93c10d39eaa5b58415cbc4052f3e53e562b0b72c" - -buffer-shims@^1.0.0, buffer-shims@~1.0.0: +buffer-shims@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/buffer-shims/-/buffer-shims-1.0.0.tgz#9978ce317388c649ad8793028c3477ef044a8b51" @@ -999,10 +991,6 @@ code-point-at@^1.0.0: version "1.1.0" resolved "https://registry.yarnpkg.com/code-point-at/-/code-point-at-1.1.0.tgz#0d070b4d043a5bea33a2f1a40e2edb3d9a4ccf77" -colors@1.0.x: - version "1.0.3" - resolved "https://registry.yarnpkg.com/colors/-/colors-1.0.3.tgz#0433f44d809680fdeb60ed260f1b0c262e82a40b" - combined-stream@^1.0.5, combined-stream@~1.0.5: version "1.0.5" resolved "https://registry.yarnpkg.com/combined-stream/-/combined-stream-1.0.5.tgz#938370a57b4a51dea2c77c15d5c5fdf895164009" @@ -1056,14 +1044,6 @@ cpr: mkdirp "~0.5.1" rimraf "^2.5.4" -create-graphql-server-authorization@^0.0.12: - version "0.0.12" - resolved "https://registry.yarnpkg.com/create-graphql-server-authorization/-/create-graphql-server-authorization-0.0.12.tgz#df00e443b13622d14dd53b588e1f44ef990763e2" - dependencies: - lodash "4.16.4" - mongodb "^2.2.31" - winston "^2.3.1" - crypt@~0.0.1: version "0.0.2" resolved "https://registry.yarnpkg.com/crypt/-/crypt-0.0.2.tgz#88d7ff7ec0dfb86f713dc87bbb42d044d3e6c41b" @@ -1080,10 +1060,6 @@ currently-unhandled@^0.4.1: dependencies: array-find-index "^1.0.1" -cycle@1.0.x: - version "1.0.3" - resolved "https://registry.yarnpkg.com/cycle/-/cycle-1.0.3.tgz#21e80b2be8580f98b468f379430662b046c34ad2" - d@^0.1.1, d@~0.1.1: version "0.1.1" resolved "https://registry.yarnpkg.com/d/-/d-0.1.1.tgz#da184c535d18d8ee7ba2aa229b914009fae11309" @@ -1236,10 +1212,6 @@ es6-map@^0.1.3: es6-symbol "~3.1.0" event-emitter "~0.3.4" -es6-promise@3.2.1: - version "3.2.1" - resolved "https://registry.yarnpkg.com/es6-promise/-/es6-promise-3.2.1.tgz#ec56233868032909207170c39448e24449dd1fc4" - es6-set@^0.1.4, es6-set@~0.1.3: version "0.1.4" resolved "https://registry.yarnpkg.com/es6-set/-/es6-set-0.1.4.tgz#9516b6761c2964b92ff479456233a247dc707ce8" @@ -1440,10 +1412,6 @@ extsprintf@1.0.2: version "1.0.2" resolved "https://registry.yarnpkg.com/extsprintf/-/extsprintf-1.0.2.tgz#e1080e0658e300b06294990cc70e1502235fd550" -eyes@0.1.x: - version "0.1.8" - resolved "https://registry.yarnpkg.com/eyes/-/eyes-0.1.8.tgz#62cf120234c683785d902348a800ef3e0cc20bc0" - fast-levenshtein@~2.0.4: version "2.0.5" resolved "https://registry.yarnpkg.com/fast-levenshtein/-/fast-levenshtein-2.0.5.tgz#bd33145744519ab1c36c3ee9f31f08e9079b67f2" @@ -1950,7 +1918,7 @@ isobject@^2.0.0: dependencies: isarray "1.0.0" -isstream@0.1.x, isstream@~0.1.2: +isstream@~0.1.2: version "0.1.2" resolved "https://registry.yarnpkg.com/isstream/-/isstream-0.1.2.tgz#47e63f7af55afa6f92e1500e690eb8b8529c099a" @@ -2150,6 +2118,7 @@ lodash.merge@^4.6.0: <<<<<<< HEAD <<<<<<< HEAD <<<<<<< HEAD +<<<<<<< HEAD lodash@^4.0.0, lodash@^4.17.4: version "4.17.4" resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.4.tgz#78203a4d1c328ae1d86dca6460e369b57f4055ae" @@ -2169,6 +2138,8 @@ lodash@4.16.4: version "4.16.4" resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.16.4.tgz#01ce306b9bad1319f2a5528674f88297aeb70127" +======= +>>>>>>> harden lodash@^4.0.0, lodash@^4.17.4, lodash@^4.3.0: version "4.17.4" resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.4.tgz#78203a4d1c328ae1d86dca6460e369b57f4055ae" @@ -2304,21 +2275,6 @@ mocha: mkdirp "0.5.1" supports-color "3.1.2" -mongodb-core@2.1.15: - version "2.1.15" - resolved "https://registry.yarnpkg.com/mongodb-core/-/mongodb-core-2.1.15.tgz#841f53b87ffff4c7458189c35c8ae827e1169764" - dependencies: - bson "~1.0.4" - require_optional "~1.0.0" - -mongodb@^2.2.31: - version "2.2.31" - resolved "https://registry.yarnpkg.com/mongodb/-/mongodb-2.2.31.tgz#1940445c661e19217bb3bf8245d9854aaef548db" - dependencies: - es6-promise "3.2.1" - mongodb-core "2.1.15" - readable-stream "2.2.7" - ms@0.7.1: version "0.7.1" resolved "https://registry.yarnpkg.com/ms/-/ms-0.7.1.tgz#9cd13c03adbff25b65effde7ce864ee952017098" @@ -2590,18 +2546,6 @@ read-pkg@^1.0.0: normalize-package-data "^2.3.2" path-type "^1.0.0" -readable-stream@2.2.7: - version "2.2.7" - resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.2.7.tgz#07057acbe2467b22042d36f98c5ad507054e95b1" - dependencies: - buffer-shims "~1.0.0" - core-util-is "~1.0.0" - inherits "~2.0.1" - isarray "~1.0.0" - process-nextick-args "~1.0.6" - string_decoder "~1.0.0" - util-deprecate "~1.0.1" - "readable-stream@^2.0.0 || ^1.1.13", readable-stream@^2.0.2, readable-stream@^2.2.2: version "2.2.11" resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.2.11.tgz#0796b31f8d7688007ff0b93a8088d34aa17c0f72" @@ -2764,21 +2708,10 @@ require-uncached@^1.0.2: caller-path "^0.1.0" resolve-from "^1.0.0" -require_optional@~1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/require_optional/-/require_optional-1.0.1.tgz#4cf35a4247f64ca3df8c2ef208cc494b1ca8fc2e" - dependencies: - resolve-from "^2.0.0" - semver "^5.1.0" - resolve-from@^1.0.0: version "1.0.1" resolved "https://registry.yarnpkg.com/resolve-from/-/resolve-from-1.0.1.tgz#26cbfe935d1aeeeabb29bc3fe5aeb01e93d44226" -resolve-from@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/resolve-from/-/resolve-from-2.0.0.tgz#9480ab20e94ffa1d9e80a804c7ea147611966b57" - resolve@^1.1.6: version "1.1.7" resolved "https://registry.yarnpkg.com/resolve/-/resolve-1.1.7.tgz#203114d82ad2c5ed9e8e0411b3932875e889e97b" @@ -2826,7 +2759,7 @@ semver-truncate@^1.0.0: dependencies: semver "^5.3.0" -"semver@2 || 3 || 4 || 5", semver@^5.1.0, semver@^5.3.0, semver@~5.3.0: +"semver@2 || 3 || 4 || 5", semver@^5.3.0, semver@~5.3.0: version "5.3.0" resolved "https://registry.yarnpkg.com/semver/-/semver-5.3.0.tgz#9b2ce5d3de02d17c6012ad326aa6b4d0cf54f94f" @@ -2907,10 +2840,6 @@ sshpk@^1.7.0: jsbn "~0.1.0" tweetnacl "~0.14.0" -stack-trace@0.0.x: - version "0.0.10" - resolved "https://registry.yarnpkg.com/stack-trace/-/stack-trace-0.0.10.tgz#547c70b347e8d32b4e108ea1a2a159e5fdde19c0" - string-width@^1.0.1: version "1.0.2" resolved "https://registry.yarnpkg.com/string-width/-/string-width-1.0.2.tgz#118bdf5b8cdc51a2a7e70d211e07e2b0b9b107d3" @@ -3103,17 +3032,6 @@ wide-align@^1.1.0: dependencies: string-width "^1.0.1" -winston@^2.3.1: - version "2.3.1" - resolved "https://registry.yarnpkg.com/winston/-/winston-2.3.1.tgz#0b48420d978c01804cf0230b648861598225a119" - dependencies: - async "~1.0.0" - colors "1.0.x" - cycle "1.0.x" - eyes "0.1.x" - isstream "0.1.x" - stack-trace "0.0.x" - wordwrap@~1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/wordwrap/-/wordwrap-1.0.0.tgz#27584810891456a4171c8d0226441ade90cbcaeb" From 2e74271fef1f043cf721e3321243bf09f962f991 Mon Sep 17 00:00:00 2001 From: tobkle Date: Fri, 18 Aug 2017 17:55:41 +0200 Subject: [PATCH 56/69] prepared for generator --- .gitignore | 2 + test/output-app/.gitignore | 1 + test/output-app/yarn-error.log | 4331 -------------------------------- 3 files changed, 3 insertions(+), 4331 deletions(-) delete mode 100644 test/output-app/yarn-error.log diff --git a/.gitignore b/.gitignore index d3b3fa9..77b3da4 100644 --- a/.gitignore +++ b/.gitignore @@ -7,3 +7,5 @@ db ./output dist log/all-logs-readable.log +yarn-error.log + diff --git a/test/output-app/.gitignore b/test/output-app/.gitignore index 69edd69..04d877b 100644 --- a/test/output-app/.gitignore +++ b/test/output-app/.gitignore @@ -4,3 +4,4 @@ node_modules log/all-logs-readable.log .DS_Store log/ +yarn-error.log diff --git a/test/output-app/yarn-error.log b/test/output-app/yarn-error.log deleted file mode 100644 index f92ff39..0000000 --- a/test/output-app/yarn-error.log +++ /dev/null @@ -1,4331 +0,0 @@ -Arguments: - /usr/local/bin/node /usr/local/bin/yarn add create-graphql-server-authorization - -PATH: - /usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/share/dotnet:/Library/Frameworks/Mono.framework/Versions/Current/Commands:/Users/Toby/.nvm/versions/node/v7.0.0/bin:/Library/Frameworks/Python.framework/Versions/2.7/bin:~/Library/Android/sdk/tools:~/Library/Android/sdk/platform-tools:/usr/local/terraform/bin:/Users/Toby/terraform:/Applications/MAMP/bin/php/php7.0.8/bin:/Library/Frameworks/Python.framework/Versions/3.5/bin - -Yarn version: - 0.17.10 - -Node version: - 7.0.0 - -Platform: - darwin x64 - -npm manifest: - { - "name": "output-app", - "version": "1.0.0", - "description": "output-app GraphQL Server", - "scripts": { - "start": "babel-node index.js" - }, - "config": { - "logfile": "log/all-logs-readable.log" - }, - "private": true, - "author": "", - "license": "MIT", - "devDependencies": { - "babel-cli": "6.16.0", - "babel-core": "6.17.0", - "babel-eslint": "7.0.0", - "babel-preset-es2015": "6.16.0", - "babel-preset-react": "6.16.0", - "babel-preset-stage-2": "6.17.0", - "babel-register": "6.16.3", - "chai": "^3.5.0", - "eslint": "3.8.1", - "eslint-config-react-app": "^0.4.0", - "eslint-plugin-babel": "3.3.0", - "eslint-plugin-flowtype": "2.21.0", - "eslint-plugin-import": "2.0.1", - "eslint-plugin-jsx-a11y": "2.2.3", - "eslint-plugin-react": "6.4.1", - "mocha": "^3.1.2", - "mongodb-prebuilt": "^5.0.7", - "node-fetch": "^1.6.3", - "nodemon": "1.11.0" - }, - "dependencies": { - "bcrypt": "^1.0.2", - "body-parser": "1.15.2", - "cors": "^2.8.1", - "dataloader": "^1.2.0", - "denodeify": "^1.2.1", - "dotenv": "2.0.0", - "express": "4.14.0", - "express-session": "1.14.1", - "graphql": "0.7.2", - "graphql-server": "^0.3.2", - "graphql-server-express": "^0.4.3", - "graphql-subscriptions": "0.2.0", - "graphql-tools": "^0.8.2", - "jwt-simple": "^0.5.1", - "lodash": "4.16.4", - "mongo-find-by-ids": "^1.0.0", - "mongodb": "^2.2.11", - "morgan": "^1.8.2", - "nodeify": "^1.0.1", - "passport": "^0.3.2", - "passport-jwt": "^2.2.1", - "subscriptions-transport-ws": "0.2.6", - "winston": "^2.3.1" - } - } - -yarn manifest: - No manifest - -Lockfile: - # THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY. - # yarn lockfile v1 - - - "@types/express-serve-static-core@*": - version "4.0.39" - resolved "https://registry.yarnpkg.com/@types/express-serve-static-core/-/express-serve-static-core-4.0.39.tgz#45157f96480d46f254648f45b2c6d70bd9fc9f54" - dependencies: - "@types/node" "*" - - "@types/express@^4.0.33": - version "4.0.34" - resolved "https://registry.yarnpkg.com/@types/express/-/express-4.0.34.tgz#cdc0afd69d70d2295b81b3aa47f26f672afcde1c" - dependencies: - "@types/express-serve-static-core" "*" - "@types/serve-static" "*" - - "@types/mime@*": - version "0.0.29" - resolved "https://registry.yarnpkg.com/@types/mime/-/mime-0.0.29.tgz#fbcfd330573b912ef59eeee14602bface630754b" - - "@types/node@*", "@types/node@^6.0.38": - version "6.0.51" - resolved "https://registry.yarnpkg.com/@types/node/-/node-6.0.51.tgz#84cbf25111516ec9304d0b61469dc0fa9d12ba32" - - "@types/serve-static@*": - version "1.7.31" - resolved "https://registry.yarnpkg.com/@types/serve-static/-/serve-static-1.7.31.tgz#15456de8d98d6b4cff31be6c6af7492ae63f521a" - dependencies: - "@types/express-serve-static-core" "*" - "@types/mime" "*" - - abbrev@1: - version "1.0.9" - resolved "https://registry.yarnpkg.com/abbrev/-/abbrev-1.0.9.tgz#91b4792588a7738c25f35dd6f63752a2f8776135" - - accepts@~1.3.3: - version "1.3.3" - resolved "https://registry.yarnpkg.com/accepts/-/accepts-1.3.3.tgz#c3ca7434938648c3e0d9c1e328dd68b622c284ca" - dependencies: - mime-types "~2.1.11" - negotiator "0.6.1" - - acorn-jsx@^3.0.0, acorn-jsx@^3.0.1: - version "3.0.1" - resolved "https://registry.yarnpkg.com/acorn-jsx/-/acorn-jsx-3.0.1.tgz#afdf9488fb1ecefc8348f6fb22f464e32a58b36b" - dependencies: - acorn "^3.0.4" - - acorn@^3.0.4: - version "3.3.0" - resolved "https://registry.yarnpkg.com/acorn/-/acorn-3.3.0.tgz#45e37fb39e8da3f25baee3ff5369e2bb5f22017a" - - acorn@^4.0.1: - version "4.0.3" - resolved "https://registry.yarnpkg.com/acorn/-/acorn-4.0.3.tgz#1a3e850b428e73ba6b09d1cc527f5aaad4d03ef1" - - agent-base@2: - version "2.0.1" - resolved "https://registry.yarnpkg.com/agent-base/-/agent-base-2.0.1.tgz#bd8f9e86a8eb221fffa07bd14befd55df142815e" - dependencies: - extend "~3.0.0" - semver "~5.0.1" - - ajv-keywords@^1.0.0: - version "1.2.0" - resolved "https://registry.yarnpkg.com/ajv-keywords/-/ajv-keywords-1.2.0.tgz#676c4f087bfe1e8b12dca6fda2f3c74f417b099c" - - ajv@^4.7.0: - version "4.9.2" - resolved "https://registry.yarnpkg.com/ajv/-/ajv-4.9.2.tgz#3f7dcda95b0c34bceb2d69945117d146219f1a2c" - dependencies: - co "^4.6.0" - json-stable-stringify "^1.0.1" - - ansi-escapes@^1.1.0: - version "1.4.0" - resolved "https://registry.yarnpkg.com/ansi-escapes/-/ansi-escapes-1.4.0.tgz#d3a8a83b319aa67793662b13e761c7911422306e" - - ansi-regex@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/ansi-regex/-/ansi-regex-2.0.0.tgz#c5061b6e0ef8a81775e50f5d66151bf6bf371107" - - ansi-styles@^2.1.0, ansi-styles@^2.2.1: - version "2.2.1" - resolved "https://registry.yarnpkg.com/ansi-styles/-/ansi-styles-2.2.1.tgz#b432dd3358b634cf75e1e4664368240533c1ddbe" - - anymatch@^1.3.0: - version "1.3.0" - resolved "https://registry.yarnpkg.com/anymatch/-/anymatch-1.3.0.tgz#a3e52fa39168c825ff57b0248126ce5a8ff95507" - dependencies: - arrify "^1.0.0" - micromatch "^2.1.5" - - aproba@^1.0.3: - version "1.0.4" - resolved "https://registry.yarnpkg.com/aproba/-/aproba-1.0.4.tgz#2713680775e7614c8ba186c065d4e2e52d1072c0" - - are-we-there-yet@~1.1.2: - version "1.1.2" - resolved "https://registry.yarnpkg.com/are-we-there-yet/-/are-we-there-yet-1.1.2.tgz#80e470e95a084794fe1899262c5667c6e88de1b3" - dependencies: - delegates "^1.0.0" - readable-stream "^2.0.0 || ^1.1.13" - - argparse@^1.0.7: - version "1.0.9" - resolved "https://registry.yarnpkg.com/argparse/-/argparse-1.0.9.tgz#73d83bc263f86e97f8cc4f6bae1b0e90a7d22c86" - dependencies: - sprintf-js "~1.0.2" - - arr-diff@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/arr-diff/-/arr-diff-2.0.0.tgz#8f3b827f955a8bd669697e4a4256ac3ceae356cf" - dependencies: - arr-flatten "^1.0.1" - - arr-flatten@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/arr-flatten/-/arr-flatten-1.0.1.tgz#e5ffe54d45e19f32f216e91eb99c8ce892bb604b" - - array-find-index@^1.0.1: - version "1.0.2" - resolved "https://registry.yarnpkg.com/array-find-index/-/array-find-index-1.0.2.tgz#df010aa1287e164bbda6f9723b0a96a1ec4187a1" - - array-flatten@1.1.1: - version "1.1.1" - resolved "https://registry.yarnpkg.com/array-flatten/-/array-flatten-1.1.1.tgz#9a5f699051b1e7073328f2a008968b64ea2955d2" - - array-union@^1.0.1: - version "1.0.2" - resolved "https://registry.yarnpkg.com/array-union/-/array-union-1.0.2.tgz#9a34410e4f4e3da23dea375be5be70f24778ec39" - dependencies: - array-uniq "^1.0.1" - - array-uniq@^1.0.0, array-uniq@^1.0.1: - version "1.0.3" - resolved "https://registry.yarnpkg.com/array-uniq/-/array-uniq-1.0.3.tgz#af6ac877a25cc7f74e058894753858dfdb24fdb6" - - array-unique@^0.2.1: - version "0.2.1" - resolved "https://registry.yarnpkg.com/array-unique/-/array-unique-0.2.1.tgz#a1d97ccafcbc2625cc70fadceb36a50c58b01a53" - - arrify@^1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/arrify/-/arrify-1.0.1.tgz#898508da2226f380df904728456849c1501a4b0d" - - asn1@~0.2.3: - version "0.2.3" - resolved "https://registry.yarnpkg.com/asn1/-/asn1-0.2.3.tgz#dac8787713c9966849fc8180777ebe9c1ddf3b86" - - assert-plus@^0.2.0: - version "0.2.0" - resolved "https://registry.yarnpkg.com/assert-plus/-/assert-plus-0.2.0.tgz#d74e1b87e7affc0db8aadb7021f3fe48101ab234" - - assert-plus@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/assert-plus/-/assert-plus-1.0.0.tgz#f12e0f3c5d77b0b1cdd9146942e4e96c1e4dd525" - - assertion-error@^1.0.1: - version "1.0.2" - resolved "https://registry.yarnpkg.com/assertion-error/-/assertion-error-1.0.2.tgz#13ca515d86206da0bac66e834dd397d87581094c" - - async-each@^1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/async-each/-/async-each-1.0.1.tgz#19d386a1d9edc6e7c1c85d388aedbcc56d33602d" - - async@2.0.1: - version "2.0.1" - resolved "https://registry.yarnpkg.com/async/-/async-2.0.1.tgz#b709cc0280a9c36f09f4536be823c838a9049e25" - dependencies: - lodash "^4.8.0" - - async@~1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/async/-/async-1.0.0.tgz#f8fc04ca3a13784ade9e1641af98578cfbd647a9" - - asynckit@^0.4.0: - version "0.4.0" - resolved "https://registry.yarnpkg.com/asynckit/-/asynckit-0.4.0.tgz#c79ed97f7f34cb8f2ba1bc9790bcc366474b4b79" - - aws-sign2@~0.6.0: - version "0.6.0" - resolved "https://registry.yarnpkg.com/aws-sign2/-/aws-sign2-0.6.0.tgz#14342dd38dbcc94d0e5b87d763cd63612c0e794f" - - aws4@^1.2.1: - version "1.5.0" - resolved "https://registry.yarnpkg.com/aws4/-/aws4-1.5.0.tgz#0a29ffb79c31c9e712eeb087e8e7a64b4a56d755" - - babel-cli@6.16.0: - version "6.16.0" - resolved "https://registry.yarnpkg.com/babel-cli/-/babel-cli-6.16.0.tgz#4e0d1cf40442ef78330f7fef88eb3a0a1b16bd37" - dependencies: - babel-core "^6.16.0" - babel-polyfill "^6.16.0" - babel-register "^6.16.0" - babel-runtime "^6.9.0" - bin-version-check "^2.1.0" - chalk "1.1.1" - commander "^2.8.1" - convert-source-map "^1.1.0" - fs-readdir-recursive "^0.1.0" - glob "^5.0.5" - lodash "^4.2.0" - log-symbols "^1.0.2" - output-file-sync "^1.1.0" - path-exists "^1.0.0" - path-is-absolute "^1.0.0" - request "^2.65.0" - slash "^1.0.0" - source-map "^0.5.0" - v8flags "^2.0.10" - optionalDependencies: - chokidar "^1.0.0" - - babel-code-frame@^6.16.0: - version "6.16.0" - resolved "https://registry.yarnpkg.com/babel-code-frame/-/babel-code-frame-6.16.0.tgz#f90e60da0862909d3ce098733b5d3987c97cb8de" - dependencies: - chalk "^1.1.0" - esutils "^2.0.2" - js-tokens "^2.0.0" - - babel-core@6.17.0, babel-core@^6.16.0: - version "6.17.0" - resolved "https://registry.yarnpkg.com/babel-core/-/babel-core-6.17.0.tgz#6c4576447df479e241e58c807e4bc7da4db7f425" - dependencies: - babel-code-frame "^6.16.0" - babel-generator "^6.17.0" - babel-helpers "^6.16.0" - babel-messages "^6.8.0" - babel-register "^6.16.0" - babel-runtime "^6.9.1" - babel-template "^6.16.0" - babel-traverse "^6.16.0" - babel-types "^6.16.0" - babylon "^6.11.0" - convert-source-map "^1.1.0" - debug "^2.1.1" - json5 "^0.4.0" - lodash "^4.2.0" - minimatch "^3.0.2" - path-exists "^1.0.0" - path-is-absolute "^1.0.0" - private "^0.1.6" - shebang-regex "^1.0.0" - slash "^1.0.0" - source-map "^0.5.0" - - babel-eslint@7.0.0: - version "7.0.0" - resolved "https://registry.yarnpkg.com/babel-eslint/-/babel-eslint-7.0.0.tgz#54e51b4033f54ac81326ecea4c646a779935196d" - dependencies: - babel-traverse "^6.15.0" - babel-types "^6.15.0" - babylon "^6.11.2" - lodash.pickby "^4.6.0" - - babel-generator@^6.17.0: - version "6.19.0" - resolved "https://registry.yarnpkg.com/babel-generator/-/babel-generator-6.19.0.tgz#9b2f244204777a3d6810ec127c673c87b349fac5" - dependencies: - babel-messages "^6.8.0" - babel-runtime "^6.9.0" - babel-types "^6.19.0" - detect-indent "^4.0.0" - jsesc "^1.3.0" - lodash "^4.2.0" - source-map "^0.5.0" - - babel-helper-bindify-decorators@^6.18.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-bindify-decorators/-/babel-helper-bindify-decorators-6.18.0.tgz#fc00c573676a6e702fffa00019580892ec8780a5" - dependencies: - babel-runtime "^6.0.0" - babel-traverse "^6.18.0" - babel-types "^6.18.0" - - babel-helper-builder-binary-assignment-operator-visitor@^6.8.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-builder-binary-assignment-operator-visitor/-/babel-helper-builder-binary-assignment-operator-visitor-6.18.0.tgz#8ae814989f7a53682152e3401a04fabd0bb333a6" - dependencies: - babel-helper-explode-assignable-expression "^6.18.0" - babel-runtime "^6.0.0" - babel-types "^6.18.0" - - babel-helper-builder-react-jsx@^6.8.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-builder-react-jsx/-/babel-helper-builder-react-jsx-6.18.0.tgz#ab02f19a2eb7ace936dd87fa55896d02be59bf71" - dependencies: - babel-runtime "^6.9.0" - babel-types "^6.18.0" - esutils "^2.0.0" - lodash "^4.2.0" - - babel-helper-call-delegate@^6.18.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-call-delegate/-/babel-helper-call-delegate-6.18.0.tgz#05b14aafa430884b034097ef29e9f067ea4133bd" - dependencies: - babel-helper-hoist-variables "^6.18.0" - babel-runtime "^6.0.0" - babel-traverse "^6.18.0" - babel-types "^6.18.0" - - babel-helper-define-map@^6.18.0, babel-helper-define-map@^6.8.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-define-map/-/babel-helper-define-map-6.18.0.tgz#8d6c85dc7fbb4c19be3de40474d18e97c3676ec2" - dependencies: - babel-helper-function-name "^6.18.0" - babel-runtime "^6.9.0" - babel-types "^6.18.0" - lodash "^4.2.0" - - babel-helper-explode-assignable-expression@^6.18.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-explode-assignable-expression/-/babel-helper-explode-assignable-expression-6.18.0.tgz#14b8e8c2d03ad735d4b20f1840b24cd1f65239fe" - dependencies: - babel-runtime "^6.0.0" - babel-traverse "^6.18.0" - babel-types "^6.18.0" - - babel-helper-explode-class@^6.8.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-explode-class/-/babel-helper-explode-class-6.18.0.tgz#c44f76f4fa23b9c5d607cbac5d4115e7a76f62cb" - dependencies: - babel-helper-bindify-decorators "^6.18.0" - babel-runtime "^6.0.0" - babel-traverse "^6.18.0" - babel-types "^6.18.0" - - babel-helper-function-name@^6.18.0, babel-helper-function-name@^6.8.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-function-name/-/babel-helper-function-name-6.18.0.tgz#68ec71aeba1f3e28b2a6f0730190b754a9bf30e6" - dependencies: - babel-helper-get-function-arity "^6.18.0" - babel-runtime "^6.0.0" - babel-template "^6.8.0" - babel-traverse "^6.18.0" - babel-types "^6.18.0" - - babel-helper-get-function-arity@^6.18.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-get-function-arity/-/babel-helper-get-function-arity-6.18.0.tgz#a5b19695fd3f9cdfc328398b47dafcd7094f9f24" - dependencies: - babel-runtime "^6.0.0" - babel-types "^6.18.0" - - babel-helper-hoist-variables@^6.18.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-hoist-variables/-/babel-helper-hoist-variables-6.18.0.tgz#a835b5ab8b46d6de9babefae4d98ea41e866b82a" - dependencies: - babel-runtime "^6.0.0" - babel-types "^6.18.0" - - babel-helper-optimise-call-expression@^6.18.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-optimise-call-expression/-/babel-helper-optimise-call-expression-6.18.0.tgz#9261d0299ee1a4f08a6dd28b7b7c777348fd8f0f" - dependencies: - babel-runtime "^6.0.0" - babel-types "^6.18.0" - - babel-helper-regex@^6.8.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-regex/-/babel-helper-regex-6.18.0.tgz#ae0ebfd77de86cb2f1af258e2cc20b5fe893ecc6" - dependencies: - babel-runtime "^6.9.0" - babel-types "^6.18.0" - lodash "^4.2.0" - - babel-helper-remap-async-to-generator@^6.16.0, babel-helper-remap-async-to-generator@^6.16.2: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-remap-async-to-generator/-/babel-helper-remap-async-to-generator-6.18.0.tgz#336cdf3cab650bb191b02fc16a3708e7be7f9ce5" - dependencies: - babel-helper-function-name "^6.18.0" - babel-runtime "^6.0.0" - babel-template "^6.16.0" - babel-traverse "^6.18.0" - babel-types "^6.18.0" - - babel-helper-replace-supers@^6.18.0, babel-helper-replace-supers@^6.8.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-replace-supers/-/babel-helper-replace-supers-6.18.0.tgz#28ec69877be4144dbd64f4cc3a337e89f29a924e" - dependencies: - babel-helper-optimise-call-expression "^6.18.0" - babel-messages "^6.8.0" - babel-runtime "^6.0.0" - babel-template "^6.16.0" - babel-traverse "^6.18.0" - babel-types "^6.18.0" - - babel-helpers@^6.16.0: - version "6.16.0" - resolved "https://registry.yarnpkg.com/babel-helpers/-/babel-helpers-6.16.0.tgz#1095ec10d99279460553e67eb3eee9973d3867e3" - dependencies: - babel-runtime "^6.0.0" - babel-template "^6.16.0" - - babel-messages@^6.8.0: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-messages/-/babel-messages-6.8.0.tgz#bf504736ca967e6d65ef0adb5a2a5f947c8e0eb9" - dependencies: - babel-runtime "^6.0.0" - - babel-plugin-check-es2015-constants@^6.3.13: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-plugin-check-es2015-constants/-/babel-plugin-check-es2015-constants-6.8.0.tgz#dbf024c32ed37bfda8dee1e76da02386a8d26fe7" - dependencies: - babel-runtime "^6.0.0" - - babel-plugin-syntax-async-functions@^6.8.0: - version "6.13.0" - resolved "https://registry.yarnpkg.com/babel-plugin-syntax-async-functions/-/babel-plugin-syntax-async-functions-6.13.0.tgz#cad9cad1191b5ad634bf30ae0872391e0647be95" - - babel-plugin-syntax-async-generators@^6.5.0: - version "6.13.0" - resolved "https://registry.yarnpkg.com/babel-plugin-syntax-async-generators/-/babel-plugin-syntax-async-generators-6.13.0.tgz#6bc963ebb16eccbae6b92b596eb7f35c342a8b9a" - - babel-plugin-syntax-class-properties@^6.8.0: - version "6.13.0" - resolved "https://registry.yarnpkg.com/babel-plugin-syntax-class-properties/-/babel-plugin-syntax-class-properties-6.13.0.tgz#d7eb23b79a317f8543962c505b827c7d6cac27de" - - babel-plugin-syntax-decorators@^6.13.0: - version "6.13.0" - resolved "https://registry.yarnpkg.com/babel-plugin-syntax-decorators/-/babel-plugin-syntax-decorators-6.13.0.tgz#312563b4dbde3cc806cee3e416cceeaddd11ac0b" - - babel-plugin-syntax-exponentiation-operator@^6.8.0: - version "6.13.0" - resolved "https://registry.yarnpkg.com/babel-plugin-syntax-exponentiation-operator/-/babel-plugin-syntax-exponentiation-operator-6.13.0.tgz#9ee7e8337290da95288201a6a57f4170317830de" - - babel-plugin-syntax-flow@^6.18.0, babel-plugin-syntax-flow@^6.3.13: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-syntax-flow/-/babel-plugin-syntax-flow-6.18.0.tgz#4c3ab20a2af26aa20cd25995c398c4eb70310c8d" - - babel-plugin-syntax-jsx@^6.3.13, babel-plugin-syntax-jsx@^6.8.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-syntax-jsx/-/babel-plugin-syntax-jsx-6.18.0.tgz#0af32a9a6e13ca7a3fd5069e62d7b0f58d0d8946" - - babel-plugin-syntax-object-rest-spread@^6.8.0: - version "6.13.0" - resolved "https://registry.yarnpkg.com/babel-plugin-syntax-object-rest-spread/-/babel-plugin-syntax-object-rest-spread-6.13.0.tgz#fd6536f2bce13836ffa3a5458c4903a597bb3bf5" - - babel-plugin-syntax-trailing-function-commas@^6.3.13: - version "6.13.0" - resolved "https://registry.yarnpkg.com/babel-plugin-syntax-trailing-function-commas/-/babel-plugin-syntax-trailing-function-commas-6.13.0.tgz#2b84b7d53dd744f94ff1fad7669406274b23f541" - - babel-plugin-transform-async-generator-functions@^6.17.0: - version "6.17.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-async-generator-functions/-/babel-plugin-transform-async-generator-functions-6.17.0.tgz#d0b5a2b2f0940f2b245fa20a00519ed7bc6cae54" - dependencies: - babel-helper-remap-async-to-generator "^6.16.2" - babel-plugin-syntax-async-generators "^6.5.0" - babel-runtime "^6.0.0" - - babel-plugin-transform-async-to-generator@^6.16.0: - version "6.16.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-async-to-generator/-/babel-plugin-transform-async-to-generator-6.16.0.tgz#19ec36cb1486b59f9f468adfa42ce13908ca2999" - dependencies: - babel-helper-remap-async-to-generator "^6.16.0" - babel-plugin-syntax-async-functions "^6.8.0" - babel-runtime "^6.0.0" - - babel-plugin-transform-class-properties@^6.16.0: - version "6.19.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-class-properties/-/babel-plugin-transform-class-properties-6.19.0.tgz#1274b349abaadc835164e2004f4a2444a2788d5f" - dependencies: - babel-helper-function-name "^6.18.0" - babel-plugin-syntax-class-properties "^6.8.0" - babel-runtime "^6.9.1" - babel-template "^6.15.0" - - babel-plugin-transform-decorators@^6.13.0: - version "6.13.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-decorators/-/babel-plugin-transform-decorators-6.13.0.tgz#82d65c1470ae83e2d13eebecb0a1c2476d62da9d" - dependencies: - babel-helper-define-map "^6.8.0" - babel-helper-explode-class "^6.8.0" - babel-plugin-syntax-decorators "^6.13.0" - babel-runtime "^6.0.0" - babel-template "^6.8.0" - babel-types "^6.13.0" - - babel-plugin-transform-es2015-arrow-functions@^6.3.13: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-arrow-functions/-/babel-plugin-transform-es2015-arrow-functions-6.8.0.tgz#5b63afc3181bdc9a8c4d481b5a4f3f7d7fef3d9d" - dependencies: - babel-runtime "^6.0.0" - - babel-plugin-transform-es2015-block-scoped-functions@^6.3.13: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-block-scoped-functions/-/babel-plugin-transform-es2015-block-scoped-functions-6.8.0.tgz#ed95d629c4b5a71ae29682b998f70d9833eb366d" - dependencies: - babel-runtime "^6.0.0" - - babel-plugin-transform-es2015-block-scoping@^6.14.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-block-scoping/-/babel-plugin-transform-es2015-block-scoping-6.18.0.tgz#3bfdcfec318d46df22525cdea88f1978813653af" - dependencies: - babel-runtime "^6.9.0" - babel-template "^6.15.0" - babel-traverse "^6.18.0" - babel-types "^6.18.0" - lodash "^4.2.0" - - babel-plugin-transform-es2015-classes@^6.14.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-classes/-/babel-plugin-transform-es2015-classes-6.18.0.tgz#ffe7a17321bf83e494dcda0ae3fc72df48ffd1d9" - dependencies: - babel-helper-define-map "^6.18.0" - babel-helper-function-name "^6.18.0" - babel-helper-optimise-call-expression "^6.18.0" - babel-helper-replace-supers "^6.18.0" - babel-messages "^6.8.0" - babel-runtime "^6.9.0" - babel-template "^6.14.0" - babel-traverse "^6.18.0" - babel-types "^6.18.0" - - babel-plugin-transform-es2015-computed-properties@^6.3.13: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-computed-properties/-/babel-plugin-transform-es2015-computed-properties-6.8.0.tgz#f51010fd61b3bd7b6b60a5fdfd307bb7a5279870" - dependencies: - babel-helper-define-map "^6.8.0" - babel-runtime "^6.0.0" - babel-template "^6.8.0" - - babel-plugin-transform-es2015-destructuring@^6.16.0: - version "6.19.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-destructuring/-/babel-plugin-transform-es2015-destructuring-6.19.0.tgz#ff1d911c4b3f4cab621bd66702a869acd1900533" - dependencies: - babel-runtime "^6.9.0" - - babel-plugin-transform-es2015-duplicate-keys@^6.6.0: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-duplicate-keys/-/babel-plugin-transform-es2015-duplicate-keys-6.8.0.tgz#fd8f7f7171fc108cc1c70c3164b9f15a81c25f7d" - dependencies: - babel-runtime "^6.0.0" - babel-types "^6.8.0" - - babel-plugin-transform-es2015-for-of@^6.6.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-for-of/-/babel-plugin-transform-es2015-for-of-6.18.0.tgz#4c517504db64bf8cfc119a6b8f177211f2028a70" - dependencies: - babel-runtime "^6.0.0" - - babel-plugin-transform-es2015-function-name@^6.9.0: - version "6.9.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-function-name/-/babel-plugin-transform-es2015-function-name-6.9.0.tgz#8c135b17dbd064e5bba56ec511baaee2fca82719" - dependencies: - babel-helper-function-name "^6.8.0" - babel-runtime "^6.9.0" - babel-types "^6.9.0" - - babel-plugin-transform-es2015-literals@^6.3.13: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-literals/-/babel-plugin-transform-es2015-literals-6.8.0.tgz#50aa2e5c7958fc2ab25d74ec117e0cc98f046468" - dependencies: - babel-runtime "^6.0.0" - - babel-plugin-transform-es2015-modules-amd@^6.18.0, babel-plugin-transform-es2015-modules-amd@^6.8.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-modules-amd/-/babel-plugin-transform-es2015-modules-amd-6.18.0.tgz#49a054cbb762bdf9ae2d8a807076cfade6141e40" - dependencies: - babel-plugin-transform-es2015-modules-commonjs "^6.18.0" - babel-runtime "^6.0.0" - babel-template "^6.8.0" - - babel-plugin-transform-es2015-modules-commonjs@^6.16.0, babel-plugin-transform-es2015-modules-commonjs@^6.18.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-modules-commonjs/-/babel-plugin-transform-es2015-modules-commonjs-6.18.0.tgz#c15ae5bb11b32a0abdcc98a5837baa4ee8d67bcc" - dependencies: - babel-plugin-transform-strict-mode "^6.18.0" - babel-runtime "^6.0.0" - babel-template "^6.16.0" - babel-types "^6.18.0" - - babel-plugin-transform-es2015-modules-systemjs@^6.14.0: - version "6.19.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-modules-systemjs/-/babel-plugin-transform-es2015-modules-systemjs-6.19.0.tgz#50438136eba74527efa00a5b0fefaf1dc4071da6" - dependencies: - babel-helper-hoist-variables "^6.18.0" - babel-runtime "^6.11.6" - babel-template "^6.14.0" - - babel-plugin-transform-es2015-modules-umd@^6.12.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-modules-umd/-/babel-plugin-transform-es2015-modules-umd-6.18.0.tgz#23351770ece5c1f8e83ed67cb1d7992884491e50" - dependencies: - babel-plugin-transform-es2015-modules-amd "^6.18.0" - babel-runtime "^6.0.0" - babel-template "^6.8.0" - - babel-plugin-transform-es2015-object-super@^6.3.13: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-object-super/-/babel-plugin-transform-es2015-object-super-6.8.0.tgz#1b858740a5a4400887c23dcff6f4d56eea4a24c5" - dependencies: - babel-helper-replace-supers "^6.8.0" - babel-runtime "^6.0.0" - - babel-plugin-transform-es2015-parameters@^6.16.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-parameters/-/babel-plugin-transform-es2015-parameters-6.18.0.tgz#9b2cfe238c549f1635ba27fc1daa858be70608b1" - dependencies: - babel-helper-call-delegate "^6.18.0" - babel-helper-get-function-arity "^6.18.0" - babel-runtime "^6.9.0" - babel-template "^6.16.0" - babel-traverse "^6.18.0" - babel-types "^6.18.0" - - babel-plugin-transform-es2015-shorthand-properties@^6.3.13: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-shorthand-properties/-/babel-plugin-transform-es2015-shorthand-properties-6.18.0.tgz#e2ede3b7df47bf980151926534d1dd0cbea58f43" - dependencies: - babel-runtime "^6.0.0" - babel-types "^6.18.0" - - babel-plugin-transform-es2015-spread@^6.3.13: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-spread/-/babel-plugin-transform-es2015-spread-6.8.0.tgz#0217f737e3b821fa5a669f187c6ed59205f05e9c" - dependencies: - babel-runtime "^6.0.0" - - babel-plugin-transform-es2015-sticky-regex@^6.3.13: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-sticky-regex/-/babel-plugin-transform-es2015-sticky-regex-6.8.0.tgz#e73d300a440a35d5c64f5c2a344dc236e3df47be" - dependencies: - babel-helper-regex "^6.8.0" - babel-runtime "^6.0.0" - babel-types "^6.8.0" - - babel-plugin-transform-es2015-template-literals@^6.6.0: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-template-literals/-/babel-plugin-transform-es2015-template-literals-6.8.0.tgz#86eb876d0a2c635da4ec048b4f7de9dfc897e66b" - dependencies: - babel-runtime "^6.0.0" - - babel-plugin-transform-es2015-typeof-symbol@^6.6.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-typeof-symbol/-/babel-plugin-transform-es2015-typeof-symbol-6.18.0.tgz#0b14c48629c90ff47a0650077f6aa699bee35798" - dependencies: - babel-runtime "^6.0.0" - - babel-plugin-transform-es2015-unicode-regex@^6.3.13: - version "6.11.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-unicode-regex/-/babel-plugin-transform-es2015-unicode-regex-6.11.0.tgz#6298ceabaad88d50a3f4f392d8de997260f6ef2c" - dependencies: - babel-helper-regex "^6.8.0" - babel-runtime "^6.0.0" - regexpu-core "^2.0.0" - - babel-plugin-transform-exponentiation-operator@^6.3.13: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-exponentiation-operator/-/babel-plugin-transform-exponentiation-operator-6.8.0.tgz#db25742e9339eade676ca9acec46f955599a68a4" - dependencies: - babel-helper-builder-binary-assignment-operator-visitor "^6.8.0" - babel-plugin-syntax-exponentiation-operator "^6.8.0" - babel-runtime "^6.0.0" - - babel-plugin-transform-flow-strip-types@^6.3.13: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-flow-strip-types/-/babel-plugin-transform-flow-strip-types-6.18.0.tgz#4d3e642158661e9b40db457c004a30817fa32592" - dependencies: - babel-plugin-syntax-flow "^6.18.0" - babel-runtime "^6.0.0" - - babel-plugin-transform-object-rest-spread@^6.16.0: - version "6.19.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-object-rest-spread/-/babel-plugin-transform-object-rest-spread-6.19.0.tgz#f6ac428ee3cb4c6aa00943ed1422ce813603b34c" - dependencies: - babel-plugin-syntax-object-rest-spread "^6.8.0" - babel-runtime "^6.0.0" - - babel-plugin-transform-react-display-name@^6.3.13: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-react-display-name/-/babel-plugin-transform-react-display-name-6.8.0.tgz#f7a084977383d728bdbdc2835bba0159577f660e" - dependencies: - babel-runtime "^6.0.0" - - babel-plugin-transform-react-jsx-self@^6.11.0: - version "6.11.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-react-jsx-self/-/babel-plugin-transform-react-jsx-self-6.11.0.tgz#605c9450c1429f97a930f7e1dfe3f0d9d0dbd0f4" - dependencies: - babel-plugin-syntax-jsx "^6.8.0" - babel-runtime "^6.9.0" - - babel-plugin-transform-react-jsx-source@^6.3.13: - version "6.9.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-react-jsx-source/-/babel-plugin-transform-react-jsx-source-6.9.0.tgz#af684a05c2067a86e0957d4f343295ccf5dccf00" - dependencies: - babel-plugin-syntax-jsx "^6.8.0" - babel-runtime "^6.9.0" - - babel-plugin-transform-react-jsx@^6.3.13: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-react-jsx/-/babel-plugin-transform-react-jsx-6.8.0.tgz#94759942f70af18c617189aa7f3593f1644a71ab" - dependencies: - babel-helper-builder-react-jsx "^6.8.0" - babel-plugin-syntax-jsx "^6.8.0" - babel-runtime "^6.0.0" - - babel-plugin-transform-regenerator@^6.16.0: - version "6.16.1" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-regenerator/-/babel-plugin-transform-regenerator-6.16.1.tgz#a75de6b048a14154aae14b0122756c5bed392f59" - dependencies: - babel-runtime "^6.9.0" - babel-types "^6.16.0" - private "~0.1.5" - - babel-plugin-transform-strict-mode@^6.18.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-strict-mode/-/babel-plugin-transform-strict-mode-6.18.0.tgz#df7cf2991fe046f44163dcd110d5ca43bc652b9d" - dependencies: - babel-runtime "^6.0.0" - babel-types "^6.18.0" - - babel-polyfill@^6.16.0: - version "6.16.0" - resolved "https://registry.yarnpkg.com/babel-polyfill/-/babel-polyfill-6.16.0.tgz#2d45021df87e26a374b6d4d1a9c65964d17f2422" - dependencies: - babel-runtime "^6.9.1" - core-js "^2.4.0" - regenerator-runtime "^0.9.5" - - babel-preset-es2015@6.16.0: - version "6.16.0" - resolved "https://registry.yarnpkg.com/babel-preset-es2015/-/babel-preset-es2015-6.16.0.tgz#59acecd1efbebaf48f89404840f2fe78c4d2ad5c" - dependencies: - babel-plugin-check-es2015-constants "^6.3.13" - babel-plugin-transform-es2015-arrow-functions "^6.3.13" - babel-plugin-transform-es2015-block-scoped-functions "^6.3.13" - babel-plugin-transform-es2015-block-scoping "^6.14.0" - babel-plugin-transform-es2015-classes "^6.14.0" - babel-plugin-transform-es2015-computed-properties "^6.3.13" - babel-plugin-transform-es2015-destructuring "^6.16.0" - babel-plugin-transform-es2015-duplicate-keys "^6.6.0" - babel-plugin-transform-es2015-for-of "^6.6.0" - babel-plugin-transform-es2015-function-name "^6.9.0" - babel-plugin-transform-es2015-literals "^6.3.13" - babel-plugin-transform-es2015-modules-amd "^6.8.0" - babel-plugin-transform-es2015-modules-commonjs "^6.16.0" - babel-plugin-transform-es2015-modules-systemjs "^6.14.0" - babel-plugin-transform-es2015-modules-umd "^6.12.0" - babel-plugin-transform-es2015-object-super "^6.3.13" - babel-plugin-transform-es2015-parameters "^6.16.0" - babel-plugin-transform-es2015-shorthand-properties "^6.3.13" - babel-plugin-transform-es2015-spread "^6.3.13" - babel-plugin-transform-es2015-sticky-regex "^6.3.13" - babel-plugin-transform-es2015-template-literals "^6.6.0" - babel-plugin-transform-es2015-typeof-symbol "^6.6.0" - babel-plugin-transform-es2015-unicode-regex "^6.3.13" - babel-plugin-transform-regenerator "^6.16.0" - - babel-preset-react@6.16.0: - version "6.16.0" - resolved "https://registry.yarnpkg.com/babel-preset-react/-/babel-preset-react-6.16.0.tgz#aa117d60de0928607e343c4828906e4661824316" - dependencies: - babel-plugin-syntax-flow "^6.3.13" - babel-plugin-syntax-jsx "^6.3.13" - babel-plugin-transform-flow-strip-types "^6.3.13" - babel-plugin-transform-react-display-name "^6.3.13" - babel-plugin-transform-react-jsx "^6.3.13" - babel-plugin-transform-react-jsx-self "^6.11.0" - babel-plugin-transform-react-jsx-source "^6.3.13" - - babel-preset-stage-2@6.17.0: - version "6.17.0" - resolved "https://registry.yarnpkg.com/babel-preset-stage-2/-/babel-preset-stage-2-6.17.0.tgz#dc4f84582781353cef36c41247eae5e36c4cae0d" - dependencies: - babel-plugin-transform-class-properties "^6.16.0" - babel-plugin-transform-decorators "^6.13.0" - babel-preset-stage-3 "^6.17.0" - - babel-preset-stage-3@^6.17.0: - version "6.17.0" - resolved "https://registry.yarnpkg.com/babel-preset-stage-3/-/babel-preset-stage-3-6.17.0.tgz#b6638e46db6e91e3f889013d8ce143917c685e39" - dependencies: - babel-plugin-syntax-trailing-function-commas "^6.3.13" - babel-plugin-transform-async-generator-functions "^6.17.0" - babel-plugin-transform-async-to-generator "^6.16.0" - babel-plugin-transform-exponentiation-operator "^6.3.13" - babel-plugin-transform-object-rest-spread "^6.16.0" - - babel-register@6.16.3, babel-register@^6.16.0: - version "6.16.3" - resolved "https://registry.yarnpkg.com/babel-register/-/babel-register-6.16.3.tgz#7b0c0ca7bfdeb9188ba4c27e5fcb7599a497c624" - dependencies: - babel-core "^6.16.0" - babel-runtime "^6.11.6" - core-js "^2.4.0" - home-or-tmp "^1.0.0" - lodash "^4.2.0" - mkdirp "^0.5.1" - path-exists "^1.0.0" - source-map-support "^0.4.2" - - babel-runtime@^6.0.0, babel-runtime@^6.11.6, babel-runtime@^6.9.0, babel-runtime@^6.9.1: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-runtime/-/babel-runtime-6.18.0.tgz#0f4177ffd98492ef13b9f823e9994a02584c9078" - dependencies: - core-js "^2.4.0" - regenerator-runtime "^0.9.5" - - babel-template@^6.14.0, babel-template@^6.15.0, babel-template@^6.16.0, babel-template@^6.8.0: - version "6.16.0" - resolved "https://registry.yarnpkg.com/babel-template/-/babel-template-6.16.0.tgz#e149dd1a9f03a35f817ddbc4d0481988e7ebc8ca" - dependencies: - babel-runtime "^6.9.0" - babel-traverse "^6.16.0" - babel-types "^6.16.0" - babylon "^6.11.0" - lodash "^4.2.0" - - babel-traverse@^6.15.0, babel-traverse@^6.16.0, babel-traverse@^6.18.0: - version "6.19.0" - resolved "https://registry.yarnpkg.com/babel-traverse/-/babel-traverse-6.19.0.tgz#68363fb821e26247d52a519a84b2ceab8df4f55a" - dependencies: - babel-code-frame "^6.16.0" - babel-messages "^6.8.0" - babel-runtime "^6.9.0" - babel-types "^6.19.0" - babylon "^6.11.0" - debug "^2.2.0" - globals "^9.0.0" - invariant "^2.2.0" - lodash "^4.2.0" - - babel-types@^6.13.0, babel-types@^6.15.0, babel-types@^6.16.0, babel-types@^6.18.0, babel-types@^6.19.0, babel-types@^6.8.0, babel-types@^6.9.0: - version "6.19.0" - resolved "https://registry.yarnpkg.com/babel-types/-/babel-types-6.19.0.tgz#8db2972dbed01f1192a8b602ba1e1e4c516240b9" - dependencies: - babel-runtime "^6.9.1" - esutils "^2.0.2" - lodash "^4.2.0" - to-fast-properties "^1.0.1" - - babylon@^6.11.0, babylon@^6.11.2: - version "6.14.1" - resolved "https://registry.yarnpkg.com/babylon/-/babylon-6.14.1.tgz#956275fab72753ad9b3435d7afe58f8bf0a29815" - - backo2@^1.0.2: - version "1.0.2" - resolved "https://registry.yarnpkg.com/backo2/-/backo2-1.0.2.tgz#31ab1ac8b129363463e35b3ebb69f4dfcfba7947" - - balanced-match@^0.4.1: - version "0.4.2" - resolved "https://registry.yarnpkg.com/balanced-match/-/balanced-match-0.4.2.tgz#cb3f3e3c732dc0f01ee70b403f302e61d7709838" - - base64-url@1.3.3: - version "1.3.3" - resolved "https://registry.yarnpkg.com/base64-url/-/base64-url-1.3.3.tgz#f8b6c537f09a4fc58c99cb86e0b0e9c61461a20f" - - base64url@2.0.0, base64url@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/base64url/-/base64url-2.0.0.tgz#eac16e03ea1438eff9423d69baa36262ed1f70bb" - - basic-auth@~1.1.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/basic-auth/-/basic-auth-1.1.0.tgz#45221ee429f7ee1e5035be3f51533f1cdfd29884" - - bcrypt-pbkdf@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.0.tgz#3ca76b85241c7170bf7d9703e7b9aa74630040d4" - dependencies: - tweetnacl "^0.14.3" - - bcrypt@^1.0.2: - version "1.0.2" - resolved "https://registry.yarnpkg.com/bcrypt/-/bcrypt-1.0.2.tgz#d05fc5d223173e0e28ec381c0f00cc25ffaf2736" - dependencies: - bindings "1.2.1" - nan "2.5.0" - node-pre-gyp "0.6.32" - - bin-version-check@^2.1.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/bin-version-check/-/bin-version-check-2.1.0.tgz#e4e5df290b9069f7d111324031efc13fdd11a5b0" - dependencies: - bin-version "^1.0.0" - minimist "^1.1.0" - semver "^4.0.3" - semver-truncate "^1.0.0" - - bin-version@^1.0.0: - version "1.0.4" - resolved "https://registry.yarnpkg.com/bin-version/-/bin-version-1.0.4.tgz#9eb498ee6fd76f7ab9a7c160436f89579435d78e" - dependencies: - find-versions "^1.0.0" - - binary-extensions@^1.0.0: - version "1.8.0" - resolved "https://registry.yarnpkg.com/binary-extensions/-/binary-extensions-1.8.0.tgz#48ec8d16df4377eae5fa5884682480af4d95c774" - - bindings@1.2.1: - version "1.2.1" - resolved "https://registry.yarnpkg.com/bindings/-/bindings-1.2.1.tgz#14ad6113812d2d37d72e67b4cacb4bb726505f11" - - bl@^1.0.0: - version "1.1.2" - resolved "https://registry.yarnpkg.com/bl/-/bl-1.1.2.tgz#fdca871a99713aa00d19e3bbba41c44787a65398" - dependencies: - readable-stream "~2.0.5" - - block-stream@*: - version "0.0.9" - resolved "https://registry.yarnpkg.com/block-stream/-/block-stream-0.0.9.tgz#13ebfe778a03205cfe03751481ebb4b3300c126a" - dependencies: - inherits "~2.0.0" - - body-parser@1.15.2: - version "1.15.2" - resolved "https://registry.yarnpkg.com/body-parser/-/body-parser-1.15.2.tgz#d7578cf4f1d11d5f6ea804cef35dc7a7ff6dae67" - dependencies: - bytes "2.4.0" - content-type "~1.0.2" - debug "~2.2.0" - depd "~1.1.0" - http-errors "~1.5.0" - iconv-lite "0.4.13" - on-finished "~2.3.0" - qs "6.2.0" - raw-body "~2.1.7" - type-is "~1.6.13" - - boom@2.x.x: - version "2.10.1" - resolved "https://registry.yarnpkg.com/boom/-/boom-2.10.1.tgz#39c8918ceff5799f83f9492a848f625add0c766f" - dependencies: - hoek "2.x.x" - - boom@^4.0.0: - version "4.3.0" - resolved "https://registry.yarnpkg.com/boom/-/boom-4.3.0.tgz#1ed1b4b8cd6891b602910debe33e1d511531b847" - dependencies: - hoek "4.x.x" - - brace-expansion@^1.0.0: - version "1.1.6" - resolved "https://registry.yarnpkg.com/brace-expansion/-/brace-expansion-1.1.6.tgz#7197d7eaa9b87e648390ea61fc66c84427420df9" - dependencies: - balanced-match "^0.4.1" - concat-map "0.0.1" - - braces@^1.8.2: - version "1.8.5" - resolved "https://registry.yarnpkg.com/braces/-/braces-1.8.5.tgz#ba77962e12dff969d6b76711e914b737857bf6a7" - dependencies: - expand-range "^1.8.1" - preserve "^0.2.0" - repeat-element "^1.1.2" - - browser-stdout@1.3.0: - version "1.3.0" - resolved "https://registry.yarnpkg.com/browser-stdout/-/browser-stdout-1.3.0.tgz#f351d32969d32fa5d7a5567154263d928ae3bd1f" - - bson@~1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/bson/-/bson-1.0.1.tgz#3a5addb0f2ff88bc3436e708e4bdb8637602d72d" - - buffer-crc32@~0.2.3: - version "0.2.13" - resolved "https://registry.yarnpkg.com/buffer-crc32/-/buffer-crc32-0.2.13.tgz#0d333e3f00eac50aa1454abd30ef8c2a5d9a7242" - - buffer-equal-constant-time@1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/buffer-equal-constant-time/-/buffer-equal-constant-time-1.0.1.tgz#f8e71132f7ffe6e01a5c9697a4c6f3e48d5cc819" - - buffer-shims@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/buffer-shims/-/buffer-shims-1.0.0.tgz#9978ce317388c649ad8793028c3477ef044a8b51" - - buffer-to-vinyl@^1.0.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/buffer-to-vinyl/-/buffer-to-vinyl-1.1.0.tgz#00f15faee3ab7a1dda2cde6d9121bffdd07b2262" - dependencies: - file-type "^3.1.0" - readable-stream "^2.0.2" - uuid "^2.0.1" - vinyl "^1.0.0" - - builtin-modules@^1.0.0, builtin-modules@^1.1.1: - version "1.1.1" - resolved "https://registry.yarnpkg.com/builtin-modules/-/builtin-modules-1.1.1.tgz#270f076c5a72c02f5b65a47df94c5fe3a278892f" - - bytes@2.4.0: - version "2.4.0" - resolved "https://registry.yarnpkg.com/bytes/-/bytes-2.4.0.tgz#7d97196f9d5baf7f6935e25985549edd2a6c2339" - - caller-path@^0.1.0: - version "0.1.0" - resolved "https://registry.yarnpkg.com/caller-path/-/caller-path-0.1.0.tgz#94085ef63581ecd3daa92444a8fe94e82577751f" - dependencies: - callsites "^0.2.0" - - callsites@^0.2.0: - version "0.2.0" - resolved "https://registry.yarnpkg.com/callsites/-/callsites-0.2.0.tgz#afab96262910a7f33c19a5775825c69f34e350ca" - - camelcase-keys@^2.0.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/camelcase-keys/-/camelcase-keys-2.1.0.tgz#308beeaffdf28119051efa1d932213c91b8f92e7" - dependencies: - camelcase "^2.0.0" - map-obj "^1.0.0" - - camelcase@^2.0.0, camelcase@^2.0.1: - version "2.1.1" - resolved "https://registry.yarnpkg.com/camelcase/-/camelcase-2.1.1.tgz#7c1d16d679a1bbe59ca02cacecfb011e201f5a1f" - - caseless@~0.11.0: - version "0.11.0" - resolved "https://registry.yarnpkg.com/caseless/-/caseless-0.11.0.tgz#715b96ea9841593cc33067923f5ec60ebda4f7d7" - - chai@^3.5.0: - version "3.5.0" - resolved "https://registry.yarnpkg.com/chai/-/chai-3.5.0.tgz#4d02637b067fe958bdbfdd3a40ec56fef7373247" - dependencies: - assertion-error "^1.0.1" - deep-eql "^0.1.3" - type-detect "^1.0.0" - - chalk@1.1.1: - version "1.1.1" - resolved "https://registry.yarnpkg.com/chalk/-/chalk-1.1.1.tgz#509afb67066e7499f7eb3535c77445772ae2d019" - dependencies: - ansi-styles "^2.1.0" - escape-string-regexp "^1.0.2" - has-ansi "^2.0.0" - strip-ansi "^3.0.0" - supports-color "^2.0.0" - - chalk@^1.0.0, chalk@^1.1.0, chalk@^1.1.1, chalk@^1.1.3: - version "1.1.3" - resolved "https://registry.yarnpkg.com/chalk/-/chalk-1.1.3.tgz#a8115c55e4a702fe4d150abd3872822a7e09fc98" - dependencies: - ansi-styles "^2.2.1" - escape-string-regexp "^1.0.2" - has-ansi "^2.0.0" - strip-ansi "^3.0.0" - supports-color "^2.0.0" - - chokidar@^1.0.0, chokidar@^1.4.3: - version "1.6.1" - resolved "https://registry.yarnpkg.com/chokidar/-/chokidar-1.6.1.tgz#2f4447ab5e96e50fb3d789fd90d4c72e0e4c70c2" - dependencies: - anymatch "^1.3.0" - async-each "^1.0.0" - glob-parent "^2.0.0" - inherits "^2.0.1" - is-binary-path "^1.0.0" - is-glob "^2.0.0" - path-is-absolute "^1.0.0" - readdirp "^2.0.0" - optionalDependencies: - fsevents "^1.0.0" - - circular-json@^0.3.0: - version "0.3.1" - resolved "https://registry.yarnpkg.com/circular-json/-/circular-json-0.3.1.tgz#be8b36aefccde8b3ca7aa2d6afc07a37242c0d2d" - - cli-cursor@^1.0.1: - version "1.0.2" - resolved "https://registry.yarnpkg.com/cli-cursor/-/cli-cursor-1.0.2.tgz#64da3f7d56a54412e59794bd62dc35295e8f2987" - dependencies: - restore-cursor "^1.0.1" - - cli-width@^2.0.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/cli-width/-/cli-width-2.1.0.tgz#b234ca209b29ef66fc518d9b98d5847b00edf00a" - - cliui@^3.0.3: - version "3.2.0" - resolved "https://registry.yarnpkg.com/cliui/-/cliui-3.2.0.tgz#120601537a916d29940f934da3b48d585a39213d" - dependencies: - string-width "^1.0.1" - strip-ansi "^3.0.1" - wrap-ansi "^2.0.0" - - clone-stats@^0.0.1: - version "0.0.1" - resolved "https://registry.yarnpkg.com/clone-stats/-/clone-stats-0.0.1.tgz#b88f94a82cf38b8791d58046ea4029ad88ca99d1" - - clone@^0.2.0: - version "0.2.0" - resolved "https://registry.yarnpkg.com/clone/-/clone-0.2.0.tgz#c6126a90ad4f72dbf5acdb243cc37724fe93fc1f" - - clone@^1.0.0: - version "1.0.2" - resolved "https://registry.yarnpkg.com/clone/-/clone-1.0.2.tgz#260b7a99ebb1edfe247538175f783243cb19d149" - - co@^4.6.0: - version "4.6.0" - resolved "https://registry.yarnpkg.com/co/-/co-4.6.0.tgz#6ea6bdf3d853ae54ccb8e47bfa0bf3f9031fb184" - - code-point-at@^1.0.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/code-point-at/-/code-point-at-1.1.0.tgz#0d070b4d043a5bea33a2f1a40e2edb3d9a4ccf77" - - colors@1.0.x: - version "1.0.3" - resolved "https://registry.yarnpkg.com/colors/-/colors-1.0.3.tgz#0433f44d809680fdeb60ed260f1b0c262e82a40b" - - combined-stream@^1.0.5, combined-stream@~1.0.5: - version "1.0.5" - resolved "https://registry.yarnpkg.com/combined-stream/-/combined-stream-1.0.5.tgz#938370a57b4a51dea2c77c15d5c5fdf895164009" - dependencies: - delayed-stream "~1.0.0" - - commander@2.9.0, commander@^2.8.1, commander@^2.9.0: - version "2.9.0" - resolved "https://registry.yarnpkg.com/commander/-/commander-2.9.0.tgz#9c99094176e12240cb22d6c5146098400fe0f7d4" - dependencies: - graceful-readlink ">= 1.0.0" - - commander@~2.8.1: - version "2.8.1" - resolved "https://registry.yarnpkg.com/commander/-/commander-2.8.1.tgz#06be367febfda0c330aa1e2a072d3dc9762425d4" - dependencies: - graceful-readlink ">= 1.0.0" - - concat-map@0.0.1: - version "0.0.1" - resolved "https://registry.yarnpkg.com/concat-map/-/concat-map-0.0.1.tgz#d8a96bd77fd68df7793a73036a3ba0d5405d477b" - - concat-stream@^1.4.6, concat-stream@^1.4.7: - version "1.5.2" - resolved "https://registry.yarnpkg.com/concat-stream/-/concat-stream-1.5.2.tgz#708978624d856af41a5a741defdd261da752c266" - dependencies: - inherits "~2.0.1" - readable-stream "~2.0.0" - typedarray "~0.0.5" - - configstore@^1.0.0: - version "1.4.0" - resolved "https://registry.yarnpkg.com/configstore/-/configstore-1.4.0.tgz#c35781d0501d268c25c54b8b17f6240e8a4fb021" - dependencies: - graceful-fs "^4.1.2" - mkdirp "^0.5.0" - object-assign "^4.0.1" - os-tmpdir "^1.0.0" - osenv "^0.1.0" - uuid "^2.0.1" - write-file-atomic "^1.1.2" - xdg-basedir "^2.0.0" - - console-control-strings@^1.0.0, console-control-strings@~1.1.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/console-control-strings/-/console-control-strings-1.1.0.tgz#3d7cf4464db6446ea644bf4b39507f9851008e8e" - - contains-path@^0.1.0: - version "0.1.0" - resolved "https://registry.yarnpkg.com/contains-path/-/contains-path-0.1.0.tgz#fe8cf184ff6670b6baef01a9d4861a5cbec4120a" - - content-disposition@0.5.1: - version "0.5.1" - resolved "https://registry.yarnpkg.com/content-disposition/-/content-disposition-0.5.1.tgz#87476c6a67c8daa87e32e87616df883ba7fb071b" - - content-type@~1.0.2: - version "1.0.2" - resolved "https://registry.yarnpkg.com/content-type/-/content-type-1.0.2.tgz#b7d113aee7a8dd27bd21133c4dc2529df1721eed" - - convert-source-map@^1.1.0, convert-source-map@^1.1.1: - version "1.3.0" - resolved "https://registry.yarnpkg.com/convert-source-map/-/convert-source-map-1.3.0.tgz#e9f3e9c6e2728efc2676696a70eb382f73106a67" - - cookie-signature@1.0.6: - version "1.0.6" - resolved "https://registry.yarnpkg.com/cookie-signature/-/cookie-signature-1.0.6.tgz#e303a882b342cc3ee8ca513a79999734dab3ae2c" - - cookie@0.3.1: - version "0.3.1" - resolved "https://registry.yarnpkg.com/cookie/-/cookie-0.3.1.tgz#e7e0a1f9ef43b4c8ba925c5c5a96e806d16873bb" - - core-js@^2.4.0: - version "2.4.1" - resolved "https://registry.yarnpkg.com/core-js/-/core-js-2.4.1.tgz#4de911e667b0eae9124e34254b53aea6fc618d3e" - - core-util-is@~1.0.0: - version "1.0.2" - resolved "https://registry.yarnpkg.com/core-util-is/-/core-util-is-1.0.2.tgz#b5fd54220aa2bc5ab57aab7140c940754503c1a7" - - cors: - version "2.8.1" - resolved "https://registry.yarnpkg.com/cors/-/cors-2.8.1.tgz#6181aa56abb45a2825be3304703747ae4e9d2383" - dependencies: - vary "^1" - - crc@3.4.0: - version "3.4.0" - resolved "https://registry.yarnpkg.com/crc/-/crc-3.4.0.tgz#4258e351613a74ef1153dfcb05e820c3e9715d7f" - - cryptiles@2.x.x: - version "2.0.5" - resolved "https://registry.yarnpkg.com/cryptiles/-/cryptiles-2.0.5.tgz#3bdfecdc608147c1c67202fa291e7dca59eaa3b8" - dependencies: - boom "2.x.x" - - currently-unhandled@^0.4.1: - version "0.4.1" - resolved "https://registry.yarnpkg.com/currently-unhandled/-/currently-unhandled-0.4.1.tgz#988df33feab191ef799a61369dd76c17adf957ea" - dependencies: - array-find-index "^1.0.1" - - cycle@1.0.x: - version "1.0.3" - resolved "https://registry.yarnpkg.com/cycle/-/cycle-1.0.3.tgz#21e80b2be8580f98b468f379430662b046c34ad2" - - d@^0.1.1, d@~0.1.1: - version "0.1.1" - resolved "https://registry.yarnpkg.com/d/-/d-0.1.1.tgz#da184c535d18d8ee7ba2aa229b914009fae11309" - dependencies: - es5-ext "~0.10.2" - - damerau-levenshtein@^1.0.0: - version "1.0.3" - resolved "https://registry.yarnpkg.com/damerau-levenshtein/-/damerau-levenshtein-1.0.3.tgz#ae4f4ce0b62acae10ff63a01bb08f652f5213af2" - - dashdash@^1.12.0: - version "1.14.1" - resolved "https://registry.yarnpkg.com/dashdash/-/dashdash-1.14.1.tgz#853cfa0f7cbe2fed5de20326b8dd581035f6e2f0" - dependencies: - assert-plus "^1.0.0" - - dataloader@^1.2.0: - version "1.2.0" - resolved "https://registry.yarnpkg.com/dataloader/-/dataloader-1.2.0.tgz#3f73ea657c492c860c1633348adc55ca9bf2107e" - - debug@2, debug@2.6.8, debug@^2.1.1, debug@^2.2.0: - version "2.6.8" - resolved "https://registry.yarnpkg.com/debug/-/debug-2.6.8.tgz#e731531ca2ede27d188222427da17821d68ff4fc" - dependencies: - ms "2.0.0" - - debug@2.2.0, debug@~2.2.0: - version "2.2.0" - resolved "https://registry.yarnpkg.com/debug/-/debug-2.2.0.tgz#f87057e995b1a1f6ae6a4960664137bc56f039da" - dependencies: - ms "0.7.1" - - decamelize@^1.1.1, decamelize@^1.1.2: - version "1.2.0" - resolved "https://registry.yarnpkg.com/decamelize/-/decamelize-1.2.0.tgz#f6534d15148269b20352e7bee26f501f9a191290" - - decompress-tar@^3.0.0: - version "3.1.0" - resolved "https://registry.yarnpkg.com/decompress-tar/-/decompress-tar-3.1.0.tgz#217c789f9b94450efaadc5c5e537978fc333c466" - dependencies: - is-tar "^1.0.0" - object-assign "^2.0.0" - strip-dirs "^1.0.0" - tar-stream "^1.1.1" - through2 "^0.6.1" - vinyl "^0.4.3" - - decompress-tarbz2@^3.0.0: - version "3.1.0" - resolved "https://registry.yarnpkg.com/decompress-tarbz2/-/decompress-tarbz2-3.1.0.tgz#8b23935681355f9f189d87256a0f8bdd96d9666d" - dependencies: - is-bzip2 "^1.0.0" - object-assign "^2.0.0" - seek-bzip "^1.0.3" - strip-dirs "^1.0.0" - tar-stream "^1.1.1" - through2 "^0.6.1" - vinyl "^0.4.3" - - decompress-targz@^3.0.0: - version "3.1.0" - resolved "https://registry.yarnpkg.com/decompress-targz/-/decompress-targz-3.1.0.tgz#b2c13df98166268991b715d6447f642e9696f5a0" - dependencies: - is-gzip "^1.0.0" - object-assign "^2.0.0" - strip-dirs "^1.0.0" - tar-stream "^1.1.1" - through2 "^0.6.1" - vinyl "^0.4.3" - - decompress-unzip@^3.0.0: - version "3.4.0" - resolved "https://registry.yarnpkg.com/decompress-unzip/-/decompress-unzip-3.4.0.tgz#61475b4152066bbe3fee12f9d629d15fe6478eeb" - dependencies: - is-zip "^1.0.0" - read-all-stream "^3.0.0" - stat-mode "^0.2.0" - strip-dirs "^1.0.0" - through2 "^2.0.0" - vinyl "^1.0.0" - yauzl "^2.2.1" - - decompress@^3.0.0: - version "3.0.0" - resolved "https://registry.yarnpkg.com/decompress/-/decompress-3.0.0.tgz#af1dd50d06e3bfc432461d37de11b38c0d991bed" - dependencies: - buffer-to-vinyl "^1.0.0" - concat-stream "^1.4.6" - decompress-tar "^3.0.0" - decompress-tarbz2 "^3.0.0" - decompress-targz "^3.0.0" - decompress-unzip "^3.0.0" - stream-combiner2 "^1.1.1" - vinyl-assign "^1.0.1" - vinyl-fs "^2.2.0" - - deep-eql@^0.1.3: - version "0.1.3" - resolved "https://registry.yarnpkg.com/deep-eql/-/deep-eql-0.1.3.tgz#ef558acab8de25206cd713906d74e56930eb69f2" - dependencies: - type-detect "0.1.1" - - deep-extend@~0.4.0: - version "0.4.1" - resolved "https://registry.yarnpkg.com/deep-extend/-/deep-extend-0.4.1.tgz#efe4113d08085f4e6f9687759810f807469e2253" - - deep-is@~0.1.3: - version "0.1.3" - resolved "https://registry.yarnpkg.com/deep-is/-/deep-is-0.1.3.tgz#b369d6fb5dbc13eecf524f91b070feedc357cf34" - - del@^2.0.2: - version "2.2.2" - resolved "https://registry.yarnpkg.com/del/-/del-2.2.2.tgz#c12c981d067846c84bcaf862cff930d907ffd1a8" - dependencies: - globby "^5.0.0" - is-path-cwd "^1.0.0" - is-path-in-cwd "^1.0.0" - object-assign "^4.0.1" - pify "^2.0.0" - pinkie-promise "^2.0.0" - rimraf "^2.2.8" - - delayed-stream@~1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/delayed-stream/-/delayed-stream-1.0.0.tgz#df3ae199acadfb7d440aaae0b29e2272b24ec619" - - delegates@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/delegates/-/delegates-1.0.0.tgz#84c6e159b81904fdca59a0ef44cd870d31250f9a" - - denodeify@^1.2.1: - version "1.2.1" - resolved "https://registry.yarnpkg.com/denodeify/-/denodeify-1.2.1.tgz#3a36287f5034e699e7577901052c2e6c94251631" - - depd@~1.1.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/depd/-/depd-1.1.0.tgz#e1bd82c6aab6ced965b97b88b17ed3e528ca18c3" - - deprecated-decorator@^0.1.6: - version "0.1.6" - resolved "https://registry.yarnpkg.com/deprecated-decorator/-/deprecated-decorator-0.1.6.tgz#00966317b7a12fe92f3cc831f7583af329b86c37" - - destroy@~1.0.4: - version "1.0.4" - resolved "https://registry.yarnpkg.com/destroy/-/destroy-1.0.4.tgz#978857442c44749e4206613e37946205826abd80" - - detect-indent@^4.0.0: - version "4.0.0" - resolved "https://registry.yarnpkg.com/detect-indent/-/detect-indent-4.0.0.tgz#f76d064352cdf43a1cb6ce619c4ee3a9475de208" - dependencies: - repeating "^2.0.0" - - diff@1.4.0: - version "1.4.0" - resolved "https://registry.yarnpkg.com/diff/-/diff-1.4.0.tgz#7f28d2eb9ee7b15a97efd89ce63dcfdaa3ccbabf" - - doctrine@1.3.x: - version "1.3.0" - resolved "https://registry.yarnpkg.com/doctrine/-/doctrine-1.3.0.tgz#13e75682b55518424276f7c173783456ef913d26" - dependencies: - esutils "^2.0.2" - isarray "^1.0.0" - - doctrine@^1.2.2: - version "1.5.0" - resolved "https://registry.yarnpkg.com/doctrine/-/doctrine-1.5.0.tgz#379dce730f6166f76cefa4e6707a159b02c5a6fa" - dependencies: - esutils "^2.0.2" - isarray "^1.0.0" - - dotenv@2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/dotenv/-/dotenv-2.0.0.tgz#bd759c357aaa70365e01c96b7b0bec08a6e0d949" - - duplexer2@~0.1.0: - version "0.1.4" - resolved "https://registry.yarnpkg.com/duplexer2/-/duplexer2-0.1.4.tgz#8b12dab878c0d69e3e7891051662a32fc6bddcc1" - dependencies: - readable-stream "^2.0.2" - - duplexer@~0.1.1: - version "0.1.1" - resolved "https://registry.yarnpkg.com/duplexer/-/duplexer-0.1.1.tgz#ace6ff808c1ce66b57d1ebf97977acb02334cfc1" - - duplexify@^3.2.0: - version "3.5.0" - resolved "https://registry.yarnpkg.com/duplexify/-/duplexify-3.5.0.tgz#1aa773002e1578457e9d9d4a50b0ccaaebcbd604" - dependencies: - end-of-stream "1.0.0" - inherits "^2.0.1" - readable-stream "^2.0.0" - stream-shift "^1.0.0" - - ecc-jsbn@~0.1.1: - version "0.1.1" - resolved "https://registry.yarnpkg.com/ecc-jsbn/-/ecc-jsbn-0.1.1.tgz#0fc73a9ed5f0d53c38193398523ef7e543777505" - dependencies: - jsbn "~0.1.0" - - ecdsa-sig-formatter@1.0.9: - version "1.0.9" - resolved "https://registry.yarnpkg.com/ecdsa-sig-formatter/-/ecdsa-sig-formatter-1.0.9.tgz#4bc926274ec3b5abb5016e7e1d60921ac262b2a1" - dependencies: - base64url "^2.0.0" - safe-buffer "^5.0.1" - - ee-first@1.1.1: - version "1.1.1" - resolved "https://registry.yarnpkg.com/ee-first/-/ee-first-1.1.1.tgz#590c61156b0ae2f4f0255732a158b266bc56b21d" - - encodeurl@~1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/encodeurl/-/encodeurl-1.0.1.tgz#79e3d58655346909fe6f0f45a5de68103b294d20" - - encoding@^0.1.11: - version "0.1.12" - resolved "https://registry.yarnpkg.com/encoding/-/encoding-0.1.12.tgz#538b66f3ee62cd1ab51ec323829d1f9480c74beb" - dependencies: - iconv-lite "~0.4.13" - - end-of-stream@1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/end-of-stream/-/end-of-stream-1.0.0.tgz#d4596e702734a93e40e9af864319eabd99ff2f0e" - dependencies: - once "~1.3.0" - - end-of-stream@^1.0.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/end-of-stream/-/end-of-stream-1.1.0.tgz#e9353258baa9108965efc41cb0ef8ade2f3cfb07" - dependencies: - once "~1.3.0" - - error-ex@^1.2.0: - version "1.3.0" - resolved "https://registry.yarnpkg.com/error-ex/-/error-ex-1.3.0.tgz#e67b43f3e82c96ea3a584ffee0b9fc3325d802d9" - dependencies: - is-arrayish "^0.2.1" - - es5-ext@^0.10.7, es5-ext@^0.10.8, es5-ext@~0.10.11, es5-ext@~0.10.2, es5-ext@~0.10.7: - version "0.10.12" - resolved "https://registry.yarnpkg.com/es5-ext/-/es5-ext-0.10.12.tgz#aa84641d4db76b62abba5e45fd805ecbab140047" - dependencies: - es6-iterator "2" - es6-symbol "~3.1" - - es6-iterator@2: - version "2.0.0" - resolved "https://registry.yarnpkg.com/es6-iterator/-/es6-iterator-2.0.0.tgz#bd968567d61635e33c0b80727613c9cb4b096bac" - dependencies: - d "^0.1.1" - es5-ext "^0.10.7" - es6-symbol "3" - - es6-map@^0.1.3: - version "0.1.4" - resolved "https://registry.yarnpkg.com/es6-map/-/es6-map-0.1.4.tgz#a34b147be224773a4d7da8072794cefa3632b897" - dependencies: - d "~0.1.1" - es5-ext "~0.10.11" - es6-iterator "2" - es6-set "~0.1.3" - es6-symbol "~3.1.0" - event-emitter "~0.3.4" - - es6-promise@3.2.1: - version "3.2.1" - resolved "https://registry.yarnpkg.com/es6-promise/-/es6-promise-3.2.1.tgz#ec56233868032909207170c39448e24449dd1fc4" - - es6-promise@^3.0.2, es6-promise@^3.2.1: - version "3.3.1" - resolved "https://registry.yarnpkg.com/es6-promise/-/es6-promise-3.3.1.tgz#a08cdde84ccdbf34d027a1451bc91d4bcd28a613" - - es6-set@~0.1.3: - version "0.1.4" - resolved "https://registry.yarnpkg.com/es6-set/-/es6-set-0.1.4.tgz#9516b6761c2964b92ff479456233a247dc707ce8" - dependencies: - d "~0.1.1" - es5-ext "~0.10.11" - es6-iterator "2" - es6-symbol "3" - event-emitter "~0.3.4" - - es6-symbol@3, es6-symbol@~3.1, es6-symbol@~3.1.0: - version "3.1.0" - resolved "https://registry.yarnpkg.com/es6-symbol/-/es6-symbol-3.1.0.tgz#94481c655e7a7cad82eba832d97d5433496d7ffa" - dependencies: - d "~0.1.1" - es5-ext "~0.10.11" - - es6-weak-map@^2.0.1: - version "2.0.1" - resolved "https://registry.yarnpkg.com/es6-weak-map/-/es6-weak-map-2.0.1.tgz#0d2bbd8827eb5fb4ba8f97fbfea50d43db21ea81" - dependencies: - d "^0.1.1" - es5-ext "^0.10.8" - es6-iterator "2" - es6-symbol "3" - - escape-html@~1.0.3: - version "1.0.3" - resolved "https://registry.yarnpkg.com/escape-html/-/escape-html-1.0.3.tgz#0258eae4d3d0c0974de1c169188ef0051d1d1988" - - escape-string-regexp@1.0.5, escape-string-regexp@^1.0.2, escape-string-regexp@^1.0.5: - version "1.0.5" - resolved "https://registry.yarnpkg.com/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz#1b61c0562190a8dff6ae3bb2cf0200ca130b86d4" - - escope@^3.6.0: - version "3.6.0" - resolved "https://registry.yarnpkg.com/escope/-/escope-3.6.0.tgz#e01975e812781a163a6dadfdd80398dc64c889c3" - dependencies: - es6-map "^0.1.3" - es6-weak-map "^2.0.1" - esrecurse "^4.1.0" - estraverse "^4.1.1" - - eslint-config-react-app@^0.4.0: - version "0.4.0" - resolved "https://registry.yarnpkg.com/eslint-config-react-app/-/eslint-config-react-app-0.4.0.tgz#7f87bfd2a35ed7aa17860b6b002b4197fea385d0" - - eslint-import-resolver-node@^0.2.0: - version "0.2.3" - resolved "https://registry.yarnpkg.com/eslint-import-resolver-node/-/eslint-import-resolver-node-0.2.3.tgz#5add8106e8c928db2cba232bcd9efa846e3da16c" - dependencies: - debug "^2.2.0" - object-assign "^4.0.1" - resolve "^1.1.6" - - eslint-module-utils@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/eslint-module-utils/-/eslint-module-utils-1.0.0.tgz#c4a57fd3a53efd8426cc2d5550aadab9bbd05fd0" - dependencies: - debug "2.2.0" - pkg-dir "^1.0.0" - - eslint-plugin-babel@3.3.0: - version "3.3.0" - resolved "https://registry.yarnpkg.com/eslint-plugin-babel/-/eslint-plugin-babel-3.3.0.tgz#2f494aedcf6f4aa4e75b9155980837bc1fbde193" - - eslint-plugin-flowtype@2.21.0: - version "2.21.0" - resolved "https://registry.yarnpkg.com/eslint-plugin-flowtype/-/eslint-plugin-flowtype-2.21.0.tgz#a47e85abcdd181d37a336054bd552149ae387d9c" - dependencies: - lodash "^4.15.0" - - eslint-plugin-import@2.0.1: - version "2.0.1" - resolved "https://registry.yarnpkg.com/eslint-plugin-import/-/eslint-plugin-import-2.0.1.tgz#dcfe96357d476b3f822570d42c29bec66f5d9c5c" - dependencies: - builtin-modules "^1.1.1" - contains-path "^0.1.0" - debug "^2.2.0" - doctrine "1.3.x" - eslint-import-resolver-node "^0.2.0" - eslint-module-utils "^1.0.0" - has "^1.0.1" - lodash.cond "^4.3.0" - minimatch "^3.0.3" - pkg-up "^1.0.0" - - eslint-plugin-jsx-a11y@2.2.3: - version "2.2.3" - resolved "https://registry.yarnpkg.com/eslint-plugin-jsx-a11y/-/eslint-plugin-jsx-a11y-2.2.3.tgz#4e35cb71b8a7db702ac415c806eb8e8d9ea6c65d" - dependencies: - damerau-levenshtein "^1.0.0" - jsx-ast-utils "^1.0.0" - object-assign "^4.0.1" - - eslint-plugin-react@6.4.1: - version "6.4.1" - resolved "https://registry.yarnpkg.com/eslint-plugin-react/-/eslint-plugin-react-6.4.1.tgz#7d1aade747db15892f71eee1fea4addf97bcfa2b" - dependencies: - doctrine "^1.2.2" - jsx-ast-utils "^1.3.1" - - eslint@3.8.1: - version "3.8.1" - resolved "https://registry.yarnpkg.com/eslint/-/eslint-3.8.1.tgz#7d02db44cd5aaf4fa7aa489e1f083baa454342ba" - dependencies: - chalk "^1.1.3" - concat-stream "^1.4.6" - debug "^2.1.1" - doctrine "^1.2.2" - escope "^3.6.0" - espree "^3.3.1" - estraverse "^4.2.0" - esutils "^2.0.2" - file-entry-cache "^2.0.0" - glob "^7.0.3" - globals "^9.2.0" - ignore "^3.1.5" - imurmurhash "^0.1.4" - inquirer "^0.12.0" - is-my-json-valid "^2.10.0" - is-resolvable "^1.0.0" - js-yaml "^3.5.1" - json-stable-stringify "^1.0.0" - levn "^0.3.0" - lodash "^4.0.0" - mkdirp "^0.5.0" - natural-compare "^1.4.0" - optionator "^0.8.2" - path-is-inside "^1.0.1" - pluralize "^1.2.1" - progress "^1.1.8" - require-uncached "^1.0.2" - shelljs "^0.6.0" - strip-bom "^3.0.0" - strip-json-comments "~1.0.1" - table "^3.7.8" - text-table "~0.2.0" - user-home "^2.0.0" - - espree@^3.3.1: - version "3.3.2" - resolved "https://registry.yarnpkg.com/espree/-/espree-3.3.2.tgz#dbf3fadeb4ecb4d4778303e50103b3d36c88b89c" - dependencies: - acorn "^4.0.1" - acorn-jsx "^3.0.0" - - esprima@^2.6.0: - version "2.7.3" - resolved "https://registry.yarnpkg.com/esprima/-/esprima-2.7.3.tgz#96e3b70d5779f6ad49cd032673d1c312767ba581" - - esrecurse@^4.1.0: - version "4.1.0" - resolved "https://registry.yarnpkg.com/esrecurse/-/esrecurse-4.1.0.tgz#4713b6536adf7f2ac4f327d559e7756bff648220" - dependencies: - estraverse "~4.1.0" - object-assign "^4.0.1" - - estraverse@^4.1.1, estraverse@^4.2.0: - version "4.2.0" - resolved "https://registry.yarnpkg.com/estraverse/-/estraverse-4.2.0.tgz#0dee3fed31fcd469618ce7342099fc1afa0bdb13" - - estraverse@~4.1.0: - version "4.1.1" - resolved "https://registry.yarnpkg.com/estraverse/-/estraverse-4.1.1.tgz#f6caca728933a850ef90661d0e17982ba47111a2" - - esutils@^2.0.0, esutils@^2.0.2: - version "2.0.2" - resolved "https://registry.yarnpkg.com/esutils/-/esutils-2.0.2.tgz#0abf4f1caa5bcb1f7a9d8acc6dea4faaa04bac9b" - - etag@~1.7.0: - version "1.7.0" - resolved "https://registry.yarnpkg.com/etag/-/etag-1.7.0.tgz#03d30b5f67dd6e632d2945d30d6652731a34d5d8" - - event-emitter@~0.3.4: - version "0.3.4" - resolved "https://registry.yarnpkg.com/event-emitter/-/event-emitter-0.3.4.tgz#8d63ddfb4cfe1fae3b32ca265c4c720222080bb5" - dependencies: - d "~0.1.1" - es5-ext "~0.10.7" - - event-stream@~3.3.0: - version "3.3.4" - resolved "https://registry.yarnpkg.com/event-stream/-/event-stream-3.3.4.tgz#4ab4c9a0f5a54db9338b4c34d86bfce8f4b35571" - dependencies: - duplexer "~0.1.1" - from "~0" - map-stream "~0.1.0" - pause-stream "0.0.11" - split "0.3" - stream-combiner "~0.0.4" - through "~2.3.1" - - exit-hook@^1.0.0: - version "1.1.1" - resolved "https://registry.yarnpkg.com/exit-hook/-/exit-hook-1.1.1.tgz#f05ca233b48c05d54fff07765df8507e95c02ff8" - - expand-brackets@^0.1.4: - version "0.1.5" - resolved "https://registry.yarnpkg.com/expand-brackets/-/expand-brackets-0.1.5.tgz#df07284e342a807cd733ac5af72411e581d1177b" - dependencies: - is-posix-bracket "^0.1.0" - - expand-range@^1.8.1: - version "1.8.2" - resolved "https://registry.yarnpkg.com/expand-range/-/expand-range-1.8.2.tgz#a299effd335fe2721ebae8e257ec79644fc85337" - dependencies: - fill-range "^2.1.0" - - express-session@1.14.1: - version "1.14.1" - resolved "https://registry.yarnpkg.com/express-session/-/express-session-1.14.1.tgz#600364f0f6bf5dce32649e006770bdeee80aec99" - dependencies: - cookie "0.3.1" - cookie-signature "1.0.6" - crc "3.4.0" - debug "~2.2.0" - depd "~1.1.0" - on-headers "~1.0.1" - parseurl "~1.3.1" - uid-safe "~2.1.2" - utils-merge "1.0.0" - - express@4.14.0: - version "4.14.0" - resolved "https://registry.yarnpkg.com/express/-/express-4.14.0.tgz#c1ee3f42cdc891fb3dc650a8922d51ec847d0d66" - dependencies: - accepts "~1.3.3" - array-flatten "1.1.1" - content-disposition "0.5.1" - content-type "~1.0.2" - cookie "0.3.1" - cookie-signature "1.0.6" - debug "~2.2.0" - depd "~1.1.0" - encodeurl "~1.0.1" - escape-html "~1.0.3" - etag "~1.7.0" - finalhandler "0.5.0" - fresh "0.3.0" - merge-descriptors "1.0.1" - methods "~1.1.2" - on-finished "~2.3.0" - parseurl "~1.3.1" - path-to-regexp "0.1.7" - proxy-addr "~1.1.2" - qs "6.2.0" - range-parser "~1.2.0" - send "0.14.1" - serve-static "~1.11.1" - type-is "~1.6.13" - utils-merge "1.0.0" - vary "~1.1.0" - - extend-shallow@^2.0.1: - version "2.0.1" - resolved "https://registry.yarnpkg.com/extend-shallow/-/extend-shallow-2.0.1.tgz#51af7d614ad9a9f610ea1bafbb989d6b1c56890f" - dependencies: - is-extendable "^0.1.0" - - extend@3, extend@^3.0.0, extend@~3.0.0: - version "3.0.0" - resolved "https://registry.yarnpkg.com/extend/-/extend-3.0.0.tgz#5a474353b9f3353ddd8176dfd37b91c83a46f1d4" - - extglob@^0.3.1: - version "0.3.2" - resolved "https://registry.yarnpkg.com/extglob/-/extglob-0.3.2.tgz#2e18ff3d2f49ab2765cec9023f011daa8d8349a1" - dependencies: - is-extglob "^1.0.0" - - extsprintf@1.0.2: - version "1.0.2" - resolved "https://registry.yarnpkg.com/extsprintf/-/extsprintf-1.0.2.tgz#e1080e0658e300b06294990cc70e1502235fd550" - - eyes@0.1.x: - version "0.1.8" - resolved "https://registry.yarnpkg.com/eyes/-/eyes-0.1.8.tgz#62cf120234c683785d902348a800ef3e0cc20bc0" - - fast-levenshtein@~2.0.4: - version "2.0.5" - resolved "https://registry.yarnpkg.com/fast-levenshtein/-/fast-levenshtein-2.0.5.tgz#bd33145744519ab1c36c3ee9f31f08e9079b67f2" - - fd-slicer@~1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/fd-slicer/-/fd-slicer-1.0.1.tgz#8b5bcbd9ec327c5041bf9ab023fd6750f1177e65" - dependencies: - pend "~1.2.0" - - figures@^1.3.5: - version "1.7.0" - resolved "https://registry.yarnpkg.com/figures/-/figures-1.7.0.tgz#cbe1e3affcf1cd44b80cadfed28dc793a9701d2e" - dependencies: - escape-string-regexp "^1.0.5" - object-assign "^4.1.0" - - file-entry-cache@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/file-entry-cache/-/file-entry-cache-2.0.0.tgz#c392990c3e684783d838b8c84a45d8a048458361" - dependencies: - flat-cache "^1.2.1" - object-assign "^4.0.1" - - file-type@^3.1.0: - version "3.9.0" - resolved "https://registry.yarnpkg.com/file-type/-/file-type-3.9.0.tgz#257a078384d1db8087bc449d107d52a52672b9e9" - - filename-regex@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/filename-regex/-/filename-regex-2.0.0.tgz#996e3e80479b98b9897f15a8a58b3d084e926775" - - fill-range@^2.1.0: - version "2.2.3" - resolved "https://registry.yarnpkg.com/fill-range/-/fill-range-2.2.3.tgz#50b77dfd7e469bc7492470963699fe7a8485a723" - dependencies: - is-number "^2.1.0" - isobject "^2.0.0" - randomatic "^1.1.3" - repeat-element "^1.1.2" - repeat-string "^1.5.2" - - finalhandler@0.5.0: - version "0.5.0" - resolved "https://registry.yarnpkg.com/finalhandler/-/finalhandler-0.5.0.tgz#e9508abece9b6dba871a6942a1d7911b91911ac7" - dependencies: - debug "~2.2.0" - escape-html "~1.0.3" - on-finished "~2.3.0" - statuses "~1.3.0" - unpipe "~1.0.0" - - find-up@^1.0.0: - version "1.1.2" - resolved "https://registry.yarnpkg.com/find-up/-/find-up-1.1.2.tgz#6b2e9822b1a2ce0a60ab64d610eccad53cb24d0f" - dependencies: - path-exists "^2.0.0" - pinkie-promise "^2.0.0" - - find-versions@^1.0.0: - version "1.2.1" - resolved "https://registry.yarnpkg.com/find-versions/-/find-versions-1.2.1.tgz#cbde9f12e38575a0af1be1b9a2c5d5fd8f186b62" - dependencies: - array-uniq "^1.0.0" - get-stdin "^4.0.1" - meow "^3.5.0" - semver-regex "^1.0.0" - - first-chunk-stream@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/first-chunk-stream/-/first-chunk-stream-1.0.0.tgz#59bfb50cd905f60d7c394cd3d9acaab4e6ad934e" - - flat-cache@^1.2.1: - version "1.2.1" - resolved "https://registry.yarnpkg.com/flat-cache/-/flat-cache-1.2.1.tgz#6c837d6225a7de5659323740b36d5361f71691ff" - dependencies: - circular-json "^0.3.0" - del "^2.0.2" - graceful-fs "^4.1.2" - write "^0.2.1" - - for-in@^0.1.5: - version "0.1.6" - resolved "https://registry.yarnpkg.com/for-in/-/for-in-0.1.6.tgz#c9f96e89bfad18a545af5ec3ed352a1d9e5b4dc8" - - for-own@^0.1.4: - version "0.1.4" - resolved "https://registry.yarnpkg.com/for-own/-/for-own-0.1.4.tgz#0149b41a39088c7515f51ebe1c1386d45f935072" - dependencies: - for-in "^0.1.5" - - forever-agent@~0.6.1: - version "0.6.1" - resolved "https://registry.yarnpkg.com/forever-agent/-/forever-agent-0.6.1.tgz#fbc71f0c41adeb37f96c577ad1ed42d8fdacca91" - - form-data@~2.1.1: - version "2.1.2" - resolved "https://registry.yarnpkg.com/form-data/-/form-data-2.1.2.tgz#89c3534008b97eada4cbb157d58f6f5df025eae4" - dependencies: - asynckit "^0.4.0" - combined-stream "^1.0.5" - mime-types "^2.1.12" - - forwarded@~0.1.0: - version "0.1.0" - resolved "https://registry.yarnpkg.com/forwarded/-/forwarded-0.1.0.tgz#19ef9874c4ae1c297bcf078fde63a09b66a84363" - - fresh@0.3.0: - version "0.3.0" - resolved "https://registry.yarnpkg.com/fresh/-/fresh-0.3.0.tgz#651f838e22424e7566de161d8358caa199f83d4f" - - from@~0: - version "0.1.3" - resolved "https://registry.yarnpkg.com/from/-/from-0.1.3.tgz#ef63ac2062ac32acf7862e0d40b44b896f22f3bc" - - fs-readdir-recursive@^0.1.0: - version "0.1.2" - resolved "https://registry.yarnpkg.com/fs-readdir-recursive/-/fs-readdir-recursive-0.1.2.tgz#315b4fb8c1ca5b8c47defef319d073dad3568059" - - fs.realpath@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/fs.realpath/-/fs.realpath-1.0.0.tgz#1504ad2523158caa40db4a2787cb01411994ea4f" - - fsevents@^1.0.0: - version "1.0.15" - resolved "https://registry.yarnpkg.com/fsevents/-/fsevents-1.0.15.tgz#fa63f590f3c2ad91275e4972a6cea545fb0aae44" - dependencies: - nan "^2.3.0" - node-pre-gyp "^0.6.29" - - fstream-ignore@~1.0.5: - version "1.0.5" - resolved "https://registry.yarnpkg.com/fstream-ignore/-/fstream-ignore-1.0.5.tgz#9c31dae34767018fe1d249b24dada67d092da105" - dependencies: - fstream "^1.0.0" - inherits "2" - minimatch "^3.0.0" - - fstream@^1.0.0, fstream@^1.0.2, fstream@~1.0.10: - version "1.0.10" - resolved "https://registry.yarnpkg.com/fstream/-/fstream-1.0.10.tgz#604e8a92fe26ffd9f6fae30399d4984e1ab22822" - dependencies: - graceful-fs "^4.1.2" - inherits "~2.0.0" - mkdirp ">=0.5 0" - rimraf "2" - - function-bind@^1.0.2: - version "1.1.0" - resolved "https://registry.yarnpkg.com/function-bind/-/function-bind-1.1.0.tgz#16176714c801798e4e8f2cf7f7529467bb4a5771" - - gauge@~2.7.1: - version "2.7.2" - resolved "https://registry.yarnpkg.com/gauge/-/gauge-2.7.2.tgz#15cecc31b02d05345a5d6b0e171cdb3ad2307774" - dependencies: - aproba "^1.0.3" - console-control-strings "^1.0.0" - has-unicode "^2.0.0" - object-assign "^4.1.0" - signal-exit "^3.0.0" - string-width "^1.0.1" - strip-ansi "^3.0.1" - supports-color "^0.2.0" - wide-align "^1.1.0" - - generate-function@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/generate-function/-/generate-function-2.0.0.tgz#6858fe7c0969b7d4e9093337647ac79f60dfbe74" - - generate-object-property@^1.1.0: - version "1.2.0" - resolved "https://registry.yarnpkg.com/generate-object-property/-/generate-object-property-1.2.0.tgz#9c0e1c40308ce804f4783618b937fa88f99d50d0" - dependencies: - is-property "^1.0.0" - - get-stdin@^4.0.1: - version "4.0.1" - resolved "https://registry.yarnpkg.com/get-stdin/-/get-stdin-4.0.1.tgz#b968c6b0a04384324902e8bf1a5df32579a450fe" - - getos@^2.7.0: - version "2.8.2" - resolved "https://registry.yarnpkg.com/getos/-/getos-2.8.2.tgz#365e7e3b2cf74cb85ebb6d1d8c76633580cee534" - dependencies: - async "2.0.1" - - getpass@^0.1.1: - version "0.1.6" - resolved "https://registry.yarnpkg.com/getpass/-/getpass-0.1.6.tgz#283ffd9fc1256840875311c1b60e8c40187110e6" - dependencies: - assert-plus "^1.0.0" - - glob-base@^0.3.0: - version "0.3.0" - resolved "https://registry.yarnpkg.com/glob-base/-/glob-base-0.3.0.tgz#dbb164f6221b1c0b1ccf82aea328b497df0ea3c4" - dependencies: - glob-parent "^2.0.0" - is-glob "^2.0.0" - - glob-parent@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/glob-parent/-/glob-parent-2.0.0.tgz#81383d72db054fcccf5336daa902f182f6edbb28" - dependencies: - is-glob "^2.0.0" - - glob-parent@^3.0.0: - version "3.0.1" - resolved "https://registry.yarnpkg.com/glob-parent/-/glob-parent-3.0.1.tgz#60021327cc963ddc3b5f085764f500479ecd82ff" - dependencies: - is-glob "^3.1.0" - path-dirname "^1.0.0" - - glob-stream@^5.3.2: - version "5.3.5" - resolved "https://registry.yarnpkg.com/glob-stream/-/glob-stream-5.3.5.tgz#a55665a9a8ccdc41915a87c701e32d4e016fad22" - dependencies: - extend "^3.0.0" - glob "^5.0.3" - glob-parent "^3.0.0" - micromatch "^2.3.7" - ordered-read-streams "^0.3.0" - through2 "^0.6.0" - to-absolute-glob "^0.1.1" - unique-stream "^2.0.2" - - glob@7.0.5: - version "7.0.5" - resolved "https://registry.yarnpkg.com/glob/-/glob-7.0.5.tgz#b4202a69099bbb4d292a7c1b95b6682b67ebdc95" - dependencies: - fs.realpath "^1.0.0" - inflight "^1.0.4" - inherits "2" - minimatch "^3.0.2" - once "^1.3.0" - path-is-absolute "^1.0.0" - - glob@^5.0.3, glob@^5.0.5: - version "5.0.15" - resolved "https://registry.yarnpkg.com/glob/-/glob-5.0.15.tgz#1bc936b9e02f4a603fcc222ecf7633d30b8b93b1" - dependencies: - inflight "^1.0.4" - inherits "2" - minimatch "2 || 3" - once "^1.3.0" - path-is-absolute "^1.0.0" - - glob@^7.0.3, glob@^7.0.5: - version "7.1.1" - resolved "https://registry.yarnpkg.com/glob/-/glob-7.1.1.tgz#805211df04faaf1c63a3600306cdf5ade50b2ec8" - dependencies: - fs.realpath "^1.0.0" - inflight "^1.0.4" - inherits "2" - minimatch "^3.0.2" - once "^1.3.0" - path-is-absolute "^1.0.0" - - globals@^9.0.0, globals@^9.2.0: - version "9.14.0" - resolved "https://registry.yarnpkg.com/globals/-/globals-9.14.0.tgz#8859936af0038741263053b39d0e76ca241e4034" - - globby@^5.0.0: - version "5.0.0" - resolved "https://registry.yarnpkg.com/globby/-/globby-5.0.0.tgz#ebd84667ca0dbb330b99bcfc68eac2bc54370e0d" - dependencies: - array-union "^1.0.1" - arrify "^1.0.0" - glob "^7.0.3" - object-assign "^4.0.1" - pify "^2.0.0" - pinkie-promise "^2.0.0" - - got@^3.2.0: - version "3.3.1" - resolved "https://registry.yarnpkg.com/got/-/got-3.3.1.tgz#e5d0ed4af55fc3eef4d56007769d98192bcb2eca" - dependencies: - duplexify "^3.2.0" - infinity-agent "^2.0.0" - is-redirect "^1.0.0" - is-stream "^1.0.0" - lowercase-keys "^1.0.0" - nested-error-stacks "^1.0.0" - object-assign "^3.0.0" - prepend-http "^1.0.0" - read-all-stream "^3.0.0" - timed-out "^2.0.0" - - graceful-fs@^4.0.0, graceful-fs@^4.1.2, graceful-fs@^4.1.4: - version "4.1.11" - resolved "https://registry.yarnpkg.com/graceful-fs/-/graceful-fs-4.1.11.tgz#0e8bdfe4d1ddb8854d64e04ea7c00e2a026e5658" - - "graceful-readlink@>= 1.0.0": - version "1.0.1" - resolved "https://registry.yarnpkg.com/graceful-readlink/-/graceful-readlink-1.0.1.tgz#4cafad76bc62f02fa039b2f94e9a3dd3a391a725" - - graphql-server-core@^0.4.3: - version "0.4.3" - resolved "https://registry.yarnpkg.com/graphql-server-core/-/graphql-server-core-0.4.3.tgz#3198832ce8703388713f012da023b33a3823be98" - optionalDependencies: - typed-graphql "^1.0.2" - - graphql-server-express@^0.4.3: - version "0.4.3" - resolved "https://registry.yarnpkg.com/graphql-server-express/-/graphql-server-express-0.4.3.tgz#198674e6db4949c060b9959554d3dc4e9cc4ed9b" - dependencies: - graphql-server-core "^0.4.3" - graphql-server-module-graphiql "^0.4.3" - optionalDependencies: - "@types/express" "^4.0.33" - - graphql-server-module-graphiql@^0.4.3: - version "0.4.3" - resolved "https://registry.yarnpkg.com/graphql-server-module-graphiql/-/graphql-server-module-graphiql-0.4.3.tgz#f82b92b99bb1e1b4b285c86bf6fcfa60b3a7a805" - - graphql-server@^0.3.2: - version "0.3.2" - resolved "https://registry.yarnpkg.com/graphql-server/-/graphql-server-0.3.2.tgz#ac3299963221be784fc78a22784d2d9ab7116e5e" - dependencies: - boom "^4.0.0" - http-errors "^1.5.0" - source-map-support "^0.4.2" - - graphql-subscriptions@0.2.0: - version "0.2.0" - resolved "https://registry.yarnpkg.com/graphql-subscriptions/-/graphql-subscriptions-0.2.0.tgz#9aebf19283f797354615b263090e15246a4c6c8d" - dependencies: - es6-promise "^3.2.1" - graphql "^0.7.0" - - graphql-subscriptions@^0.1.3: - version "0.1.5" - resolved "https://registry.yarnpkg.com/graphql-subscriptions/-/graphql-subscriptions-0.1.5.tgz#603422c0a7ea3818b630751d1c9798bfa1a820ee" - dependencies: - es6-promise "^3.2.1" - graphql "^0.7.0" - - graphql-tools@^0.8.2: - version "0.8.3" - resolved "https://registry.yarnpkg.com/graphql-tools/-/graphql-tools-0.8.3.tgz#7766ec1d1cc716dde331bd7813267bda44aefa08" - dependencies: - deprecated-decorator "^0.1.6" - lodash "^4.3.0" - node-uuid "^1.4.7" - optionalDependencies: - typed-graphql "^1.0.2" - - graphql@0.7.2, graphql@^0.7.0: - version "0.7.2" - resolved "https://registry.yarnpkg.com/graphql/-/graphql-0.7.2.tgz#cc894a32823399b8a0cb012b9e9ecad35cd00f72" - dependencies: - iterall "1.0.2" - - growl@1.9.2: - version "1.9.2" - resolved "https://registry.yarnpkg.com/growl/-/growl-1.9.2.tgz#0ea7743715db8d8de2c5ede1775e1b45ac85c02f" - - gulp-sourcemaps@1.6.0: - version "1.6.0" - resolved "https://registry.yarnpkg.com/gulp-sourcemaps/-/gulp-sourcemaps-1.6.0.tgz#b86ff349d801ceb56e1d9e7dc7bbcb4b7dee600c" - dependencies: - convert-source-map "^1.1.1" - graceful-fs "^4.1.2" - strip-bom "^2.0.0" - through2 "^2.0.0" - vinyl "^1.0.0" - - har-validator@~2.0.6: - version "2.0.6" - resolved "https://registry.yarnpkg.com/har-validator/-/har-validator-2.0.6.tgz#cdcbc08188265ad119b6a5a7c8ab70eecfb5d27d" - dependencies: - chalk "^1.1.1" - commander "^2.9.0" - is-my-json-valid "^2.12.4" - pinkie-promise "^2.0.0" - - has-ansi@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/has-ansi/-/has-ansi-2.0.0.tgz#34f5049ce1ecdf2b0649af3ef24e45ed35416d91" - dependencies: - ansi-regex "^2.0.0" - - has-flag@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/has-flag/-/has-flag-1.0.0.tgz#9d9e793165ce017a00f00418c43f942a7b1d11fa" - - has-unicode@^2.0.0: - version "2.0.1" - resolved "https://registry.yarnpkg.com/has-unicode/-/has-unicode-2.0.1.tgz#e0e6fe6a28cf51138855e086d1691e771de2a8b9" - - has@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/has/-/has-1.0.1.tgz#8461733f538b0837c9361e39a9ab9e9704dc2f28" - dependencies: - function-bind "^1.0.2" - - hawk@~3.1.3: - version "3.1.3" - resolved "https://registry.yarnpkg.com/hawk/-/hawk-3.1.3.tgz#078444bd7c1640b0fe540d2c9b73d59678e8e1c4" - dependencies: - boom "2.x.x" - cryptiles "2.x.x" - hoek "2.x.x" - sntp "1.x.x" - - hoek@2.x.x: - version "2.16.3" - resolved "https://registry.yarnpkg.com/hoek/-/hoek-2.16.3.tgz#20bb7403d3cea398e91dc4710a8ff1b8274a25ed" - - hoek@4.x.x: - version "4.1.0" - resolved "https://registry.yarnpkg.com/hoek/-/hoek-4.1.0.tgz#4a4557460f69842ed463aa00628cc26d2683afa7" - - home-or-tmp@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/home-or-tmp/-/home-or-tmp-1.0.0.tgz#4b9f1e40800c3e50c6c27f781676afcce71f3985" - dependencies: - os-tmpdir "^1.0.1" - user-home "^1.1.1" - - hosted-git-info@^2.1.4: - version "2.1.5" - resolved "https://registry.yarnpkg.com/hosted-git-info/-/hosted-git-info-2.1.5.tgz#0ba81d90da2e25ab34a332e6ec77936e1598118b" - - http-errors@^1.5.0, http-errors@~1.5.0: - version "1.5.1" - resolved "https://registry.yarnpkg.com/http-errors/-/http-errors-1.5.1.tgz#788c0d2c1de2c81b9e6e8c01843b6b97eb920750" - dependencies: - inherits "2.0.3" - setprototypeof "1.0.2" - statuses ">= 1.3.1 < 2" - - http-signature@~1.1.0: - version "1.1.1" - resolved "https://registry.yarnpkg.com/http-signature/-/http-signature-1.1.1.tgz#df72e267066cd0ac67fb76adf8e134a8fbcf91bf" - dependencies: - assert-plus "^0.2.0" - jsprim "^1.2.2" - sshpk "^1.7.0" - - https-proxy-agent@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/https-proxy-agent/-/https-proxy-agent-1.0.0.tgz#35f7da6c48ce4ddbfa264891ac593ee5ff8671e6" - dependencies: - agent-base "2" - debug "2" - extend "3" - - iconv-lite@0.4.13, iconv-lite@~0.4.13: - version "0.4.13" - resolved "https://registry.yarnpkg.com/iconv-lite/-/iconv-lite-0.4.13.tgz#1f88aba4ab0b1508e8312acc39345f36e992e2f2" - - ignore-by-default@^1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/ignore-by-default/-/ignore-by-default-1.0.1.tgz#48ca6d72f6c6a3af00a9ad4ae6876be3889e2b09" - - ignore@^3.1.5: - version "3.2.0" - resolved "https://registry.yarnpkg.com/ignore/-/ignore-3.2.0.tgz#8d88f03c3002a0ac52114db25d2c673b0bf1e435" - - imurmurhash@^0.1.4: - version "0.1.4" - resolved "https://registry.yarnpkg.com/imurmurhash/-/imurmurhash-0.1.4.tgz#9218b9b2b928a238b13dc4fb6b6d576f231453ea" - - indent-string@^2.1.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/indent-string/-/indent-string-2.1.0.tgz#8e2d48348742121b4a8218b7a137e9a52049dc80" - dependencies: - repeating "^2.0.0" - - infinity-agent@^2.0.0: - version "2.0.3" - resolved "https://registry.yarnpkg.com/infinity-agent/-/infinity-agent-2.0.3.tgz#45e0e2ff7a9eb030b27d62b74b3744b7a7ac4216" - - inflight@^1.0.4: - version "1.0.6" - resolved "https://registry.yarnpkg.com/inflight/-/inflight-1.0.6.tgz#49bd6331d7d02d0c09bc910a1075ba8165b56df9" - dependencies: - once "^1.3.0" - wrappy "1" - - inherits@2, inherits@2.0.3, inherits@^2.0.1, inherits@~2.0.0, inherits@~2.0.1: - version "2.0.3" - resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.3.tgz#633c2c83e3da42a502f52466022480f4208261de" - - ini@~1.3.0: - version "1.3.4" - resolved "https://registry.yarnpkg.com/ini/-/ini-1.3.4.tgz#0537cb79daf59b59a1a517dff706c86ec039162e" - - inquirer@^0.12.0: - version "0.12.0" - resolved "https://registry.yarnpkg.com/inquirer/-/inquirer-0.12.0.tgz#1ef2bfd63504df0bc75785fff8c2c41df12f077e" - dependencies: - ansi-escapes "^1.1.0" - ansi-regex "^2.0.0" - chalk "^1.0.0" - cli-cursor "^1.0.1" - cli-width "^2.0.0" - figures "^1.3.5" - lodash "^4.3.0" - readline2 "^1.0.1" - run-async "^0.1.0" - rx-lite "^3.1.2" - string-width "^1.0.1" - strip-ansi "^3.0.0" - through "^2.3.6" - - invariant@^2.2.0: - version "2.2.2" - resolved "https://registry.yarnpkg.com/invariant/-/invariant-2.2.2.tgz#9e1f56ac0acdb6bf303306f338be3b204ae60360" - dependencies: - loose-envify "^1.0.0" - - invert-kv@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/invert-kv/-/invert-kv-1.0.0.tgz#104a8e4aaca6d3d8cd157a8ef8bfab2d7a3ffdb6" - - ipaddr.js@1.1.1: - version "1.1.1" - resolved "https://registry.yarnpkg.com/ipaddr.js/-/ipaddr.js-1.1.1.tgz#c791d95f52b29c1247d5df80ada39b8a73647230" - - is-absolute@^0.1.5: - version "0.1.7" - resolved "https://registry.yarnpkg.com/is-absolute/-/is-absolute-0.1.7.tgz#847491119fccb5fb436217cc737f7faad50f603f" - dependencies: - is-relative "^0.1.0" - - is-arrayish@^0.2.1: - version "0.2.1" - resolved "https://registry.yarnpkg.com/is-arrayish/-/is-arrayish-0.2.1.tgz#77c99840527aa8ecb1a8ba697b80645a7a926a9d" - - is-binary-path@^1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/is-binary-path/-/is-binary-path-1.0.1.tgz#75f16642b480f187a711c814161fd3a4a7655898" - dependencies: - binary-extensions "^1.0.0" - - is-buffer@^1.0.2: - version "1.1.4" - resolved "https://registry.yarnpkg.com/is-buffer/-/is-buffer-1.1.4.tgz#cfc86ccd5dc5a52fa80489111c6920c457e2d98b" - - is-builtin-module@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-builtin-module/-/is-builtin-module-1.0.0.tgz#540572d34f7ac3119f8f76c30cbc1b1e037affbe" - dependencies: - builtin-modules "^1.0.0" - - is-bzip2@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-bzip2/-/is-bzip2-1.0.0.tgz#5ee58eaa5a2e9c80e21407bedf23ae5ac091b3fc" - - is-dotfile@^1.0.0: - version "1.0.2" - resolved "https://registry.yarnpkg.com/is-dotfile/-/is-dotfile-1.0.2.tgz#2c132383f39199f8edc268ca01b9b007d205cc4d" - - is-equal-shallow@^0.1.3: - version "0.1.3" - resolved "https://registry.yarnpkg.com/is-equal-shallow/-/is-equal-shallow-0.1.3.tgz#2238098fc221de0bcfa5d9eac4c45d638aa1c534" - dependencies: - is-primitive "^2.0.0" - - is-extendable@^0.1.0, is-extendable@^0.1.1: - version "0.1.1" - resolved "https://registry.yarnpkg.com/is-extendable/-/is-extendable-0.1.1.tgz#62b110e289a471418e3ec36a617d472e301dfc89" - - is-extglob@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-extglob/-/is-extglob-1.0.0.tgz#ac468177c4943405a092fc8f29760c6ffc6206c0" - - is-extglob@^2.1.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/is-extglob/-/is-extglob-2.1.0.tgz#33411a482b046bf95e6b0cb27ee2711af4cf15ad" - - is-finite@^1.0.0: - version "1.0.2" - resolved "https://registry.yarnpkg.com/is-finite/-/is-finite-1.0.2.tgz#cc6677695602be550ef11e8b4aa6305342b6d0aa" - dependencies: - number-is-nan "^1.0.0" - - is-fullwidth-code-point@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-fullwidth-code-point/-/is-fullwidth-code-point-1.0.0.tgz#ef9e31386f031a7f0d643af82fde50c457ef00cb" - dependencies: - number-is-nan "^1.0.0" - - is-fullwidth-code-point@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/is-fullwidth-code-point/-/is-fullwidth-code-point-2.0.0.tgz#a3b30a5c4f199183167aaab93beefae3ddfb654f" - - is-glob@^2.0.0, is-glob@^2.0.1: - version "2.0.1" - resolved "https://registry.yarnpkg.com/is-glob/-/is-glob-2.0.1.tgz#d096f926a3ded5600f3fdfd91198cb0888c2d863" - dependencies: - is-extglob "^1.0.0" - - is-glob@^3.1.0: - version "3.1.0" - resolved "https://registry.yarnpkg.com/is-glob/-/is-glob-3.1.0.tgz#7ba5ae24217804ac70707b96922567486cc3e84a" - dependencies: - is-extglob "^2.1.0" - - is-gzip@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-gzip/-/is-gzip-1.0.0.tgz#6ca8b07b99c77998025900e555ced8ed80879a83" - - is-my-json-valid@^2.10.0, is-my-json-valid@^2.12.4: - version "2.15.0" - resolved "https://registry.yarnpkg.com/is-my-json-valid/-/is-my-json-valid-2.15.0.tgz#936edda3ca3c211fd98f3b2d3e08da43f7b2915b" - dependencies: - generate-function "^2.0.0" - generate-object-property "^1.1.0" - jsonpointer "^4.0.0" - xtend "^4.0.0" - - is-natural-number@^2.0.0: - version "2.1.1" - resolved "https://registry.yarnpkg.com/is-natural-number/-/is-natural-number-2.1.1.tgz#7d4c5728377ef386c3e194a9911bf57c6dc335e7" - - is-npm@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-npm/-/is-npm-1.0.0.tgz#f2fb63a65e4905b406c86072765a1a4dc793b9f4" - - is-number@^2.0.2, is-number@^2.1.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/is-number/-/is-number-2.1.0.tgz#01fcbbb393463a548f2f466cce16dece49db908f" - dependencies: - kind-of "^3.0.2" - - is-path-cwd@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-path-cwd/-/is-path-cwd-1.0.0.tgz#d225ec23132e89edd38fda767472e62e65f1106d" - - is-path-in-cwd@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-path-in-cwd/-/is-path-in-cwd-1.0.0.tgz#6477582b8214d602346094567003be8a9eac04dc" - dependencies: - is-path-inside "^1.0.0" - - is-path-inside@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-path-inside/-/is-path-inside-1.0.0.tgz#fc06e5a1683fbda13de667aff717bbc10a48f37f" - dependencies: - path-is-inside "^1.0.1" - - is-posix-bracket@^0.1.0: - version "0.1.1" - resolved "https://registry.yarnpkg.com/is-posix-bracket/-/is-posix-bracket-0.1.1.tgz#3334dc79774368e92f016e6fbc0a88f5cd6e6bc4" - - is-primitive@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/is-primitive/-/is-primitive-2.0.0.tgz#207bab91638499c07b2adf240a41a87210034575" - - is-promise@~1, is-promise@~1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/is-promise/-/is-promise-1.0.1.tgz#31573761c057e33c2e91aab9e96da08cefbe76e5" - - is-property@^1.0.0: - version "1.0.2" - resolved "https://registry.yarnpkg.com/is-property/-/is-property-1.0.2.tgz#57fe1c4e48474edd65b09911f26b1cd4095dda84" - - is-redirect@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-redirect/-/is-redirect-1.0.0.tgz#1d03dded53bd8db0f30c26e4f95d36fc7c87dc24" - - is-relative@^0.1.0: - version "0.1.3" - resolved "https://registry.yarnpkg.com/is-relative/-/is-relative-0.1.3.tgz#905fee8ae86f45b3ec614bc3c15c869df0876e82" - - is-resolvable@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-resolvable/-/is-resolvable-1.0.0.tgz#8df57c61ea2e3c501408d100fb013cf8d6e0cc62" - dependencies: - tryit "^1.0.1" - - is-stream@^1.0.0, is-stream@^1.0.1: - version "1.1.0" - resolved "https://registry.yarnpkg.com/is-stream/-/is-stream-1.1.0.tgz#12d4a3dd4e68e0b79ceb8dbc84173ae80d91ca44" - - is-tar@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-tar/-/is-tar-1.0.0.tgz#2f6b2e1792c1f5bb36519acaa9d65c0d26fe853d" - - is-typedarray@^1.0.0, is-typedarray@~1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-typedarray/-/is-typedarray-1.0.0.tgz#e479c80858df0c1b11ddda6940f96011fcda4a9a" - - is-utf8@^0.2.0: - version "0.2.1" - resolved "https://registry.yarnpkg.com/is-utf8/-/is-utf8-0.2.1.tgz#4b0da1442104d1b336340e80797e865cf39f7d72" - - is-valid-glob@^0.3.0: - version "0.3.0" - resolved "https://registry.yarnpkg.com/is-valid-glob/-/is-valid-glob-0.3.0.tgz#d4b55c69f51886f9b65c70d6c2622d37e29f48fe" - - is-zip@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-zip/-/is-zip-1.0.0.tgz#47b0a8ff4d38a76431ccfd99a8e15a4c86ba2325" - - isarray@0.0.1: - version "0.0.1" - resolved "https://registry.yarnpkg.com/isarray/-/isarray-0.0.1.tgz#8a18acfca9a8f4177e09abfc6038939b05d1eedf" - - isarray@1.0.0, isarray@^1.0.0, isarray@~1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/isarray/-/isarray-1.0.0.tgz#bb935d48582cba168c06834957a54a3e07124f11" - - isemail@1.x.x: - version "1.2.0" - resolved "https://registry.yarnpkg.com/isemail/-/isemail-1.2.0.tgz#be03df8cc3e29de4d2c5df6501263f1fa4595e9a" - - isobject@^2.0.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/isobject/-/isobject-2.1.0.tgz#f065561096a3f1da2ef46272f815c840d87e0c89" - dependencies: - isarray "1.0.0" - - isstream@0.1.x, isstream@~0.1.2: - version "0.1.2" - resolved "https://registry.yarnpkg.com/isstream/-/isstream-0.1.2.tgz#47e63f7af55afa6f92e1500e690eb8b8529c099a" - - iterall@1.0.2: - version "1.0.2" - resolved "https://registry.yarnpkg.com/iterall/-/iterall-1.0.2.tgz#41a2e96ce9eda5e61c767ee5dc312373bb046e91" - - jodid25519@^1.0.0: - version "1.0.2" - resolved "https://registry.yarnpkg.com/jodid25519/-/jodid25519-1.0.2.tgz#06d4912255093419477d425633606e0e90782967" - dependencies: - jsbn "~0.1.0" - - joi@^6.10.1: - version "6.10.1" - resolved "https://registry.yarnpkg.com/joi/-/joi-6.10.1.tgz#4d50c318079122000fe5f16af1ff8e1917b77e06" - dependencies: - hoek "2.x.x" - isemail "1.x.x" - moment "2.x.x" - topo "1.x.x" - - js-tokens@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/js-tokens/-/js-tokens-2.0.0.tgz#79903f5563ee778cc1162e6dcf1a0027c97f9cb5" - - js-yaml@^3.5.1: - version "3.7.0" - resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-3.7.0.tgz#5c967ddd837a9bfdca5f2de84253abe8a1c03b80" - dependencies: - argparse "^1.0.7" - esprima "^2.6.0" - - jsbn@~0.1.0: - version "0.1.0" - resolved "https://registry.yarnpkg.com/jsbn/-/jsbn-0.1.0.tgz#650987da0dd74f4ebf5a11377a2aa2d273e97dfd" - - jsesc@^1.3.0: - version "1.3.0" - resolved "https://registry.yarnpkg.com/jsesc/-/jsesc-1.3.0.tgz#46c3fec8c1892b12b0833db9bc7622176dbab34b" - - jsesc@~0.5.0: - version "0.5.0" - resolved "https://registry.yarnpkg.com/jsesc/-/jsesc-0.5.0.tgz#e7dee66e35d6fc16f710fe91d5cf69f70f08911d" - - json-schema@0.2.3: - version "0.2.3" - resolved "https://registry.yarnpkg.com/json-schema/-/json-schema-0.2.3.tgz#b480c892e59a2f05954ce727bd3f2a4e882f9e13" - - json-stable-stringify@^1.0.0, json-stable-stringify@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/json-stable-stringify/-/json-stable-stringify-1.0.1.tgz#9a759d39c5f2ff503fd5300646ed445f88c4f9af" - dependencies: - jsonify "~0.0.0" - - json-stringify-safe@~5.0.1: - version "5.0.1" - resolved "https://registry.yarnpkg.com/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz#1296a2d58fd45f19a0f6ce01d65701e2c735b6eb" - - json3@3.3.2: - version "3.3.2" - resolved "https://registry.yarnpkg.com/json3/-/json3-3.3.2.tgz#3c0434743df93e2f5c42aee7b19bcb483575f4e1" - - json5@^0.4.0: - version "0.4.0" - resolved "https://registry.yarnpkg.com/json5/-/json5-0.4.0.tgz#054352e4c4c80c86c0923877d449de176a732c8d" - - jsonify@~0.0.0: - version "0.0.0" - resolved "https://registry.yarnpkg.com/jsonify/-/jsonify-0.0.0.tgz#2c74b6ee41d93ca51b7b5aaee8f503631d252a73" - - jsonpointer@^4.0.0: - version "4.0.0" - resolved "https://registry.yarnpkg.com/jsonpointer/-/jsonpointer-4.0.0.tgz#6661e161d2fc445f19f98430231343722e1fcbd5" - - jsonwebtoken@^7.0.0: - version "7.3.0" - resolved "https://registry.yarnpkg.com/jsonwebtoken/-/jsonwebtoken-7.3.0.tgz#85118d6a70e3fccdf14389f4e7a1c3f9c8a9fbba" - dependencies: - joi "^6.10.1" - jws "^3.1.4" - lodash.once "^4.0.0" - ms "^0.7.1" - xtend "^4.0.1" - - jsprim@^1.2.2: - version "1.3.1" - resolved "https://registry.yarnpkg.com/jsprim/-/jsprim-1.3.1.tgz#2a7256f70412a29ee3670aaca625994c4dcff252" - dependencies: - extsprintf "1.0.2" - json-schema "0.2.3" - verror "1.3.6" - - jsx-ast-utils@^1.0.0, jsx-ast-utils@^1.3.1: - version "1.3.4" - resolved "https://registry.yarnpkg.com/jsx-ast-utils/-/jsx-ast-utils-1.3.4.tgz#0257ed1cc4b1e65b39d7d9940f9fb4f20f7ba0a9" - dependencies: - acorn-jsx "^3.0.1" - object-assign "^4.1.0" - - jwa@^1.1.4: - version "1.1.5" - resolved "https://registry.yarnpkg.com/jwa/-/jwa-1.1.5.tgz#a0552ce0220742cd52e153774a32905c30e756e5" - dependencies: - base64url "2.0.0" - buffer-equal-constant-time "1.0.1" - ecdsa-sig-formatter "1.0.9" - safe-buffer "^5.0.1" - - jws@^3.1.4: - version "3.1.4" - resolved "https://registry.yarnpkg.com/jws/-/jws-3.1.4.tgz#f9e8b9338e8a847277d6444b1464f61880e050a2" - dependencies: - base64url "^2.0.0" - jwa "^1.1.4" - safe-buffer "^5.0.1" - - jwt-simple@^0.5.1: - version "0.5.1" - resolved "https://registry.yarnpkg.com/jwt-simple/-/jwt-simple-0.5.1.tgz#79ea01891b61de6b68e13e67c0b4b5bda937b294" - - kind-of@^3.0.2: - version "3.1.0" - resolved "https://registry.yarnpkg.com/kind-of/-/kind-of-3.1.0.tgz#475d698a5e49ff5e53d14e3e732429dc8bf4cf47" - dependencies: - is-buffer "^1.0.2" - - latest-version@^1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/latest-version/-/latest-version-1.0.1.tgz#72cfc46e3e8d1be651e1ebb54ea9f6ea96f374bb" - dependencies: - package-json "^1.0.0" - - lazystream@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/lazystream/-/lazystream-1.0.0.tgz#f6995fe0f820392f61396be89462407bb77168e4" - dependencies: - readable-stream "^2.0.5" - - lcid@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/lcid/-/lcid-1.0.0.tgz#308accafa0bc483a3867b4b6f2b9506251d1b835" - dependencies: - invert-kv "^1.0.0" - - levn@^0.3.0, levn@~0.3.0: - version "0.3.0" - resolved "https://registry.yarnpkg.com/levn/-/levn-0.3.0.tgz#3b09924edf9f083c0490fdd4c0bc4421e04764ee" - dependencies: - prelude-ls "~1.1.2" - type-check "~0.3.2" - - load-json-file@^1.0.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/load-json-file/-/load-json-file-1.1.0.tgz#956905708d58b4bab4c2261b04f59f31c99374c0" - dependencies: - graceful-fs "^4.1.2" - parse-json "^2.2.0" - pify "^2.0.0" - pinkie-promise "^2.0.0" - strip-bom "^2.0.0" - - lodash._baseassign@^3.0.0: - version "3.2.0" - resolved "https://registry.yarnpkg.com/lodash._baseassign/-/lodash._baseassign-3.2.0.tgz#8c38a099500f215ad09e59f1722fd0c52bfe0a4e" - dependencies: - lodash._basecopy "^3.0.0" - lodash.keys "^3.0.0" - - lodash._basecopy@^3.0.0: - version "3.0.1" - resolved "https://registry.yarnpkg.com/lodash._basecopy/-/lodash._basecopy-3.0.1.tgz#8da0e6a876cf344c0ad8a54882111dd3c5c7ca36" - - lodash._basecreate@^3.0.0: - version "3.0.3" - resolved "https://registry.yarnpkg.com/lodash._basecreate/-/lodash._basecreate-3.0.3.tgz#1bc661614daa7fc311b7d03bf16806a0213cf821" - - lodash._bindcallback@^3.0.0: - version "3.0.1" - resolved "https://registry.yarnpkg.com/lodash._bindcallback/-/lodash._bindcallback-3.0.1.tgz#e531c27644cf8b57a99e17ed95b35c748789392e" - - lodash._createassigner@^3.0.0: - version "3.1.1" - resolved "https://registry.yarnpkg.com/lodash._createassigner/-/lodash._createassigner-3.1.1.tgz#838a5bae2fdaca63ac22dee8e19fa4e6d6970b11" - dependencies: - lodash._bindcallback "^3.0.0" - lodash._isiterateecall "^3.0.0" - lodash.restparam "^3.0.0" - - lodash._getnative@^3.0.0: - version "3.9.1" - resolved "https://registry.yarnpkg.com/lodash._getnative/-/lodash._getnative-3.9.1.tgz#570bc7dede46d61cdcde687d65d3eecbaa3aaff5" - - lodash._isiterateecall@^3.0.0: - version "3.0.9" - resolved "https://registry.yarnpkg.com/lodash._isiterateecall/-/lodash._isiterateecall-3.0.9.tgz#5203ad7ba425fae842460e696db9cf3e6aac057c" - - lodash.assign@^3.0.0: - version "3.2.0" - resolved "https://registry.yarnpkg.com/lodash.assign/-/lodash.assign-3.2.0.tgz#3ce9f0234b4b2223e296b8fa0ac1fee8ebca64fa" - dependencies: - lodash._baseassign "^3.0.0" - lodash._createassigner "^3.0.0" - lodash.keys "^3.0.0" - - lodash.cond@^4.3.0: - version "4.5.2" - resolved "https://registry.yarnpkg.com/lodash.cond/-/lodash.cond-4.5.2.tgz#f471a1da486be60f6ab955d17115523dd1d255d5" - - lodash.create@3.1.1: - version "3.1.1" - resolved "https://registry.yarnpkg.com/lodash.create/-/lodash.create-3.1.1.tgz#d7f2849f0dbda7e04682bb8cd72ab022461debe7" - dependencies: - lodash._baseassign "^3.0.0" - lodash._basecreate "^3.0.0" - lodash._isiterateecall "^3.0.0" - - lodash.defaults@^3.1.2: - version "3.1.2" - resolved "https://registry.yarnpkg.com/lodash.defaults/-/lodash.defaults-3.1.2.tgz#c7308b18dbf8bc9372d701a73493c61192bd2e2c" - dependencies: - lodash.assign "^3.0.0" - lodash.restparam "^3.0.0" - - lodash.isarguments@^3.0.0: - version "3.1.0" - resolved "https://registry.yarnpkg.com/lodash.isarguments/-/lodash.isarguments-3.1.0.tgz#2f573d85c6a24289ff00663b491c1d338ff3458a" - - lodash.isarray@^3.0.0: - version "3.0.4" - resolved "https://registry.yarnpkg.com/lodash.isarray/-/lodash.isarray-3.0.4.tgz#79e4eb88c36a8122af86f844aa9bcd851b5fbb55" - - lodash.isequal@^4.0.0: - version "4.4.0" - resolved "https://registry.yarnpkg.com/lodash.isequal/-/lodash.isequal-4.4.0.tgz#6295768e98e14dc15ce8d362ef6340db82852031" - - lodash.isobject@^3.0.2: - version "3.0.2" - resolved "https://registry.yarnpkg.com/lodash.isobject/-/lodash.isobject-3.0.2.tgz#3c8fb8d5b5bf4bf90ae06e14f2a530a4ed935e1d" - - lodash.isstring@^4.0.1: - version "4.0.1" - resolved "https://registry.yarnpkg.com/lodash.isstring/-/lodash.isstring-4.0.1.tgz#d527dfb5456eca7cc9bb95d5daeaf88ba54a5451" - - lodash.keys@^3.0.0: - version "3.1.2" - resolved "https://registry.yarnpkg.com/lodash.keys/-/lodash.keys-3.1.2.tgz#4dbc0472b156be50a0b286855d1bd0b0c656098a" - dependencies: - lodash._getnative "^3.0.0" - lodash.isarguments "^3.0.0" - lodash.isarray "^3.0.0" - - lodash.once@^4.0.0: - version "4.1.1" - resolved "https://registry.yarnpkg.com/lodash.once/-/lodash.once-4.1.1.tgz#0dd3971213c7c56df880977d504c88fb471a97ac" - - lodash.pickby@^4.6.0: - version "4.6.0" - resolved "https://registry.yarnpkg.com/lodash.pickby/-/lodash.pickby-4.6.0.tgz#7dea21d8c18d7703a27c704c15d3b84a67e33aff" - - lodash.restparam@^3.0.0: - version "3.6.1" - resolved "https://registry.yarnpkg.com/lodash.restparam/-/lodash.restparam-3.6.1.tgz#936a4e309ef330a7645ed4145986c85ae5b20805" - - lodash@4.16.4, lodash@^4.0.0, lodash@^4.15.0, lodash@^4.2.0, lodash@^4.3.0, lodash@^4.8.0: - version "4.16.4" - resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.16.4.tgz#01ce306b9bad1319f2a5528674f88297aeb70127" - - log-symbols@^1.0.2: - version "1.0.2" - resolved "https://registry.yarnpkg.com/log-symbols/-/log-symbols-1.0.2.tgz#376ff7b58ea3086a0f09facc74617eca501e1a18" - dependencies: - chalk "^1.0.0" - - loose-envify@^1.0.0: - version "1.3.0" - resolved "https://registry.yarnpkg.com/loose-envify/-/loose-envify-1.3.0.tgz#6b26248c42f6d4fa4b0d8542f78edfcde35642a8" - dependencies: - js-tokens "^2.0.0" - - loud-rejection@^1.0.0: - version "1.6.0" - resolved "https://registry.yarnpkg.com/loud-rejection/-/loud-rejection-1.6.0.tgz#5b46f80147edee578870f086d04821cf998e551f" - dependencies: - currently-unhandled "^0.4.1" - signal-exit "^3.0.0" - - lowercase-keys@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/lowercase-keys/-/lowercase-keys-1.0.0.tgz#4e3366b39e7f5457e35f1324bdf6f88d0bfc7306" - - map-obj@^1.0.0, map-obj@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/map-obj/-/map-obj-1.0.1.tgz#d933ceb9205d82bdcf4886f6742bdc2b4dea146d" - - map-stream@~0.1.0: - version "0.1.0" - resolved "https://registry.yarnpkg.com/map-stream/-/map-stream-0.1.0.tgz#e56aa94c4c8055a16404a0674b78f215f7c8e194" - - media-typer@0.3.0: - version "0.3.0" - resolved "https://registry.yarnpkg.com/media-typer/-/media-typer-0.3.0.tgz#8710d7af0aa626f8fffa1ce00168545263255748" - - meow@^3.5.0: - version "3.7.0" - resolved "https://registry.yarnpkg.com/meow/-/meow-3.7.0.tgz#72cb668b425228290abbfa856892587308a801fb" - dependencies: - camelcase-keys "^2.0.0" - decamelize "^1.1.2" - loud-rejection "^1.0.0" - map-obj "^1.0.1" - minimist "^1.1.3" - normalize-package-data "^2.3.4" - object-assign "^4.0.1" - read-pkg-up "^1.0.1" - redent "^1.0.0" - trim-newlines "^1.0.0" - - merge-descriptors@1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/merge-descriptors/-/merge-descriptors-1.0.1.tgz#b00aaa556dd8b44568150ec9d1b953f3f90cbb61" - - merge-stream@^1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/merge-stream/-/merge-stream-1.0.1.tgz#4041202d508a342ba00174008df0c251b8c135e1" - dependencies: - readable-stream "^2.0.1" - - methods@~1.1.2: - version "1.1.2" - resolved "https://registry.yarnpkg.com/methods/-/methods-1.1.2.tgz#5529a4d67654134edcc5266656835b0f851afcee" - - micromatch@^2.1.5, micromatch@^2.3.7: - version "2.3.11" - resolved "https://registry.yarnpkg.com/micromatch/-/micromatch-2.3.11.tgz#86677c97d1720b363431d04d0d15293bd38c1565" - dependencies: - arr-diff "^2.0.0" - array-unique "^0.2.1" - braces "^1.8.2" - expand-brackets "^0.1.4" - extglob "^0.3.1" - filename-regex "^2.0.0" - is-extglob "^1.0.0" - is-glob "^2.0.1" - kind-of "^3.0.2" - normalize-path "^2.0.1" - object.omit "^2.0.0" - parse-glob "^3.0.4" - regex-cache "^0.4.2" - - mime-db@~1.25.0: - version "1.25.0" - resolved "https://registry.yarnpkg.com/mime-db/-/mime-db-1.25.0.tgz#c18dbd7c73a5dbf6f44a024dc0d165a1e7b1c392" - - mime-types@^2.1.12, mime-types@~2.1.11, mime-types@~2.1.13, mime-types@~2.1.7: - version "2.1.13" - resolved "https://registry.yarnpkg.com/mime-types/-/mime-types-2.1.13.tgz#e07aaa9c6c6b9a7ca3012c69003ad25a39e92a88" - dependencies: - mime-db "~1.25.0" - - mime@1.3.4: - version "1.3.4" - resolved "https://registry.yarnpkg.com/mime/-/mime-1.3.4.tgz#115f9e3b6b3daf2959983cb38f149a2d40eb5d53" - - "minimatch@2 || 3", minimatch@^3.0.0, minimatch@^3.0.2, minimatch@^3.0.3: - version "3.0.3" - resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-3.0.3.tgz#2a4e4090b96b2db06a9d7df01055a62a77c9b774" - dependencies: - brace-expansion "^1.0.0" - - minimist@0.0.8: - version "0.0.8" - resolved "https://registry.yarnpkg.com/minimist/-/minimist-0.0.8.tgz#857fcabfc3397d2625b8228262e86aa7a011b05d" - - minimist@^1.1.0, minimist@^1.1.3, minimist@^1.2.0: - version "1.2.0" - resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.0.tgz#a35008b20f41383eec1fb914f4cd5df79a264284" - - mkdirp@0.5.1, "mkdirp@>=0.5 0", mkdirp@^0.5.0, mkdirp@^0.5.1, mkdirp@~0.5.1: - version "0.5.1" - resolved "https://registry.yarnpkg.com/mkdirp/-/mkdirp-0.5.1.tgz#30057438eac6cf7f8c4767f38648d6697d75c903" - dependencies: - minimist "0.0.8" - - mocha@^3.1.2: - version "3.2.0" - resolved "https://registry.yarnpkg.com/mocha/-/mocha-3.2.0.tgz#7dc4f45e5088075171a68896814e6ae9eb7a85e3" - dependencies: - browser-stdout "1.3.0" - commander "2.9.0" - debug "2.2.0" - diff "1.4.0" - escape-string-regexp "1.0.5" - glob "7.0.5" - growl "1.9.2" - json3 "3.3.2" - lodash.create "3.1.1" - mkdirp "0.5.1" - supports-color "3.1.2" - - moment@2.x.x: - version "2.17.1" - resolved "https://registry.yarnpkg.com/moment/-/moment-2.17.1.tgz#fed9506063f36b10f066c8b59a144d7faebe1d82" - - mongo-find-by-ids@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/mongo-find-by-ids/-/mongo-find-by-ids-1.0.0.tgz#c4e7a108e2b9fb98f59eb8be5d3801b2bfb52222" - - mongodb-core@2.1.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/mongodb-core/-/mongodb-core-2.1.0.tgz#49a5edf476f6cc16c4ff7d423802a88080d992fb" - dependencies: - bson "~1.0.0" - require_optional "~1.0.0" - - mongodb-download@^1.3.2: - version "1.3.2" - resolved "https://registry.yarnpkg.com/mongodb-download/-/mongodb-download-1.3.2.tgz#0a2e8868eaea6c18e2a7f7cb7c8048ff10809337" - dependencies: - debug "^2.2.0" - getos "^2.7.0" - yargs "^3.26.0" - - mongodb-prebuilt@^5.0.7: - version "5.0.8" - resolved "https://registry.yarnpkg.com/mongodb-prebuilt/-/mongodb-prebuilt-5.0.8.tgz#82eb96336688888c3a614efbf6c5613fb656fbed" - dependencies: - debug "^2.2.0" - decompress "^3.0.0" - https-proxy-agent "^1.0.0" - mongodb-download "^1.3.2" - spawn-sync "1.0.15" - yargs "^3.26.0" - - mongodb@^2.2.11: - version "2.2.13" - resolved "https://registry.yarnpkg.com/mongodb/-/mongodb-2.2.13.tgz#f74315fbf64450265f920481fc7f17491b056b8a" - dependencies: - es6-promise "3.2.1" - mongodb-core "2.1.0" - readable-stream "2.1.5" - - morgan@^1.8.2: - version "1.8.2" - resolved "https://registry.yarnpkg.com/morgan/-/morgan-1.8.2.tgz#784ac7734e4a453a9c6e6e8680a9329275c8b687" - dependencies: - basic-auth "~1.1.0" - debug "2.6.8" - depd "~1.1.0" - on-finished "~2.3.0" - on-headers "~1.0.1" - - ms@0.7.1, ms@^0.7.1: - version "0.7.1" - resolved "https://registry.yarnpkg.com/ms/-/ms-0.7.1.tgz#9cd13c03adbff25b65effde7ce864ee952017098" - - ms@2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/ms/-/ms-2.0.0.tgz#5608aeadfc00be6c2901df5f9861788de0d597c8" - - mute-stream@0.0.5: - version "0.0.5" - resolved "https://registry.yarnpkg.com/mute-stream/-/mute-stream-0.0.5.tgz#8fbfabb0a98a253d3184331f9e8deb7372fac6c0" - - nan@2.5.0, nan@^2.3.0, nan@^2.3.3: - version "2.5.0" - resolved "https://registry.yarnpkg.com/nan/-/nan-2.5.0.tgz#aa8f1e34531d807e9e27755b234b4a6ec0c152a8" - - natural-compare@^1.4.0: - version "1.4.0" - resolved "https://registry.yarnpkg.com/natural-compare/-/natural-compare-1.4.0.tgz#4abebfeed7541f2c27acfb29bdbbd15c8d5ba4f7" - - negotiator@0.6.1: - version "0.6.1" - resolved "https://registry.yarnpkg.com/negotiator/-/negotiator-0.6.1.tgz#2b327184e8992101177b28563fb5e7102acd0ca9" - - nested-error-stacks@^1.0.0: - version "1.0.2" - resolved "https://registry.yarnpkg.com/nested-error-stacks/-/nested-error-stacks-1.0.2.tgz#19f619591519f096769a5ba9a86e6eeec823c3cf" - dependencies: - inherits "~2.0.1" - - node-fetch@^1.6.3: - version "1.6.3" - resolved "https://registry.yarnpkg.com/node-fetch/-/node-fetch-1.6.3.tgz#dc234edd6489982d58e8f0db4f695029abcd8c04" - dependencies: - encoding "^0.1.11" - is-stream "^1.0.1" - - node-pre-gyp@0.6.32, node-pre-gyp@^0.6.29: - version "0.6.32" - resolved "https://registry.yarnpkg.com/node-pre-gyp/-/node-pre-gyp-0.6.32.tgz#fc452b376e7319b3d255f5f34853ef6fd8fe1fd5" - dependencies: - mkdirp "~0.5.1" - nopt "~3.0.6" - npmlog "^4.0.1" - rc "~1.1.6" - request "^2.79.0" - rimraf "~2.5.4" - semver "~5.3.0" - tar "~2.2.1" - tar-pack "~3.3.0" - - node-static@0.5.9: - version "0.5.9" - resolved "https://registry.yarnpkg.com/node-static/-/node-static-0.5.9.tgz#2f5bf30949e1735958266c269413aebce8cbe899" - - node-uuid@^1.4.7: - version "1.4.7" - resolved "https://registry.yarnpkg.com/node-uuid/-/node-uuid-1.4.7.tgz#6da5a17668c4b3dd59623bda11cf7fa4c1f60a6f" - - nodeify@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/nodeify/-/nodeify-1.0.1.tgz#64ab69a7bdbaf03ce107b4f0335c87c0b9e91b1d" - dependencies: - is-promise "~1.0.0" - promise "~1.3.0" - - nodemon@1.11.0: - version "1.11.0" - resolved "https://registry.yarnpkg.com/nodemon/-/nodemon-1.11.0.tgz#226c562bd2a7b13d3d7518b49ad4828a3623d06c" - dependencies: - chokidar "^1.4.3" - debug "^2.2.0" - es6-promise "^3.0.2" - ignore-by-default "^1.0.0" - lodash.defaults "^3.1.2" - minimatch "^3.0.0" - ps-tree "^1.0.1" - touch "1.0.0" - undefsafe "0.0.3" - update-notifier "0.5.0" - - nopt@~1.0.10: - version "1.0.10" - resolved "https://registry.yarnpkg.com/nopt/-/nopt-1.0.10.tgz#6ddd21bd2a31417b92727dd585f8a6f37608ebee" - dependencies: - abbrev "1" - - nopt@~3.0.6: - version "3.0.6" - resolved "https://registry.yarnpkg.com/nopt/-/nopt-3.0.6.tgz#c6465dbf08abcd4db359317f79ac68a646b28ff9" - dependencies: - abbrev "1" - - normalize-package-data@^2.3.2, normalize-package-data@^2.3.4: - version "2.3.5" - resolved "https://registry.yarnpkg.com/normalize-package-data/-/normalize-package-data-2.3.5.tgz#8d924f142960e1777e7ffe170543631cc7cb02df" - dependencies: - hosted-git-info "^2.1.4" - is-builtin-module "^1.0.0" - semver "2 || 3 || 4 || 5" - validate-npm-package-license "^3.0.1" - - normalize-path@^2.0.1: - version "2.0.1" - resolved "https://registry.yarnpkg.com/normalize-path/-/normalize-path-2.0.1.tgz#47886ac1662760d4261b7d979d241709d3ce3f7a" - - npmlog@^4.0.1: - version "4.0.1" - resolved "https://registry.yarnpkg.com/npmlog/-/npmlog-4.0.1.tgz#d14f503b4cd79710375553004ba96e6662fbc0b8" - dependencies: - are-we-there-yet "~1.1.2" - console-control-strings "~1.1.0" - gauge "~2.7.1" - set-blocking "~2.0.0" - - number-is-nan@^1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/number-is-nan/-/number-is-nan-1.0.1.tgz#097b602b53422a522c1afb8790318336941a011d" - - oauth-sign@~0.8.1: - version "0.8.2" - resolved "https://registry.yarnpkg.com/oauth-sign/-/oauth-sign-0.8.2.tgz#46a6ab7f0aead8deae9ec0565780b7d4efeb9d43" - - object-assign@^2.0.0: - version "2.1.1" - resolved "https://registry.yarnpkg.com/object-assign/-/object-assign-2.1.1.tgz#43c36e5d569ff8e4816c4efa8be02d26967c18aa" - - object-assign@^3.0.0: - version "3.0.0" - resolved "https://registry.yarnpkg.com/object-assign/-/object-assign-3.0.0.tgz#9bedd5ca0897949bca47e7ff408062d549f587f2" - - object-assign@^4.0.0, object-assign@^4.0.1, object-assign@^4.1.0: - version "4.1.0" - resolved "https://registry.yarnpkg.com/object-assign/-/object-assign-4.1.0.tgz#7a3b3d0e98063d43f4c03f2e8ae6cd51a86883a0" - - object.omit@^2.0.0: - version "2.0.1" - resolved "https://registry.yarnpkg.com/object.omit/-/object.omit-2.0.1.tgz#1a9c744829f39dbb858c76ca3579ae2a54ebd1fa" - dependencies: - for-own "^0.1.4" - is-extendable "^0.1.1" - - on-finished@~2.3.0: - version "2.3.0" - resolved "https://registry.yarnpkg.com/on-finished/-/on-finished-2.3.0.tgz#20f1336481b083cd75337992a16971aa2d906947" - dependencies: - ee-first "1.1.1" - - on-headers@~1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/on-headers/-/on-headers-1.0.1.tgz#928f5d0f470d49342651ea6794b0857c100693f7" - - once@^1.3.0: - version "1.4.0" - resolved "https://registry.yarnpkg.com/once/-/once-1.4.0.tgz#583b1aa775961d4b113ac17d9c50baef9dd76bd1" - dependencies: - wrappy "1" - - once@~1.3.0, once@~1.3.3: - version "1.3.3" - resolved "https://registry.yarnpkg.com/once/-/once-1.3.3.tgz#b2e261557ce4c314ec8304f3fa82663e4297ca20" - dependencies: - wrappy "1" - - onetime@^1.0.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/onetime/-/onetime-1.1.0.tgz#a1f7838f8314c516f05ecefcbc4ccfe04b4ed789" - - optionator@^0.8.2: - version "0.8.2" - resolved "https://registry.yarnpkg.com/optionator/-/optionator-0.8.2.tgz#364c5e409d3f4d6301d6c0b4c05bba50180aeb64" - dependencies: - deep-is "~0.1.3" - fast-levenshtein "~2.0.4" - levn "~0.3.0" - prelude-ls "~1.1.2" - type-check "~0.3.2" - wordwrap "~1.0.0" - - ordered-read-streams@^0.3.0: - version "0.3.0" - resolved "https://registry.yarnpkg.com/ordered-read-streams/-/ordered-read-streams-0.3.0.tgz#7137e69b3298bb342247a1bbee3881c80e2fd78b" - dependencies: - is-stream "^1.0.1" - readable-stream "^2.0.1" - - os-homedir@^1.0.0: - version "1.0.2" - resolved "https://registry.yarnpkg.com/os-homedir/-/os-homedir-1.0.2.tgz#ffbc4988336e0e833de0c168c7ef152121aa7fb3" - - os-locale@^1.4.0: - version "1.4.0" - resolved "https://registry.yarnpkg.com/os-locale/-/os-locale-1.4.0.tgz#20f9f17ae29ed345e8bde583b13d2009803c14d9" - dependencies: - lcid "^1.0.0" - - os-shim@^0.1.2: - version "0.1.3" - resolved "https://registry.yarnpkg.com/os-shim/-/os-shim-0.1.3.tgz#6b62c3791cf7909ea35ed46e17658bb417cb3917" - - os-tmpdir@^1.0.0, os-tmpdir@^1.0.1: - version "1.0.2" - resolved "https://registry.yarnpkg.com/os-tmpdir/-/os-tmpdir-1.0.2.tgz#bbe67406c79aa85c5cfec766fe5734555dfa1274" - - osenv@^0.1.0: - version "0.1.3" - resolved "https://registry.yarnpkg.com/osenv/-/osenv-0.1.3.tgz#83cf05c6d6458fc4d5ac6362ea325d92f2754217" - dependencies: - os-homedir "^1.0.0" - os-tmpdir "^1.0.0" - - output-file-sync@^1.1.0: - version "1.1.2" - resolved "https://registry.yarnpkg.com/output-file-sync/-/output-file-sync-1.1.2.tgz#d0a33eefe61a205facb90092e826598d5245ce76" - dependencies: - graceful-fs "^4.1.4" - mkdirp "^0.5.1" - object-assign "^4.1.0" - - package-json@^1.0.0: - version "1.2.0" - resolved "https://registry.yarnpkg.com/package-json/-/package-json-1.2.0.tgz#c8ecac094227cdf76a316874ed05e27cc939a0e0" - dependencies: - got "^3.2.0" - registry-url "^3.0.0" - - parse-glob@^3.0.4: - version "3.0.4" - resolved "https://registry.yarnpkg.com/parse-glob/-/parse-glob-3.0.4.tgz#b2c376cfb11f35513badd173ef0bb6e3a388391c" - dependencies: - glob-base "^0.3.0" - is-dotfile "^1.0.0" - is-extglob "^1.0.0" - is-glob "^2.0.0" - - parse-json@^2.2.0: - version "2.2.0" - resolved "https://registry.yarnpkg.com/parse-json/-/parse-json-2.2.0.tgz#f480f40434ef80741f8469099f8dea18f55a4dc9" - dependencies: - error-ex "^1.2.0" - - parseurl@~1.3.1: - version "1.3.1" - resolved "https://registry.yarnpkg.com/parseurl/-/parseurl-1.3.1.tgz#c8ab8c9223ba34888aa64a297b28853bec18da56" - - passport-jwt@^2.2.1: - version "2.2.1" - resolved "https://registry.yarnpkg.com/passport-jwt/-/passport-jwt-2.2.1.tgz#0e004c94071319d673d9d9bcfd1574a868011527" - dependencies: - jsonwebtoken "^7.0.0" - passport-strategy "^1.0.0" - - passport-strategy@1.x.x, passport-strategy@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/passport-strategy/-/passport-strategy-1.0.0.tgz#b5539aa8fc225a3d1ad179476ddf236b440f52e4" - - passport@^0.3.2: - version "0.3.2" - resolved "https://registry.yarnpkg.com/passport/-/passport-0.3.2.tgz#9dd009f915e8fe095b0124a01b8f82da07510102" - dependencies: - passport-strategy "1.x.x" - pause "0.0.1" - - path-dirname@^1.0.0: - version "1.0.2" - resolved "https://registry.yarnpkg.com/path-dirname/-/path-dirname-1.0.2.tgz#cc33d24d525e099a5388c0336c6e32b9160609e0" - - path-exists@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/path-exists/-/path-exists-1.0.0.tgz#d5a8998eb71ef37a74c34eb0d9eba6e878eea081" - - path-exists@^2.0.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/path-exists/-/path-exists-2.1.0.tgz#0feb6c64f0fc518d9a754dd5efb62c7022761f4b" - dependencies: - pinkie-promise "^2.0.0" - - path-is-absolute@^1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/path-is-absolute/-/path-is-absolute-1.0.1.tgz#174b9268735534ffbc7ace6bf53a5a9e1b5c5f5f" - - path-is-inside@^1.0.1: - version "1.0.2" - resolved "https://registry.yarnpkg.com/path-is-inside/-/path-is-inside-1.0.2.tgz#365417dede44430d1c11af61027facf074bdfc53" - - path-to-regexp@0.1.7: - version "0.1.7" - resolved "https://registry.yarnpkg.com/path-to-regexp/-/path-to-regexp-0.1.7.tgz#df604178005f522f15eb4490e7247a1bfaa67f8c" - - path-type@^1.0.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/path-type/-/path-type-1.1.0.tgz#59c44f7ee491da704da415da5a4070ba4f8fe441" - dependencies: - graceful-fs "^4.1.2" - pify "^2.0.0" - pinkie-promise "^2.0.0" - - pause-stream@0.0.11: - version "0.0.11" - resolved "https://registry.yarnpkg.com/pause-stream/-/pause-stream-0.0.11.tgz#fe5a34b0cbce12b5aa6a2b403ee2e73b602f1445" - dependencies: - through "~2.3" - - pause@0.0.1: - version "0.0.1" - resolved "https://registry.yarnpkg.com/pause/-/pause-0.0.1.tgz#1d408b3fdb76923b9543d96fb4c9dfd535d9cb5d" - - pend@~1.2.0: - version "1.2.0" - resolved "https://registry.yarnpkg.com/pend/-/pend-1.2.0.tgz#7a57eb550a6783f9115331fcf4663d5c8e007a50" - - pify@^2.0.0: - version "2.3.0" - resolved "https://registry.yarnpkg.com/pify/-/pify-2.3.0.tgz#ed141a6ac043a849ea588498e7dca8b15330e90c" - - pinkie-promise@^2.0.0: - version "2.0.1" - resolved "https://registry.yarnpkg.com/pinkie-promise/-/pinkie-promise-2.0.1.tgz#2135d6dfa7a358c069ac9b178776288228450ffa" - dependencies: - pinkie "^2.0.0" - - pinkie@^2.0.0: - version "2.0.4" - resolved "https://registry.yarnpkg.com/pinkie/-/pinkie-2.0.4.tgz#72556b80cfa0d48a974e80e77248e80ed4f7f870" - - pkg-dir@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/pkg-dir/-/pkg-dir-1.0.0.tgz#7a4b508a8d5bb2d629d447056ff4e9c9314cf3d4" - dependencies: - find-up "^1.0.0" - - pkg-up@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/pkg-up/-/pkg-up-1.0.0.tgz#3e08fb461525c4421624a33b9f7e6d0af5b05a26" - dependencies: - find-up "^1.0.0" - - pluralize@^1.2.1: - version "1.2.1" - resolved "https://registry.yarnpkg.com/pluralize/-/pluralize-1.2.1.tgz#d1a21483fd22bb41e58a12fa3421823140897c45" - - prelude-ls@~1.1.2: - version "1.1.2" - resolved "https://registry.yarnpkg.com/prelude-ls/-/prelude-ls-1.1.2.tgz#21932a549f5e52ffd9a827f570e04be62a97da54" - - prepend-http@^1.0.0: - version "1.0.4" - resolved "https://registry.yarnpkg.com/prepend-http/-/prepend-http-1.0.4.tgz#d4f4562b0ce3696e41ac52d0e002e57a635dc6dc" - - preserve@^0.2.0: - version "0.2.0" - resolved "https://registry.yarnpkg.com/preserve/-/preserve-0.2.0.tgz#815ed1f6ebc65926f865b310c0713bcb3315ce4b" - - private@^0.1.6, private@~0.1.5: - version "0.1.6" - resolved "https://registry.yarnpkg.com/private/-/private-0.1.6.tgz#55c6a976d0f9bafb9924851350fe47b9b5fbb7c1" - - process-nextick-args@~1.0.6: - version "1.0.7" - resolved "https://registry.yarnpkg.com/process-nextick-args/-/process-nextick-args-1.0.7.tgz#150e20b756590ad3f91093f25a4f2ad8bff30ba3" - - progress@^1.1.8: - version "1.1.8" - resolved "https://registry.yarnpkg.com/progress/-/progress-1.1.8.tgz#e260c78f6161cdd9b0e56cc3e0a85de17c7a57be" - - promise@~1.3.0: - version "1.3.0" - resolved "https://registry.yarnpkg.com/promise/-/promise-1.3.0.tgz#e5cc9a4c8278e4664ffedc01c7da84842b040175" - dependencies: - is-promise "~1" - - proxy-addr@~1.1.2: - version "1.1.2" - resolved "https://registry.yarnpkg.com/proxy-addr/-/proxy-addr-1.1.2.tgz#b4cc5f22610d9535824c123aef9d3cf73c40ba37" - dependencies: - forwarded "~0.1.0" - ipaddr.js "1.1.1" - - ps-tree@^1.0.1: - version "1.1.0" - resolved "https://registry.yarnpkg.com/ps-tree/-/ps-tree-1.1.0.tgz#b421b24140d6203f1ed3c76996b4427b08e8c014" - dependencies: - event-stream "~3.3.0" - - punycode@^1.4.1: - version "1.4.1" - resolved "https://registry.yarnpkg.com/punycode/-/punycode-1.4.1.tgz#c0d5a63b2718800ad8e1eb0fa5269c84dd41845e" - - qs@6.2.0: - version "6.2.0" - resolved "https://registry.yarnpkg.com/qs/-/qs-6.2.0.tgz#3b7848c03c2dece69a9522b0fae8c4126d745f3b" - - qs@~6.3.0: - version "6.3.0" - resolved "https://registry.yarnpkg.com/qs/-/qs-6.3.0.tgz#f403b264f23bc01228c74131b407f18d5ea5d442" - - random-bytes@~1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/random-bytes/-/random-bytes-1.0.0.tgz#4f68a1dc0ae58bd3fb95848c30324db75d64360b" - - randomatic@^1.1.3: - version "1.1.6" - resolved "https://registry.yarnpkg.com/randomatic/-/randomatic-1.1.6.tgz#110dcabff397e9dcff7c0789ccc0a49adf1ec5bb" - dependencies: - is-number "^2.0.2" - kind-of "^3.0.2" - - range-parser@~1.2.0: - version "1.2.0" - resolved "https://registry.yarnpkg.com/range-parser/-/range-parser-1.2.0.tgz#f49be6b487894ddc40dcc94a322f611092e00d5e" - - raw-body@~2.1.7: - version "2.1.7" - resolved "https://registry.yarnpkg.com/raw-body/-/raw-body-2.1.7.tgz#adfeace2e4fb3098058014d08c072dcc59758774" - dependencies: - bytes "2.4.0" - iconv-lite "0.4.13" - unpipe "1.0.0" - - rc@^1.0.1, rc@~1.1.6: - version "1.1.6" - resolved "https://registry.yarnpkg.com/rc/-/rc-1.1.6.tgz#43651b76b6ae53b5c802f1151fa3fc3b059969c9" - dependencies: - deep-extend "~0.4.0" - ini "~1.3.0" - minimist "^1.2.0" - strip-json-comments "~1.0.4" - - read-all-stream@^3.0.0: - version "3.1.0" - resolved "https://registry.yarnpkg.com/read-all-stream/-/read-all-stream-3.1.0.tgz#35c3e177f2078ef789ee4bfafa4373074eaef4fa" - dependencies: - pinkie-promise "^2.0.0" - readable-stream "^2.0.0" - - read-pkg-up@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/read-pkg-up/-/read-pkg-up-1.0.1.tgz#9d63c13276c065918d57f002a57f40a1b643fb02" - dependencies: - find-up "^1.0.0" - read-pkg "^1.0.0" - - read-pkg@^1.0.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/read-pkg/-/read-pkg-1.1.0.tgz#f5ffaa5ecd29cb31c0474bca7d756b6bb29e3f28" - dependencies: - load-json-file "^1.0.0" - normalize-package-data "^2.3.2" - path-type "^1.0.0" - - readable-stream@2.1.5, readable-stream@^2.0.0, "readable-stream@^2.0.0 || ^1.1.13", readable-stream@^2.0.1, readable-stream@^2.0.2, readable-stream@^2.0.4, readable-stream@^2.0.5, readable-stream@^2.1.5, readable-stream@~2.1.4: - version "2.1.5" - resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.1.5.tgz#66fa8b720e1438b364681f2ad1a63c618448c9d0" - dependencies: - buffer-shims "^1.0.0" - core-util-is "~1.0.0" - inherits "~2.0.1" - isarray "~1.0.0" - process-nextick-args "~1.0.6" - string_decoder "~0.10.x" - util-deprecate "~1.0.1" - - "readable-stream@>=1.0.33-1 <1.1.0-0": - version "1.0.34" - resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-1.0.34.tgz#125820e34bc842d2f2aaafafe4c2916ee32c157c" - dependencies: - core-util-is "~1.0.0" - inherits "~2.0.1" - isarray "0.0.1" - string_decoder "~0.10.x" - - readable-stream@~2.0.0, readable-stream@~2.0.5: - version "2.0.6" - resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.0.6.tgz#8f90341e68a53ccc928788dacfcd11b36eb9b78e" - dependencies: - core-util-is "~1.0.0" - inherits "~2.0.1" - isarray "~1.0.0" - process-nextick-args "~1.0.6" - string_decoder "~0.10.x" - util-deprecate "~1.0.1" - - readdirp@^2.0.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/readdirp/-/readdirp-2.1.0.tgz#4ed0ad060df3073300c48440373f72d1cc642d78" - dependencies: - graceful-fs "^4.1.2" - minimatch "^3.0.2" - readable-stream "^2.0.2" - set-immediate-shim "^1.0.1" - - readline2@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/readline2/-/readline2-1.0.1.tgz#41059608ffc154757b715d9989d199ffbf372e35" - dependencies: - code-point-at "^1.0.0" - is-fullwidth-code-point "^1.0.0" - mute-stream "0.0.5" - - redent@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/redent/-/redent-1.0.0.tgz#cf916ab1fd5f1f16dfb20822dd6ec7f730c2afde" - dependencies: - indent-string "^2.1.0" - strip-indent "^1.0.1" - - regenerate@^1.2.1: - version "1.3.2" - resolved "https://registry.yarnpkg.com/regenerate/-/regenerate-1.3.2.tgz#d1941c67bad437e1be76433add5b385f95b19260" - - regenerator-runtime@^0.9.5: - version "0.9.6" - resolved "https://registry.yarnpkg.com/regenerator-runtime/-/regenerator-runtime-0.9.6.tgz#d33eb95d0d2001a4be39659707c51b0cb71ce029" - - regex-cache@^0.4.2: - version "0.4.3" - resolved "https://registry.yarnpkg.com/regex-cache/-/regex-cache-0.4.3.tgz#9b1a6c35d4d0dfcef5711ae651e8e9d3d7114145" - dependencies: - is-equal-shallow "^0.1.3" - is-primitive "^2.0.0" - - regexpu-core@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/regexpu-core/-/regexpu-core-2.0.0.tgz#49d038837b8dcf8bfa5b9a42139938e6ea2ae240" - dependencies: - regenerate "^1.2.1" - regjsgen "^0.2.0" - regjsparser "^0.1.4" - - registry-url@^3.0.0: - version "3.1.0" - resolved "https://registry.yarnpkg.com/registry-url/-/registry-url-3.1.0.tgz#3d4ef870f73dde1d77f0cf9a381432444e174942" - dependencies: - rc "^1.0.1" - - regjsgen@^0.2.0: - version "0.2.0" - resolved "https://registry.yarnpkg.com/regjsgen/-/regjsgen-0.2.0.tgz#6c016adeac554f75823fe37ac05b92d5a4edb1f7" - - regjsparser@^0.1.4: - version "0.1.5" - resolved "https://registry.yarnpkg.com/regjsparser/-/regjsparser-0.1.5.tgz#7ee8f84dc6fa792d3fd0ae228d24bd949ead205c" - dependencies: - jsesc "~0.5.0" - - repeat-element@^1.1.2: - version "1.1.2" - resolved "https://registry.yarnpkg.com/repeat-element/-/repeat-element-1.1.2.tgz#ef089a178d1483baae4d93eb98b4f9e4e11d990a" - - repeat-string@^1.5.2: - version "1.6.1" - resolved "https://registry.yarnpkg.com/repeat-string/-/repeat-string-1.6.1.tgz#8dcae470e1c88abc2d600fff4a776286da75e637" - - repeating@^1.1.2: - version "1.1.3" - resolved "https://registry.yarnpkg.com/repeating/-/repeating-1.1.3.tgz#3d4114218877537494f97f77f9785fab810fa4ac" - dependencies: - is-finite "^1.0.0" - - repeating@^2.0.0: - version "2.0.1" - resolved "https://registry.yarnpkg.com/repeating/-/repeating-2.0.1.tgz#5214c53a926d3552707527fbab415dbc08d06dda" - dependencies: - is-finite "^1.0.0" - - replace-ext@0.0.1: - version "0.0.1" - resolved "https://registry.yarnpkg.com/replace-ext/-/replace-ext-0.0.1.tgz#29bbd92078a739f0bcce2b4ee41e837953522924" - - request@^2.65.0, request@^2.79.0: - version "2.79.0" - resolved "https://registry.yarnpkg.com/request/-/request-2.79.0.tgz#4dfe5bf6be8b8cdc37fcf93e04b65577722710de" - dependencies: - aws-sign2 "~0.6.0" - aws4 "^1.2.1" - caseless "~0.11.0" - combined-stream "~1.0.5" - extend "~3.0.0" - forever-agent "~0.6.1" - form-data "~2.1.1" - har-validator "~2.0.6" - hawk "~3.1.3" - http-signature "~1.1.0" - is-typedarray "~1.0.0" - isstream "~0.1.2" - json-stringify-safe "~5.0.1" - mime-types "~2.1.7" - oauth-sign "~0.8.1" - qs "~6.3.0" - stringstream "~0.0.4" - tough-cookie "~2.3.0" - tunnel-agent "~0.4.1" - uuid "^3.0.0" - - require-uncached@^1.0.2: - version "1.0.3" - resolved "https://registry.yarnpkg.com/require-uncached/-/require-uncached-1.0.3.tgz#4e0d56d6c9662fd31e43011c4b95aa49955421d3" - dependencies: - caller-path "^0.1.0" - resolve-from "^1.0.0" - - require_optional@~1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/require_optional/-/require_optional-1.0.0.tgz#52a86137a849728eb60a55533617f8f914f59abf" - dependencies: - resolve-from "^2.0.0" - semver "^5.1.0" - - resolve-from@^1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/resolve-from/-/resolve-from-1.0.1.tgz#26cbfe935d1aeeeabb29bc3fe5aeb01e93d44226" - - resolve-from@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/resolve-from/-/resolve-from-2.0.0.tgz#9480ab20e94ffa1d9e80a804c7ea147611966b57" - - resolve@^1.1.6: - version "1.1.7" - resolved "https://registry.yarnpkg.com/resolve/-/resolve-1.1.7.tgz#203114d82ad2c5ed9e8e0411b3932875e889e97b" - - restore-cursor@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/restore-cursor/-/restore-cursor-1.0.1.tgz#34661f46886327fed2991479152252df92daa541" - dependencies: - exit-hook "^1.0.0" - onetime "^1.0.0" - - rimraf@2, rimraf@^2.2.8, rimraf@~2.5.1, rimraf@~2.5.4: - version "2.5.4" - resolved "https://registry.yarnpkg.com/rimraf/-/rimraf-2.5.4.tgz#96800093cbf1a0c86bd95b4625467535c29dfa04" - dependencies: - glob "^7.0.5" - - run-async@^0.1.0: - version "0.1.0" - resolved "https://registry.yarnpkg.com/run-async/-/run-async-0.1.0.tgz#c8ad4a5e110661e402a7d21b530e009f25f8e389" - dependencies: - once "^1.3.0" - - rx-lite@^3.1.2: - version "3.1.2" - resolved "https://registry.yarnpkg.com/rx-lite/-/rx-lite-3.1.2.tgz#19ce502ca572665f3b647b10939f97fd1615f102" - - safe-buffer@^5.0.1: - version "5.0.1" - resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.0.1.tgz#d263ca54696cd8a306b5ca6551e92de57918fbe7" - - seek-bzip@^1.0.3: - version "1.0.5" - resolved "https://registry.yarnpkg.com/seek-bzip/-/seek-bzip-1.0.5.tgz#cfe917cb3d274bcffac792758af53173eb1fabdc" - dependencies: - commander "~2.8.1" - - semver-diff@^2.0.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/semver-diff/-/semver-diff-2.1.0.tgz#4bbb8437c8d37e4b0cf1a68fd726ec6d645d6d36" - dependencies: - semver "^5.0.3" - - semver-regex@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/semver-regex/-/semver-regex-1.0.0.tgz#92a4969065f9c70c694753d55248fc68f8f652c9" - - semver-truncate@^1.0.0: - version "1.1.2" - resolved "https://registry.yarnpkg.com/semver-truncate/-/semver-truncate-1.1.2.tgz#57f41de69707a62709a7e0104ba2117109ea47e8" - dependencies: - semver "^5.3.0" - - "semver@2 || 3 || 4 || 5", semver@^5.0.3, semver@^5.1.0, semver@^5.3.0, semver@~5.3.0: - version "5.3.0" - resolved "https://registry.yarnpkg.com/semver/-/semver-5.3.0.tgz#9b2ce5d3de02d17c6012ad326aa6b4d0cf54f94f" - - semver@^4.0.3: - version "4.3.6" - resolved "https://registry.yarnpkg.com/semver/-/semver-4.3.6.tgz#300bc6e0e86374f7ba61068b5b1ecd57fc6532da" - - semver@~5.0.1: - version "5.0.3" - resolved "https://registry.yarnpkg.com/semver/-/semver-5.0.3.tgz#77466de589cd5d3c95f138aa78bc569a3cb5d27a" - - send@0.14.1: - version "0.14.1" - resolved "https://registry.yarnpkg.com/send/-/send-0.14.1.tgz#a954984325392f51532a7760760e459598c89f7a" - dependencies: - debug "~2.2.0" - depd "~1.1.0" - destroy "~1.0.4" - encodeurl "~1.0.1" - escape-html "~1.0.3" - etag "~1.7.0" - fresh "0.3.0" - http-errors "~1.5.0" - mime "1.3.4" - ms "0.7.1" - on-finished "~2.3.0" - range-parser "~1.2.0" - statuses "~1.3.0" - - serve-static@~1.11.1: - version "1.11.1" - resolved "https://registry.yarnpkg.com/serve-static/-/serve-static-1.11.1.tgz#d6cce7693505f733c759de57befc1af76c0f0805" - dependencies: - encodeurl "~1.0.1" - escape-html "~1.0.3" - parseurl "~1.3.1" - send "0.14.1" - - set-blocking@~2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/set-blocking/-/set-blocking-2.0.0.tgz#045f9782d011ae9a6803ddd382b24392b3d890f7" - - set-immediate-shim@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/set-immediate-shim/-/set-immediate-shim-1.0.1.tgz#4b2b1b27eb808a9f8dcc481a58e5e56f599f3f61" - - setprototypeof@1.0.2: - version "1.0.2" - resolved "https://registry.yarnpkg.com/setprototypeof/-/setprototypeof-1.0.2.tgz#81a552141ec104b88e89ce383103ad5c66564d08" - - shebang-regex@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/shebang-regex/-/shebang-regex-1.0.0.tgz#da42f49740c0b42db2ca9728571cb190c98efea3" - - shelljs@^0.6.0: - version "0.6.1" - resolved "https://registry.yarnpkg.com/shelljs/-/shelljs-0.6.1.tgz#ec6211bed1920442088fe0f70b2837232ed2c8a8" - - signal-exit@^3.0.0: - version "3.0.2" - resolved "https://registry.yarnpkg.com/signal-exit/-/signal-exit-3.0.2.tgz#b5fdc08f1287ea1178628e415e25132b73646c6d" - - slash@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/slash/-/slash-1.0.0.tgz#c41f2f6c39fc16d1cd17ad4b5d896114ae470d55" - - slice-ansi@0.0.4: - version "0.0.4" - resolved "https://registry.yarnpkg.com/slice-ansi/-/slice-ansi-0.0.4.tgz#edbf8903f66f7ce2f8eafd6ceed65e264c831b35" - - slide@^1.1.5: - version "1.1.6" - resolved "https://registry.yarnpkg.com/slide/-/slide-1.1.6.tgz#56eb027d65b4d2dce6cb2e2d32c4d4afc9e1d707" - - sntp@1.x.x: - version "1.0.9" - resolved "https://registry.yarnpkg.com/sntp/-/sntp-1.0.9.tgz#6541184cc90aeea6c6e7b35e2659082443c66198" - dependencies: - hoek "2.x.x" - - source-map-support@^0.4.2: - version "0.4.6" - resolved "https://registry.yarnpkg.com/source-map-support/-/source-map-support-0.4.6.tgz#32552aa64b458392a85eab3b0b5ee61527167aeb" - dependencies: - source-map "^0.5.3" - - source-map@^0.5.0, source-map@^0.5.3: - version "0.5.6" - resolved "https://registry.yarnpkg.com/source-map/-/source-map-0.5.6.tgz#75ce38f52bf0733c5a7f0c118d81334a2bb5f412" - - spawn-sync@1.0.15: - version "1.0.15" - resolved "https://registry.yarnpkg.com/spawn-sync/-/spawn-sync-1.0.15.tgz#b00799557eb7fb0c8376c29d44e8a1ea67e57476" - dependencies: - concat-stream "^1.4.7" - os-shim "^0.1.2" - - spdx-correct@~1.0.0: - version "1.0.2" - resolved "https://registry.yarnpkg.com/spdx-correct/-/spdx-correct-1.0.2.tgz#4b3073d933ff51f3912f03ac5519498a4150db40" - dependencies: - spdx-license-ids "^1.0.2" - - spdx-expression-parse@~1.0.0: - version "1.0.4" - resolved "https://registry.yarnpkg.com/spdx-expression-parse/-/spdx-expression-parse-1.0.4.tgz#9bdf2f20e1f40ed447fbe273266191fced51626c" - - spdx-license-ids@^1.0.2: - version "1.2.2" - resolved "https://registry.yarnpkg.com/spdx-license-ids/-/spdx-license-ids-1.2.2.tgz#c9df7a3424594ade6bd11900d596696dc06bac57" - - split@0.3: - version "0.3.3" - resolved "https://registry.yarnpkg.com/split/-/split-0.3.3.tgz#cd0eea5e63a211dfff7eb0f091c4133e2d0dd28f" - dependencies: - through "2" - - sprintf-js@~1.0.2: - version "1.0.3" - resolved "https://registry.yarnpkg.com/sprintf-js/-/sprintf-js-1.0.3.tgz#04e6926f662895354f3dd015203633b857297e2c" - - sshpk@^1.7.0: - version "1.10.1" - resolved "https://registry.yarnpkg.com/sshpk/-/sshpk-1.10.1.tgz#30e1a5d329244974a1af61511339d595af6638b0" - dependencies: - asn1 "~0.2.3" - assert-plus "^1.0.0" - dashdash "^1.12.0" - getpass "^0.1.1" - optionalDependencies: - bcrypt-pbkdf "^1.0.0" - ecc-jsbn "~0.1.1" - jodid25519 "^1.0.0" - jsbn "~0.1.0" - tweetnacl "~0.14.0" - - stack-trace@0.0.x: - version "0.0.10" - resolved "https://registry.yarnpkg.com/stack-trace/-/stack-trace-0.0.10.tgz#547c70b347e8d32b4e108ea1a2a159e5fdde19c0" - - stat-mode@^0.2.0: - version "0.2.2" - resolved "https://registry.yarnpkg.com/stat-mode/-/stat-mode-0.2.2.tgz#e6c80b623123d7d80cf132ce538f346289072502" - - "statuses@>= 1.3.1 < 2", statuses@~1.3.0: - version "1.3.1" - resolved "https://registry.yarnpkg.com/statuses/-/statuses-1.3.1.tgz#faf51b9eb74aaef3b3acf4ad5f61abf24cb7b93e" - - stream-combiner2@^1.1.1: - version "1.1.1" - resolved "https://registry.yarnpkg.com/stream-combiner2/-/stream-combiner2-1.1.1.tgz#fb4d8a1420ea362764e21ad4780397bebcb41cbe" - dependencies: - duplexer2 "~0.1.0" - readable-stream "^2.0.2" - - stream-combiner@~0.0.4: - version "0.0.4" - resolved "https://registry.yarnpkg.com/stream-combiner/-/stream-combiner-0.0.4.tgz#4d5e433c185261dde623ca3f44c586bcf5c4ad14" - dependencies: - duplexer "~0.1.1" - - stream-shift@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/stream-shift/-/stream-shift-1.0.0.tgz#d5c752825e5367e786f78e18e445ea223a155952" - - string-length@^1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/string-length/-/string-length-1.0.1.tgz#56970fb1c38558e9e70b728bf3de269ac45adfac" - dependencies: - strip-ansi "^3.0.0" - - string-width@^1.0.1: - version "1.0.2" - resolved "https://registry.yarnpkg.com/string-width/-/string-width-1.0.2.tgz#118bdf5b8cdc51a2a7e70d211e07e2b0b9b107d3" - dependencies: - code-point-at "^1.0.0" - is-fullwidth-code-point "^1.0.0" - strip-ansi "^3.0.0" - - string-width@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/string-width/-/string-width-2.0.0.tgz#635c5436cc72a6e0c387ceca278d4e2eec52687e" - dependencies: - is-fullwidth-code-point "^2.0.0" - strip-ansi "^3.0.0" - - string_decoder@~0.10.x: - version "0.10.31" - resolved "https://registry.yarnpkg.com/string_decoder/-/string_decoder-0.10.31.tgz#62e203bc41766c6c28c9fc84301dab1c5310fa94" - - stringstream@~0.0.4: - version "0.0.5" - resolved "https://registry.yarnpkg.com/stringstream/-/stringstream-0.0.5.tgz#4e484cd4de5a0bbbee18e46307710a8a81621878" - - strip-ansi@^3.0.0, strip-ansi@^3.0.1: - version "3.0.1" - resolved "https://registry.yarnpkg.com/strip-ansi/-/strip-ansi-3.0.1.tgz#6a385fb8853d952d5ff05d0e8aaf94278dc63dcf" - dependencies: - ansi-regex "^2.0.0" - - strip-bom-stream@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/strip-bom-stream/-/strip-bom-stream-1.0.0.tgz#e7144398577d51a6bed0fa1994fa05f43fd988ee" - dependencies: - first-chunk-stream "^1.0.0" - strip-bom "^2.0.0" - - strip-bom@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/strip-bom/-/strip-bom-2.0.0.tgz#6219a85616520491f35788bdbf1447a99c7e6b0e" - dependencies: - is-utf8 "^0.2.0" - - strip-bom@^3.0.0: - version "3.0.0" - resolved "https://registry.yarnpkg.com/strip-bom/-/strip-bom-3.0.0.tgz#2334c18e9c759f7bdd56fdef7e9ae3d588e68ed3" - - strip-dirs@^1.0.0: - version "1.1.1" - resolved "https://registry.yarnpkg.com/strip-dirs/-/strip-dirs-1.1.1.tgz#960bbd1287844f3975a4558aa103a8255e2456a0" - dependencies: - chalk "^1.0.0" - get-stdin "^4.0.1" - is-absolute "^0.1.5" - is-natural-number "^2.0.0" - minimist "^1.1.0" - sum-up "^1.0.1" - - strip-indent@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/strip-indent/-/strip-indent-1.0.1.tgz#0c7962a6adefa7bbd4ac366460a638552ae1a0a2" - dependencies: - get-stdin "^4.0.1" - - strip-json-comments@~1.0.1, strip-json-comments@~1.0.4: - version "1.0.4" - resolved "https://registry.yarnpkg.com/strip-json-comments/-/strip-json-comments-1.0.4.tgz#1e15fbcac97d3ee99bf2d73b4c656b082bbafb91" - - subscriptions-transport-ws@0.2.6: - version "0.2.6" - resolved "https://registry.yarnpkg.com/subscriptions-transport-ws/-/subscriptions-transport-ws-0.2.6.tgz#433861167c25ef9a2b8697e9403afa2a77656cb3" - dependencies: - "@types/node" "^6.0.38" - backo2 "^1.0.2" - es6-promise "^3.2.1" - graphql-subscriptions "^0.1.3" - lodash.isobject "^3.0.2" - lodash.isstring "^4.0.1" - node-static "0.5.9" - websocket "^1.0.23" - - sum-up@^1.0.1: - version "1.0.3" - resolved "https://registry.yarnpkg.com/sum-up/-/sum-up-1.0.3.tgz#1c661f667057f63bcb7875aa1438bc162525156e" - dependencies: - chalk "^1.0.0" - - supports-color@3.1.2: - version "3.1.2" - resolved "https://registry.yarnpkg.com/supports-color/-/supports-color-3.1.2.tgz#72a262894d9d408b956ca05ff37b2ed8a6e2a2d5" - dependencies: - has-flag "^1.0.0" - - supports-color@^0.2.0: - version "0.2.0" - resolved "https://registry.yarnpkg.com/supports-color/-/supports-color-0.2.0.tgz#d92de2694eb3f67323973d7ae3d8b55b4c22190a" - - supports-color@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/supports-color/-/supports-color-2.0.0.tgz#535d045ce6b6363fa40117084629995e9df324c7" - - table@^3.7.8: - version "3.8.3" - resolved "https://registry.yarnpkg.com/table/-/table-3.8.3.tgz#2bbc542f0fda9861a755d3947fefd8b3f513855f" - dependencies: - ajv "^4.7.0" - ajv-keywords "^1.0.0" - chalk "^1.1.1" - lodash "^4.0.0" - slice-ansi "0.0.4" - string-width "^2.0.0" - - tar-pack@~3.3.0: - version "3.3.0" - resolved "https://registry.yarnpkg.com/tar-pack/-/tar-pack-3.3.0.tgz#30931816418f55afc4d21775afdd6720cee45dae" - dependencies: - debug "~2.2.0" - fstream "~1.0.10" - fstream-ignore "~1.0.5" - once "~1.3.3" - readable-stream "~2.1.4" - rimraf "~2.5.1" - tar "~2.2.1" - uid-number "~0.0.6" - - tar-stream@^1.1.1: - version "1.5.2" - resolved "https://registry.yarnpkg.com/tar-stream/-/tar-stream-1.5.2.tgz#fbc6c6e83c1a19d4cb48c7d96171fc248effc7bf" - dependencies: - bl "^1.0.0" - end-of-stream "^1.0.0" - readable-stream "^2.0.0" - xtend "^4.0.0" - - tar@~2.2.1: - version "2.2.1" - resolved "https://registry.yarnpkg.com/tar/-/tar-2.2.1.tgz#8e4d2a256c0e2185c6b18ad694aec968b83cb1d1" - dependencies: - block-stream "*" - fstream "^1.0.2" - inherits "2" - - text-table@~0.2.0: - version "0.2.0" - resolved "https://registry.yarnpkg.com/text-table/-/text-table-0.2.0.tgz#7f5ee823ae805207c00af2df4a84ec3fcfa570b4" - - through2-filter@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/through2-filter/-/through2-filter-2.0.0.tgz#60bc55a0dacb76085db1f9dae99ab43f83d622ec" - dependencies: - through2 "~2.0.0" - xtend "~4.0.0" - - through2@^0.6.0, through2@^0.6.1: - version "0.6.5" - resolved "https://registry.yarnpkg.com/through2/-/through2-0.6.5.tgz#41ab9c67b29d57209071410e1d7a7a968cd3ad48" - dependencies: - readable-stream ">=1.0.33-1 <1.1.0-0" - xtend ">=4.0.0 <4.1.0-0" - - through2@^2.0.0, through2@~2.0.0: - version "2.0.3" - resolved "https://registry.yarnpkg.com/through2/-/through2-2.0.3.tgz#0004569b37c7c74ba39c43f3ced78d1ad94140be" - dependencies: - readable-stream "^2.1.5" - xtend "~4.0.1" - - through@2, through@^2.3.6, through@~2.3, through@~2.3.1: - version "2.3.8" - resolved "https://registry.yarnpkg.com/through/-/through-2.3.8.tgz#0dd4c9ffaabc357960b1b724115d7e0e86a2e1f5" - - timed-out@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/timed-out/-/timed-out-2.0.0.tgz#f38b0ae81d3747d628001f41dafc652ace671c0a" - - to-absolute-glob@^0.1.1: - version "0.1.1" - resolved "https://registry.yarnpkg.com/to-absolute-glob/-/to-absolute-glob-0.1.1.tgz#1cdfa472a9ef50c239ee66999b662ca0eb39937f" - dependencies: - extend-shallow "^2.0.1" - - to-fast-properties@^1.0.1: - version "1.0.2" - resolved "https://registry.yarnpkg.com/to-fast-properties/-/to-fast-properties-1.0.2.tgz#f3f5c0c3ba7299a7ef99427e44633257ade43320" - - topo@1.x.x: - version "1.1.0" - resolved "https://registry.yarnpkg.com/topo/-/topo-1.1.0.tgz#e9d751615d1bb87dc865db182fa1ca0a5ef536d5" - dependencies: - hoek "2.x.x" - - touch@1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/touch/-/touch-1.0.0.tgz#449cbe2dbae5a8c8038e30d71fa0ff464947c4de" - dependencies: - nopt "~1.0.10" - - tough-cookie@~2.3.0: - version "2.3.2" - resolved "https://registry.yarnpkg.com/tough-cookie/-/tough-cookie-2.3.2.tgz#f081f76e4c85720e6c37a5faced737150d84072a" - dependencies: - punycode "^1.4.1" - - trim-newlines@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/trim-newlines/-/trim-newlines-1.0.0.tgz#5887966bb582a4503a41eb524f7d35011815a613" - - tryit@^1.0.1: - version "1.0.3" - resolved "https://registry.yarnpkg.com/tryit/-/tryit-1.0.3.tgz#393be730a9446fd1ead6da59a014308f36c289cb" - - tunnel-agent@~0.4.1: - version "0.4.3" - resolved "https://registry.yarnpkg.com/tunnel-agent/-/tunnel-agent-0.4.3.tgz#6373db76909fe570e08d73583365ed828a74eeeb" - - tweetnacl@^0.14.3, tweetnacl@~0.14.0: - version "0.14.4" - resolved "https://registry.yarnpkg.com/tweetnacl/-/tweetnacl-0.14.4.tgz#8c9dbfb52795686f166cd2023794bcf103d13c2b" - - type-check@~0.3.2: - version "0.3.2" - resolved "https://registry.yarnpkg.com/type-check/-/type-check-0.3.2.tgz#5884cab512cf1d355e3fb784f30804b2b520db72" - dependencies: - prelude-ls "~1.1.2" - - type-detect@0.1.1: - version "0.1.1" - resolved "https://registry.yarnpkg.com/type-detect/-/type-detect-0.1.1.tgz#0ba5ec2a885640e470ea4e8505971900dac58822" - - type-detect@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/type-detect/-/type-detect-1.0.0.tgz#762217cc06db258ec48908a1298e8b95121e8ea2" - - type-is@~1.6.13: - version "1.6.14" - resolved "https://registry.yarnpkg.com/type-is/-/type-is-1.6.14.tgz#e219639c17ded1ca0789092dd54a03826b817cb2" - dependencies: - media-typer "0.3.0" - mime-types "~2.1.13" - - typed-graphql@^1.0.2: - version "1.0.2" - resolved "https://registry.yarnpkg.com/typed-graphql/-/typed-graphql-1.0.2.tgz#4c0f788775d552df4d4ec3d73f25469252f40fb8" - - typedarray-to-buffer@^3.1.2: - version "3.1.2" - resolved "https://registry.yarnpkg.com/typedarray-to-buffer/-/typedarray-to-buffer-3.1.2.tgz#1017b32d984ff556eba100f501589aba1ace2e04" - dependencies: - is-typedarray "^1.0.0" - - typedarray@~0.0.5: - version "0.0.6" - resolved "https://registry.yarnpkg.com/typedarray/-/typedarray-0.0.6.tgz#867ac74e3864187b1d3d47d996a78ec5c8830777" - - uid-number@~0.0.6: - version "0.0.6" - resolved "https://registry.yarnpkg.com/uid-number/-/uid-number-0.0.6.tgz#0ea10e8035e8eb5b8e4449f06da1c730663baa81" - - uid-safe@~2.1.2: - version "2.1.3" - resolved "https://registry.yarnpkg.com/uid-safe/-/uid-safe-2.1.3.tgz#077e264a00b3187936b270bb7376a26473631071" - dependencies: - base64-url "1.3.3" - random-bytes "~1.0.0" - - undefsafe@0.0.3: - version "0.0.3" - resolved "https://registry.yarnpkg.com/undefsafe/-/undefsafe-0.0.3.tgz#ecca3a03e56b9af17385baac812ac83b994a962f" - - unique-stream@^2.0.2: - version "2.2.1" - resolved "https://registry.yarnpkg.com/unique-stream/-/unique-stream-2.2.1.tgz#5aa003cfbe94c5ff866c4e7d668bb1c4dbadb369" - dependencies: - json-stable-stringify "^1.0.0" - through2-filter "^2.0.0" - - unpipe@1.0.0, unpipe@~1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/unpipe/-/unpipe-1.0.0.tgz#b2bf4ee8514aae6165b4817829d21b2ef49904ec" - - update-notifier@0.5.0: - version "0.5.0" - resolved "https://registry.yarnpkg.com/update-notifier/-/update-notifier-0.5.0.tgz#07b5dc2066b3627ab3b4f530130f7eddda07a4cc" - dependencies: - chalk "^1.0.0" - configstore "^1.0.0" - is-npm "^1.0.0" - latest-version "^1.0.0" - repeating "^1.1.2" - semver-diff "^2.0.0" - string-length "^1.0.0" - - user-home@^1.1.1: - version "1.1.1" - resolved "https://registry.yarnpkg.com/user-home/-/user-home-1.1.1.tgz#2b5be23a32b63a7c9deb8d0f28d485724a3df190" - - user-home@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/user-home/-/user-home-2.0.0.tgz#9c70bfd8169bc1dcbf48604e0f04b8b49cde9e9f" - dependencies: - os-homedir "^1.0.0" - - util-deprecate@~1.0.1: - version "1.0.2" - resolved "https://registry.yarnpkg.com/util-deprecate/-/util-deprecate-1.0.2.tgz#450d4dc9fa70de732762fbd2d4a28981419a0ccf" - - utils-merge@1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/utils-merge/-/utils-merge-1.0.0.tgz#0294fb922bb9375153541c4f7096231f287c8af8" - - uuid@^2.0.1: - version "2.0.3" - resolved "https://registry.yarnpkg.com/uuid/-/uuid-2.0.3.tgz#67e2e863797215530dff318e5bf9dcebfd47b21a" - - uuid@^3.0.0: - version "3.0.1" - resolved "https://registry.yarnpkg.com/uuid/-/uuid-3.0.1.tgz#6544bba2dfda8c1cf17e629a3a305e2bb1fee6c1" - - v8flags@^2.0.10: - version "2.0.11" - resolved "https://registry.yarnpkg.com/v8flags/-/v8flags-2.0.11.tgz#bca8f30f0d6d60612cc2c00641e6962d42ae6881" - dependencies: - user-home "^1.1.1" - - vali-date@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/vali-date/-/vali-date-1.0.0.tgz#1b904a59609fb328ef078138420934f6b86709a6" - - validate-npm-package-license@^3.0.1: - version "3.0.1" - resolved "https://registry.yarnpkg.com/validate-npm-package-license/-/validate-npm-package-license-3.0.1.tgz#2804babe712ad3379459acfbe24746ab2c303fbc" - dependencies: - spdx-correct "~1.0.0" - spdx-expression-parse "~1.0.0" - - vary@^1, vary@~1.1.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/vary/-/vary-1.1.0.tgz#e1e5affbbd16ae768dd2674394b9ad3022653140" - - verror@1.3.6: - version "1.3.6" - resolved "https://registry.yarnpkg.com/verror/-/verror-1.3.6.tgz#cff5df12946d297d2baaefaa2689e25be01c005c" - dependencies: - extsprintf "1.0.2" - - vinyl-assign@^1.0.1: - version "1.2.1" - resolved "https://registry.yarnpkg.com/vinyl-assign/-/vinyl-assign-1.2.1.tgz#4d198891b5515911d771a8cd9c5480a46a074a45" - dependencies: - object-assign "^4.0.1" - readable-stream "^2.0.0" - - vinyl-fs@^2.2.0: - version "2.4.4" - resolved "https://registry.yarnpkg.com/vinyl-fs/-/vinyl-fs-2.4.4.tgz#be6ff3270cb55dfd7d3063640de81f25d7532239" - dependencies: - duplexify "^3.2.0" - glob-stream "^5.3.2" - graceful-fs "^4.0.0" - gulp-sourcemaps "1.6.0" - is-valid-glob "^0.3.0" - lazystream "^1.0.0" - lodash.isequal "^4.0.0" - merge-stream "^1.0.0" - mkdirp "^0.5.0" - object-assign "^4.0.0" - readable-stream "^2.0.4" - strip-bom "^2.0.0" - strip-bom-stream "^1.0.0" - through2 "^2.0.0" - through2-filter "^2.0.0" - vali-date "^1.0.0" - vinyl "^1.0.0" - - vinyl@^0.4.3: - version "0.4.6" - resolved "https://registry.yarnpkg.com/vinyl/-/vinyl-0.4.6.tgz#2f356c87a550a255461f36bbeb2a5ba8bf784847" - dependencies: - clone "^0.2.0" - clone-stats "^0.0.1" - - vinyl@^1.0.0: - version "1.2.0" - resolved "https://registry.yarnpkg.com/vinyl/-/vinyl-1.2.0.tgz#5c88036cf565e5df05558bfc911f8656df218884" - dependencies: - clone "^1.0.0" - clone-stats "^0.0.1" - replace-ext "0.0.1" - - websocket@^1.0.23: - version "1.0.23" - resolved "https://registry.yarnpkg.com/websocket/-/websocket-1.0.23.tgz#20de8ec4a7126b09465578cd5dbb29a9c296aac6" - dependencies: - debug "^2.2.0" - nan "^2.3.3" - typedarray-to-buffer "^3.1.2" - yaeti "^0.0.4" - - wide-align@^1.1.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/wide-align/-/wide-align-1.1.0.tgz#40edde802a71fea1f070da3e62dcda2e7add96ad" - dependencies: - string-width "^1.0.1" - - window-size@^0.1.4: - version "0.1.4" - resolved "https://registry.yarnpkg.com/window-size/-/window-size-0.1.4.tgz#f8e1aa1ee5a53ec5bf151ffa09742a6ad7697876" - - winston@^2.3.1: - version "2.3.1" - resolved "https://registry.yarnpkg.com/winston/-/winston-2.3.1.tgz#0b48420d978c01804cf0230b648861598225a119" - dependencies: - async "~1.0.0" - colors "1.0.x" - cycle "1.0.x" - eyes "0.1.x" - isstream "0.1.x" - stack-trace "0.0.x" - - wordwrap@~1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/wordwrap/-/wordwrap-1.0.0.tgz#27584810891456a4171c8d0226441ade90cbcaeb" - - wrap-ansi@^2.0.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/wrap-ansi/-/wrap-ansi-2.1.0.tgz#d8fc3d284dd05794fe84973caecdd1cf824fdd85" - dependencies: - string-width "^1.0.1" - strip-ansi "^3.0.1" - - wrappy@1: - version "1.0.2" - resolved "https://registry.yarnpkg.com/wrappy/-/wrappy-1.0.2.tgz#b5243d8f3ec1aa35f1364605bc0d1036e30ab69f" - - write-file-atomic@^1.1.2: - version "1.2.0" - resolved "https://registry.yarnpkg.com/write-file-atomic/-/write-file-atomic-1.2.0.tgz#14c66d4e4cb3ca0565c28cf3b7a6f3e4d5938fab" - dependencies: - graceful-fs "^4.1.2" - imurmurhash "^0.1.4" - slide "^1.1.5" - - write@^0.2.1: - version "0.2.1" - resolved "https://registry.yarnpkg.com/write/-/write-0.2.1.tgz#5fc03828e264cea3fe91455476f7a3c566cb0757" - dependencies: - mkdirp "^0.5.1" - - xdg-basedir@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/xdg-basedir/-/xdg-basedir-2.0.0.tgz#edbc903cc385fc04523d966a335504b5504d1bd2" - dependencies: - os-homedir "^1.0.0" - - "xtend@>=4.0.0 <4.1.0-0", xtend@^4.0.0, xtend@^4.0.1, xtend@~4.0.0, xtend@~4.0.1: - version "4.0.1" - resolved "https://registry.yarnpkg.com/xtend/-/xtend-4.0.1.tgz#a5c6d532be656e23db820efb943a1f04998d63af" - - y18n@^3.2.0: - version "3.2.1" - resolved "https://registry.yarnpkg.com/y18n/-/y18n-3.2.1.tgz#6d15fba884c08679c0d77e88e7759e811e07fa41" - - yaeti@^0.0.4: - version "0.0.4" - resolved "https://registry.yarnpkg.com/yaeti/-/yaeti-0.0.4.tgz#89fe739c45ac4491028973193262a837693a66b6" - - yargs@^3.26.0: - version "3.32.0" - resolved "https://registry.yarnpkg.com/yargs/-/yargs-3.32.0.tgz#03088e9ebf9e756b69751611d2a5ef591482c995" - dependencies: - camelcase "^2.0.1" - cliui "^3.0.3" - decamelize "^1.1.1" - os-locale "^1.4.0" - string-width "^1.0.1" - window-size "^0.1.4" - y18n "^3.2.0" - - yauzl@^2.2.1: - version "2.7.0" - resolved "https://registry.yarnpkg.com/yauzl/-/yauzl-2.7.0.tgz#e21d847868b496fc29eaec23ee87fdd33e9b2bce" - dependencies: - buffer-crc32 "~0.2.3" - fd-slicer "~1.0.1" - -Trace: - Error: EEXIST: file already exists, mkdir '/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/create-graphql-server-authorization' From b894088ca71ceb17eb4ab6ca0a58a98f313b8756 Mon Sep 17 00:00:00 2001 From: tobkle Date: Fri, 18 Aug 2017 18:49:46 +0200 Subject: [PATCH 57/69] after pull upstream/master and rebase upstream/master --- test/output-app/README.md | 1051 ---- test/output-app/log/all-logs-readable.log | 4471 ++++++++++++++++- test/output-app/model/Tweet.js | 3 +- test/output-app/model/User.js | 3 +- .../server/logs/all-logs-readable.log | 2144 -------- 5 files changed, 4473 insertions(+), 3199 deletions(-) delete mode 100644 test/output-app/server/logs/all-logs-readable.log diff --git a/test/output-app/README.md b/test/output-app/README.md index 6e7f80e..1f06567 100644 --- a/test/output-app/README.md +++ b/test/output-app/README.md @@ -7,8 +7,6 @@ This is a generated create-graphql-server app. ## Implementing Authentication The authentication is performed in those locations: * ./server/index.js -<<<<<<< HEAD -<<<<<<< HEAD * ./server/authenticate.js * ./model/index.js @@ -16,22 +14,6 @@ The authentication is performed in those locations: In the server, the database is started, and the UserCollection is defined. That's where the server accesses the user documents in the database. In ```js authenticate(app, UserCollection)``` the authentication is prepared and processed. Later, if a user sends a 'graphql' request, the user is determined with ```js passport.authenticate(...)```. After that, the user is whether an anonymous user or an authenticated user. You find the identified user in the object "me". Then the type models have to be initialized with the user "me" authorizations: ```js req.context = addModelsToContext({... me ...})```. -======= -* ./model/index.js -======= ->>>>>>> PR adjustments + npm package -* ./server/authenticate.js -* ./model/index.js - -### ./server/index.js -In the server, the database is started, and the UserCollection is defined. That's where the server accesses the user documents in the database. - -<<<<<<< HEAD -In ```js authenticate(app, UserCollection)``` the authentication is prepared and processed. Later if a user sends a 'graphql' request, the user is determined with ```js passport.authenticate(...)```. After that, the user is whether an anonymous user or an authenticated user. You find the identified user in the object "me". Then the type models have to be initialized with the user "me" authorizations: ```js req.context = addModelsToContext({... me ...})```. ->>>>>>> new authorization version from 2017-07-17 -======= -In ```js authenticate(app, UserCollection)``` the authentication is prepared and processed. Later, if a user sends a 'graphql' request, the user is determined with ```js passport.authenticate(...)```. After that, the user is whether an anonymous user or an authenticated user. You find the identified user in the object "me". Then the type models have to be initialized with the user "me" authorizations: ```js req.context = addModelsToContext({... me ...})```. ->>>>>>> PR adjustments + npm package ```javascript ... @@ -69,21 +51,10 @@ async function startServer() { schema, context: Object.assign({ me }, req.context), debug: true, -<<<<<<< HEAD -<<<<<<< HEAD formatError(e) { console.log(e); return e; }, -======= - // formatError(e) { console.log(e) }, ->>>>>>> new authorization version from 2017-07-17 -======= - formatError(e) { - console.log(e); - return e; - }, ->>>>>>> authorization }; })(req, res, next); })(req, res, next); @@ -92,10 +63,6 @@ async function startServer() { } ``` -<<<<<<< HEAD -<<<<<<< HEAD -======= ->>>>>>> PR adjustments + npm package By-the-way: The server/index.js is able to access the User collection directly by the following two lines. This is used in the server/authenticate.js during authenticate. ```js ... @@ -105,17 +72,8 @@ authenticate(app, UserCollection); ... ``` -<<<<<<< HEAD ### ./model/index.js If there is a User model generated, then we load it as the first model. It defines the model, which will be used in the other models as well, to perform the authorization checks. -======= -### ./model/index.js -If there is a User model generated, then we load it as the first model. It defines the model, which will be used in the other models as well, to perform the authorization checks. ->>>>>>> new authorization version from 2017-07-17 -======= -### ./model/index.js -If there is a User model generated, then we load it as the first model. It defines the model, which will be used in the other models as well, to perform the authorization checks. ->>>>>>> PR adjustments + npm package ```javascript const models = {}; @@ -142,15 +100,7 @@ models.User = User; ``` ### ./server/authenticate.js -<<<<<<< HEAD -<<<<<<< HEAD -Here, the real identification of an user is performed. After a user requested a '/login' url with user and password. The user's email is searched in the database. If it is there, it checks if the user's encrypted hash is equal to the encrypted password. If so, a user is identified and a JWT token is generated and transfered back to the requesting user. This JWT token is usually stored in the client's browsers local storage and added to the next call in the Authorization header. With all the next requests of that user, he sends an header like... -======= -Here the real identification of an user is performed. After a user requested a '/login' with user and password. The user's email is searched in the database. If it is there, it checks if the user's encrypted hash is equal to the encrypted password, if so, a user is identified and a JWT token is generated and transfered back to the requesting user. With all the next requests of that user, he sends an header like... ->>>>>>> new authorization version from 2017-07-17 -======= Here, the real identification of an user is performed. After a user requested a '/login' url with user and password. The user's email is searched in the database. If it is there, it checks if the user's encrypted hash is equal to the encrypted password. If so, a user is identified and a JWT token is generated and transfered back to the requesting user. This JWT token is usually stored in the client's browsers local storage and added to the next call in the Authorization header. With all the next requests of that user, he sends an header like... ->>>>>>> PR adjustments + npm package ```javacript authorization JWT calculated.JWT.token ``` @@ -164,15 +114,7 @@ import { ObjectId } from 'mongodb'; import nodeify from 'nodeify'; import bcrypt from 'bcrypt'; import DataLoader from 'dataloader'; -<<<<<<< HEAD -<<<<<<< HEAD import { findByIds } from 'create-graphql-server-authorization'; -======= -import { findByIds } from './authorize'; ->>>>>>> new authorization version from 2017-07-17 -======= -import { findByIds } from 'create-graphql-server-authorization'; ->>>>>>> PR adjustments + npm package const KEY = 'test-key'; let Loader; @@ -269,16 +211,7 @@ type User ) { -<<<<<<< HEAD -<<<<<<< HEAD - role: String @authRole("admin") -======= - role: String @authRole("admin") @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) - ->>>>>>> new authorization version from 2017-07-17 -======= role: String @authRole("admin") ->>>>>>> authorization-simple username: String! bio: String @@ -300,31 +233,7 @@ This has the following meaning: * document-role: "this", is created (document roles have own fields in the document, but this is a special case for the field _id, which is not shown in the input type, but will be generated in the later schema file.) Only the user id of "this" meaning _id is allowed to readOne, update, delete its single User document. -<<<<<<< HEAD -<<<<<<< HEAD -<<<<<<< HEAD -Use create-graphql-server command to generate the according schema, resolver, model files with the create-graphql-server command line interface. After its generation, you will find the generated files in the sub folders: schema, resolvers, model. The generated model files will use the following functions to implement the authorization logic. -======= -Here we use also the @authorize directive on field level for the field role: -```javascript -... -role: String @authRole("admin") @authorize(admin: ["create", "read", "update", "delete"], this: ["readOne"]) -... -``` -This adds additional authorization checks on the field level just for this field "role". -Every time this field "role" appears in any document, it will be checked, if the user is authorized to do the operation on this document containing this field. If the field is not in the document, it skips the field check. - -In this case it checks: -* if the user-role "admin" is the authorized user, then it allows him to create, read, update, delete operations also on the document, if it contains the field "role" -* if the document-role "this" (=owner of the document user._id_ = doc._id_) to do the operations "readOne" on the User document, but it doesn't allow him to upgrade/update his own User.role. - -======= ->>>>>>> authorization-simple -Use create-graphql-server cli to generate the according schema, resolver, model files with the create-graphql-server command line interface. After its generation, you will find the generated files in the sub folders: schema, resolvers, model folders. The generated model files will use the following functions to implement the authorization logic. ->>>>>>> new authorization version from 2017-07-17 -======= Use create-graphql-server command to generate the according schema, resolver, model files with the create-graphql-server command line interface. After its generation, you will find the generated files in the sub folders: schema, resolvers, model. The generated model files will use the following functions to implement the authorization logic. ->>>>>>> PR adjustments + npm package ### model.js This is an example of a database model of type . @@ -335,11 +244,6 @@ import { findByIds, queryForRoles, getLogFilename, logger, authlog, checkAuthDoc const log = logger(getLogFilename()); export default class { -<<<<<<< HEAD -<<<<<<< HEAD -<<<<<<< HEAD -======= ->>>>>>> PR adjustments + npm package constructor(context) { this.context = context; this.collection = context.db.collection(''); @@ -353,79 +257,6 @@ export default class { authQuery = {_id: false}; // otherwise admin access } this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); -<<<<<<< HEAD -======= - constructor(context){ -<<<<<<< HEAD -<<<<<<< HEAD - ... - this.unauthorizedLoader = new DataLoader(ids => findByIds(this.collection, ids)); - const { user: me, User } = context; - const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], 'readOne', { User }, 'findOneLoader'); - this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); - ... ->>>>>>> handle conflicts - } - - async findOneById(id, me, resolver) { - try { - return await this.authorizedLoader.load(id); - } catch (err) { log.error(err.message); } - } - - find({ lastCreatedAt = 0, limit = 10, baseQuery = {} }, me, resolver) { - try { - const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); - const finalQuery = {...baseQuery, ...authQuery, createdAt: { $gt: lastCreatedAt }}; - return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); - } catch (err){ log.error(err.message); } - } -======= -======= ->>>>>>> merge correction - ... - const { me, User } = context; - let authQuery; - try { - authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User }, authlog('tweet findOneLoader', 'readOne', me)); - } catch (err) { - log.error(err.message); - authQuery = {_id: false}; - } - this.unauthorizedLoader = new DataLoader(ids => findByIds(this.collection, ids)); - this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); - ... - } -======= - constructor(context) { - ... - let authQuery; - try { - const { me, User } = context; - authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User }, authlog('tweet findOneById', 'readOne', me)); - } catch (err) { - log.error(err.message); - authQuery = {_id: false}; // otherwise admin access - } - this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); - } ->>>>>>> authorization-simple -... -async findOneById(id, me, resolver) { - try { - return await this.authorizedLoader.load(id); - } catch (err) { log.error(err.message); } -} - -find({ lastCreatedAt = 0, limit = 10, baseQuery = { createdAt: { $gt: lastCreatedAt } } }, me, resolver) { - try { - const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); - const finalQuery = {...baseQuery, ...authQuery}; - return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); - } catch (err){ log.error(err.message); } -} ->>>>>>> new authorization version from 2017-07-17 -======= } async findOneById(id, me, resolver) { @@ -441,7 +272,6 @@ find({ lastCreatedAt = 0, limit = 10, baseQuery = { createdAt: { $gt: lastCreate return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } catch (err){ log.error(err.message); } } ->>>>>>> PR adjustments + npm package ... } ``` @@ -449,72 +279,15 @@ find({ lastCreatedAt = 0, limit = 10, baseQuery = { createdAt: { $gt: lastCreate ### ./model/Tweet.js generated model file for the above input type Tweet.graphql considering the @authorize directive. You can see, the directive argument "read" is used to express "readOne" and "readMany" at the same time. Instead you can use "readOne" and "readMany" for fine grained control on read operations, to allow access to just one record or many records. ```javascript -<<<<<<< HEAD -<<<<<<< HEAD -<<<<<<< HEAD -import DataLoader from 'dataloader'; -import { findByIds, queryForRoles, getLogFilename, logger, authlog, checkAuthDoc } from 'create-graphql-server-authorization'; -const log = logger(getLogFilename()); -======= -iimport log from '../server/logger'; -import DataLoader from 'dataloader'; -import { findByIds, queryForRoles, fieldForRoles, fieldContainsUserId, authorizedFields, authlog } from '../server/authorize'; ->>>>>>> new authorization version from 2017-07-17 -======= -import log from '../server/logger'; -import DataLoader from 'dataloader'; -import { findByIds, queryForRoles, authlog, checkAuthDoc } from '../server/authorize'; ->>>>>>> authorization-simple -======= import DataLoader from 'dataloader'; import { findByIds, queryForRoles, getLogFilename, logger, authlog, checkAuthDoc } from 'create-graphql-server-authorization'; const log = logger(getLogFilename()); ->>>>>>> PR adjustments + npm package export default class Tweet { constructor(context) { this.context = context; this.collection = context.db.collection('tweet'); this.pubsub = context.pubsub; -<<<<<<< HEAD -<<<<<<< HEAD -<<<<<<< HEAD - let authQuery; - try { - const { me, User } = context; - authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User }, authlog('tweet findOneById', 'readOne', me)); - } catch (err) { - log.error(err.message); - authQuery = {_id: false}; // otherwise admin access - } - this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); -======= - this.loaders = (_user = {}, resolver = '') => ({ - readOne: new DataLoader(ids => new Promise( async (resolve, reject) => { - try { - const authQuery = queryForRoles(_user, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readOne', _user)); - const result = await findByIds(this.collection, ids, authQuery); - resolve(result); - } catch (err) { reject(err); } - })), - }); ->>>>>>> applied changes - } - - async findOneById(id, me, resolver) { - try { - return await this.authorizedLoader.load(id); - } catch (err) { log.error(err.message); } - } - - find({ lastCreatedAt = 0, limit = 10, baseQuery = {} }, me, resolver) { - try { - const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); - const finalQuery = {...baseQuery, ...authQuery, createdAt: { $gt: lastCreatedAt }}; -======= - const { me, User } = context; -======= ->>>>>>> authorization-simple let authQuery; try { const { me, User } = context; @@ -535,18 +308,11 @@ export default class Tweet { find({ lastCreatedAt = 0, limit = 10, baseQuery = {} }, me, resolver) { try { const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); -<<<<<<< HEAD - const finalQuery = {...baseQuery, ...authQuery}; ->>>>>>> new authorization version from 2017-07-17 -======= const finalQuery = {...baseQuery, ...authQuery, createdAt: { $gt: lastCreatedAt }}; ->>>>>>> PR adjustments + npm package return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } catch (err){ log.error(err.message); } } -<<<<<<< HEAD -<<<<<<< HEAD createdBy(tweet, me, resolver) { return this.context.User.findOneById(tweet.createdById, me, resolver); } @@ -561,7 +327,6 @@ export default class Tweet { coauthors(tweet, { lastCreatedAt = 0, limit = 10 }, me, resolver) { const baseQuery = {_id: { $in: tweet.coauthorsIds } }; -<<<<<<< HEAD return this.context.User.find({ lastCreatedAt, limit, baseQuery }, me, resolver); } @@ -573,115 +338,31 @@ export default class Tweet { async insert(doc, me, resolver) { try { -======= - author(tweet, me, resolver = 'tweet author') { - return this.context.User.getOneById(tweet.authorId, me, resolver); -======= - createdBy(tweet, me, resolver) { - return this.context.User.findOneById(tweet.createdById, me, resolver); ->>>>>>> authorization-simple - } - - updatedBy(tweet, me, resolver) { - return this.context.User.findOneById(tweet.updatedById, me, resolver); - } - - author(tweet, me, resolver) { - return this.context.User.findOneById(tweet.authorId, me, resolver); - } - - coauthors(tweet, { lastCreatedAt = 0, limit = 10 }, me, resolver) { - const baseQuery = {_id: { $in: tweet.coauthorsIds }, createdAt: { $gt: lastCreatedAt } }; -======= ->>>>>>> PR adjustments + npm package - return this.context.User.find({ lastCreatedAt, limit, baseQuery }, me, resolver); - } - - likers(tweet, { lastCreatedAt = 0, limit = 10 }, me, resolver) { - const baseQuery = {likedIds: tweet._id, createdAt: { $gt: lastCreatedAt } }; - return this.context.User.find({ lastCreatedAt, limit, baseQuery }, me, resolver); - } - - async insert(doc, me, resolver) { - try { -<<<<<<< HEAD -<<<<<<< HEAD - let insertedDoc = null; ->>>>>>> new authorization version from 2017-07-17 -======= ->>>>>>> authorization-simple -======= - ->>>>>>> PR adjustments + npm package let docToInsert = Object.assign({}, doc, { createdAt: Date.now(), updatedAt: Date.now(), createdById: (me && me._id) ? me._id : 'unknown', updatedById: (me && me._id) ? me._id : 'unknown', }); -<<<<<<< HEAD -<<<<<<< HEAD - log.debug(JSON.stringify(docToInsert, null, 2)); - - checkAuthDoc(docToInsert, me, ['admin'], ['authorId'], { User: this.context.User }, authlog(resolver, 'create', me)); - const id = (await this.collection.insertOne(docToInsert)).insertedId; - if (!id) { - throw new Error(`insert tweet not possible.`); - } - - log.debug(`inserted tweet ${id}.`); - const insertedDoc = this.findOneById(id, me, 'pubsub tweetInserted'); -======= - - const authQuery = queryForRoles(me, ['admin'], ['authorId'], { User: this.context.User }, authlog(resolver, 'create', me)); - - const docRoleFields = ['authorId'].map(key => ({ [key]: docToInsert[key] }) ); - if (Object.keys(authQuery).length > 0 && !fieldContainsUserId(docRoleFields, me._id)) { - throw new Error('Not authorized to insert tweet'); - } - -======= log.debug(JSON.stringify(docToInsert, null, 2)); checkAuthDoc(docToInsert, me, ['admin'], ['authorId'], { User: this.context.User }, authlog(resolver, 'create', me)); ->>>>>>> authorization-simple const id = (await this.collection.insertOne(docToInsert)).insertedId; if (!id) { throw new Error(`insert tweet not possible.`); } log.debug(`inserted tweet ${id}.`); -<<<<<<< HEAD - insertedDoc = this.getOneById(id, me, 'pubsub tweetInserted'); ->>>>>>> new authorization version from 2017-07-17 -======= const insertedDoc = this.findOneById(id, me, 'pubsub tweetInserted'); ->>>>>>> authorization-simple this.pubsub.publish('tweetInserted', insertedDoc); return insertedDoc; } catch (err){ log.error(err.message); } } -<<<<<<< HEAD -<<<<<<< HEAD - async updateById(id, doc, me, resolver) { - try { - -======= - async updateById(id, doc, me, resolver = 'update tweet') { - try { - let updatedDoc = null; - const docBefore = await this.getOneById(id, me, 'tweet getOneById in updateById for docBefore'); ->>>>>>> new authorization version from 2017-07-17 -======= async updateById(id, doc, me, resolver) { try { -<<<<<<< HEAD ->>>>>>> authorization-simple -======= ->>>>>>> PR adjustments + npm package let docToUpdate = {$set: Object.assign({}, doc, { updatedAt: Date.now(), updatedById: (me && me._id) ? me._id : 'unknown', @@ -689,153 +370,54 @@ export default class Tweet { const baseQuery = {_id: id}; const authQuery = queryForRoles(me, ['admin'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'update', me)); -<<<<<<< HEAD -<<<<<<< HEAD - const finalQuery = {...baseQuery, ...authQuery}; - const result = await this.collection.updateOne(finalQuery, docToUpdate); - if (result.result.ok !== 1 || result.result.n !== 1){ -======= - - const finalQuery = {...baseQuery, ...authQuery}; - const result = await this.collection.updateOne(finalQuery, docToUpdate); - if (result.result.ok !== 1 || result.result.n !== 1){ - log.error(`update tweet failed finalQuery:`, JSON.stringify(finalQuery, null, 2)); - log.error('update tweet failed for docToUpdate:', JSON.stringify(docToUpdate, null, 2)); ->>>>>>> new authorization version from 2017-07-17 -======= const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.updateOne(finalQuery, docToUpdate); if (result.result.ok !== 1 || result.result.n !== 1){ ->>>>>>> authorization-simple throw new Error(`update tweet not possible for ${id}.`); } log.debug(`updated tweet ${id}.`); -<<<<<<< HEAD -<<<<<<< HEAD - this.authorizedLoader.clear(id); - const updatedDoc = this.findOneById(id, me, 'pubsub tweetUpdated'); -======= - this.unauthorizedLoader.clear(id); - this.authorizedLoader.clear(id); - - updatedDoc = this.getOneById(id, me, 'pubsub tweetUpdated'); ->>>>>>> new authorization version from 2017-07-17 -======= this.authorizedLoader.clear(id); const updatedDoc = this.findOneById(id, me, 'pubsub tweetUpdated'); ->>>>>>> authorization-simple this.pubsub.publish('tweetUpdated', updatedDoc); return updatedDoc; } catch (err){ log.error(err.message); } } -<<<<<<< HEAD -<<<<<<< HEAD - async removeById(id, me, resolver) { - try { - -======= - async removeById(id, me, resolver = 'remove tweet') { - try { - const docBefore = this.getOneById(id, me, 'tweet getOneById in removeById for docBefore'); ->>>>>>> new authorization version from 2017-07-17 -======= async removeById(id, me, resolver) { try { -<<<<<<< HEAD ->>>>>>> authorization-simple -======= ->>>>>>> PR adjustments + npm package const baseQuery = {_id: id}; const authQuery = queryForRoles(me, ['admin'], ['authorId'], { User: this.context.User }, authlog(resolver, 'delete', me)); const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.remove(finalQuery); -<<<<<<< HEAD -<<<<<<< HEAD - if (result.result.ok !== 1 || result.result.n !== 1){ -======= - if (result.result.ok !== 1 || result.result.n !== 1){ - log.error(`remove tweet failed for finalQuery:`, JSON.stringify(finalQuery, null, 2)); ->>>>>>> new authorization version from 2017-07-17 -======= - if (result.result.ok !== 1 || result.result.n !== 1){ ->>>>>>> authorization-simple throw new Error(`remove tweet not possible for ${id}.`); } log.debug(`removed tweet ${id}.`); -<<<<<<< HEAD -<<<<<<< HEAD - this.authorizedLoader.clear(id); - this.pubsub.publish('tweetRemoved', id); - return result; - -======= - this.unauthorizedLoader.clear(id); -======= ->>>>>>> authorization-simple this.authorizedLoader.clear(id); this.pubsub.publish('tweetRemoved', id); return result; -<<<<<<< HEAD -<<<<<<< HEAD - ->>>>>>> new authorization version from 2017-07-17 -======= ->>>>>>> authorization-simple -======= ->>>>>>> PR adjustments + npm package } catch (err){ log.error(err.message); } } } ``` ### ./model/User.js -<<<<<<< HEAD -<<<<<<< HEAD -generated model file for the above input type User.graphql considering the @authorize directive. -======= -generated model file for the above input type User.graphql: -this.auth is generated by the @authorize directive. Here also with field authorizations. - ->>>>>>> new authorization version from 2017-07-17 -```javascript -import DataLoader from 'dataloader'; -<<<<<<< HEAD -<<<<<<< HEAD -<<<<<<< HEAD -import { findByIds, queryForRoles, getLogFilename, logger, authlog, checkAuthDoc, protectFields } from 'create-graphql-server-authorization'; -const log = logger(getLogFilename()); -======= -import { findByIds, queryForRoles, fieldForRoles, fieldContainsUserId, authorizedFields, authlog } from '../server/authorize'; ->>>>>>> new authorization version from 2017-07-17 -======= -import { findByIds, queryForRoles, authlog, checkAuthDoc } from '../server/authorize'; ->>>>>>> authorization-simple -======= -import { findByIds, queryForRoles, authlog, checkAuthDoc, protectFields } from '../server/authorize'; ->>>>>>> authorization -======= generated model file for the above input type User.graphql considering the @authorize directive. ```javascript import DataLoader from 'dataloader'; import { findByIds, queryForRoles, getLogFilename, logger, authlog, checkAuthDoc, protectFields } from 'create-graphql-server-authorization'; const log = logger(getLogFilename()); ->>>>>>> PR adjustments + npm package export default class User { constructor(context) { this.context = context; this.collection = context.db.collection('user'); this.pubsub = context.pubsub; -<<<<<<< HEAD -<<<<<<< HEAD -<<<<<<< HEAD this.authRole = User.authRole; let authQuery; try { @@ -846,147 +428,13 @@ export default class User { authQuery = {_id: false}; // otherwise admin access } this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); -======= - this._user = {}; - this.loaders = (_user = {}, resolver = '') => ({ - readOneWithoutAuth: new DataLoader(ids => new Promise( async (resolve, reject) => { - try { - const result = await findByIds(this.collection, ids, {}); - resolve(result); - } catch (err) { reject(err); } - })), - readOne: new DataLoader(ids => new Promise( async (resolve, reject) => { - try { - const authQuery = queryForRoles(_user, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'readOne', _user)); - const result = await findByIds(this.collection, ids, authQuery); - resolve(result); - } catch (err) { reject(err); } - })), - }); ->>>>>>> applied changes - } - -======= - const { me } = context; - this.authRole = User.authRole; // otherwise not accessible in queryForRoles -======= - this.authRole = User.authRole; ->>>>>>> authorization-simple - let authQuery; - try { - const { me } = context; - authQuery = queryForRoles(me, ['admin'], ['_id'], { User }, authlog('user findOneById', 'readOne', me)); - } catch (err) { - log.error(err.message); - authQuery = {_id: false}; // otherwise admin access - } - this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); } -<<<<<<< HEAD - // returns the role of the user ->>>>>>> new authorization version from 2017-07-17 -======= ->>>>>>> authorization-simple static authRole(user){ return (user && user.role) ? user.role : null; } -<<<<<<< HEAD -<<<<<<< HEAD - async findOneById(id, me, resolver) { - try { - return await this.authorizedLoader.load(id); - } catch (err) { log.error(err.message); } - } - - find({ lastCreatedAt = 0, limit = 10, baseQuery = { createdAt: { $gt: lastCreatedAt } } }, me, resolver) { - try { - const authQuery = queryForRoles(me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'readMany', me)); - const finalQuery = {...baseQuery, ...authQuery}; - return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); - } catch (err) { log.error(err.message); } - } - - tweets(user, { minLikes, lastCreatedAt = 0, limit = 10 }, me, resolver) { - const baseQuery = { authorId: user._id, createdAt: { $gt: lastCreatedAt } }; - return this.context.Tweet.find({ lastCreatedAt, limit, baseQuery }, me, resolver); - } - - liked(user, { lastCreatedAt = 0, limit = 10 }, me, resolver) { - const baseQuery = { _id: { $in: user.likedIds || [] }, createdAt: { $gt: lastCreatedAt } }; - return this.context.Tweet.find({ lastCreatedAt, limit, baseQuery }, me, resolver); - } - - following(user, { lastCreatedAt = 0, limit = 10 }, me, resolver) { - const baseQuery = { _id: { $in: user.followingIds || [] }, createdAt: { $gt: lastCreatedAt } }; - return this.context.User.find({ lastCreatedAt, limit, baseQuery }, me, resolver); - } - - followers(user, { lastCreatedAt = 0, limit = 10 }, me, resolver) { - const baseQuery = { followingIds: user._id, createdAt: { $gt: lastCreatedAt } }; - return this.context.User.find({ lastCreatedAt, limit, baseQuery }, me, resolver); - } - - createdBy(user, me, resolver) { - return this.context.User.findOneById(user.createdById, me, resolver); - } - - updatedBy(user, me, resolver) { - return this.context.User.findOneById(user.updatedById, me, resolver); - } - - async insert(doc, me, resolver) { - try { - let docToInsert = Object.assign({}, doc, { - createdAt: Date.now(), - updatedAt: Date.now(), - createdById: (me && me._id) ? me._id : 'unknown', - updatedById: (me && me._id) ? me._id : 'unknown', - }); - checkAuthDoc(docToInsert, me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'create', me)); - docToInsert = protectFields(me, ['admin'], ['role'], docToInsert, { User: this.context.User }); - const id = (await this.collection.insertOne(docToInsert)).insertedId; - if (!id) { - throw new Error(`insert user not possible.`); - } - log.debug(`inserted user ${id}.`); - const insertedDoc = this.findOneById(id, me, 'pubsub userInserted'); - this.pubsub.publish('userInserted', insertedDoc); - return insertedDoc; - } catch (err) { log.error(err.message); } - } - - async updateById(id, doc, me, resolver) { - try { - let docToUpdate = {$set: Object.assign({}, doc, { - updatedAt: Date.now(), - updatedById: (me && me._id) ? me._id : 'unknown', - })}; - const baseQuery = {_id: id}; - const authQuery = queryForRoles(me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'update', me)); - const finalQuery = {...baseQuery, ...authQuery}; - docToUpdate.$set = protectFields(me, ['admin'], ['role'], docToUpdate.$set, { User: this.context.User }); - const result = await this.collection.updateOne(finalQuery, docToUpdate); - if (result.result.ok !== 1 || result.result.n !== 1){ - throw new Error(`update user not possible for ${id}.`); - } - log.debug(`updated user ${id}.`); - this.authorizedLoader.clear(id); - const updatedDoc = this.findOneById(id, me, 'pubsub userUpdated') - this.pubsub.publish('userUpdated', updatedDoc); - return updatedDoc; - } catch (err) { log.error(err.message); } - } - - async removeById(id, me, resolver) { - try { -======= - // used from server calls, without authorization checks, NOT for use in resolvers - async findOneById(id, me = {}, resolver = 'user findOneById') { -======= async findOneById(id, me, resolver) { ->>>>>>> authorization-simple try { return await this.authorizedLoader.load(id); } catch (err) { log.error(err.message); } @@ -1073,48 +521,22 @@ export default class User { async removeById(id, me, resolver) { try { -<<<<<<< HEAD - const docBefore = await this.findOneById(id, me, 'user findOneById in removeById for docBefore'); ->>>>>>> new authorization version from 2017-07-17 -======= ->>>>>>> authorization-simple const baseQuery = {_id: id}; const authQuery = queryForRoles(me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'delete', me)); const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.remove(finalQuery); if (result.result.ok !== 1 || result.result.n !== 1){ -<<<<<<< HEAD -<<<<<<< HEAD - throw new Error(`remove user not possible for ${id}.`); - } - log.debug(`removed user ${id}.`); - this.authorizedLoader.clear(id); - this.pubsub.publish('userRemoved', id); - return result; -======= - log.error(`remove user failed for finalQuery:`, JSON.stringify(finalQuery, null, 2)); -======= ->>>>>>> authorization-simple throw new Error(`remove user not possible for ${id}.`); } log.debug(`removed user ${id}.`); this.authorizedLoader.clear(id); this.pubsub.publish('userRemoved', id); return result; -<<<<<<< HEAD - ->>>>>>> new authorization version from 2017-07-17 -======= ->>>>>>> authorization-simple } catch (err) { log.error(err.message); } } } ``` -<<<<<<< HEAD -<<<<<<< HEAD -======= ->>>>>>> PR adjustments + npm package As you can see in both model header lines, we are using a specialized npm package "create-graphql-server-authorization". ## create-graphql-server-authorization @@ -1126,19 +548,10 @@ npm install create-graphql-server-authorization This uses the following functions from that module: -<<<<<<< HEAD -======= ->>>>>>> new authorization version from 2017-07-17 -======= ->>>>>>> PR adjustments + npm package ### function authlog A logging function that understands "resolvers", "modes" and "users". Simple wrapper around whatever logging function we use. ```javascript -<<<<<<< HEAD -<<<<<<< HEAD -======= ->>>>>>> PR adjustments + npm package /* * Central logger for authorization checks * @param {string} resolver @@ -1158,7 +571,6 @@ function authlog(resolver = "", mode = "", me = {}) { ? me.username : ""}" ${message}`; -<<<<<<< HEAD return { debug: message => { const resultMessage = makeMessage(message); @@ -1170,27 +582,6 @@ function authlog(resolver = "", mode = "", me = {}) { log.error(resultMessage); throw new Error(makeMessage(message)); } -======= -// central logger for authorization checks -export function authlog(resolver = '', mode = '', me = {}) { - const makeMessage = (message) => `Authorize ${mode} "${resolver}" with user "${me.username ? me.username : ''}" ${message}`; - return { - debug: (message) => log.debug(makeMessage(message)), - error: (message) => {throw new Error(makeMessage(message))}, ->>>>>>> new authorization version from 2017-07-17 -======= - return { - debug: message => { - const resultMessage = makeMessage(message); - log.debug(resultMessage); - return resultMessage; - }, - error: message => { - const resultMessage = makeMessage(message); - log.error(resultMessage); - throw new Error(makeMessage(message)); - } ->>>>>>> PR adjustments + npm package }; } ``` @@ -1199,10 +590,6 @@ export function authlog(resolver = '', mode = '', me = {}) { This is an extended version of [mongo-find-by-ids](https://github.com/tmeasday/mongo-find-by-ids). The enhancement is only to provide an additional authQuery object, to extend the query to meet additional authorizations. ```javascript -<<<<<<< HEAD -<<<<<<< HEAD -======= ->>>>>>> PR adjustments + npm package /* * find a record by id (cached with dataloader) * returns the record, cached if already read, checks authorization if set @@ -1221,134 +608,6 @@ function findByIds(collection, ids = [], authQuery) { }); return ids.map(id => idMap[id]); }); -<<<<<<< HEAD -} - -module.exports = findByIds; -``` - -### function protectFields -Use function protectFields to protect single fields from access. Provide signed in user in "me", the authorized User roles for the protected field(s) - meaning the user who is allowed to access the field -, provide an array with protected fields, and the current document object, which is to be checked for protected fields and the User model context. - -```javascript -/* - * Protects a field based on authorizations - * @param {object} me - * @param {array} authorizedUserRoles - * @param {array} protectedFields - * @param {object} inputObject - * @param {object} User - * @return {object} result - */ -function protectFields( - me = {}, - authorizedUserRoles = [], - protectedFields = [], - inputObject = {}, - { User } = { User: dummyUserContext } -) { - // pure function - const result = Object.assign({}, inputObject); - - // getting role of current User - const role = User.authRole(me); - - // if user is not allowed to access specific fields, remove field from object... - if (!authorizedUserRoles.includes(role)) { - protectedFields.forEach(protectedField => { - if (result[protectedField]) delete result[protectedField]; - }); - } - - return result; -} -``` - -### function checkAuthDoc -Use function checkAuthDoc to check and get back the document. Especially used in insert operations, to figure out, if the toBeInsertedDoc is valid to be added by this userRole, docRole and action. - -```javascript -/* - * Returns an authorized document - * @param {object} doc - * @param {object} me - * @param {array} userRoles - * @param {array} docRoles - * @param {object} User - * @param {function} logger - * @return {object} doc - */ - -function checkAuthDoc( - doc = {}, - me = {}, - userRoles = [], - docRoles = [], - { User }, - logger = defaultLogger -) { - let resultDoc = Object.assign({}, doc); - - // get the User's role - const role = User.authRole(me); - - // check if userRole entitles current user for this action - if (userRoleAuthorized(me, userRoles, { User }, logger)) { - logger.debug(`and role: "${role}" is authorized by userRole.`); - return resultDoc; - } - - // check if docRole entitles current user for this document and action - let authorized = false; - docRoles.every(field => { - if ( - resultDoc[field] && - me._id && - fieldContainsUserId(resultDoc[field], me._id) - ) { - authorized = true; - } - }); - if (authorized) { - logger.debug(`and role: "${role}" is authorized by docRole.`); - return resultDoc; - } - - // Not Authorized, throw exception in logger.error - logger.error(`and role: "${role}" is not authorized.`); -} -``` - - -### function loggedIn -Use function loggedIn, to check if a user is logged in. - -```javascript -/* - * Checks if an user is logged in - * @param {object} me - * @return {boolean} loggedIn - */ - -function loggedIn(me) { - if (me && me._id && me._id.toString() !== "") { - return true; - } - return false; -======= -// returns the record, cached if already read, checks authorization if set -// enhancement of tmeasday'findByIds -export function findByIds(collection, ids = [], authQuery) { - const baseQuery = { _id: { $in: ids } }; - const finalQuery = {...baseQuery, ...authQuery}; - return collection.find(finalQuery).toArray().then(docs => { - const idMap = {}; - docs.forEach(d => { idMap[d._id] = d; }); - return ids.map(id => idMap[id]); - }); ->>>>>>> new authorization version from 2017-07-17 -======= ->>>>>>> PR adjustments + npm package } module.exports = findByIds; @@ -1470,10 +729,6 @@ Use function queryForRoles to generate an authQuery object. It expects the following arguments: ```javascript -<<<<<<< HEAD -<<<<<<< HEAD -======= ->>>>>>> PR adjustments + npm package /* * Prepare a query object for mongodb operations with authorization queries * creates an authQuery object with additional query arguments, to implement authorization restrictions for mongodb access @@ -1499,35 +754,15 @@ function queryForRoles( logger.error(` is not authorized, due to authorization data.`); // get current User's role -<<<<<<< HEAD - const role = User.authRole(me); - - // Build query for the case: The logged in user's role is authorized - if (userRoleAuthorized(me, userRoles, { User }, logger)) { - return {}; // empty authQuery means, do operation with no access restrictions -======= -// creates an authQuery object with additional query arguments, to implement authorization restrictions for mongodb access -export function queryForRoles(me = {}, userRoles = [], docRoles = [], { User }, logger) { -======= ->>>>>>> PR adjustments + npm package const role = User.authRole(me); // Build query for the case: The logged in user's role is authorized if (userRoleAuthorized(me, userRoles, { User }, logger)) { -<<<<<<< HEAD - return {}; // empty authQuery means, do operation with no access restrictions ->>>>>>> new authorization version from 2017-07-17 -======= return {}; // empty authQuery means, do operation with no access restrictions ->>>>>>> PR adjustments + npm package } // Build query for the case: The user is listed in any document field const query = { $or: [] }; -<<<<<<< HEAD -<<<<<<< HEAD -======= ->>>>>>> PR adjustments + npm package // makes only sense, if user is logged in - otherwise no userId if (loggedIn(me)) { // prepare selection criterias as "authQuery" object @@ -1550,24 +785,9 @@ export function queryForRoles(me = {}, userRoles = [], docRoles = [], { User }, // return the query as authQuery for later selection return query; } -<<<<<<< HEAD - } - - // Not Authorized - throw exception in logger.error -======= - if (loggedIn(me)){ - docRoles.forEach(docRole => query.$or.push( { [docRole]: me._id } ) ); - logger.debug(`and role: "${role ? role : ''}" with \nauthQuery: ${JSON.stringify(query, null, 2)}`); - if (query.$or.length > 0) return query; - } - - // Not Authorized ->>>>>>> new authorization version from 2017-07-17 -======= } // Not Authorized - throw exception in logger.error ->>>>>>> PR adjustments + npm package const message = `and role: "${role}" is not authorized.`; logger.error(message); } @@ -1578,17 +798,8 @@ It expects the following arguments with the meanings: * **userRoles:** an array with userRoles, which was generated by the @authorize directives in the .graphql file * **docRoles:** an array with docRoles, which was generated by the @authorize directives in the .graphql file * **User:** User context to access the User model -<<<<<<< HEAD -<<<<<<< HEAD -* **logger:** logging function e.g. ```js authlog(resolver, mode, me) ``` - * **resolver:** this is a string with the resolver's name, optional, only for easier debugging -======= -* **logger:** logging function e.g. authlog(resolver, mode, me) ->>>>>>> new authorization version from 2017-07-17 -======= * **logger:** logging function e.g. ```js authlog(resolver, mode, me) ``` * **resolver:** this is a string with the resolver's name, optional, only for easier debugging ->>>>>>> PR adjustments + npm package * **mode:** this is the current mode of operation: * **create:** insert a record to the database * **read:** read a record or many records from the database @@ -1596,8 +807,6 @@ It expects the following arguments with the meanings: * **readMany:** read many records from the the database * **update:** update a record in the database * **delete:** remove a record from the database -<<<<<<< HEAD -<<<<<<< HEAD * **me:** the user object, who is executing the request, and who is checked for authorization ### function userRoleAuthorized @@ -1636,54 +845,6 @@ function userRoleAuthorized( ) { // => authorized logger.debug(`and role "${role ? role : ""}" is authorized`); -======= - * **resolver:** this is a string with the resolver's name, optional, only for easier debugging -======= ->>>>>>> PR adjustments + npm package - * **me:** the user object, who is executing the request, and who is checked for authorization - -### function userRoleAuthorized -This helper function is used by queryForRoles, and decides, if a user gains the authorization by its role. -For example: If a user has a field "role" in his user document and it contains the value "admin". So it checks if a user's role is admin, and allows all operations for admins. -```javascript -/* - * Is a user's role authorized for a document - * @param {object} me - * @param {array} userRoles - * @param {object} User - * @param {object} logger - * @return {boolean} authorized - */ - -// returns true, if the user's role is authorized for a document -function userRoleAuthorized( - me = {}, - userRoles = [], - { User } = { User: dummyUserContext }, - logger = defaultLogger -) { - // on insufficient authorization data, it cannot be authorized - if (!User || !User.authRole || !me || !userRoles) return false; - - // get current User's role - const role = User.authRole(me); - -<<<<<<< HEAD - if ( userRoles.includes('world') || role && userRoles.length > 0 && userRoles.includes(role) ) { - logger.debug(`and role "${role ? role : ''}" is authorized`); ->>>>>>> new authorization version from 2017-07-17 -======= - // determine, if the given userRoles authorize the current User by its role - if ( - // userRole: "world" should authorize everyone - known and unknown users - userRoles.includes("world") || - // or there must be a userRole given, and current user must have a role - // and the current user's role must be in the given userRoles - (role && role !== "" && userRoles.length > 0 && userRoles.includes(role)) - ) { - // => authorized - logger.debug(`and role "${role ? role : ""}" is authorized`); ->>>>>>> PR adjustments + npm package return true; } @@ -1716,7 +877,6 @@ function fieldContainsUserId(docRoleField, compressedUserId) { compressedUserId.toString() === "" ) return false; -<<<<<<< HEAD // extract userId, if it is a mongoID field const userId = extractUserId(compressedUserId); @@ -1724,15 +884,6 @@ function fieldContainsUserId(docRoleField, compressedUserId) { // empty (uncompressed) userId is not a valid userId if (!userId || userId === "") return false; -======= - - // extract userId, if it is a mongoID field - const userId = extractUserId(compressedUserId); - - // empty (uncompressed) userId is not a valid userId - if (!userId || userId === "") return false; - ->>>>>>> PR adjustments + npm package // docRoleField of type Array if (_.isArray(docRoleField)) { docRoleField.forEach(field => { @@ -1758,10 +909,6 @@ function fieldContainsUserId(docRoleField, compressedUserId) { if (found) return true; return false; } -<<<<<<< HEAD -<<<<<<< HEAD -======= ->>>>>>> PR adjustments + npm package // docRoleField of type field if (docRoleField.toString() === userId.toString()) { @@ -1769,12 +916,6 @@ function fieldContainsUserId(docRoleField, compressedUserId) { } return false; -<<<<<<< HEAD -======= - return found; ->>>>>>> new authorization version from 2017-07-17 -======= ->>>>>>> PR adjustments + npm package } ``` @@ -1787,11 +928,6 @@ In the resolver interfaces, there are different objects: * the last argument in the resolver function is the resolver's name, which is optional and only to enhance the logging in debugging mode by additional information. If you have to analyze authorization outcomes, this helps a lot to figure out, which resolvers authorization rule fired. ```javascript -<<<<<<< HEAD -<<<<<<< HEAD -<<<<<<< HEAD -======= ->>>>>>> PR adjustments + npm package const resolvers = { User: { id(user) { @@ -1852,133 +988,6 @@ In the resolver interfaces, there are different objects: }; export default resolvers; -<<<<<<< HEAD -======= - const resolvers = { - User: { - id(user) { - return user._id; - }, - - createdBy(user, args, { User, me }) { - return User.createdBy(user, me, 'createdBy'); - }, - - updatedBy(user, args, { User, me }) { - return User.updatedBy(user, me, 'updatedBy'); - }, - - tweets(user, { minLikes, lastCreatedAt, limit }, { User, me }) { - return User.tweets(user, { minLikes, lastCreatedAt, limit }, me, 'tweets'); - }, - - liked(user, { lastCreatedAt, limit }, { User, me }) { - return User.liked(user, { lastCreatedAt, limit }, me, 'liked'); - }, - - following(user, { lastCreatedAt, limit }, { User, me }) { - return User.following(user, { lastCreatedAt, limit }, me, 'following'); - }, - - followers(user, { lastCreatedAt, limit }, { User, me }) { - return User.followers(user, { lastCreatedAt, limit }, me, 'followers'); - }, - }, - Query: { - users(root, { lastCreatedAt, limit }, { User, me }) { - return User.all({ lastCreatedAt, limit }, me, 'users'); - }, - - user(root, { id }, { User, me }) { - return User.getOneById(id, me, 'user'); - }, - }, - Mutation: { - async createUser(root, { input }, { User, me }) { - return await User.insert(input, me); - }, - - async updateUser(root, { id, input }, { User, me }) { - return await User.updateById(id, input, me); - }, - - async removeUser(root, { id }, { User, me }) { - return await User.removeById(id, me, 'removeUser'); - }, - }, - Subscription: { - userCreated: user => user, - userUpdated: user => user, - userRemoved: id => id, - }, - }; - - export default resolvers; ->>>>>>> new authorization version from 2017-07-17 -======= - const resolvers = { - User: { - id(user) { - return user._id; - }, - - createdBy(user, args, { User, me }) { - return User.createdBy(user, me, 'user createdBy'); - }, - - updatedBy(user, args, { User, me }) { - return User.updatedBy(user, me, 'user updatedBy'); - }, - - tweets(user, { minLikes, lastCreatedAt, limit }, { User, me }) { - return User.tweets(user, { minLikes, lastCreatedAt, limit }, me, 'user tweets'); - }, - - liked(user, { lastCreatedAt, limit }, { User, me }) { - return User.liked(user, { lastCreatedAt, limit }, me, 'user liked'); - }, - - following(user, { lastCreatedAt, limit }, { User, me }) { - return User.following(user, { lastCreatedAt, limit }, me, 'user following'); - }, - - followers(user, { lastCreatedAt, limit }, { User, me }) { - return User.followers(user, { lastCreatedAt, limit }, me, 'user followers'); - }, - }, - Query: { - users(root, { lastCreatedAt, limit }, { User, me }) { - return User.find({ lastCreatedAt, limit }, me, 'users'); - }, - - user(root, { id }, { User, me }) { - return User.findOneById(id, me, 'user'); - }, - }, - Mutation: { - async createUser(root, { input }, { User, me }) { - return await User.insert(input, me, 'createUser'); - }, - - async updateUser(root, { id, input }, { User, me }) { - return await User.updateById(id, input, me, 'updateUser'); - }, - - async removeUser(root, { id }, { User, me }) { - return await User.removeById(id, me, 'removeUser'); - }, - }, - Subscription: { - userCreated: user => user, - userUpdated: user => user, - userRemoved: id => id, - }, - }; - - export default resolvers; ->>>>>>> authorization-simple -======= ->>>>>>> PR adjustments + npm package ``` ### ./resolver/Tweet.js @@ -1997,8 +1006,6 @@ In the resolver interfaces, there are different objects: }, author(tweet, args, { Tweet, me }) { -<<<<<<< HEAD -<<<<<<< HEAD return Tweet.author(tweet, me, 'tweet author'); }, @@ -2016,82 +1023,24 @@ In the resolver interfaces, there are different objects: likers(tweet, { lastCreatedAt, limit }, { Tweet, me }) { return Tweet.likers(tweet, { lastCreatedAt, limit }, me, 'tweet likers'); -======= - return Tweet.author(tweet, me, 'author'); -======= - return Tweet.author(tweet, me, 'tweet author'); ->>>>>>> authorization-simple - }, - - createdBy(tweet, args, { Tweet, me }) { - return Tweet.createdBy(tweet, me, 'tweet createdBy'); - }, - - updatedBy(tweet, args, { Tweet, me }) { - return Tweet.updatedBy(tweet, me, 'tweet updatedBy'); - }, - - coauthors(tweet, { lastCreatedAt, limit }, { Tweet, me }) { - return Tweet.coauthors(tweet, { lastCreatedAt, limit }, me, 'tweet coauthors'); - }, - - likers(tweet, { lastCreatedAt, limit }, { Tweet, me }) { -<<<<<<< HEAD - return Tweet.likers(tweet, { lastCreatedAt, limit }, me, 'likers'); ->>>>>>> new authorization version from 2017-07-17 -======= - return Tweet.likers(tweet, { lastCreatedAt, limit }, me, 'tweet likers'); ->>>>>>> authorization-simple }, }, Query: { tweets(root, { lastCreatedAt, limit }, { Tweet, me }) { -<<<<<<< HEAD -<<<<<<< HEAD return Tweet.find({ lastCreatedAt, limit }, me, 'tweets'); }, tweet(root, { id }, { Tweet, me }) { return Tweet.findOneById(id, me, 'tweet'); -======= - return Tweet.all({ lastCreatedAt, limit }, me, 'tweets'); - }, - - tweet(root, { id }, { Tweet, me }) { - return Tweet.getOneById(id, me, 'tweet'); ->>>>>>> new authorization version from 2017-07-17 -======= - return Tweet.find({ lastCreatedAt, limit }, me, 'tweets'); - }, - - tweet(root, { id }, { Tweet, me }) { - return Tweet.findOneById(id, me, 'tweet'); ->>>>>>> authorization-simple }, }, Mutation: { async createTweet(root, { input }, { Tweet, me }) { -<<<<<<< HEAD -<<<<<<< HEAD - return await Tweet.insert(input, me, 'createTweet'); - }, - - async updateTweet(root, { id, input }, { Tweet, me }) { - return await Tweet.updateById(id, input, me, 'updateTweet'); -======= - return await Tweet.insert(input, me); - }, - - async updateTweet(root, { id, input }, { Tweet, me }) { - return await Tweet.updateById(id, input, me); ->>>>>>> new authorization version from 2017-07-17 -======= return await Tweet.insert(input, me, 'createTweet'); }, async updateTweet(root, { id, input }, { Tweet, me }) { return await Tweet.updateById(id, input, me, 'updateTweet'); ->>>>>>> authorization-simple }, async removeTweet(root, { id }, { Tweet, me }) { diff --git a/test/output-app/log/all-logs-readable.log b/test/output-app/log/all-logs-readable.log index 57d1909..e6b65e9 100644 --- a/test/output-app/log/all-logs-readable.log +++ b/test/output-app/log/all-logs-readable.log @@ -1,2 +1,4469 @@ -2017-08-18 18:18:08 Logger started -2017-08-18 18:18:25 Logger started +2017-08-18 18:23:51 Logger started +2017-08-18 18:24:30 -------------------------------------------------------------------------------- +2017-08-18 18:24:30 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-08-18 18:24:30 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:24:30 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:24:30 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 18:25:15 -------------------------------------------------------------------------------- +2017-08-18 18:25:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 -------------------------------------------------------------------------------- +2017-08-18 18:25:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + role + username + } +} + +2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 -------------------------------------------------------------------------------- +2017-08-18 18:25:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + role + username + } +} + +2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 -------------------------------------------------------------------------------- +2017-08-18 18:25:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca2") { + role + username + } +} + +2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 -------------------------------------------------------------------------------- +2017-08-18 18:25:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + id + username + bio + } +} + +2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 -------------------------------------------------------------------------------- +2017-08-18 18:25:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users { + username + createdAt + } +} + +2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 -------------------------------------------------------------------------------- +2017-08-18 18:25:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(limit: 1) { + username + createdAt + } +} + +2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 -------------------------------------------------------------------------------- +2017-08-18 18:25:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993) { + username + createdAt + } +} + +2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 -------------------------------------------------------------------------------- +2017-08-18 18:25:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } +} + +2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 -------------------------------------------------------------------------------- +2017-08-18 18:25:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers { + username + createdAt + } + } +} + +2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 -------------------------------------------------------------------------------- +2017-08-18 18:25:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(limit: 1) { + username + createdAt + } + } +} + +2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 -------------------------------------------------------------------------------- +2017-08-18 18:25:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 -------------------------------------------------------------------------------- +2017-08-18 18:25:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 -------------------------------------------------------------------------------- +2017-08-18 18:25:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following { + username + createdAt + } + } +} + +2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 -------------------------------------------------------------------------------- +2017-08-18 18:25:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(limit: 1) { + username + createdAt + } + } +} + +2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 -------------------------------------------------------------------------------- +2017-08-18 18:25:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 -------------------------------------------------------------------------------- +2017-08-18 18:25:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 -------------------------------------------------------------------------------- +2017-08-18 18:25:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets { + id + createdAt + } + } +} + +2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 -------------------------------------------------------------------------------- +2017-08-18 18:25:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(limit: 1) { + id + createdAt + } + } +} + +2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 -------------------------------------------------------------------------------- +2017-08-18 18:25:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } + } +} + +2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 -------------------------------------------------------------------------------- +2017-08-18 18:25:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } + } +} + +2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 -------------------------------------------------------------------------------- +2017-08-18 18:25:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked { + id + createdAt + } + } +} + +2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 -------------------------------------------------------------------------------- +2017-08-18 18:25:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(limit: 1) { + id + createdAt + } + } +} + +2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 -------------------------------------------------------------------------------- +2017-08-18 18:25:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334) { + id + createdAt + } + } +} + +2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 -------------------------------------------------------------------------------- +2017-08-18 18:25:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334, limit: 1) { + id + createdAt + } + } +} + +2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 -------------------------------------------------------------------------------- +2017-08-18 18:25:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + id + body + } +} + +2017-08-18 18:25:15 -------------------------------------------------------------------------------- +2017-08-18 18:25:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + author { + username + } + } +} + +2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 -------------------------------------------------------------------------------- +2017-08-18 18:25:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets { + id + createdAt + } +} + +2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 -------------------------------------------------------------------------------- +2017-08-18 18:25:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(limit: 1) { + id + createdAt + } +} + +2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 -------------------------------------------------------------------------------- +2017-08-18 18:25:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } +} + +2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:16 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:16 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers { + username + createdAt + } + } +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:16 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(limit: 1) { + username + createdAt + } + } +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:16 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993) { + username + createdAt + } + } +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:16 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } + } +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:16 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { + id + role + } +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:16 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:16 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-18 18:25:16 inserted user 599714ecbea537ee0bde4ffe. +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "tobkle", role: "admin", id: "599714ecbea537ee0bde4ffe", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:25:16 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:25:16 inserted user 599714ecbea537ee0bde4fff. +2017-08-18 18:25:16 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "tobkle", role: "admin", id: "599714ecbea537ee0bde4ffe", +Operation: "", variables: "", +Query: +{ + user(id: "599714ecbea537ee0bde4fff") { + username + bio + role + } +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "tobkle", role: "admin", id: "599714ecbea537ee0bde4ffe", +Operation: "", variables: "", +Query: +{ + user(id: "599714ecbea537ee0bde4ffe") { + username + role + } +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "tobkle", role: "admin", id: "599714ecbea537ee0bde4ffe", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599714ecbea537ee0bde4fff", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:25:16 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:25:16 updated user 599714ecbea537ee0bde4fff. +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "tobkle", role: "admin", id: "599714ecbea537ee0bde4ffe", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599714ecbea537ee0bde4ffe", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:25:16 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:25:16 updated user 599714ecbea537ee0bde4ffe. +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "tobkle", role: "admin", id: "599714ecbea537ee0bde4ffe", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599714ecbea537ee0bde4fff", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + username + bio + role + } +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:25:16 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:25:16 updated user 599714ecbea537ee0bde4fff. +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "tobkle", role: "admin", id: "599714ecbea537ee0bde4ffe", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599714ecbea537ee0bde4ffe", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:25:16 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:25:16 updated user 599714ecbea537ee0bde4ffe. +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "tobkle", role: "editor", id: "599714ecbea537ee0bde4ffe", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599714ecbea537ee0bde4ffe", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599714ecbea537ee0bde4ffe" + } + ] +} +2017-08-18 18:25:16 updated user 599714ecbea537ee0bde4ffe. +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-18 18:25:16 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599714ecbea537ee0bde4ffe" + } + ] +} +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "zoltan", role: "admin", id: "599714ecbea537ee0bde4fff", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599714ecbea537ee0bde4ffe", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'zoltan' and role 'admin' is authorized +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'zoltan' and role 'admin' is authorized +2017-08-18 18:25:16 Authorize update 'updateUser' with user 'zoltan' and role 'admin' is authorized +2017-08-18 18:25:16 updated user 599714ecbea537ee0bde4ffe. +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "tobkle", role: "admin", id: "599714ecbea537ee0bde4ffe", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "599714ecbea537ee0bde4fff") +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:25:16 removed user 599714ecbea537ee0bde4fff. +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:25:16 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "tobkle", role: "admin", id: "599714ecbea537ee0bde4ffe", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "599714ecbea537ee0bde4ffe", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:25:16 { + "authorId": "599714ecbea537ee0bde4ffe", + "body": "This is a test tweet of user tobkle", + "coauthorsIds": [], + "createdAt": 1503073516162, + "updatedAt": 1503073516162, + "createdById": "599714ecbea537ee0bde4ffe", + "updatedById": "599714ecbea537ee0bde4ffe" +} +2017-08-18 18:25:16 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:25:16 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-18 18:25:16 inserted tweet 599714ecbea537ee0bde5000. +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 { + "authorId": "583291a1638566b3c5a92ca1", + "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", + "coauthorsIds": [], + "createdAt": 1503073516181, + "updatedAt": 1503073516181, + "createdById": "599714ecbea537ee0bde4ffe", + "updatedById": "599714ecbea537ee0bde4ffe" +} +2017-08-18 18:25:16 Request: +User: "tobkle", role: "admin", id: "599714ecbea537ee0bde4ffe", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "tobkle", role: "admin", id: "599714ecbea537ee0bde4ffe", +Operation: "", variables: "", +Query: +{ + tweet(id: "599714ecbea537ee0bde5000") { + author { + id + } + body + } +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:25:16 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:25:16 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-18 18:25:16 inserted tweet 599714ecbea537ee0bde5001. +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "tobkle", role: "admin", id: "599714ecbea537ee0bde4ffe", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "tobkle", role: "admin", id: "599714ecbea537ee0bde4ffe", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "599714ecbea537ee0bde5000", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:25:16 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:25:16 updated tweet 599714ecbea537ee0bde5000. +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "tobkle", role: "admin", id: "599714ecbea537ee0bde4ffe", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "599714ecbea537ee0bde5001", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:25:16 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:25:16 updated tweet 599714ecbea537ee0bde5001. +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "tobkle", role: "admin", id: "599714ecbea537ee0bde4ffe", +Operation: "", variables: "", +Query: +{ + tweet(id: "599714ecbea537ee0bde5000") { + body + } +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "tobkle", role: "admin", id: "599714ecbea537ee0bde4ffe", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "599714ecbea537ee0bde5000") +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:25:16 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:25:16 removed tweet 599714ecbea537ee0bde5000. +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "tobkle", role: "admin", id: "599714ecbea537ee0bde4ffe", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "599714ecbea537ee0bde5001") +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:25:16 removed tweet 599714ecbea537ee0bde5001. +2017-08-18 18:25:16 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "tobkle", role: "admin", id: "599714ecbea537ee0bde4ffe", +Operation: "", variables: "", +Query: +{ + tweet(id: "599714ecbea537ee0bde5000") { + body + } +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "tobkle", role: "admin", id: "599714ecbea537ee0bde4ffe", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "599714ecbea537ee0bde4ffe") +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:25:16 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:25:16 removed user 599714ecbea537ee0bde4ffe. +2017-08-18 18:25:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 ERROR Cannot read property 'load' of undefined +2017-08-18 18:25:16 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "599714ecbea537ee0bde4ffe") { + username + bio + role + } +} + +2017-08-18 18:25:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 18:25:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-18 18:25:16 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-08-18 18:25:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 18:25:16 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-18 18:25:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 ERROR Cannot read property 'load' of undefined +2017-08-18 18:25:16 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-18 18:25:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 18:25:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. +2017-08-18 18:25:16 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-18 18:25:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 18:25:16 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. +2017-08-18 18:25:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-18 18:25:16 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-18 18:25:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 18:25:16 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-18 18:25:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-18 18:25:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 18:25:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 { + "authorId": "583291a1638566b3c5a92ca1", + "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", + "coauthorsIds": [], + "createdAt": 1503073516330, + "updatedAt": 1503073516330, + "createdById": "unknown", + "updatedById": "unknown" +} +2017-08-18 18:25:16 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-18 18:25:16 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-18 18:25:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 18:25:16 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-18 18:25:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-18 18:25:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 18:25:16 ERROR Cannot read property 'load' of undefined +2017-08-18 18:25:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-18 18:25:16 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-18 18:25:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 18:25:16 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-18 18:25:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-18 18:25:16 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-18 18:25:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 18:25:16 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-18 18:25:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-18 18:25:16 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-18 18:25:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 18:25:16 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { + id + role + } +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:16 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:16 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-18 18:25:16 inserted user 599714ecbea537ee0bde5002. +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. +2017-08-18 18:25:16 Request: +User: "tobkle", role: "user", id: "599714ecbea537ee0bde5002", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599714ecbea537ee0bde5002" + } + ] +} +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:25:16 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "tobkle", role: "user", id: "599714ecbea537ee0bde5002", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599714ecbea537ee0bde5002" + } + ] +} +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "tobkle", role: "user", id: "599714ecbea537ee0bde5002", +Operation: "", variables: "", +Query: +{ + user(id: "599714ecbea537ee0bde5002") { + username + } +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599714ecbea537ee0bde5002" + } + ] +} +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "tobkle", role: "user", id: "599714ecbea537ee0bde5002", +Operation: "", variables: "", +Query: +{ + user(id: "599714ecbea537ee0bde5002") { + username + role + } +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599714ecbea537ee0bde5002" + } + ] +} +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "tobkle", role: "user", id: "599714ecbea537ee0bde5002", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599714ecbea537ee0bde5002" + } + ] +} +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:25:16 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599714ecbea537ee0bde5002" + } + ] +} +2017-08-18 18:25:16 ERROR update user not possible for 583291a1638566b3c5a92ca1. +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "tobkle", role: "user", id: "599714ecbea537ee0bde5002", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599714ecbea537ee0bde5002", input: {username: "tobkle", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599714ecbea537ee0bde5002" + } + ] +} +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:25:16 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599714ecbea537ee0bde5002" + } + ] +} +2017-08-18 18:25:16 updated user 599714ecbea537ee0bde5002. +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "tobkle", role: "user", id: "599714ecbea537ee0bde5002", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599714ecbea537ee0bde5002", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599714ecbea537ee0bde5002" + } + ] +} +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:25:16 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599714ecbea537ee0bde5002" + } + ] +} +2017-08-18 18:25:16 updated user 599714ecbea537ee0bde5002. +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "tobkle", role: "user", id: "599714ecbea537ee0bde5002", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599714ecbea537ee0bde5002" + } + ] +} +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:25:16 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599714ecbea537ee0bde5002" + } + ] +} +2017-08-18 18:25:16 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 { + "authorId": "599714ecbea537ee0bde5002", + "body": "This is a test tweet of user tobkle", + "coauthorsIds": [], + "createdAt": 1503073516446, + "updatedAt": 1503073516446, + "createdById": "599714ecbea537ee0bde5002", + "updatedById": "599714ecbea537ee0bde5002" +} +2017-08-18 18:25:16 Request: +User: "tobkle", role: "user", id: "599714ecbea537ee0bde5002", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "599714ecbea537ee0bde5002", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599714ecbea537ee0bde5002" + } + ] +} +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:25:16 Authorize create 'createTweet' with user 'tobkle' and role: 'user' is authorized by docRole. +2017-08-18 18:25:16 inserted tweet 599714ecbea537ee0bde5003. +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 { + "authorId": "583291a1638566b3c5a92ca1", + "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", + "coauthorsIds": [], + "createdAt": 1503073516456, + "updatedAt": 1503073516456, + "createdById": "599714ecbea537ee0bde5002", + "updatedById": "599714ecbea537ee0bde5002" +} +2017-08-18 18:25:16 Request: +User: "tobkle", role: "user", id: "599714ecbea537ee0bde5002", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599714ecbea537ee0bde5002" + } + ] +} +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:25:16 Authorize create 'createTweet' with user 'tobkle' and role: 'user' is authorized by docRole. +2017-08-18 18:25:16 inserted tweet 599714ecbea537ee0bde5004. +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "tobkle", role: "user", id: "599714ecbea537ee0bde5002", +Operation: "", variables: "", +Query: +{ + tweet(id: "599714ecbea537ee0bde5003") { + author { + id + } + body + } +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599714ecbea537ee0bde5002" + } + ] +} +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "tobkle", role: "user", id: "599714ecbea537ee0bde5002", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599714ecbea537ee0bde5002" + } + ] +} +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "tobkle", role: "user", id: "599714ecbea537ee0bde5002", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "599714ecbea537ee0bde5003", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599714ecbea537ee0bde5002" + } + ] +} +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:25:16 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "599714ecbea537ee0bde5002" + }, + { + "coauthorsIds": "599714ecbea537ee0bde5002" + } + ] +} +2017-08-18 18:25:16 updated tweet 599714ecbea537ee0bde5003. +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "tobkle", role: "user", id: "599714ecbea537ee0bde5002", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599714ecbea537ee0bde5002" + } + ] +} +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:25:16 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "599714ecbea537ee0bde5002" + }, + { + "coauthorsIds": "599714ecbea537ee0bde5002" + } + ] +} +2017-08-18 18:25:16 ERROR update tweet not possible for 583676d3618530145474e352. +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "tobkle", role: "user", id: "599714ecbea537ee0bde5002", +Operation: "", variables: "", +Query: +{ + tweet(id: "599714ecbea537ee0bde5003") { + body + } +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599714ecbea537ee0bde5002" + } + ] +} +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "tobkle", role: "user", id: "599714ecbea537ee0bde5002", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "599714ecbea537ee0bde5003") +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599714ecbea537ee0bde5002" + } + ] +} +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:25:16 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "599714ecbea537ee0bde5002" + } + ] +} +2017-08-18 18:25:16 removed tweet 599714ecbea537ee0bde5003. +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "tobkle", role: "user", id: "599714ecbea537ee0bde5002", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599714ecbea537ee0bde5002" + } + ] +} +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:25:16 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "599714ecbea537ee0bde5002" + } + ] +} +2017-08-18 18:25:16 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "tobkle", role: "user", id: "599714ecbea537ee0bde5002", +Operation: "", variables: "", +Query: +{ + tweet(id: "599714ecbea537ee0bde5003") { + body + } +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599714ecbea537ee0bde5002" + } + ] +} +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "tobkle", role: "user", id: "599714ecbea537ee0bde5002", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "599714ecbea537ee0bde5002") +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599714ecbea537ee0bde5002" + } + ] +} +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:25:16 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599714ecbea537ee0bde5002" + } + ] +} +2017-08-18 18:25:16 removed user 599714ecbea537ee0bde5002. +2017-08-18 18:25:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 ERROR Cannot read property 'load' of undefined +2017-08-18 18:25:16 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "599714ecbea537ee0bde5002") { + username + bio + role + } +} + +2017-08-18 18:25:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { + id + role + } +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:16 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:25:16 inserted user 599714ecbea537ee0bde5005. +2017-08-18 18:25:16 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. +2017-08-18 18:25:16 Request: +User: "tobkle", role: "editor", id: "599714ecbea537ee0bde5005", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599714ecbea537ee0bde5005" + } + ] +} +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-18 18:25:16 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "tobkle", role: "editor", id: "599714ecbea537ee0bde5005", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599714ecbea537ee0bde5005" + } + ] +} +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "tobkle", role: "editor", id: "599714ecbea537ee0bde5005", +Operation: "", variables: "", +Query: +{ + user(id: "599714ecbea537ee0bde5005") { + username + role + } +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599714ecbea537ee0bde5005" + } + ] +} +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "tobkle", role: "editor", id: "599714ecbea537ee0bde5005", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599714ecbea537ee0bde5005" + } + ] +} +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-18 18:25:16 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599714ecbea537ee0bde5005" + } + ] +} +2017-08-18 18:25:16 ERROR update user not possible for 583291a1638566b3c5a92ca1. +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "tobkle", role: "editor", id: "599714ecbea537ee0bde5005", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599714ecbea537ee0bde5005", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599714ecbea537ee0bde5005" + } + ] +} +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-18 18:25:16 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599714ecbea537ee0bde5005" + } + ] +} +2017-08-18 18:25:16 updated user 599714ecbea537ee0bde5005. +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "tmeasday", role: "editor", id: "599714ecbea537ee0bde5005", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599714ecbea537ee0bde5005", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599714ecbea537ee0bde5005" + } + ] +} +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-18 18:25:16 Authorize update 'updateUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599714ecbea537ee0bde5005" + } + ] +} +2017-08-18 18:25:16 updated user 599714ecbea537ee0bde5005. +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "tmeasday", role: "editor", id: "599714ecbea537ee0bde5005", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599714ecbea537ee0bde5005" + } + ] +} +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-18 18:25:16 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599714ecbea537ee0bde5005" + } + ] +} +2017-08-18 18:25:16 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 { + "authorId": "599714ecbea537ee0bde5005", + "body": "This is a test tweet of user tobkle", + "coauthorsIds": [], + "createdAt": 1503073516595, + "updatedAt": 1503073516595, + "createdById": "599714ecbea537ee0bde5005", + "updatedById": "599714ecbea537ee0bde5005" +} +2017-08-18 18:25:16 Request: +User: "tmeasday", role: "editor", id: "599714ecbea537ee0bde5005", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "599714ecbea537ee0bde5005", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599714ecbea537ee0bde5005" + } + ] +} +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-18 18:25:16 Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is authorized by docRole. +2017-08-18 18:25:16 inserted tweet 599714ecbea537ee0bde5006. +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 { + "authorId": "583291a1638566b3c5a92ca1", + "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", + "coauthorsIds": [], + "createdAt": 1503073516603, + "updatedAt": 1503073516603, + "createdById": "599714ecbea537ee0bde5005", + "updatedById": "599714ecbea537ee0bde5005" +} +2017-08-18 18:25:16 Request: +User: "tmeasday", role: "editor", id: "599714ecbea537ee0bde5005", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599714ecbea537ee0bde5005" + } + ] +} +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-18 18:25:16 Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is authorized by docRole. +2017-08-18 18:25:16 inserted tweet 599714ecbea537ee0bde5007. +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "tmeasday", role: "editor", id: "599714ecbea537ee0bde5005", +Operation: "", variables: "", +Query: +{ + tweet(id: "599714ecbea537ee0bde5006") { + author { + id + } + body + } +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599714ecbea537ee0bde5005" + } + ] +} +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "tmeasday", role: "editor", id: "599714ecbea537ee0bde5005", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599714ecbea537ee0bde5005" + } + ] +} +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "tmeasday", role: "editor", id: "599714ecbea537ee0bde5005", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "599714ecbea537ee0bde5006", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599714ecbea537ee0bde5005" + } + ] +} +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-18 18:25:16 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "599714ecbea537ee0bde5005" + }, + { + "coauthorsIds": "599714ecbea537ee0bde5005" + } + ] +} +2017-08-18 18:25:16 updated tweet 599714ecbea537ee0bde5006. +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "tmeasday", role: "editor", id: "599714ecbea537ee0bde5005", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599714ecbea537ee0bde5005" + } + ] +} +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-18 18:25:16 ERROR update tweet not possible for 583676d3618530145474e352. +2017-08-18 18:25:16 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "599714ecbea537ee0bde5005" + }, + { + "coauthorsIds": "599714ecbea537ee0bde5005" + } + ] +} +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "tmeasday", role: "editor", id: "599714ecbea537ee0bde5005", +Operation: "", variables: "", +Query: +{ + tweet(id: "599714ecbea537ee0bde5006") { + body + } +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599714ecbea537ee0bde5005" + } + ] +} +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "tmeasday", role: "editor", id: "599714ecbea537ee0bde5005", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "599714ecbea537ee0bde5006") +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599714ecbea537ee0bde5005" + } + ] +} +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-18 18:25:16 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "599714ecbea537ee0bde5005" + } + ] +} +2017-08-18 18:25:16 removed tweet 599714ecbea537ee0bde5006. +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "tmeasday", role: "editor", id: "599714ecbea537ee0bde5005", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599714ecbea537ee0bde5005" + } + ] +} +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-18 18:25:16 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "599714ecbea537ee0bde5005" + } + ] +} +2017-08-18 18:25:16 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "tmeasday", role: "editor", id: "599714ecbea537ee0bde5005", +Operation: "", variables: "", +Query: +{ + tweet(id: "599714ecbea537ee0bde5006") { + body + } +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599714ecbea537ee0bde5005" + } + ] +} +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 Request: +User: "tmeasday", role: "editor", id: "599714ecbea537ee0bde5005", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "599714ecbea537ee0bde5005") +} + +2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599714ecbea537ee0bde5005" + } + ] +} +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-18 18:25:16 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599714ecbea537ee0bde5005" + } + ] +} +2017-08-18 18:25:16 removed user 599714ecbea537ee0bde5005. +2017-08-18 18:25:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:25:16 -------------------------------------------------------------------------------- +2017-08-18 18:25:16 ERROR Cannot read property 'load' of undefined +2017-08-18 18:25:16 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "599714ecbea537ee0bde5005") { + username + bio + role + } +} + +2017-08-18 18:25:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 18:30:21 Logger started +2017-08-18 18:30:49 Logger started +2017-08-18 18:32:20 -------------------------------------------------------------------------------- +2017-08-18 18:32:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-08-18 18:32:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:32:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:04 -------------------------------------------------------------------------------- +2017-08-18 18:33:04 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-08-18 18:33:04 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:04 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:04 -------------------------------------------------------------------------------- +2017-08-18 18:33:04 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + role + username + } +} + +2017-08-18 18:33:04 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:04 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:04 -------------------------------------------------------------------------------- +2017-08-18 18:33:04 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + role + username + } +} + +2017-08-18 18:33:04 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:04 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:04 -------------------------------------------------------------------------------- +2017-08-18 18:33:04 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca2") { + role + username + } +} + +2017-08-18 18:33:04 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:04 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:04 -------------------------------------------------------------------------------- +2017-08-18 18:33:04 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + id + username + bio + } +} + +2017-08-18 18:33:04 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:04 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:04 -------------------------------------------------------------------------------- +2017-08-18 18:33:04 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users { + username + createdAt + } +} + +2017-08-18 18:33:04 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:04 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:04 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:04 -------------------------------------------------------------------------------- +2017-08-18 18:33:04 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(limit: 1) { + username + createdAt + } +} + +2017-08-18 18:33:04 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:04 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:04 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:04 -------------------------------------------------------------------------------- +2017-08-18 18:33:04 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993) { + username + createdAt + } +} + +2017-08-18 18:33:04 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:04 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:04 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:04 -------------------------------------------------------------------------------- +2017-08-18 18:33:04 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } +} + +2017-08-18 18:33:04 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:04 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:04 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:04 -------------------------------------------------------------------------------- +2017-08-18 18:33:04 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers { + username + createdAt + } + } +} + +2017-08-18 18:33:04 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:04 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:04 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:04 -------------------------------------------------------------------------------- +2017-08-18 18:33:04 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(limit: 1) { + username + createdAt + } + } +} + +2017-08-18 18:33:04 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:04 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:04 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following { + username + createdAt + } + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(limit: 1) { + username + createdAt + } + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets { + id + createdAt + } + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(limit: 1) { + id + createdAt + } + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked { + id + createdAt + } + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(limit: 1) { + id + createdAt + } + } +} + +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334) { + id + createdAt + } + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334, limit: 1) { + id + createdAt + } + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + id + body + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + author { + username + } + } +} + +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets { + id + createdAt + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(limit: 1) { + id + createdAt + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers { + username + createdAt + } + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(limit: 1) { + username + createdAt + } + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993) { + username + createdAt + } + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { + id + role + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-18 18:33:05 inserted user 599716c1646636eeda59e8e7. +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "tobkle", role: "admin", id: "599716c1646636eeda59e8e7", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:33:05 inserted user 599716c1646636eeda59e8e8. +2017-08-18 18:33:05 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "tobkle", role: "admin", id: "599716c1646636eeda59e8e7", +Operation: "", variables: "", +Query: +{ + user(id: "599716c1646636eeda59e8e8") { + username + bio + role + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "tobkle", role: "admin", id: "599716c1646636eeda59e8e7", +Operation: "", variables: "", +Query: +{ + user(id: "599716c1646636eeda59e8e7") { + username + role + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "tobkle", role: "admin", id: "599716c1646636eeda59e8e7", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599716c1646636eeda59e8e8", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:33:05 updated user 599716c1646636eeda59e8e8. +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "tobkle", role: "admin", id: "599716c1646636eeda59e8e7", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599716c1646636eeda59e8e7", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:33:05 updated user 599716c1646636eeda59e8e7. +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "tobkle", role: "admin", id: "599716c1646636eeda59e8e7", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599716c1646636eeda59e8e8", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + username + bio + role + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:33:05 updated user 599716c1646636eeda59e8e8. +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "tobkle", role: "admin", id: "599716c1646636eeda59e8e7", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599716c1646636eeda59e8e7", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:33:05 updated user 599716c1646636eeda59e8e7. +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "tobkle", role: "editor", id: "599716c1646636eeda59e8e7", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599716c1646636eeda59e8e7", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599716c1646636eeda59e8e7" + } + ] +} +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-18 18:33:05 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599716c1646636eeda59e8e7" + } + ] +} +2017-08-18 18:33:05 updated user 599716c1646636eeda59e8e7. +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "zoltan", role: "admin", id: "599716c1646636eeda59e8e8", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599716c1646636eeda59e8e7", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'zoltan' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'zoltan' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize update 'updateUser' with user 'zoltan' and role 'admin' is authorized +2017-08-18 18:33:05 updated user 599716c1646636eeda59e8e7. +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "tobkle", role: "admin", id: "599716c1646636eeda59e8e7", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "599716c1646636eeda59e8e8") +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:33:05 removed user 599716c1646636eeda59e8e8. +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "tobkle", role: "admin", id: "599716c1646636eeda59e8e7", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "599716c1646636eeda59e8e7", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:33:05 { + "authorId": "599716c1646636eeda59e8e7", + "body": "This is a test tweet of user tobkle", + "coauthorsIds": [], + "createdAt": 1503073985322, + "updatedAt": 1503073985322, + "createdById": "599716c1646636eeda59e8e7", + "updatedById": "599716c1646636eeda59e8e7" +} +2017-08-18 18:33:05 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:33:05 inserted tweet 599716c1646636eeda59e8e9. +2017-08-18 18:33:05 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 { + "authorId": "583291a1638566b3c5a92ca1", + "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", + "coauthorsIds": [], + "createdAt": 1503073985331, + "updatedAt": 1503073985331, + "createdById": "599716c1646636eeda59e8e7", + "updatedById": "599716c1646636eeda59e8e7" +} +2017-08-18 18:33:05 Request: +User: "tobkle", role: "admin", id: "599716c1646636eeda59e8e7", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-18 18:33:05 inserted tweet 599716c1646636eeda59e8ea. +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "tobkle", role: "admin", id: "599716c1646636eeda59e8e7", +Operation: "", variables: "", +Query: +{ + tweet(id: "599716c1646636eeda59e8e9") { + author { + id + } + body + } +} + +2017-08-18 18:33:05 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "tobkle", role: "admin", id: "599716c1646636eeda59e8e7", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "tobkle", role: "admin", id: "599716c1646636eeda59e8e7", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "599716c1646636eeda59e8e9", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:33:05 updated tweet 599716c1646636eeda59e8e9. +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "tobkle", role: "admin", id: "599716c1646636eeda59e8e7", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "599716c1646636eeda59e8ea", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:33:05 updated tweet 599716c1646636eeda59e8ea. +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "tobkle", role: "admin", id: "599716c1646636eeda59e8e7", +Operation: "", variables: "", +Query: +{ + tweet(id: "599716c1646636eeda59e8e9") { + body + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "tobkle", role: "admin", id: "599716c1646636eeda59e8e7", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "599716c1646636eeda59e8e9") +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:33:05 removed tweet 599716c1646636eeda59e8e9. +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "tobkle", role: "admin", id: "599716c1646636eeda59e8e7", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "599716c1646636eeda59e8ea") +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:33:05 removed tweet 599716c1646636eeda59e8ea. +2017-08-18 18:33:05 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "tobkle", role: "admin", id: "599716c1646636eeda59e8e7", +Operation: "", variables: "", +Query: +{ + tweet(id: "599716c1646636eeda59e8e9") { + body + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "tobkle", role: "admin", id: "599716c1646636eeda59e8e7", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "599716c1646636eeda59e8e7") +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:33:05 removed user 599716c1646636eeda59e8e7. +2017-08-18 18:33:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 ERROR Cannot read property 'load' of undefined +2017-08-18 18:33:05 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "599716c1646636eeda59e8e7") { + username + bio + role + } +} + +2017-08-18 18:33:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 18:33:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-18 18:33:05 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-08-18 18:33:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 18:33:05 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-18 18:33:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 ERROR Cannot read property 'load' of undefined +2017-08-18 18:33:05 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-18 18:33:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 18:33:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. +2017-08-18 18:33:05 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-18 18:33:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 18:33:05 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. +2017-08-18 18:33:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-18 18:33:05 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-18 18:33:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 18:33:05 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-18 18:33:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-18 18:33:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 18:33:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 { + "authorId": "583291a1638566b3c5a92ca1", + "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", + "coauthorsIds": [], + "createdAt": 1503073985476, + "updatedAt": 1503073985476, + "createdById": "unknown", + "updatedById": "unknown" +} +2017-08-18 18:33:05 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-18 18:33:05 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-18 18:33:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 18:33:05 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-18 18:33:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-18 18:33:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 18:33:05 ERROR Cannot read property 'load' of undefined +2017-08-18 18:33:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-18 18:33:05 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-18 18:33:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 18:33:05 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-18 18:33:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-18 18:33:05 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-18 18:33:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 18:33:05 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-18 18:33:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-18 18:33:05 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-18 18:33:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 18:33:05 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { + id + role + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 inserted user 599716c1646636eeda59e8eb. +2017-08-18 18:33:05 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. +2017-08-18 18:33:05 Request: +User: "tobkle", role: "user", id: "599716c1646636eeda59e8eb", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599716c1646636eeda59e8eb" + } + ] +} +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:33:05 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "tobkle", role: "user", id: "599716c1646636eeda59e8eb", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599716c1646636eeda59e8eb" + } + ] +} +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "tobkle", role: "user", id: "599716c1646636eeda59e8eb", +Operation: "", variables: "", +Query: +{ + user(id: "599716c1646636eeda59e8eb") { + username + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599716c1646636eeda59e8eb" + } + ] +} +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "tobkle", role: "user", id: "599716c1646636eeda59e8eb", +Operation: "", variables: "", +Query: +{ + user(id: "599716c1646636eeda59e8eb") { + username + role + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599716c1646636eeda59e8eb" + } + ] +} +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "tobkle", role: "user", id: "599716c1646636eeda59e8eb", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599716c1646636eeda59e8eb" + } + ] +} +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:33:05 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599716c1646636eeda59e8eb" + } + ] +} +2017-08-18 18:33:05 ERROR update user not possible for 583291a1638566b3c5a92ca1. +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "tobkle", role: "user", id: "599716c1646636eeda59e8eb", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599716c1646636eeda59e8eb", input: {username: "tobkle", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599716c1646636eeda59e8eb" + } + ] +} +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:33:05 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599716c1646636eeda59e8eb" + } + ] +} +2017-08-18 18:33:05 updated user 599716c1646636eeda59e8eb. +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "tobkle", role: "user", id: "599716c1646636eeda59e8eb", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599716c1646636eeda59e8eb", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599716c1646636eeda59e8eb" + } + ] +} +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:33:05 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599716c1646636eeda59e8eb" + } + ] +} +2017-08-18 18:33:05 updated user 599716c1646636eeda59e8eb. +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "tobkle", role: "user", id: "599716c1646636eeda59e8eb", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599716c1646636eeda59e8eb" + } + ] +} +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:33:05 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599716c1646636eeda59e8eb" + } + ] +} +2017-08-18 18:33:05 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 { + "authorId": "599716c1646636eeda59e8eb", + "body": "This is a test tweet of user tobkle", + "coauthorsIds": [], + "createdAt": 1503073985579, + "updatedAt": 1503073985579, + "createdById": "599716c1646636eeda59e8eb", + "updatedById": "599716c1646636eeda59e8eb" +} +2017-08-18 18:33:05 Request: +User: "tobkle", role: "user", id: "599716c1646636eeda59e8eb", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "599716c1646636eeda59e8eb", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599716c1646636eeda59e8eb" + } + ] +} +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:33:05 Authorize create 'createTweet' with user 'tobkle' and role: 'user' is authorized by docRole. +2017-08-18 18:33:05 inserted tweet 599716c1646636eeda59e8ec. +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 { + "authorId": "583291a1638566b3c5a92ca1", + "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", + "coauthorsIds": [], + "createdAt": 1503073985587, + "updatedAt": 1503073985587, + "createdById": "599716c1646636eeda59e8eb", + "updatedById": "599716c1646636eeda59e8eb" +} +2017-08-18 18:33:05 Request: +User: "tobkle", role: "user", id: "599716c1646636eeda59e8eb", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-18 18:33:05 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599716c1646636eeda59e8eb" + } + ] +} +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:33:05 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "tobkle", role: "user", id: "599716c1646636eeda59e8eb", +Operation: "", variables: "", +Query: +{ + tweet(id: "599716c1646636eeda59e8ec") { + author { + id + } + body + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599716c1646636eeda59e8eb" + } + ] +} +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "tobkle", role: "user", id: "599716c1646636eeda59e8eb", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599716c1646636eeda59e8eb" + } + ] +} +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "tobkle", role: "user", id: "599716c1646636eeda59e8eb", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "599716c1646636eeda59e8ec", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599716c1646636eeda59e8eb" + } + ] +} +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:33:05 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "599716c1646636eeda59e8eb" + }, + { + "coauthorsIds": "599716c1646636eeda59e8eb" + } + ] +} +2017-08-18 18:33:05 updated tweet 599716c1646636eeda59e8ec. +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "tobkle", role: "user", id: "599716c1646636eeda59e8eb", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599716c1646636eeda59e8eb" + } + ] +} +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:33:05 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "599716c1646636eeda59e8eb" + }, + { + "coauthorsIds": "599716c1646636eeda59e8eb" + } + ] +} +2017-08-18 18:33:05 ERROR update tweet not possible for 583676d3618530145474e352. +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "tobkle", role: "user", id: "599716c1646636eeda59e8eb", +Operation: "", variables: "", +Query: +{ + tweet(id: "599716c1646636eeda59e8ec") { + body + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599716c1646636eeda59e8eb" + } + ] +} +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "tobkle", role: "user", id: "599716c1646636eeda59e8eb", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "599716c1646636eeda59e8ec") +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599716c1646636eeda59e8eb" + } + ] +} +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:33:05 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "599716c1646636eeda59e8eb" + } + ] +} +2017-08-18 18:33:05 removed tweet 599716c1646636eeda59e8ec. +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "tobkle", role: "user", id: "599716c1646636eeda59e8eb", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599716c1646636eeda59e8eb" + } + ] +} +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:33:05 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "599716c1646636eeda59e8eb" + } + ] +} +2017-08-18 18:33:05 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "tobkle", role: "user", id: "599716c1646636eeda59e8eb", +Operation: "", variables: "", +Query: +{ + tweet(id: "599716c1646636eeda59e8ec") { + body + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599716c1646636eeda59e8eb" + } + ] +} +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "tobkle", role: "user", id: "599716c1646636eeda59e8eb", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "599716c1646636eeda59e8eb") +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599716c1646636eeda59e8eb" + } + ] +} +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:33:05 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599716c1646636eeda59e8eb" + } + ] +} +2017-08-18 18:33:05 removed user 599716c1646636eeda59e8eb. +2017-08-18 18:33:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 ERROR Cannot read property 'load' of undefined +2017-08-18 18:33:05 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "599716c1646636eeda59e8eb") { + username + bio + role + } +} + +2017-08-18 18:33:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { + id + role + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:33:05 inserted user 599716c1646636eeda59e8ed. +2017-08-18 18:33:05 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. +2017-08-18 18:33:05 Request: +User: "tobkle", role: "editor", id: "599716c1646636eeda59e8ed", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599716c1646636eeda59e8ed" + } + ] +} +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-18 18:33:05 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "tobkle", role: "editor", id: "599716c1646636eeda59e8ed", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599716c1646636eeda59e8ed" + } + ] +} +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "tobkle", role: "editor", id: "599716c1646636eeda59e8ed", +Operation: "", variables: "", +Query: +{ + user(id: "599716c1646636eeda59e8ed") { + username + role + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599716c1646636eeda59e8ed" + } + ] +} +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "tobkle", role: "editor", id: "599716c1646636eeda59e8ed", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599716c1646636eeda59e8ed" + } + ] +} +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-18 18:33:05 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599716c1646636eeda59e8ed" + } + ] +} +2017-08-18 18:33:05 ERROR update user not possible for 583291a1638566b3c5a92ca1. +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "tobkle", role: "editor", id: "599716c1646636eeda59e8ed", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599716c1646636eeda59e8ed", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599716c1646636eeda59e8ed" + } + ] +} +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-18 18:33:05 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599716c1646636eeda59e8ed" + } + ] +} +2017-08-18 18:33:05 updated user 599716c1646636eeda59e8ed. +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "tmeasday", role: "editor", id: "599716c1646636eeda59e8ed", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599716c1646636eeda59e8ed", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599716c1646636eeda59e8ed" + } + ] +} +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-18 18:33:05 Authorize update 'updateUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599716c1646636eeda59e8ed" + } + ] +} +2017-08-18 18:33:05 updated user 599716c1646636eeda59e8ed. +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "tmeasday", role: "editor", id: "599716c1646636eeda59e8ed", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599716c1646636eeda59e8ed" + } + ] +} +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-18 18:33:05 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599716c1646636eeda59e8ed" + } + ] +} +2017-08-18 18:33:05 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 { + "authorId": "599716c1646636eeda59e8ed", + "body": "This is a test tweet of user tobkle", + "coauthorsIds": [], + "createdAt": 1503073985727, + "updatedAt": 1503073985727, + "createdById": "599716c1646636eeda59e8ed", + "updatedById": "599716c1646636eeda59e8ed" +} +2017-08-18 18:33:05 Request: +User: "tmeasday", role: "editor", id: "599716c1646636eeda59e8ed", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "599716c1646636eeda59e8ed", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599716c1646636eeda59e8ed" + } + ] +} +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-18 18:33:05 Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is authorized by docRole. +2017-08-18 18:33:05 inserted tweet 599716c1646636eeda59e8ee. +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 { + "authorId": "583291a1638566b3c5a92ca1", + "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", + "coauthorsIds": [], + "createdAt": 1503073985733, + "updatedAt": 1503073985733, + "createdById": "599716c1646636eeda59e8ed", + "updatedById": "599716c1646636eeda59e8ed" +} +2017-08-18 18:33:05 Request: +User: "tmeasday", role: "editor", id: "599716c1646636eeda59e8ed", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-18 18:33:05 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599716c1646636eeda59e8ed" + } + ] +} +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-18 18:33:05 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "tmeasday", role: "editor", id: "599716c1646636eeda59e8ed", +Operation: "", variables: "", +Query: +{ + tweet(id: "599716c1646636eeda59e8ee") { + author { + id + } + body + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599716c1646636eeda59e8ed" + } + ] +} +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "tmeasday", role: "editor", id: "599716c1646636eeda59e8ed", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599716c1646636eeda59e8ed" + } + ] +} +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "tmeasday", role: "editor", id: "599716c1646636eeda59e8ed", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "599716c1646636eeda59e8ee", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599716c1646636eeda59e8ed" + } + ] +} +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-18 18:33:05 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "599716c1646636eeda59e8ed" + }, + { + "coauthorsIds": "599716c1646636eeda59e8ed" + } + ] +} +2017-08-18 18:33:05 updated tweet 599716c1646636eeda59e8ee. +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "tmeasday", role: "editor", id: "599716c1646636eeda59e8ed", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599716c1646636eeda59e8ed" + } + ] +} +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-18 18:33:05 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "599716c1646636eeda59e8ed" + }, + { + "coauthorsIds": "599716c1646636eeda59e8ed" + } + ] +} +2017-08-18 18:33:05 ERROR update tweet not possible for 583676d3618530145474e352. +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "tmeasday", role: "editor", id: "599716c1646636eeda59e8ed", +Operation: "", variables: "", +Query: +{ + tweet(id: "599716c1646636eeda59e8ee") { + body + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599716c1646636eeda59e8ed" + } + ] +} +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "tmeasday", role: "editor", id: "599716c1646636eeda59e8ed", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "599716c1646636eeda59e8ee") +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599716c1646636eeda59e8ed" + } + ] +} +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-18 18:33:05 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "599716c1646636eeda59e8ed" + } + ] +} +2017-08-18 18:33:05 removed tweet 599716c1646636eeda59e8ee. +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "tmeasday", role: "editor", id: "599716c1646636eeda59e8ed", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599716c1646636eeda59e8ed" + } + ] +} +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-18 18:33:05 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "599716c1646636eeda59e8ed" + } + ] +} +2017-08-18 18:33:05 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "tmeasday", role: "editor", id: "599716c1646636eeda59e8ed", +Operation: "", variables: "", +Query: +{ + tweet(id: "599716c1646636eeda59e8ee") { + body + } +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599716c1646636eeda59e8ed" + } + ] +} +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 Request: +User: "tmeasday", role: "editor", id: "599716c1646636eeda59e8ed", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "599716c1646636eeda59e8ed") +} + +2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599716c1646636eeda59e8ed" + } + ] +} +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-18 18:33:05 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599716c1646636eeda59e8ed" + } + ] +} +2017-08-18 18:33:05 removed user 599716c1646636eeda59e8ed. +2017-08-18 18:33:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:33:05 -------------------------------------------------------------------------------- +2017-08-18 18:33:05 ERROR Cannot read property 'load' of undefined +2017-08-18 18:33:05 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "599716c1646636eeda59e8ed") { + username + bio + role + } +} + +2017-08-18 18:33:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 18:36:19 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:36:19 -------------------------------------------------------------------------------- +2017-08-18 18:36:19 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +query IntrospectionQuery { + __schema { + queryType { + name + } + mutationType { + name + } + subscriptionType { + name + } + types { + ...FullType + } + directives { + name + description + locations + args { + ...InputValue + } + } + } +} + +fragment FullType on __Type { + kind + name + description + fields(includeDeprecated: true) { + name + description + args { + ...InputValue + } + type { + ...TypeRef + } + isDeprecated + deprecationReason + } + inputFields { + ...InputValue + } + interfaces { + ...TypeRef + } + enumValues(includeDeprecated: true) { + name + description + isDeprecated + deprecationReason + } + possibleTypes { + ...TypeRef + } +} + +fragment InputValue on __InputValue { + name + description + type { + ...TypeRef + } + defaultValue +} + +fragment TypeRef on __Type { + kind + name + ofType { + kind + name + ofType { + kind + name + ofType { + kind + name + } + } + } +} + +2017-08-18 18:36:19 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:36:19 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 18:36:21 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:36:21 -------------------------------------------------------------------------------- +2017-08-18 18:36:21 Request: +User: "", role: "", id: "", +Operation: "", variables: ""{}"", +Query: +{ + tweets { + id + } +} + +2017-08-18 18:36:21 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:36:21 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 18:36:21 Authorize readMany 'tweets' with user '' and role '' is authorized +2017-08-18 18:36:33 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:36:33 -------------------------------------------------------------------------------- +2017-08-18 18:36:33 ERROR Authorize readMany 'users' with user '' and role: 'null' is not authorized. +2017-08-18 18:36:33 Request: +User: "", role: "", id: "", +Operation: "", variables: ""{}"", +Query: +{ + users { + id + } +} + +2017-08-18 18:36:33 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:36:33 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 18:36:33 ERROR Authorize readMany 'users' with user '' and role: 'null' is not authorized. diff --git a/test/output-app/model/Tweet.js b/test/output-app/model/Tweet.js index 1552b0e..20c751d 100644 --- a/test/output-app/model/Tweet.js +++ b/test/output-app/model/Tweet.js @@ -7,10 +7,11 @@ export default class Tweet { this.context = context; this.collection = context.db.collection('tweet'); this.pubsub = context.pubsub; + const that = this; try { const { me, User } = context; const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User }, authlog('tweet findOneById', 'readOne', me)); - this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); + that.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); } catch (err) { log.error(err.message); } } diff --git a/test/output-app/model/User.js b/test/output-app/model/User.js index de5c96d..757b62e 100644 --- a/test/output-app/model/User.js +++ b/test/output-app/model/User.js @@ -8,10 +8,11 @@ export default class User { this.collection = context.db.collection('user'); this.pubsub = context.pubsub; this.authRole = User.authRole; + const that = this; try { const { me } = context; const authQuery = queryForRoles(me, ['admin'], ['_id'], { User }, authlog('user findOneById', 'readOne', me)); - this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); + that.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); } catch (err) { log.error(err.message); } } diff --git a/test/output-app/server/logs/all-logs-readable.log b/test/output-app/server/logs/all-logs-readable.log deleted file mode 100644 index 2a22689..0000000 --- a/test/output-app/server/logs/all-logs-readable.log +++ /dev/null @@ -1,2144 +0,0 @@ -2017-08-03 19:11:27 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:27 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:27 -------------------------------------------------------------------------------- -2017-08-03 19:11:27 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - role - username - } -} - -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - role - username - } -} - -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca2") { - role - username - } -} - -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - id - username - bio - } -} - -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users { - username - createdAt - } -} - -2017-08-03 19:11:36 Authorize readMany "users" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(limit: 1) { - username - createdAt - } -} - -2017-08-03 19:11:36 Authorize readMany "users" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993) { - username - createdAt - } -} - -2017-08-03 19:11:36 Authorize readMany "users" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } -} - -2017-08-03 19:11:36 Authorize readMany "users" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers { - username - createdAt - } - } -} - -2017-08-03 19:11:36 Authorize readMany "user followers" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(limit: 1) { - username - createdAt - } - } -} - -2017-08-03 19:11:36 Authorize readMany "user followers" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-08-03 19:11:36 Authorize readMany "user followers" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-08-03 19:11:36 Authorize readMany "user followers" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following { - username - createdAt - } - } -} - -2017-08-03 19:11:36 Authorize readMany "user following" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(limit: 1) { - username - createdAt - } - } -} - -2017-08-03 19:11:36 Authorize readMany "user following" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-08-03 19:11:36 Authorize readMany "user following" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-08-03 19:11:36 Authorize readMany "user following" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets { - id - createdAt - } - } -} - -2017-08-03 19:11:36 Authorize readMany "user tweets" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(limit: 1) { - id - createdAt - } - } -} - -2017-08-03 19:11:36 Authorize readMany "user tweets" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } - } -} - -2017-08-03 19:11:36 Authorize readMany "user tweets" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } - } -} - -2017-08-03 19:11:36 Authorize readMany "user tweets" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked { - id - createdAt - } - } -} - -2017-08-03 19:11:36 Authorize readMany "user liked" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(limit: 1) { - id - createdAt - } - } -} - -2017-08-03 19:11:36 Authorize readMany "user liked" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334) { - id - createdAt - } - } -} - -2017-08-03 19:11:36 Authorize readMany "user liked" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334, limit: 1) { - id - createdAt - } - } -} - -2017-08-03 19:11:36 Authorize readMany "user liked" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - id - body - } -} - -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - author { - username - } - } -} - -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets { - id - createdAt - } -} - -2017-08-03 19:11:36 Authorize readMany "tweets" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(limit: 1) { - id - createdAt - } -} - -2017-08-03 19:11:36 Authorize readMany "tweets" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } -} - -2017-08-03 19:11:36 Authorize readMany "tweets" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } -} - -2017-08-03 19:11:36 Authorize readMany "tweets" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers { - username - createdAt - } - } -} - -2017-08-03 19:11:36 Authorize readMany "tweet likers" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(limit: 1) { - username - createdAt - } - } -} - -2017-08-03 19:11:36 Authorize readMany "tweet likers" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993) { - username - createdAt - } - } -} - -2017-08-03 19:11:36 Authorize readMany "tweet likers" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } - } -} - -2017-08-03 19:11:36 Authorize readMany "tweet likers" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { - id - role - } -} - -2017-08-03 19:11:36 Authorize create "createUser" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:36 Authorize create "createUser" with user "stubailo" and role: "admin" is authorized by userRole. -2017-08-03 19:11:36 inserted user 59835948075def94489f4100. -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "tobkle", role: "admin", id: "59835948075def94489f4100", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-03 19:11:36 Authorize create "createUser" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 Authorize create "createUser" with user "tobkle" and role: "admin" is authorized by userRole. -2017-08-03 19:11:36 inserted user 59835948075def94489f4101. -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "tobkle", role: "admin", id: "59835948075def94489f4100", -Operation: "", variables: "", -Query: -{ - user(id: "59835948075def94489f4101") { - username - bio - role - } -} - -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "tobkle", role: "admin", id: "59835948075def94489f4100", -Operation: "", variables: "", -Query: -{ - user(id: "59835948075def94489f4100") { - username - role - } -} - -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "tobkle", role: "admin", id: "59835948075def94489f4100", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59835948075def94489f4101", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-03 19:11:36 Authorize update "updateUser" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 updated user 59835948075def94489f4101. -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "tobkle", role: "admin", id: "59835948075def94489f4100", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59835948075def94489f4100", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-03 19:11:36 Authorize update "updateUser" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 updated user 59835948075def94489f4100. -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "tobkle", role: "admin", id: "59835948075def94489f4100", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59835948075def94489f4101", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { - username - bio - role - } -} - -2017-08-03 19:11:36 Authorize update "updateUser" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 updated user 59835948075def94489f4101. -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "tobkle", role: "admin", id: "59835948075def94489f4100", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59835948075def94489f4100", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-03 19:11:36 Authorize update "updateUser" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 updated user 59835948075def94489f4100. -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role: "editor" with -authQuery: { - "$or": [ - { - "_id": "59835948075def94489f4100" - } - ] -} -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "editor" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "tobkle", role: "editor", id: "59835948075def94489f4100", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59835948075def94489f4100", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-03 19:11:36 Authorize update "updateUser" with user "tobkle" and role: "editor" with -authQuery: { - "$or": [ - { - "_id": "59835948075def94489f4100" - } - ] -} -2017-08-03 19:11:36 updated user 59835948075def94489f4100. -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "zoltan" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "zoltan" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "zoltan", role: "admin", id: "59835948075def94489f4101", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59835948075def94489f4100", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-03 19:11:36 Authorize update "updateUser" with user "zoltan" and role "admin" is authorized -2017-08-03 19:11:36 updated user 59835948075def94489f4100. -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "tobkle", role: "admin", id: "59835948075def94489f4100", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59835948075def94489f4101") -} - -2017-08-03 19:11:36 Authorize delete "removeUser" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 removed user 59835948075def94489f4101. -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "tobkle", role: "admin", id: "59835948075def94489f4100", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59835948075def94489f4100", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-03 19:11:36 { - "authorId": "59835948075def94489f4100", - "body": "This is a test tweet of user tobkle", - "coauthorsIds": [], - "createdAt": 1501780296690, - "updatedAt": 1501780296690, - "createdById": "59835948075def94489f4100", - "updatedById": "59835948075def94489f4100" -} -2017-08-03 19:11:36 Authorize create "createTweet" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 Authorize create "createTweet" with user "tobkle" and role: "admin" is authorized by userRole. -2017-08-03 19:11:36 inserted tweet 59835948075def94489f4102. -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "tobkle", role: "admin", id: "59835948075def94489f4100", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-03 19:11:36 { - "authorId": "583291a1638566b3c5a92ca1", - "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", - "coauthorsIds": [], - "createdAt": 1501780296700, - "updatedAt": 1501780296700, - "createdById": "59835948075def94489f4100", - "updatedById": "59835948075def94489f4100" -} -2017-08-03 19:11:36 Authorize create "createTweet" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 Authorize create "createTweet" with user "tobkle" and role: "admin" is authorized by userRole. -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "tobkle", role: "admin", id: "59835948075def94489f4100", -Operation: "", variables: "", -Query: -{ - tweet(id: "59835948075def94489f4102") { - author { - id - } - body - } -} - -2017-08-03 19:11:36 inserted tweet 59835948075def94489f4103. -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "tobkle", role: "admin", id: "59835948075def94489f4100", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "tobkle", role: "admin", id: "59835948075def94489f4100", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59835948075def94489f4102", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-03 19:11:36 Authorize update "updateTweet" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 updated tweet 59835948075def94489f4102. -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "tobkle", role: "admin", id: "59835948075def94489f4100", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59835948075def94489f4103", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-03 19:11:36 Authorize update "updateTweet" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 updated tweet 59835948075def94489f4103. -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "tobkle", role: "admin", id: "59835948075def94489f4100", -Operation: "", variables: "", -Query: -{ - tweet(id: "59835948075def94489f4102") { - body - } -} - -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "tobkle", role: "admin", id: "59835948075def94489f4100", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59835948075def94489f4102") -} - -2017-08-03 19:11:36 Authorize delete "removeTweet" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 removed tweet 59835948075def94489f4102. -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "tobkle", role: "admin", id: "59835948075def94489f4100", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59835948075def94489f4103") -} - -2017-08-03 19:11:36 Authorize delete "removeTweet" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 removed tweet 59835948075def94489f4103. -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "tobkle", role: "admin", id: "59835948075def94489f4100", -Operation: "", variables: "", -Query: -{ - tweet(id: "59835948075def94489f4102") { - body - } -} - -2017-08-03 19:11:36 Authorize readOne "user findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "tobkle", role: "admin", id: "59835948075def94489f4100", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59835948075def94489f4100") -} - -2017-08-03 19:11:36 Authorize delete "removeUser" with user "tobkle" and role "admin" is authorized -2017-08-03 19:11:36 removed user 59835948075def94489f4100. -2017-08-03 19:11:36 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "" and role "" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59835948075def94489f4100") { - username - bio - role - } -} - -2017-08-03 19:11:36 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "" and role "" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-08-03 19:11:36 ERROR Cannot read property 'toString' of undefined -2017-08-03 19:11:36 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "" and role "" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-03 19:11:36 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "" and role "" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-03 19:11:36 ERROR Authorize update "updateUser" with user "" and role: "null" is not authorized. -2017-08-03 19:11:36 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "" and role "" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-03 19:11:36 ERROR Authorize delete "removeUser" with user "" and role: "null" is not authorized. -2017-08-03 19:11:36 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "" and role "" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-03 19:11:36 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "" and role "" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-03 19:11:36 { - "authorId": "583291a1638566b3c5a92ca1", - "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", - "coauthorsIds": [], - "createdAt": 1501780296965, - "updatedAt": 1501780296965, - "createdById": "unknown", - "updatedById": "unknown" -} -2017-08-03 19:11:36 ERROR Cannot read property 'toString' of undefined -2017-08-03 19:11:36 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "" and role "" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-03 19:11:36 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. -2017-08-03 19:11:36 Authorize readOne "tweet findOneById" with user "" and role "" is authorized -2017-08-03 19:11:36 -------------------------------------------------------------------------------- -2017-08-03 19:11:36 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-03 19:11:37 ERROR Authorize update "updateTweet" with user "" and role: "null" is not authorized. -2017-08-03 19:11:37 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "" and role "" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-03 19:11:37 ERROR Authorize update "updateTweet" with user "" and role: "null" is not authorized. -2017-08-03 19:11:37 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "" and role "" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-03 19:11:37 ERROR Authorize delete "removeTweet" with user "" and role: "null" is not authorized. -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { - id - role - } -} - -2017-08-03 19:11:37 Authorize create "createUser" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:37 Authorize create "createUser" with user "stubailo" and role: "admin" is authorized by userRole. -2017-08-03 19:11:37 inserted user 59835949075def94489f4104. -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tobkle", role: "user", id: "59835949075def94489f4104", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-08-03 19:11:37 ERROR Cannot read property 'toString' of undefined -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tobkle", role: "user", id: "59835949075def94489f4104", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tobkle", role: "user", id: "59835949075def94489f4104", -Operation: "", variables: "", -Query: -{ - user(id: "59835949075def94489f4104") { - username - } -} - -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tobkle", role: "user", id: "59835949075def94489f4104", -Operation: "", variables: "", -Query: -{ - user(id: "59835949075def94489f4104") { - username - role - } -} - -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tobkle", role: "user", id: "59835949075def94489f4104", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-03 19:11:37 Authorize update "updateUser" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 ERROR update user not possible for 583291a1638566b3c5a92ca1. -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tobkle", role: "user", id: "59835949075def94489f4104", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59835949075def94489f4104", input: {username: "tobkle", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-08-03 19:11:37 Authorize update "updateUser" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 updated user 59835949075def94489f4104. -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tobkle", role: "user", id: "59835949075def94489f4104", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59835949075def94489f4104", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-03 19:11:37 Authorize update "updateUser" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 updated user 59835949075def94489f4104. -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tobkle", role: "user", id: "59835949075def94489f4104", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-03 19:11:37 Authorize delete "removeUser" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tobkle", role: "user", id: "59835949075def94489f4104", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59835949075def94489f4104", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-03 19:11:37 { - "authorId": "59835949075def94489f4104", - "body": "This is a test tweet of user tobkle", - "coauthorsIds": [], - "createdAt": 1501780297175, - "updatedAt": 1501780297175, - "createdById": "59835949075def94489f4104", - "updatedById": "59835949075def94489f4104" -} -2017-08-03 19:11:37 Authorize create "createTweet" with user "tobkle" and role: "user" is authorized by docRole. -2017-08-03 19:11:37 inserted tweet 59835949075def94489f4105. -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tobkle", role: "user", id: "59835949075def94489f4104", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-03 19:11:37 { - "authorId": "583291a1638566b3c5a92ca1", - "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", - "coauthorsIds": [], - "createdAt": 1501780297182, - "updatedAt": 1501780297182, - "createdById": "59835949075def94489f4104", - "updatedById": "59835949075def94489f4104" -} -2017-08-03 19:11:37 ERROR Authorize create "createTweet" with user "tobkle" and role: "user" is not authorized. -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tobkle", role: "user", id: "59835949075def94489f4104", -Operation: "", variables: "", -Query: -{ - tweet(id: "59835949075def94489f4105") { - author { - id - } - body - } -} - -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tobkle", role: "user", id: "59835949075def94489f4104", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tobkle", role: "user", id: "59835949075def94489f4104", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59835949075def94489f4105", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-03 19:11:37 Authorize update "updateTweet" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "authorId": "59835949075def94489f4104" - }, - { - "coauthorsIds": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 updated tweet 59835949075def94489f4105. -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tobkle", role: "user", id: "59835949075def94489f4104", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-03 19:11:37 Authorize update "updateTweet" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "authorId": "59835949075def94489f4104" - }, - { - "coauthorsIds": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 ERROR update tweet not possible for 583676d3618530145474e352. -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tobkle", role: "user", id: "59835949075def94489f4104", -Operation: "", variables: "", -Query: -{ - tweet(id: "59835949075def94489f4105") { - body - } -} - -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tobkle", role: "user", id: "59835949075def94489f4104", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59835949075def94489f4105") -} - -2017-08-03 19:11:37 Authorize delete "removeTweet" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "authorId": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 removed tweet 59835949075def94489f4105. -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tobkle", role: "user", id: "59835949075def94489f4104", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-03 19:11:37 Authorize delete "removeTweet" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "authorId": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tobkle", role: "user", id: "59835949075def94489f4104", -Operation: "", variables: "", -Query: -{ - tweet(id: "59835949075def94489f4105") { - body - } -} - -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "user" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tobkle", role: "user", id: "59835949075def94489f4104", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59835949075def94489f4104") -} - -2017-08-03 19:11:37 Authorize delete "removeUser" with user "tobkle" and role: "user" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4104" - } - ] -} -2017-08-03 19:11:37 removed user 59835949075def94489f4104. -2017-08-03 19:11:37 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "" and role "" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59835949075def94489f4104") { - username - bio - role - } -} - -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { - id - role - } -} - -2017-08-03 19:11:37 Authorize create "createUser" with user "stubailo" and role "admin" is authorized -2017-08-03 19:11:37 Authorize create "createUser" with user "stubailo" and role: "admin" is authorized by userRole. -2017-08-03 19:11:37 inserted user 59835949075def94489f4106. -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "editor" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "editor" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tobkle", role: "editor", id: "59835949075def94489f4106", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-03 19:11:37 ERROR Cannot read property 'toString' of undefined -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "editor" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "editor" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tobkle", role: "editor", id: "59835949075def94489f4106", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "editor" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "editor" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tobkle", role: "editor", id: "59835949075def94489f4106", -Operation: "", variables: "", -Query: -{ - user(id: "59835949075def94489f4106") { - username - role - } -} - -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "editor" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "editor" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tobkle", role: "editor", id: "59835949075def94489f4106", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-03 19:11:37 Authorize update "updateUser" with user "tobkle" and role: "editor" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 ERROR update user not possible for 583291a1638566b3c5a92ca1. -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tobkle" and role: "editor" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tobkle" and role "editor" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tobkle", role: "editor", id: "59835949075def94489f4106", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59835949075def94489f4106", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-08-03 19:11:37 Authorize update "updateUser" with user "tobkle" and role: "editor" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 updated user 59835949075def94489f4106. -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tmeasday", role: "editor", id: "59835949075def94489f4106", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59835949075def94489f4106", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-03 19:11:37 Authorize update "updateUser" with user "tmeasday" and role: "editor" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 updated user 59835949075def94489f4106. -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tmeasday", role: "editor", id: "59835949075def94489f4106", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-03 19:11:37 Authorize delete "removeUser" with user "tmeasday" and role: "editor" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tmeasday", role: "editor", id: "59835949075def94489f4106", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59835949075def94489f4106", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-03 19:11:37 { - "authorId": "59835949075def94489f4106", - "body": "This is a test tweet of user tobkle", - "coauthorsIds": [], - "createdAt": 1501780297472, - "updatedAt": 1501780297472, - "createdById": "59835949075def94489f4106", - "updatedById": "59835949075def94489f4106" -} -2017-08-03 19:11:37 Authorize create "createTweet" with user "tmeasday" and role: "editor" is authorized by docRole. -2017-08-03 19:11:37 inserted tweet 59835949075def94489f4107. -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tmeasday", role: "editor", id: "59835949075def94489f4106", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-03 19:11:37 { - "authorId": "583291a1638566b3c5a92ca1", - "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", - "coauthorsIds": [], - "createdAt": 1501780297510, - "updatedAt": 1501780297510, - "createdById": "59835949075def94489f4106", - "updatedById": "59835949075def94489f4106" -} -2017-08-03 19:11:37 ERROR Authorize create "createTweet" with user "tmeasday" and role: "editor" is not authorized. -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tmeasday", role: "editor", id: "59835949075def94489f4106", -Operation: "", variables: "", -Query: -{ - tweet(id: "59835949075def94489f4107") { - author { - id - } - body - } -} - -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tmeasday", role: "editor", id: "59835949075def94489f4106", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tmeasday", role: "editor", id: "59835949075def94489f4106", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59835949075def94489f4107", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-03 19:11:37 Authorize update "updateTweet" with user "tmeasday" and role: "editor" with -authQuery: { - "$or": [ - { - "authorId": "59835949075def94489f4106" - }, - { - "coauthorsIds": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 updated tweet 59835949075def94489f4107. -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tmeasday", role: "editor", id: "59835949075def94489f4106", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-03 19:11:37 Authorize update "updateTweet" with user "tmeasday" and role: "editor" with -authQuery: { - "$or": [ - { - "authorId": "59835949075def94489f4106" - }, - { - "coauthorsIds": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 ERROR update tweet not possible for 583676d3618530145474e352. -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tmeasday", role: "editor", id: "59835949075def94489f4106", -Operation: "", variables: "", -Query: -{ - tweet(id: "59835949075def94489f4107") { - body - } -} - -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tmeasday", role: "editor", id: "59835949075def94489f4106", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59835949075def94489f4107") -} - -2017-08-03 19:11:37 Authorize delete "removeTweet" with user "tmeasday" and role: "editor" with -authQuery: { - "$or": [ - { - "authorId": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 removed tweet 59835949075def94489f4107. -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tmeasday", role: "editor", id: "59835949075def94489f4106", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-03 19:11:37 Authorize delete "removeTweet" with user "tmeasday" and role: "editor" with -authQuery: { - "$or": [ - { - "authorId": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tmeasday", role: "editor", id: "59835949075def94489f4106", -Operation: "", variables: "", -Query: -{ - tweet(id: "59835949075def94489f4107") { - body - } -} - -2017-08-03 19:11:37 Authorize readOne "user findOneById" with user "tmeasday" and role: "editor" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "tmeasday" and role "editor" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "tmeasday", role: "editor", id: "59835949075def94489f4106", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59835949075def94489f4106") -} - -2017-08-03 19:11:37 Authorize delete "removeUser" with user "tmeasday" and role: "editor" with -authQuery: { - "$or": [ - { - "_id": "59835949075def94489f4106" - } - ] -} -2017-08-03 19:11:37 removed user 59835949075def94489f4106. -2017-08-03 19:11:37 ERROR Authorize readOne "user findOneById" with user "" and role: "null" is not authorized. -2017-08-03 19:11:37 Authorize readOne "tweet findOneById" with user "" and role "" is authorized -2017-08-03 19:11:37 -------------------------------------------------------------------------------- -2017-08-03 19:11:37 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59835949075def94489f4106") { - username - bio - role - } -} - -2017-08-18 18:15:59 Logger started -2017-08-18 18:17:15 Logger started From d12860b73571ef37df32b657cf53b72ef152b167 Mon Sep 17 00:00:00 2001 From: tobkle Date: Sun, 20 Aug 2017 16:24:09 +0200 Subject: [PATCH 58/69] with generator --- bin/test-model-generator.js | 17 + generate/authorize.js | 834 + generate/model/index.js | 20 +- generate/model/templates/base.js.template | 104 +- .../paginatedAssociation.js.template | 10 +- .../templates/singularAssociation.js.template | 4 +- generate/read.js | 7 +- generate/resolvers/index.js | 1 + generate/resolvers/templates/base.js.template | 30 +- .../templates/fieldOfType.js.template | 4 +- .../templates/paginatedField.js.template | 4 +- generate/schema/index.js | 40 +- skel/.gitignore | 4 + skel/README.md | 1099 + skel/model/index.js | 8 +- skel/package.json | 9 +- skel/server/authenticate.js | 14 +- skel/server/index.js | 34 +- skel/yarn.lock | 4192 --- test/generate/directives.js | 2 +- test/generate/schema.js | 6 +- test/input/Tweet.graphql | 8 +- test/input/User.graphql | 12 +- test/output-app/README.md | 6 +- test/output-app/log/all-logs-readable.log | 21436 ++++++++++++++++ test/output-app/model/Tweet.js | 59 +- test/output-app/model/User.js | 15 +- test/output-app/package.json | 1 - test/output-app/resolvers/Tweet.js | 10 +- test/output-app/resolvers/User.js | 2 +- test/output-app/schema/Tweet.graphql | 18 +- test/output-app/schema/User.graphql | 24 +- test/output-app/server/index.js | 1 + yarn.lock | 3144 --- 34 files changed, 23677 insertions(+), 7502 deletions(-) create mode 100644 bin/test-model-generator.js create mode 100644 generate/authorize.js create mode 100644 skel/README.md delete mode 100644 skel/yarn.lock delete mode 100644 yarn.lock diff --git a/bin/test-model-generator.js b/bin/test-model-generator.js new file mode 100644 index 0000000..478df5f --- /dev/null +++ b/bin/test-model-generator.js @@ -0,0 +1,17 @@ +import { describe, it } from 'mocha'; +import chai, { expect } from 'chai'; +import chaiDiff from 'chai-diff'; +import fs from 'fs'; +import { print } from 'graphql'; + +import readInput from '../generate/read'; +import generateSchema from '../generate/schema'; +import generateResolvers from '../generate/resolvers'; +import generateModel from '../generate/model'; + +const input = readInput(`${__dirname}/../test/input/User.graphql`); +const schema = generateSchema(input); +const resolverOutput = generateResolvers(input, schema); +const modelOutput = generateModel(input, schema); + +console.log(print(schema)); diff --git a/generate/authorize.js b/generate/authorize.js new file mode 100644 index 0000000..c27bb37 --- /dev/null +++ b/generate/authorize.js @@ -0,0 +1,834 @@ +/* + * Authorization Code Generator functions + * + * @module create-graphql-server-authorization + * @export function generateAuthCode(typeName, inputSchema) + * + */ + +// name of the @authorize directive, which triggers authorization logic + const AUTHORIZE_DIRECTIVE = 'authorize'; + +// constants to read GraphQL Abstract Syntax Tree (AST) + const OBJECT_TYPE_DEFINITION = 'ObjectTypeDefinition'; + const FIELD_DEFINITION = 'FieldDefinition'; + const NON_NULL_TYPE = 'NonNullType'; + const STRING_VALUE = 'StringValue'; + const LIST_TYPE = 'ListType'; + const LIST_VALUE = 'ListValue'; + const DIRECTIVE = 'Directive'; + const ARGUMENT = 'Argument'; + const NAME = 'Name'; + +// valid authorization mode values: + const CREATE = 'create'; + const READ = 'read'; // which means both: 'readOne' and 'readMany' + const READ_ONE = 'readOne'; + const READ_MANY = 'readMany'; + const UPDATE = 'update'; + const DELETE = 'delete'; + +// for the role definitions + const USER_ROLE = 'userRole'; + const DOC_ROLE = 'docRole'; + const AUTH_ROLE = 'authRole'; + const FOR = 'for'; + const THIS = 'this'; + const WORLD = 'world'; + const NAMED_TYPE = 'NamedType'; + const STRING = 'String'; + const LIST_OF_STRINGS = '[String]'; + const USER = 'User'; + const LIST_OF_USERS = '[User]'; + const ID_FIELD = '_id'; + const ID_SINGULAR = 'Id'; + const ID_PLURAL = 'Ids'; + +// valid authorization modes +const MODES = [ CREATE, READ, READ_ONE, READ_MANY, UPDATE, DELETE ]; + +// template for default allRoles, to prepare one role +const CODE_MODES = [ CREATE, READ_ONE, READ_MANY, UPDATE, DELETE ]; + +/* + * generate authorization code + * @param {string} typeName + * @param {object} inputSchema + * @return {object} generatedCode + */ +export function generateAuthorizationCode ( typeName = '', inputSchema = {} ){ + const authorize = isAuthorizeDirectiveDefined ( inputSchema ); + const { userRoles, docRoles, roleFieldName } = getRoles ( authorize, inputSchema ); + return { + generateAuthCodeModeReadOne: generateAuthCodeModeReadOne( authorize, typeName, userRoles.readOne, docRoles.readOne ), + generateAuthCodeModeReadMany: generateAuthCodeModeReadMany( authorize, typeName, userRoles.readMany, docRoles.readMany ), + generateAuthCodeModeCreate: generateAuthCodeModeCreate( authorize, typeName, userRoles.create, docRoles.create, roleFieldName ), + generateAuthCodeModeUpdate: generateAuthCodeModeUpdate( authorize, typeName, userRoles.update, docRoles.update, roleFieldName ), + generateAuthCodeModeDelete: generateAuthCodeModeDelete( authorize, typeName, userRoles.delete, docRoles.delete ), + generateCreatedBy: generateCreatedBy( authorize, typeName ), + generateUpdatedBy: generateUpdatedBy( authorize, typeName ), + generateAuthRoleDefinition: generateAuthRoleDefinition( authorize, typeName ), + generateAuthRoleMethod: generateAuthRoleMethod( authorize, typeName, roleFieldName ), + } +} + +/* + * check, if there is a @authorize directive in the header + * of the type's inputSchema + * if there is an @authorize directive => true + * if thers is no @authorize directive => false + * @param {object} inputSchema + * @return {boolean} authorized + */ +export function isAuthorizeDirectiveDefined ( inputSchema ) { + + const authorized = ( + inputSchema.definitions && + inputSchema.definitions[0] && + inputSchema.definitions[0].directives && + inputSchema.definitions[0].directives[0] && + inputSchema.definitions[0].directives[0].name && + inputSchema.definitions[0].directives[0].name.value === AUTHORIZE_DIRECTIVE + || false); + + return authorized; +} + +/* + * get userRoles and docRoles + * @param {boolean} authorize + * @param {object} inputSchema + * @return {object} { + * {object} userRoles, + * {object} docRoles, + * {string} roleFieldName, + * } + */ +function getRoles ( authorize, inputSchema ) { + // create empty userRoles and docRoles objects + // as default values, which are used + // if there is not @authorize directive + const userRoles = {}; + const docRoles = {}; + let roleFieldNamesFound = []; + CODE_MODES.forEach(mode => userRoles[mode] = []); + CODE_MODES.forEach(mode => docRoles[mode] = []); + + // check if there is an @authorize directive + if ( authorize ) { + // then re-determine the userRoles and docRoles + // from the @authorize tag of the type definition + const allRolesArguments = inputSchema.definitions[0].directives[0].arguments || {}; + const allRoles = getAllRoles ( allRolesArguments, inputSchema ); + allRoles.forEach(role => { + switch (role.type) { + + case USER_ROLE: + // check, if there is already another userRole field + if (roleFieldNamesFound.length > 0 && + role.roleFieldName !== '' && + !roleFieldNamesFound.includes(role.roleFieldName)) { + + // We allow only one field which keeps all userRoles + throw new Error(`Please adjust type definition, that there is only ONE field, + which keeps all user roles. You've tried to add a second userRole field: '${role.roleFieldName}', + but there is already another userRole field: '${roleFieldNamesFound[0]}' defined. + Please try instead: '${roleFieldNamesFound[0]}: String @authRole(for: ["otherRole", "${role.roleName}"])'`); + } + if (role.roleFieldName !== '') roleFieldNamesFound.push(role.roleFieldName); + + Object.keys(role.modes).forEach(mode => { + if(role.modes[mode]) userRoles[mode].push(role.roleName); + }); + break; + + case DOC_ROLE: + Object.keys(role.modes).forEach(mode => { + if(role.modes[mode]) docRoles[mode].push(role.roleName); + }); + break; + } + }); + } + + return { + userRoles, + docRoles, + roleFieldName: roleFieldNamesFound.length > 0 ? roleFieldNamesFound[0] : '', + }; + +} + +/* + * get the roles from the @authorize directive + * by reading the input schema's abstract syntax tree + * to get the roles and their authorized modes + * @param {object} allRolesArguments + * @return {array} allRoles + */ +function getAllRoles ( allRolesArguments = [], inputSchema ) { + /* Example: + @authorize( + //role: roleModes: [mode.value] + admin: ["create", "read", "update", "delete"] + this: ["read", "update", "delete"] + ) + */ + let allRoles = []; + + // get all Roles of the type's @authorize directives + // e.g. 'admin', 'this' + allRolesArguments.forEach(roleArgument => { + // new role found + const role = {}; + + // check if it is a valid role + if (roleArgument.kind === ARGUMENT && + roleArgument.name && + roleArgument.name.kind === NAME && + roleArgument.name.value && + roleArgument.name.value !== ''){ + + // define the new role + role.name = roleArgument.name.value; + + // determine, if it is a 'userRole' or 'docRole' + const { roleType, roleName, roleFieldName } = getRoleType(role.name, inputSchema); + role.type = roleType; + role.roleName = roleName; + role.roleFieldName = roleFieldName; + + // create a default object, necessary for missing modes + role.modes = {}; + CODE_MODES.forEach(mode => role.modes[mode] = ''); + + // check, if it is a list of values + if (roleArgument.value.kind && + roleArgument.value.kind === LIST_VALUE && + roleArgument.value.values && + roleArgument.value.values.length > 0){ + + // get all authorized modes of the role + const roleModes = roleArgument.value.values; + roleModes.forEach(mode => { + + // check, if it is a valid authorization mode + // e.g. 'create', 'update', 'delete', etc. + if (mode.kind && + mode.kind === STRING_VALUE && + mode.value && + MODES.includes(mode.value) ){ + + // it is a valid authorization mode: + // e.g. { + // name: 'admin', + // type: null, // later: => 'userRole' || 'docRole' + // modes: { + // create: 'admin', + // readOne: 'admin', + // readMany: 'admin', + // update: 'admin',, + // delete: 'admin', + // } + // 'create' = 'admin' + // special case 'read' means both, 'readOne' and 'readMany' + + if (mode.value === READ){ + role.modes[READ_ONE] = role.roleName; + role.modes[READ_MANY] = role.roleName; + } else{ + role.modes[mode.value] = role.roleName; + } + } + }); + + // check, if it is a simple string value: + } else if (roleArgument.name.value.kind && + roleArgument.name.value.kind === STRING_VALUE && + roleArgument.name.value && + MODES.includes(roleArgument.name.value) ) { + + // 'create' = 'admin' + // special case 'read' means both, 'readOne' and 'readMany' + if (roleArgument.name.value === READ){ + role.modes[READ_ONE] = role.roleName; + role.modes[READ_MANY] = role.roleName; + } else{ + role.modes[roleArgument.name.value] = role.roleName; + } + + } + // add it to the list of roles + allRoles.push(role); + } + }); + + return allRoles; +} + +/* + * decide, if the given role is whether + * a 'userRole' or a 'docRole' + * + * Procedure: + * 1. Determine, if this field is used as a roleField + * 2. Check, if this roleField... + * a) is of type: String or [String] ==> userRole + * b) is of type: User or [User] ==> docRole + * c) roleName = 'this' ==> docRole + * 3. If there is no roleField in this type + * it must be a userRole + * + * For 1. is a roleField: + * read the type's abstract syntax tree + * loop over all provided fields, + * check, if the field has a directive '@authRole' + * and if this authRole is 'for' the provided 'roleName' + * or the roleName is the special case 'this' + * ==> then it is a roleField + * + * For 2. get it's fieldType: + * read the type's abstract syntax tree + * for the roleField and read it's type + * + * a) if it is a String or List of Strings, + * then the roleType = 'userRole' + * + * b) if it is a User or List of Users (userIds), + * then the roleType = 'docType' + * + * c) special case: roleName = 'this' + * (it doesn't look for an authRole for 'this') + * it means the document's id field is used for this + * meaning the role defines the authorizations, + * a User has upon his own User document + * + * For 3. none of the above applies + * so the role must be a userRole + * + * @param {string} roleName + * @return {string} roleType => 'userRole' || 'docRole' || exception + */ +function getRoleType ( name = '', inputSchema = {} ) { + + // all field definitions of the type + const allFields = inputSchema.definitions[0].fields; + let roleType = null; + let roleName = ''; + let roleFieldName = ''; + + // special case 'this' + if (name === THIS) return { + roleType: DOC_ROLE, + roleName: ID_FIELD, + roleFieldName: ID_FIELD, + }; + + // loop over all fields to find authRole directive + allFields.forEach(field => { + if (field.kind && + field.kind === FIELD_DEFINITION && + field.name && + field.name.kind && + field.name.kind === NAME && + field.name.value && + field.directives && + field.directives.length > 0) { + + // 1. check, if it is a roleField + if ( isRoleField ( name, field.directives ) ) { + // 2. get the type of the field + const fieldType = getFieldType ( field ); + // determine the roleType: 'userRole' || 'docRole' + // and the roleName for... + // userRoles: 'admin', 'user',... + // docRoles: 'authorId', 'coAuthorsIds',... + switch (fieldType) { + + case STRING: + // a) userRole + roleType = USER_ROLE; + roleName = name; + roleFieldName = field.name.value; + break; + + case LIST_OF_STRINGS: + // a) userRole + roleType = USER_ROLE; + roleName = name; + roleFieldName = field.name.value; + break; + + case USER: + // b) docRole + roleType = DOC_ROLE; + roleName = `${field.name.value}${ID_SINGULAR}`; + roleFieldName = field.name.value; + break; + + case LIST_OF_USERS: + // b) docRole + roleType = DOC_ROLE; + roleName = `${field.name.value}${ID_PLURAL}`; + roleFieldName = field.name.value; + break; + + } + } + } + }); + + if (roleType) { + // 2. a) userRole or b) docRole applies + return { + roleType, + roleName, + roleFieldName, + } + } else if ( name !== '' ) { + // 3. none of the above applies, so it must be a userRole + return { + roleType: USER_ROLE, + roleName: name, + roleFieldName: '', + } + }; + +} + +/* + * is this field a roleField + * check, if this field has the authRole directive + * @param {string} roleName + * @param {array} fieldDirectives + * @return {boolean} isRoleField + */ +function isRoleField ( roleName, fieldDirectives ){ + let found = false; + + // loop over all field directives for an 'authRole' + fieldDirectives.forEach(fieldDirective => { + if (fieldDirective.kind && + fieldDirective.kind === DIRECTIVE && + fieldDirective.name && + fieldDirective.name.kind === NAME && + fieldDirective.name.value === AUTH_ROLE && + fieldDirective.arguments && + fieldDirective.arguments.length > 0) { + + // loop over all arguments, if it is for our roleName + // e.g. roleName: 'admin' find @authRole(for: ["admin"]) + fieldDirective.arguments.forEach(fieldDirectiveArgument => { + + // check, if there is a 'for' + if (fieldDirectiveArgument.name && + fieldDirectiveArgument.name.kind && + fieldDirectiveArgument.name.kind === NAME && + fieldDirectiveArgument.name.value && + fieldDirectiveArgument.name.value === FOR && + fieldDirectiveArgument.value && + fieldDirectiveArgument.value.kind) { + + // check, if it is a list value: + if (fieldDirectiveArgument.value.kind === LIST_VALUE && + fieldDirectiveArgument.value.values && + fieldDirectiveArgument.value.values.length > 0){ + // loop over all values, if there is one with our roleName + const fieldRoles = fieldDirectiveArgument.value.values; + fieldRoles.forEach(fieldRole => { + //check, if it is our roleName + if (fieldRole.kind && + fieldRole.kind === STRING_VALUE && + fieldRole.value && + fieldRole.value !== '' && + fieldRole.value === roleName) { + // we found it! + found = true; + } + }); + // check, if it is a single value: + } else if (fieldDirectiveArgument.value.kind === STRING_VALUE && + fieldDirectiveArgument.value.value && + fieldDirectiveArgument.value.value !== '' && + fieldDirectiveArgument.value.value === roleName){ + // we found it! + found = true; + } + } + }); + + } + }); + return found; +} + +/* + * get the field's type + * @param {object} field + * @return {type} fieldType + */ +function getFieldType ( field ) { + + // pattern: 'role: String' + if (field.type && + field.type.kind && + field.type.kind === NAMED_TYPE && + field.type.name && + field.type.name.kind && + field.type.name.kind === NAME && + field.type.name.value){ + + if (field.type.name.value === STRING) + return STRING; + + if (field.type.name.value === USER) + return USER; + + } + + // pattern: 'role: String!' + if (field.type && + field.type.kind && + field.type.kind === NON_NULL_TYPE && + field.type.type && + field.type.type.name && + field.type.type.name.kind && + field.type.type.name.kind === NAME && + field.type.type.name.value){ + + if (field.type.type.name.value === STRING) + return STRING; + + if (field.type.type.name.value === USER) + return USER; + + } + + // pattern: 'coauthors: [User]' + if (field.type && + field.type.kind && + field.type.kind === LIST_TYPE && + field.type.type && + field.type.type.name && + field.type.type.name.kind && + field.type.type.name.kind === NAME && + field.type.type.name.value){ + + if (field.type.type.name.value === STRING) + return LIST_OF_STRINGS; + + if (field.type.type.name.value === USER) + return LIST_OF_USERS; + + } + + // pattern: 'coauthors: [User]!' + if (field.type && + field.type.kind && + field.type.kind === NON_NULL_TYPE && + field.type.type && + field.type.type.kind && + field.type.type.kind === LIST_TYPE && + field.type.type.type && + field.type.type.type.kind && + field.type.type.type.kind === NAMED_TYPE && + field.type.type.type.name && + field.type.type.type.name.kind && + field.type.type.type.name.kind === NAME && + field.type.type.type.name.value){ + + if (field.type.type.type.name.value === STRING) + return LIST_OF_STRINGS; + + if (field.type.type.type.name.value === USER) + return LIST_OF_USERS; + + } + + // pattern: 'coauthors: [User!]' + if (field.type && + field.type.kind && + field.type.kind === LIST_TYPE && + field.type.type && + field.type.type.kind && + field.type.type.kind === NON_NULL_TYPE && + field.type.type.type && + field.type.type.type.kind && + field.type.type.type.kind === NAMED_TYPE && + field.type.type.type.name && + field.type.type.type.name.kind && + field.type.type.type.name.kind === NAME && + field.type.type.type.name.value){ + + if (field.type.type.type.name.value === STRING) + return LIST_OF_STRINGS; + + if (field.type.type.type.name.value === USER) + return LIST_OF_USERS; + } + + // pattern: 'coauthors: [User!]!' + if (field.type && + field.type.kind && + field.type.kind === NON_NULL_TYPE && + field.type.type && + field.type.type.kind && + field.type.type.kind === LIST_TYPE && + field.type.type.type && + field.type.type.type.kind && + field.type.type.type.kind === NON_NULL_TYPE && + field.type.type.type.type && + field.type.type.type.type.kind && + field.type.type.type.type.kind === NAMED_TYPE && + field.type.type.type.type.name && + field.type.type.type.type.name.kind && + field.type.type.type.type.name.kind === NAME && + field.type.type.type.type.name.value){ + + if (field.type.type.type.type.name.value === STRING) + return LIST_OF_STRINGS; + + if (field.type.type.type.type.name.value === USER) + return LIST_OF_USERS; + + } + + return null; +} + +/* + * prepare roles for code generator + * convert array to String value + * replace " by ' + * @param {array} role + * @return {string} roleString + */ +function prep ( role ) { + return JSON.stringify(role).replace(/\"/g, "'"); +} + +/* + * generate authorization code for mode readOne + * @param {boolean} authorize + * @param {string} typeName + * @param {string} userRoles + * @param {string} docRoles + * @return {string} generatedCode + */ +function generateAuthCodeModeReadOne ( authorize = false, typeName = '', userRoles = [], docRoles = [] ){ + // default code + let generatedCode = `const { me } = context; + that.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids))`; + + // with @authorize directive + if (authorize){ + + if (typeName === 'user') { + // User has to come from current class context + generatedCode = `const { me } = context; + const authQuery = queryForRoles(me, ${prep(userRoles)}, ${prep(docRoles)}, { User }, authlog('${typeName} findOneById', 'readOne', me)); + that.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery));`; + } else { + // User has to come from this.context.User + generatedCode = `const { me, User } = context; + const authQuery = queryForRoles(me, ${prep(userRoles)}, ${prep(docRoles)}, { User }, authlog('${typeName} findOneById', 'readOne', me)); + that.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery));`; + } + + } + + return generatedCode; +} + +/* + * generate authorization code for mode readMany + * @param {boolean} authorize + * @param {string} typeName + * @param {string} userRoles + * @param {string} docRoles + * @return {string} generatedCode + */ +function generateAuthCodeModeReadMany ( authorize = false, typeName = '', userRoles = [], docRoles = [] ){ + // default code + let generatedCode = `const finalQuery = {...baseQuery, createdAt: { $gt: lastCreatedAt } };`; + + // with @authorize directive + if (authorize){ + generatedCode = `const authQuery = queryForRoles(me, ${prep(userRoles)}, ${prep(docRoles)}, { User: this.context.User }, authlog(resolver, 'readMany', me)); + const finalQuery = {...baseQuery, ...authQuery, createdAt: { $gt: lastCreatedAt } };`; + } + + return generatedCode; +} + +/* + * generate authorization code for mode create + * @param {boolean} authorize + * @param {string} typeName + * @param {string} userRoles + * @param {string} docRoles + * @return {string} generatedCode + */ +function generateAuthCodeModeCreate ( authorize = false, typeName = '', userRoles = [], docRoles = [], roleFieldName = null ){ + // default code + let generatedCode = ``; + + // with @authorize directive + if (authorize){ + + if (typeName === 'user') { + // protectFields only on the user type + // if the fields are filled, than convert them to proper strings, otherwise set them to null + // take the first userRole into the protectFields as a suggestion to the programmer, + // assuming this is the most important role, with higher authorization (see in README.md) + const firstUserRole = userRoles.length > 0 && userRoles[0] ? `'${userRoles[0]}'` : null; + const roleField = roleFieldName ? `'${roleFieldName}'` : null; + generatedCode = `checkAuthDoc(docToInsert, me, ${prep(userRoles)}, ${prep(docRoles)}, { User: this.context.User }, authlog(resolver, 'create', me)); + docToInsert = protectFields(me, [${firstUserRole}], [${roleField}], docToInsert, { User: this.context.User });`; + } else { + // without protectFields + generatedCode = `checkAuthDoc(docToInsert, me, ${prep(userRoles)}, ${prep(docRoles)}, { User: this.context.User }, authlog(resolver, 'create', me));`; + } + + } + + return generatedCode; +} + +/* + * generate authorization code for mode update + * @param {boolean} authorize + * @param {string} typeName + * @param {string} userRoles + * @param {string} docRoles + * @return {string} generatedCode + */ +function generateAuthCodeModeUpdate ( authorize = false, typeName = '', userRoles = [], docRoles = [], roleFieldName = null ){ + // default code + let generatedCode = `const finalQuery = {...baseQuery};`; + + // with @authorize directive + if (authorize){ + + if (typeName === 'user') { + // protectFields only on the user type + // if the fields are filled, than convert them to proper strings, otherwise set them to null + // take the first userRole into the protectFields as a suggestion to the programmer, + // assuming this is the most important role, with higher authorization (see in README.md) + const firstUserRole = userRoles.length > 0 && userRoles[0] ? `'${userRoles[0]}'` : null; + const roleField = roleFieldName ? `'${roleFieldName}'` : null; + generatedCode = `const authQuery = queryForRoles(me, ${prep(userRoles)}, ${prep(docRoles)}, { User: this.context.User }, authlog(resolver, 'update', me)); + const finalQuery = {...baseQuery, ...authQuery}; + docToUpdate.$set = protectFields(me, [${firstUserRole}], [${roleField}], docToUpdate.$set, { User: this.context.User });`; + } else { + // without protectFields + generatedCode = `const authQuery = queryForRoles(me, ${prep(userRoles)}, ${prep(docRoles)}, { User: this.context.User }, authlog(resolver, 'update', me)); + const finalQuery = {...baseQuery, ...authQuery};`; + } + + } + + return generatedCode; +} + +/* + * generate authorization code for mode delete + * @param {boolean} authorize + * @param {string} typeName + * @param {string} userRoles + * @param {string} docRoles + * @return {string} generatedCode + */ +function generateAuthCodeModeDelete ( authorize = false, typeName = '', userRoles = [], docRoles = [] ){ + // default code + let generatedCode = `const finalQuery = {...baseQuery};`; + + // with @authorize directive + if (authorize){ + generatedCode = `const authQuery = queryForRoles(me, ${prep(userRoles)}, ${prep(docRoles)}, { User: this.context.User }, authlog(resolver, 'delete', me)); + const finalQuery = {...baseQuery, ...authQuery};`; + } + + return generatedCode; +} + +/* + * generate createdBy method + * @param {boolean} authorize + * @param {string} typeName + * @return {string} generatedCode + */ +function generateCreatedBy ( authorize = false, typeName = '' ){ + // default code + let generatedCode = ``; + + // with @authorize directive: means there must be a User type + if (authorize){ + generatedCode = `createdBy(${typeName}, me, resolver) { + return this.context.User.findOneById(${typeName}.createdById, me, resolver); + }`; + } + + return generatedCode; +} + +/* + * generate updatedBy method + * @param {boolean} authorize + * @param {string} typeName + * @return {string} generatedCode + */ +function generateUpdatedBy ( authorize = false, typeName = '' ){ + // default code + let generatedCode = ``; + + // with @authorize directive: means there must be a User type + if (authorize){ + generatedCode = `updatedBy(${typeName}, me, resolver) { + return this.context.User.findOneById(${typeName}.updatedById, me, resolver); + }`; + } + + return generatedCode; +} + +/* + * generate updatedBy method + * @param {boolean} authorize + * @param {string} typeName + * @return {string} generatedCode + */ +function generateAuthRoleDefinition ( authorize, typeName ){ + // default code + let generatedCode = ``; + + // with @authorize directive: means there must be a User type + if (authorize && typeName === 'user'){ + generatedCode = ` + this.authRole = User.authRole;`; + } + + return generatedCode; +} + +/* + * generate authRole() method + * @param {boolean} authorize + * @param {string} typeName + * @return {string} generatedCode + */ + function generateAuthRoleMethod ( authorize, typeName, roleFieldName ){ + // default code + let generatedCode = ``; + + // with @authorize directive: means there must be a User type + if (authorize && roleFieldName !== '' && typeName === 'user'){ + generatedCode = ` + static authRole(${typeName}){ + return (${typeName} && ${typeName}.${roleFieldName}) ? ${typeName}.${roleFieldName} : null; + } + `; + } + + return generatedCode; +} diff --git a/generate/model/index.js b/generate/model/index.js index cfbb1cb..1015b3e 100644 --- a/generate/model/index.js +++ b/generate/model/index.js @@ -4,6 +4,7 @@ import { print } from 'recast'; import { templateToAst } from '../read'; import { lcFirst } from '../util/capitalization'; import generatePerField from '../util/generatePerField'; +import { generateAuthorizationCode } from '../authorize'; function read(name) { return fs.readFileSync(`${__dirname}/templates/${name}.js.template`, 'utf8'); @@ -34,10 +35,9 @@ function buildAst(template, { }); } - const generators = { - base({ typeName, TypeName }) { - return templateToAst(templates.base, { typeName, TypeName }); + base(replacements) { + return templateToAst(templates.base, replacements) }, belongsTo(replacements) { return buildAst(templates.singularAssociation, replacements); @@ -78,15 +78,21 @@ export function generateModelAst(inputSchema) { const TypeName = type.name.value; const typeName = lcFirst(TypeName); - const ast = generators.base({ TypeName, typeName }); + const ast = generators.base({ + TypeName, + typeName, + ...generateAuthorizationCode( typeName, inputSchema ) + }); // XXX: rather than hardcoding in array indices it would be less brittle to // walk the tree using https://github.com/benjamn/ast-types - const classMethodsAst = ast.program.body[2] // export - .declaration // class declaration + // find: 'ExportDefaultDeclaration' + const classMethodsAst = ast.program.body[3] + // find class declaration + .declaration .body.body; - const findOneMethod = classMethodsAst.find(m => m.key.name === 'all'); + const findOneMethod = classMethodsAst.find(m => m.key.name === 'find'); let nextIndex = classMethodsAst.indexOf(findOneMethod) + 1; diff --git a/generate/model/templates/base.js.template b/generate/model/templates/base.js.template index 0d5d4c2..a022aaf 100644 --- a/generate/model/templates/base.js.template +++ b/generate/model/templates/base.js.template @@ -1,49 +1,89 @@ import DataLoader from 'dataloader'; -import findByIds from 'mongo-find-by-ids'; +import { findByIds, queryForRoles, getLogFilename, logger, authlog, checkAuthDoc, protectFields } from 'create-graphql-server-authorization'; +const log = logger(getLogFilename()); export default class TypeName { constructor(context) { this.context = context; this.collection = context.db.collection('typeName'); - this.pubsub = context.pubsub; - this.loader = new DataLoader(ids => findByIds(this.collection, ids)); + this.pubsub = context.pubsub;generateAuthRoleDefinition + const that = this; + try { + generateAuthCodeModeReadOne + } catch (err) { log.error(err.message); } } - - findOneById(id) { - return this.loader.load(id); + generateAuthRoleMethod + async findOneById(id, me, resolver) { + try { + if (!this.authorizedLoader) return null; + return await this.authorizedLoader.load(id); + } catch (err) { log.error(err.message); } } - all({ lastCreatedAt = 0, limit = 10 }) { - return this.collection.find({ - createdAt: { $gt: lastCreatedAt }, - }).sort({ createdAt: 1 }).limit(limit).toArray(); + find({ lastCreatedAt = 0, limit = 10, baseQuery = {} }, me, resolver) { + try { + generateAuthCodeModeReadMany + return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + } catch (err) { log.error(err.message); } } - async insert(doc) { - const docToInsert = Object.assign({}, doc, { - createdAt: Date.now(), - updatedAt: Date.now(), - }); - const id = (await this.collection.insertOne(docToInsert)).insertedId; - this.pubsub.publish('typeNameInserted', await this.findOneById(id)); - return id; - } + generateCreatedBy + + generateUpdatedBy - async updateById(id, doc) { - const ret = await this.collection.update({ _id: id }, { - $set: Object.assign({}, doc, { + async insert(doc, me, resolver) { + try { + let docToInsert = Object.assign({}, doc, { + createdAt: Date.now(), updatedAt: Date.now(), - }), - }); - this.loader.clear(id); - this.pubsub.publish('typeNameUpdated', await this.findOneById(id)); - return ret; + createdById: (me && me._id) ? me._id : 'unknown', + updatedById: (me && me._id) ? me._id : 'unknown', + }); + generateAuthCodeModeCreate + const id = (await this.collection.insertOne(docToInsert)).insertedId; + if (!id) { + throw new Error(`insert typeName not possible.`); + } + log.debug(`inserted typeName ${id}.`); + const insertedDoc = this.findOneById(id, me, 'pubsub typeNameInserted'); + this.pubsub.publish('typeNameInserted', insertedDoc); + return insertedDoc; + } catch (err) { log.error(err.message); } } - async removeById(id) { - const ret = this.collection.remove({ _id: id }); - this.loader.clear(id); - this.pubsub.publish('typeNameRemoved', id); - return ret; + async updateById(id, doc, me, resolver) { + try { + let docToUpdate = {$set: Object.assign({}, doc, { + updatedAt: Date.now(), + updatedById: (me && me._id) ? me._id : 'unknown', + })}; + const baseQuery = {_id: id}; + generateAuthCodeModeUpdate + const result = await this.collection.updateOne(finalQuery, docToUpdate); + if (result.result.ok !== 1 || result.result.n !== 1){ + throw new Error(`update typeName not possible for ${id}.`); + } + log.debug(`updated typeName ${id}.`); + this.authorizedLoader.clear(id); + const updatedDoc = this.findOneById(id, me, 'pubsub typeNameUpdated'); + this.pubsub.publish('typeNameUpdated', updatedDoc); + return updatedDoc; + } catch (err) { log.error(err.message); } } + + async removeById(id, me, resolver) { + try { + const baseQuery = {_id: id}; + generateAuthCodeModeDelete + const result = await this.collection.remove(finalQuery); + if (result.result.ok !== 1 || result.result.n !== 1){ + throw new Error(`remove typeName not possible for ${id}.`); + } + log.debug(`removed typeName ${id}.`); + this.authorizedLoader.clear(id); + this.pubsub.publish('typeNameRemoved', id); + return result; + } catch (err) { log.error(err.message); } + } + } diff --git a/generate/model/templates/paginatedAssociation.js.template b/generate/model/templates/paginatedAssociation.js.template index f5b948d..1670651 100644 --- a/generate/model/templates/paginatedAssociation.js.template +++ b/generate/model/templates/paginatedAssociation.js.template @@ -1,9 +1,7 @@ class PaginatedAssociation { - fieldName(typeName, argsStr) { - return this.context.ReturnTypeName.collection.find({ - query, - createdAt: { $gt: lastCreatedAt }, - }).sort({ createdAt: 1 }).limit(limit).toArray(); + fieldName(typeName, argsStr, me, resolver) { + const baseQuery = { query }; + return this.context.ReturnTypeName.find({ lastCreatedAt, limit, baseQuery }, me, resolver); } - + } diff --git a/generate/model/templates/singularAssociation.js.template b/generate/model/templates/singularAssociation.js.template index 4e6c0a2..669ad91 100644 --- a/generate/model/templates/singularAssociation.js.template +++ b/generate/model/templates/singularAssociation.js.template @@ -1,6 +1,6 @@ class SingularAssociation { - fieldName(typeName) { - return this.context.ReturnTypeName.findOneById(typeName.fieldNameId); + fieldName(typeName, me, resolver) { + return this.context.ReturnTypeName.findOneById(typeName.fieldNameId, me, resolver); } } diff --git a/generate/read.js b/generate/read.js index 97e2f1c..8fe94a2 100644 --- a/generate/read.js +++ b/generate/read.js @@ -9,7 +9,12 @@ export default function readInput(path) { const babylonParser = { parse(code) { - return babylon.parse(code, { sourceType: 'module' }); + return babylon.parse(code, { + sourceType: 'module', + plugins: [ + 'objectRestSpread' + ] + }); }, }; diff --git a/generate/resolvers/index.js b/generate/resolvers/index.js index b983b3c..c9b870d 100644 --- a/generate/resolvers/index.js +++ b/generate/resolvers/index.js @@ -4,6 +4,7 @@ import { print } from 'recast'; import { templateToAst } from '../read'; import generatePerField from '../util/generatePerField'; import { lcFirst } from '../util/capitalization'; +import { isAuthorizeDirectiveDefined } from '../authorize'; function read(name) { return fs.readFileSync(`${__dirname}/templates/${name}.js.template`, 'utf8'); diff --git a/generate/resolvers/templates/base.js.template b/generate/resolvers/templates/base.js.template index 158c416..19472f6 100644 --- a/generate/resolvers/templates/base.js.template +++ b/generate/resolvers/templates/base.js.template @@ -3,29 +3,35 @@ const resolvers = { id(typeName) { return typeName._id; }, + + createdBy(typeName, args, { TypeName, me }) { + return TypeName.createdBy(typeName, me, 'typeName createdBy'); + }, + + updatedBy(typeName, args, { TypeName, me }) { + return TypeName.updatedBy(typeName, me, 'typeName updatedBy'); + }, }, Query: { - typeNames(root, { lastCreatedAt, limit }, { TypeName }) { - return TypeName.all({ lastCreatedAt, limit }); + typeNames(root, { lastCreatedAt, limit }, { TypeName, me }) { + return TypeName.find({ lastCreatedAt, limit }, me, 'typeNames'); }, - typeName(root, { id }, { TypeName }) { - return TypeName.findOneById(id); + typeName(root, { id }, { TypeName, me }) { + return TypeName.findOneById(id, me, 'typeName'); }, }, Mutation: { - async createTypeName(root, { input }, { TypeName }) { - const id = await TypeName.insert(input); - return TypeName.findOneById(id); + async createTypeName(root, { input }, { TypeName, me }) { + return await TypeName.insert(input, me, 'createTypeName'); }, - async updateTypeName(root, { id, input }, { TypeName }) { - await TypeName.updateById(id, input); - return TypeName.findOneById(id); + async updateTypeName(root, { id, input }, { TypeName, me }) { + return await TypeName.updateById(id, input, me, 'updateTypeName'); }, - removeTypeName(root, { id }, { TypeName }) { - return TypeName.removeById(id); + async removeTypeName(root, { id }, { TypeName, me }) { + return await TypeName.removeById(id, me, 'removeTypeName'); }, }, Subscription: { diff --git a/generate/resolvers/templates/fieldOfType.js.template b/generate/resolvers/templates/fieldOfType.js.template index fc74321..45e2c3f 100644 --- a/generate/resolvers/templates/fieldOfType.js.template +++ b/generate/resolvers/templates/fieldOfType.js.template @@ -1,5 +1,5 @@ const fieldOfType = { - fieldName(typeName, argsStr, { TypeName }) { - return TypeName.fieldName(typeName); + fieldName(typeName, argsStr, { TypeName, me }) { + return TypeName.fieldName(typeName, me, 'typeName fieldName'); }, }; diff --git a/generate/resolvers/templates/paginatedField.js.template b/generate/resolvers/templates/paginatedField.js.template index 1850e56..44f3387 100644 --- a/generate/resolvers/templates/paginatedField.js.template +++ b/generate/resolvers/templates/paginatedField.js.template @@ -1,5 +1,5 @@ const paginatedField = { - fieldName(typeName, argsStr, { TypeName }) { - return TypeName.fieldName(typeName, argsStr); + fieldName(typeName, argsStr, { TypeName, me }) { + return TypeName.fieldName(typeName, argsStr, me, 'typeName fieldName'); }, }; diff --git a/generate/schema/index.js b/generate/schema/index.js index 2ef641d..d232f8f 100644 --- a/generate/schema/index.js +++ b/generate/schema/index.js @@ -10,12 +10,17 @@ import { addPaginationArguments, applyCustomDirectives, idArgument, + isScalarField, SCALAR_TYPE_NAMES, } from '../util/graphql'; +import { isAuthorizeDirectiveDefined } from '../authorize'; + /* eslint-disable no-param-reassign */ export default function generateSchema(inputSchema) { + + debugger; // Check that the input looks like we expect -- a single ObjectType definition assert(inputSchema.kind === 'Document'); assert(inputSchema.definitions.length === 1); @@ -24,6 +29,7 @@ export default function generateSchema(inputSchema) { const type = outputSchema.definitions[0]; const typeName = type.name.value; + const authorize = isAuthorizeDirectiveDefined(outputSchema); const createInputFields = []; const updateInputFields = []; @@ -31,8 +37,8 @@ export default function generateSchema(inputSchema) { const directivesByName = {}; field.directives.forEach((directive) => { directivesByName[directive.name.value] = directive; - applyCustomDirectives(field); }); + applyCustomDirectives(field); // XXX: Not sure if this the correct logic but it makes my tests pass // TODO: check for @unmodifiable @@ -58,6 +64,31 @@ export default function generateSchema(inputSchema) { } } + if (possibleInputType.kind === 'ListType') { + + if (possibleInputType.type.kind === 'NonNullType') { + possibleInputType = possibleInputType.type; + inputTypeModifier = '!'; + } + + if (possibleInputType.type.kind === 'NamedType') { + possibleInputType = possibleInputType.type; + } + + const isScalarField = includes(SCALAR_TYPE_NAMES, possibleInputType.name.value); + let inputField; + if (isScalarField || !!directivesByName.enum) { + inputField = `[${field}]`; + } else { + inputField = buildField(`${field.name.value}Ids`, [], `[ObjID${inputTypeModifier}]`); + } + + createInputFields.push(inputField); + if (!directivesByName.unmodifiable) { + updateInputFields.push(inputField); + } + } + field.directives = []; }); @@ -65,6 +96,13 @@ export default function generateSchema(inputSchema) { type.fields.push(buildField('createdAt', [], 'Float!')); type.fields.push(buildField('updatedAt', [], 'Float!')); + // for safety reasons: + // only with @authorize we know that there is a "User" type defined + if (authorize){ + type.fields.push(buildField('createdBy', [], 'User')); + type.fields.push(buildField('updatedBy', [], 'User')); + } + const queryOneField = buildField(typeName.toLowerCase(), [idArgument()], typeName); const queryAllField = buildField(`${typeName.toLowerCase()}s`, [], `[${typeName}!]`); addPaginationArguments(queryAllField); diff --git a/skel/.gitignore b/skel/.gitignore index 50ffcff..04d877b 100644 --- a/skel/.gitignore +++ b/skel/.gitignore @@ -1,3 +1,7 @@ node_modules /db /input +log/all-logs-readable.log +.DS_Store +log/ +yarn-error.log diff --git a/skel/README.md b/skel/README.md new file mode 100644 index 0000000..36e0e12 --- /dev/null +++ b/skel/README.md @@ -0,0 +1,1099 @@ +# create-graphql-server +This is a generated create-graphql-server app. + +* Authentication: Identifies an user +* Authorization: Defines all actions a user is allowed to perform + +## Implementing Authentication +The authentication is performed in those locations: +* ./server/index.js +* ./server/authenticate.js +* ./model/index.js + +### ./server/index.js +In the server, the database is started, and the UserCollection is defined. That's where the server accesses the user documents in the database. + +In ```js authenticate(app, UserCollection)``` the authentication is prepared and processed. Later, if a user sends a 'graphql' request, the user is determined with ```js passport.authenticate(...)```. After that, the user is whether an anonymous user or an authenticated user. You find the identified user in the object "me". Then the type models have to be initialized with the user "me" authorizations: ```js req.context = addModelsToContext({... me ...})```. + +```javascript +... +async function startServer() { + log.info('Logger started'); + + const db = await MongoClient.connect(MONGO_URL); + const UserCollection = db.collection('user'); + + const app = express().use('*', cors()); + app.use(bodyParser.urlencoded({ extended: true })); + app.use(bodyParser.json()); + app.use(morgan("dev", { "stream": stream })); + + authenticate(app, UserCollection); + + app.use('/graphql', (req, res, next) => { + passport.authenticate('jwt', { session: false }, (err, me) => { + req.context = addModelsToContext({ db, pubsub, me, UserCollection }); + graphqlExpress(() => { + // Get the query, the same way express-graphql does it + // https://github.com/graphql/express-graphql/blob/3fa6e68582d6d933d37fa9e841da5d2aa39261cd/src/index.js#L257 + const {variables, operationName} = req.body; + const {_id, username, role} = me; + const query = req.query.query || req.body.query; + log.debug('-'.repeat(80)); + log.debug(`Request:\nUser: "${(username) ? username: ''}", role: "${(role) ? role : ''}", id: "${(_id) ? _id : ''}",\nOperation: "${operationName ? operationName : ''}", variables: "${variables ? JSON.stringify(variables) : ''}",\nQuery:\n${print(parse(query))}`); + if (query && query.length > 4000) { + // None of our app's queries are this long + // Probably indicates someone trying to send an overly expensive query + log.error('Query too large.'); + throw new Error('Query too large.'); + } + return { + schema, + context: Object.assign({ me }, req.context), + debug: true, + formatError(e) { + console.log(e); + return e; + }, + }; + })(req, res, next); + })(req, res, next); + }); + ... +} +``` + +By-the-way: The server/index.js is able to access the User collection directly by the following two lines. This is used in the server/authenticate.js during authenticate. +```js +... +const UserCollection = db.collection('user'); +... +authenticate(app, UserCollection); +... +``` + +### ./model/index.js +If there is a User model generated, then we load it as the first model. It defines the model, which will be used in the other models as well, to perform the authorization checks. + +```javascript +const models = {}; + +export default function addModelsToContext(context) { + const newContext = Object.assign({}, context); + + // User model has to be first, to initialize the other models with correct authorizations + if (models['User']){ + newContext['User'] = new models['User'](newContext); + } + + Object.keys(models).forEach((key) => { + if (key !== 'User') newContext[key] = new models[key](newContext); + }); + return newContext; +} + +import Tweet from './Tweet'; +models.Tweet = Tweet; + +import User from './User'; +models.User = User; +``` + +### ./server/authenticate.js +Here, the real identification of an user is performed. After a user requested a '/login' url with user and password. The user's email is searched in the database. If it is there, it checks if the user's encrypted hash is equal to the encrypted password. If so, a user is identified and a JWT token is generated and transfered back to the requesting user. This JWT token is usually stored in the client's browsers local storage and added to the next call in the Authorization header. With all the next requests of that user, he sends an header like... +```javacript +authorization JWT calculated.JWT.token +``` +This JWT token is decrypted with an internal secret KEY to get the user id. This user is then read from the cache/database within userFromPayload and returned to the request as the user object "me", which is then used in all "/graphql" calls. + +```javascript +import passport from 'passport'; +import { Strategy, ExtractJwt } from 'passport-jwt'; +import jwt from 'jwt-simple'; +import { ObjectId } from 'mongodb'; +import nodeify from 'nodeify'; +import bcrypt from 'bcrypt'; +import DataLoader from 'dataloader'; +import { findByIds } from 'create-graphql-server-authorization'; + +const KEY = 'test-key'; +let Loader; + +async function userFromPayload(request, jwtPayload) { + if (!jwtPayload.userId) { + throw new Error('No userId in JWT'); + } + return await Loader.load(ObjectId(jwtPayload.userId)); +} + +passport.use(new Strategy({ + jwtFromRequest: ExtractJwt.fromAuthHeader(), + secretOrKey: KEY, + passReqToCallback: true, +}, (request, jwtPayload, done) => { + nodeify(userFromPayload(request, jwtPayload), done); +})); + +export default function addPassport(app, User) { + Loader = new DataLoader(ids => findByIds(User, ids)); + + app.use(passport.initialize()); + + app.post('/login', async (req, res, next) => { + try { + const { email, password } = req.body; + + if (!email || !password) { + throw new Error('Username or password not set on request'); + } + + const user = await User.findOne({ email }); + if (!user || !(await bcrypt.compare(password, user.hash))) { + throw new Error('User not found matching email/password combination'); + } + + const payload = { + userId: user._id.toString(), + }; + + const token = jwt.encode(payload, KEY); + res.json({ token }); + } catch (e) { + next(e); + } + }); +} +``` + +## Implementing Authorizations +Use the @authorize directive in a \.graphql input file, to define which authorizations should be generated by create-graphql-server. You can define user-roles and document-roles to control authorizations. + +* user-roles: e.g. User.role = "admin", all admins are allowed to do create, read, update, delete,... +* document-roles: e.g. Tweet.authorId = User._id, only authors are allowed to create, update, delete a document + +Use the following syntax for the Tweet.graphql input file:: +```javascript +type Tweet + +@authorize( + admin: ["create", "read", "update", "delete"], + author: ["create", "read", "update", "delete"], + coauthors: ["read", "update"], + world: ["read"] +) + +{ + author: User! @unmodifiable @belongsTo @authRole("author") + coauthors: [User] @belongsTo @authRole("coauthors") + body: String! + + likers: [User!] @hasAndBelongsToMany(as: "liked") +} +``` + +This has the following meaning: +* user-roles: "admin", "world" are created. (user-roles don't have own fields of type User or [User] in the document). + Thus it will check, if the logged in user has a role "admin". Or if there is a special role "world", which just means every known or unknown user is allowed. For "world" authorization you don't have to be logged in. + So each "admin" user will be able to create, read, update or delete the Tweet document. + Everyone ("world") will be allowed to read all Tweets. +* document-roles: "author", "coauthors" are created. (Document-roles have a corresponding field in the document.) + Look for the fields with the directive @authRole("...") + Only the author of a Tweet is allowed to create, read, update, delete its single Tweet. + Only a coauthor of a Tweet is allowed to read and update a Tweet, but he is not allowed to create a Tweet for a different author, and also not to delete a tweet of a different user. + +and for the User.graphql input file: +```javascript +type User + +@authorize( + admin: ["create", "read", "update", "delete"] + this: ["read", "update", "delete"] +) + +{ + role: String @authRole("admin") + username: String! + + bio: String + notify: Boolean + + tweets(minLikes: Int): [Tweet!] @hasMany(as: "author") + liked: [Tweet!] @belongsToMany + + following: [User!] @belongsToMany + followers: [User!] @hasAndBelongsToMany(as: "following") +} +``` + +This has the following meaning: +* user-role: "admin", is created. (user roles don't have own fields of type User or [User] in the document) + It is a String field with: **role: String! @authRole("admin")** + This will check, if the logged in user has a role "admin". + So each "admin" user will be able to create, read, update or delete any User document. +* document-role: "this", is created (document roles have own fields in the document, but this is a special case for the field _id, which is not shown in the input type, but will be generated in the later schema file.) + Only the user id of "this" meaning _id is allowed to readOne, update, delete its single User document. + +** Caution ** +A default security rule is applied to the User's role field: Not every user should be allowed, to upgrade himself to a super user. So we added an additional opinionated security rule: The first userRole in the User's @authorize directive, is assumed to be the most important userRole with highest authorizations. So as a suggestion, it protects the User authRole field. Only the first mentioned userRole is allowed, to create and to update this authRole field. (Have a look in the generated model/User.js in the create/update mutation. There you will see a protectField function, which receives two arguments: The first mentioned userRole, and the authRole field. Feel free to adjust the generated userRoles in the code to your specific needs. This is only a suggestion.) + +** Caution ** +To keep authorization easy, there is only one authRole field allowed, to store all the different userRoles in the User type. But you are free to add as many userRoles you require to this authRole field: + +Example: +```javascript +role: String @authRole(for: ["super-admin", "admin"]) +``` + +You are free to add as many docRoles and docRoles authRole directives as you require. + +Use create-graphql-server command to generate the according schema, resolver, model files with the create-graphql-server command line interface. After its generation, you will find the generated files in the sub folders: schema, resolvers, model. The generated model files will use the following functions to implement the authorization logic. + +### model.js +This is an example of a database model of type . + +```javascript +import DataLoader from 'dataloader'; +import { findByIds, queryForRoles, getLogFilename, logger, authlog, checkAuthDoc } from 'create-graphql-server-authorization'; +const log = logger(getLogFilename()); + +export default class { + constructor(context) { + this.context = context; + this.collection = context.db.collection(''); + this.pubsub = context.pubsub; + let authQuery; + try { + const { me, User } = context; + authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User }, authlog(' findOneById', 'readOne', me)); + } catch (err) { + log.error(err.message); + authQuery = {_id: false}; // otherwise admin access + } + this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); + } + + async findOneById(id, me, resolver) { + try { + return await this.authorizedLoader.load(id); + } catch (err) { log.error(err.message); } + } + + find({ lastCreatedAt = 0, limit = 10, baseQuery = {} }, me, resolver) { + try { + const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); + const finalQuery = {...baseQuery, ...authQuery, createdAt: { $gt: lastCreatedAt }}; + return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + } catch (err){ log.error(err.message); } + } +... +} +``` + +### ./model/Tweet.js +generated model file for the above input type Tweet.graphql considering the @authorize directive. You can see, the directive argument "read" is used to express "readOne" and "readMany" at the same time. Instead you can use "readOne" and "readMany" for fine grained control on read operations, to allow access to just one record or many records. +```javascript +import DataLoader from 'dataloader'; +import { findByIds, queryForRoles, getLogFilename, logger, authlog, checkAuthDoc } from 'create-graphql-server-authorization'; +const log = logger(getLogFilename()); + +export default class Tweet { + constructor(context) { + this.context = context; + this.collection = context.db.collection('tweet'); + this.pubsub = context.pubsub; + let authQuery; + try { + const { me, User } = context; + authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User }, authlog('tweet findOneById', 'readOne', me)); + } catch (err) { + log.error(err.message); + authQuery = {_id: false}; // otherwise admin access + } + this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); + } + + async findOneById(id, me, resolver) { + try { + return await this.authorizedLoader.load(id); + } catch (err) { log.error(err.message); } + } + + find({ lastCreatedAt = 0, limit = 10, baseQuery = {} }, me, resolver) { + try { + const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); + const finalQuery = {...baseQuery, ...authQuery, createdAt: { $gt: lastCreatedAt }}; + return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + } catch (err){ log.error(err.message); } + } + + createdBy(tweet, me, resolver) { + return this.context.User.findOneById(tweet.createdById, me, resolver); + } + + updatedBy(tweet, me, resolver) { + return this.context.User.findOneById(tweet.updatedById, me, resolver); + } + + author(tweet, me, resolver) { + return this.context.User.findOneById(tweet.authorId, me, resolver); + } + + coauthors(tweet, { lastCreatedAt = 0, limit = 10 }, me, resolver) { + const baseQuery = {_id: { $in: tweet.coauthorsIds } }; + return this.context.User.find({ lastCreatedAt, limit, baseQuery }, me, resolver); + } + + likers(tweet, { lastCreatedAt = 0, limit = 10 }, me, resolver) { + const baseQuery = {likedIds: tweet._id, createdAt: { $gt: lastCreatedAt } }; + return this.context.User.find({ lastCreatedAt, limit, baseQuery }, me, resolver); + } + + async insert(doc, me, resolver) { + try { + + let docToInsert = Object.assign({}, doc, { + createdAt: Date.now(), + updatedAt: Date.now(), + createdById: (me && me._id) ? me._id : 'unknown', + updatedById: (me && me._id) ? me._id : 'unknown', + }); + log.debug(JSON.stringify(docToInsert, null, 2)); + + checkAuthDoc(docToInsert, me, ['admin'], ['authorId'], { User: this.context.User }, authlog(resolver, 'create', me)); + const id = (await this.collection.insertOne(docToInsert)).insertedId; + if (!id) { + throw new Error(`insert tweet not possible.`); + } + + log.debug(`inserted tweet ${id}.`); + const insertedDoc = this.findOneById(id, me, 'pubsub tweetInserted'); + this.pubsub.publish('tweetInserted', insertedDoc); + return insertedDoc; + + } catch (err){ log.error(err.message); } + } + + async updateById(id, doc, me, resolver) { + try { + + let docToUpdate = {$set: Object.assign({}, doc, { + updatedAt: Date.now(), + updatedById: (me && me._id) ? me._id : 'unknown', + })}; + + const baseQuery = {_id: id}; + const authQuery = queryForRoles(me, ['admin'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'update', me)); + const finalQuery = {...baseQuery, ...authQuery}; + const result = await this.collection.updateOne(finalQuery, docToUpdate); + if (result.result.ok !== 1 || result.result.n !== 1){ + throw new Error(`update tweet not possible for ${id}.`); + } + + log.debug(`updated tweet ${id}.`); + this.authorizedLoader.clear(id); + const updatedDoc = this.findOneById(id, me, 'pubsub tweetUpdated'); + this.pubsub.publish('tweetUpdated', updatedDoc); + return updatedDoc; + + } catch (err){ log.error(err.message); } + } + + async removeById(id, me, resolver) { + try { + + const baseQuery = {_id: id}; + const authQuery = queryForRoles(me, ['admin'], ['authorId'], { User: this.context.User }, authlog(resolver, 'delete', me)); + const finalQuery = {...baseQuery, ...authQuery}; + const result = await this.collection.remove(finalQuery); + if (result.result.ok !== 1 || result.result.n !== 1){ + throw new Error(`remove tweet not possible for ${id}.`); + } + + log.debug(`removed tweet ${id}.`); + this.authorizedLoader.clear(id); + this.pubsub.publish('tweetRemoved', id); + return result; + + } catch (err){ log.error(err.message); } + } +} +``` + +### ./model/User.js +generated model file for the above input type User.graphql considering the @authorize directive. +```javascript +import DataLoader from 'dataloader'; +import { findByIds, queryForRoles, getLogFilename, logger, authlog, checkAuthDoc, protectFields } from 'create-graphql-server-authorization'; +const log = logger(getLogFilename()); + +export default class User { + constructor(context) { + this.context = context; + this.collection = context.db.collection('user'); + this.pubsub = context.pubsub; + this.authRole = User.authRole; + let authQuery; + try { + const { me } = context; + authQuery = queryForRoles(me, ['admin'], ['_id'], { User }, authlog('user findOneById', 'readOne', me)); + } catch (err) { + log.error(err.message); + authQuery = {_id: false}; // otherwise admin access + } + this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); + } + + static authRole(user){ + return (user && user.role) ? user.role : null; + } + + async findOneById(id, me, resolver) { + try { + return await this.authorizedLoader.load(id); + } catch (err) { log.error(err.message); } + } + + find({ lastCreatedAt = 0, limit = 10, baseQuery = { createdAt: { $gt: lastCreatedAt } } }, me, resolver) { + try { + const authQuery = queryForRoles(me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'readMany', me)); + const finalQuery = {...baseQuery, ...authQuery}; + return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); + } catch (err) { log.error(err.message); } + } + + tweets(user, { minLikes, lastCreatedAt = 0, limit = 10 }, me, resolver) { + const baseQuery = { authorId: user._id, createdAt: { $gt: lastCreatedAt } }; + return this.context.Tweet.find({ lastCreatedAt, limit, baseQuery }, me, resolver); + } + + liked(user, { lastCreatedAt = 0, limit = 10 }, me, resolver) { + const baseQuery = { _id: { $in: user.likedIds || [] }, createdAt: { $gt: lastCreatedAt } }; + return this.context.Tweet.find({ lastCreatedAt, limit, baseQuery }, me, resolver); + } + + following(user, { lastCreatedAt = 0, limit = 10 }, me, resolver) { + const baseQuery = { _id: { $in: user.followingIds || [] }, createdAt: { $gt: lastCreatedAt } }; + return this.context.User.find({ lastCreatedAt, limit, baseQuery }, me, resolver); + } + + followers(user, { lastCreatedAt = 0, limit = 10 }, me, resolver) { + const baseQuery = { followingIds: user._id, createdAt: { $gt: lastCreatedAt } }; + return this.context.User.find({ lastCreatedAt, limit, baseQuery }, me, resolver); + } + + createdBy(user, me, resolver) { + return this.context.User.findOneById(user.createdById, me, resolver); + } + + updatedBy(user, me, resolver) { + return this.context.User.findOneById(user.updatedById, me, resolver); + } + + async insert(doc, me, resolver) { + try { + let docToInsert = Object.assign({}, doc, { + createdAt: Date.now(), + updatedAt: Date.now(), + createdById: (me && me._id) ? me._id : 'unknown', + updatedById: (me && me._id) ? me._id : 'unknown', + }); + checkAuthDoc(docToInsert, me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'create', me)); + docToInsert = protectFields(me, ['admin'], ['role'], docToInsert, { User: this.context.User }); + const id = (await this.collection.insertOne(docToInsert)).insertedId; + if (!id) { + throw new Error(`insert user not possible.`); + } + log.debug(`inserted user ${id}.`); + const insertedDoc = this.findOneById(id, me, 'pubsub userInserted'); + this.pubsub.publish('userInserted', insertedDoc); + return insertedDoc; + } catch (err) { log.error(err.message); } + } + + async updateById(id, doc, me, resolver) { + try { + let docToUpdate = {$set: Object.assign({}, doc, { + updatedAt: Date.now(), + updatedById: (me && me._id) ? me._id : 'unknown', + })}; + const baseQuery = {_id: id}; + const authQuery = queryForRoles(me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'update', me)); + const finalQuery = {...baseQuery, ...authQuery}; + docToUpdate.$set = protectFields(me, ['admin'], ['role'], docToUpdate.$set, { User: this.context.User }); + const result = await this.collection.updateOne(finalQuery, docToUpdate); + if (result.result.ok !== 1 || result.result.n !== 1){ + throw new Error(`update user not possible for ${id}.`); + } + log.debug(`updated user ${id}.`); + this.authorizedLoader.clear(id); + const updatedDoc = this.findOneById(id, me, 'pubsub userUpdated') + this.pubsub.publish('userUpdated', updatedDoc); + return updatedDoc; + } catch (err) { log.error(err.message); } + } + + async removeById(id, me, resolver) { + try { + const baseQuery = {_id: id}; + const authQuery = queryForRoles(me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'delete', me)); + const finalQuery = {...baseQuery, ...authQuery}; + const result = await this.collection.remove(finalQuery); + if (result.result.ok !== 1 || result.result.n !== 1){ + throw new Error(`remove user not possible for ${id}.`); + } + log.debug(`removed user ${id}.`); + this.authorizedLoader.clear(id); + this.pubsub.publish('userRemoved', id); + return result; + } catch (err) { log.error(err.message); } + } +} +``` + +As you can see in both model header lines, we are using a specialized npm package "create-graphql-server-authorization". + +## create-graphql-server-authorization +Install it with: +```bash +npm install create-graphql-server-authorization +``` +[Github: create-graphql-server-authorization](https://github.com/tobkle/create-graphql-server-authorization) + +This uses the following functions from that module: + +### function authlog +A logging function that understands "resolvers", "modes" and "users". Simple wrapper around whatever logging function we use. + +```javascript +/* + * Central logger for authorization checks + * @param {string} resolver + * @param {string} mode + * @param {object} me + * @return { + * debug {function}, + * error {function} + * } + */ +function authlog(resolver = "", mode = "", me = {}) { + const logFilename = getLogFilename(); + const log = logger(logFilename); + + const makeMessage = message => + `Authorize ${mode} "${resolver}" with user "${me.username + ? me.username + : ""}" ${message}`; + + return { + debug: message => { + const resultMessage = makeMessage(message); + log.debug(resultMessage); + return resultMessage; + }, + error: message => { + const resultMessage = makeMessage(message); + log.error(resultMessage); + throw new Error(makeMessage(message)); + } + }; +} +``` + +### function findByIds +This is an extended version of [mongo-find-by-ids](https://github.com/tmeasday/mongo-find-by-ids). +The enhancement is only to provide an additional authQuery object, to extend the query to meet additional authorizations. +```javascript +/* + * find a record by id (cached with dataloader) + * returns the record, cached if already read, checks authorization if set + * enhancement of tmeasday'findByIds + * @param {string, array} docRoleField + * @param {object} userId + * @return {boolean} foundUserId + */ +function findByIds(collection, ids = [], authQuery) { + const baseQuery = { _id: { $in: ids } }; + const finalQuery = { ...baseQuery, ...authQuery }; + return collection.find(finalQuery).toArray().then(docs => { + const idMap = {}; + docs.forEach(d => { + idMap[d._id] = d; + }); + return ids.map(id => idMap[id]); + }); +} + +module.exports = findByIds; +``` + +### function protectFields +Use function protectFields to protect single fields from access. Provide signed in user in "me", the authorized User roles for the protected field(s) - meaning the user who is allowed to access the field -, provide an array with protected fields, and the current document object, which is to be checked for protected fields and the User model context. + +```javascript +/* + * Protects a field based on authorizations + * @param {object} me + * @param {array} authorizedUserRoles + * @param {array} protectedFields + * @param {object} inputObject + * @param {object} User + * @return {object} result + */ +function protectFields( + me = {}, + authorizedUserRoles = [], + protectedFields = [], + inputObject = {}, + { User } = { User: dummyUserContext } +) { + // pure function + const result = Object.assign({}, inputObject); + + // getting role of current User + const role = User.authRole(me); + + // if user is not allowed to access specific fields, remove field from object... + if (!authorizedUserRoles.includes(role)) { + protectedFields.forEach(protectedField => { + if (result[protectedField]) delete result[protectedField]; + }); + } + + return result; +} +``` + +### function checkAuthDoc +Use function checkAuthDoc to check and get back the document. Especially used in insert operations, to figure out, if the toBeInsertedDoc is valid to be added by this userRole, docRole and action. + +```javascript +/* + * Returns an authorized document + * @param {object} doc + * @param {object} me + * @param {array} userRoles + * @param {array} docRoles + * @param {object} User + * @param {function} logger + * @return {object} doc + */ + +function checkAuthDoc( + doc = {}, + me = {}, + userRoles = [], + docRoles = [], + { User }, + logger = defaultLogger +) { + let resultDoc = Object.assign({}, doc); + + // get the User's role + const role = User.authRole(me); + + // check if userRole entitles current user for this action + if (userRoleAuthorized(me, userRoles, { User }, logger)) { + logger.debug(`and role: "${role}" is authorized by userRole.`); + return resultDoc; + } + + // check if docRole entitles current user for this document and action + let authorized = false; + docRoles.every(field => { + if ( + resultDoc[field] && + me._id && + fieldContainsUserId(resultDoc[field], me._id) + ) { + authorized = true; + } + }); + if (authorized) { + logger.debug(`and role: "${role}" is authorized by docRole.`); + return resultDoc; + } + + // Not Authorized, throw exception in logger.error + logger.error(`and role: "${role}" is not authorized.`); +} +``` + + +### function loggedIn +Use function loggedIn, to check if a user is logged in. + +```javascript +/* + * Checks if an user is logged in + * @param {object} me + * @return {boolean} loggedIn + */ + +function loggedIn(me) { + if (me && me._id && me._id.toString() !== "") { + return true; + } + return false; +} +``` + +### function queryForRoles +Use function queryForRoles to generate an authQuery object. + +It expects the following arguments: +```javascript +/* + * Prepare a query object for mongodb operations with authorization queries + * creates an authQuery object with additional query arguments, to implement authorization restrictions for mongodb access + * @param {object} me + * @param {array} userRoles + * @param {array} docRoles + * @param {object} inputObject + * @param {object} User + * @param {object} logger + * @return {object, exception} queryObject + * + * @example: const authQuery = queryForRoles(me, userRoles, docRoles, { User }, authlog(resolver, mode, me ) ); + */ +function queryForRoles( + me = {}, + userRoles = [], + docRoles = [], + { User } = { User: dummyUserContext }, + logger = defaultLogger +) { + // on insufficient authorization data, it cannot be authorized, throws exception + if (!User || !User.authRole || !me || (!userRoles && !docRoles)) + logger.error(` is not authorized, due to authorization data.`); + + // get current User's role + const role = User.authRole(me); + + // Build query for the case: The logged in user's role is authorized + if (userRoleAuthorized(me, userRoles, { User }, logger)) { + return {}; // empty authQuery means, do operation with no access restrictions + } + + // Build query for the case: The user is listed in any document field + const query = { $or: [] }; + // makes only sense, if user is logged in - otherwise no userId + if (loggedIn(me)) { + // prepare selection criterias as "authQuery" object + // for later mongodb "find(...baseQuery, ...authQuery)" + // ... AND ...{ field1 OR field2} + // which will be also considered during the database access + // as an "$or: [ { field1: userId}, { field2: userId} ]" + // with all document roles as fields for the later selection. + // At least one of those fields must match the userId, + // otherwise, whether no data found or not authorized to access data + docRoles.forEach(docRole => query.$or.push({ [docRole]: me._id })); + // return this authQuery only, if there was at least 1 field added + // otherwise it will result in an unlimited access + if (query.$or.length > 0) { + // for easier debugging write into the authorzation logs + logger.debug( + `and role: "${role ? role : ""}" with + authQuery: ${JSON.stringify(query, null, 2)}` + ); + // return the query as authQuery for later selection + return query; + } + } + + // Not Authorized - throw exception in logger.error + const message = `and role: "${role}" is not authorized.`; + logger.error(message); +} +``` + +It expects the following arguments with the meanings: +* **me:** this is the logged in user object out of the resolver's context +* **userRoles:** an array with userRoles, which was generated by the @authorize directives in the .graphql file +* **docRoles:** an array with docRoles, which was generated by the @authorize directives in the .graphql file +* **User:** User context to access the User model +* **logger:** logging function e.g. ```js authlog(resolver, mode, me) ``` + * **resolver:** this is a string with the resolver's name, optional, only for easier debugging + * **mode:** this is the current mode of operation: + * **create:** insert a record to the database + * **read:** read a record or many records from the database + * **readOne:** read only a single record from the database + * **readMany:** read many records from the the database + * **update:** update a record in the database + * **delete:** remove a record from the database + * **me:** the user object, who is executing the request, and who is checked for authorization + +### function userRoleAuthorized +This helper function is used by queryForRoles, and decides, if a user gains the authorization by its role. +For example: If a user has a field "role" in his user document and it contains the value "admin". So it checks if a user's role is admin, and allows all operations for admins. +```javascript +/* + * Is a user's role authorized for a document + * @param {object} me + * @param {array} userRoles + * @param {object} User + * @param {object} logger + * @return {boolean} authorized + */ + +// returns true, if the user's role is authorized for a document +function userRoleAuthorized( + me = {}, + userRoles = [], + { User } = { User: dummyUserContext }, + logger = defaultLogger +) { + // on insufficient authorization data, it cannot be authorized + if (!User || !User.authRole || !me || !userRoles) return false; + + // get current User's role + const role = User.authRole(me); + + // determine, if the given userRoles authorize the current User by its role + if ( + // userRole: "world" should authorize everyone - known and unknown users + userRoles.includes("world") || + // or there must be a userRole given, and current user must have a role + // and the current user's role must be in the given userRoles + (role && role !== "" && userRoles.length > 0 && userRoles.includes(role)) + ) { + // => authorized + logger.debug(`and role "${role ? role : ""}" is authorized`); + return true; + } + + // => not authorized + return false; +} +``` + +### function fieldContainsUserId +This helper function is used in the models and checks, if the provided field of types: array, object or string contains the userId. +```javascript +/* + * checks, if a field contains a user's id + * returns true, if a field of type array/object/string contains the userId + * @param {string, object, array} docRoleField + * @param {string, object} userId + * @return {boolean} foundUserId + */ +function fieldContainsUserId(docRoleField, compressedUserId) { + let found = false; + + // empty docRoleField is not a valid docRoleField + if (!docRoleField || docRoleField === "" || docRoleField.length === 0) + return false; + + // empty (compressed) userId is not a valid userId + if ( + !compressedUserId || + compressedUserId === "" || + compressedUserId.toString() === "" + ) + return false; + + // extract userId, if it is a mongoID field + const userId = extractUserId(compressedUserId); + + // empty (uncompressed) userId is not a valid userId + if (!userId || userId === "") return false; + + // docRoleField of type Array + if (_.isArray(docRoleField)) { + docRoleField.forEach(field => { + if (fieldContainsUserId(field, userId)) { + found = true; + } + }); + if (found) return true; + return false; + } + + // docRoleField of type Object + if (_.isObject(docRoleField)) { + // For each field in the object + Object.keys(docRoleField).forEach(field => { + if ( + fieldContainsUserId(docRoleField[field], userId) || + fieldContainsUserId(field, userId) + ) { + found = true; + } + }); + if (found) return true; + return false; + } + + // docRoleField of type field + if (docRoleField.toString() === userId.toString()) { + return true; + } + + return false; +} +``` + +### ./resolver/User.js +In the resolver interfaces, there are different objects: +* the root object "tweet", contains the document fields +* the args object "args", contains arguments from the graphql query/mutation +* the context object "Tweet", contains the access to the database model of the Tweet collection +* the context object "me", contains the current logged in user -if logged in-, which is provided from the server's passport implementation +* the last argument in the resolver function is the resolver's name, which is optional and only to enhance the logging in debugging mode by additional information. If you have to analyze authorization outcomes, this helps a lot to figure out, which resolvers authorization rule fired. + +```javascript + const resolvers = { + User: { + id(user) { + return user._id; + }, + + createdBy(user, args, { User, me }) { + return User.createdBy(user, me, 'user createdBy'); + }, + + updatedBy(user, args, { User, me }) { + return User.updatedBy(user, me, 'user updatedBy'); + }, + + tweets(user, { minLikes, lastCreatedAt, limit }, { User, me }) { + return User.tweets(user, { minLikes, lastCreatedAt, limit }, me, 'user tweets'); + }, + + liked(user, { lastCreatedAt, limit }, { User, me }) { + return User.liked(user, { lastCreatedAt, limit }, me, 'user liked'); + }, + + following(user, { lastCreatedAt, limit }, { User, me }) { + return User.following(user, { lastCreatedAt, limit }, me, 'user following'); + }, + + followers(user, { lastCreatedAt, limit }, { User, me }) { + return User.followers(user, { lastCreatedAt, limit }, me, 'user followers'); + }, + }, + Query: { + users(root, { lastCreatedAt, limit }, { User, me }) { + return User.find({ lastCreatedAt, limit }, me, 'users'); + }, + + user(root, { id }, { User, me }) { + return User.findOneById(id, me, 'user'); + }, + }, + Mutation: { + async createUser(root, { input }, { User, me }) { + return await User.insert(input, me, 'createUser'); + }, + + async updateUser(root, { id, input }, { User, me }) { + return await User.updateById(id, input, me, 'updateUser'); + }, + + async removeUser(root, { id }, { User, me }) { + return await User.removeById(id, me, 'removeUser'); + }, + }, + Subscription: { + userCreated: user => user, + userUpdated: user => user, + userRemoved: id => id, + }, + }; + + export default resolvers; +``` + +### ./resolver/Tweet.js +In the resolver interfaces, there are different objects: +* the root object "tweet", contains the document fields +* the args object "args", contains arguments from the graphql query/mutation +* the context object "Tweet", contains the access to the database model of the Tweet collection +* the context object "me", contains the current logged in user -if logged in-, which is provided from the server's passport implementation +* the last argument in the resolver function is the resolver's name, which is optional and only to enhance the logging in debugging mode by additional information. If you have to analyze authorization outcomes, this helps a lot to figure out, which resolvers authorization rule fired. + +```javascript + const resolvers = { + Tweet: { + id(tweet) { + return tweet._id; + }, + + author(tweet, args, { Tweet, me }) { + return Tweet.author(tweet, me, 'tweet author'); + }, + + createdBy(tweet, args, { Tweet, me }) { + return Tweet.createdBy(tweet, me, 'tweet createdBy'); + }, + + updatedBy(tweet, args, { Tweet, me }) { + return Tweet.updatedBy(tweet, me, 'tweet updatedBy'); + }, + + coauthors(tweet, { lastCreatedAt, limit }, { Tweet, me }) { + return Tweet.coauthors(tweet, { lastCreatedAt, limit }, me, 'tweet coauthors'); + }, + + likers(tweet, { lastCreatedAt, limit }, { Tweet, me }) { + return Tweet.likers(tweet, { lastCreatedAt, limit }, me, 'tweet likers'); + }, + }, + Query: { + tweets(root, { lastCreatedAt, limit }, { Tweet, me }) { + return Tweet.find({ lastCreatedAt, limit }, me, 'tweets'); + }, + + tweet(root, { id }, { Tweet, me }) { + return Tweet.findOneById(id, me, 'tweet'); + }, + }, + Mutation: { + async createTweet(root, { input }, { Tweet, me }) { + return await Tweet.insert(input, me, 'createTweet'); + }, + + async updateTweet(root, { id, input }, { Tweet, me }) { + return await Tweet.updateById(id, input, me, 'updateTweet'); + }, + + async removeTweet(root, { id }, { Tweet, me }) { + return await Tweet.removeById(id, me, 'removeTweet'); + }, + }, + Subscription: { + tweetCreated: tweet => tweet, + tweetUpdated: tweet => tweet, + tweetRemoved: id => id, + }, + }; + + export default resolvers; +``` + +### Testing +If you run within the project root at least one time, it generates the database and adds the seed tweet and user documents once during each run. +```bash +yarn end-to-end-test +``` +It executes many pre-defined tests with different user-roles and document-roles. May be you want to add additional tests to enhance the security of the logic. + +If you want to test with the http://localhost:3000/graphiql frontend, best download the following app: +```bash +brew cask install graphiql +``` +...and have a look into the file **./test/output-app-end-to-end/scripts/JWTs.txt**, or generate this file by running: +```bash +cd ./test/output-app-end-to-end/scripts +babel-node ./generateJWT.js > JWTs.txt +``` +This generates JWT tokens for the different test users from the ./test/seeds/User.json. Copy the wanted JWT token of the different users, and start the GraphiQL app with the following entries: + +* GraphQL endpoint: ```http://localhost:3000/graphql``` +* Method: ```POST``` +* Edit HTTP headers: + * Header name: ```authorization``` + * Header value: ```JWT the-copied-token``` + +...and write and execute your queries/mutations in the GraphiQL window. + +If you use different user's JWT tokens, you can simulate the different user roles such as "admin", "editor" and "user" manually. diff --git a/skel/model/index.js b/skel/model/index.js index 7789776..b35e315 100644 --- a/skel/model/index.js +++ b/skel/model/index.js @@ -2,8 +2,14 @@ const models = {}; export default function addModelsToContext(context) { const newContext = Object.assign({}, context); + + // User model has to be first, to initialize the other models with correct authorizations + if (models['User']){ + newContext['User'] = new models['User'](newContext); + } + Object.keys(models).forEach((key) => { - newContext[key] = new models[key](newContext); + if (key !== 'User') newContext[key] = new models[key](newContext); }); return newContext; } diff --git a/skel/package.json b/skel/package.json index 59a94c8..b90f28d 100644 --- a/skel/package.json +++ b/skel/package.json @@ -5,6 +5,9 @@ "scripts": { "start": "babel-node index.js" }, + "config": { + "logfile": "log/all-logs-readable.log" + }, "private": true, "author": "", "license": "MIT", @@ -33,6 +36,7 @@ "bcrypt": "^1.0.2", "body-parser": "1.15.2", "cors": "^2.8.1", + "create-graphql-server-authorization": "^0.0.27", "dataloader": "^1.2.0", "denodeify": "^1.2.1", "dotenv": "2.0.0", @@ -45,11 +49,12 @@ "graphql-tools": "^0.8.2", "jwt-simple": "^0.5.1", "lodash": "4.16.4", - "mongo-find-by-ids": "^1.0.0", "mongodb": "^2.2.11", + "morgan": "^1.8.2", "nodeify": "^1.0.1", "passport": "^0.3.2", "passport-jwt": "^2.2.1", - "subscriptions-transport-ws": "0.2.6" + "subscriptions-transport-ws": "0.2.6", + "winston": "^2.3.1" } } diff --git a/skel/server/authenticate.js b/skel/server/authenticate.js index 266dcd6..283964a 100644 --- a/skel/server/authenticate.js +++ b/skel/server/authenticate.js @@ -4,15 +4,17 @@ import jwt from 'jwt-simple'; import { ObjectId } from 'mongodb'; import nodeify from 'nodeify'; import bcrypt from 'bcrypt'; +import DataLoader from 'dataloader'; +import { findByIds } from 'create-graphql-server-authorization'; -const KEY = '~key~'; +const KEY = 'test-key'; +let Loader; async function userFromPayload(request, jwtPayload) { if (!jwtPayload.userId) { throw new Error('No userId in JWT'); } - - return await request.context.User.findOneById(ObjectId(jwtPayload.userId)); + return await Loader.load(ObjectId(jwtPayload.userId)); } passport.use(new Strategy({ @@ -23,7 +25,9 @@ passport.use(new Strategy({ nodeify(userFromPayload(request, jwtPayload), done); })); -export default function addPassport(app) { +export default function addPassport(app, User) { + Loader = new DataLoader(ids => findByIds(User, ids)); + app.use(passport.initialize()); app.post('/login', async (req, res, next) => { @@ -34,7 +38,7 @@ export default function addPassport(app) { throw new Error('Username or password not set on request'); } - const user = await req.context.User.collection.findOne({ email }); + const user = await User.findOne({ email }); if (!user || !(await bcrypt.compare(password, user.hash))) { throw new Error('User not found matching email/password combination'); } diff --git a/skel/server/index.js b/skel/server/index.js index faafc9d..bf36cd8 100644 --- a/skel/server/index.js +++ b/skel/server/index.js @@ -7,14 +7,22 @@ import { makeExecutableSchema } from 'graphql-tools'; import { MongoClient } from 'mongodb'; import cors from 'cors'; import passport from 'passport'; +import morgan from 'morgan'; +import { getLogFilename, logger } from 'create-graphql-server-authorization'; import typeDefs from '../schema'; import resolvers from '../resolvers'; import addModelsToContext from '../model'; import authenticate from './authenticate'; - +import { parse, print } from 'graphql'; import { pubsub, subscriptionManager } from './subscriptions'; +const log = logger(getLogFilename()); +const stream = { + write: function(message, encoding) { + // log.debug(message); + } +}; const schema = makeExecutableSchema({ typeDefs, resolvers }); const { @@ -26,34 +34,38 @@ const { async function startServer() { + log.info('Logger started'); + const db = await MongoClient.connect(MONGO_URL); + const UserCollection = db.collection('user'); const app = express().use('*', cors()); app.use(bodyParser.urlencoded({ extended: true })); app.use(bodyParser.json()); + app.use(morgan("dev", { "stream": stream })); - app.use((req, res, next) => { - req.context = addModelsToContext({ db, pubsub }); - next(); - }); - - authenticate(app); + authenticate(app, UserCollection); app.use('/graphql', (req, res, next) => { - passport.authenticate('jwt', { session: false }, (err, user) => { + passport.authenticate('jwt', { session: false }, (err, me) => { + req.context = addModelsToContext({ db, pubsub, me, UserCollection }); graphqlExpress(() => { // Get the query, the same way express-graphql does it // https://github.com/graphql/express-graphql/blob/3fa6e68582d6d933d37fa9e841da5d2aa39261cd/src/index.js#L257 + const {variables, operationName} = req.body; + const {_id, username, role} = me; const query = req.query.query || req.body.query; - if (query && query.length > 2000) { + log.debug('-'.repeat(80)); + log.debug(`Request:\nUser: "${(username) ? username: ''}", role: "${(role) ? role : ''}", id: "${(_id) ? _id : ''}",\nOperation: "${operationName ? operationName : ''}", variables: "${variables ? JSON.stringify(variables) : ''}",\nQuery:\n${print(parse(query))}`); + if (query && query.length > 4000) { // None of our app's queries are this long // Probably indicates someone trying to send an overly expensive query + log.error('Query too large.'); throw new Error('Query too large.'); } - return { schema, - context: Object.assign({ user }, req.context), + context: Object.assign({ me }, req.context), debug: true, formatError(e) { console.log(e); diff --git a/skel/yarn.lock b/skel/yarn.lock deleted file mode 100644 index ce8e5db..0000000 --- a/skel/yarn.lock +++ /dev/null @@ -1,4192 +0,0 @@ -# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY. -# yarn lockfile v1 - - -"@types/express-serve-static-core@*": - version "4.0.39" - resolved "https://registry.yarnpkg.com/@types/express-serve-static-core/-/express-serve-static-core-4.0.39.tgz#45157f96480d46f254648f45b2c6d70bd9fc9f54" - dependencies: - "@types/node" "*" - -"@types/express@^4.0.33": - version "4.0.34" - resolved "https://registry.yarnpkg.com/@types/express/-/express-4.0.34.tgz#cdc0afd69d70d2295b81b3aa47f26f672afcde1c" - dependencies: - "@types/express-serve-static-core" "*" - "@types/serve-static" "*" - -"@types/mime@*": - version "0.0.29" - resolved "https://registry.yarnpkg.com/@types/mime/-/mime-0.0.29.tgz#fbcfd330573b912ef59eeee14602bface630754b" - -"@types/node@*", "@types/node@^6.0.38": - version "6.0.51" - resolved "https://registry.yarnpkg.com/@types/node/-/node-6.0.51.tgz#84cbf25111516ec9304d0b61469dc0fa9d12ba32" - -"@types/serve-static@*": - version "1.7.31" - resolved "https://registry.yarnpkg.com/@types/serve-static/-/serve-static-1.7.31.tgz#15456de8d98d6b4cff31be6c6af7492ae63f521a" - dependencies: - "@types/express-serve-static-core" "*" - "@types/mime" "*" - -abbrev@1: - version "1.0.9" - resolved "https://registry.yarnpkg.com/abbrev/-/abbrev-1.0.9.tgz#91b4792588a7738c25f35dd6f63752a2f8776135" - -accepts@~1.3.3: - version "1.3.3" - resolved "https://registry.yarnpkg.com/accepts/-/accepts-1.3.3.tgz#c3ca7434938648c3e0d9c1e328dd68b622c284ca" - dependencies: - mime-types "~2.1.11" - negotiator "0.6.1" - -acorn-jsx@^3.0.0, acorn-jsx@^3.0.1: - version "3.0.1" - resolved "https://registry.yarnpkg.com/acorn-jsx/-/acorn-jsx-3.0.1.tgz#afdf9488fb1ecefc8348f6fb22f464e32a58b36b" - dependencies: - acorn "^3.0.4" - -acorn@^3.0.4: - version "3.3.0" - resolved "https://registry.yarnpkg.com/acorn/-/acorn-3.3.0.tgz#45e37fb39e8da3f25baee3ff5369e2bb5f22017a" - -acorn@^4.0.1: - version "4.0.3" - resolved "https://registry.yarnpkg.com/acorn/-/acorn-4.0.3.tgz#1a3e850b428e73ba6b09d1cc527f5aaad4d03ef1" - -agent-base@2: - version "2.0.1" - resolved "https://registry.yarnpkg.com/agent-base/-/agent-base-2.0.1.tgz#bd8f9e86a8eb221fffa07bd14befd55df142815e" - dependencies: - extend "~3.0.0" - semver "~5.0.1" - -ajv-keywords@^1.0.0: - version "1.2.0" - resolved "https://registry.yarnpkg.com/ajv-keywords/-/ajv-keywords-1.2.0.tgz#676c4f087bfe1e8b12dca6fda2f3c74f417b099c" - -ajv@^4.7.0: - version "4.9.2" - resolved "https://registry.yarnpkg.com/ajv/-/ajv-4.9.2.tgz#3f7dcda95b0c34bceb2d69945117d146219f1a2c" - dependencies: - co "^4.6.0" - json-stable-stringify "^1.0.1" - -ansi-escapes@^1.1.0: - version "1.4.0" - resolved "https://registry.yarnpkg.com/ansi-escapes/-/ansi-escapes-1.4.0.tgz#d3a8a83b319aa67793662b13e761c7911422306e" - -ansi-regex@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/ansi-regex/-/ansi-regex-2.0.0.tgz#c5061b6e0ef8a81775e50f5d66151bf6bf371107" - -ansi-styles@^2.1.0, ansi-styles@^2.2.1: - version "2.2.1" - resolved "https://registry.yarnpkg.com/ansi-styles/-/ansi-styles-2.2.1.tgz#b432dd3358b634cf75e1e4664368240533c1ddbe" - -anymatch@^1.3.0: - version "1.3.0" - resolved "https://registry.yarnpkg.com/anymatch/-/anymatch-1.3.0.tgz#a3e52fa39168c825ff57b0248126ce5a8ff95507" - dependencies: - arrify "^1.0.0" - micromatch "^2.1.5" - -aproba@^1.0.3: - version "1.0.4" - resolved "https://registry.yarnpkg.com/aproba/-/aproba-1.0.4.tgz#2713680775e7614c8ba186c065d4e2e52d1072c0" - -are-we-there-yet@~1.1.2: - version "1.1.2" - resolved "https://registry.yarnpkg.com/are-we-there-yet/-/are-we-there-yet-1.1.2.tgz#80e470e95a084794fe1899262c5667c6e88de1b3" - dependencies: - delegates "^1.0.0" - readable-stream "^2.0.0 || ^1.1.13" - -argparse@^1.0.7: - version "1.0.9" - resolved "https://registry.yarnpkg.com/argparse/-/argparse-1.0.9.tgz#73d83bc263f86e97f8cc4f6bae1b0e90a7d22c86" - dependencies: - sprintf-js "~1.0.2" - -arr-diff@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/arr-diff/-/arr-diff-2.0.0.tgz#8f3b827f955a8bd669697e4a4256ac3ceae356cf" - dependencies: - arr-flatten "^1.0.1" - -arr-flatten@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/arr-flatten/-/arr-flatten-1.0.1.tgz#e5ffe54d45e19f32f216e91eb99c8ce892bb604b" - -array-find-index@^1.0.1: - version "1.0.2" - resolved "https://registry.yarnpkg.com/array-find-index/-/array-find-index-1.0.2.tgz#df010aa1287e164bbda6f9723b0a96a1ec4187a1" - -array-flatten@1.1.1: - version "1.1.1" - resolved "https://registry.yarnpkg.com/array-flatten/-/array-flatten-1.1.1.tgz#9a5f699051b1e7073328f2a008968b64ea2955d2" - -array-union@^1.0.1: - version "1.0.2" - resolved "https://registry.yarnpkg.com/array-union/-/array-union-1.0.2.tgz#9a34410e4f4e3da23dea375be5be70f24778ec39" - dependencies: - array-uniq "^1.0.1" - -array-uniq@^1.0.0, array-uniq@^1.0.1: - version "1.0.3" - resolved "https://registry.yarnpkg.com/array-uniq/-/array-uniq-1.0.3.tgz#af6ac877a25cc7f74e058894753858dfdb24fdb6" - -array-unique@^0.2.1: - version "0.2.1" - resolved "https://registry.yarnpkg.com/array-unique/-/array-unique-0.2.1.tgz#a1d97ccafcbc2625cc70fadceb36a50c58b01a53" - -arrify@^1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/arrify/-/arrify-1.0.1.tgz#898508da2226f380df904728456849c1501a4b0d" - -asn1@~0.2.3: - version "0.2.3" - resolved "https://registry.yarnpkg.com/asn1/-/asn1-0.2.3.tgz#dac8787713c9966849fc8180777ebe9c1ddf3b86" - -assert-plus@^0.2.0: - version "0.2.0" - resolved "https://registry.yarnpkg.com/assert-plus/-/assert-plus-0.2.0.tgz#d74e1b87e7affc0db8aadb7021f3fe48101ab234" - -assert-plus@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/assert-plus/-/assert-plus-1.0.0.tgz#f12e0f3c5d77b0b1cdd9146942e4e96c1e4dd525" - -assertion-error@^1.0.1: - version "1.0.2" - resolved "https://registry.yarnpkg.com/assertion-error/-/assertion-error-1.0.2.tgz#13ca515d86206da0bac66e834dd397d87581094c" - -async-each@^1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/async-each/-/async-each-1.0.1.tgz#19d386a1d9edc6e7c1c85d388aedbcc56d33602d" - -async@2.0.1: - version "2.0.1" - resolved "https://registry.yarnpkg.com/async/-/async-2.0.1.tgz#b709cc0280a9c36f09f4536be823c838a9049e25" - dependencies: - lodash "^4.8.0" - -asynckit@^0.4.0: - version "0.4.0" - resolved "https://registry.yarnpkg.com/asynckit/-/asynckit-0.4.0.tgz#c79ed97f7f34cb8f2ba1bc9790bcc366474b4b79" - -aws-sign2@~0.6.0: - version "0.6.0" - resolved "https://registry.yarnpkg.com/aws-sign2/-/aws-sign2-0.6.0.tgz#14342dd38dbcc94d0e5b87d763cd63612c0e794f" - -aws4@^1.2.1: - version "1.5.0" - resolved "https://registry.yarnpkg.com/aws4/-/aws4-1.5.0.tgz#0a29ffb79c31c9e712eeb087e8e7a64b4a56d755" - -babel-cli@6.16.0: - version "6.16.0" - resolved "https://registry.yarnpkg.com/babel-cli/-/babel-cli-6.16.0.tgz#4e0d1cf40442ef78330f7fef88eb3a0a1b16bd37" - dependencies: - babel-core "^6.16.0" - babel-polyfill "^6.16.0" - babel-register "^6.16.0" - babel-runtime "^6.9.0" - bin-version-check "^2.1.0" - chalk "1.1.1" - commander "^2.8.1" - convert-source-map "^1.1.0" - fs-readdir-recursive "^0.1.0" - glob "^5.0.5" - lodash "^4.2.0" - log-symbols "^1.0.2" - output-file-sync "^1.1.0" - path-exists "^1.0.0" - path-is-absolute "^1.0.0" - request "^2.65.0" - slash "^1.0.0" - source-map "^0.5.0" - v8flags "^2.0.10" - optionalDependencies: - chokidar "^1.0.0" - -babel-code-frame@^6.16.0: - version "6.16.0" - resolved "https://registry.yarnpkg.com/babel-code-frame/-/babel-code-frame-6.16.0.tgz#f90e60da0862909d3ce098733b5d3987c97cb8de" - dependencies: - chalk "^1.1.0" - esutils "^2.0.2" - js-tokens "^2.0.0" - -babel-core@6.17.0, babel-core@^6.16.0: - version "6.17.0" - resolved "https://registry.yarnpkg.com/babel-core/-/babel-core-6.17.0.tgz#6c4576447df479e241e58c807e4bc7da4db7f425" - dependencies: - babel-code-frame "^6.16.0" - babel-generator "^6.17.0" - babel-helpers "^6.16.0" - babel-messages "^6.8.0" - babel-register "^6.16.0" - babel-runtime "^6.9.1" - babel-template "^6.16.0" - babel-traverse "^6.16.0" - babel-types "^6.16.0" - babylon "^6.11.0" - convert-source-map "^1.1.0" - debug "^2.1.1" - json5 "^0.4.0" - lodash "^4.2.0" - minimatch "^3.0.2" - path-exists "^1.0.0" - path-is-absolute "^1.0.0" - private "^0.1.6" - shebang-regex "^1.0.0" - slash "^1.0.0" - source-map "^0.5.0" - -babel-eslint@7.0.0: - version "7.0.0" - resolved "https://registry.yarnpkg.com/babel-eslint/-/babel-eslint-7.0.0.tgz#54e51b4033f54ac81326ecea4c646a779935196d" - dependencies: - babel-traverse "^6.15.0" - babel-types "^6.15.0" - babylon "^6.11.2" - lodash.pickby "^4.6.0" - -babel-generator@^6.17.0: - version "6.19.0" - resolved "https://registry.yarnpkg.com/babel-generator/-/babel-generator-6.19.0.tgz#9b2f244204777a3d6810ec127c673c87b349fac5" - dependencies: - babel-messages "^6.8.0" - babel-runtime "^6.9.0" - babel-types "^6.19.0" - detect-indent "^4.0.0" - jsesc "^1.3.0" - lodash "^4.2.0" - source-map "^0.5.0" - -babel-helper-bindify-decorators@^6.18.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-bindify-decorators/-/babel-helper-bindify-decorators-6.18.0.tgz#fc00c573676a6e702fffa00019580892ec8780a5" - dependencies: - babel-runtime "^6.0.0" - babel-traverse "^6.18.0" - babel-types "^6.18.0" - -babel-helper-builder-binary-assignment-operator-visitor@^6.8.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-builder-binary-assignment-operator-visitor/-/babel-helper-builder-binary-assignment-operator-visitor-6.18.0.tgz#8ae814989f7a53682152e3401a04fabd0bb333a6" - dependencies: - babel-helper-explode-assignable-expression "^6.18.0" - babel-runtime "^6.0.0" - babel-types "^6.18.0" - -babel-helper-builder-react-jsx@^6.8.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-builder-react-jsx/-/babel-helper-builder-react-jsx-6.18.0.tgz#ab02f19a2eb7ace936dd87fa55896d02be59bf71" - dependencies: - babel-runtime "^6.9.0" - babel-types "^6.18.0" - esutils "^2.0.0" - lodash "^4.2.0" - -babel-helper-call-delegate@^6.18.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-call-delegate/-/babel-helper-call-delegate-6.18.0.tgz#05b14aafa430884b034097ef29e9f067ea4133bd" - dependencies: - babel-helper-hoist-variables "^6.18.0" - babel-runtime "^6.0.0" - babel-traverse "^6.18.0" - babel-types "^6.18.0" - -babel-helper-define-map@^6.18.0, babel-helper-define-map@^6.8.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-define-map/-/babel-helper-define-map-6.18.0.tgz#8d6c85dc7fbb4c19be3de40474d18e97c3676ec2" - dependencies: - babel-helper-function-name "^6.18.0" - babel-runtime "^6.9.0" - babel-types "^6.18.0" - lodash "^4.2.0" - -babel-helper-explode-assignable-expression@^6.18.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-explode-assignable-expression/-/babel-helper-explode-assignable-expression-6.18.0.tgz#14b8e8c2d03ad735d4b20f1840b24cd1f65239fe" - dependencies: - babel-runtime "^6.0.0" - babel-traverse "^6.18.0" - babel-types "^6.18.0" - -babel-helper-explode-class@^6.8.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-explode-class/-/babel-helper-explode-class-6.18.0.tgz#c44f76f4fa23b9c5d607cbac5d4115e7a76f62cb" - dependencies: - babel-helper-bindify-decorators "^6.18.0" - babel-runtime "^6.0.0" - babel-traverse "^6.18.0" - babel-types "^6.18.0" - -babel-helper-function-name@^6.18.0, babel-helper-function-name@^6.8.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-function-name/-/babel-helper-function-name-6.18.0.tgz#68ec71aeba1f3e28b2a6f0730190b754a9bf30e6" - dependencies: - babel-helper-get-function-arity "^6.18.0" - babel-runtime "^6.0.0" - babel-template "^6.8.0" - babel-traverse "^6.18.0" - babel-types "^6.18.0" - -babel-helper-get-function-arity@^6.18.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-get-function-arity/-/babel-helper-get-function-arity-6.18.0.tgz#a5b19695fd3f9cdfc328398b47dafcd7094f9f24" - dependencies: - babel-runtime "^6.0.0" - babel-types "^6.18.0" - -babel-helper-hoist-variables@^6.18.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-hoist-variables/-/babel-helper-hoist-variables-6.18.0.tgz#a835b5ab8b46d6de9babefae4d98ea41e866b82a" - dependencies: - babel-runtime "^6.0.0" - babel-types "^6.18.0" - -babel-helper-optimise-call-expression@^6.18.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-optimise-call-expression/-/babel-helper-optimise-call-expression-6.18.0.tgz#9261d0299ee1a4f08a6dd28b7b7c777348fd8f0f" - dependencies: - babel-runtime "^6.0.0" - babel-types "^6.18.0" - -babel-helper-regex@^6.8.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-regex/-/babel-helper-regex-6.18.0.tgz#ae0ebfd77de86cb2f1af258e2cc20b5fe893ecc6" - dependencies: - babel-runtime "^6.9.0" - babel-types "^6.18.0" - lodash "^4.2.0" - -babel-helper-remap-async-to-generator@^6.16.0, babel-helper-remap-async-to-generator@^6.16.2: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-remap-async-to-generator/-/babel-helper-remap-async-to-generator-6.18.0.tgz#336cdf3cab650bb191b02fc16a3708e7be7f9ce5" - dependencies: - babel-helper-function-name "^6.18.0" - babel-runtime "^6.0.0" - babel-template "^6.16.0" - babel-traverse "^6.18.0" - babel-types "^6.18.0" - -babel-helper-replace-supers@^6.18.0, babel-helper-replace-supers@^6.8.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-replace-supers/-/babel-helper-replace-supers-6.18.0.tgz#28ec69877be4144dbd64f4cc3a337e89f29a924e" - dependencies: - babel-helper-optimise-call-expression "^6.18.0" - babel-messages "^6.8.0" - babel-runtime "^6.0.0" - babel-template "^6.16.0" - babel-traverse "^6.18.0" - babel-types "^6.18.0" - -babel-helpers@^6.16.0: - version "6.16.0" - resolved "https://registry.yarnpkg.com/babel-helpers/-/babel-helpers-6.16.0.tgz#1095ec10d99279460553e67eb3eee9973d3867e3" - dependencies: - babel-runtime "^6.0.0" - babel-template "^6.16.0" - -babel-messages@^6.8.0: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-messages/-/babel-messages-6.8.0.tgz#bf504736ca967e6d65ef0adb5a2a5f947c8e0eb9" - dependencies: - babel-runtime "^6.0.0" - -babel-plugin-check-es2015-constants@^6.3.13: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-plugin-check-es2015-constants/-/babel-plugin-check-es2015-constants-6.8.0.tgz#dbf024c32ed37bfda8dee1e76da02386a8d26fe7" - dependencies: - babel-runtime "^6.0.0" - -babel-plugin-syntax-async-functions@^6.8.0: - version "6.13.0" - resolved "https://registry.yarnpkg.com/babel-plugin-syntax-async-functions/-/babel-plugin-syntax-async-functions-6.13.0.tgz#cad9cad1191b5ad634bf30ae0872391e0647be95" - -babel-plugin-syntax-async-generators@^6.5.0: - version "6.13.0" - resolved "https://registry.yarnpkg.com/babel-plugin-syntax-async-generators/-/babel-plugin-syntax-async-generators-6.13.0.tgz#6bc963ebb16eccbae6b92b596eb7f35c342a8b9a" - -babel-plugin-syntax-class-properties@^6.8.0: - version "6.13.0" - resolved "https://registry.yarnpkg.com/babel-plugin-syntax-class-properties/-/babel-plugin-syntax-class-properties-6.13.0.tgz#d7eb23b79a317f8543962c505b827c7d6cac27de" - -babel-plugin-syntax-decorators@^6.13.0: - version "6.13.0" - resolved "https://registry.yarnpkg.com/babel-plugin-syntax-decorators/-/babel-plugin-syntax-decorators-6.13.0.tgz#312563b4dbde3cc806cee3e416cceeaddd11ac0b" - -babel-plugin-syntax-exponentiation-operator@^6.8.0: - version "6.13.0" - resolved "https://registry.yarnpkg.com/babel-plugin-syntax-exponentiation-operator/-/babel-plugin-syntax-exponentiation-operator-6.13.0.tgz#9ee7e8337290da95288201a6a57f4170317830de" - -babel-plugin-syntax-flow@^6.18.0, babel-plugin-syntax-flow@^6.3.13: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-syntax-flow/-/babel-plugin-syntax-flow-6.18.0.tgz#4c3ab20a2af26aa20cd25995c398c4eb70310c8d" - -babel-plugin-syntax-jsx@^6.3.13, babel-plugin-syntax-jsx@^6.8.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-syntax-jsx/-/babel-plugin-syntax-jsx-6.18.0.tgz#0af32a9a6e13ca7a3fd5069e62d7b0f58d0d8946" - -babel-plugin-syntax-object-rest-spread@^6.8.0: - version "6.13.0" - resolved "https://registry.yarnpkg.com/babel-plugin-syntax-object-rest-spread/-/babel-plugin-syntax-object-rest-spread-6.13.0.tgz#fd6536f2bce13836ffa3a5458c4903a597bb3bf5" - -babel-plugin-syntax-trailing-function-commas@^6.3.13: - version "6.13.0" - resolved "https://registry.yarnpkg.com/babel-plugin-syntax-trailing-function-commas/-/babel-plugin-syntax-trailing-function-commas-6.13.0.tgz#2b84b7d53dd744f94ff1fad7669406274b23f541" - -babel-plugin-transform-async-generator-functions@^6.17.0: - version "6.17.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-async-generator-functions/-/babel-plugin-transform-async-generator-functions-6.17.0.tgz#d0b5a2b2f0940f2b245fa20a00519ed7bc6cae54" - dependencies: - babel-helper-remap-async-to-generator "^6.16.2" - babel-plugin-syntax-async-generators "^6.5.0" - babel-runtime "^6.0.0" - -babel-plugin-transform-async-to-generator@^6.16.0: - version "6.16.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-async-to-generator/-/babel-plugin-transform-async-to-generator-6.16.0.tgz#19ec36cb1486b59f9f468adfa42ce13908ca2999" - dependencies: - babel-helper-remap-async-to-generator "^6.16.0" - babel-plugin-syntax-async-functions "^6.8.0" - babel-runtime "^6.0.0" - -babel-plugin-transform-class-properties@^6.16.0: - version "6.19.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-class-properties/-/babel-plugin-transform-class-properties-6.19.0.tgz#1274b349abaadc835164e2004f4a2444a2788d5f" - dependencies: - babel-helper-function-name "^6.18.0" - babel-plugin-syntax-class-properties "^6.8.0" - babel-runtime "^6.9.1" - babel-template "^6.15.0" - -babel-plugin-transform-decorators@^6.13.0: - version "6.13.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-decorators/-/babel-plugin-transform-decorators-6.13.0.tgz#82d65c1470ae83e2d13eebecb0a1c2476d62da9d" - dependencies: - babel-helper-define-map "^6.8.0" - babel-helper-explode-class "^6.8.0" - babel-plugin-syntax-decorators "^6.13.0" - babel-runtime "^6.0.0" - babel-template "^6.8.0" - babel-types "^6.13.0" - -babel-plugin-transform-es2015-arrow-functions@^6.3.13: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-arrow-functions/-/babel-plugin-transform-es2015-arrow-functions-6.8.0.tgz#5b63afc3181bdc9a8c4d481b5a4f3f7d7fef3d9d" - dependencies: - babel-runtime "^6.0.0" - -babel-plugin-transform-es2015-block-scoped-functions@^6.3.13: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-block-scoped-functions/-/babel-plugin-transform-es2015-block-scoped-functions-6.8.0.tgz#ed95d629c4b5a71ae29682b998f70d9833eb366d" - dependencies: - babel-runtime "^6.0.0" - -babel-plugin-transform-es2015-block-scoping@^6.14.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-block-scoping/-/babel-plugin-transform-es2015-block-scoping-6.18.0.tgz#3bfdcfec318d46df22525cdea88f1978813653af" - dependencies: - babel-runtime "^6.9.0" - babel-template "^6.15.0" - babel-traverse "^6.18.0" - babel-types "^6.18.0" - lodash "^4.2.0" - -babel-plugin-transform-es2015-classes@^6.14.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-classes/-/babel-plugin-transform-es2015-classes-6.18.0.tgz#ffe7a17321bf83e494dcda0ae3fc72df48ffd1d9" - dependencies: - babel-helper-define-map "^6.18.0" - babel-helper-function-name "^6.18.0" - babel-helper-optimise-call-expression "^6.18.0" - babel-helper-replace-supers "^6.18.0" - babel-messages "^6.8.0" - babel-runtime "^6.9.0" - babel-template "^6.14.0" - babel-traverse "^6.18.0" - babel-types "^6.18.0" - -babel-plugin-transform-es2015-computed-properties@^6.3.13: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-computed-properties/-/babel-plugin-transform-es2015-computed-properties-6.8.0.tgz#f51010fd61b3bd7b6b60a5fdfd307bb7a5279870" - dependencies: - babel-helper-define-map "^6.8.0" - babel-runtime "^6.0.0" - babel-template "^6.8.0" - -babel-plugin-transform-es2015-destructuring@^6.16.0: - version "6.19.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-destructuring/-/babel-plugin-transform-es2015-destructuring-6.19.0.tgz#ff1d911c4b3f4cab621bd66702a869acd1900533" - dependencies: - babel-runtime "^6.9.0" - -babel-plugin-transform-es2015-duplicate-keys@^6.6.0: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-duplicate-keys/-/babel-plugin-transform-es2015-duplicate-keys-6.8.0.tgz#fd8f7f7171fc108cc1c70c3164b9f15a81c25f7d" - dependencies: - babel-runtime "^6.0.0" - babel-types "^6.8.0" - -babel-plugin-transform-es2015-for-of@^6.6.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-for-of/-/babel-plugin-transform-es2015-for-of-6.18.0.tgz#4c517504db64bf8cfc119a6b8f177211f2028a70" - dependencies: - babel-runtime "^6.0.0" - -babel-plugin-transform-es2015-function-name@^6.9.0: - version "6.9.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-function-name/-/babel-plugin-transform-es2015-function-name-6.9.0.tgz#8c135b17dbd064e5bba56ec511baaee2fca82719" - dependencies: - babel-helper-function-name "^6.8.0" - babel-runtime "^6.9.0" - babel-types "^6.9.0" - -babel-plugin-transform-es2015-literals@^6.3.13: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-literals/-/babel-plugin-transform-es2015-literals-6.8.0.tgz#50aa2e5c7958fc2ab25d74ec117e0cc98f046468" - dependencies: - babel-runtime "^6.0.0" - -babel-plugin-transform-es2015-modules-amd@^6.18.0, babel-plugin-transform-es2015-modules-amd@^6.8.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-modules-amd/-/babel-plugin-transform-es2015-modules-amd-6.18.0.tgz#49a054cbb762bdf9ae2d8a807076cfade6141e40" - dependencies: - babel-plugin-transform-es2015-modules-commonjs "^6.18.0" - babel-runtime "^6.0.0" - babel-template "^6.8.0" - -babel-plugin-transform-es2015-modules-commonjs@^6.16.0, babel-plugin-transform-es2015-modules-commonjs@^6.18.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-modules-commonjs/-/babel-plugin-transform-es2015-modules-commonjs-6.18.0.tgz#c15ae5bb11b32a0abdcc98a5837baa4ee8d67bcc" - dependencies: - babel-plugin-transform-strict-mode "^6.18.0" - babel-runtime "^6.0.0" - babel-template "^6.16.0" - babel-types "^6.18.0" - -babel-plugin-transform-es2015-modules-systemjs@^6.14.0: - version "6.19.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-modules-systemjs/-/babel-plugin-transform-es2015-modules-systemjs-6.19.0.tgz#50438136eba74527efa00a5b0fefaf1dc4071da6" - dependencies: - babel-helper-hoist-variables "^6.18.0" - babel-runtime "^6.11.6" - babel-template "^6.14.0" - -babel-plugin-transform-es2015-modules-umd@^6.12.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-modules-umd/-/babel-plugin-transform-es2015-modules-umd-6.18.0.tgz#23351770ece5c1f8e83ed67cb1d7992884491e50" - dependencies: - babel-plugin-transform-es2015-modules-amd "^6.18.0" - babel-runtime "^6.0.0" - babel-template "^6.8.0" - -babel-plugin-transform-es2015-object-super@^6.3.13: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-object-super/-/babel-plugin-transform-es2015-object-super-6.8.0.tgz#1b858740a5a4400887c23dcff6f4d56eea4a24c5" - dependencies: - babel-helper-replace-supers "^6.8.0" - babel-runtime "^6.0.0" - -babel-plugin-transform-es2015-parameters@^6.16.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-parameters/-/babel-plugin-transform-es2015-parameters-6.18.0.tgz#9b2cfe238c549f1635ba27fc1daa858be70608b1" - dependencies: - babel-helper-call-delegate "^6.18.0" - babel-helper-get-function-arity "^6.18.0" - babel-runtime "^6.9.0" - babel-template "^6.16.0" - babel-traverse "^6.18.0" - babel-types "^6.18.0" - -babel-plugin-transform-es2015-shorthand-properties@^6.3.13: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-shorthand-properties/-/babel-plugin-transform-es2015-shorthand-properties-6.18.0.tgz#e2ede3b7df47bf980151926534d1dd0cbea58f43" - dependencies: - babel-runtime "^6.0.0" - babel-types "^6.18.0" - -babel-plugin-transform-es2015-spread@^6.3.13: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-spread/-/babel-plugin-transform-es2015-spread-6.8.0.tgz#0217f737e3b821fa5a669f187c6ed59205f05e9c" - dependencies: - babel-runtime "^6.0.0" - -babel-plugin-transform-es2015-sticky-regex@^6.3.13: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-sticky-regex/-/babel-plugin-transform-es2015-sticky-regex-6.8.0.tgz#e73d300a440a35d5c64f5c2a344dc236e3df47be" - dependencies: - babel-helper-regex "^6.8.0" - babel-runtime "^6.0.0" - babel-types "^6.8.0" - -babel-plugin-transform-es2015-template-literals@^6.6.0: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-template-literals/-/babel-plugin-transform-es2015-template-literals-6.8.0.tgz#86eb876d0a2c635da4ec048b4f7de9dfc897e66b" - dependencies: - babel-runtime "^6.0.0" - -babel-plugin-transform-es2015-typeof-symbol@^6.6.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-typeof-symbol/-/babel-plugin-transform-es2015-typeof-symbol-6.18.0.tgz#0b14c48629c90ff47a0650077f6aa699bee35798" - dependencies: - babel-runtime "^6.0.0" - -babel-plugin-transform-es2015-unicode-regex@^6.3.13: - version "6.11.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-unicode-regex/-/babel-plugin-transform-es2015-unicode-regex-6.11.0.tgz#6298ceabaad88d50a3f4f392d8de997260f6ef2c" - dependencies: - babel-helper-regex "^6.8.0" - babel-runtime "^6.0.0" - regexpu-core "^2.0.0" - -babel-plugin-transform-exponentiation-operator@^6.3.13: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-exponentiation-operator/-/babel-plugin-transform-exponentiation-operator-6.8.0.tgz#db25742e9339eade676ca9acec46f955599a68a4" - dependencies: - babel-helper-builder-binary-assignment-operator-visitor "^6.8.0" - babel-plugin-syntax-exponentiation-operator "^6.8.0" - babel-runtime "^6.0.0" - -babel-plugin-transform-flow-strip-types@^6.3.13: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-flow-strip-types/-/babel-plugin-transform-flow-strip-types-6.18.0.tgz#4d3e642158661e9b40db457c004a30817fa32592" - dependencies: - babel-plugin-syntax-flow "^6.18.0" - babel-runtime "^6.0.0" - -babel-plugin-transform-object-rest-spread@^6.16.0: - version "6.19.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-object-rest-spread/-/babel-plugin-transform-object-rest-spread-6.19.0.tgz#f6ac428ee3cb4c6aa00943ed1422ce813603b34c" - dependencies: - babel-plugin-syntax-object-rest-spread "^6.8.0" - babel-runtime "^6.0.0" - -babel-plugin-transform-react-display-name@^6.3.13: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-react-display-name/-/babel-plugin-transform-react-display-name-6.8.0.tgz#f7a084977383d728bdbdc2835bba0159577f660e" - dependencies: - babel-runtime "^6.0.0" - -babel-plugin-transform-react-jsx-self@^6.11.0: - version "6.11.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-react-jsx-self/-/babel-plugin-transform-react-jsx-self-6.11.0.tgz#605c9450c1429f97a930f7e1dfe3f0d9d0dbd0f4" - dependencies: - babel-plugin-syntax-jsx "^6.8.0" - babel-runtime "^6.9.0" - -babel-plugin-transform-react-jsx-source@^6.3.13: - version "6.9.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-react-jsx-source/-/babel-plugin-transform-react-jsx-source-6.9.0.tgz#af684a05c2067a86e0957d4f343295ccf5dccf00" - dependencies: - babel-plugin-syntax-jsx "^6.8.0" - babel-runtime "^6.9.0" - -babel-plugin-transform-react-jsx@^6.3.13: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-react-jsx/-/babel-plugin-transform-react-jsx-6.8.0.tgz#94759942f70af18c617189aa7f3593f1644a71ab" - dependencies: - babel-helper-builder-react-jsx "^6.8.0" - babel-plugin-syntax-jsx "^6.8.0" - babel-runtime "^6.0.0" - -babel-plugin-transform-regenerator@^6.16.0: - version "6.16.1" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-regenerator/-/babel-plugin-transform-regenerator-6.16.1.tgz#a75de6b048a14154aae14b0122756c5bed392f59" - dependencies: - babel-runtime "^6.9.0" - babel-types "^6.16.0" - private "~0.1.5" - -babel-plugin-transform-strict-mode@^6.18.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-strict-mode/-/babel-plugin-transform-strict-mode-6.18.0.tgz#df7cf2991fe046f44163dcd110d5ca43bc652b9d" - dependencies: - babel-runtime "^6.0.0" - babel-types "^6.18.0" - -babel-polyfill@^6.16.0: - version "6.16.0" - resolved "https://registry.yarnpkg.com/babel-polyfill/-/babel-polyfill-6.16.0.tgz#2d45021df87e26a374b6d4d1a9c65964d17f2422" - dependencies: - babel-runtime "^6.9.1" - core-js "^2.4.0" - regenerator-runtime "^0.9.5" - -babel-preset-es2015@6.16.0: - version "6.16.0" - resolved "https://registry.yarnpkg.com/babel-preset-es2015/-/babel-preset-es2015-6.16.0.tgz#59acecd1efbebaf48f89404840f2fe78c4d2ad5c" - dependencies: - babel-plugin-check-es2015-constants "^6.3.13" - babel-plugin-transform-es2015-arrow-functions "^6.3.13" - babel-plugin-transform-es2015-block-scoped-functions "^6.3.13" - babel-plugin-transform-es2015-block-scoping "^6.14.0" - babel-plugin-transform-es2015-classes "^6.14.0" - babel-plugin-transform-es2015-computed-properties "^6.3.13" - babel-plugin-transform-es2015-destructuring "^6.16.0" - babel-plugin-transform-es2015-duplicate-keys "^6.6.0" - babel-plugin-transform-es2015-for-of "^6.6.0" - babel-plugin-transform-es2015-function-name "^6.9.0" - babel-plugin-transform-es2015-literals "^6.3.13" - babel-plugin-transform-es2015-modules-amd "^6.8.0" - babel-plugin-transform-es2015-modules-commonjs "^6.16.0" - babel-plugin-transform-es2015-modules-systemjs "^6.14.0" - babel-plugin-transform-es2015-modules-umd "^6.12.0" - babel-plugin-transform-es2015-object-super "^6.3.13" - babel-plugin-transform-es2015-parameters "^6.16.0" - babel-plugin-transform-es2015-shorthand-properties "^6.3.13" - babel-plugin-transform-es2015-spread "^6.3.13" - babel-plugin-transform-es2015-sticky-regex "^6.3.13" - babel-plugin-transform-es2015-template-literals "^6.6.0" - babel-plugin-transform-es2015-typeof-symbol "^6.6.0" - babel-plugin-transform-es2015-unicode-regex "^6.3.13" - babel-plugin-transform-regenerator "^6.16.0" - -babel-preset-react@6.16.0: - version "6.16.0" - resolved "https://registry.yarnpkg.com/babel-preset-react/-/babel-preset-react-6.16.0.tgz#aa117d60de0928607e343c4828906e4661824316" - dependencies: - babel-plugin-syntax-flow "^6.3.13" - babel-plugin-syntax-jsx "^6.3.13" - babel-plugin-transform-flow-strip-types "^6.3.13" - babel-plugin-transform-react-display-name "^6.3.13" - babel-plugin-transform-react-jsx "^6.3.13" - babel-plugin-transform-react-jsx-self "^6.11.0" - babel-plugin-transform-react-jsx-source "^6.3.13" - -babel-preset-stage-2@6.17.0: - version "6.17.0" - resolved "https://registry.yarnpkg.com/babel-preset-stage-2/-/babel-preset-stage-2-6.17.0.tgz#dc4f84582781353cef36c41247eae5e36c4cae0d" - dependencies: - babel-plugin-transform-class-properties "^6.16.0" - babel-plugin-transform-decorators "^6.13.0" - babel-preset-stage-3 "^6.17.0" - -babel-preset-stage-3@^6.17.0: - version "6.17.0" - resolved "https://registry.yarnpkg.com/babel-preset-stage-3/-/babel-preset-stage-3-6.17.0.tgz#b6638e46db6e91e3f889013d8ce143917c685e39" - dependencies: - babel-plugin-syntax-trailing-function-commas "^6.3.13" - babel-plugin-transform-async-generator-functions "^6.17.0" - babel-plugin-transform-async-to-generator "^6.16.0" - babel-plugin-transform-exponentiation-operator "^6.3.13" - babel-plugin-transform-object-rest-spread "^6.16.0" - -babel-register@6.16.3, babel-register@^6.16.0: - version "6.16.3" - resolved "https://registry.yarnpkg.com/babel-register/-/babel-register-6.16.3.tgz#7b0c0ca7bfdeb9188ba4c27e5fcb7599a497c624" - dependencies: - babel-core "^6.16.0" - babel-runtime "^6.11.6" - core-js "^2.4.0" - home-or-tmp "^1.0.0" - lodash "^4.2.0" - mkdirp "^0.5.1" - path-exists "^1.0.0" - source-map-support "^0.4.2" - -babel-runtime@^6.0.0, babel-runtime@^6.11.6, babel-runtime@^6.9.0, babel-runtime@^6.9.1: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-runtime/-/babel-runtime-6.18.0.tgz#0f4177ffd98492ef13b9f823e9994a02584c9078" - dependencies: - core-js "^2.4.0" - regenerator-runtime "^0.9.5" - -babel-template@^6.14.0, babel-template@^6.15.0, babel-template@^6.16.0, babel-template@^6.8.0: - version "6.16.0" - resolved "https://registry.yarnpkg.com/babel-template/-/babel-template-6.16.0.tgz#e149dd1a9f03a35f817ddbc4d0481988e7ebc8ca" - dependencies: - babel-runtime "^6.9.0" - babel-traverse "^6.16.0" - babel-types "^6.16.0" - babylon "^6.11.0" - lodash "^4.2.0" - -babel-traverse@^6.15.0, babel-traverse@^6.16.0, babel-traverse@^6.18.0: - version "6.19.0" - resolved "https://registry.yarnpkg.com/babel-traverse/-/babel-traverse-6.19.0.tgz#68363fb821e26247d52a519a84b2ceab8df4f55a" - dependencies: - babel-code-frame "^6.16.0" - babel-messages "^6.8.0" - babel-runtime "^6.9.0" - babel-types "^6.19.0" - babylon "^6.11.0" - debug "^2.2.0" - globals "^9.0.0" - invariant "^2.2.0" - lodash "^4.2.0" - -babel-types@^6.13.0, babel-types@^6.15.0, babel-types@^6.16.0, babel-types@^6.18.0, babel-types@^6.19.0, babel-types@^6.8.0, babel-types@^6.9.0: - version "6.19.0" - resolved "https://registry.yarnpkg.com/babel-types/-/babel-types-6.19.0.tgz#8db2972dbed01f1192a8b602ba1e1e4c516240b9" - dependencies: - babel-runtime "^6.9.1" - esutils "^2.0.2" - lodash "^4.2.0" - to-fast-properties "^1.0.1" - -babylon@^6.11.0, babylon@^6.11.2: - version "6.14.1" - resolved "https://registry.yarnpkg.com/babylon/-/babylon-6.14.1.tgz#956275fab72753ad9b3435d7afe58f8bf0a29815" - -backo2@^1.0.2: - version "1.0.2" - resolved "https://registry.yarnpkg.com/backo2/-/backo2-1.0.2.tgz#31ab1ac8b129363463e35b3ebb69f4dfcfba7947" - -balanced-match@^0.4.1: - version "0.4.2" - resolved "https://registry.yarnpkg.com/balanced-match/-/balanced-match-0.4.2.tgz#cb3f3e3c732dc0f01ee70b403f302e61d7709838" - -base64-url@1.3.3: - version "1.3.3" - resolved "https://registry.yarnpkg.com/base64-url/-/base64-url-1.3.3.tgz#f8b6c537f09a4fc58c99cb86e0b0e9c61461a20f" - -base64url@2.0.0, base64url@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/base64url/-/base64url-2.0.0.tgz#eac16e03ea1438eff9423d69baa36262ed1f70bb" - -bcrypt-pbkdf@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.0.tgz#3ca76b85241c7170bf7d9703e7b9aa74630040d4" - dependencies: - tweetnacl "^0.14.3" - -bcrypt@^1.0.2: - version "1.0.2" - resolved "https://registry.yarnpkg.com/bcrypt/-/bcrypt-1.0.2.tgz#d05fc5d223173e0e28ec381c0f00cc25ffaf2736" - dependencies: - bindings "1.2.1" - nan "2.5.0" - node-pre-gyp "0.6.32" - -bin-version-check@^2.1.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/bin-version-check/-/bin-version-check-2.1.0.tgz#e4e5df290b9069f7d111324031efc13fdd11a5b0" - dependencies: - bin-version "^1.0.0" - minimist "^1.1.0" - semver "^4.0.3" - semver-truncate "^1.0.0" - -bin-version@^1.0.0: - version "1.0.4" - resolved "https://registry.yarnpkg.com/bin-version/-/bin-version-1.0.4.tgz#9eb498ee6fd76f7ab9a7c160436f89579435d78e" - dependencies: - find-versions "^1.0.0" - -binary-extensions@^1.0.0: - version "1.8.0" - resolved "https://registry.yarnpkg.com/binary-extensions/-/binary-extensions-1.8.0.tgz#48ec8d16df4377eae5fa5884682480af4d95c774" - -bindings@1.2.1: - version "1.2.1" - resolved "https://registry.yarnpkg.com/bindings/-/bindings-1.2.1.tgz#14ad6113812d2d37d72e67b4cacb4bb726505f11" - -bl@^1.0.0: - version "1.1.2" - resolved "https://registry.yarnpkg.com/bl/-/bl-1.1.2.tgz#fdca871a99713aa00d19e3bbba41c44787a65398" - dependencies: - readable-stream "~2.0.5" - -block-stream@*: - version "0.0.9" - resolved "https://registry.yarnpkg.com/block-stream/-/block-stream-0.0.9.tgz#13ebfe778a03205cfe03751481ebb4b3300c126a" - dependencies: - inherits "~2.0.0" - -body-parser@1.15.2: - version "1.15.2" - resolved "https://registry.yarnpkg.com/body-parser/-/body-parser-1.15.2.tgz#d7578cf4f1d11d5f6ea804cef35dc7a7ff6dae67" - dependencies: - bytes "2.4.0" - content-type "~1.0.2" - debug "~2.2.0" - depd "~1.1.0" - http-errors "~1.5.0" - iconv-lite "0.4.13" - on-finished "~2.3.0" - qs "6.2.0" - raw-body "~2.1.7" - type-is "~1.6.13" - -boom@2.x.x: - version "2.10.1" - resolved "https://registry.yarnpkg.com/boom/-/boom-2.10.1.tgz#39c8918ceff5799f83f9492a848f625add0c766f" - dependencies: - hoek "2.x.x" - -boom@^4.0.0: - version "4.3.0" - resolved "https://registry.yarnpkg.com/boom/-/boom-4.3.0.tgz#1ed1b4b8cd6891b602910debe33e1d511531b847" - dependencies: - hoek "4.x.x" - -brace-expansion@^1.0.0: - version "1.1.6" - resolved "https://registry.yarnpkg.com/brace-expansion/-/brace-expansion-1.1.6.tgz#7197d7eaa9b87e648390ea61fc66c84427420df9" - dependencies: - balanced-match "^0.4.1" - concat-map "0.0.1" - -braces@^1.8.2: - version "1.8.5" - resolved "https://registry.yarnpkg.com/braces/-/braces-1.8.5.tgz#ba77962e12dff969d6b76711e914b737857bf6a7" - dependencies: - expand-range "^1.8.1" - preserve "^0.2.0" - repeat-element "^1.1.2" - -browser-stdout@1.3.0: - version "1.3.0" - resolved "https://registry.yarnpkg.com/browser-stdout/-/browser-stdout-1.3.0.tgz#f351d32969d32fa5d7a5567154263d928ae3bd1f" - -bson@~1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/bson/-/bson-1.0.1.tgz#3a5addb0f2ff88bc3436e708e4bdb8637602d72d" - -buffer-crc32@~0.2.3: - version "0.2.13" - resolved "https://registry.yarnpkg.com/buffer-crc32/-/buffer-crc32-0.2.13.tgz#0d333e3f00eac50aa1454abd30ef8c2a5d9a7242" - -buffer-equal-constant-time@1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/buffer-equal-constant-time/-/buffer-equal-constant-time-1.0.1.tgz#f8e71132f7ffe6e01a5c9697a4c6f3e48d5cc819" - -buffer-shims@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/buffer-shims/-/buffer-shims-1.0.0.tgz#9978ce317388c649ad8793028c3477ef044a8b51" - -buffer-to-vinyl@^1.0.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/buffer-to-vinyl/-/buffer-to-vinyl-1.1.0.tgz#00f15faee3ab7a1dda2cde6d9121bffdd07b2262" - dependencies: - file-type "^3.1.0" - readable-stream "^2.0.2" - uuid "^2.0.1" - vinyl "^1.0.0" - -builtin-modules@^1.0.0, builtin-modules@^1.1.1: - version "1.1.1" - resolved "https://registry.yarnpkg.com/builtin-modules/-/builtin-modules-1.1.1.tgz#270f076c5a72c02f5b65a47df94c5fe3a278892f" - -bytes@2.4.0: - version "2.4.0" - resolved "https://registry.yarnpkg.com/bytes/-/bytes-2.4.0.tgz#7d97196f9d5baf7f6935e25985549edd2a6c2339" - -caller-path@^0.1.0: - version "0.1.0" - resolved "https://registry.yarnpkg.com/caller-path/-/caller-path-0.1.0.tgz#94085ef63581ecd3daa92444a8fe94e82577751f" - dependencies: - callsites "^0.2.0" - -callsites@^0.2.0: - version "0.2.0" - resolved "https://registry.yarnpkg.com/callsites/-/callsites-0.2.0.tgz#afab96262910a7f33c19a5775825c69f34e350ca" - -camelcase-keys@^2.0.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/camelcase-keys/-/camelcase-keys-2.1.0.tgz#308beeaffdf28119051efa1d932213c91b8f92e7" - dependencies: - camelcase "^2.0.0" - map-obj "^1.0.0" - -camelcase@^2.0.0, camelcase@^2.0.1: - version "2.1.1" - resolved "https://registry.yarnpkg.com/camelcase/-/camelcase-2.1.1.tgz#7c1d16d679a1bbe59ca02cacecfb011e201f5a1f" - -caseless@~0.11.0: - version "0.11.0" - resolved "https://registry.yarnpkg.com/caseless/-/caseless-0.11.0.tgz#715b96ea9841593cc33067923f5ec60ebda4f7d7" - -chai@^3.5.0: - version "3.5.0" - resolved "https://registry.yarnpkg.com/chai/-/chai-3.5.0.tgz#4d02637b067fe958bdbfdd3a40ec56fef7373247" - dependencies: - assertion-error "^1.0.1" - deep-eql "^0.1.3" - type-detect "^1.0.0" - -chalk@1.1.1: - version "1.1.1" - resolved "https://registry.yarnpkg.com/chalk/-/chalk-1.1.1.tgz#509afb67066e7499f7eb3535c77445772ae2d019" - dependencies: - ansi-styles "^2.1.0" - escape-string-regexp "^1.0.2" - has-ansi "^2.0.0" - strip-ansi "^3.0.0" - supports-color "^2.0.0" - -chalk@^1.0.0, chalk@^1.1.0, chalk@^1.1.1, chalk@^1.1.3: - version "1.1.3" - resolved "https://registry.yarnpkg.com/chalk/-/chalk-1.1.3.tgz#a8115c55e4a702fe4d150abd3872822a7e09fc98" - dependencies: - ansi-styles "^2.2.1" - escape-string-regexp "^1.0.2" - has-ansi "^2.0.0" - strip-ansi "^3.0.0" - supports-color "^2.0.0" - -chokidar@^1.0.0, chokidar@^1.4.3: - version "1.6.1" - resolved "https://registry.yarnpkg.com/chokidar/-/chokidar-1.6.1.tgz#2f4447ab5e96e50fb3d789fd90d4c72e0e4c70c2" - dependencies: - anymatch "^1.3.0" - async-each "^1.0.0" - glob-parent "^2.0.0" - inherits "^2.0.1" - is-binary-path "^1.0.0" - is-glob "^2.0.0" - path-is-absolute "^1.0.0" - readdirp "^2.0.0" - optionalDependencies: - fsevents "^1.0.0" - -circular-json@^0.3.0: - version "0.3.1" - resolved "https://registry.yarnpkg.com/circular-json/-/circular-json-0.3.1.tgz#be8b36aefccde8b3ca7aa2d6afc07a37242c0d2d" - -cli-cursor@^1.0.1: - version "1.0.2" - resolved "https://registry.yarnpkg.com/cli-cursor/-/cli-cursor-1.0.2.tgz#64da3f7d56a54412e59794bd62dc35295e8f2987" - dependencies: - restore-cursor "^1.0.1" - -cli-width@^2.0.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/cli-width/-/cli-width-2.1.0.tgz#b234ca209b29ef66fc518d9b98d5847b00edf00a" - -cliui@^3.0.3: - version "3.2.0" - resolved "https://registry.yarnpkg.com/cliui/-/cliui-3.2.0.tgz#120601537a916d29940f934da3b48d585a39213d" - dependencies: - string-width "^1.0.1" - strip-ansi "^3.0.1" - wrap-ansi "^2.0.0" - -clone-stats@^0.0.1: - version "0.0.1" - resolved "https://registry.yarnpkg.com/clone-stats/-/clone-stats-0.0.1.tgz#b88f94a82cf38b8791d58046ea4029ad88ca99d1" - -clone@^0.2.0: - version "0.2.0" - resolved "https://registry.yarnpkg.com/clone/-/clone-0.2.0.tgz#c6126a90ad4f72dbf5acdb243cc37724fe93fc1f" - -clone@^1.0.0: - version "1.0.2" - resolved "https://registry.yarnpkg.com/clone/-/clone-1.0.2.tgz#260b7a99ebb1edfe247538175f783243cb19d149" - -co@^4.6.0: - version "4.6.0" - resolved "https://registry.yarnpkg.com/co/-/co-4.6.0.tgz#6ea6bdf3d853ae54ccb8e47bfa0bf3f9031fb184" - -code-point-at@^1.0.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/code-point-at/-/code-point-at-1.1.0.tgz#0d070b4d043a5bea33a2f1a40e2edb3d9a4ccf77" - -combined-stream@^1.0.5, combined-stream@~1.0.5: - version "1.0.5" - resolved "https://registry.yarnpkg.com/combined-stream/-/combined-stream-1.0.5.tgz#938370a57b4a51dea2c77c15d5c5fdf895164009" - dependencies: - delayed-stream "~1.0.0" - -commander@2.9.0, commander@^2.8.1, commander@^2.9.0: - version "2.9.0" - resolved "https://registry.yarnpkg.com/commander/-/commander-2.9.0.tgz#9c99094176e12240cb22d6c5146098400fe0f7d4" - dependencies: - graceful-readlink ">= 1.0.0" - -commander@~2.8.1: - version "2.8.1" - resolved "https://registry.yarnpkg.com/commander/-/commander-2.8.1.tgz#06be367febfda0c330aa1e2a072d3dc9762425d4" - dependencies: - graceful-readlink ">= 1.0.0" - -concat-map@0.0.1: - version "0.0.1" - resolved "https://registry.yarnpkg.com/concat-map/-/concat-map-0.0.1.tgz#d8a96bd77fd68df7793a73036a3ba0d5405d477b" - -concat-stream@^1.4.6, concat-stream@^1.4.7: - version "1.5.2" - resolved "https://registry.yarnpkg.com/concat-stream/-/concat-stream-1.5.2.tgz#708978624d856af41a5a741defdd261da752c266" - dependencies: - inherits "~2.0.1" - readable-stream "~2.0.0" - typedarray "~0.0.5" - -configstore@^1.0.0: - version "1.4.0" - resolved "https://registry.yarnpkg.com/configstore/-/configstore-1.4.0.tgz#c35781d0501d268c25c54b8b17f6240e8a4fb021" - dependencies: - graceful-fs "^4.1.2" - mkdirp "^0.5.0" - object-assign "^4.0.1" - os-tmpdir "^1.0.0" - osenv "^0.1.0" - uuid "^2.0.1" - write-file-atomic "^1.1.2" - xdg-basedir "^2.0.0" - -console-control-strings@^1.0.0, console-control-strings@~1.1.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/console-control-strings/-/console-control-strings-1.1.0.tgz#3d7cf4464db6446ea644bf4b39507f9851008e8e" - -contains-path@^0.1.0: - version "0.1.0" - resolved "https://registry.yarnpkg.com/contains-path/-/contains-path-0.1.0.tgz#fe8cf184ff6670b6baef01a9d4861a5cbec4120a" - -content-disposition@0.5.1: - version "0.5.1" - resolved "https://registry.yarnpkg.com/content-disposition/-/content-disposition-0.5.1.tgz#87476c6a67c8daa87e32e87616df883ba7fb071b" - -content-type@~1.0.2: - version "1.0.2" - resolved "https://registry.yarnpkg.com/content-type/-/content-type-1.0.2.tgz#b7d113aee7a8dd27bd21133c4dc2529df1721eed" - -convert-source-map@^1.1.0, convert-source-map@^1.1.1: - version "1.3.0" - resolved "https://registry.yarnpkg.com/convert-source-map/-/convert-source-map-1.3.0.tgz#e9f3e9c6e2728efc2676696a70eb382f73106a67" - -cookie-signature@1.0.6: - version "1.0.6" - resolved "https://registry.yarnpkg.com/cookie-signature/-/cookie-signature-1.0.6.tgz#e303a882b342cc3ee8ca513a79999734dab3ae2c" - -cookie@0.3.1: - version "0.3.1" - resolved "https://registry.yarnpkg.com/cookie/-/cookie-0.3.1.tgz#e7e0a1f9ef43b4c8ba925c5c5a96e806d16873bb" - -core-js@^2.4.0: - version "2.4.1" - resolved "https://registry.yarnpkg.com/core-js/-/core-js-2.4.1.tgz#4de911e667b0eae9124e34254b53aea6fc618d3e" - -core-util-is@~1.0.0: - version "1.0.2" - resolved "https://registry.yarnpkg.com/core-util-is/-/core-util-is-1.0.2.tgz#b5fd54220aa2bc5ab57aab7140c940754503c1a7" - -cors: - version "2.8.1" - resolved "https://registry.yarnpkg.com/cors/-/cors-2.8.1.tgz#6181aa56abb45a2825be3304703747ae4e9d2383" - dependencies: - vary "^1" - -crc@3.4.0: - version "3.4.0" - resolved "https://registry.yarnpkg.com/crc/-/crc-3.4.0.tgz#4258e351613a74ef1153dfcb05e820c3e9715d7f" - -cryptiles@2.x.x: - version "2.0.5" - resolved "https://registry.yarnpkg.com/cryptiles/-/cryptiles-2.0.5.tgz#3bdfecdc608147c1c67202fa291e7dca59eaa3b8" - dependencies: - boom "2.x.x" - -currently-unhandled@^0.4.1: - version "0.4.1" - resolved "https://registry.yarnpkg.com/currently-unhandled/-/currently-unhandled-0.4.1.tgz#988df33feab191ef799a61369dd76c17adf957ea" - dependencies: - array-find-index "^1.0.1" - -d@^0.1.1, d@~0.1.1: - version "0.1.1" - resolved "https://registry.yarnpkg.com/d/-/d-0.1.1.tgz#da184c535d18d8ee7ba2aa229b914009fae11309" - dependencies: - es5-ext "~0.10.2" - -damerau-levenshtein@^1.0.0: - version "1.0.3" - resolved "https://registry.yarnpkg.com/damerau-levenshtein/-/damerau-levenshtein-1.0.3.tgz#ae4f4ce0b62acae10ff63a01bb08f652f5213af2" - -dashdash@^1.12.0: - version "1.14.1" - resolved "https://registry.yarnpkg.com/dashdash/-/dashdash-1.14.1.tgz#853cfa0f7cbe2fed5de20326b8dd581035f6e2f0" - dependencies: - assert-plus "^1.0.0" - -dataloader@^1.2.0: - version "1.2.0" - resolved "https://registry.yarnpkg.com/dataloader/-/dataloader-1.2.0.tgz#3f73ea657c492c860c1633348adc55ca9bf2107e" - -debug@2, debug@2.2.0, debug@^2.1.1, debug@^2.2.0, debug@~2.2.0: - version "2.2.0" - resolved "https://registry.yarnpkg.com/debug/-/debug-2.2.0.tgz#f87057e995b1a1f6ae6a4960664137bc56f039da" - dependencies: - ms "0.7.1" - -decamelize@^1.1.1, decamelize@^1.1.2: - version "1.2.0" - resolved "https://registry.yarnpkg.com/decamelize/-/decamelize-1.2.0.tgz#f6534d15148269b20352e7bee26f501f9a191290" - -decompress-tar@^3.0.0: - version "3.1.0" - resolved "https://registry.yarnpkg.com/decompress-tar/-/decompress-tar-3.1.0.tgz#217c789f9b94450efaadc5c5e537978fc333c466" - dependencies: - is-tar "^1.0.0" - object-assign "^2.0.0" - strip-dirs "^1.0.0" - tar-stream "^1.1.1" - through2 "^0.6.1" - vinyl "^0.4.3" - -decompress-tarbz2@^3.0.0: - version "3.1.0" - resolved "https://registry.yarnpkg.com/decompress-tarbz2/-/decompress-tarbz2-3.1.0.tgz#8b23935681355f9f189d87256a0f8bdd96d9666d" - dependencies: - is-bzip2 "^1.0.0" - object-assign "^2.0.0" - seek-bzip "^1.0.3" - strip-dirs "^1.0.0" - tar-stream "^1.1.1" - through2 "^0.6.1" - vinyl "^0.4.3" - -decompress-targz@^3.0.0: - version "3.1.0" - resolved "https://registry.yarnpkg.com/decompress-targz/-/decompress-targz-3.1.0.tgz#b2c13df98166268991b715d6447f642e9696f5a0" - dependencies: - is-gzip "^1.0.0" - object-assign "^2.0.0" - strip-dirs "^1.0.0" - tar-stream "^1.1.1" - through2 "^0.6.1" - vinyl "^0.4.3" - -decompress-unzip@^3.0.0: - version "3.4.0" - resolved "https://registry.yarnpkg.com/decompress-unzip/-/decompress-unzip-3.4.0.tgz#61475b4152066bbe3fee12f9d629d15fe6478eeb" - dependencies: - is-zip "^1.0.0" - read-all-stream "^3.0.0" - stat-mode "^0.2.0" - strip-dirs "^1.0.0" - through2 "^2.0.0" - vinyl "^1.0.0" - yauzl "^2.2.1" - -decompress@^3.0.0: - version "3.0.0" - resolved "https://registry.yarnpkg.com/decompress/-/decompress-3.0.0.tgz#af1dd50d06e3bfc432461d37de11b38c0d991bed" - dependencies: - buffer-to-vinyl "^1.0.0" - concat-stream "^1.4.6" - decompress-tar "^3.0.0" - decompress-tarbz2 "^3.0.0" - decompress-targz "^3.0.0" - decompress-unzip "^3.0.0" - stream-combiner2 "^1.1.1" - vinyl-assign "^1.0.1" - vinyl-fs "^2.2.0" - -deep-eql@^0.1.3: - version "0.1.3" - resolved "https://registry.yarnpkg.com/deep-eql/-/deep-eql-0.1.3.tgz#ef558acab8de25206cd713906d74e56930eb69f2" - dependencies: - type-detect "0.1.1" - -deep-extend@~0.4.0: - version "0.4.1" - resolved "https://registry.yarnpkg.com/deep-extend/-/deep-extend-0.4.1.tgz#efe4113d08085f4e6f9687759810f807469e2253" - -deep-is@~0.1.3: - version "0.1.3" - resolved "https://registry.yarnpkg.com/deep-is/-/deep-is-0.1.3.tgz#b369d6fb5dbc13eecf524f91b070feedc357cf34" - -del@^2.0.2: - version "2.2.2" - resolved "https://registry.yarnpkg.com/del/-/del-2.2.2.tgz#c12c981d067846c84bcaf862cff930d907ffd1a8" - dependencies: - globby "^5.0.0" - is-path-cwd "^1.0.0" - is-path-in-cwd "^1.0.0" - object-assign "^4.0.1" - pify "^2.0.0" - pinkie-promise "^2.0.0" - rimraf "^2.2.8" - -delayed-stream@~1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/delayed-stream/-/delayed-stream-1.0.0.tgz#df3ae199acadfb7d440aaae0b29e2272b24ec619" - -delegates@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/delegates/-/delegates-1.0.0.tgz#84c6e159b81904fdca59a0ef44cd870d31250f9a" - -denodeify@^1.2.1: - version "1.2.1" - resolved "https://registry.yarnpkg.com/denodeify/-/denodeify-1.2.1.tgz#3a36287f5034e699e7577901052c2e6c94251631" - -depd@~1.1.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/depd/-/depd-1.1.0.tgz#e1bd82c6aab6ced965b97b88b17ed3e528ca18c3" - -deprecated-decorator@^0.1.6: - version "0.1.6" - resolved "https://registry.yarnpkg.com/deprecated-decorator/-/deprecated-decorator-0.1.6.tgz#00966317b7a12fe92f3cc831f7583af329b86c37" - -destroy@~1.0.4: - version "1.0.4" - resolved "https://registry.yarnpkg.com/destroy/-/destroy-1.0.4.tgz#978857442c44749e4206613e37946205826abd80" - -detect-indent@^4.0.0: - version "4.0.0" - resolved "https://registry.yarnpkg.com/detect-indent/-/detect-indent-4.0.0.tgz#f76d064352cdf43a1cb6ce619c4ee3a9475de208" - dependencies: - repeating "^2.0.0" - -diff@1.4.0: - version "1.4.0" - resolved "https://registry.yarnpkg.com/diff/-/diff-1.4.0.tgz#7f28d2eb9ee7b15a97efd89ce63dcfdaa3ccbabf" - -doctrine@1.3.x: - version "1.3.0" - resolved "https://registry.yarnpkg.com/doctrine/-/doctrine-1.3.0.tgz#13e75682b55518424276f7c173783456ef913d26" - dependencies: - esutils "^2.0.2" - isarray "^1.0.0" - -doctrine@^1.2.2: - version "1.5.0" - resolved "https://registry.yarnpkg.com/doctrine/-/doctrine-1.5.0.tgz#379dce730f6166f76cefa4e6707a159b02c5a6fa" - dependencies: - esutils "^2.0.2" - isarray "^1.0.0" - -dotenv@2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/dotenv/-/dotenv-2.0.0.tgz#bd759c357aaa70365e01c96b7b0bec08a6e0d949" - -duplexer2@~0.1.0: - version "0.1.4" - resolved "https://registry.yarnpkg.com/duplexer2/-/duplexer2-0.1.4.tgz#8b12dab878c0d69e3e7891051662a32fc6bddcc1" - dependencies: - readable-stream "^2.0.2" - -duplexer@~0.1.1: - version "0.1.1" - resolved "https://registry.yarnpkg.com/duplexer/-/duplexer-0.1.1.tgz#ace6ff808c1ce66b57d1ebf97977acb02334cfc1" - -duplexify@^3.2.0: - version "3.5.0" - resolved "https://registry.yarnpkg.com/duplexify/-/duplexify-3.5.0.tgz#1aa773002e1578457e9d9d4a50b0ccaaebcbd604" - dependencies: - end-of-stream "1.0.0" - inherits "^2.0.1" - readable-stream "^2.0.0" - stream-shift "^1.0.0" - -ecc-jsbn@~0.1.1: - version "0.1.1" - resolved "https://registry.yarnpkg.com/ecc-jsbn/-/ecc-jsbn-0.1.1.tgz#0fc73a9ed5f0d53c38193398523ef7e543777505" - dependencies: - jsbn "~0.1.0" - -ecdsa-sig-formatter@1.0.9: - version "1.0.9" - resolved "https://registry.yarnpkg.com/ecdsa-sig-formatter/-/ecdsa-sig-formatter-1.0.9.tgz#4bc926274ec3b5abb5016e7e1d60921ac262b2a1" - dependencies: - base64url "^2.0.0" - safe-buffer "^5.0.1" - -ee-first@1.1.1: - version "1.1.1" - resolved "https://registry.yarnpkg.com/ee-first/-/ee-first-1.1.1.tgz#590c61156b0ae2f4f0255732a158b266bc56b21d" - -encodeurl@~1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/encodeurl/-/encodeurl-1.0.1.tgz#79e3d58655346909fe6f0f45a5de68103b294d20" - -encoding@^0.1.11: - version "0.1.12" - resolved "https://registry.yarnpkg.com/encoding/-/encoding-0.1.12.tgz#538b66f3ee62cd1ab51ec323829d1f9480c74beb" - dependencies: - iconv-lite "~0.4.13" - -end-of-stream@1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/end-of-stream/-/end-of-stream-1.0.0.tgz#d4596e702734a93e40e9af864319eabd99ff2f0e" - dependencies: - once "~1.3.0" - -end-of-stream@^1.0.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/end-of-stream/-/end-of-stream-1.1.0.tgz#e9353258baa9108965efc41cb0ef8ade2f3cfb07" - dependencies: - once "~1.3.0" - -error-ex@^1.2.0: - version "1.3.0" - resolved "https://registry.yarnpkg.com/error-ex/-/error-ex-1.3.0.tgz#e67b43f3e82c96ea3a584ffee0b9fc3325d802d9" - dependencies: - is-arrayish "^0.2.1" - -es5-ext@^0.10.7, es5-ext@^0.10.8, es5-ext@~0.10.11, es5-ext@~0.10.2, es5-ext@~0.10.7: - version "0.10.12" - resolved "https://registry.yarnpkg.com/es5-ext/-/es5-ext-0.10.12.tgz#aa84641d4db76b62abba5e45fd805ecbab140047" - dependencies: - es6-iterator "2" - es6-symbol "~3.1" - -es6-iterator@2: - version "2.0.0" - resolved "https://registry.yarnpkg.com/es6-iterator/-/es6-iterator-2.0.0.tgz#bd968567d61635e33c0b80727613c9cb4b096bac" - dependencies: - d "^0.1.1" - es5-ext "^0.10.7" - es6-symbol "3" - -es6-map@^0.1.3: - version "0.1.4" - resolved "https://registry.yarnpkg.com/es6-map/-/es6-map-0.1.4.tgz#a34b147be224773a4d7da8072794cefa3632b897" - dependencies: - d "~0.1.1" - es5-ext "~0.10.11" - es6-iterator "2" - es6-set "~0.1.3" - es6-symbol "~3.1.0" - event-emitter "~0.3.4" - -es6-promise@3.2.1: - version "3.2.1" - resolved "https://registry.yarnpkg.com/es6-promise/-/es6-promise-3.2.1.tgz#ec56233868032909207170c39448e24449dd1fc4" - -es6-promise@^3.0.2, es6-promise@^3.2.1: - version "3.3.1" - resolved "https://registry.yarnpkg.com/es6-promise/-/es6-promise-3.3.1.tgz#a08cdde84ccdbf34d027a1451bc91d4bcd28a613" - -es6-set@~0.1.3: - version "0.1.4" - resolved "https://registry.yarnpkg.com/es6-set/-/es6-set-0.1.4.tgz#9516b6761c2964b92ff479456233a247dc707ce8" - dependencies: - d "~0.1.1" - es5-ext "~0.10.11" - es6-iterator "2" - es6-symbol "3" - event-emitter "~0.3.4" - -es6-symbol@3, es6-symbol@~3.1, es6-symbol@~3.1.0: - version "3.1.0" - resolved "https://registry.yarnpkg.com/es6-symbol/-/es6-symbol-3.1.0.tgz#94481c655e7a7cad82eba832d97d5433496d7ffa" - dependencies: - d "~0.1.1" - es5-ext "~0.10.11" - -es6-weak-map@^2.0.1: - version "2.0.1" - resolved "https://registry.yarnpkg.com/es6-weak-map/-/es6-weak-map-2.0.1.tgz#0d2bbd8827eb5fb4ba8f97fbfea50d43db21ea81" - dependencies: - d "^0.1.1" - es5-ext "^0.10.8" - es6-iterator "2" - es6-symbol "3" - -escape-html@~1.0.3: - version "1.0.3" - resolved "https://registry.yarnpkg.com/escape-html/-/escape-html-1.0.3.tgz#0258eae4d3d0c0974de1c169188ef0051d1d1988" - -escape-string-regexp@1.0.5, escape-string-regexp@^1.0.2, escape-string-regexp@^1.0.5: - version "1.0.5" - resolved "https://registry.yarnpkg.com/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz#1b61c0562190a8dff6ae3bb2cf0200ca130b86d4" - -escope@^3.6.0: - version "3.6.0" - resolved "https://registry.yarnpkg.com/escope/-/escope-3.6.0.tgz#e01975e812781a163a6dadfdd80398dc64c889c3" - dependencies: - es6-map "^0.1.3" - es6-weak-map "^2.0.1" - esrecurse "^4.1.0" - estraverse "^4.1.1" - -eslint-config-react-app@^0.4.0: - version "0.4.0" - resolved "https://registry.yarnpkg.com/eslint-config-react-app/-/eslint-config-react-app-0.4.0.tgz#7f87bfd2a35ed7aa17860b6b002b4197fea385d0" - -eslint-import-resolver-node@^0.2.0: - version "0.2.3" - resolved "https://registry.yarnpkg.com/eslint-import-resolver-node/-/eslint-import-resolver-node-0.2.3.tgz#5add8106e8c928db2cba232bcd9efa846e3da16c" - dependencies: - debug "^2.2.0" - object-assign "^4.0.1" - resolve "^1.1.6" - -eslint-module-utils@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/eslint-module-utils/-/eslint-module-utils-1.0.0.tgz#c4a57fd3a53efd8426cc2d5550aadab9bbd05fd0" - dependencies: - debug "2.2.0" - pkg-dir "^1.0.0" - -eslint-plugin-babel@3.3.0: - version "3.3.0" - resolved "https://registry.yarnpkg.com/eslint-plugin-babel/-/eslint-plugin-babel-3.3.0.tgz#2f494aedcf6f4aa4e75b9155980837bc1fbde193" - -eslint-plugin-flowtype@2.21.0: - version "2.21.0" - resolved "https://registry.yarnpkg.com/eslint-plugin-flowtype/-/eslint-plugin-flowtype-2.21.0.tgz#a47e85abcdd181d37a336054bd552149ae387d9c" - dependencies: - lodash "^4.15.0" - -eslint-plugin-import@2.0.1: - version "2.0.1" - resolved "https://registry.yarnpkg.com/eslint-plugin-import/-/eslint-plugin-import-2.0.1.tgz#dcfe96357d476b3f822570d42c29bec66f5d9c5c" - dependencies: - builtin-modules "^1.1.1" - contains-path "^0.1.0" - debug "^2.2.0" - doctrine "1.3.x" - eslint-import-resolver-node "^0.2.0" - eslint-module-utils "^1.0.0" - has "^1.0.1" - lodash.cond "^4.3.0" - minimatch "^3.0.3" - pkg-up "^1.0.0" - -eslint-plugin-jsx-a11y@2.2.3: - version "2.2.3" - resolved "https://registry.yarnpkg.com/eslint-plugin-jsx-a11y/-/eslint-plugin-jsx-a11y-2.2.3.tgz#4e35cb71b8a7db702ac415c806eb8e8d9ea6c65d" - dependencies: - damerau-levenshtein "^1.0.0" - jsx-ast-utils "^1.0.0" - object-assign "^4.0.1" - -eslint-plugin-react@6.4.1: - version "6.4.1" - resolved "https://registry.yarnpkg.com/eslint-plugin-react/-/eslint-plugin-react-6.4.1.tgz#7d1aade747db15892f71eee1fea4addf97bcfa2b" - dependencies: - doctrine "^1.2.2" - jsx-ast-utils "^1.3.1" - -eslint@3.8.1: - version "3.8.1" - resolved "https://registry.yarnpkg.com/eslint/-/eslint-3.8.1.tgz#7d02db44cd5aaf4fa7aa489e1f083baa454342ba" - dependencies: - chalk "^1.1.3" - concat-stream "^1.4.6" - debug "^2.1.1" - doctrine "^1.2.2" - escope "^3.6.0" - espree "^3.3.1" - estraverse "^4.2.0" - esutils "^2.0.2" - file-entry-cache "^2.0.0" - glob "^7.0.3" - globals "^9.2.0" - ignore "^3.1.5" - imurmurhash "^0.1.4" - inquirer "^0.12.0" - is-my-json-valid "^2.10.0" - is-resolvable "^1.0.0" - js-yaml "^3.5.1" - json-stable-stringify "^1.0.0" - levn "^0.3.0" - lodash "^4.0.0" - mkdirp "^0.5.0" - natural-compare "^1.4.0" - optionator "^0.8.2" - path-is-inside "^1.0.1" - pluralize "^1.2.1" - progress "^1.1.8" - require-uncached "^1.0.2" - shelljs "^0.6.0" - strip-bom "^3.0.0" - strip-json-comments "~1.0.1" - table "^3.7.8" - text-table "~0.2.0" - user-home "^2.0.0" - -espree@^3.3.1: - version "3.3.2" - resolved "https://registry.yarnpkg.com/espree/-/espree-3.3.2.tgz#dbf3fadeb4ecb4d4778303e50103b3d36c88b89c" - dependencies: - acorn "^4.0.1" - acorn-jsx "^3.0.0" - -esprima@^2.6.0: - version "2.7.3" - resolved "https://registry.yarnpkg.com/esprima/-/esprima-2.7.3.tgz#96e3b70d5779f6ad49cd032673d1c312767ba581" - -esrecurse@^4.1.0: - version "4.1.0" - resolved "https://registry.yarnpkg.com/esrecurse/-/esrecurse-4.1.0.tgz#4713b6536adf7f2ac4f327d559e7756bff648220" - dependencies: - estraverse "~4.1.0" - object-assign "^4.0.1" - -estraverse@^4.1.1, estraverse@^4.2.0: - version "4.2.0" - resolved "https://registry.yarnpkg.com/estraverse/-/estraverse-4.2.0.tgz#0dee3fed31fcd469618ce7342099fc1afa0bdb13" - -estraverse@~4.1.0: - version "4.1.1" - resolved "https://registry.yarnpkg.com/estraverse/-/estraverse-4.1.1.tgz#f6caca728933a850ef90661d0e17982ba47111a2" - -esutils@^2.0.0, esutils@^2.0.2: - version "2.0.2" - resolved "https://registry.yarnpkg.com/esutils/-/esutils-2.0.2.tgz#0abf4f1caa5bcb1f7a9d8acc6dea4faaa04bac9b" - -etag@~1.7.0: - version "1.7.0" - resolved "https://registry.yarnpkg.com/etag/-/etag-1.7.0.tgz#03d30b5f67dd6e632d2945d30d6652731a34d5d8" - -event-emitter@~0.3.4: - version "0.3.4" - resolved "https://registry.yarnpkg.com/event-emitter/-/event-emitter-0.3.4.tgz#8d63ddfb4cfe1fae3b32ca265c4c720222080bb5" - dependencies: - d "~0.1.1" - es5-ext "~0.10.7" - -event-stream@~3.3.0: - version "3.3.4" - resolved "https://registry.yarnpkg.com/event-stream/-/event-stream-3.3.4.tgz#4ab4c9a0f5a54db9338b4c34d86bfce8f4b35571" - dependencies: - duplexer "~0.1.1" - from "~0" - map-stream "~0.1.0" - pause-stream "0.0.11" - split "0.3" - stream-combiner "~0.0.4" - through "~2.3.1" - -exit-hook@^1.0.0: - version "1.1.1" - resolved "https://registry.yarnpkg.com/exit-hook/-/exit-hook-1.1.1.tgz#f05ca233b48c05d54fff07765df8507e95c02ff8" - -expand-brackets@^0.1.4: - version "0.1.5" - resolved "https://registry.yarnpkg.com/expand-brackets/-/expand-brackets-0.1.5.tgz#df07284e342a807cd733ac5af72411e581d1177b" - dependencies: - is-posix-bracket "^0.1.0" - -expand-range@^1.8.1: - version "1.8.2" - resolved "https://registry.yarnpkg.com/expand-range/-/expand-range-1.8.2.tgz#a299effd335fe2721ebae8e257ec79644fc85337" - dependencies: - fill-range "^2.1.0" - -express-session@1.14.1: - version "1.14.1" - resolved "https://registry.yarnpkg.com/express-session/-/express-session-1.14.1.tgz#600364f0f6bf5dce32649e006770bdeee80aec99" - dependencies: - cookie "0.3.1" - cookie-signature "1.0.6" - crc "3.4.0" - debug "~2.2.0" - depd "~1.1.0" - on-headers "~1.0.1" - parseurl "~1.3.1" - uid-safe "~2.1.2" - utils-merge "1.0.0" - -express@4.14.0: - version "4.14.0" - resolved "https://registry.yarnpkg.com/express/-/express-4.14.0.tgz#c1ee3f42cdc891fb3dc650a8922d51ec847d0d66" - dependencies: - accepts "~1.3.3" - array-flatten "1.1.1" - content-disposition "0.5.1" - content-type "~1.0.2" - cookie "0.3.1" - cookie-signature "1.0.6" - debug "~2.2.0" - depd "~1.1.0" - encodeurl "~1.0.1" - escape-html "~1.0.3" - etag "~1.7.0" - finalhandler "0.5.0" - fresh "0.3.0" - merge-descriptors "1.0.1" - methods "~1.1.2" - on-finished "~2.3.0" - parseurl "~1.3.1" - path-to-regexp "0.1.7" - proxy-addr "~1.1.2" - qs "6.2.0" - range-parser "~1.2.0" - send "0.14.1" - serve-static "~1.11.1" - type-is "~1.6.13" - utils-merge "1.0.0" - vary "~1.1.0" - -extend-shallow@^2.0.1: - version "2.0.1" - resolved "https://registry.yarnpkg.com/extend-shallow/-/extend-shallow-2.0.1.tgz#51af7d614ad9a9f610ea1bafbb989d6b1c56890f" - dependencies: - is-extendable "^0.1.0" - -extend@3, extend@^3.0.0, extend@~3.0.0: - version "3.0.0" - resolved "https://registry.yarnpkg.com/extend/-/extend-3.0.0.tgz#5a474353b9f3353ddd8176dfd37b91c83a46f1d4" - -extglob@^0.3.1: - version "0.3.2" - resolved "https://registry.yarnpkg.com/extglob/-/extglob-0.3.2.tgz#2e18ff3d2f49ab2765cec9023f011daa8d8349a1" - dependencies: - is-extglob "^1.0.0" - -extsprintf@1.0.2: - version "1.0.2" - resolved "https://registry.yarnpkg.com/extsprintf/-/extsprintf-1.0.2.tgz#e1080e0658e300b06294990cc70e1502235fd550" - -fast-levenshtein@~2.0.4: - version "2.0.5" - resolved "https://registry.yarnpkg.com/fast-levenshtein/-/fast-levenshtein-2.0.5.tgz#bd33145744519ab1c36c3ee9f31f08e9079b67f2" - -fd-slicer@~1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/fd-slicer/-/fd-slicer-1.0.1.tgz#8b5bcbd9ec327c5041bf9ab023fd6750f1177e65" - dependencies: - pend "~1.2.0" - -figures@^1.3.5: - version "1.7.0" - resolved "https://registry.yarnpkg.com/figures/-/figures-1.7.0.tgz#cbe1e3affcf1cd44b80cadfed28dc793a9701d2e" - dependencies: - escape-string-regexp "^1.0.5" - object-assign "^4.1.0" - -file-entry-cache@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/file-entry-cache/-/file-entry-cache-2.0.0.tgz#c392990c3e684783d838b8c84a45d8a048458361" - dependencies: - flat-cache "^1.2.1" - object-assign "^4.0.1" - -file-type@^3.1.0: - version "3.9.0" - resolved "https://registry.yarnpkg.com/file-type/-/file-type-3.9.0.tgz#257a078384d1db8087bc449d107d52a52672b9e9" - -filename-regex@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/filename-regex/-/filename-regex-2.0.0.tgz#996e3e80479b98b9897f15a8a58b3d084e926775" - -fill-range@^2.1.0: - version "2.2.3" - resolved "https://registry.yarnpkg.com/fill-range/-/fill-range-2.2.3.tgz#50b77dfd7e469bc7492470963699fe7a8485a723" - dependencies: - is-number "^2.1.0" - isobject "^2.0.0" - randomatic "^1.1.3" - repeat-element "^1.1.2" - repeat-string "^1.5.2" - -finalhandler@0.5.0: - version "0.5.0" - resolved "https://registry.yarnpkg.com/finalhandler/-/finalhandler-0.5.0.tgz#e9508abece9b6dba871a6942a1d7911b91911ac7" - dependencies: - debug "~2.2.0" - escape-html "~1.0.3" - on-finished "~2.3.0" - statuses "~1.3.0" - unpipe "~1.0.0" - -find-up@^1.0.0: - version "1.1.2" - resolved "https://registry.yarnpkg.com/find-up/-/find-up-1.1.2.tgz#6b2e9822b1a2ce0a60ab64d610eccad53cb24d0f" - dependencies: - path-exists "^2.0.0" - pinkie-promise "^2.0.0" - -find-versions@^1.0.0: - version "1.2.1" - resolved "https://registry.yarnpkg.com/find-versions/-/find-versions-1.2.1.tgz#cbde9f12e38575a0af1be1b9a2c5d5fd8f186b62" - dependencies: - array-uniq "^1.0.0" - get-stdin "^4.0.1" - meow "^3.5.0" - semver-regex "^1.0.0" - -first-chunk-stream@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/first-chunk-stream/-/first-chunk-stream-1.0.0.tgz#59bfb50cd905f60d7c394cd3d9acaab4e6ad934e" - -flat-cache@^1.2.1: - version "1.2.1" - resolved "https://registry.yarnpkg.com/flat-cache/-/flat-cache-1.2.1.tgz#6c837d6225a7de5659323740b36d5361f71691ff" - dependencies: - circular-json "^0.3.0" - del "^2.0.2" - graceful-fs "^4.1.2" - write "^0.2.1" - -for-in@^0.1.5: - version "0.1.6" - resolved "https://registry.yarnpkg.com/for-in/-/for-in-0.1.6.tgz#c9f96e89bfad18a545af5ec3ed352a1d9e5b4dc8" - -for-own@^0.1.4: - version "0.1.4" - resolved "https://registry.yarnpkg.com/for-own/-/for-own-0.1.4.tgz#0149b41a39088c7515f51ebe1c1386d45f935072" - dependencies: - for-in "^0.1.5" - -forever-agent@~0.6.1: - version "0.6.1" - resolved "https://registry.yarnpkg.com/forever-agent/-/forever-agent-0.6.1.tgz#fbc71f0c41adeb37f96c577ad1ed42d8fdacca91" - -form-data@~2.1.1: - version "2.1.2" - resolved "https://registry.yarnpkg.com/form-data/-/form-data-2.1.2.tgz#89c3534008b97eada4cbb157d58f6f5df025eae4" - dependencies: - asynckit "^0.4.0" - combined-stream "^1.0.5" - mime-types "^2.1.12" - -forwarded@~0.1.0: - version "0.1.0" - resolved "https://registry.yarnpkg.com/forwarded/-/forwarded-0.1.0.tgz#19ef9874c4ae1c297bcf078fde63a09b66a84363" - -fresh@0.3.0: - version "0.3.0" - resolved "https://registry.yarnpkg.com/fresh/-/fresh-0.3.0.tgz#651f838e22424e7566de161d8358caa199f83d4f" - -from@~0: - version "0.1.3" - resolved "https://registry.yarnpkg.com/from/-/from-0.1.3.tgz#ef63ac2062ac32acf7862e0d40b44b896f22f3bc" - -fs-readdir-recursive@^0.1.0: - version "0.1.2" - resolved "https://registry.yarnpkg.com/fs-readdir-recursive/-/fs-readdir-recursive-0.1.2.tgz#315b4fb8c1ca5b8c47defef319d073dad3568059" - -fs.realpath@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/fs.realpath/-/fs.realpath-1.0.0.tgz#1504ad2523158caa40db4a2787cb01411994ea4f" - -fsevents@^1.0.0: - version "1.0.15" - resolved "https://registry.yarnpkg.com/fsevents/-/fsevents-1.0.15.tgz#fa63f590f3c2ad91275e4972a6cea545fb0aae44" - dependencies: - nan "^2.3.0" - node-pre-gyp "^0.6.29" - -fstream-ignore@~1.0.5: - version "1.0.5" - resolved "https://registry.yarnpkg.com/fstream-ignore/-/fstream-ignore-1.0.5.tgz#9c31dae34767018fe1d249b24dada67d092da105" - dependencies: - fstream "^1.0.0" - inherits "2" - minimatch "^3.0.0" - -fstream@^1.0.0, fstream@^1.0.2, fstream@~1.0.10: - version "1.0.10" - resolved "https://registry.yarnpkg.com/fstream/-/fstream-1.0.10.tgz#604e8a92fe26ffd9f6fae30399d4984e1ab22822" - dependencies: - graceful-fs "^4.1.2" - inherits "~2.0.0" - mkdirp ">=0.5 0" - rimraf "2" - -function-bind@^1.0.2: - version "1.1.0" - resolved "https://registry.yarnpkg.com/function-bind/-/function-bind-1.1.0.tgz#16176714c801798e4e8f2cf7f7529467bb4a5771" - -gauge@~2.7.1: - version "2.7.2" - resolved "https://registry.yarnpkg.com/gauge/-/gauge-2.7.2.tgz#15cecc31b02d05345a5d6b0e171cdb3ad2307774" - dependencies: - aproba "^1.0.3" - console-control-strings "^1.0.0" - has-unicode "^2.0.0" - object-assign "^4.1.0" - signal-exit "^3.0.0" - string-width "^1.0.1" - strip-ansi "^3.0.1" - supports-color "^0.2.0" - wide-align "^1.1.0" - -generate-function@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/generate-function/-/generate-function-2.0.0.tgz#6858fe7c0969b7d4e9093337647ac79f60dfbe74" - -generate-object-property@^1.1.0: - version "1.2.0" - resolved "https://registry.yarnpkg.com/generate-object-property/-/generate-object-property-1.2.0.tgz#9c0e1c40308ce804f4783618b937fa88f99d50d0" - dependencies: - is-property "^1.0.0" - -get-stdin@^4.0.1: - version "4.0.1" - resolved "https://registry.yarnpkg.com/get-stdin/-/get-stdin-4.0.1.tgz#b968c6b0a04384324902e8bf1a5df32579a450fe" - -getos@^2.7.0: - version "2.8.2" - resolved "https://registry.yarnpkg.com/getos/-/getos-2.8.2.tgz#365e7e3b2cf74cb85ebb6d1d8c76633580cee534" - dependencies: - async "2.0.1" - -getpass@^0.1.1: - version "0.1.6" - resolved "https://registry.yarnpkg.com/getpass/-/getpass-0.1.6.tgz#283ffd9fc1256840875311c1b60e8c40187110e6" - dependencies: - assert-plus "^1.0.0" - -glob-base@^0.3.0: - version "0.3.0" - resolved "https://registry.yarnpkg.com/glob-base/-/glob-base-0.3.0.tgz#dbb164f6221b1c0b1ccf82aea328b497df0ea3c4" - dependencies: - glob-parent "^2.0.0" - is-glob "^2.0.0" - -glob-parent@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/glob-parent/-/glob-parent-2.0.0.tgz#81383d72db054fcccf5336daa902f182f6edbb28" - dependencies: - is-glob "^2.0.0" - -glob-parent@^3.0.0: - version "3.0.1" - resolved "https://registry.yarnpkg.com/glob-parent/-/glob-parent-3.0.1.tgz#60021327cc963ddc3b5f085764f500479ecd82ff" - dependencies: - is-glob "^3.1.0" - path-dirname "^1.0.0" - -glob-stream@^5.3.2: - version "5.3.5" - resolved "https://registry.yarnpkg.com/glob-stream/-/glob-stream-5.3.5.tgz#a55665a9a8ccdc41915a87c701e32d4e016fad22" - dependencies: - extend "^3.0.0" - glob "^5.0.3" - glob-parent "^3.0.0" - micromatch "^2.3.7" - ordered-read-streams "^0.3.0" - through2 "^0.6.0" - to-absolute-glob "^0.1.1" - unique-stream "^2.0.2" - -glob@7.0.5: - version "7.0.5" - resolved "https://registry.yarnpkg.com/glob/-/glob-7.0.5.tgz#b4202a69099bbb4d292a7c1b95b6682b67ebdc95" - dependencies: - fs.realpath "^1.0.0" - inflight "^1.0.4" - inherits "2" - minimatch "^3.0.2" - once "^1.3.0" - path-is-absolute "^1.0.0" - -glob@^5.0.3, glob@^5.0.5: - version "5.0.15" - resolved "https://registry.yarnpkg.com/glob/-/glob-5.0.15.tgz#1bc936b9e02f4a603fcc222ecf7633d30b8b93b1" - dependencies: - inflight "^1.0.4" - inherits "2" - minimatch "2 || 3" - once "^1.3.0" - path-is-absolute "^1.0.0" - -glob@^7.0.3, glob@^7.0.5: - version "7.1.1" - resolved "https://registry.yarnpkg.com/glob/-/glob-7.1.1.tgz#805211df04faaf1c63a3600306cdf5ade50b2ec8" - dependencies: - fs.realpath "^1.0.0" - inflight "^1.0.4" - inherits "2" - minimatch "^3.0.2" - once "^1.3.0" - path-is-absolute "^1.0.0" - -globals@^9.0.0, globals@^9.2.0: - version "9.14.0" - resolved "https://registry.yarnpkg.com/globals/-/globals-9.14.0.tgz#8859936af0038741263053b39d0e76ca241e4034" - -globby@^5.0.0: - version "5.0.0" - resolved "https://registry.yarnpkg.com/globby/-/globby-5.0.0.tgz#ebd84667ca0dbb330b99bcfc68eac2bc54370e0d" - dependencies: - array-union "^1.0.1" - arrify "^1.0.0" - glob "^7.0.3" - object-assign "^4.0.1" - pify "^2.0.0" - pinkie-promise "^2.0.0" - -got@^3.2.0: - version "3.3.1" - resolved "https://registry.yarnpkg.com/got/-/got-3.3.1.tgz#e5d0ed4af55fc3eef4d56007769d98192bcb2eca" - dependencies: - duplexify "^3.2.0" - infinity-agent "^2.0.0" - is-redirect "^1.0.0" - is-stream "^1.0.0" - lowercase-keys "^1.0.0" - nested-error-stacks "^1.0.0" - object-assign "^3.0.0" - prepend-http "^1.0.0" - read-all-stream "^3.0.0" - timed-out "^2.0.0" - -graceful-fs@^4.0.0, graceful-fs@^4.1.2, graceful-fs@^4.1.4: - version "4.1.11" - resolved "https://registry.yarnpkg.com/graceful-fs/-/graceful-fs-4.1.11.tgz#0e8bdfe4d1ddb8854d64e04ea7c00e2a026e5658" - -"graceful-readlink@>= 1.0.0": - version "1.0.1" - resolved "https://registry.yarnpkg.com/graceful-readlink/-/graceful-readlink-1.0.1.tgz#4cafad76bc62f02fa039b2f94e9a3dd3a391a725" - -graphql-server-core@^0.4.3: - version "0.4.3" - resolved "https://registry.yarnpkg.com/graphql-server-core/-/graphql-server-core-0.4.3.tgz#3198832ce8703388713f012da023b33a3823be98" - optionalDependencies: - typed-graphql "^1.0.2" - -graphql-server-express@^0.4.3: - version "0.4.3" - resolved "https://registry.yarnpkg.com/graphql-server-express/-/graphql-server-express-0.4.3.tgz#198674e6db4949c060b9959554d3dc4e9cc4ed9b" - dependencies: - graphql-server-core "^0.4.3" - graphql-server-module-graphiql "^0.4.3" - optionalDependencies: - "@types/express" "^4.0.33" - -graphql-server-module-graphiql@^0.4.3: - version "0.4.3" - resolved "https://registry.yarnpkg.com/graphql-server-module-graphiql/-/graphql-server-module-graphiql-0.4.3.tgz#f82b92b99bb1e1b4b285c86bf6fcfa60b3a7a805" - -graphql-server@^0.3.2: - version "0.3.2" - resolved "https://registry.yarnpkg.com/graphql-server/-/graphql-server-0.3.2.tgz#ac3299963221be784fc78a22784d2d9ab7116e5e" - dependencies: - boom "^4.0.0" - http-errors "^1.5.0" - source-map-support "^0.4.2" - -graphql-subscriptions@0.2.0: - version "0.2.0" - resolved "https://registry.yarnpkg.com/graphql-subscriptions/-/graphql-subscriptions-0.2.0.tgz#9aebf19283f797354615b263090e15246a4c6c8d" - dependencies: - es6-promise "^3.2.1" - graphql "^0.7.0" - -graphql-subscriptions@^0.1.3: - version "0.1.5" - resolved "https://registry.yarnpkg.com/graphql-subscriptions/-/graphql-subscriptions-0.1.5.tgz#603422c0a7ea3818b630751d1c9798bfa1a820ee" - dependencies: - es6-promise "^3.2.1" - graphql "^0.7.0" - -graphql-tools@^0.8.2: - version "0.8.3" - resolved "https://registry.yarnpkg.com/graphql-tools/-/graphql-tools-0.8.3.tgz#7766ec1d1cc716dde331bd7813267bda44aefa08" - dependencies: - deprecated-decorator "^0.1.6" - lodash "^4.3.0" - node-uuid "^1.4.7" - optionalDependencies: - typed-graphql "^1.0.2" - -graphql@0.7.2, graphql@^0.7.0: - version "0.7.2" - resolved "https://registry.yarnpkg.com/graphql/-/graphql-0.7.2.tgz#cc894a32823399b8a0cb012b9e9ecad35cd00f72" - dependencies: - iterall "1.0.2" - -growl@1.9.2: - version "1.9.2" - resolved "https://registry.yarnpkg.com/growl/-/growl-1.9.2.tgz#0ea7743715db8d8de2c5ede1775e1b45ac85c02f" - -gulp-sourcemaps@1.6.0: - version "1.6.0" - resolved "https://registry.yarnpkg.com/gulp-sourcemaps/-/gulp-sourcemaps-1.6.0.tgz#b86ff349d801ceb56e1d9e7dc7bbcb4b7dee600c" - dependencies: - convert-source-map "^1.1.1" - graceful-fs "^4.1.2" - strip-bom "^2.0.0" - through2 "^2.0.0" - vinyl "^1.0.0" - -har-validator@~2.0.6: - version "2.0.6" - resolved "https://registry.yarnpkg.com/har-validator/-/har-validator-2.0.6.tgz#cdcbc08188265ad119b6a5a7c8ab70eecfb5d27d" - dependencies: - chalk "^1.1.1" - commander "^2.9.0" - is-my-json-valid "^2.12.4" - pinkie-promise "^2.0.0" - -has-ansi@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/has-ansi/-/has-ansi-2.0.0.tgz#34f5049ce1ecdf2b0649af3ef24e45ed35416d91" - dependencies: - ansi-regex "^2.0.0" - -has-flag@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/has-flag/-/has-flag-1.0.0.tgz#9d9e793165ce017a00f00418c43f942a7b1d11fa" - -has-unicode@^2.0.0: - version "2.0.1" - resolved "https://registry.yarnpkg.com/has-unicode/-/has-unicode-2.0.1.tgz#e0e6fe6a28cf51138855e086d1691e771de2a8b9" - -has@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/has/-/has-1.0.1.tgz#8461733f538b0837c9361e39a9ab9e9704dc2f28" - dependencies: - function-bind "^1.0.2" - -hawk@~3.1.3: - version "3.1.3" - resolved "https://registry.yarnpkg.com/hawk/-/hawk-3.1.3.tgz#078444bd7c1640b0fe540d2c9b73d59678e8e1c4" - dependencies: - boom "2.x.x" - cryptiles "2.x.x" - hoek "2.x.x" - sntp "1.x.x" - -hoek@2.x.x: - version "2.16.3" - resolved "https://registry.yarnpkg.com/hoek/-/hoek-2.16.3.tgz#20bb7403d3cea398e91dc4710a8ff1b8274a25ed" - -hoek@4.x.x: - version "4.1.0" - resolved "https://registry.yarnpkg.com/hoek/-/hoek-4.1.0.tgz#4a4557460f69842ed463aa00628cc26d2683afa7" - -home-or-tmp@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/home-or-tmp/-/home-or-tmp-1.0.0.tgz#4b9f1e40800c3e50c6c27f781676afcce71f3985" - dependencies: - os-tmpdir "^1.0.1" - user-home "^1.1.1" - -hosted-git-info@^2.1.4: - version "2.1.5" - resolved "https://registry.yarnpkg.com/hosted-git-info/-/hosted-git-info-2.1.5.tgz#0ba81d90da2e25ab34a332e6ec77936e1598118b" - -http-errors@^1.5.0, http-errors@~1.5.0: - version "1.5.1" - resolved "https://registry.yarnpkg.com/http-errors/-/http-errors-1.5.1.tgz#788c0d2c1de2c81b9e6e8c01843b6b97eb920750" - dependencies: - inherits "2.0.3" - setprototypeof "1.0.2" - statuses ">= 1.3.1 < 2" - -http-signature@~1.1.0: - version "1.1.1" - resolved "https://registry.yarnpkg.com/http-signature/-/http-signature-1.1.1.tgz#df72e267066cd0ac67fb76adf8e134a8fbcf91bf" - dependencies: - assert-plus "^0.2.0" - jsprim "^1.2.2" - sshpk "^1.7.0" - -https-proxy-agent@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/https-proxy-agent/-/https-proxy-agent-1.0.0.tgz#35f7da6c48ce4ddbfa264891ac593ee5ff8671e6" - dependencies: - agent-base "2" - debug "2" - extend "3" - -iconv-lite@0.4.13, iconv-lite@~0.4.13: - version "0.4.13" - resolved "https://registry.yarnpkg.com/iconv-lite/-/iconv-lite-0.4.13.tgz#1f88aba4ab0b1508e8312acc39345f36e992e2f2" - -ignore-by-default@^1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/ignore-by-default/-/ignore-by-default-1.0.1.tgz#48ca6d72f6c6a3af00a9ad4ae6876be3889e2b09" - -ignore@^3.1.5: - version "3.2.0" - resolved "https://registry.yarnpkg.com/ignore/-/ignore-3.2.0.tgz#8d88f03c3002a0ac52114db25d2c673b0bf1e435" - -imurmurhash@^0.1.4: - version "0.1.4" - resolved "https://registry.yarnpkg.com/imurmurhash/-/imurmurhash-0.1.4.tgz#9218b9b2b928a238b13dc4fb6b6d576f231453ea" - -indent-string@^2.1.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/indent-string/-/indent-string-2.1.0.tgz#8e2d48348742121b4a8218b7a137e9a52049dc80" - dependencies: - repeating "^2.0.0" - -infinity-agent@^2.0.0: - version "2.0.3" - resolved "https://registry.yarnpkg.com/infinity-agent/-/infinity-agent-2.0.3.tgz#45e0e2ff7a9eb030b27d62b74b3744b7a7ac4216" - -inflight@^1.0.4: - version "1.0.6" - resolved "https://registry.yarnpkg.com/inflight/-/inflight-1.0.6.tgz#49bd6331d7d02d0c09bc910a1075ba8165b56df9" - dependencies: - once "^1.3.0" - wrappy "1" - -inherits@2, inherits@2.0.3, inherits@^2.0.1, inherits@~2.0.0, inherits@~2.0.1: - version "2.0.3" - resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.3.tgz#633c2c83e3da42a502f52466022480f4208261de" - -ini@~1.3.0: - version "1.3.4" - resolved "https://registry.yarnpkg.com/ini/-/ini-1.3.4.tgz#0537cb79daf59b59a1a517dff706c86ec039162e" - -inquirer@^0.12.0: - version "0.12.0" - resolved "https://registry.yarnpkg.com/inquirer/-/inquirer-0.12.0.tgz#1ef2bfd63504df0bc75785fff8c2c41df12f077e" - dependencies: - ansi-escapes "^1.1.0" - ansi-regex "^2.0.0" - chalk "^1.0.0" - cli-cursor "^1.0.1" - cli-width "^2.0.0" - figures "^1.3.5" - lodash "^4.3.0" - readline2 "^1.0.1" - run-async "^0.1.0" - rx-lite "^3.1.2" - string-width "^1.0.1" - strip-ansi "^3.0.0" - through "^2.3.6" - -invariant@^2.2.0: - version "2.2.2" - resolved "https://registry.yarnpkg.com/invariant/-/invariant-2.2.2.tgz#9e1f56ac0acdb6bf303306f338be3b204ae60360" - dependencies: - loose-envify "^1.0.0" - -invert-kv@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/invert-kv/-/invert-kv-1.0.0.tgz#104a8e4aaca6d3d8cd157a8ef8bfab2d7a3ffdb6" - -ipaddr.js@1.1.1: - version "1.1.1" - resolved "https://registry.yarnpkg.com/ipaddr.js/-/ipaddr.js-1.1.1.tgz#c791d95f52b29c1247d5df80ada39b8a73647230" - -is-absolute@^0.1.5: - version "0.1.7" - resolved "https://registry.yarnpkg.com/is-absolute/-/is-absolute-0.1.7.tgz#847491119fccb5fb436217cc737f7faad50f603f" - dependencies: - is-relative "^0.1.0" - -is-arrayish@^0.2.1: - version "0.2.1" - resolved "https://registry.yarnpkg.com/is-arrayish/-/is-arrayish-0.2.1.tgz#77c99840527aa8ecb1a8ba697b80645a7a926a9d" - -is-binary-path@^1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/is-binary-path/-/is-binary-path-1.0.1.tgz#75f16642b480f187a711c814161fd3a4a7655898" - dependencies: - binary-extensions "^1.0.0" - -is-buffer@^1.0.2: - version "1.1.4" - resolved "https://registry.yarnpkg.com/is-buffer/-/is-buffer-1.1.4.tgz#cfc86ccd5dc5a52fa80489111c6920c457e2d98b" - -is-builtin-module@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-builtin-module/-/is-builtin-module-1.0.0.tgz#540572d34f7ac3119f8f76c30cbc1b1e037affbe" - dependencies: - builtin-modules "^1.0.0" - -is-bzip2@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-bzip2/-/is-bzip2-1.0.0.tgz#5ee58eaa5a2e9c80e21407bedf23ae5ac091b3fc" - -is-dotfile@^1.0.0: - version "1.0.2" - resolved "https://registry.yarnpkg.com/is-dotfile/-/is-dotfile-1.0.2.tgz#2c132383f39199f8edc268ca01b9b007d205cc4d" - -is-equal-shallow@^0.1.3: - version "0.1.3" - resolved "https://registry.yarnpkg.com/is-equal-shallow/-/is-equal-shallow-0.1.3.tgz#2238098fc221de0bcfa5d9eac4c45d638aa1c534" - dependencies: - is-primitive "^2.0.0" - -is-extendable@^0.1.0, is-extendable@^0.1.1: - version "0.1.1" - resolved "https://registry.yarnpkg.com/is-extendable/-/is-extendable-0.1.1.tgz#62b110e289a471418e3ec36a617d472e301dfc89" - -is-extglob@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-extglob/-/is-extglob-1.0.0.tgz#ac468177c4943405a092fc8f29760c6ffc6206c0" - -is-extglob@^2.1.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/is-extglob/-/is-extglob-2.1.0.tgz#33411a482b046bf95e6b0cb27ee2711af4cf15ad" - -is-finite@^1.0.0: - version "1.0.2" - resolved "https://registry.yarnpkg.com/is-finite/-/is-finite-1.0.2.tgz#cc6677695602be550ef11e8b4aa6305342b6d0aa" - dependencies: - number-is-nan "^1.0.0" - -is-fullwidth-code-point@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-fullwidth-code-point/-/is-fullwidth-code-point-1.0.0.tgz#ef9e31386f031a7f0d643af82fde50c457ef00cb" - dependencies: - number-is-nan "^1.0.0" - -is-fullwidth-code-point@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/is-fullwidth-code-point/-/is-fullwidth-code-point-2.0.0.tgz#a3b30a5c4f199183167aaab93beefae3ddfb654f" - -is-glob@^2.0.0, is-glob@^2.0.1: - version "2.0.1" - resolved "https://registry.yarnpkg.com/is-glob/-/is-glob-2.0.1.tgz#d096f926a3ded5600f3fdfd91198cb0888c2d863" - dependencies: - is-extglob "^1.0.0" - -is-glob@^3.1.0: - version "3.1.0" - resolved "https://registry.yarnpkg.com/is-glob/-/is-glob-3.1.0.tgz#7ba5ae24217804ac70707b96922567486cc3e84a" - dependencies: - is-extglob "^2.1.0" - -is-gzip@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-gzip/-/is-gzip-1.0.0.tgz#6ca8b07b99c77998025900e555ced8ed80879a83" - -is-my-json-valid@^2.10.0, is-my-json-valid@^2.12.4: - version "2.15.0" - resolved "https://registry.yarnpkg.com/is-my-json-valid/-/is-my-json-valid-2.15.0.tgz#936edda3ca3c211fd98f3b2d3e08da43f7b2915b" - dependencies: - generate-function "^2.0.0" - generate-object-property "^1.1.0" - jsonpointer "^4.0.0" - xtend "^4.0.0" - -is-natural-number@^2.0.0: - version "2.1.1" - resolved "https://registry.yarnpkg.com/is-natural-number/-/is-natural-number-2.1.1.tgz#7d4c5728377ef386c3e194a9911bf57c6dc335e7" - -is-npm@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-npm/-/is-npm-1.0.0.tgz#f2fb63a65e4905b406c86072765a1a4dc793b9f4" - -is-number@^2.0.2, is-number@^2.1.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/is-number/-/is-number-2.1.0.tgz#01fcbbb393463a548f2f466cce16dece49db908f" - dependencies: - kind-of "^3.0.2" - -is-path-cwd@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-path-cwd/-/is-path-cwd-1.0.0.tgz#d225ec23132e89edd38fda767472e62e65f1106d" - -is-path-in-cwd@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-path-in-cwd/-/is-path-in-cwd-1.0.0.tgz#6477582b8214d602346094567003be8a9eac04dc" - dependencies: - is-path-inside "^1.0.0" - -is-path-inside@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-path-inside/-/is-path-inside-1.0.0.tgz#fc06e5a1683fbda13de667aff717bbc10a48f37f" - dependencies: - path-is-inside "^1.0.1" - -is-posix-bracket@^0.1.0: - version "0.1.1" - resolved "https://registry.yarnpkg.com/is-posix-bracket/-/is-posix-bracket-0.1.1.tgz#3334dc79774368e92f016e6fbc0a88f5cd6e6bc4" - -is-primitive@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/is-primitive/-/is-primitive-2.0.0.tgz#207bab91638499c07b2adf240a41a87210034575" - -is-promise@~1, is-promise@~1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/is-promise/-/is-promise-1.0.1.tgz#31573761c057e33c2e91aab9e96da08cefbe76e5" - -is-property@^1.0.0: - version "1.0.2" - resolved "https://registry.yarnpkg.com/is-property/-/is-property-1.0.2.tgz#57fe1c4e48474edd65b09911f26b1cd4095dda84" - -is-redirect@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-redirect/-/is-redirect-1.0.0.tgz#1d03dded53bd8db0f30c26e4f95d36fc7c87dc24" - -is-relative@^0.1.0: - version "0.1.3" - resolved "https://registry.yarnpkg.com/is-relative/-/is-relative-0.1.3.tgz#905fee8ae86f45b3ec614bc3c15c869df0876e82" - -is-resolvable@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-resolvable/-/is-resolvable-1.0.0.tgz#8df57c61ea2e3c501408d100fb013cf8d6e0cc62" - dependencies: - tryit "^1.0.1" - -is-stream@^1.0.0, is-stream@^1.0.1: - version "1.1.0" - resolved "https://registry.yarnpkg.com/is-stream/-/is-stream-1.1.0.tgz#12d4a3dd4e68e0b79ceb8dbc84173ae80d91ca44" - -is-tar@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-tar/-/is-tar-1.0.0.tgz#2f6b2e1792c1f5bb36519acaa9d65c0d26fe853d" - -is-typedarray@^1.0.0, is-typedarray@~1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-typedarray/-/is-typedarray-1.0.0.tgz#e479c80858df0c1b11ddda6940f96011fcda4a9a" - -is-utf8@^0.2.0: - version "0.2.1" - resolved "https://registry.yarnpkg.com/is-utf8/-/is-utf8-0.2.1.tgz#4b0da1442104d1b336340e80797e865cf39f7d72" - -is-valid-glob@^0.3.0: - version "0.3.0" - resolved "https://registry.yarnpkg.com/is-valid-glob/-/is-valid-glob-0.3.0.tgz#d4b55c69f51886f9b65c70d6c2622d37e29f48fe" - -is-zip@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-zip/-/is-zip-1.0.0.tgz#47b0a8ff4d38a76431ccfd99a8e15a4c86ba2325" - -isarray@0.0.1: - version "0.0.1" - resolved "https://registry.yarnpkg.com/isarray/-/isarray-0.0.1.tgz#8a18acfca9a8f4177e09abfc6038939b05d1eedf" - -isarray@1.0.0, isarray@^1.0.0, isarray@~1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/isarray/-/isarray-1.0.0.tgz#bb935d48582cba168c06834957a54a3e07124f11" - -isemail@1.x.x: - version "1.2.0" - resolved "https://registry.yarnpkg.com/isemail/-/isemail-1.2.0.tgz#be03df8cc3e29de4d2c5df6501263f1fa4595e9a" - -isobject@^2.0.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/isobject/-/isobject-2.1.0.tgz#f065561096a3f1da2ef46272f815c840d87e0c89" - dependencies: - isarray "1.0.0" - -isstream@~0.1.2: - version "0.1.2" - resolved "https://registry.yarnpkg.com/isstream/-/isstream-0.1.2.tgz#47e63f7af55afa6f92e1500e690eb8b8529c099a" - -iterall@1.0.2: - version "1.0.2" - resolved "https://registry.yarnpkg.com/iterall/-/iterall-1.0.2.tgz#41a2e96ce9eda5e61c767ee5dc312373bb046e91" - -jodid25519@^1.0.0: - version "1.0.2" - resolved "https://registry.yarnpkg.com/jodid25519/-/jodid25519-1.0.2.tgz#06d4912255093419477d425633606e0e90782967" - dependencies: - jsbn "~0.1.0" - -joi@^6.10.1: - version "6.10.1" - resolved "https://registry.yarnpkg.com/joi/-/joi-6.10.1.tgz#4d50c318079122000fe5f16af1ff8e1917b77e06" - dependencies: - hoek "2.x.x" - isemail "1.x.x" - moment "2.x.x" - topo "1.x.x" - -js-tokens@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/js-tokens/-/js-tokens-2.0.0.tgz#79903f5563ee778cc1162e6dcf1a0027c97f9cb5" - -js-yaml@^3.5.1: - version "3.7.0" - resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-3.7.0.tgz#5c967ddd837a9bfdca5f2de84253abe8a1c03b80" - dependencies: - argparse "^1.0.7" - esprima "^2.6.0" - -jsbn@~0.1.0: - version "0.1.0" - resolved "https://registry.yarnpkg.com/jsbn/-/jsbn-0.1.0.tgz#650987da0dd74f4ebf5a11377a2aa2d273e97dfd" - -jsesc@^1.3.0: - version "1.3.0" - resolved "https://registry.yarnpkg.com/jsesc/-/jsesc-1.3.0.tgz#46c3fec8c1892b12b0833db9bc7622176dbab34b" - -jsesc@~0.5.0: - version "0.5.0" - resolved "https://registry.yarnpkg.com/jsesc/-/jsesc-0.5.0.tgz#e7dee66e35d6fc16f710fe91d5cf69f70f08911d" - -json-schema@0.2.3: - version "0.2.3" - resolved "https://registry.yarnpkg.com/json-schema/-/json-schema-0.2.3.tgz#b480c892e59a2f05954ce727bd3f2a4e882f9e13" - -json-stable-stringify@^1.0.0, json-stable-stringify@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/json-stable-stringify/-/json-stable-stringify-1.0.1.tgz#9a759d39c5f2ff503fd5300646ed445f88c4f9af" - dependencies: - jsonify "~0.0.0" - -json-stringify-safe@~5.0.1: - version "5.0.1" - resolved "https://registry.yarnpkg.com/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz#1296a2d58fd45f19a0f6ce01d65701e2c735b6eb" - -json3@3.3.2: - version "3.3.2" - resolved "https://registry.yarnpkg.com/json3/-/json3-3.3.2.tgz#3c0434743df93e2f5c42aee7b19bcb483575f4e1" - -json5@^0.4.0: - version "0.4.0" - resolved "https://registry.yarnpkg.com/json5/-/json5-0.4.0.tgz#054352e4c4c80c86c0923877d449de176a732c8d" - -jsonify@~0.0.0: - version "0.0.0" - resolved "https://registry.yarnpkg.com/jsonify/-/jsonify-0.0.0.tgz#2c74b6ee41d93ca51b7b5aaee8f503631d252a73" - -jsonpointer@^4.0.0: - version "4.0.0" - resolved "https://registry.yarnpkg.com/jsonpointer/-/jsonpointer-4.0.0.tgz#6661e161d2fc445f19f98430231343722e1fcbd5" - -jsonwebtoken@^7.0.0: - version "7.3.0" - resolved "https://registry.yarnpkg.com/jsonwebtoken/-/jsonwebtoken-7.3.0.tgz#85118d6a70e3fccdf14389f4e7a1c3f9c8a9fbba" - dependencies: - joi "^6.10.1" - jws "^3.1.4" - lodash.once "^4.0.0" - ms "^0.7.1" - xtend "^4.0.1" - -jsprim@^1.2.2: - version "1.3.1" - resolved "https://registry.yarnpkg.com/jsprim/-/jsprim-1.3.1.tgz#2a7256f70412a29ee3670aaca625994c4dcff252" - dependencies: - extsprintf "1.0.2" - json-schema "0.2.3" - verror "1.3.6" - -jsx-ast-utils@^1.0.0, jsx-ast-utils@^1.3.1: - version "1.3.4" - resolved "https://registry.yarnpkg.com/jsx-ast-utils/-/jsx-ast-utils-1.3.4.tgz#0257ed1cc4b1e65b39d7d9940f9fb4f20f7ba0a9" - dependencies: - acorn-jsx "^3.0.1" - object-assign "^4.1.0" - -jwa@^1.1.4: - version "1.1.5" - resolved "https://registry.yarnpkg.com/jwa/-/jwa-1.1.5.tgz#a0552ce0220742cd52e153774a32905c30e756e5" - dependencies: - base64url "2.0.0" - buffer-equal-constant-time "1.0.1" - ecdsa-sig-formatter "1.0.9" - safe-buffer "^5.0.1" - -jws@^3.1.4: - version "3.1.4" - resolved "https://registry.yarnpkg.com/jws/-/jws-3.1.4.tgz#f9e8b9338e8a847277d6444b1464f61880e050a2" - dependencies: - base64url "^2.0.0" - jwa "^1.1.4" - safe-buffer "^5.0.1" - -jwt-simple@^0.5.1: - version "0.5.1" - resolved "https://registry.yarnpkg.com/jwt-simple/-/jwt-simple-0.5.1.tgz#79ea01891b61de6b68e13e67c0b4b5bda937b294" - -kind-of@^3.0.2: - version "3.1.0" - resolved "https://registry.yarnpkg.com/kind-of/-/kind-of-3.1.0.tgz#475d698a5e49ff5e53d14e3e732429dc8bf4cf47" - dependencies: - is-buffer "^1.0.2" - -latest-version@^1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/latest-version/-/latest-version-1.0.1.tgz#72cfc46e3e8d1be651e1ebb54ea9f6ea96f374bb" - dependencies: - package-json "^1.0.0" - -lazystream@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/lazystream/-/lazystream-1.0.0.tgz#f6995fe0f820392f61396be89462407bb77168e4" - dependencies: - readable-stream "^2.0.5" - -lcid@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/lcid/-/lcid-1.0.0.tgz#308accafa0bc483a3867b4b6f2b9506251d1b835" - dependencies: - invert-kv "^1.0.0" - -levn@^0.3.0, levn@~0.3.0: - version "0.3.0" - resolved "https://registry.yarnpkg.com/levn/-/levn-0.3.0.tgz#3b09924edf9f083c0490fdd4c0bc4421e04764ee" - dependencies: - prelude-ls "~1.1.2" - type-check "~0.3.2" - -load-json-file@^1.0.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/load-json-file/-/load-json-file-1.1.0.tgz#956905708d58b4bab4c2261b04f59f31c99374c0" - dependencies: - graceful-fs "^4.1.2" - parse-json "^2.2.0" - pify "^2.0.0" - pinkie-promise "^2.0.0" - strip-bom "^2.0.0" - -lodash._baseassign@^3.0.0: - version "3.2.0" - resolved "https://registry.yarnpkg.com/lodash._baseassign/-/lodash._baseassign-3.2.0.tgz#8c38a099500f215ad09e59f1722fd0c52bfe0a4e" - dependencies: - lodash._basecopy "^3.0.0" - lodash.keys "^3.0.0" - -lodash._basecopy@^3.0.0: - version "3.0.1" - resolved "https://registry.yarnpkg.com/lodash._basecopy/-/lodash._basecopy-3.0.1.tgz#8da0e6a876cf344c0ad8a54882111dd3c5c7ca36" - -lodash._basecreate@^3.0.0: - version "3.0.3" - resolved "https://registry.yarnpkg.com/lodash._basecreate/-/lodash._basecreate-3.0.3.tgz#1bc661614daa7fc311b7d03bf16806a0213cf821" - -lodash._bindcallback@^3.0.0: - version "3.0.1" - resolved "https://registry.yarnpkg.com/lodash._bindcallback/-/lodash._bindcallback-3.0.1.tgz#e531c27644cf8b57a99e17ed95b35c748789392e" - -lodash._createassigner@^3.0.0: - version "3.1.1" - resolved "https://registry.yarnpkg.com/lodash._createassigner/-/lodash._createassigner-3.1.1.tgz#838a5bae2fdaca63ac22dee8e19fa4e6d6970b11" - dependencies: - lodash._bindcallback "^3.0.0" - lodash._isiterateecall "^3.0.0" - lodash.restparam "^3.0.0" - -lodash._getnative@^3.0.0: - version "3.9.1" - resolved "https://registry.yarnpkg.com/lodash._getnative/-/lodash._getnative-3.9.1.tgz#570bc7dede46d61cdcde687d65d3eecbaa3aaff5" - -lodash._isiterateecall@^3.0.0: - version "3.0.9" - resolved "https://registry.yarnpkg.com/lodash._isiterateecall/-/lodash._isiterateecall-3.0.9.tgz#5203ad7ba425fae842460e696db9cf3e6aac057c" - -lodash.assign@^3.0.0: - version "3.2.0" - resolved "https://registry.yarnpkg.com/lodash.assign/-/lodash.assign-3.2.0.tgz#3ce9f0234b4b2223e296b8fa0ac1fee8ebca64fa" - dependencies: - lodash._baseassign "^3.0.0" - lodash._createassigner "^3.0.0" - lodash.keys "^3.0.0" - -lodash.cond@^4.3.0: - version "4.5.2" - resolved "https://registry.yarnpkg.com/lodash.cond/-/lodash.cond-4.5.2.tgz#f471a1da486be60f6ab955d17115523dd1d255d5" - -lodash.create@3.1.1: - version "3.1.1" - resolved "https://registry.yarnpkg.com/lodash.create/-/lodash.create-3.1.1.tgz#d7f2849f0dbda7e04682bb8cd72ab022461debe7" - dependencies: - lodash._baseassign "^3.0.0" - lodash._basecreate "^3.0.0" - lodash._isiterateecall "^3.0.0" - -lodash.defaults@^3.1.2: - version "3.1.2" - resolved "https://registry.yarnpkg.com/lodash.defaults/-/lodash.defaults-3.1.2.tgz#c7308b18dbf8bc9372d701a73493c61192bd2e2c" - dependencies: - lodash.assign "^3.0.0" - lodash.restparam "^3.0.0" - -lodash.isarguments@^3.0.0: - version "3.1.0" - resolved "https://registry.yarnpkg.com/lodash.isarguments/-/lodash.isarguments-3.1.0.tgz#2f573d85c6a24289ff00663b491c1d338ff3458a" - -lodash.isarray@^3.0.0: - version "3.0.4" - resolved "https://registry.yarnpkg.com/lodash.isarray/-/lodash.isarray-3.0.4.tgz#79e4eb88c36a8122af86f844aa9bcd851b5fbb55" - -lodash.isequal@^4.0.0: - version "4.4.0" - resolved "https://registry.yarnpkg.com/lodash.isequal/-/lodash.isequal-4.4.0.tgz#6295768e98e14dc15ce8d362ef6340db82852031" - -lodash.isobject@^3.0.2: - version "3.0.2" - resolved "https://registry.yarnpkg.com/lodash.isobject/-/lodash.isobject-3.0.2.tgz#3c8fb8d5b5bf4bf90ae06e14f2a530a4ed935e1d" - -lodash.isstring@^4.0.1: - version "4.0.1" - resolved "https://registry.yarnpkg.com/lodash.isstring/-/lodash.isstring-4.0.1.tgz#d527dfb5456eca7cc9bb95d5daeaf88ba54a5451" - -lodash.keys@^3.0.0: - version "3.1.2" - resolved "https://registry.yarnpkg.com/lodash.keys/-/lodash.keys-3.1.2.tgz#4dbc0472b156be50a0b286855d1bd0b0c656098a" - dependencies: - lodash._getnative "^3.0.0" - lodash.isarguments "^3.0.0" - lodash.isarray "^3.0.0" - -lodash.once@^4.0.0: - version "4.1.1" - resolved "https://registry.yarnpkg.com/lodash.once/-/lodash.once-4.1.1.tgz#0dd3971213c7c56df880977d504c88fb471a97ac" - -lodash.pickby@^4.6.0: - version "4.6.0" - resolved "https://registry.yarnpkg.com/lodash.pickby/-/lodash.pickby-4.6.0.tgz#7dea21d8c18d7703a27c704c15d3b84a67e33aff" - -lodash.restparam@^3.0.0: - version "3.6.1" - resolved "https://registry.yarnpkg.com/lodash.restparam/-/lodash.restparam-3.6.1.tgz#936a4e309ef330a7645ed4145986c85ae5b20805" - -lodash@4.16.4, lodash@^4.0.0, lodash@^4.15.0, lodash@^4.2.0, lodash@^4.3.0, lodash@^4.8.0: - version "4.16.4" - resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.16.4.tgz#01ce306b9bad1319f2a5528674f88297aeb70127" - -log-symbols@^1.0.2: - version "1.0.2" - resolved "https://registry.yarnpkg.com/log-symbols/-/log-symbols-1.0.2.tgz#376ff7b58ea3086a0f09facc74617eca501e1a18" - dependencies: - chalk "^1.0.0" - -loose-envify@^1.0.0: - version "1.3.0" - resolved "https://registry.yarnpkg.com/loose-envify/-/loose-envify-1.3.0.tgz#6b26248c42f6d4fa4b0d8542f78edfcde35642a8" - dependencies: - js-tokens "^2.0.0" - -loud-rejection@^1.0.0: - version "1.6.0" - resolved "https://registry.yarnpkg.com/loud-rejection/-/loud-rejection-1.6.0.tgz#5b46f80147edee578870f086d04821cf998e551f" - dependencies: - currently-unhandled "^0.4.1" - signal-exit "^3.0.0" - -lowercase-keys@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/lowercase-keys/-/lowercase-keys-1.0.0.tgz#4e3366b39e7f5457e35f1324bdf6f88d0bfc7306" - -map-obj@^1.0.0, map-obj@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/map-obj/-/map-obj-1.0.1.tgz#d933ceb9205d82bdcf4886f6742bdc2b4dea146d" - -map-stream@~0.1.0: - version "0.1.0" - resolved "https://registry.yarnpkg.com/map-stream/-/map-stream-0.1.0.tgz#e56aa94c4c8055a16404a0674b78f215f7c8e194" - -media-typer@0.3.0: - version "0.3.0" - resolved "https://registry.yarnpkg.com/media-typer/-/media-typer-0.3.0.tgz#8710d7af0aa626f8fffa1ce00168545263255748" - -meow@^3.5.0: - version "3.7.0" - resolved "https://registry.yarnpkg.com/meow/-/meow-3.7.0.tgz#72cb668b425228290abbfa856892587308a801fb" - dependencies: - camelcase-keys "^2.0.0" - decamelize "^1.1.2" - loud-rejection "^1.0.0" - map-obj "^1.0.1" - minimist "^1.1.3" - normalize-package-data "^2.3.4" - object-assign "^4.0.1" - read-pkg-up "^1.0.1" - redent "^1.0.0" - trim-newlines "^1.0.0" - -merge-descriptors@1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/merge-descriptors/-/merge-descriptors-1.0.1.tgz#b00aaa556dd8b44568150ec9d1b953f3f90cbb61" - -merge-stream@^1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/merge-stream/-/merge-stream-1.0.1.tgz#4041202d508a342ba00174008df0c251b8c135e1" - dependencies: - readable-stream "^2.0.1" - -methods@~1.1.2: - version "1.1.2" - resolved "https://registry.yarnpkg.com/methods/-/methods-1.1.2.tgz#5529a4d67654134edcc5266656835b0f851afcee" - -micromatch@^2.1.5, micromatch@^2.3.7: - version "2.3.11" - resolved "https://registry.yarnpkg.com/micromatch/-/micromatch-2.3.11.tgz#86677c97d1720b363431d04d0d15293bd38c1565" - dependencies: - arr-diff "^2.0.0" - array-unique "^0.2.1" - braces "^1.8.2" - expand-brackets "^0.1.4" - extglob "^0.3.1" - filename-regex "^2.0.0" - is-extglob "^1.0.0" - is-glob "^2.0.1" - kind-of "^3.0.2" - normalize-path "^2.0.1" - object.omit "^2.0.0" - parse-glob "^3.0.4" - regex-cache "^0.4.2" - -mime-db@~1.25.0: - version "1.25.0" - resolved "https://registry.yarnpkg.com/mime-db/-/mime-db-1.25.0.tgz#c18dbd7c73a5dbf6f44a024dc0d165a1e7b1c392" - -mime-types@^2.1.12, mime-types@~2.1.11, mime-types@~2.1.13, mime-types@~2.1.7: - version "2.1.13" - resolved "https://registry.yarnpkg.com/mime-types/-/mime-types-2.1.13.tgz#e07aaa9c6c6b9a7ca3012c69003ad25a39e92a88" - dependencies: - mime-db "~1.25.0" - -mime@1.3.4: - version "1.3.4" - resolved "https://registry.yarnpkg.com/mime/-/mime-1.3.4.tgz#115f9e3b6b3daf2959983cb38f149a2d40eb5d53" - -"minimatch@2 || 3", minimatch@^3.0.0, minimatch@^3.0.2, minimatch@^3.0.3: - version "3.0.3" - resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-3.0.3.tgz#2a4e4090b96b2db06a9d7df01055a62a77c9b774" - dependencies: - brace-expansion "^1.0.0" - -minimist@0.0.8: - version "0.0.8" - resolved "https://registry.yarnpkg.com/minimist/-/minimist-0.0.8.tgz#857fcabfc3397d2625b8228262e86aa7a011b05d" - -minimist@^1.1.0, minimist@^1.1.3, minimist@^1.2.0: - version "1.2.0" - resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.0.tgz#a35008b20f41383eec1fb914f4cd5df79a264284" - -mkdirp@0.5.1, "mkdirp@>=0.5 0", mkdirp@^0.5.0, mkdirp@^0.5.1, mkdirp@~0.5.1: - version "0.5.1" - resolved "https://registry.yarnpkg.com/mkdirp/-/mkdirp-0.5.1.tgz#30057438eac6cf7f8c4767f38648d6697d75c903" - dependencies: - minimist "0.0.8" - -mocha@^3.1.2: - version "3.2.0" - resolved "https://registry.yarnpkg.com/mocha/-/mocha-3.2.0.tgz#7dc4f45e5088075171a68896814e6ae9eb7a85e3" - dependencies: - browser-stdout "1.3.0" - commander "2.9.0" - debug "2.2.0" - diff "1.4.0" - escape-string-regexp "1.0.5" - glob "7.0.5" - growl "1.9.2" - json3 "3.3.2" - lodash.create "3.1.1" - mkdirp "0.5.1" - supports-color "3.1.2" - -moment@2.x.x: - version "2.17.1" - resolved "https://registry.yarnpkg.com/moment/-/moment-2.17.1.tgz#fed9506063f36b10f066c8b59a144d7faebe1d82" - -mongo-find-by-ids@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/mongo-find-by-ids/-/mongo-find-by-ids-1.0.0.tgz#c4e7a108e2b9fb98f59eb8be5d3801b2bfb52222" - -mongodb-core@2.1.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/mongodb-core/-/mongodb-core-2.1.0.tgz#49a5edf476f6cc16c4ff7d423802a88080d992fb" - dependencies: - bson "~1.0.0" - require_optional "~1.0.0" - -mongodb-download@^1.3.2: - version "1.3.2" - resolved "https://registry.yarnpkg.com/mongodb-download/-/mongodb-download-1.3.2.tgz#0a2e8868eaea6c18e2a7f7cb7c8048ff10809337" - dependencies: - debug "^2.2.0" - getos "^2.7.0" - yargs "^3.26.0" - -mongodb-prebuilt@^5.0.7: - version "5.0.8" - resolved "https://registry.yarnpkg.com/mongodb-prebuilt/-/mongodb-prebuilt-5.0.8.tgz#82eb96336688888c3a614efbf6c5613fb656fbed" - dependencies: - debug "^2.2.0" - decompress "^3.0.0" - https-proxy-agent "^1.0.0" - mongodb-download "^1.3.2" - spawn-sync "1.0.15" - yargs "^3.26.0" - -mongodb@^2.2.11: - version "2.2.13" - resolved "https://registry.yarnpkg.com/mongodb/-/mongodb-2.2.13.tgz#f74315fbf64450265f920481fc7f17491b056b8a" - dependencies: - es6-promise "3.2.1" - mongodb-core "2.1.0" - readable-stream "2.1.5" - -ms@0.7.1, ms@^0.7.1: - version "0.7.1" - resolved "https://registry.yarnpkg.com/ms/-/ms-0.7.1.tgz#9cd13c03adbff25b65effde7ce864ee952017098" - -mute-stream@0.0.5: - version "0.0.5" - resolved "https://registry.yarnpkg.com/mute-stream/-/mute-stream-0.0.5.tgz#8fbfabb0a98a253d3184331f9e8deb7372fac6c0" - -nan@2.5.0, nan@^2.3.0, nan@^2.3.3: - version "2.5.0" - resolved "https://registry.yarnpkg.com/nan/-/nan-2.5.0.tgz#aa8f1e34531d807e9e27755b234b4a6ec0c152a8" - -natural-compare@^1.4.0: - version "1.4.0" - resolved "https://registry.yarnpkg.com/natural-compare/-/natural-compare-1.4.0.tgz#4abebfeed7541f2c27acfb29bdbbd15c8d5ba4f7" - -negotiator@0.6.1: - version "0.6.1" - resolved "https://registry.yarnpkg.com/negotiator/-/negotiator-0.6.1.tgz#2b327184e8992101177b28563fb5e7102acd0ca9" - -nested-error-stacks@^1.0.0: - version "1.0.2" - resolved "https://registry.yarnpkg.com/nested-error-stacks/-/nested-error-stacks-1.0.2.tgz#19f619591519f096769a5ba9a86e6eeec823c3cf" - dependencies: - inherits "~2.0.1" - -node-fetch@^1.6.3: - version "1.6.3" - resolved "https://registry.yarnpkg.com/node-fetch/-/node-fetch-1.6.3.tgz#dc234edd6489982d58e8f0db4f695029abcd8c04" - dependencies: - encoding "^0.1.11" - is-stream "^1.0.1" - -node-pre-gyp@0.6.32, node-pre-gyp@^0.6.29: - version "0.6.32" - resolved "https://registry.yarnpkg.com/node-pre-gyp/-/node-pre-gyp-0.6.32.tgz#fc452b376e7319b3d255f5f34853ef6fd8fe1fd5" - dependencies: - mkdirp "~0.5.1" - nopt "~3.0.6" - npmlog "^4.0.1" - rc "~1.1.6" - request "^2.79.0" - rimraf "~2.5.4" - semver "~5.3.0" - tar "~2.2.1" - tar-pack "~3.3.0" - -node-static@0.5.9: - version "0.5.9" - resolved "https://registry.yarnpkg.com/node-static/-/node-static-0.5.9.tgz#2f5bf30949e1735958266c269413aebce8cbe899" - -node-uuid@^1.4.7: - version "1.4.7" - resolved "https://registry.yarnpkg.com/node-uuid/-/node-uuid-1.4.7.tgz#6da5a17668c4b3dd59623bda11cf7fa4c1f60a6f" - -nodeify@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/nodeify/-/nodeify-1.0.1.tgz#64ab69a7bdbaf03ce107b4f0335c87c0b9e91b1d" - dependencies: - is-promise "~1.0.0" - promise "~1.3.0" - -nodemon@1.11.0: - version "1.11.0" - resolved "https://registry.yarnpkg.com/nodemon/-/nodemon-1.11.0.tgz#226c562bd2a7b13d3d7518b49ad4828a3623d06c" - dependencies: - chokidar "^1.4.3" - debug "^2.2.0" - es6-promise "^3.0.2" - ignore-by-default "^1.0.0" - lodash.defaults "^3.1.2" - minimatch "^3.0.0" - ps-tree "^1.0.1" - touch "1.0.0" - undefsafe "0.0.3" - update-notifier "0.5.0" - -nopt@~1.0.10: - version "1.0.10" - resolved "https://registry.yarnpkg.com/nopt/-/nopt-1.0.10.tgz#6ddd21bd2a31417b92727dd585f8a6f37608ebee" - dependencies: - abbrev "1" - -nopt@~3.0.6: - version "3.0.6" - resolved "https://registry.yarnpkg.com/nopt/-/nopt-3.0.6.tgz#c6465dbf08abcd4db359317f79ac68a646b28ff9" - dependencies: - abbrev "1" - -normalize-package-data@^2.3.2, normalize-package-data@^2.3.4: - version "2.3.5" - resolved "https://registry.yarnpkg.com/normalize-package-data/-/normalize-package-data-2.3.5.tgz#8d924f142960e1777e7ffe170543631cc7cb02df" - dependencies: - hosted-git-info "^2.1.4" - is-builtin-module "^1.0.0" - semver "2 || 3 || 4 || 5" - validate-npm-package-license "^3.0.1" - -normalize-path@^2.0.1: - version "2.0.1" - resolved "https://registry.yarnpkg.com/normalize-path/-/normalize-path-2.0.1.tgz#47886ac1662760d4261b7d979d241709d3ce3f7a" - -npmlog@^4.0.1: - version "4.0.1" - resolved "https://registry.yarnpkg.com/npmlog/-/npmlog-4.0.1.tgz#d14f503b4cd79710375553004ba96e6662fbc0b8" - dependencies: - are-we-there-yet "~1.1.2" - console-control-strings "~1.1.0" - gauge "~2.7.1" - set-blocking "~2.0.0" - -number-is-nan@^1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/number-is-nan/-/number-is-nan-1.0.1.tgz#097b602b53422a522c1afb8790318336941a011d" - -oauth-sign@~0.8.1: - version "0.8.2" - resolved "https://registry.yarnpkg.com/oauth-sign/-/oauth-sign-0.8.2.tgz#46a6ab7f0aead8deae9ec0565780b7d4efeb9d43" - -object-assign@^2.0.0: - version "2.1.1" - resolved "https://registry.yarnpkg.com/object-assign/-/object-assign-2.1.1.tgz#43c36e5d569ff8e4816c4efa8be02d26967c18aa" - -object-assign@^3.0.0: - version "3.0.0" - resolved "https://registry.yarnpkg.com/object-assign/-/object-assign-3.0.0.tgz#9bedd5ca0897949bca47e7ff408062d549f587f2" - -object-assign@^4.0.0, object-assign@^4.0.1, object-assign@^4.1.0: - version "4.1.0" - resolved "https://registry.yarnpkg.com/object-assign/-/object-assign-4.1.0.tgz#7a3b3d0e98063d43f4c03f2e8ae6cd51a86883a0" - -object.omit@^2.0.0: - version "2.0.1" - resolved "https://registry.yarnpkg.com/object.omit/-/object.omit-2.0.1.tgz#1a9c744829f39dbb858c76ca3579ae2a54ebd1fa" - dependencies: - for-own "^0.1.4" - is-extendable "^0.1.1" - -on-finished@~2.3.0: - version "2.3.0" - resolved "https://registry.yarnpkg.com/on-finished/-/on-finished-2.3.0.tgz#20f1336481b083cd75337992a16971aa2d906947" - dependencies: - ee-first "1.1.1" - -on-headers@~1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/on-headers/-/on-headers-1.0.1.tgz#928f5d0f470d49342651ea6794b0857c100693f7" - -once@^1.3.0: - version "1.4.0" - resolved "https://registry.yarnpkg.com/once/-/once-1.4.0.tgz#583b1aa775961d4b113ac17d9c50baef9dd76bd1" - dependencies: - wrappy "1" - -once@~1.3.0, once@~1.3.3: - version "1.3.3" - resolved "https://registry.yarnpkg.com/once/-/once-1.3.3.tgz#b2e261557ce4c314ec8304f3fa82663e4297ca20" - dependencies: - wrappy "1" - -onetime@^1.0.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/onetime/-/onetime-1.1.0.tgz#a1f7838f8314c516f05ecefcbc4ccfe04b4ed789" - -optionator@^0.8.2: - version "0.8.2" - resolved "https://registry.yarnpkg.com/optionator/-/optionator-0.8.2.tgz#364c5e409d3f4d6301d6c0b4c05bba50180aeb64" - dependencies: - deep-is "~0.1.3" - fast-levenshtein "~2.0.4" - levn "~0.3.0" - prelude-ls "~1.1.2" - type-check "~0.3.2" - wordwrap "~1.0.0" - -ordered-read-streams@^0.3.0: - version "0.3.0" - resolved "https://registry.yarnpkg.com/ordered-read-streams/-/ordered-read-streams-0.3.0.tgz#7137e69b3298bb342247a1bbee3881c80e2fd78b" - dependencies: - is-stream "^1.0.1" - readable-stream "^2.0.1" - -os-homedir@^1.0.0: - version "1.0.2" - resolved "https://registry.yarnpkg.com/os-homedir/-/os-homedir-1.0.2.tgz#ffbc4988336e0e833de0c168c7ef152121aa7fb3" - -os-locale@^1.4.0: - version "1.4.0" - resolved "https://registry.yarnpkg.com/os-locale/-/os-locale-1.4.0.tgz#20f9f17ae29ed345e8bde583b13d2009803c14d9" - dependencies: - lcid "^1.0.0" - -os-shim@^0.1.2: - version "0.1.3" - resolved "https://registry.yarnpkg.com/os-shim/-/os-shim-0.1.3.tgz#6b62c3791cf7909ea35ed46e17658bb417cb3917" - -os-tmpdir@^1.0.0, os-tmpdir@^1.0.1: - version "1.0.2" - resolved "https://registry.yarnpkg.com/os-tmpdir/-/os-tmpdir-1.0.2.tgz#bbe67406c79aa85c5cfec766fe5734555dfa1274" - -osenv@^0.1.0: - version "0.1.3" - resolved "https://registry.yarnpkg.com/osenv/-/osenv-0.1.3.tgz#83cf05c6d6458fc4d5ac6362ea325d92f2754217" - dependencies: - os-homedir "^1.0.0" - os-tmpdir "^1.0.0" - -output-file-sync@^1.1.0: - version "1.1.2" - resolved "https://registry.yarnpkg.com/output-file-sync/-/output-file-sync-1.1.2.tgz#d0a33eefe61a205facb90092e826598d5245ce76" - dependencies: - graceful-fs "^4.1.4" - mkdirp "^0.5.1" - object-assign "^4.1.0" - -package-json@^1.0.0: - version "1.2.0" - resolved "https://registry.yarnpkg.com/package-json/-/package-json-1.2.0.tgz#c8ecac094227cdf76a316874ed05e27cc939a0e0" - dependencies: - got "^3.2.0" - registry-url "^3.0.0" - -parse-glob@^3.0.4: - version "3.0.4" - resolved "https://registry.yarnpkg.com/parse-glob/-/parse-glob-3.0.4.tgz#b2c376cfb11f35513badd173ef0bb6e3a388391c" - dependencies: - glob-base "^0.3.0" - is-dotfile "^1.0.0" - is-extglob "^1.0.0" - is-glob "^2.0.0" - -parse-json@^2.2.0: - version "2.2.0" - resolved "https://registry.yarnpkg.com/parse-json/-/parse-json-2.2.0.tgz#f480f40434ef80741f8469099f8dea18f55a4dc9" - dependencies: - error-ex "^1.2.0" - -parseurl@~1.3.1: - version "1.3.1" - resolved "https://registry.yarnpkg.com/parseurl/-/parseurl-1.3.1.tgz#c8ab8c9223ba34888aa64a297b28853bec18da56" - -passport-jwt@^2.2.1: - version "2.2.1" - resolved "https://registry.yarnpkg.com/passport-jwt/-/passport-jwt-2.2.1.tgz#0e004c94071319d673d9d9bcfd1574a868011527" - dependencies: - jsonwebtoken "^7.0.0" - passport-strategy "^1.0.0" - -passport-strategy@1.x.x, passport-strategy@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/passport-strategy/-/passport-strategy-1.0.0.tgz#b5539aa8fc225a3d1ad179476ddf236b440f52e4" - -passport@^0.3.2: - version "0.3.2" - resolved "https://registry.yarnpkg.com/passport/-/passport-0.3.2.tgz#9dd009f915e8fe095b0124a01b8f82da07510102" - dependencies: - passport-strategy "1.x.x" - pause "0.0.1" - -path-dirname@^1.0.0: - version "1.0.2" - resolved "https://registry.yarnpkg.com/path-dirname/-/path-dirname-1.0.2.tgz#cc33d24d525e099a5388c0336c6e32b9160609e0" - -path-exists@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/path-exists/-/path-exists-1.0.0.tgz#d5a8998eb71ef37a74c34eb0d9eba6e878eea081" - -path-exists@^2.0.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/path-exists/-/path-exists-2.1.0.tgz#0feb6c64f0fc518d9a754dd5efb62c7022761f4b" - dependencies: - pinkie-promise "^2.0.0" - -path-is-absolute@^1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/path-is-absolute/-/path-is-absolute-1.0.1.tgz#174b9268735534ffbc7ace6bf53a5a9e1b5c5f5f" - -path-is-inside@^1.0.1: - version "1.0.2" - resolved "https://registry.yarnpkg.com/path-is-inside/-/path-is-inside-1.0.2.tgz#365417dede44430d1c11af61027facf074bdfc53" - -path-to-regexp@0.1.7: - version "0.1.7" - resolved "https://registry.yarnpkg.com/path-to-regexp/-/path-to-regexp-0.1.7.tgz#df604178005f522f15eb4490e7247a1bfaa67f8c" - -path-type@^1.0.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/path-type/-/path-type-1.1.0.tgz#59c44f7ee491da704da415da5a4070ba4f8fe441" - dependencies: - graceful-fs "^4.1.2" - pify "^2.0.0" - pinkie-promise "^2.0.0" - -pause-stream@0.0.11: - version "0.0.11" - resolved "https://registry.yarnpkg.com/pause-stream/-/pause-stream-0.0.11.tgz#fe5a34b0cbce12b5aa6a2b403ee2e73b602f1445" - dependencies: - through "~2.3" - -pause@0.0.1: - version "0.0.1" - resolved "https://registry.yarnpkg.com/pause/-/pause-0.0.1.tgz#1d408b3fdb76923b9543d96fb4c9dfd535d9cb5d" - -pend@~1.2.0: - version "1.2.0" - resolved "https://registry.yarnpkg.com/pend/-/pend-1.2.0.tgz#7a57eb550a6783f9115331fcf4663d5c8e007a50" - -pify@^2.0.0: - version "2.3.0" - resolved "https://registry.yarnpkg.com/pify/-/pify-2.3.0.tgz#ed141a6ac043a849ea588498e7dca8b15330e90c" - -pinkie-promise@^2.0.0: - version "2.0.1" - resolved "https://registry.yarnpkg.com/pinkie-promise/-/pinkie-promise-2.0.1.tgz#2135d6dfa7a358c069ac9b178776288228450ffa" - dependencies: - pinkie "^2.0.0" - -pinkie@^2.0.0: - version "2.0.4" - resolved "https://registry.yarnpkg.com/pinkie/-/pinkie-2.0.4.tgz#72556b80cfa0d48a974e80e77248e80ed4f7f870" - -pkg-dir@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/pkg-dir/-/pkg-dir-1.0.0.tgz#7a4b508a8d5bb2d629d447056ff4e9c9314cf3d4" - dependencies: - find-up "^1.0.0" - -pkg-up@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/pkg-up/-/pkg-up-1.0.0.tgz#3e08fb461525c4421624a33b9f7e6d0af5b05a26" - dependencies: - find-up "^1.0.0" - -pluralize@^1.2.1: - version "1.2.1" - resolved "https://registry.yarnpkg.com/pluralize/-/pluralize-1.2.1.tgz#d1a21483fd22bb41e58a12fa3421823140897c45" - -prelude-ls@~1.1.2: - version "1.1.2" - resolved "https://registry.yarnpkg.com/prelude-ls/-/prelude-ls-1.1.2.tgz#21932a549f5e52ffd9a827f570e04be62a97da54" - -prepend-http@^1.0.0: - version "1.0.4" - resolved "https://registry.yarnpkg.com/prepend-http/-/prepend-http-1.0.4.tgz#d4f4562b0ce3696e41ac52d0e002e57a635dc6dc" - -preserve@^0.2.0: - version "0.2.0" - resolved "https://registry.yarnpkg.com/preserve/-/preserve-0.2.0.tgz#815ed1f6ebc65926f865b310c0713bcb3315ce4b" - -private@^0.1.6, private@~0.1.5: - version "0.1.6" - resolved "https://registry.yarnpkg.com/private/-/private-0.1.6.tgz#55c6a976d0f9bafb9924851350fe47b9b5fbb7c1" - -process-nextick-args@~1.0.6: - version "1.0.7" - resolved "https://registry.yarnpkg.com/process-nextick-args/-/process-nextick-args-1.0.7.tgz#150e20b756590ad3f91093f25a4f2ad8bff30ba3" - -progress@^1.1.8: - version "1.1.8" - resolved "https://registry.yarnpkg.com/progress/-/progress-1.1.8.tgz#e260c78f6161cdd9b0e56cc3e0a85de17c7a57be" - -promise@~1.3.0: - version "1.3.0" - resolved "https://registry.yarnpkg.com/promise/-/promise-1.3.0.tgz#e5cc9a4c8278e4664ffedc01c7da84842b040175" - dependencies: - is-promise "~1" - -proxy-addr@~1.1.2: - version "1.1.2" - resolved "https://registry.yarnpkg.com/proxy-addr/-/proxy-addr-1.1.2.tgz#b4cc5f22610d9535824c123aef9d3cf73c40ba37" - dependencies: - forwarded "~0.1.0" - ipaddr.js "1.1.1" - -ps-tree@^1.0.1: - version "1.1.0" - resolved "https://registry.yarnpkg.com/ps-tree/-/ps-tree-1.1.0.tgz#b421b24140d6203f1ed3c76996b4427b08e8c014" - dependencies: - event-stream "~3.3.0" - -punycode@^1.4.1: - version "1.4.1" - resolved "https://registry.yarnpkg.com/punycode/-/punycode-1.4.1.tgz#c0d5a63b2718800ad8e1eb0fa5269c84dd41845e" - -qs@6.2.0: - version "6.2.0" - resolved "https://registry.yarnpkg.com/qs/-/qs-6.2.0.tgz#3b7848c03c2dece69a9522b0fae8c4126d745f3b" - -qs@~6.3.0: - version "6.3.0" - resolved "https://registry.yarnpkg.com/qs/-/qs-6.3.0.tgz#f403b264f23bc01228c74131b407f18d5ea5d442" - -random-bytes@~1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/random-bytes/-/random-bytes-1.0.0.tgz#4f68a1dc0ae58bd3fb95848c30324db75d64360b" - -randomatic@^1.1.3: - version "1.1.6" - resolved "https://registry.yarnpkg.com/randomatic/-/randomatic-1.1.6.tgz#110dcabff397e9dcff7c0789ccc0a49adf1ec5bb" - dependencies: - is-number "^2.0.2" - kind-of "^3.0.2" - -range-parser@~1.2.0: - version "1.2.0" - resolved "https://registry.yarnpkg.com/range-parser/-/range-parser-1.2.0.tgz#f49be6b487894ddc40dcc94a322f611092e00d5e" - -raw-body@~2.1.7: - version "2.1.7" - resolved "https://registry.yarnpkg.com/raw-body/-/raw-body-2.1.7.tgz#adfeace2e4fb3098058014d08c072dcc59758774" - dependencies: - bytes "2.4.0" - iconv-lite "0.4.13" - unpipe "1.0.0" - -rc@^1.0.1, rc@~1.1.6: - version "1.1.6" - resolved "https://registry.yarnpkg.com/rc/-/rc-1.1.6.tgz#43651b76b6ae53b5c802f1151fa3fc3b059969c9" - dependencies: - deep-extend "~0.4.0" - ini "~1.3.0" - minimist "^1.2.0" - strip-json-comments "~1.0.4" - -read-all-stream@^3.0.0: - version "3.1.0" - resolved "https://registry.yarnpkg.com/read-all-stream/-/read-all-stream-3.1.0.tgz#35c3e177f2078ef789ee4bfafa4373074eaef4fa" - dependencies: - pinkie-promise "^2.0.0" - readable-stream "^2.0.0" - -read-pkg-up@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/read-pkg-up/-/read-pkg-up-1.0.1.tgz#9d63c13276c065918d57f002a57f40a1b643fb02" - dependencies: - find-up "^1.0.0" - read-pkg "^1.0.0" - -read-pkg@^1.0.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/read-pkg/-/read-pkg-1.1.0.tgz#f5ffaa5ecd29cb31c0474bca7d756b6bb29e3f28" - dependencies: - load-json-file "^1.0.0" - normalize-package-data "^2.3.2" - path-type "^1.0.0" - -readable-stream@2.1.5, readable-stream@^2.0.0, "readable-stream@^2.0.0 || ^1.1.13", readable-stream@^2.0.1, readable-stream@^2.0.2, readable-stream@^2.0.4, readable-stream@^2.0.5, readable-stream@^2.1.5, readable-stream@~2.1.4: - version "2.1.5" - resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.1.5.tgz#66fa8b720e1438b364681f2ad1a63c618448c9d0" - dependencies: - buffer-shims "^1.0.0" - core-util-is "~1.0.0" - inherits "~2.0.1" - isarray "~1.0.0" - process-nextick-args "~1.0.6" - string_decoder "~0.10.x" - util-deprecate "~1.0.1" - -"readable-stream@>=1.0.33-1 <1.1.0-0": - version "1.0.34" - resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-1.0.34.tgz#125820e34bc842d2f2aaafafe4c2916ee32c157c" - dependencies: - core-util-is "~1.0.0" - inherits "~2.0.1" - isarray "0.0.1" - string_decoder "~0.10.x" - -readable-stream@~2.0.0, readable-stream@~2.0.5: - version "2.0.6" - resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.0.6.tgz#8f90341e68a53ccc928788dacfcd11b36eb9b78e" - dependencies: - core-util-is "~1.0.0" - inherits "~2.0.1" - isarray "~1.0.0" - process-nextick-args "~1.0.6" - string_decoder "~0.10.x" - util-deprecate "~1.0.1" - -readdirp@^2.0.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/readdirp/-/readdirp-2.1.0.tgz#4ed0ad060df3073300c48440373f72d1cc642d78" - dependencies: - graceful-fs "^4.1.2" - minimatch "^3.0.2" - readable-stream "^2.0.2" - set-immediate-shim "^1.0.1" - -readline2@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/readline2/-/readline2-1.0.1.tgz#41059608ffc154757b715d9989d199ffbf372e35" - dependencies: - code-point-at "^1.0.0" - is-fullwidth-code-point "^1.0.0" - mute-stream "0.0.5" - -redent@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/redent/-/redent-1.0.0.tgz#cf916ab1fd5f1f16dfb20822dd6ec7f730c2afde" - dependencies: - indent-string "^2.1.0" - strip-indent "^1.0.1" - -regenerate@^1.2.1: - version "1.3.2" - resolved "https://registry.yarnpkg.com/regenerate/-/regenerate-1.3.2.tgz#d1941c67bad437e1be76433add5b385f95b19260" - -regenerator-runtime@^0.9.5: - version "0.9.6" - resolved "https://registry.yarnpkg.com/regenerator-runtime/-/regenerator-runtime-0.9.6.tgz#d33eb95d0d2001a4be39659707c51b0cb71ce029" - -regex-cache@^0.4.2: - version "0.4.3" - resolved "https://registry.yarnpkg.com/regex-cache/-/regex-cache-0.4.3.tgz#9b1a6c35d4d0dfcef5711ae651e8e9d3d7114145" - dependencies: - is-equal-shallow "^0.1.3" - is-primitive "^2.0.0" - -regexpu-core@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/regexpu-core/-/regexpu-core-2.0.0.tgz#49d038837b8dcf8bfa5b9a42139938e6ea2ae240" - dependencies: - regenerate "^1.2.1" - regjsgen "^0.2.0" - regjsparser "^0.1.4" - -registry-url@^3.0.0: - version "3.1.0" - resolved "https://registry.yarnpkg.com/registry-url/-/registry-url-3.1.0.tgz#3d4ef870f73dde1d77f0cf9a381432444e174942" - dependencies: - rc "^1.0.1" - -regjsgen@^0.2.0: - version "0.2.0" - resolved "https://registry.yarnpkg.com/regjsgen/-/regjsgen-0.2.0.tgz#6c016adeac554f75823fe37ac05b92d5a4edb1f7" - -regjsparser@^0.1.4: - version "0.1.5" - resolved "https://registry.yarnpkg.com/regjsparser/-/regjsparser-0.1.5.tgz#7ee8f84dc6fa792d3fd0ae228d24bd949ead205c" - dependencies: - jsesc "~0.5.0" - -repeat-element@^1.1.2: - version "1.1.2" - resolved "https://registry.yarnpkg.com/repeat-element/-/repeat-element-1.1.2.tgz#ef089a178d1483baae4d93eb98b4f9e4e11d990a" - -repeat-string@^1.5.2: - version "1.6.1" - resolved "https://registry.yarnpkg.com/repeat-string/-/repeat-string-1.6.1.tgz#8dcae470e1c88abc2d600fff4a776286da75e637" - -repeating@^1.1.2: - version "1.1.3" - resolved "https://registry.yarnpkg.com/repeating/-/repeating-1.1.3.tgz#3d4114218877537494f97f77f9785fab810fa4ac" - dependencies: - is-finite "^1.0.0" - -repeating@^2.0.0: - version "2.0.1" - resolved "https://registry.yarnpkg.com/repeating/-/repeating-2.0.1.tgz#5214c53a926d3552707527fbab415dbc08d06dda" - dependencies: - is-finite "^1.0.0" - -replace-ext@0.0.1: - version "0.0.1" - resolved "https://registry.yarnpkg.com/replace-ext/-/replace-ext-0.0.1.tgz#29bbd92078a739f0bcce2b4ee41e837953522924" - -request@^2.65.0, request@^2.79.0: - version "2.79.0" - resolved "https://registry.yarnpkg.com/request/-/request-2.79.0.tgz#4dfe5bf6be8b8cdc37fcf93e04b65577722710de" - dependencies: - aws-sign2 "~0.6.0" - aws4 "^1.2.1" - caseless "~0.11.0" - combined-stream "~1.0.5" - extend "~3.0.0" - forever-agent "~0.6.1" - form-data "~2.1.1" - har-validator "~2.0.6" - hawk "~3.1.3" - http-signature "~1.1.0" - is-typedarray "~1.0.0" - isstream "~0.1.2" - json-stringify-safe "~5.0.1" - mime-types "~2.1.7" - oauth-sign "~0.8.1" - qs "~6.3.0" - stringstream "~0.0.4" - tough-cookie "~2.3.0" - tunnel-agent "~0.4.1" - uuid "^3.0.0" - -require-uncached@^1.0.2: - version "1.0.3" - resolved "https://registry.yarnpkg.com/require-uncached/-/require-uncached-1.0.3.tgz#4e0d56d6c9662fd31e43011c4b95aa49955421d3" - dependencies: - caller-path "^0.1.0" - resolve-from "^1.0.0" - -require_optional@~1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/require_optional/-/require_optional-1.0.0.tgz#52a86137a849728eb60a55533617f8f914f59abf" - dependencies: - resolve-from "^2.0.0" - semver "^5.1.0" - -resolve-from@^1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/resolve-from/-/resolve-from-1.0.1.tgz#26cbfe935d1aeeeabb29bc3fe5aeb01e93d44226" - -resolve-from@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/resolve-from/-/resolve-from-2.0.0.tgz#9480ab20e94ffa1d9e80a804c7ea147611966b57" - -resolve@^1.1.6: - version "1.1.7" - resolved "https://registry.yarnpkg.com/resolve/-/resolve-1.1.7.tgz#203114d82ad2c5ed9e8e0411b3932875e889e97b" - -restore-cursor@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/restore-cursor/-/restore-cursor-1.0.1.tgz#34661f46886327fed2991479152252df92daa541" - dependencies: - exit-hook "^1.0.0" - onetime "^1.0.0" - -rimraf@2, rimraf@^2.2.8, rimraf@~2.5.1, rimraf@~2.5.4: - version "2.5.4" - resolved "https://registry.yarnpkg.com/rimraf/-/rimraf-2.5.4.tgz#96800093cbf1a0c86bd95b4625467535c29dfa04" - dependencies: - glob "^7.0.5" - -run-async@^0.1.0: - version "0.1.0" - resolved "https://registry.yarnpkg.com/run-async/-/run-async-0.1.0.tgz#c8ad4a5e110661e402a7d21b530e009f25f8e389" - dependencies: - once "^1.3.0" - -rx-lite@^3.1.2: - version "3.1.2" - resolved "https://registry.yarnpkg.com/rx-lite/-/rx-lite-3.1.2.tgz#19ce502ca572665f3b647b10939f97fd1615f102" - -safe-buffer@^5.0.1: - version "5.0.1" - resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.0.1.tgz#d263ca54696cd8a306b5ca6551e92de57918fbe7" - -seek-bzip@^1.0.3: - version "1.0.5" - resolved "https://registry.yarnpkg.com/seek-bzip/-/seek-bzip-1.0.5.tgz#cfe917cb3d274bcffac792758af53173eb1fabdc" - dependencies: - commander "~2.8.1" - -semver-diff@^2.0.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/semver-diff/-/semver-diff-2.1.0.tgz#4bbb8437c8d37e4b0cf1a68fd726ec6d645d6d36" - dependencies: - semver "^5.0.3" - -semver-regex@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/semver-regex/-/semver-regex-1.0.0.tgz#92a4969065f9c70c694753d55248fc68f8f652c9" - -semver-truncate@^1.0.0: - version "1.1.2" - resolved "https://registry.yarnpkg.com/semver-truncate/-/semver-truncate-1.1.2.tgz#57f41de69707a62709a7e0104ba2117109ea47e8" - dependencies: - semver "^5.3.0" - -"semver@2 || 3 || 4 || 5", semver@^5.0.3, semver@^5.1.0, semver@^5.3.0, semver@~5.3.0: - version "5.3.0" - resolved "https://registry.yarnpkg.com/semver/-/semver-5.3.0.tgz#9b2ce5d3de02d17c6012ad326aa6b4d0cf54f94f" - -semver@^4.0.3: - version "4.3.6" - resolved "https://registry.yarnpkg.com/semver/-/semver-4.3.6.tgz#300bc6e0e86374f7ba61068b5b1ecd57fc6532da" - -semver@~5.0.1: - version "5.0.3" - resolved "https://registry.yarnpkg.com/semver/-/semver-5.0.3.tgz#77466de589cd5d3c95f138aa78bc569a3cb5d27a" - -send@0.14.1: - version "0.14.1" - resolved "https://registry.yarnpkg.com/send/-/send-0.14.1.tgz#a954984325392f51532a7760760e459598c89f7a" - dependencies: - debug "~2.2.0" - depd "~1.1.0" - destroy "~1.0.4" - encodeurl "~1.0.1" - escape-html "~1.0.3" - etag "~1.7.0" - fresh "0.3.0" - http-errors "~1.5.0" - mime "1.3.4" - ms "0.7.1" - on-finished "~2.3.0" - range-parser "~1.2.0" - statuses "~1.3.0" - -serve-static@~1.11.1: - version "1.11.1" - resolved "https://registry.yarnpkg.com/serve-static/-/serve-static-1.11.1.tgz#d6cce7693505f733c759de57befc1af76c0f0805" - dependencies: - encodeurl "~1.0.1" - escape-html "~1.0.3" - parseurl "~1.3.1" - send "0.14.1" - -set-blocking@~2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/set-blocking/-/set-blocking-2.0.0.tgz#045f9782d011ae9a6803ddd382b24392b3d890f7" - -set-immediate-shim@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/set-immediate-shim/-/set-immediate-shim-1.0.1.tgz#4b2b1b27eb808a9f8dcc481a58e5e56f599f3f61" - -setprototypeof@1.0.2: - version "1.0.2" - resolved "https://registry.yarnpkg.com/setprototypeof/-/setprototypeof-1.0.2.tgz#81a552141ec104b88e89ce383103ad5c66564d08" - -shebang-regex@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/shebang-regex/-/shebang-regex-1.0.0.tgz#da42f49740c0b42db2ca9728571cb190c98efea3" - -shelljs@^0.6.0: - version "0.6.1" - resolved "https://registry.yarnpkg.com/shelljs/-/shelljs-0.6.1.tgz#ec6211bed1920442088fe0f70b2837232ed2c8a8" - -signal-exit@^3.0.0: - version "3.0.2" - resolved "https://registry.yarnpkg.com/signal-exit/-/signal-exit-3.0.2.tgz#b5fdc08f1287ea1178628e415e25132b73646c6d" - -slash@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/slash/-/slash-1.0.0.tgz#c41f2f6c39fc16d1cd17ad4b5d896114ae470d55" - -slice-ansi@0.0.4: - version "0.0.4" - resolved "https://registry.yarnpkg.com/slice-ansi/-/slice-ansi-0.0.4.tgz#edbf8903f66f7ce2f8eafd6ceed65e264c831b35" - -slide@^1.1.5: - version "1.1.6" - resolved "https://registry.yarnpkg.com/slide/-/slide-1.1.6.tgz#56eb027d65b4d2dce6cb2e2d32c4d4afc9e1d707" - -sntp@1.x.x: - version "1.0.9" - resolved "https://registry.yarnpkg.com/sntp/-/sntp-1.0.9.tgz#6541184cc90aeea6c6e7b35e2659082443c66198" - dependencies: - hoek "2.x.x" - -source-map-support@^0.4.2: - version "0.4.6" - resolved "https://registry.yarnpkg.com/source-map-support/-/source-map-support-0.4.6.tgz#32552aa64b458392a85eab3b0b5ee61527167aeb" - dependencies: - source-map "^0.5.3" - -source-map@^0.5.0, source-map@^0.5.3: - version "0.5.6" - resolved "https://registry.yarnpkg.com/source-map/-/source-map-0.5.6.tgz#75ce38f52bf0733c5a7f0c118d81334a2bb5f412" - -spawn-sync@1.0.15: - version "1.0.15" - resolved "https://registry.yarnpkg.com/spawn-sync/-/spawn-sync-1.0.15.tgz#b00799557eb7fb0c8376c29d44e8a1ea67e57476" - dependencies: - concat-stream "^1.4.7" - os-shim "^0.1.2" - -spdx-correct@~1.0.0: - version "1.0.2" - resolved "https://registry.yarnpkg.com/spdx-correct/-/spdx-correct-1.0.2.tgz#4b3073d933ff51f3912f03ac5519498a4150db40" - dependencies: - spdx-license-ids "^1.0.2" - -spdx-expression-parse@~1.0.0: - version "1.0.4" - resolved "https://registry.yarnpkg.com/spdx-expression-parse/-/spdx-expression-parse-1.0.4.tgz#9bdf2f20e1f40ed447fbe273266191fced51626c" - -spdx-license-ids@^1.0.2: - version "1.2.2" - resolved "https://registry.yarnpkg.com/spdx-license-ids/-/spdx-license-ids-1.2.2.tgz#c9df7a3424594ade6bd11900d596696dc06bac57" - -split@0.3: - version "0.3.3" - resolved "https://registry.yarnpkg.com/split/-/split-0.3.3.tgz#cd0eea5e63a211dfff7eb0f091c4133e2d0dd28f" - dependencies: - through "2" - -sprintf-js@~1.0.2: - version "1.0.3" - resolved "https://registry.yarnpkg.com/sprintf-js/-/sprintf-js-1.0.3.tgz#04e6926f662895354f3dd015203633b857297e2c" - -sshpk@^1.7.0: - version "1.10.1" - resolved "https://registry.yarnpkg.com/sshpk/-/sshpk-1.10.1.tgz#30e1a5d329244974a1af61511339d595af6638b0" - dependencies: - asn1 "~0.2.3" - assert-plus "^1.0.0" - dashdash "^1.12.0" - getpass "^0.1.1" - optionalDependencies: - bcrypt-pbkdf "^1.0.0" - ecc-jsbn "~0.1.1" - jodid25519 "^1.0.0" - jsbn "~0.1.0" - tweetnacl "~0.14.0" - -stat-mode@^0.2.0: - version "0.2.2" - resolved "https://registry.yarnpkg.com/stat-mode/-/stat-mode-0.2.2.tgz#e6c80b623123d7d80cf132ce538f346289072502" - -"statuses@>= 1.3.1 < 2", statuses@~1.3.0: - version "1.3.1" - resolved "https://registry.yarnpkg.com/statuses/-/statuses-1.3.1.tgz#faf51b9eb74aaef3b3acf4ad5f61abf24cb7b93e" - -stream-combiner2@^1.1.1: - version "1.1.1" - resolved "https://registry.yarnpkg.com/stream-combiner2/-/stream-combiner2-1.1.1.tgz#fb4d8a1420ea362764e21ad4780397bebcb41cbe" - dependencies: - duplexer2 "~0.1.0" - readable-stream "^2.0.2" - -stream-combiner@~0.0.4: - version "0.0.4" - resolved "https://registry.yarnpkg.com/stream-combiner/-/stream-combiner-0.0.4.tgz#4d5e433c185261dde623ca3f44c586bcf5c4ad14" - dependencies: - duplexer "~0.1.1" - -stream-shift@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/stream-shift/-/stream-shift-1.0.0.tgz#d5c752825e5367e786f78e18e445ea223a155952" - -string-length@^1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/string-length/-/string-length-1.0.1.tgz#56970fb1c38558e9e70b728bf3de269ac45adfac" - dependencies: - strip-ansi "^3.0.0" - -string-width@^1.0.1: - version "1.0.2" - resolved "https://registry.yarnpkg.com/string-width/-/string-width-1.0.2.tgz#118bdf5b8cdc51a2a7e70d211e07e2b0b9b107d3" - dependencies: - code-point-at "^1.0.0" - is-fullwidth-code-point "^1.0.0" - strip-ansi "^3.0.0" - -string-width@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/string-width/-/string-width-2.0.0.tgz#635c5436cc72a6e0c387ceca278d4e2eec52687e" - dependencies: - is-fullwidth-code-point "^2.0.0" - strip-ansi "^3.0.0" - -string_decoder@~0.10.x: - version "0.10.31" - resolved "https://registry.yarnpkg.com/string_decoder/-/string_decoder-0.10.31.tgz#62e203bc41766c6c28c9fc84301dab1c5310fa94" - -stringstream@~0.0.4: - version "0.0.5" - resolved "https://registry.yarnpkg.com/stringstream/-/stringstream-0.0.5.tgz#4e484cd4de5a0bbbee18e46307710a8a81621878" - -strip-ansi@^3.0.0, strip-ansi@^3.0.1: - version "3.0.1" - resolved "https://registry.yarnpkg.com/strip-ansi/-/strip-ansi-3.0.1.tgz#6a385fb8853d952d5ff05d0e8aaf94278dc63dcf" - dependencies: - ansi-regex "^2.0.0" - -strip-bom-stream@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/strip-bom-stream/-/strip-bom-stream-1.0.0.tgz#e7144398577d51a6bed0fa1994fa05f43fd988ee" - dependencies: - first-chunk-stream "^1.0.0" - strip-bom "^2.0.0" - -strip-bom@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/strip-bom/-/strip-bom-2.0.0.tgz#6219a85616520491f35788bdbf1447a99c7e6b0e" - dependencies: - is-utf8 "^0.2.0" - -strip-bom@^3.0.0: - version "3.0.0" - resolved "https://registry.yarnpkg.com/strip-bom/-/strip-bom-3.0.0.tgz#2334c18e9c759f7bdd56fdef7e9ae3d588e68ed3" - -strip-dirs@^1.0.0: - version "1.1.1" - resolved "https://registry.yarnpkg.com/strip-dirs/-/strip-dirs-1.1.1.tgz#960bbd1287844f3975a4558aa103a8255e2456a0" - dependencies: - chalk "^1.0.0" - get-stdin "^4.0.1" - is-absolute "^0.1.5" - is-natural-number "^2.0.0" - minimist "^1.1.0" - sum-up "^1.0.1" - -strip-indent@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/strip-indent/-/strip-indent-1.0.1.tgz#0c7962a6adefa7bbd4ac366460a638552ae1a0a2" - dependencies: - get-stdin "^4.0.1" - -strip-json-comments@~1.0.1, strip-json-comments@~1.0.4: - version "1.0.4" - resolved "https://registry.yarnpkg.com/strip-json-comments/-/strip-json-comments-1.0.4.tgz#1e15fbcac97d3ee99bf2d73b4c656b082bbafb91" - -subscriptions-transport-ws@0.2.6: - version "0.2.6" - resolved "https://registry.yarnpkg.com/subscriptions-transport-ws/-/subscriptions-transport-ws-0.2.6.tgz#433861167c25ef9a2b8697e9403afa2a77656cb3" - dependencies: - "@types/node" "^6.0.38" - backo2 "^1.0.2" - es6-promise "^3.2.1" - graphql-subscriptions "^0.1.3" - lodash.isobject "^3.0.2" - lodash.isstring "^4.0.1" - node-static "0.5.9" - websocket "^1.0.23" - -sum-up@^1.0.1: - version "1.0.3" - resolved "https://registry.yarnpkg.com/sum-up/-/sum-up-1.0.3.tgz#1c661f667057f63bcb7875aa1438bc162525156e" - dependencies: - chalk "^1.0.0" - -supports-color@3.1.2: - version "3.1.2" - resolved "https://registry.yarnpkg.com/supports-color/-/supports-color-3.1.2.tgz#72a262894d9d408b956ca05ff37b2ed8a6e2a2d5" - dependencies: - has-flag "^1.0.0" - -supports-color@^0.2.0: - version "0.2.0" - resolved "https://registry.yarnpkg.com/supports-color/-/supports-color-0.2.0.tgz#d92de2694eb3f67323973d7ae3d8b55b4c22190a" - -supports-color@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/supports-color/-/supports-color-2.0.0.tgz#535d045ce6b6363fa40117084629995e9df324c7" - -table@^3.7.8: - version "3.8.3" - resolved "https://registry.yarnpkg.com/table/-/table-3.8.3.tgz#2bbc542f0fda9861a755d3947fefd8b3f513855f" - dependencies: - ajv "^4.7.0" - ajv-keywords "^1.0.0" - chalk "^1.1.1" - lodash "^4.0.0" - slice-ansi "0.0.4" - string-width "^2.0.0" - -tar-pack@~3.3.0: - version "3.3.0" - resolved "https://registry.yarnpkg.com/tar-pack/-/tar-pack-3.3.0.tgz#30931816418f55afc4d21775afdd6720cee45dae" - dependencies: - debug "~2.2.0" - fstream "~1.0.10" - fstream-ignore "~1.0.5" - once "~1.3.3" - readable-stream "~2.1.4" - rimraf "~2.5.1" - tar "~2.2.1" - uid-number "~0.0.6" - -tar-stream@^1.1.1: - version "1.5.2" - resolved "https://registry.yarnpkg.com/tar-stream/-/tar-stream-1.5.2.tgz#fbc6c6e83c1a19d4cb48c7d96171fc248effc7bf" - dependencies: - bl "^1.0.0" - end-of-stream "^1.0.0" - readable-stream "^2.0.0" - xtend "^4.0.0" - -tar@~2.2.1: - version "2.2.1" - resolved "https://registry.yarnpkg.com/tar/-/tar-2.2.1.tgz#8e4d2a256c0e2185c6b18ad694aec968b83cb1d1" - dependencies: - block-stream "*" - fstream "^1.0.2" - inherits "2" - -text-table@~0.2.0: - version "0.2.0" - resolved "https://registry.yarnpkg.com/text-table/-/text-table-0.2.0.tgz#7f5ee823ae805207c00af2df4a84ec3fcfa570b4" - -through2-filter@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/through2-filter/-/through2-filter-2.0.0.tgz#60bc55a0dacb76085db1f9dae99ab43f83d622ec" - dependencies: - through2 "~2.0.0" - xtend "~4.0.0" - -through2@^0.6.0, through2@^0.6.1: - version "0.6.5" - resolved "https://registry.yarnpkg.com/through2/-/through2-0.6.5.tgz#41ab9c67b29d57209071410e1d7a7a968cd3ad48" - dependencies: - readable-stream ">=1.0.33-1 <1.1.0-0" - xtend ">=4.0.0 <4.1.0-0" - -through2@^2.0.0, through2@~2.0.0: - version "2.0.3" - resolved "https://registry.yarnpkg.com/through2/-/through2-2.0.3.tgz#0004569b37c7c74ba39c43f3ced78d1ad94140be" - dependencies: - readable-stream "^2.1.5" - xtend "~4.0.1" - -through@2, through@^2.3.6, through@~2.3, through@~2.3.1: - version "2.3.8" - resolved "https://registry.yarnpkg.com/through/-/through-2.3.8.tgz#0dd4c9ffaabc357960b1b724115d7e0e86a2e1f5" - -timed-out@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/timed-out/-/timed-out-2.0.0.tgz#f38b0ae81d3747d628001f41dafc652ace671c0a" - -to-absolute-glob@^0.1.1: - version "0.1.1" - resolved "https://registry.yarnpkg.com/to-absolute-glob/-/to-absolute-glob-0.1.1.tgz#1cdfa472a9ef50c239ee66999b662ca0eb39937f" - dependencies: - extend-shallow "^2.0.1" - -to-fast-properties@^1.0.1: - version "1.0.2" - resolved "https://registry.yarnpkg.com/to-fast-properties/-/to-fast-properties-1.0.2.tgz#f3f5c0c3ba7299a7ef99427e44633257ade43320" - -topo@1.x.x: - version "1.1.0" - resolved "https://registry.yarnpkg.com/topo/-/topo-1.1.0.tgz#e9d751615d1bb87dc865db182fa1ca0a5ef536d5" - dependencies: - hoek "2.x.x" - -touch@1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/touch/-/touch-1.0.0.tgz#449cbe2dbae5a8c8038e30d71fa0ff464947c4de" - dependencies: - nopt "~1.0.10" - -tough-cookie@~2.3.0: - version "2.3.2" - resolved "https://registry.yarnpkg.com/tough-cookie/-/tough-cookie-2.3.2.tgz#f081f76e4c85720e6c37a5faced737150d84072a" - dependencies: - punycode "^1.4.1" - -trim-newlines@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/trim-newlines/-/trim-newlines-1.0.0.tgz#5887966bb582a4503a41eb524f7d35011815a613" - -tryit@^1.0.1: - version "1.0.3" - resolved "https://registry.yarnpkg.com/tryit/-/tryit-1.0.3.tgz#393be730a9446fd1ead6da59a014308f36c289cb" - -tunnel-agent@~0.4.1: - version "0.4.3" - resolved "https://registry.yarnpkg.com/tunnel-agent/-/tunnel-agent-0.4.3.tgz#6373db76909fe570e08d73583365ed828a74eeeb" - -tweetnacl@^0.14.3, tweetnacl@~0.14.0: - version "0.14.4" - resolved "https://registry.yarnpkg.com/tweetnacl/-/tweetnacl-0.14.4.tgz#8c9dbfb52795686f166cd2023794bcf103d13c2b" - -type-check@~0.3.2: - version "0.3.2" - resolved "https://registry.yarnpkg.com/type-check/-/type-check-0.3.2.tgz#5884cab512cf1d355e3fb784f30804b2b520db72" - dependencies: - prelude-ls "~1.1.2" - -type-detect@0.1.1: - version "0.1.1" - resolved "https://registry.yarnpkg.com/type-detect/-/type-detect-0.1.1.tgz#0ba5ec2a885640e470ea4e8505971900dac58822" - -type-detect@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/type-detect/-/type-detect-1.0.0.tgz#762217cc06db258ec48908a1298e8b95121e8ea2" - -type-is@~1.6.13: - version "1.6.14" - resolved "https://registry.yarnpkg.com/type-is/-/type-is-1.6.14.tgz#e219639c17ded1ca0789092dd54a03826b817cb2" - dependencies: - media-typer "0.3.0" - mime-types "~2.1.13" - -typed-graphql@^1.0.2: - version "1.0.2" - resolved "https://registry.yarnpkg.com/typed-graphql/-/typed-graphql-1.0.2.tgz#4c0f788775d552df4d4ec3d73f25469252f40fb8" - -typedarray-to-buffer@^3.1.2: - version "3.1.2" - resolved "https://registry.yarnpkg.com/typedarray-to-buffer/-/typedarray-to-buffer-3.1.2.tgz#1017b32d984ff556eba100f501589aba1ace2e04" - dependencies: - is-typedarray "^1.0.0" - -typedarray@~0.0.5: - version "0.0.6" - resolved "https://registry.yarnpkg.com/typedarray/-/typedarray-0.0.6.tgz#867ac74e3864187b1d3d47d996a78ec5c8830777" - -uid-number@~0.0.6: - version "0.0.6" - resolved "https://registry.yarnpkg.com/uid-number/-/uid-number-0.0.6.tgz#0ea10e8035e8eb5b8e4449f06da1c730663baa81" - -uid-safe@~2.1.2: - version "2.1.3" - resolved "https://registry.yarnpkg.com/uid-safe/-/uid-safe-2.1.3.tgz#077e264a00b3187936b270bb7376a26473631071" - dependencies: - base64-url "1.3.3" - random-bytes "~1.0.0" - -undefsafe@0.0.3: - version "0.0.3" - resolved "https://registry.yarnpkg.com/undefsafe/-/undefsafe-0.0.3.tgz#ecca3a03e56b9af17385baac812ac83b994a962f" - -unique-stream@^2.0.2: - version "2.2.1" - resolved "https://registry.yarnpkg.com/unique-stream/-/unique-stream-2.2.1.tgz#5aa003cfbe94c5ff866c4e7d668bb1c4dbadb369" - dependencies: - json-stable-stringify "^1.0.0" - through2-filter "^2.0.0" - -unpipe@1.0.0, unpipe@~1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/unpipe/-/unpipe-1.0.0.tgz#b2bf4ee8514aae6165b4817829d21b2ef49904ec" - -update-notifier@0.5.0: - version "0.5.0" - resolved "https://registry.yarnpkg.com/update-notifier/-/update-notifier-0.5.0.tgz#07b5dc2066b3627ab3b4f530130f7eddda07a4cc" - dependencies: - chalk "^1.0.0" - configstore "^1.0.0" - is-npm "^1.0.0" - latest-version "^1.0.0" - repeating "^1.1.2" - semver-diff "^2.0.0" - string-length "^1.0.0" - -user-home@^1.1.1: - version "1.1.1" - resolved "https://registry.yarnpkg.com/user-home/-/user-home-1.1.1.tgz#2b5be23a32b63a7c9deb8d0f28d485724a3df190" - -user-home@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/user-home/-/user-home-2.0.0.tgz#9c70bfd8169bc1dcbf48604e0f04b8b49cde9e9f" - dependencies: - os-homedir "^1.0.0" - -util-deprecate@~1.0.1: - version "1.0.2" - resolved "https://registry.yarnpkg.com/util-deprecate/-/util-deprecate-1.0.2.tgz#450d4dc9fa70de732762fbd2d4a28981419a0ccf" - -utils-merge@1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/utils-merge/-/utils-merge-1.0.0.tgz#0294fb922bb9375153541c4f7096231f287c8af8" - -uuid@^2.0.1: - version "2.0.3" - resolved "https://registry.yarnpkg.com/uuid/-/uuid-2.0.3.tgz#67e2e863797215530dff318e5bf9dcebfd47b21a" - -uuid@^3.0.0: - version "3.0.1" - resolved "https://registry.yarnpkg.com/uuid/-/uuid-3.0.1.tgz#6544bba2dfda8c1cf17e629a3a305e2bb1fee6c1" - -v8flags@^2.0.10: - version "2.0.11" - resolved "https://registry.yarnpkg.com/v8flags/-/v8flags-2.0.11.tgz#bca8f30f0d6d60612cc2c00641e6962d42ae6881" - dependencies: - user-home "^1.1.1" - -vali-date@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/vali-date/-/vali-date-1.0.0.tgz#1b904a59609fb328ef078138420934f6b86709a6" - -validate-npm-package-license@^3.0.1: - version "3.0.1" - resolved "https://registry.yarnpkg.com/validate-npm-package-license/-/validate-npm-package-license-3.0.1.tgz#2804babe712ad3379459acfbe24746ab2c303fbc" - dependencies: - spdx-correct "~1.0.0" - spdx-expression-parse "~1.0.0" - -vary@^1, vary@~1.1.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/vary/-/vary-1.1.0.tgz#e1e5affbbd16ae768dd2674394b9ad3022653140" - -verror@1.3.6: - version "1.3.6" - resolved "https://registry.yarnpkg.com/verror/-/verror-1.3.6.tgz#cff5df12946d297d2baaefaa2689e25be01c005c" - dependencies: - extsprintf "1.0.2" - -vinyl-assign@^1.0.1: - version "1.2.1" - resolved "https://registry.yarnpkg.com/vinyl-assign/-/vinyl-assign-1.2.1.tgz#4d198891b5515911d771a8cd9c5480a46a074a45" - dependencies: - object-assign "^4.0.1" - readable-stream "^2.0.0" - -vinyl-fs@^2.2.0: - version "2.4.4" - resolved "https://registry.yarnpkg.com/vinyl-fs/-/vinyl-fs-2.4.4.tgz#be6ff3270cb55dfd7d3063640de81f25d7532239" - dependencies: - duplexify "^3.2.0" - glob-stream "^5.3.2" - graceful-fs "^4.0.0" - gulp-sourcemaps "1.6.0" - is-valid-glob "^0.3.0" - lazystream "^1.0.0" - lodash.isequal "^4.0.0" - merge-stream "^1.0.0" - mkdirp "^0.5.0" - object-assign "^4.0.0" - readable-stream "^2.0.4" - strip-bom "^2.0.0" - strip-bom-stream "^1.0.0" - through2 "^2.0.0" - through2-filter "^2.0.0" - vali-date "^1.0.0" - vinyl "^1.0.0" - -vinyl@^0.4.3: - version "0.4.6" - resolved "https://registry.yarnpkg.com/vinyl/-/vinyl-0.4.6.tgz#2f356c87a550a255461f36bbeb2a5ba8bf784847" - dependencies: - clone "^0.2.0" - clone-stats "^0.0.1" - -vinyl@^1.0.0: - version "1.2.0" - resolved "https://registry.yarnpkg.com/vinyl/-/vinyl-1.2.0.tgz#5c88036cf565e5df05558bfc911f8656df218884" - dependencies: - clone "^1.0.0" - clone-stats "^0.0.1" - replace-ext "0.0.1" - -websocket@^1.0.23: - version "1.0.23" - resolved "https://registry.yarnpkg.com/websocket/-/websocket-1.0.23.tgz#20de8ec4a7126b09465578cd5dbb29a9c296aac6" - dependencies: - debug "^2.2.0" - nan "^2.3.3" - typedarray-to-buffer "^3.1.2" - yaeti "^0.0.4" - -wide-align@^1.1.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/wide-align/-/wide-align-1.1.0.tgz#40edde802a71fea1f070da3e62dcda2e7add96ad" - dependencies: - string-width "^1.0.1" - -window-size@^0.1.4: - version "0.1.4" - resolved "https://registry.yarnpkg.com/window-size/-/window-size-0.1.4.tgz#f8e1aa1ee5a53ec5bf151ffa09742a6ad7697876" - -wordwrap@~1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/wordwrap/-/wordwrap-1.0.0.tgz#27584810891456a4171c8d0226441ade90cbcaeb" - -wrap-ansi@^2.0.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/wrap-ansi/-/wrap-ansi-2.1.0.tgz#d8fc3d284dd05794fe84973caecdd1cf824fdd85" - dependencies: - string-width "^1.0.1" - strip-ansi "^3.0.1" - -wrappy@1: - version "1.0.2" - resolved "https://registry.yarnpkg.com/wrappy/-/wrappy-1.0.2.tgz#b5243d8f3ec1aa35f1364605bc0d1036e30ab69f" - -write-file-atomic@^1.1.2: - version "1.2.0" - resolved "https://registry.yarnpkg.com/write-file-atomic/-/write-file-atomic-1.2.0.tgz#14c66d4e4cb3ca0565c28cf3b7a6f3e4d5938fab" - dependencies: - graceful-fs "^4.1.2" - imurmurhash "^0.1.4" - slide "^1.1.5" - -write@^0.2.1: - version "0.2.1" - resolved "https://registry.yarnpkg.com/write/-/write-0.2.1.tgz#5fc03828e264cea3fe91455476f7a3c566cb0757" - dependencies: - mkdirp "^0.5.1" - -xdg-basedir@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/xdg-basedir/-/xdg-basedir-2.0.0.tgz#edbc903cc385fc04523d966a335504b5504d1bd2" - dependencies: - os-homedir "^1.0.0" - -"xtend@>=4.0.0 <4.1.0-0", xtend@^4.0.0, xtend@^4.0.1, xtend@~4.0.0, xtend@~4.0.1: - version "4.0.1" - resolved "https://registry.yarnpkg.com/xtend/-/xtend-4.0.1.tgz#a5c6d532be656e23db820efb943a1f04998d63af" - -y18n@^3.2.0: - version "3.2.1" - resolved "https://registry.yarnpkg.com/y18n/-/y18n-3.2.1.tgz#6d15fba884c08679c0d77e88e7759e811e07fa41" - -yaeti@^0.0.4: - version "0.0.4" - resolved "https://registry.yarnpkg.com/yaeti/-/yaeti-0.0.4.tgz#89fe739c45ac4491028973193262a837693a66b6" - -yargs@^3.26.0: - version "3.32.0" - resolved "https://registry.yarnpkg.com/yargs/-/yargs-3.32.0.tgz#03088e9ebf9e756b69751611d2a5ef591482c995" - dependencies: - camelcase "^2.0.1" - cliui "^3.0.3" - decamelize "^1.1.1" - os-locale "^1.4.0" - string-width "^1.0.1" - window-size "^0.1.4" - y18n "^3.2.0" - -yauzl@^2.2.1: - version "2.7.0" - resolved "https://registry.yarnpkg.com/yauzl/-/yauzl-2.7.0.tgz#e21d847868b496fc29eaec23ee87fdd33e9b2bce" - dependencies: - buffer-crc32 "~0.2.3" - fd-slicer "~1.0.1" diff --git a/test/generate/directives.js b/test/generate/directives.js index 0626c29..bfc0291 100644 --- a/test/generate/directives.js +++ b/test/generate/directives.js @@ -47,7 +47,7 @@ describe('directives', () => { it('does not generate a model function', () => { const ast = generateModelAst(input); - const TestClass = ast.program.body[2].declaration.body; + const TestClass = ast.program.body[3].declaration.body; const keys = TestClass.body.map(p => p.key.name); expect(keys).to.not.include('status'); diff --git a/test/generate/schema.js b/test/generate/schema.js index da2cb79..395b33a 100644 --- a/test/generate/schema.js +++ b/test/generate/schema.js @@ -7,13 +7,13 @@ import { print } from 'graphql'; import readInput from '../../generate/read'; import generateSchema from '../../generate/schema'; -describe('generateResolvers', () => { +describe('generateSchema', () => { chai.use(chaiDiff); describe('with user test file', () => { const input = readInput(`${__dirname}/../input/User.graphql`); - it('generates correct JavaScript', () => { + it('generates correct Schema', () => { const schema = generateSchema(input); const output = print(schema); @@ -26,7 +26,7 @@ describe('generateResolvers', () => { describe('with tweet test file', () => { const input = readInput(`${__dirname}/../input/Tweet.graphql`); - it('generates correct JavaScript', () => { + it('generates correct Schema', () => { const schema = generateSchema(input); const output = print(schema); diff --git a/test/input/Tweet.graphql b/test/input/Tweet.graphql index 6568072..58a0654 100644 --- a/test/input/Tweet.graphql +++ b/test/input/Tweet.graphql @@ -8,9 +8,9 @@ type Tweet ) { - author: User! @unmodifiable @belongsTo @authRole("author") - coauthors: [User] @belongsTo @authRole("coauthors") - body: String! + author: User @unmodifiable @belongsTo @authRole(for: ["author"]) + coauthors: [User] @belongsToMany @authRole(for: ["coauthors"]) + body: String - likers: [User!] @hasAndBelongsToMany(as: "liked") + likers: [User] @hasAndBelongsToMany(as: "liked") } diff --git a/test/input/User.graphql b/test/input/User.graphql index 86b3007..1a89101 100644 --- a/test/input/User.graphql +++ b/test/input/User.graphql @@ -2,19 +2,19 @@ type User @authorize( admin: ["create", "read", "update", "delete"] - this: ["read", "update", "delete"] + this: ["create", "read", "update", "delete"] ) { - role: String @authRole("admin") + role: String @authRole(for: ["admin"]) username: String! bio: String notify: Boolean - tweets(minLikes: Int): [Tweet!] @hasMany(as: "author") - liked: [Tweet!] @belongsToMany + tweets(minLikes: Int): [Tweet] @hasMany(as: "author") + liked: [Tweet] @belongsToMany - following: [User!] @belongsToMany - followers: [User!] @hasAndBelongsToMany(as: "following") + following: [User] @belongsToMany + followers: [User] @hasAndBelongsToMany(as: "following") } diff --git a/test/output-app/README.md b/test/output-app/README.md index 1f06567..fad4cb5 100644 --- a/test/output-app/README.md +++ b/test/output-app/README.md @@ -183,8 +183,8 @@ type Tweet ) { - author: User! @unmodifiable @belongsTo @authRole("author") - coauthors: [User] @belongsTo @authRole("coauthors") + author: User! @unmodifiable @belongsTo @authRole(for: ["author"]) + coauthors: [User] @belongsTo @authRole(for: ["coauthors"]) body: String! likers: [User!] @hasAndBelongsToMany(as: "liked") @@ -211,7 +211,7 @@ type User ) { - role: String @authRole("admin") + role: String @authRole(for: ["admin"]) username: String! bio: String diff --git a/test/output-app/log/all-logs-readable.log b/test/output-app/log/all-logs-readable.log index e18df44..61f4460 100644 --- a/test/output-app/log/all-logs-readable.log +++ b/test/output-app/log/all-logs-readable.log @@ -4480,3 +4480,21439 @@ Query: 2017-08-18 18:55:04 ERROR uncaughtException: /Users/Toby/MICRO/create-graphql-server-3/test/output-app/model/Tweet.js: Unexpected token (10:0) {"date":"Fri Aug 18 2017 18:55:04 GMT+0200 (CEST)","process":{"pid":62151,"uid":501,"gid":20,"cwd":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app","execPath":"/usr/local/bin/node","version":"v7.0.0","argv":["node","/Users/Toby/MICRO/create-graphql-server-3/test/output-app/server/index.js"],"memoryUsage":{"rss":147070976,"heapTotal":122109952,"heapUsed":88428064}},"os":{"loadavg":[2.630859375,2.3134765625,2.17822265625],"uptime":697131},"trace":[{"column":null,"file":null,"function":null,"line":null,"method":null,"native":false},{"column":13,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$5.raise","line":4246,"method":"raise","native":false},{"column":8,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp.unexpected","line":1627,"method":"unexpected","native":false},{"column":12,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$3.parseExprAtom","line":3586,"method":"parseExprAtom","native":false},{"column":19,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$3.parseExprSubscripts","line":3331,"method":"parseExprSubscripts","native":false},{"column":19,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$3.parseMaybeUnary","line":3311,"method":"parseMaybeUnary","native":false},{"column":19,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$3.parseExprOps","line":3241,"method":"parseExprOps","native":false},{"column":19,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$3.parseMaybeConditional","line":3218,"method":"parseMaybeConditional","native":false},{"column":19,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$3.parseMaybeAssign","line":3181,"method":"parseMaybeAssign","native":false},{"column":19,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$3.parseExpression","line":3143,"method":"parseExpression","native":false},{"column":19,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$1.parseStatement","line":1774,"method":"parseStatement","native":false}],"stack":["SyntaxError: /Users/Toby/MICRO/create-graphql-server-3/test/output-app/model/Tweet.js: Unexpected token (10:0)","\u001b[0m \u001b[90m 8 | \u001b[39m \u001b[36mthis\u001b[39m\u001b[33m.\u001b[39mcollection \u001b[33m=\u001b[39m context\u001b[33m.\u001b[39mdb\u001b[33m.\u001b[39mcollection(\u001b[32m'tweet'\u001b[39m)\u001b[33m;\u001b[39m"," \u001b[90m 9 | \u001b[39m \u001b[36mthis\u001b[39m\u001b[33m.\u001b[39mpubsub \u001b[33m=\u001b[39m context\u001b[33m.\u001b[39mpubsub\u001b[33m;\u001b[39m","\u001b[31m\u001b[1m>\u001b[22m\u001b[39m\u001b[90m 10 | \u001b[39m\u001b[33m<<\u001b[39m\u001b[33m<<\u001b[39m\u001b[33m<<\u001b[39m\u001b[33m<\u001b[39m \u001b[33mHEAD\u001b[39m"," \u001b[90m | \u001b[39m\u001b[31m\u001b[1m^\u001b[22m\u001b[39m"," \u001b[90m 11 | \u001b[39m \u001b[36mconst\u001b[39m that \u001b[33m=\u001b[39m \u001b[36mthis\u001b[39m\u001b[33m;\u001b[39m"," \u001b[90m 12 | \u001b[39m \u001b[36mtry\u001b[39m {"," \u001b[90m 13 | \u001b[39m \u001b[36mconst\u001b[39m { me\u001b[33m,\u001b[39m \u001b[33mUser\u001b[39m } \u001b[33m=\u001b[39m context\u001b[33m;\u001b[39m\u001b[0m"," at Parser.pp$5.raise (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:4246:13)"," at Parser.pp.unexpected (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:1627:8)"," at Parser.pp$3.parseExprAtom (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:3586:12)"," at Parser.pp$3.parseExprSubscripts (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:3331:19)"," at Parser.pp$3.parseMaybeUnary (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:3311:19)"," at Parser.pp$3.parseExprOps (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:3241:19)"," at Parser.pp$3.parseMaybeConditional (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:3218:19)"," at Parser.pp$3.parseMaybeAssign (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:3181:19)"," at Parser.pp$3.parseExpression (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:3143:19)"," at Parser.pp$1.parseStatement (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:1774:19)"]} 2017-08-18 18:55:23 Logger started +2017-08-18 18:58:33 -------------------------------------------------------------------------------- +2017-08-18 18:58:33 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +query IntrospectionQuery { + __schema { + queryType { + name + } + mutationType { + name + } + subscriptionType { + name + } + types { + ...FullType + } + directives { + name + description + locations + args { + ...InputValue + } + } + } +} + +fragment FullType on __Type { + kind + name + description + fields(includeDeprecated: true) { + name + description + args { + ...InputValue + } + type { + ...TypeRef + } + isDeprecated + deprecationReason + } + inputFields { + ...InputValue + } + interfaces { + ...TypeRef + } + enumValues(includeDeprecated: true) { + name + description + isDeprecated + deprecationReason + } + possibleTypes { + ...TypeRef + } +} + +fragment InputValue on __InputValue { + name + description + type { + ...TypeRef + } + defaultValue +} + +fragment TypeRef on __Type { + kind + name + ofType { + kind + name + ofType { + kind + name + ofType { + kind + name + } + } + } +} + +2017-08-18 18:58:33 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:58:33 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:58:33 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 18:58:34 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:58:34 -------------------------------------------------------------------------------- +2017-08-18 18:58:34 ERROR Authorize readMany 'users' with user '' and role: 'null' is not authorized. +2017-08-18 18:58:34 Request: +User: "", role: "", id: "", +Operation: "", variables: ""{}"", +Query: +{ + users { + id + } +} + +2017-08-18 18:58:34 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:58:34 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 18:58:34 ERROR Authorize readMany 'users' with user '' and role: 'null' is not authorized. +2017-08-18 18:58:35 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:58:35 -------------------------------------------------------------------------------- +2017-08-18 18:58:35 ERROR Authorize readMany 'users' with user '' and role: 'null' is not authorized. +2017-08-18 18:58:35 Request: +User: "", role: "", id: "", +Operation: "", variables: ""{}"", +Query: +{ + users { + id + } +} + +2017-08-18 18:58:35 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:58:35 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 18:58:35 ERROR Authorize readMany 'users' with user '' and role: 'null' is not authorized. +2017-08-18 18:58:36 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:58:36 -------------------------------------------------------------------------------- +2017-08-18 18:58:36 ERROR Authorize readMany 'users' with user '' and role: 'null' is not authorized. +2017-08-18 18:58:36 Request: +User: "", role: "", id: "", +Operation: "", variables: ""{}"", +Query: +{ + users { + id + } +} + +2017-08-18 18:58:36 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:58:36 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 18:58:36 ERROR Authorize readMany 'users' with user '' and role: 'null' is not authorized. +2017-08-18 18:58:36 -------------------------------------------------------------------------------- +2017-08-18 18:58:36 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-08-18 18:58:36 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:58:36 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:58:42 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:58:42 -------------------------------------------------------------------------------- +2017-08-18 18:58:42 Request: +User: "", role: "", id: "", +Operation: "", variables: ""{}"", +Query: +{ + tweets { + id + } +} + +2017-08-18 18:58:42 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:58:42 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 18:58:42 Authorize readMany 'tweets' with user '' and role '' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + role + username + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + role + username + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca2") { + role + username + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + id + username + bio + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users { + username + createdAt + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(limit: 1) { + username + createdAt + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993) { + username + createdAt + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers { + username + createdAt + } + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(limit: 1) { + username + createdAt + } + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following { + username + createdAt + } + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(limit: 1) { + username + createdAt + } + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets { + id + createdAt + } + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(limit: 1) { + id + createdAt + } + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked { + id + createdAt + } + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(limit: 1) { + id + createdAt + } + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334) { + id + createdAt + } + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334, limit: 1) { + id + createdAt + } + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + id + body + } +} + +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + author { + username + } + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets { + id + createdAt + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(limit: 1) { + id + createdAt + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers { + username + createdAt + } + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(limit: 1) { + username + createdAt + } + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993) { + username + createdAt + } + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { + id + role + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 inserted user 59971cedf92483f2dd3d1276. +2017-08-18 18:59:25 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "tobkle", role: "admin", id: "59971cedf92483f2dd3d1276", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:59:25 inserted user 59971cedf92483f2dd3d1277. +2017-08-18 18:59:25 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "tobkle", role: "admin", id: "59971cedf92483f2dd3d1276", +Operation: "", variables: "", +Query: +{ + user(id: "59971cedf92483f2dd3d1277") { + username + bio + role + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "tobkle", role: "admin", id: "59971cedf92483f2dd3d1276", +Operation: "", variables: "", +Query: +{ + user(id: "59971cedf92483f2dd3d1276") { + username + role + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "tobkle", role: "admin", id: "59971cedf92483f2dd3d1276", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59971cedf92483f2dd3d1277", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:59:25 updated user 59971cedf92483f2dd3d1277. +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "tobkle", role: "admin", id: "59971cedf92483f2dd3d1276", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59971cedf92483f2dd3d1276", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:59:25 updated user 59971cedf92483f2dd3d1276. +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "tobkle", role: "admin", id: "59971cedf92483f2dd3d1276", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59971cedf92483f2dd3d1277", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + username + bio + role + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:59:25 updated user 59971cedf92483f2dd3d1277. +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "tobkle", role: "admin", id: "59971cedf92483f2dd3d1276", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59971cedf92483f2dd3d1276", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:59:25 updated user 59971cedf92483f2dd3d1276. +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "tobkle", role: "editor", id: "59971cedf92483f2dd3d1276", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59971cedf92483f2dd3d1276", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-18 18:59:25 updated user 59971cedf92483f2dd3d1276. +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59971cedf92483f2dd3d1276" + } + ] +} +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-18 18:59:25 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59971cedf92483f2dd3d1276" + } + ] +} +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "zoltan", role: "admin", id: "59971cedf92483f2dd3d1277", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59971cedf92483f2dd3d1276", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'zoltan' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'zoltan' and role 'admin' is authorized +2017-08-18 18:59:25 updated user 59971cedf92483f2dd3d1276. +2017-08-18 18:59:25 Authorize update 'updateUser' with user 'zoltan' and role 'admin' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "tobkle", role: "admin", id: "59971cedf92483f2dd3d1276", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59971cedf92483f2dd3d1277") +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:59:25 removed user 59971cedf92483f2dd3d1277. +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "tobkle", role: "admin", id: "59971cedf92483f2dd3d1276", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59971cedf92483f2dd3d1276", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:59:25 { + "authorId": "59971cedf92483f2dd3d1276", + "body": "This is a test tweet of user tobkle", + "coauthorsIds": [], + "createdAt": 1503075565488, + "updatedAt": 1503075565488, + "createdById": "59971cedf92483f2dd3d1276", + "updatedById": "59971cedf92483f2dd3d1276" +} +2017-08-18 18:59:25 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:59:25 inserted tweet 59971cedf92483f2dd3d1278. +2017-08-18 18:59:25 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 { + "authorId": "583291a1638566b3c5a92ca1", + "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", + "coauthorsIds": [], + "createdAt": 1503075565497, + "updatedAt": 1503075565497, + "createdById": "59971cedf92483f2dd3d1276", + "updatedById": "59971cedf92483f2dd3d1276" +} +2017-08-18 18:59:25 Request: +User: "tobkle", role: "admin", id: "59971cedf92483f2dd3d1276", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "tobkle", role: "admin", id: "59971cedf92483f2dd3d1276", +Operation: "", variables: "", +Query: +{ + tweet(id: "59971cedf92483f2dd3d1278") { + author { + id + } + body + } +} + +2017-08-18 18:59:25 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:59:25 inserted tweet 59971cedf92483f2dd3d1279. +2017-08-18 18:59:25 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "tobkle", role: "admin", id: "59971cedf92483f2dd3d1276", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "tobkle", role: "admin", id: "59971cedf92483f2dd3d1276", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59971cedf92483f2dd3d1278", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:59:25 updated tweet 59971cedf92483f2dd3d1278. +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "tobkle", role: "admin", id: "59971cedf92483f2dd3d1276", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59971cedf92483f2dd3d1279", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:59:25 updated tweet 59971cedf92483f2dd3d1279. +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "tobkle", role: "admin", id: "59971cedf92483f2dd3d1276", +Operation: "", variables: "", +Query: +{ + tweet(id: "59971cedf92483f2dd3d1278") { + body + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "tobkle", role: "admin", id: "59971cedf92483f2dd3d1276", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59971cedf92483f2dd3d1278") +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:59:25 removed tweet 59971cedf92483f2dd3d1278. +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "tobkle", role: "admin", id: "59971cedf92483f2dd3d1276", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59971cedf92483f2dd3d1279") +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:59:25 removed tweet 59971cedf92483f2dd3d1279. +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "tobkle", role: "admin", id: "59971cedf92483f2dd3d1276", +Operation: "", variables: "", +Query: +{ + tweet(id: "59971cedf92483f2dd3d1278") { + body + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "tobkle", role: "admin", id: "59971cedf92483f2dd3d1276", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59971cedf92483f2dd3d1276") +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-18 18:59:25 removed user 59971cedf92483f2dd3d1276. +2017-08-18 18:59:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 ERROR Cannot read property 'load' of undefined +2017-08-18 18:59:25 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59971cedf92483f2dd3d1276") { + username + bio + role + } +} + +2017-08-18 18:59:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 18:59:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-18 18:59:25 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-08-18 18:59:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 18:59:25 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-18 18:59:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 ERROR Cannot read property 'load' of undefined +2017-08-18 18:59:25 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-18 18:59:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 18:59:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. +2017-08-18 18:59:25 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-18 18:59:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 18:59:25 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. +2017-08-18 18:59:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-18 18:59:25 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-18 18:59:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 18:59:25 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-18 18:59:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-18 18:59:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 18:59:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 { + "authorId": "583291a1638566b3c5a92ca1", + "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", + "coauthorsIds": [], + "createdAt": 1503075565642, + "updatedAt": 1503075565642, + "createdById": "unknown", + "updatedById": "unknown" +} +2017-08-18 18:59:25 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-18 18:59:25 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-18 18:59:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 18:59:25 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-18 18:59:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-18 18:59:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 18:59:25 ERROR Cannot read property 'load' of undefined +2017-08-18 18:59:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-18 18:59:25 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-18 18:59:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 18:59:25 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-18 18:59:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-18 18:59:25 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-18 18:59:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 18:59:25 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-18 18:59:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-18 18:59:25 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-18 18:59:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 18:59:25 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { + id + role + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 inserted user 59971cedf92483f2dd3d127a. +2017-08-18 18:59:25 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. +2017-08-18 18:59:25 Request: +User: "tobkle", role: "user", id: "59971cedf92483f2dd3d127a", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59971cedf92483f2dd3d127a" + } + ] +} +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:59:25 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "tobkle", role: "user", id: "59971cedf92483f2dd3d127a", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59971cedf92483f2dd3d127a" + } + ] +} +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "tobkle", role: "user", id: "59971cedf92483f2dd3d127a", +Operation: "", variables: "", +Query: +{ + user(id: "59971cedf92483f2dd3d127a") { + username + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59971cedf92483f2dd3d127a" + } + ] +} +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "tobkle", role: "user", id: "59971cedf92483f2dd3d127a", +Operation: "", variables: "", +Query: +{ + user(id: "59971cedf92483f2dd3d127a") { + username + role + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59971cedf92483f2dd3d127a" + } + ] +} +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "tobkle", role: "user", id: "59971cedf92483f2dd3d127a", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59971cedf92483f2dd3d127a" + } + ] +} +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:59:25 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59971cedf92483f2dd3d127a" + } + ] +} +2017-08-18 18:59:25 ERROR update user not possible for 583291a1638566b3c5a92ca1. +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "tobkle", role: "user", id: "59971cedf92483f2dd3d127a", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59971cedf92483f2dd3d127a", input: {username: "tobkle", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59971cedf92483f2dd3d127a" + } + ] +} +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:59:25 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59971cedf92483f2dd3d127a" + } + ] +} +2017-08-18 18:59:25 updated user 59971cedf92483f2dd3d127a. +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "tobkle", role: "user", id: "59971cedf92483f2dd3d127a", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59971cedf92483f2dd3d127a", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59971cedf92483f2dd3d127a" + } + ] +} +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:59:25 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59971cedf92483f2dd3d127a" + } + ] +} +2017-08-18 18:59:25 updated user 59971cedf92483f2dd3d127a. +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "tobkle", role: "user", id: "59971cedf92483f2dd3d127a", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59971cedf92483f2dd3d127a" + } + ] +} +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:59:25 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59971cedf92483f2dd3d127a" + } + ] +} +2017-08-18 18:59:25 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 { + "authorId": "59971cedf92483f2dd3d127a", + "body": "This is a test tweet of user tobkle", + "coauthorsIds": [], + "createdAt": 1503075565738, + "updatedAt": 1503075565738, + "createdById": "59971cedf92483f2dd3d127a", + "updatedById": "59971cedf92483f2dd3d127a" +} +2017-08-18 18:59:25 Request: +User: "tobkle", role: "user", id: "59971cedf92483f2dd3d127a", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59971cedf92483f2dd3d127a", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59971cedf92483f2dd3d127a" + } + ] +} +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:59:25 Authorize create 'createTweet' with user 'tobkle' and role: 'user' is authorized by docRole. +2017-08-18 18:59:25 inserted tweet 59971cedf92483f2dd3d127b. +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 { + "authorId": "583291a1638566b3c5a92ca1", + "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", + "coauthorsIds": [], + "createdAt": 1503075565747, + "updatedAt": 1503075565747, + "createdById": "59971cedf92483f2dd3d127a", + "updatedById": "59971cedf92483f2dd3d127a" +} +2017-08-18 18:59:25 Request: +User: "tobkle", role: "user", id: "59971cedf92483f2dd3d127a", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-18 18:59:25 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59971cedf92483f2dd3d127a" + } + ] +} +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:59:25 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "tobkle", role: "user", id: "59971cedf92483f2dd3d127a", +Operation: "", variables: "", +Query: +{ + tweet(id: "59971cedf92483f2dd3d127b") { + author { + id + } + body + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59971cedf92483f2dd3d127a" + } + ] +} +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "tobkle", role: "user", id: "59971cedf92483f2dd3d127a", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59971cedf92483f2dd3d127a" + } + ] +} +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "tobkle", role: "user", id: "59971cedf92483f2dd3d127a", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59971cedf92483f2dd3d127b", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59971cedf92483f2dd3d127a" + } + ] +} +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:59:25 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59971cedf92483f2dd3d127a" + }, + { + "coauthorsIds": "59971cedf92483f2dd3d127a" + } + ] +} +2017-08-18 18:59:25 updated tweet 59971cedf92483f2dd3d127b. +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "tobkle", role: "user", id: "59971cedf92483f2dd3d127a", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59971cedf92483f2dd3d127a" + } + ] +} +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:59:25 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59971cedf92483f2dd3d127a" + }, + { + "coauthorsIds": "59971cedf92483f2dd3d127a" + } + ] +} +2017-08-18 18:59:25 ERROR update tweet not possible for 583676d3618530145474e352. +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "tobkle", role: "user", id: "59971cedf92483f2dd3d127a", +Operation: "", variables: "", +Query: +{ + tweet(id: "59971cedf92483f2dd3d127b") { + body + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59971cedf92483f2dd3d127a" + } + ] +} +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "tobkle", role: "user", id: "59971cedf92483f2dd3d127a", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59971cedf92483f2dd3d127b") +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59971cedf92483f2dd3d127a" + } + ] +} +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:59:25 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59971cedf92483f2dd3d127a" + } + ] +} +2017-08-18 18:59:25 removed tweet 59971cedf92483f2dd3d127b. +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "tobkle", role: "user", id: "59971cedf92483f2dd3d127a", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59971cedf92483f2dd3d127a" + } + ] +} +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:59:25 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59971cedf92483f2dd3d127a" + } + ] +} +2017-08-18 18:59:25 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "tobkle", role: "user", id: "59971cedf92483f2dd3d127a", +Operation: "", variables: "", +Query: +{ + tweet(id: "59971cedf92483f2dd3d127b") { + body + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59971cedf92483f2dd3d127a" + } + ] +} +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "tobkle", role: "user", id: "59971cedf92483f2dd3d127a", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59971cedf92483f2dd3d127a") +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59971cedf92483f2dd3d127a" + } + ] +} +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 18:59:25 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59971cedf92483f2dd3d127a" + } + ] +} +2017-08-18 18:59:25 removed user 59971cedf92483f2dd3d127a. +2017-08-18 18:59:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 ERROR Cannot read property 'load' of undefined +2017-08-18 18:59:25 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59971cedf92483f2dd3d127a") { + username + bio + role + } +} + +2017-08-18 18:59:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { + id + role + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 18:59:25 inserted user 59971cedf92483f2dd3d127c. +2017-08-18 18:59:25 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. +2017-08-18 18:59:25 Request: +User: "tobkle", role: "editor", id: "59971cedf92483f2dd3d127c", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59971cedf92483f2dd3d127c" + } + ] +} +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-18 18:59:25 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "tobkle", role: "editor", id: "59971cedf92483f2dd3d127c", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59971cedf92483f2dd3d127c" + } + ] +} +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "tobkle", role: "editor", id: "59971cedf92483f2dd3d127c", +Operation: "", variables: "", +Query: +{ + user(id: "59971cedf92483f2dd3d127c") { + username + role + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59971cedf92483f2dd3d127c" + } + ] +} +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "tobkle", role: "editor", id: "59971cedf92483f2dd3d127c", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59971cedf92483f2dd3d127c" + } + ] +} +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-18 18:59:25 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59971cedf92483f2dd3d127c" + } + ] +} +2017-08-18 18:59:25 ERROR update user not possible for 583291a1638566b3c5a92ca1. +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "tobkle", role: "editor", id: "59971cedf92483f2dd3d127c", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59971cedf92483f2dd3d127c", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59971cedf92483f2dd3d127c" + } + ] +} +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-18 18:59:25 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59971cedf92483f2dd3d127c" + } + ] +} +2017-08-18 18:59:25 updated user 59971cedf92483f2dd3d127c. +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "tmeasday", role: "editor", id: "59971cedf92483f2dd3d127c", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59971cedf92483f2dd3d127c", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59971cedf92483f2dd3d127c" + } + ] +} +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-18 18:59:25 Authorize update 'updateUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59971cedf92483f2dd3d127c" + } + ] +} +2017-08-18 18:59:25 updated user 59971cedf92483f2dd3d127c. +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "tmeasday", role: "editor", id: "59971cedf92483f2dd3d127c", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59971cedf92483f2dd3d127c" + } + ] +} +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-18 18:59:25 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59971cedf92483f2dd3d127c" + } + ] +} +2017-08-18 18:59:25 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 { + "authorId": "59971cedf92483f2dd3d127c", + "body": "This is a test tweet of user tobkle", + "coauthorsIds": [], + "createdAt": 1503075565887, + "updatedAt": 1503075565887, + "createdById": "59971cedf92483f2dd3d127c", + "updatedById": "59971cedf92483f2dd3d127c" +} +2017-08-18 18:59:25 Request: +User: "tmeasday", role: "editor", id: "59971cedf92483f2dd3d127c", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59971cedf92483f2dd3d127c", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59971cedf92483f2dd3d127c" + } + ] +} +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-18 18:59:25 Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is authorized by docRole. +2017-08-18 18:59:25 inserted tweet 59971cedf92483f2dd3d127d. +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 { + "authorId": "583291a1638566b3c5a92ca1", + "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", + "coauthorsIds": [], + "createdAt": 1503075565895, + "updatedAt": 1503075565895, + "createdById": "59971cedf92483f2dd3d127c", + "updatedById": "59971cedf92483f2dd3d127c" +} +2017-08-18 18:59:25 Request: +User: "tmeasday", role: "editor", id: "59971cedf92483f2dd3d127c", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-18 18:59:25 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59971cedf92483f2dd3d127c" + } + ] +} +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-18 18:59:25 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "tmeasday", role: "editor", id: "59971cedf92483f2dd3d127c", +Operation: "", variables: "", +Query: +{ + tweet(id: "59971cedf92483f2dd3d127d") { + author { + id + } + body + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59971cedf92483f2dd3d127c" + } + ] +} +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "tmeasday", role: "editor", id: "59971cedf92483f2dd3d127c", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59971cedf92483f2dd3d127c" + } + ] +} +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "tmeasday", role: "editor", id: "59971cedf92483f2dd3d127c", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59971cedf92483f2dd3d127d", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59971cedf92483f2dd3d127c" + } + ] +} +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-18 18:59:25 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59971cedf92483f2dd3d127c" + }, + { + "coauthorsIds": "59971cedf92483f2dd3d127c" + } + ] +} +2017-08-18 18:59:25 updated tweet 59971cedf92483f2dd3d127d. +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "tmeasday", role: "editor", id: "59971cedf92483f2dd3d127c", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59971cedf92483f2dd3d127c" + } + ] +} +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-18 18:59:25 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59971cedf92483f2dd3d127c" + }, + { + "coauthorsIds": "59971cedf92483f2dd3d127c" + } + ] +} +2017-08-18 18:59:25 ERROR update tweet not possible for 583676d3618530145474e352. +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "tmeasday", role: "editor", id: "59971cedf92483f2dd3d127c", +Operation: "", variables: "", +Query: +{ + tweet(id: "59971cedf92483f2dd3d127d") { + body + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59971cedf92483f2dd3d127c" + } + ] +} +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "tmeasday", role: "editor", id: "59971cedf92483f2dd3d127c", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59971cedf92483f2dd3d127d") +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59971cedf92483f2dd3d127c" + } + ] +} +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-18 18:59:25 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59971cedf92483f2dd3d127c" + } + ] +} +2017-08-18 18:59:25 removed tweet 59971cedf92483f2dd3d127d. +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "tmeasday", role: "editor", id: "59971cedf92483f2dd3d127c", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59971cedf92483f2dd3d127c" + } + ] +} +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-18 18:59:25 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59971cedf92483f2dd3d127c" + } + ] +} +2017-08-18 18:59:25 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "tmeasday", role: "editor", id: "59971cedf92483f2dd3d127c", +Operation: "", variables: "", +Query: +{ + tweet(id: "59971cedf92483f2dd3d127d") { + body + } +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59971cedf92483f2dd3d127c" + } + ] +} +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 Request: +User: "tmeasday", role: "editor", id: "59971cedf92483f2dd3d127c", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59971cedf92483f2dd3d127c") +} + +2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59971cedf92483f2dd3d127c" + } + ] +} +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-18 18:59:25 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59971cedf92483f2dd3d127c" + } + ] +} +2017-08-18 18:59:25 removed user 59971cedf92483f2dd3d127c. +2017-08-18 18:59:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:59:25 -------------------------------------------------------------------------------- +2017-08-18 18:59:25 ERROR Cannot read property 'load' of undefined +2017-08-18 18:59:25 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59971cedf92483f2dd3d127c") { + username + bio + role + } +} + +2017-08-18 18:59:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 19:05:45 Logger started +2017-08-18 19:08:45 Logger started +2017-08-18 19:48:04 Logger started +2017-08-18 19:51:57 -------------------------------------------------------------------------------- +2017-08-18 19:51:57 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-08-18 19:51:57 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:51:57 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + role + username + } +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + role + username + } +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca2") { + role + username + } +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + id + username + bio + } +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users { + username + createdAt + } +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(limit: 1) { + username + createdAt + } +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993) { + username + createdAt + } +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers { + username + createdAt + } + } +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(limit: 1) { + username + createdAt + } + } +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following { + username + createdAt + } + } +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(limit: 1) { + username + createdAt + } + } +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets { + id + createdAt + } + } +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(limit: 1) { + id + createdAt + } + } +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } + } +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } + } +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked { + id + createdAt + } + } +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(limit: 1) { + id + createdAt + } + } +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334) { + id + createdAt + } + } +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334, limit: 1) { + id + createdAt + } + } +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + id + body + } +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + author { + username + } + } +} + +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets { + id + createdAt + } +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(limit: 1) { + id + createdAt + } +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers { + username + createdAt + } + } +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(limit: 1) { + username + createdAt + } + } +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993) { + username + createdAt + } + } +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } + } +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { + id + role + } +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-18 19:53:06 inserted user 599729828fc4b90bdbde99cc. +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "tobkle", role: "admin", id: "599729828fc4b90bdbde99cc", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized +2017-08-18 19:53:06 inserted user 599729828fc4b90bdbde99cd. +2017-08-18 19:53:06 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "tobkle", role: "admin", id: "599729828fc4b90bdbde99cc", +Operation: "", variables: "", +Query: +{ + user(id: "599729828fc4b90bdbde99cd") { + username + bio + role + } +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "tobkle", role: "admin", id: "599729828fc4b90bdbde99cc", +Operation: "", variables: "", +Query: +{ + user(id: "599729828fc4b90bdbde99cc") { + username + role + } +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "tobkle", role: "admin", id: "599729828fc4b90bdbde99cc", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599729828fc4b90bdbde99cd", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-18 19:53:06 updated user 599729828fc4b90bdbde99cd. +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "tobkle", role: "admin", id: "599729828fc4b90bdbde99cc", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599729828fc4b90bdbde99cc", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-18 19:53:06 updated user 599729828fc4b90bdbde99cc. +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "tobkle", role: "admin", id: "599729828fc4b90bdbde99cc", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599729828fc4b90bdbde99cd", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + username + bio + role + } +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-18 19:53:06 updated user 599729828fc4b90bdbde99cd. +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "tobkle", role: "admin", id: "599729828fc4b90bdbde99cc", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599729828fc4b90bdbde99cc", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-18 19:53:06 updated user 599729828fc4b90bdbde99cc. +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "tobkle", role: "editor", id: "599729828fc4b90bdbde99cc", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599729828fc4b90bdbde99cc", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599729828fc4b90bdbde99cc" + } + ] +} +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-18 19:53:06 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599729828fc4b90bdbde99cc" + } + ] +} +2017-08-18 19:53:06 updated user 599729828fc4b90bdbde99cc. +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "zoltan", role: "admin", id: "599729828fc4b90bdbde99cd", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599729828fc4b90bdbde99cc", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'zoltan' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'zoltan' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize update 'updateUser' with user 'zoltan' and role 'admin' is authorized +2017-08-18 19:53:06 updated user 599729828fc4b90bdbde99cc. +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "tobkle", role: "admin", id: "599729828fc4b90bdbde99cc", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "599729828fc4b90bdbde99cd") +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-18 19:53:06 removed user 599729828fc4b90bdbde99cd. +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "tobkle", role: "admin", id: "599729828fc4b90bdbde99cc", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "599729828fc4b90bdbde99cc", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 19:53:06 { + "authorId": "599729828fc4b90bdbde99cc", + "body": "This is a test tweet of user tobkle", + "coauthorsIds": [], + "createdAt": 1503078786858, + "updatedAt": 1503078786858, + "createdById": "599729828fc4b90bdbde99cc", + "updatedById": "599729828fc4b90bdbde99cc" +} +2017-08-18 19:53:06 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-18 19:53:06 inserted tweet 599729828fc4b90bdbde99ce. +2017-08-18 19:53:06 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 { + "authorId": "583291a1638566b3c5a92ca1", + "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", + "coauthorsIds": [], + "createdAt": 1503078786869, + "updatedAt": 1503078786869, + "createdById": "599729828fc4b90bdbde99cc", + "updatedById": "599729828fc4b90bdbde99cc" +} +2017-08-18 19:53:06 Request: +User: "tobkle", role: "admin", id: "599729828fc4b90bdbde99cc", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-18 19:53:06 inserted tweet 599729828fc4b90bdbde99cf. +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "tobkle", role: "admin", id: "599729828fc4b90bdbde99cc", +Operation: "", variables: "", +Query: +{ + tweet(id: "599729828fc4b90bdbde99ce") { + author { + id + } + body + } +} + +2017-08-18 19:53:06 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "tobkle", role: "admin", id: "599729828fc4b90bdbde99cc", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "tobkle", role: "admin", id: "599729828fc4b90bdbde99cc", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "599729828fc4b90bdbde99ce", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-18 19:53:06 updated tweet 599729828fc4b90bdbde99ce. +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "tobkle", role: "admin", id: "599729828fc4b90bdbde99cc", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "599729828fc4b90bdbde99cf", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-18 19:53:06 updated tweet 599729828fc4b90bdbde99cf. +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "tobkle", role: "admin", id: "599729828fc4b90bdbde99cc", +Operation: "", variables: "", +Query: +{ + tweet(id: "599729828fc4b90bdbde99ce") { + body + } +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "tobkle", role: "admin", id: "599729828fc4b90bdbde99cc", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "599729828fc4b90bdbde99ce") +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-18 19:53:06 removed tweet 599729828fc4b90bdbde99ce. +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "tobkle", role: "admin", id: "599729828fc4b90bdbde99cc", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "599729828fc4b90bdbde99cf") +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-18 19:53:06 removed tweet 599729828fc4b90bdbde99cf. +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "tobkle", role: "admin", id: "599729828fc4b90bdbde99cc", +Operation: "", variables: "", +Query: +{ + tweet(id: "599729828fc4b90bdbde99ce") { + body + } +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "tobkle", role: "admin", id: "599729828fc4b90bdbde99cc", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "599729828fc4b90bdbde99cc") +} + +2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-18 19:53:06 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-18 19:53:06 removed user 599729828fc4b90bdbde99cc. +2017-08-18 19:53:06 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 ERROR Cannot read property 'load' of undefined +2017-08-18 19:53:06 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "599729828fc4b90bdbde99cc") { + username + bio + role + } +} + +2017-08-18 19:53:06 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 19:53:06 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-18 19:53:06 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-08-18 19:53:06 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 19:53:06 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-18 19:53:06 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 ERROR Cannot read property 'load' of undefined +2017-08-18 19:53:06 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-18 19:53:06 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 19:53:06 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. +2017-08-18 19:53:06 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-18 19:53:06 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 19:53:06 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. +2017-08-18 19:53:06 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-18 19:53:06 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-18 19:53:06 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 19:53:06 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-18 19:53:06 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 19:53:06 -------------------------------------------------------------------------------- +2017-08-18 19:53:06 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-18 19:53:06 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 19:53:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 19:53:07 -------------------------------------------------------------------------------- +2017-08-18 19:53:07 { + "authorId": "583291a1638566b3c5a92ca1", + "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", + "coauthorsIds": [], + "createdAt": 1503078787009, + "updatedAt": 1503078787009, + "createdById": "unknown", + "updatedById": "unknown" +} +2017-08-18 19:53:07 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-18 19:53:07 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-18 19:53:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 19:53:07 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-18 19:53:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 19:53:07 -------------------------------------------------------------------------------- +2017-08-18 19:53:07 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-18 19:53:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 19:53:07 ERROR Cannot read property 'load' of undefined +2017-08-18 19:53:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 19:53:07 -------------------------------------------------------------------------------- +2017-08-18 19:53:07 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-18 19:53:07 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-18 19:53:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 19:53:07 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-18 19:53:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 19:53:07 -------------------------------------------------------------------------------- +2017-08-18 19:53:07 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-18 19:53:07 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-18 19:53:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 19:53:07 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-18 19:53:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 19:53:07 -------------------------------------------------------------------------------- +2017-08-18 19:53:07 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-18 19:53:07 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-18 19:53:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 19:53:07 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-18 19:53:07 -------------------------------------------------------------------------------- +2017-08-18 19:53:07 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { + id + role + } +} + +2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:07 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:07 inserted user 599729838fc4b90bdbde99d0. +2017-08-18 19:53:07 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-18 19:53:07 -------------------------------------------------------------------------------- +2017-08-18 19:53:07 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. +2017-08-18 19:53:07 Request: +User: "tobkle", role: "user", id: "599729838fc4b90bdbde99d0", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599729838fc4b90bdbde99d0" + } + ] +} +2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 19:53:07 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. +2017-08-18 19:53:07 -------------------------------------------------------------------------------- +2017-08-18 19:53:07 Request: +User: "tobkle", role: "user", id: "599729838fc4b90bdbde99d0", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599729838fc4b90bdbde99d0" + } + ] +} +2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 19:53:07 -------------------------------------------------------------------------------- +2017-08-18 19:53:07 Request: +User: "tobkle", role: "user", id: "599729838fc4b90bdbde99d0", +Operation: "", variables: "", +Query: +{ + user(id: "599729838fc4b90bdbde99d0") { + username + } +} + +2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599729838fc4b90bdbde99d0" + } + ] +} +2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 19:53:07 -------------------------------------------------------------------------------- +2017-08-18 19:53:07 Request: +User: "tobkle", role: "user", id: "599729838fc4b90bdbde99d0", +Operation: "", variables: "", +Query: +{ + user(id: "599729838fc4b90bdbde99d0") { + username + role + } +} + +2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599729838fc4b90bdbde99d0" + } + ] +} +2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 19:53:07 -------------------------------------------------------------------------------- +2017-08-18 19:53:07 Request: +User: "tobkle", role: "user", id: "599729838fc4b90bdbde99d0", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599729838fc4b90bdbde99d0" + } + ] +} +2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 19:53:07 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599729838fc4b90bdbde99d0" + } + ] +} +2017-08-18 19:53:07 ERROR update user not possible for 583291a1638566b3c5a92ca1. +2017-08-18 19:53:07 -------------------------------------------------------------------------------- +2017-08-18 19:53:07 Request: +User: "tobkle", role: "user", id: "599729838fc4b90bdbde99d0", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599729838fc4b90bdbde99d0", input: {username: "tobkle", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599729838fc4b90bdbde99d0" + } + ] +} +2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 19:53:07 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599729838fc4b90bdbde99d0" + } + ] +} +2017-08-18 19:53:07 updated user 599729838fc4b90bdbde99d0. +2017-08-18 19:53:07 -------------------------------------------------------------------------------- +2017-08-18 19:53:07 Request: +User: "tobkle", role: "user", id: "599729838fc4b90bdbde99d0", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599729838fc4b90bdbde99d0", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599729838fc4b90bdbde99d0" + } + ] +} +2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 19:53:07 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599729838fc4b90bdbde99d0" + } + ] +} +2017-08-18 19:53:07 updated user 599729838fc4b90bdbde99d0. +2017-08-18 19:53:07 -------------------------------------------------------------------------------- +2017-08-18 19:53:07 Request: +User: "tobkle", role: "user", id: "599729838fc4b90bdbde99d0", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599729838fc4b90bdbde99d0" + } + ] +} +2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 19:53:07 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599729838fc4b90bdbde99d0" + } + ] +} +2017-08-18 19:53:07 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-08-18 19:53:07 -------------------------------------------------------------------------------- +2017-08-18 19:53:07 { + "authorId": "599729838fc4b90bdbde99d0", + "body": "This is a test tweet of user tobkle", + "coauthorsIds": [], + "createdAt": 1503078787106, + "updatedAt": 1503078787106, + "createdById": "599729838fc4b90bdbde99d0", + "updatedById": "599729838fc4b90bdbde99d0" +} +2017-08-18 19:53:07 Request: +User: "tobkle", role: "user", id: "599729838fc4b90bdbde99d0", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "599729838fc4b90bdbde99d0", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599729838fc4b90bdbde99d0" + } + ] +} +2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 19:53:07 Authorize create 'createTweet' with user 'tobkle' and role: 'user' is authorized by docRole. +2017-08-18 19:53:07 inserted tweet 599729838fc4b90bdbde99d1. +2017-08-18 19:53:07 -------------------------------------------------------------------------------- +2017-08-18 19:53:07 { + "authorId": "583291a1638566b3c5a92ca1", + "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", + "coauthorsIds": [], + "createdAt": 1503078787114, + "updatedAt": 1503078787114, + "createdById": "599729838fc4b90bdbde99d0", + "updatedById": "599729838fc4b90bdbde99d0" +} +2017-08-18 19:53:07 Request: +User: "tobkle", role: "user", id: "599729838fc4b90bdbde99d0", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-18 19:53:07 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. +2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599729838fc4b90bdbde99d0" + } + ] +} +2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 19:53:07 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. +2017-08-18 19:53:07 -------------------------------------------------------------------------------- +2017-08-18 19:53:07 Request: +User: "tobkle", role: "user", id: "599729838fc4b90bdbde99d0", +Operation: "", variables: "", +Query: +{ + tweet(id: "599729838fc4b90bdbde99d1") { + author { + id + } + body + } +} + +2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599729838fc4b90bdbde99d0" + } + ] +} +2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 19:53:07 -------------------------------------------------------------------------------- +2017-08-18 19:53:07 Request: +User: "tobkle", role: "user", id: "599729838fc4b90bdbde99d0", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599729838fc4b90bdbde99d0" + } + ] +} +2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 19:53:07 -------------------------------------------------------------------------------- +2017-08-18 19:53:07 Request: +User: "tobkle", role: "user", id: "599729838fc4b90bdbde99d0", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "599729838fc4b90bdbde99d1", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599729838fc4b90bdbde99d0" + } + ] +} +2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 19:53:07 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "599729838fc4b90bdbde99d0" + }, + { + "coauthorsIds": "599729838fc4b90bdbde99d0" + } + ] +} +2017-08-18 19:53:07 updated tweet 599729838fc4b90bdbde99d1. +2017-08-18 19:53:07 -------------------------------------------------------------------------------- +2017-08-18 19:53:07 Request: +User: "tobkle", role: "user", id: "599729838fc4b90bdbde99d0", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599729838fc4b90bdbde99d0" + } + ] +} +2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 19:53:07 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "599729838fc4b90bdbde99d0" + }, + { + "coauthorsIds": "599729838fc4b90bdbde99d0" + } + ] +} +2017-08-18 19:53:07 ERROR update tweet not possible for 583676d3618530145474e352. +2017-08-18 19:53:07 -------------------------------------------------------------------------------- +2017-08-18 19:53:07 Request: +User: "tobkle", role: "user", id: "599729838fc4b90bdbde99d0", +Operation: "", variables: "", +Query: +{ + tweet(id: "599729838fc4b90bdbde99d1") { + body + } +} + +2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599729838fc4b90bdbde99d0" + } + ] +} +2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 19:53:07 -------------------------------------------------------------------------------- +2017-08-18 19:53:07 Request: +User: "tobkle", role: "user", id: "599729838fc4b90bdbde99d0", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "599729838fc4b90bdbde99d1") +} + +2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599729838fc4b90bdbde99d0" + } + ] +} +2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 19:53:07 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "599729838fc4b90bdbde99d0" + } + ] +} +2017-08-18 19:53:07 removed tweet 599729838fc4b90bdbde99d1. +2017-08-18 19:53:07 -------------------------------------------------------------------------------- +2017-08-18 19:53:07 Request: +User: "tobkle", role: "user", id: "599729838fc4b90bdbde99d0", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599729838fc4b90bdbde99d0" + } + ] +} +2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 19:53:07 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "599729838fc4b90bdbde99d0" + } + ] +} +2017-08-18 19:53:07 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-08-18 19:53:07 -------------------------------------------------------------------------------- +2017-08-18 19:53:07 Request: +User: "tobkle", role: "user", id: "599729838fc4b90bdbde99d0", +Operation: "", variables: "", +Query: +{ + tweet(id: "599729838fc4b90bdbde99d1") { + body + } +} + +2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599729838fc4b90bdbde99d0" + } + ] +} +2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 19:53:07 -------------------------------------------------------------------------------- +2017-08-18 19:53:07 Request: +User: "tobkle", role: "user", id: "599729838fc4b90bdbde99d0", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "599729838fc4b90bdbde99d0") +} + +2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599729838fc4b90bdbde99d0" + } + ] +} +2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-18 19:53:07 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599729838fc4b90bdbde99d0" + } + ] +} +2017-08-18 19:53:07 removed user 599729838fc4b90bdbde99d0. +2017-08-18 19:53:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 19:53:07 -------------------------------------------------------------------------------- +2017-08-18 19:53:07 ERROR Cannot read property 'load' of undefined +2017-08-18 19:53:07 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "599729838fc4b90bdbde99d0") { + username + bio + role + } +} + +2017-08-18 19:53:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 19:53:07 -------------------------------------------------------------------------------- +2017-08-18 19:53:07 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { + id + role + } +} + +2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:07 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-18 19:53:07 inserted user 599729838fc4b90bdbde99d2. +2017-08-18 19:53:07 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-18 19:53:07 -------------------------------------------------------------------------------- +2017-08-18 19:53:07 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. +2017-08-18 19:53:07 Request: +User: "tobkle", role: "editor", id: "599729838fc4b90bdbde99d2", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599729838fc4b90bdbde99d2" + } + ] +} +2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-18 19:53:07 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. +2017-08-18 19:53:07 -------------------------------------------------------------------------------- +2017-08-18 19:53:07 Request: +User: "tobkle", role: "editor", id: "599729838fc4b90bdbde99d2", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599729838fc4b90bdbde99d2" + } + ] +} +2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-18 19:53:07 -------------------------------------------------------------------------------- +2017-08-18 19:53:07 Request: +User: "tobkle", role: "editor", id: "599729838fc4b90bdbde99d2", +Operation: "", variables: "", +Query: +{ + user(id: "599729838fc4b90bdbde99d2") { + username + role + } +} + +2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599729838fc4b90bdbde99d2" + } + ] +} +2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-18 19:53:07 -------------------------------------------------------------------------------- +2017-08-18 19:53:07 Request: +User: "tobkle", role: "editor", id: "599729838fc4b90bdbde99d2", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599729838fc4b90bdbde99d2" + } + ] +} +2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-18 19:53:07 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599729838fc4b90bdbde99d2" + } + ] +} +2017-08-18 19:53:07 ERROR update user not possible for 583291a1638566b3c5a92ca1. +2017-08-18 19:53:07 -------------------------------------------------------------------------------- +2017-08-18 19:53:07 Request: +User: "tobkle", role: "editor", id: "599729838fc4b90bdbde99d2", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599729838fc4b90bdbde99d2", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599729838fc4b90bdbde99d2" + } + ] +} +2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-18 19:53:07 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599729838fc4b90bdbde99d2" + } + ] +} +2017-08-18 19:53:07 updated user 599729838fc4b90bdbde99d2. +2017-08-18 19:53:07 -------------------------------------------------------------------------------- +2017-08-18 19:53:07 Request: +User: "tmeasday", role: "editor", id: "599729838fc4b90bdbde99d2", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599729838fc4b90bdbde99d2", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599729838fc4b90bdbde99d2" + } + ] +} +2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-18 19:53:07 Authorize update 'updateUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599729838fc4b90bdbde99d2" + } + ] +} +2017-08-18 19:53:07 updated user 599729838fc4b90bdbde99d2. +2017-08-18 19:53:07 -------------------------------------------------------------------------------- +2017-08-18 19:53:07 Request: +User: "tmeasday", role: "editor", id: "599729838fc4b90bdbde99d2", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599729838fc4b90bdbde99d2" + } + ] +} +2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-18 19:53:07 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599729838fc4b90bdbde99d2" + } + ] +} +2017-08-18 19:53:07 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-08-18 19:53:07 -------------------------------------------------------------------------------- +2017-08-18 19:53:07 { + "authorId": "599729838fc4b90bdbde99d2", + "body": "This is a test tweet of user tobkle", + "coauthorsIds": [], + "createdAt": 1503078787254, + "updatedAt": 1503078787254, + "createdById": "599729838fc4b90bdbde99d2", + "updatedById": "599729838fc4b90bdbde99d2" +} +2017-08-18 19:53:07 Request: +User: "tmeasday", role: "editor", id: "599729838fc4b90bdbde99d2", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "599729838fc4b90bdbde99d2", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599729838fc4b90bdbde99d2" + } + ] +} +2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-18 19:53:07 Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is authorized by docRole. +2017-08-18 19:53:07 inserted tweet 599729838fc4b90bdbde99d3. +2017-08-18 19:53:07 -------------------------------------------------------------------------------- +2017-08-18 19:53:07 { + "authorId": "583291a1638566b3c5a92ca1", + "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", + "coauthorsIds": [], + "createdAt": 1503078787261, + "updatedAt": 1503078787261, + "createdById": "599729838fc4b90bdbde99d2", + "updatedById": "599729838fc4b90bdbde99d2" +} +2017-08-18 19:53:07 Request: +User: "tmeasday", role: "editor", id: "599729838fc4b90bdbde99d2", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-18 19:53:07 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. +2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599729838fc4b90bdbde99d2" + } + ] +} +2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-18 19:53:07 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. +2017-08-18 19:53:07 -------------------------------------------------------------------------------- +2017-08-18 19:53:07 Request: +User: "tmeasday", role: "editor", id: "599729838fc4b90bdbde99d2", +Operation: "", variables: "", +Query: +{ + tweet(id: "599729838fc4b90bdbde99d3") { + author { + id + } + body + } +} + +2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599729838fc4b90bdbde99d2" + } + ] +} +2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-18 19:53:07 -------------------------------------------------------------------------------- +2017-08-18 19:53:07 Request: +User: "tmeasday", role: "editor", id: "599729838fc4b90bdbde99d2", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599729838fc4b90bdbde99d2" + } + ] +} +2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-18 19:53:07 -------------------------------------------------------------------------------- +2017-08-18 19:53:07 Request: +User: "tmeasday", role: "editor", id: "599729838fc4b90bdbde99d2", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "599729838fc4b90bdbde99d3", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599729838fc4b90bdbde99d2" + } + ] +} +2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-18 19:53:07 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "599729838fc4b90bdbde99d2" + }, + { + "coauthorsIds": "599729838fc4b90bdbde99d2" + } + ] +} +2017-08-18 19:53:07 updated tweet 599729838fc4b90bdbde99d3. +2017-08-18 19:53:07 -------------------------------------------------------------------------------- +2017-08-18 19:53:07 Request: +User: "tmeasday", role: "editor", id: "599729838fc4b90bdbde99d2", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599729838fc4b90bdbde99d2" + } + ] +} +2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-18 19:53:07 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "599729838fc4b90bdbde99d2" + }, + { + "coauthorsIds": "599729838fc4b90bdbde99d2" + } + ] +} +2017-08-18 19:53:07 ERROR update tweet not possible for 583676d3618530145474e352. +2017-08-18 19:53:07 -------------------------------------------------------------------------------- +2017-08-18 19:53:07 Request: +User: "tmeasday", role: "editor", id: "599729838fc4b90bdbde99d2", +Operation: "", variables: "", +Query: +{ + tweet(id: "599729838fc4b90bdbde99d3") { + body + } +} + +2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599729838fc4b90bdbde99d2" + } + ] +} +2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-18 19:53:07 -------------------------------------------------------------------------------- +2017-08-18 19:53:07 Request: +User: "tmeasday", role: "editor", id: "599729838fc4b90bdbde99d2", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "599729838fc4b90bdbde99d3") +} + +2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599729838fc4b90bdbde99d2" + } + ] +} +2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-18 19:53:07 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "599729838fc4b90bdbde99d2" + } + ] +} +2017-08-18 19:53:07 removed tweet 599729838fc4b90bdbde99d3. +2017-08-18 19:53:07 -------------------------------------------------------------------------------- +2017-08-18 19:53:07 Request: +User: "tmeasday", role: "editor", id: "599729838fc4b90bdbde99d2", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599729838fc4b90bdbde99d2" + } + ] +} +2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-18 19:53:07 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "599729838fc4b90bdbde99d2" + } + ] +} +2017-08-18 19:53:07 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-08-18 19:53:07 -------------------------------------------------------------------------------- +2017-08-18 19:53:07 Request: +User: "tmeasday", role: "editor", id: "599729838fc4b90bdbde99d2", +Operation: "", variables: "", +Query: +{ + tweet(id: "599729838fc4b90bdbde99d3") { + body + } +} + +2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599729838fc4b90bdbde99d2" + } + ] +} +2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-18 19:53:07 -------------------------------------------------------------------------------- +2017-08-18 19:53:07 Request: +User: "tmeasday", role: "editor", id: "599729838fc4b90bdbde99d2", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "599729838fc4b90bdbde99d2") +} + +2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599729838fc4b90bdbde99d2" + } + ] +} +2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-18 19:53:07 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599729838fc4b90bdbde99d2" + } + ] +} +2017-08-18 19:53:07 removed user 599729838fc4b90bdbde99d2. +2017-08-18 19:53:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 19:53:07 -------------------------------------------------------------------------------- +2017-08-18 19:53:07 ERROR Cannot read property 'load' of undefined +2017-08-18 19:53:07 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "599729838fc4b90bdbde99d2") { + username + bio + role + } +} + +2017-08-18 19:53:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-18 21:04:00 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 21:04:00 -------------------------------------------------------------------------------- +2017-08-18 21:04:00 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +query IntrospectionQuery { + __schema { + queryType { + name + } + mutationType { + name + } + subscriptionType { + name + } + types { + ...FullType + } + directives { + name + description + locations + args { + ...InputValue + } + } + } +} + +fragment FullType on __Type { + kind + name + description + fields(includeDeprecated: true) { + name + description + args { + ...InputValue + } + type { + ...TypeRef + } + isDeprecated + deprecationReason + } + inputFields { + ...InputValue + } + interfaces { + ...TypeRef + } + enumValues(includeDeprecated: true) { + name + description + isDeprecated + deprecationReason + } + possibleTypes { + ...TypeRef + } +} + +fragment InputValue on __InputValue { + name + description + type { + ...TypeRef + } + defaultValue +} + +fragment TypeRef on __Type { + kind + name + ofType { + kind + name + ofType { + kind + name + ofType { + kind + name + } + } + } +} + +2017-08-18 21:04:00 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-18 21:04:00 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 14:41:23 Logger started +2017-08-20 14:41:53 -------------------------------------------------------------------------------- +2017-08-20 14:41:53 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-08-20 14:41:53 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:41:53 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + role + username + } +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + role + username + } +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca2") { + role + username + } +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + id + username + bio + } +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users { + username + createdAt + } +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(limit: 1) { + username + createdAt + } +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993) { + username + createdAt + } +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers { + username + createdAt + } + } +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(limit: 1) { + username + createdAt + } + } +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following { + username + createdAt + } + } +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(limit: 1) { + username + createdAt + } + } +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets { + id + createdAt + } + } +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(limit: 1) { + id + createdAt + } + } +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } + } +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } + } +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked { + id + createdAt + } + } +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(limit: 1) { + id + createdAt + } + } +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334) { + id + createdAt + } + } +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334, limit: 1) { + id + createdAt + } + } +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + id + body + } +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + author { + username + } + } +} + +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets { + id + createdAt + } +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(limit: 1) { + id + createdAt + } +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers { + username + createdAt + } + } +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(limit: 1) { + username + createdAt + } + } +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993) { + username + createdAt + } + } +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } + } +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { + id + role + } +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-20 14:42:38 inserted user 599983be072db88747e2d1f8. +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "tobkle", role: "admin", id: "599983be072db88747e2d1f8", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-20 14:42:38 inserted user 599983be072db88747e2d1f9. +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "tobkle", role: "admin", id: "599983be072db88747e2d1f8", +Operation: "", variables: "", +Query: +{ + user(id: "599983be072db88747e2d1f9") { + username + bio + role + } +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "tobkle", role: "admin", id: "599983be072db88747e2d1f8", +Operation: "", variables: "", +Query: +{ + user(id: "599983be072db88747e2d1f8") { + username + role + } +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "tobkle", role: "admin", id: "599983be072db88747e2d1f8", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599983be072db88747e2d1f9", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:42:38 updated user 599983be072db88747e2d1f9. +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "tobkle", role: "admin", id: "599983be072db88747e2d1f8", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599983be072db88747e2d1f8", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:42:38 updated user 599983be072db88747e2d1f8. +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "tobkle", role: "admin", id: "599983be072db88747e2d1f8", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599983be072db88747e2d1f9", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:42:38 updated user 599983be072db88747e2d1f9. +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "tobkle", role: "admin", id: "599983be072db88747e2d1f8", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599983be072db88747e2d1f8", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:42:38 updated user 599983be072db88747e2d1f8. +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "tobkle", role: "editor", id: "599983be072db88747e2d1f8", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599983be072db88747e2d1f8", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599983be072db88747e2d1f8" + } + ] +} +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-20 14:42:38 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599983be072db88747e2d1f8" + } + ] +} +2017-08-20 14:42:38 updated user 599983be072db88747e2d1f8. +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "zoltan", role: "admin", id: "599983be072db88747e2d1f9", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599983be072db88747e2d1f8", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'zoltan' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'zoltan' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize update 'updateUser' with user 'zoltan' and role 'admin' is authorized +2017-08-20 14:42:38 updated user 599983be072db88747e2d1f8. +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "tobkle", role: "admin", id: "599983be072db88747e2d1f8", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "599983be072db88747e2d1f9") +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:42:38 removed user 599983be072db88747e2d1f9. +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "tobkle", role: "admin", id: "599983be072db88747e2d1f8", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "599983be072db88747e2d1f8", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-20 14:42:38 inserted tweet 599983be072db88747e2d1fa. +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "tobkle", role: "admin", id: "599983be072db88747e2d1f8", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-20 14:42:38 inserted tweet 599983be072db88747e2d1fb. +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "tobkle", role: "admin", id: "599983be072db88747e2d1f8", +Operation: "", variables: "", +Query: +{ + tweet(id: "599983be072db88747e2d1fa") { + author { + id + } + body + } +} + +2017-08-20 14:42:38 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "tobkle", role: "admin", id: "599983be072db88747e2d1f8", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "tobkle", role: "admin", id: "599983be072db88747e2d1f8", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "599983be072db88747e2d1fa", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:42:38 updated tweet 599983be072db88747e2d1fa. +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "tobkle", role: "admin", id: "599983be072db88747e2d1f8", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "599983be072db88747e2d1fb", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:42:38 updated tweet 599983be072db88747e2d1fb. +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "tobkle", role: "admin", id: "599983be072db88747e2d1f8", +Operation: "", variables: "", +Query: +{ + tweet(id: "599983be072db88747e2d1fa") { + body + } +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "tobkle", role: "admin", id: "599983be072db88747e2d1f8", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "599983be072db88747e2d1fa") +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:42:38 removed tweet 599983be072db88747e2d1fa. +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "tobkle", role: "admin", id: "599983be072db88747e2d1f8", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "599983be072db88747e2d1fb") +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:42:38 removed tweet 599983be072db88747e2d1fb. +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "tobkle", role: "admin", id: "599983be072db88747e2d1f8", +Operation: "", variables: "", +Query: +{ + tweet(id: "599983be072db88747e2d1fa") { + body + } +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 Request: +User: "tobkle", role: "admin", id: "599983be072db88747e2d1f8", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "599983be072db88747e2d1f8") +} + +2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:42:38 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:42:38 removed user 599983be072db88747e2d1f8. +2017-08-20 14:42:38 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 ERROR Cannot read property 'load' of undefined +2017-08-20 14:42:38 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "599983be072db88747e2d1f8") { + username + bio + role + } +} + +2017-08-20 14:42:38 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 14:42:38 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-20 14:42:38 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-08-20 14:42:38 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 14:42:38 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-20 14:42:38 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 ERROR Cannot read property 'load' of undefined +2017-08-20 14:42:38 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-20 14:42:38 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 14:42:38 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. +2017-08-20 14:42:38 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 14:42:38 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 14:42:38 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. +2017-08-20 14:42:38 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:42:38 -------------------------------------------------------------------------------- +2017-08-20 14:42:38 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-20 14:42:38 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-20 14:42:38 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 14:42:38 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-20 14:42:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:42:39 -------------------------------------------------------------------------------- +2017-08-20 14:42:39 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-20 14:42:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 14:42:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:42:39 -------------------------------------------------------------------------------- +2017-08-20 14:42:39 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-20 14:42:39 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-20 14:42:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 14:42:39 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-20 14:42:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:42:39 -------------------------------------------------------------------------------- +2017-08-20 14:42:39 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-20 14:42:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 14:42:39 ERROR Cannot read property 'load' of undefined +2017-08-20 14:42:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:42:39 -------------------------------------------------------------------------------- +2017-08-20 14:42:39 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-20 14:42:39 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 14:42:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 14:42:39 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-20 14:42:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:42:39 -------------------------------------------------------------------------------- +2017-08-20 14:42:39 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-20 14:42:39 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 14:42:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 14:42:39 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-20 14:42:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:42:39 -------------------------------------------------------------------------------- +2017-08-20 14:42:39 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-20 14:42:39 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-20 14:42:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 14:42:39 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-20 14:42:39 -------------------------------------------------------------------------------- +2017-08-20 14:42:39 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { + id + role + } +} + +2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:39 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:39 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-20 14:42:39 inserted user 599983bf072db88747e2d1fc. +2017-08-20 14:42:39 -------------------------------------------------------------------------------- +2017-08-20 14:42:39 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. +2017-08-20 14:42:39 Request: +User: "tobkle", role: "user", id: "599983bf072db88747e2d1fc", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599983bf072db88747e2d1fc" + } + ] +} +2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:42:39 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. +2017-08-20 14:42:39 -------------------------------------------------------------------------------- +2017-08-20 14:42:39 Request: +User: "tobkle", role: "user", id: "599983bf072db88747e2d1fc", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599983bf072db88747e2d1fc" + } + ] +} +2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:42:39 -------------------------------------------------------------------------------- +2017-08-20 14:42:39 Request: +User: "tobkle", role: "user", id: "599983bf072db88747e2d1fc", +Operation: "", variables: "", +Query: +{ + user(id: "599983bf072db88747e2d1fc") { + username + } +} + +2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599983bf072db88747e2d1fc" + } + ] +} +2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:42:39 -------------------------------------------------------------------------------- +2017-08-20 14:42:39 Request: +User: "tobkle", role: "user", id: "599983bf072db88747e2d1fc", +Operation: "", variables: "", +Query: +{ + user(id: "599983bf072db88747e2d1fc") { + username + role + } +} + +2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599983bf072db88747e2d1fc" + } + ] +} +2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:42:39 -------------------------------------------------------------------------------- +2017-08-20 14:42:39 Request: +User: "tobkle", role: "user", id: "599983bf072db88747e2d1fc", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599983bf072db88747e2d1fc" + } + ] +} +2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:42:39 ERROR update user not possible for 583291a1638566b3c5a92ca1. +2017-08-20 14:42:39 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599983bf072db88747e2d1fc" + } + ] +} +2017-08-20 14:42:39 -------------------------------------------------------------------------------- +2017-08-20 14:42:39 Request: +User: "tobkle", role: "user", id: "599983bf072db88747e2d1fc", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599983bf072db88747e2d1fc", input: {username: "tobkle", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599983bf072db88747e2d1fc" + } + ] +} +2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:42:39 updated user 599983bf072db88747e2d1fc. +2017-08-20 14:42:39 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599983bf072db88747e2d1fc" + } + ] +} +2017-08-20 14:42:39 -------------------------------------------------------------------------------- +2017-08-20 14:42:39 Request: +User: "tobkle", role: "user", id: "599983bf072db88747e2d1fc", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599983bf072db88747e2d1fc", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599983bf072db88747e2d1fc" + } + ] +} +2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:42:39 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599983bf072db88747e2d1fc" + } + ] +} +2017-08-20 14:42:39 updated user 599983bf072db88747e2d1fc. +2017-08-20 14:42:39 -------------------------------------------------------------------------------- +2017-08-20 14:42:39 Request: +User: "tobkle", role: "user", id: "599983bf072db88747e2d1fc", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599983bf072db88747e2d1fc" + } + ] +} +2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:42:39 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599983bf072db88747e2d1fc" + } + ] +} +2017-08-20 14:42:39 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-08-20 14:42:39 -------------------------------------------------------------------------------- +2017-08-20 14:42:39 Request: +User: "tobkle", role: "user", id: "599983bf072db88747e2d1fc", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "599983bf072db88747e2d1fc", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599983bf072db88747e2d1fc" + } + ] +} +2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:42:39 inserted tweet 599983bf072db88747e2d1fd. +2017-08-20 14:42:39 Authorize create 'createTweet' with user 'tobkle' and role: 'user' is authorized by docRole. +2017-08-20 14:42:39 -------------------------------------------------------------------------------- +2017-08-20 14:42:39 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. +2017-08-20 14:42:39 Request: +User: "tobkle", role: "user", id: "599983bf072db88747e2d1fc", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599983bf072db88747e2d1fc" + } + ] +} +2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:42:39 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. +2017-08-20 14:42:39 -------------------------------------------------------------------------------- +2017-08-20 14:42:39 Request: +User: "tobkle", role: "user", id: "599983bf072db88747e2d1fc", +Operation: "", variables: "", +Query: +{ + tweet(id: "599983bf072db88747e2d1fd") { + author { + id + } + body + } +} + +2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599983bf072db88747e2d1fc" + } + ] +} +2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:42:39 -------------------------------------------------------------------------------- +2017-08-20 14:42:39 Request: +User: "tobkle", role: "user", id: "599983bf072db88747e2d1fc", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599983bf072db88747e2d1fc" + } + ] +} +2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:42:39 -------------------------------------------------------------------------------- +2017-08-20 14:42:39 Request: +User: "tobkle", role: "user", id: "599983bf072db88747e2d1fc", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "599983bf072db88747e2d1fd", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599983bf072db88747e2d1fc" + } + ] +} +2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:42:39 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "599983bf072db88747e2d1fc" + }, + { + "coauthorsIds": "599983bf072db88747e2d1fc" + } + ] +} +2017-08-20 14:42:39 updated tweet 599983bf072db88747e2d1fd. +2017-08-20 14:42:39 -------------------------------------------------------------------------------- +2017-08-20 14:42:39 Request: +User: "tobkle", role: "user", id: "599983bf072db88747e2d1fc", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599983bf072db88747e2d1fc" + } + ] +} +2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:42:39 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "599983bf072db88747e2d1fc" + }, + { + "coauthorsIds": "599983bf072db88747e2d1fc" + } + ] +} +2017-08-20 14:42:39 ERROR update tweet not possible for 583676d3618530145474e352. +2017-08-20 14:42:39 -------------------------------------------------------------------------------- +2017-08-20 14:42:39 Request: +User: "tobkle", role: "user", id: "599983bf072db88747e2d1fc", +Operation: "", variables: "", +Query: +{ + tweet(id: "599983bf072db88747e2d1fd") { + body + } +} + +2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599983bf072db88747e2d1fc" + } + ] +} +2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:42:39 -------------------------------------------------------------------------------- +2017-08-20 14:42:39 Request: +User: "tobkle", role: "user", id: "599983bf072db88747e2d1fc", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "599983bf072db88747e2d1fd") +} + +2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599983bf072db88747e2d1fc" + } + ] +} +2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:42:39 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "599983bf072db88747e2d1fc" + } + ] +} +2017-08-20 14:42:39 removed tweet 599983bf072db88747e2d1fd. +2017-08-20 14:42:39 -------------------------------------------------------------------------------- +2017-08-20 14:42:39 Request: +User: "tobkle", role: "user", id: "599983bf072db88747e2d1fc", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599983bf072db88747e2d1fc" + } + ] +} +2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:42:39 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "599983bf072db88747e2d1fc" + } + ] +} +2017-08-20 14:42:39 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-08-20 14:42:39 -------------------------------------------------------------------------------- +2017-08-20 14:42:39 Request: +User: "tobkle", role: "user", id: "599983bf072db88747e2d1fc", +Operation: "", variables: "", +Query: +{ + tweet(id: "599983bf072db88747e2d1fd") { + body + } +} + +2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599983bf072db88747e2d1fc" + } + ] +} +2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:42:39 -------------------------------------------------------------------------------- +2017-08-20 14:42:39 Request: +User: "tobkle", role: "user", id: "599983bf072db88747e2d1fc", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "599983bf072db88747e2d1fc") +} + +2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599983bf072db88747e2d1fc" + } + ] +} +2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:42:39 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599983bf072db88747e2d1fc" + } + ] +} +2017-08-20 14:42:39 removed user 599983bf072db88747e2d1fc. +2017-08-20 14:42:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:42:39 -------------------------------------------------------------------------------- +2017-08-20 14:42:39 ERROR Cannot read property 'load' of undefined +2017-08-20 14:42:39 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "599983bf072db88747e2d1fc") { + username + bio + role + } +} + +2017-08-20 14:42:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 14:42:39 -------------------------------------------------------------------------------- +2017-08-20 14:42:39 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { + id + role + } +} + +2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:39 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:42:39 inserted user 599983bf072db88747e2d1fe. +2017-08-20 14:42:39 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-20 14:42:39 -------------------------------------------------------------------------------- +2017-08-20 14:42:39 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. +2017-08-20 14:42:39 Request: +User: "tobkle", role: "editor", id: "599983bf072db88747e2d1fe", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599983bf072db88747e2d1fe" + } + ] +} +2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-20 14:42:39 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. +2017-08-20 14:42:39 -------------------------------------------------------------------------------- +2017-08-20 14:42:39 Request: +User: "tobkle", role: "editor", id: "599983bf072db88747e2d1fe", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599983bf072db88747e2d1fe" + } + ] +} +2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-20 14:42:39 -------------------------------------------------------------------------------- +2017-08-20 14:42:39 Request: +User: "tobkle", role: "editor", id: "599983bf072db88747e2d1fe", +Operation: "", variables: "", +Query: +{ + user(id: "599983bf072db88747e2d1fe") { + username + role + } +} + +2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599983bf072db88747e2d1fe" + } + ] +} +2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-20 14:42:39 -------------------------------------------------------------------------------- +2017-08-20 14:42:39 Request: +User: "tobkle", role: "editor", id: "599983bf072db88747e2d1fe", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599983bf072db88747e2d1fe" + } + ] +} +2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-20 14:42:39 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599983bf072db88747e2d1fe" + } + ] +} +2017-08-20 14:42:39 ERROR update user not possible for 583291a1638566b3c5a92ca1. +2017-08-20 14:42:39 -------------------------------------------------------------------------------- +2017-08-20 14:42:39 Request: +User: "tobkle", role: "editor", id: "599983bf072db88747e2d1fe", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599983bf072db88747e2d1fe", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599983bf072db88747e2d1fe" + } + ] +} +2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-20 14:42:39 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599983bf072db88747e2d1fe" + } + ] +} +2017-08-20 14:42:39 updated user 599983bf072db88747e2d1fe. +2017-08-20 14:42:39 -------------------------------------------------------------------------------- +2017-08-20 14:42:39 Request: +User: "tmeasday", role: "editor", id: "599983bf072db88747e2d1fe", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599983bf072db88747e2d1fe", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599983bf072db88747e2d1fe" + } + ] +} +2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 14:42:39 Authorize update 'updateUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599983bf072db88747e2d1fe" + } + ] +} +2017-08-20 14:42:39 updated user 599983bf072db88747e2d1fe. +2017-08-20 14:42:39 -------------------------------------------------------------------------------- +2017-08-20 14:42:39 Request: +User: "tmeasday", role: "editor", id: "599983bf072db88747e2d1fe", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599983bf072db88747e2d1fe" + } + ] +} +2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 14:42:39 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599983bf072db88747e2d1fe" + } + ] +} +2017-08-20 14:42:39 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-08-20 14:42:39 -------------------------------------------------------------------------------- +2017-08-20 14:42:39 Request: +User: "tmeasday", role: "editor", id: "599983bf072db88747e2d1fe", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "599983bf072db88747e2d1fe", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599983bf072db88747e2d1fe" + } + ] +} +2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 14:42:39 Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is authorized by docRole. +2017-08-20 14:42:39 inserted tweet 599983bf072db88747e2d1ff. +2017-08-20 14:42:39 -------------------------------------------------------------------------------- +2017-08-20 14:42:39 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. +2017-08-20 14:42:39 Request: +User: "tmeasday", role: "editor", id: "599983bf072db88747e2d1fe", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599983bf072db88747e2d1fe" + } + ] +} +2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 14:42:39 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. +2017-08-20 14:42:39 -------------------------------------------------------------------------------- +2017-08-20 14:42:39 Request: +User: "tmeasday", role: "editor", id: "599983bf072db88747e2d1fe", +Operation: "", variables: "", +Query: +{ + tweet(id: "599983bf072db88747e2d1ff") { + author { + id + } + body + } +} + +2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599983bf072db88747e2d1fe" + } + ] +} +2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 14:42:39 -------------------------------------------------------------------------------- +2017-08-20 14:42:39 Request: +User: "tmeasday", role: "editor", id: "599983bf072db88747e2d1fe", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599983bf072db88747e2d1fe" + } + ] +} +2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 14:42:39 -------------------------------------------------------------------------------- +2017-08-20 14:42:39 Request: +User: "tmeasday", role: "editor", id: "599983bf072db88747e2d1fe", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "599983bf072db88747e2d1ff", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599983bf072db88747e2d1fe" + } + ] +} +2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 14:42:39 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "599983bf072db88747e2d1fe" + }, + { + "coauthorsIds": "599983bf072db88747e2d1fe" + } + ] +} +2017-08-20 14:42:39 updated tweet 599983bf072db88747e2d1ff. +2017-08-20 14:42:39 -------------------------------------------------------------------------------- +2017-08-20 14:42:39 Request: +User: "tmeasday", role: "editor", id: "599983bf072db88747e2d1fe", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599983bf072db88747e2d1fe" + } + ] +} +2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 14:42:39 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "599983bf072db88747e2d1fe" + }, + { + "coauthorsIds": "599983bf072db88747e2d1fe" + } + ] +} +2017-08-20 14:42:39 ERROR update tweet not possible for 583676d3618530145474e352. +2017-08-20 14:42:39 -------------------------------------------------------------------------------- +2017-08-20 14:42:39 Request: +User: "tmeasday", role: "editor", id: "599983bf072db88747e2d1fe", +Operation: "", variables: "", +Query: +{ + tweet(id: "599983bf072db88747e2d1ff") { + body + } +} + +2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599983bf072db88747e2d1fe" + } + ] +} +2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 14:42:39 -------------------------------------------------------------------------------- +2017-08-20 14:42:39 Request: +User: "tmeasday", role: "editor", id: "599983bf072db88747e2d1fe", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "599983bf072db88747e2d1ff") +} + +2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599983bf072db88747e2d1fe" + } + ] +} +2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 14:42:39 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "599983bf072db88747e2d1fe" + } + ] +} +2017-08-20 14:42:39 removed tweet 599983bf072db88747e2d1ff. +2017-08-20 14:42:39 -------------------------------------------------------------------------------- +2017-08-20 14:42:39 Request: +User: "tmeasday", role: "editor", id: "599983bf072db88747e2d1fe", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599983bf072db88747e2d1fe" + } + ] +} +2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 14:42:39 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "599983bf072db88747e2d1fe" + } + ] +} +2017-08-20 14:42:39 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-08-20 14:42:39 -------------------------------------------------------------------------------- +2017-08-20 14:42:39 Request: +User: "tmeasday", role: "editor", id: "599983bf072db88747e2d1fe", +Operation: "", variables: "", +Query: +{ + tweet(id: "599983bf072db88747e2d1ff") { + body + } +} + +2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599983bf072db88747e2d1fe" + } + ] +} +2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 14:42:39 -------------------------------------------------------------------------------- +2017-08-20 14:42:39 Request: +User: "tmeasday", role: "editor", id: "599983bf072db88747e2d1fe", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "599983bf072db88747e2d1fe") +} + +2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599983bf072db88747e2d1fe" + } + ] +} +2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 14:42:39 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599983bf072db88747e2d1fe" + } + ] +} +2017-08-20 14:42:39 removed user 599983bf072db88747e2d1fe. +2017-08-20 14:42:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:42:39 -------------------------------------------------------------------------------- +2017-08-20 14:42:39 ERROR Cannot read property 'load' of undefined +2017-08-20 14:42:39 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "599983bf072db88747e2d1fe") { + username + bio + role + } +} + +2017-08-20 14:42:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 14:51:57 Logger started +2017-08-20 14:52:37 -------------------------------------------------------------------------------- +2017-08-20 14:52:37 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-08-20 14:52:37 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:52:37 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + role + username + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + role + username + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca2") { + role + username + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + id + username + bio + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users { + username + createdAt + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(limit: 1) { + username + createdAt + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993) { + username + createdAt + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers { + username + createdAt + } + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(limit: 1) { + username + createdAt + } + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following { + username + createdAt + } + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(limit: 1) { + username + createdAt + } + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets { + id + createdAt + } + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(limit: 1) { + id + createdAt + } + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked { + id + createdAt + } + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(limit: 1) { + id + createdAt + } + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334) { + id + createdAt + } + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334, limit: 1) { + id + createdAt + } + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + id + body + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + author { + username + } + } +} + +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets { + id + createdAt + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(limit: 1) { + id + createdAt + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers { + username + createdAt + } + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(limit: 1) { + username + createdAt + } + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993) { + username + createdAt + } + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { + id + role + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-20 14:53:20 inserted user 59998640a6bf4f88157d4fd9. +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "tobkle", role: "admin", id: "59998640a6bf4f88157d4fd9", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:53:20 inserted user 59998640a6bf4f88157d4fda. +2017-08-20 14:53:20 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "tobkle", role: "admin", id: "59998640a6bf4f88157d4fd9", +Operation: "", variables: "", +Query: +{ + user(id: "59998640a6bf4f88157d4fda") { + username + bio + role + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "tobkle", role: "admin", id: "59998640a6bf4f88157d4fd9", +Operation: "", variables: "", +Query: +{ + user(id: "59998640a6bf4f88157d4fd9") { + username + role + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "tobkle", role: "admin", id: "59998640a6bf4f88157d4fd9", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59998640a6bf4f88157d4fda", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:53:20 updated user 59998640a6bf4f88157d4fda. +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "tobkle", role: "admin", id: "59998640a6bf4f88157d4fd9", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59998640a6bf4f88157d4fd9", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:53:20 updated user 59998640a6bf4f88157d4fd9. +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "tobkle", role: "admin", id: "59998640a6bf4f88157d4fd9", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59998640a6bf4f88157d4fda", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:53:20 updated user 59998640a6bf4f88157d4fda. +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "tobkle", role: "admin", id: "59998640a6bf4f88157d4fd9", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59998640a6bf4f88157d4fd9", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:53:20 updated user 59998640a6bf4f88157d4fd9. +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "tobkle", role: "editor", id: "59998640a6bf4f88157d4fd9", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59998640a6bf4f88157d4fd9", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998640a6bf4f88157d4fd9" + } + ] +} +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-20 14:53:20 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998640a6bf4f88157d4fd9" + } + ] +} +2017-08-20 14:53:20 updated user 59998640a6bf4f88157d4fd9. +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "zoltan", role: "admin", id: "59998640a6bf4f88157d4fda", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59998640a6bf4f88157d4fd9", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'zoltan' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'zoltan' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize update 'updateUser' with user 'zoltan' and role 'admin' is authorized +2017-08-20 14:53:20 updated user 59998640a6bf4f88157d4fd9. +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "tobkle", role: "admin", id: "59998640a6bf4f88157d4fd9", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59998640a6bf4f88157d4fda") +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:53:20 removed user 59998640a6bf4f88157d4fda. +2017-08-20 14:53:20 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "tobkle", role: "admin", id: "59998640a6bf4f88157d4fd9", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59998640a6bf4f88157d4fd9", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-20 14:53:20 inserted tweet 59998640a6bf4f88157d4fdb. +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "tobkle", role: "admin", id: "59998640a6bf4f88157d4fd9", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-20 14:53:20 inserted tweet 59998640a6bf4f88157d4fdc. +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "tobkle", role: "admin", id: "59998640a6bf4f88157d4fd9", +Operation: "", variables: "", +Query: +{ + tweet(id: "59998640a6bf4f88157d4fdb") { + author { + id + } + body + } +} + +2017-08-20 14:53:20 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "tobkle", role: "admin", id: "59998640a6bf4f88157d4fd9", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "tobkle", role: "admin", id: "59998640a6bf4f88157d4fd9", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59998640a6bf4f88157d4fdb", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:53:20 updated tweet 59998640a6bf4f88157d4fdb. +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "tobkle", role: "admin", id: "59998640a6bf4f88157d4fd9", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59998640a6bf4f88157d4fdc", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:53:20 updated tweet 59998640a6bf4f88157d4fdc. +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "tobkle", role: "admin", id: "59998640a6bf4f88157d4fd9", +Operation: "", variables: "", +Query: +{ + tweet(id: "59998640a6bf4f88157d4fdb") { + body + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "tobkle", role: "admin", id: "59998640a6bf4f88157d4fd9", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59998640a6bf4f88157d4fdb") +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:53:20 removed tweet 59998640a6bf4f88157d4fdb. +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "tobkle", role: "admin", id: "59998640a6bf4f88157d4fd9", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59998640a6bf4f88157d4fdc") +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:53:20 removed tweet 59998640a6bf4f88157d4fdc. +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "tobkle", role: "admin", id: "59998640a6bf4f88157d4fd9", +Operation: "", variables: "", +Query: +{ + tweet(id: "59998640a6bf4f88157d4fdb") { + body + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "tobkle", role: "admin", id: "59998640a6bf4f88157d4fd9", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59998640a6bf4f88157d4fd9") +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:53:20 removed user 59998640a6bf4f88157d4fd9. +2017-08-20 14:53:20 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:53:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59998640a6bf4f88157d4fd9") { + username + bio + role + } +} + +2017-08-20 14:53:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 14:53:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-20 14:53:20 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-08-20 14:53:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 14:53:20 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-20 14:53:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-20 14:53:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 14:53:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. +2017-08-20 14:53:20 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 14:53:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 14:53:20 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. +2017-08-20 14:53:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-20 14:53:20 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-20 14:53:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 14:53:20 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-20 14:53:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-20 14:53:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 14:53:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-20 14:53:20 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-20 14:53:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 14:53:20 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-20 14:53:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-20 14:53:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 14:53:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-20 14:53:20 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 14:53:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 14:53:20 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-20 14:53:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-20 14:53:20 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 14:53:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 14:53:20 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-20 14:53:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-20 14:53:20 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-20 14:53:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 14:53:20 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { + id + role + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:20 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-20 14:53:20 inserted user 59998640a6bf4f88157d4fdd. +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. +2017-08-20 14:53:20 Request: +User: "tobkle", role: "user", id: "59998640a6bf4f88157d4fdd", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998640a6bf4f88157d4fdd" + } + ] +} +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:53:20 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "tobkle", role: "user", id: "59998640a6bf4f88157d4fdd", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998640a6bf4f88157d4fdd" + } + ] +} +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "tobkle", role: "user", id: "59998640a6bf4f88157d4fdd", +Operation: "", variables: "", +Query: +{ + user(id: "59998640a6bf4f88157d4fdd") { + username + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998640a6bf4f88157d4fdd" + } + ] +} +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "tobkle", role: "user", id: "59998640a6bf4f88157d4fdd", +Operation: "", variables: "", +Query: +{ + user(id: "59998640a6bf4f88157d4fdd") { + username + role + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998640a6bf4f88157d4fdd" + } + ] +} +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "tobkle", role: "user", id: "59998640a6bf4f88157d4fdd", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998640a6bf4f88157d4fdd" + } + ] +} +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:53:20 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998640a6bf4f88157d4fdd" + } + ] +} +2017-08-20 14:53:20 ERROR update user not possible for 583291a1638566b3c5a92ca1. +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "tobkle", role: "user", id: "59998640a6bf4f88157d4fdd", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59998640a6bf4f88157d4fdd", input: {username: "tobkle", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998640a6bf4f88157d4fdd" + } + ] +} +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:53:20 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998640a6bf4f88157d4fdd" + } + ] +} +2017-08-20 14:53:20 updated user 59998640a6bf4f88157d4fdd. +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "tobkle", role: "user", id: "59998640a6bf4f88157d4fdd", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59998640a6bf4f88157d4fdd", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998640a6bf4f88157d4fdd" + } + ] +} +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:53:20 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998640a6bf4f88157d4fdd" + } + ] +} +2017-08-20 14:53:20 updated user 59998640a6bf4f88157d4fdd. +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "tobkle", role: "user", id: "59998640a6bf4f88157d4fdd", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998640a6bf4f88157d4fdd" + } + ] +} +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:53:20 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998640a6bf4f88157d4fdd" + } + ] +} +2017-08-20 14:53:20 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "tobkle", role: "user", id: "59998640a6bf4f88157d4fdd", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59998640a6bf4f88157d4fdd", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998640a6bf4f88157d4fdd" + } + ] +} +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:53:20 Authorize create 'createTweet' with user 'tobkle' and role: 'user' is authorized by docRole. +2017-08-20 14:53:20 inserted tweet 59998640a6bf4f88157d4fde. +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. +2017-08-20 14:53:20 Request: +User: "tobkle", role: "user", id: "59998640a6bf4f88157d4fdd", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998640a6bf4f88157d4fdd" + } + ] +} +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:53:20 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "tobkle", role: "user", id: "59998640a6bf4f88157d4fdd", +Operation: "", variables: "", +Query: +{ + tweet(id: "59998640a6bf4f88157d4fde") { + author { + id + } + body + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998640a6bf4f88157d4fdd" + } + ] +} +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "tobkle", role: "user", id: "59998640a6bf4f88157d4fdd", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998640a6bf4f88157d4fdd" + } + ] +} +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "tobkle", role: "user", id: "59998640a6bf4f88157d4fdd", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59998640a6bf4f88157d4fde", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998640a6bf4f88157d4fdd" + } + ] +} +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:53:20 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59998640a6bf4f88157d4fdd" + }, + { + "coauthorsIds": "59998640a6bf4f88157d4fdd" + } + ] +} +2017-08-20 14:53:20 updated tweet 59998640a6bf4f88157d4fde. +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "tobkle", role: "user", id: "59998640a6bf4f88157d4fdd", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998640a6bf4f88157d4fdd" + } + ] +} +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:53:20 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59998640a6bf4f88157d4fdd" + }, + { + "coauthorsIds": "59998640a6bf4f88157d4fdd" + } + ] +} +2017-08-20 14:53:20 ERROR update tweet not possible for 583676d3618530145474e352. +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "tobkle", role: "user", id: "59998640a6bf4f88157d4fdd", +Operation: "", variables: "", +Query: +{ + tweet(id: "59998640a6bf4f88157d4fde") { + body + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998640a6bf4f88157d4fdd" + } + ] +} +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "tobkle", role: "user", id: "59998640a6bf4f88157d4fdd", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59998640a6bf4f88157d4fde") +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998640a6bf4f88157d4fdd" + } + ] +} +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:53:20 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59998640a6bf4f88157d4fdd" + } + ] +} +2017-08-20 14:53:20 removed tweet 59998640a6bf4f88157d4fde. +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "tobkle", role: "user", id: "59998640a6bf4f88157d4fdd", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998640a6bf4f88157d4fdd" + } + ] +} +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:53:20 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59998640a6bf4f88157d4fdd" + } + ] +} +2017-08-20 14:53:20 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-08-20 14:53:20 -------------------------------------------------------------------------------- +2017-08-20 14:53:20 Request: +User: "tobkle", role: "user", id: "59998640a6bf4f88157d4fdd", +Operation: "", variables: "", +Query: +{ + tweet(id: "59998640a6bf4f88157d4fde") { + body + } +} + +2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998640a6bf4f88157d4fdd" + } + ] +} +2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:53:21 -------------------------------------------------------------------------------- +2017-08-20 14:53:21 Request: +User: "tobkle", role: "user", id: "59998640a6bf4f88157d4fdd", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59998640a6bf4f88157d4fdd") +} + +2017-08-20 14:53:21 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998640a6bf4f88157d4fdd" + } + ] +} +2017-08-20 14:53:21 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:53:21 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998640a6bf4f88157d4fdd" + } + ] +} +2017-08-20 14:53:21 removed user 59998640a6bf4f88157d4fdd. +2017-08-20 14:53:21 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:53:21 -------------------------------------------------------------------------------- +2017-08-20 14:53:21 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59998640a6bf4f88157d4fdd") { + username + bio + role + } +} + +2017-08-20 14:53:21 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:53:21 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 14:53:21 -------------------------------------------------------------------------------- +2017-08-20 14:53:21 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { + id + role + } +} + +2017-08-20 14:53:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:21 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:53:21 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-20 14:53:21 inserted user 59998641a6bf4f88157d4fdf. +2017-08-20 14:53:21 -------------------------------------------------------------------------------- +2017-08-20 14:53:21 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. +2017-08-20 14:53:21 Request: +User: "tobkle", role: "editor", id: "59998641a6bf4f88157d4fdf", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-08-20 14:53:21 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998641a6bf4f88157d4fdf" + } + ] +} +2017-08-20 14:53:21 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-20 14:53:21 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. +2017-08-20 14:53:21 -------------------------------------------------------------------------------- +2017-08-20 14:53:21 Request: +User: "tobkle", role: "editor", id: "59998641a6bf4f88157d4fdf", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-20 14:53:21 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998641a6bf4f88157d4fdf" + } + ] +} +2017-08-20 14:53:21 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-20 14:53:21 -------------------------------------------------------------------------------- +2017-08-20 14:53:21 Request: +User: "tobkle", role: "editor", id: "59998641a6bf4f88157d4fdf", +Operation: "", variables: "", +Query: +{ + user(id: "59998641a6bf4f88157d4fdf") { + username + role + } +} + +2017-08-20 14:53:21 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998641a6bf4f88157d4fdf" + } + ] +} +2017-08-20 14:53:21 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-20 14:53:21 -------------------------------------------------------------------------------- +2017-08-20 14:53:21 Request: +User: "tobkle", role: "editor", id: "59998641a6bf4f88157d4fdf", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 14:53:21 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998641a6bf4f88157d4fdf" + } + ] +} +2017-08-20 14:53:21 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-20 14:53:21 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998641a6bf4f88157d4fdf" + } + ] +} +2017-08-20 14:53:21 ERROR update user not possible for 583291a1638566b3c5a92ca1. +2017-08-20 14:53:21 -------------------------------------------------------------------------------- +2017-08-20 14:53:21 Request: +User: "tobkle", role: "editor", id: "59998641a6bf4f88157d4fdf", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59998641a6bf4f88157d4fdf", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-08-20 14:53:21 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998641a6bf4f88157d4fdf" + } + ] +} +2017-08-20 14:53:21 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-20 14:53:21 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998641a6bf4f88157d4fdf" + } + ] +} +2017-08-20 14:53:21 updated user 59998641a6bf4f88157d4fdf. +2017-08-20 14:53:21 -------------------------------------------------------------------------------- +2017-08-20 14:53:21 Request: +User: "tmeasday", role: "editor", id: "59998641a6bf4f88157d4fdf", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59998641a6bf4f88157d4fdf", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 14:53:21 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998641a6bf4f88157d4fdf" + } + ] +} +2017-08-20 14:53:21 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 14:53:21 Authorize update 'updateUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998641a6bf4f88157d4fdf" + } + ] +} +2017-08-20 14:53:21 updated user 59998641a6bf4f88157d4fdf. +2017-08-20 14:53:21 -------------------------------------------------------------------------------- +2017-08-20 14:53:21 Request: +User: "tmeasday", role: "editor", id: "59998641a6bf4f88157d4fdf", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-20 14:53:21 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998641a6bf4f88157d4fdf" + } + ] +} +2017-08-20 14:53:21 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 14:53:21 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998641a6bf4f88157d4fdf" + } + ] +} +2017-08-20 14:53:21 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-08-20 14:53:21 -------------------------------------------------------------------------------- +2017-08-20 14:53:21 Request: +User: "tmeasday", role: "editor", id: "59998641a6bf4f88157d4fdf", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59998641a6bf4f88157d4fdf", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-20 14:53:21 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998641a6bf4f88157d4fdf" + } + ] +} +2017-08-20 14:53:21 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 14:53:21 Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is authorized by docRole. +2017-08-20 14:53:21 inserted tweet 59998641a6bf4f88157d4fe0. +2017-08-20 14:53:21 -------------------------------------------------------------------------------- +2017-08-20 14:53:21 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. +2017-08-20 14:53:21 Request: +User: "tmeasday", role: "editor", id: "59998641a6bf4f88157d4fdf", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-20 14:53:21 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998641a6bf4f88157d4fdf" + } + ] +} +2017-08-20 14:53:21 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 14:53:21 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. +2017-08-20 14:53:21 -------------------------------------------------------------------------------- +2017-08-20 14:53:21 Request: +User: "tmeasday", role: "editor", id: "59998641a6bf4f88157d4fdf", +Operation: "", variables: "", +Query: +{ + tweet(id: "59998641a6bf4f88157d4fe0") { + author { + id + } + body + } +} + +2017-08-20 14:53:21 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998641a6bf4f88157d4fdf" + } + ] +} +2017-08-20 14:53:21 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 14:53:21 -------------------------------------------------------------------------------- +2017-08-20 14:53:21 Request: +User: "tmeasday", role: "editor", id: "59998641a6bf4f88157d4fdf", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-20 14:53:21 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998641a6bf4f88157d4fdf" + } + ] +} +2017-08-20 14:53:21 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 14:53:21 -------------------------------------------------------------------------------- +2017-08-20 14:53:21 Request: +User: "tmeasday", role: "editor", id: "59998641a6bf4f88157d4fdf", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59998641a6bf4f88157d4fe0", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 14:53:21 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998641a6bf4f88157d4fdf" + } + ] +} +2017-08-20 14:53:21 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 14:53:21 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59998641a6bf4f88157d4fdf" + }, + { + "coauthorsIds": "59998641a6bf4f88157d4fdf" + } + ] +} +2017-08-20 14:53:21 updated tweet 59998641a6bf4f88157d4fe0. +2017-08-20 14:53:21 -------------------------------------------------------------------------------- +2017-08-20 14:53:21 Request: +User: "tmeasday", role: "editor", id: "59998641a6bf4f88157d4fdf", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 14:53:21 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998641a6bf4f88157d4fdf" + } + ] +} +2017-08-20 14:53:21 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 14:53:21 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59998641a6bf4f88157d4fdf" + }, + { + "coauthorsIds": "59998641a6bf4f88157d4fdf" + } + ] +} +2017-08-20 14:53:21 ERROR update tweet not possible for 583676d3618530145474e352. +2017-08-20 14:53:21 -------------------------------------------------------------------------------- +2017-08-20 14:53:21 Request: +User: "tmeasday", role: "editor", id: "59998641a6bf4f88157d4fdf", +Operation: "", variables: "", +Query: +{ + tweet(id: "59998641a6bf4f88157d4fe0") { + body + } +} + +2017-08-20 14:53:21 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998641a6bf4f88157d4fdf" + } + ] +} +2017-08-20 14:53:21 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 14:53:21 -------------------------------------------------------------------------------- +2017-08-20 14:53:21 Request: +User: "tmeasday", role: "editor", id: "59998641a6bf4f88157d4fdf", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59998641a6bf4f88157d4fe0") +} + +2017-08-20 14:53:21 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998641a6bf4f88157d4fdf" + } + ] +} +2017-08-20 14:53:21 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 14:53:21 removed tweet 59998641a6bf4f88157d4fe0. +2017-08-20 14:53:21 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59998641a6bf4f88157d4fdf" + } + ] +} +2017-08-20 14:53:21 -------------------------------------------------------------------------------- +2017-08-20 14:53:21 Request: +User: "tmeasday", role: "editor", id: "59998641a6bf4f88157d4fdf", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-20 14:53:21 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998641a6bf4f88157d4fdf" + } + ] +} +2017-08-20 14:53:21 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 14:53:21 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59998641a6bf4f88157d4fdf" + } + ] +} +2017-08-20 14:53:21 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-08-20 14:53:21 -------------------------------------------------------------------------------- +2017-08-20 14:53:21 Request: +User: "tmeasday", role: "editor", id: "59998641a6bf4f88157d4fdf", +Operation: "", variables: "", +Query: +{ + tweet(id: "59998641a6bf4f88157d4fe0") { + body + } +} + +2017-08-20 14:53:21 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998641a6bf4f88157d4fdf" + } + ] +} +2017-08-20 14:53:21 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 14:53:21 -------------------------------------------------------------------------------- +2017-08-20 14:53:21 Request: +User: "tmeasday", role: "editor", id: "59998641a6bf4f88157d4fdf", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59998641a6bf4f88157d4fdf") +} + +2017-08-20 14:53:21 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998641a6bf4f88157d4fdf" + } + ] +} +2017-08-20 14:53:21 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 14:53:21 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998641a6bf4f88157d4fdf" + } + ] +} +2017-08-20 14:53:21 removed user 59998641a6bf4f88157d4fdf. +2017-08-20 14:53:21 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:53:21 -------------------------------------------------------------------------------- +2017-08-20 14:53:21 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59998641a6bf4f88157d4fdf") { + username + bio + role + } +} + +2017-08-20 14:53:21 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:53:21 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 14:57:17 Logger started +2017-08-20 14:57:44 -------------------------------------------------------------------------------- +2017-08-20 14:57:44 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-08-20 14:57:44 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:57:44 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 -------------------------------------------------------------------------------- +2017-08-20 14:58:27 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 -------------------------------------------------------------------------------- +2017-08-20 14:58:27 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + role + username + } +} + +2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 -------------------------------------------------------------------------------- +2017-08-20 14:58:27 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + role + username + } +} + +2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 -------------------------------------------------------------------------------- +2017-08-20 14:58:27 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca2") { + role + username + } +} + +2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 -------------------------------------------------------------------------------- +2017-08-20 14:58:27 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + id + username + bio + } +} + +2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 -------------------------------------------------------------------------------- +2017-08-20 14:58:27 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users { + username + createdAt + } +} + +2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 -------------------------------------------------------------------------------- +2017-08-20 14:58:27 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(limit: 1) { + username + createdAt + } +} + +2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 -------------------------------------------------------------------------------- +2017-08-20 14:58:27 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993) { + username + createdAt + } +} + +2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 -------------------------------------------------------------------------------- +2017-08-20 14:58:27 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } +} + +2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 -------------------------------------------------------------------------------- +2017-08-20 14:58:27 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers { + username + createdAt + } + } +} + +2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 -------------------------------------------------------------------------------- +2017-08-20 14:58:27 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(limit: 1) { + username + createdAt + } + } +} + +2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 -------------------------------------------------------------------------------- +2017-08-20 14:58:27 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 -------------------------------------------------------------------------------- +2017-08-20 14:58:27 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 -------------------------------------------------------------------------------- +2017-08-20 14:58:27 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following { + username + createdAt + } + } +} + +2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 -------------------------------------------------------------------------------- +2017-08-20 14:58:27 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(limit: 1) { + username + createdAt + } + } +} + +2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 -------------------------------------------------------------------------------- +2017-08-20 14:58:27 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 -------------------------------------------------------------------------------- +2017-08-20 14:58:27 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 -------------------------------------------------------------------------------- +2017-08-20 14:58:27 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets { + id + createdAt + } + } +} + +2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 -------------------------------------------------------------------------------- +2017-08-20 14:58:27 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(limit: 1) { + id + createdAt + } + } +} + +2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 -------------------------------------------------------------------------------- +2017-08-20 14:58:27 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } + } +} + +2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 -------------------------------------------------------------------------------- +2017-08-20 14:58:27 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } + } +} + +2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 -------------------------------------------------------------------------------- +2017-08-20 14:58:27 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked { + id + createdAt + } + } +} + +2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 -------------------------------------------------------------------------------- +2017-08-20 14:58:27 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(limit: 1) { + id + createdAt + } + } +} + +2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 -------------------------------------------------------------------------------- +2017-08-20 14:58:27 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334) { + id + createdAt + } + } +} + +2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 -------------------------------------------------------------------------------- +2017-08-20 14:58:27 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334, limit: 1) { + id + createdAt + } + } +} + +2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 -------------------------------------------------------------------------------- +2017-08-20 14:58:27 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + id + body + } +} + +2017-08-20 14:58:27 -------------------------------------------------------------------------------- +2017-08-20 14:58:27 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + author { + username + } + } +} + +2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 -------------------------------------------------------------------------------- +2017-08-20 14:58:27 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets { + id + createdAt + } +} + +2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 -------------------------------------------------------------------------------- +2017-08-20 14:58:27 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(limit: 1) { + id + createdAt + } +} + +2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 -------------------------------------------------------------------------------- +2017-08-20 14:58:27 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } +} + +2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 -------------------------------------------------------------------------------- +2017-08-20 14:58:27 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } +} + +2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 -------------------------------------------------------------------------------- +2017-08-20 14:58:27 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers { + username + createdAt + } + } +} + +2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 -------------------------------------------------------------------------------- +2017-08-20 14:58:27 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(limit: 1) { + username + createdAt + } + } +} + +2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 -------------------------------------------------------------------------------- +2017-08-20 14:58:27 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993) { + username + createdAt + } + } +} + +2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 -------------------------------------------------------------------------------- +2017-08-20 14:58:27 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } + } +} + +2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 -------------------------------------------------------------------------------- +2017-08-20 14:58:27 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { + id + role + } +} + +2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-20 14:58:27 inserted user 59998773ba01e788a797fbab. +2017-08-20 14:58:27 -------------------------------------------------------------------------------- +2017-08-20 14:58:27 Request: +User: "tobkle", role: "admin", id: "59998773ba01e788a797fbab", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-20 14:58:27 inserted user 59998773ba01e788a797fbac. +2017-08-20 14:58:27 -------------------------------------------------------------------------------- +2017-08-20 14:58:27 Request: +User: "tobkle", role: "admin", id: "59998773ba01e788a797fbab", +Operation: "", variables: "", +Query: +{ + user(id: "59998773ba01e788a797fbac") { + username + bio + role + } +} + +2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:58:27 -------------------------------------------------------------------------------- +2017-08-20 14:58:27 Request: +User: "tobkle", role: "admin", id: "59998773ba01e788a797fbab", +Operation: "", variables: "", +Query: +{ + user(id: "59998773ba01e788a797fbab") { + username + role + } +} + +2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:58:27 -------------------------------------------------------------------------------- +2017-08-20 14:58:27 Request: +User: "tobkle", role: "admin", id: "59998773ba01e788a797fbab", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59998773ba01e788a797fbac", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:58:27 updated user 59998773ba01e788a797fbac. +2017-08-20 14:58:27 -------------------------------------------------------------------------------- +2017-08-20 14:58:27 Request: +User: "tobkle", role: "admin", id: "59998773ba01e788a797fbab", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59998773ba01e788a797fbab", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:58:27 updated user 59998773ba01e788a797fbab. +2017-08-20 14:58:27 -------------------------------------------------------------------------------- +2017-08-20 14:58:27 Request: +User: "tobkle", role: "admin", id: "59998773ba01e788a797fbab", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59998773ba01e788a797fbac", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:58:28 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:58:28 updated user 59998773ba01e788a797fbac. +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "tobkle", role: "admin", id: "59998773ba01e788a797fbab", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59998773ba01e788a797fbab", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:58:28 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:58:28 updated user 59998773ba01e788a797fbab. +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "tobkle", role: "editor", id: "59998773ba01e788a797fbab", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59998773ba01e788a797fbab", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998773ba01e788a797fbab" + } + ] +} +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-20 14:58:28 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998773ba01e788a797fbab" + } + ] +} +2017-08-20 14:58:28 updated user 59998773ba01e788a797fbab. +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "zoltan", role: "admin", id: "59998773ba01e788a797fbac", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59998773ba01e788a797fbab", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'zoltan' and role 'admin' is authorized +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'zoltan' and role 'admin' is authorized +2017-08-20 14:58:28 Authorize update 'updateUser' with user 'zoltan' and role 'admin' is authorized +2017-08-20 14:58:28 updated user 59998773ba01e788a797fbab. +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "tobkle", role: "admin", id: "59998773ba01e788a797fbab", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59998773ba01e788a797fbac") +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:58:28 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:58:28 removed user 59998773ba01e788a797fbac. +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "tobkle", role: "admin", id: "59998773ba01e788a797fbab", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59998773ba01e788a797fbab", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:58:28 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:58:28 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-20 14:58:28 inserted tweet 59998774ba01e788a797fbad. +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "tobkle", role: "admin", id: "59998773ba01e788a797fbab", +Operation: "", variables: "", +Query: +{ + tweet(id: "59998774ba01e788a797fbad") { + author { + id + } + body + } +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "tobkle", role: "admin", id: "59998773ba01e788a797fbab", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:58:28 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:58:28 inserted tweet 59998774ba01e788a797fbae. +2017-08-20 14:58:28 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "tobkle", role: "admin", id: "59998773ba01e788a797fbab", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "tobkle", role: "admin", id: "59998773ba01e788a797fbab", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59998774ba01e788a797fbad", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:58:28 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:58:28 updated tweet 59998774ba01e788a797fbad. +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "tobkle", role: "admin", id: "59998773ba01e788a797fbab", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59998774ba01e788a797fbae", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:58:28 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:58:28 updated tweet 59998774ba01e788a797fbae. +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "tobkle", role: "admin", id: "59998773ba01e788a797fbab", +Operation: "", variables: "", +Query: +{ + tweet(id: "59998774ba01e788a797fbad") { + body + } +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "tobkle", role: "admin", id: "59998773ba01e788a797fbab", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59998774ba01e788a797fbad") +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:58:28 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:58:28 removed tweet 59998774ba01e788a797fbad. +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "tobkle", role: "admin", id: "59998773ba01e788a797fbab", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59998774ba01e788a797fbae") +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:58:28 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:58:28 removed tweet 59998774ba01e788a797fbae. +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "tobkle", role: "admin", id: "59998773ba01e788a797fbab", +Operation: "", variables: "", +Query: +{ + tweet(id: "59998774ba01e788a797fbad") { + body + } +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "tobkle", role: "admin", id: "59998773ba01e788a797fbab", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59998773ba01e788a797fbab") +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:58:28 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 14:58:28 removed user 59998773ba01e788a797fbab. +2017-08-20 14:58:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59998773ba01e788a797fbab") { + username + bio + role + } +} + +2017-08-20 14:58:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 14:58:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-20 14:58:28 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-08-20 14:58:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 14:58:28 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-20 14:58:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-20 14:58:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 14:58:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. +2017-08-20 14:58:28 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 14:58:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 14:58:28 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. +2017-08-20 14:58:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-20 14:58:28 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-20 14:58:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 14:58:28 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-20 14:58:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-20 14:58:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 14:58:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-20 14:58:28 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-20 14:58:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 14:58:28 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-20 14:58:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-20 14:58:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 14:58:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-20 14:58:28 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 14:58:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 14:58:28 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-20 14:58:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-20 14:58:28 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 14:58:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 14:58:28 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-20 14:58:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-20 14:58:28 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-20 14:58:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 14:58:28 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { + id + role + } +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:28 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:28 inserted user 59998774ba01e788a797fbaf. +2017-08-20 14:58:28 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. +2017-08-20 14:58:28 Request: +User: "tobkle", role: "user", id: "59998774ba01e788a797fbaf", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998774ba01e788a797fbaf" + } + ] +} +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:58:28 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "tobkle", role: "user", id: "59998774ba01e788a797fbaf", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998774ba01e788a797fbaf" + } + ] +} +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "tobkle", role: "user", id: "59998774ba01e788a797fbaf", +Operation: "", variables: "", +Query: +{ + user(id: "59998774ba01e788a797fbaf") { + username + } +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998774ba01e788a797fbaf" + } + ] +} +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "tobkle", role: "user", id: "59998774ba01e788a797fbaf", +Operation: "", variables: "", +Query: +{ + user(id: "59998774ba01e788a797fbaf") { + username + role + } +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998774ba01e788a797fbaf" + } + ] +} +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "tobkle", role: "user", id: "59998774ba01e788a797fbaf", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998774ba01e788a797fbaf" + } + ] +} +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:58:28 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998774ba01e788a797fbaf" + } + ] +} +2017-08-20 14:58:28 ERROR update user not possible for 583291a1638566b3c5a92ca1. +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "tobkle", role: "user", id: "59998774ba01e788a797fbaf", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59998774ba01e788a797fbaf", input: {username: "tobkle", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998774ba01e788a797fbaf" + } + ] +} +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:58:28 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998774ba01e788a797fbaf" + } + ] +} +2017-08-20 14:58:28 updated user 59998774ba01e788a797fbaf. +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "tobkle", role: "user", id: "59998774ba01e788a797fbaf", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59998774ba01e788a797fbaf", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998774ba01e788a797fbaf" + } + ] +} +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:58:28 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998774ba01e788a797fbaf" + } + ] +} +2017-08-20 14:58:28 updated user 59998774ba01e788a797fbaf. +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "tobkle", role: "user", id: "59998774ba01e788a797fbaf", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998774ba01e788a797fbaf" + } + ] +} +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:58:28 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998774ba01e788a797fbaf" + } + ] +} +2017-08-20 14:58:28 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "tobkle", role: "user", id: "59998774ba01e788a797fbaf", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59998774ba01e788a797fbaf", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998774ba01e788a797fbaf" + } + ] +} +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:58:28 inserted tweet 59998774ba01e788a797fbb0. +2017-08-20 14:58:28 Authorize create 'createTweet' with user 'tobkle' and role: 'user' is authorized by docRole. +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. +2017-08-20 14:58:28 Request: +User: "tobkle", role: "user", id: "59998774ba01e788a797fbaf", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998774ba01e788a797fbaf" + } + ] +} +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:58:28 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "tobkle", role: "user", id: "59998774ba01e788a797fbaf", +Operation: "", variables: "", +Query: +{ + tweet(id: "59998774ba01e788a797fbb0") { + author { + id + } + body + } +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998774ba01e788a797fbaf" + } + ] +} +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "tobkle", role: "user", id: "59998774ba01e788a797fbaf", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998774ba01e788a797fbaf" + } + ] +} +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "tobkle", role: "user", id: "59998774ba01e788a797fbaf", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59998774ba01e788a797fbb0", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998774ba01e788a797fbaf" + } + ] +} +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:58:28 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59998774ba01e788a797fbaf" + }, + { + "coauthorsIds": "59998774ba01e788a797fbaf" + } + ] +} +2017-08-20 14:58:28 updated tweet 59998774ba01e788a797fbb0. +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "tobkle", role: "user", id: "59998774ba01e788a797fbaf", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998774ba01e788a797fbaf" + } + ] +} +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:58:28 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59998774ba01e788a797fbaf" + }, + { + "coauthorsIds": "59998774ba01e788a797fbaf" + } + ] +} +2017-08-20 14:58:28 ERROR update tweet not possible for 583676d3618530145474e352. +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "tobkle", role: "user", id: "59998774ba01e788a797fbaf", +Operation: "", variables: "", +Query: +{ + tweet(id: "59998774ba01e788a797fbb0") { + body + } +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998774ba01e788a797fbaf" + } + ] +} +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "tobkle", role: "user", id: "59998774ba01e788a797fbaf", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59998774ba01e788a797fbb0") +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998774ba01e788a797fbaf" + } + ] +} +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:58:28 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59998774ba01e788a797fbaf" + } + ] +} +2017-08-20 14:58:28 removed tweet 59998774ba01e788a797fbb0. +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "tobkle", role: "user", id: "59998774ba01e788a797fbaf", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998774ba01e788a797fbaf" + } + ] +} +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:58:28 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59998774ba01e788a797fbaf" + } + ] +} +2017-08-20 14:58:28 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "tobkle", role: "user", id: "59998774ba01e788a797fbaf", +Operation: "", variables: "", +Query: +{ + tweet(id: "59998774ba01e788a797fbb0") { + body + } +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998774ba01e788a797fbaf" + } + ] +} +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "tobkle", role: "user", id: "59998774ba01e788a797fbaf", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59998774ba01e788a797fbaf") +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998774ba01e788a797fbaf" + } + ] +} +2017-08-20 14:58:28 removed user 59998774ba01e788a797fbaf. +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 14:58:28 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998774ba01e788a797fbaf" + } + ] +} +2017-08-20 14:58:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59998774ba01e788a797fbaf") { + username + bio + role + } +} + +2017-08-20 14:58:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { + id + role + } +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:28 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-20 14:58:28 inserted user 59998774ba01e788a797fbb1. +2017-08-20 14:58:28 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. +2017-08-20 14:58:28 Request: +User: "tobkle", role: "editor", id: "59998774ba01e788a797fbb1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998774ba01e788a797fbb1" + } + ] +} +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-20 14:58:28 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "tobkle", role: "editor", id: "59998774ba01e788a797fbb1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998774ba01e788a797fbb1" + } + ] +} +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "tobkle", role: "editor", id: "59998774ba01e788a797fbb1", +Operation: "", variables: "", +Query: +{ + user(id: "59998774ba01e788a797fbb1") { + username + role + } +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998774ba01e788a797fbb1" + } + ] +} +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "tobkle", role: "editor", id: "59998774ba01e788a797fbb1", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998774ba01e788a797fbb1" + } + ] +} +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-20 14:58:28 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998774ba01e788a797fbb1" + } + ] +} +2017-08-20 14:58:28 ERROR update user not possible for 583291a1638566b3c5a92ca1. +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "tobkle", role: "editor", id: "59998774ba01e788a797fbb1", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59998774ba01e788a797fbb1", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998774ba01e788a797fbb1" + } + ] +} +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-20 14:58:28 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998774ba01e788a797fbb1" + } + ] +} +2017-08-20 14:58:28 updated user 59998774ba01e788a797fbb1. +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "tmeasday", role: "editor", id: "59998774ba01e788a797fbb1", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59998774ba01e788a797fbb1", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998774ba01e788a797fbb1" + } + ] +} +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 14:58:28 Authorize update 'updateUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998774ba01e788a797fbb1" + } + ] +} +2017-08-20 14:58:28 updated user 59998774ba01e788a797fbb1. +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "tmeasday", role: "editor", id: "59998774ba01e788a797fbb1", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998774ba01e788a797fbb1" + } + ] +} +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 14:58:28 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998774ba01e788a797fbb1" + } + ] +} +2017-08-20 14:58:28 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "tmeasday", role: "editor", id: "59998774ba01e788a797fbb1", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59998774ba01e788a797fbb1", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998774ba01e788a797fbb1" + } + ] +} +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 14:58:28 Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is authorized by docRole. +2017-08-20 14:58:28 inserted tweet 59998774ba01e788a797fbb2. +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. +2017-08-20 14:58:28 Request: +User: "tmeasday", role: "editor", id: "59998774ba01e788a797fbb1", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998774ba01e788a797fbb1" + } + ] +} +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 14:58:28 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "tmeasday", role: "editor", id: "59998774ba01e788a797fbb1", +Operation: "", variables: "", +Query: +{ + tweet(id: "59998774ba01e788a797fbb2") { + author { + id + } + body + } +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998774ba01e788a797fbb1" + } + ] +} +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "tmeasday", role: "editor", id: "59998774ba01e788a797fbb1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998774ba01e788a797fbb1" + } + ] +} +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "tmeasday", role: "editor", id: "59998774ba01e788a797fbb1", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59998774ba01e788a797fbb2", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998774ba01e788a797fbb1" + } + ] +} +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 14:58:28 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59998774ba01e788a797fbb1" + }, + { + "coauthorsIds": "59998774ba01e788a797fbb1" + } + ] +} +2017-08-20 14:58:28 updated tweet 59998774ba01e788a797fbb2. +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "tmeasday", role: "editor", id: "59998774ba01e788a797fbb1", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998774ba01e788a797fbb1" + } + ] +} +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 14:58:28 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59998774ba01e788a797fbb1" + }, + { + "coauthorsIds": "59998774ba01e788a797fbb1" + } + ] +} +2017-08-20 14:58:28 ERROR update tweet not possible for 583676d3618530145474e352. +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "tmeasday", role: "editor", id: "59998774ba01e788a797fbb1", +Operation: "", variables: "", +Query: +{ + tweet(id: "59998774ba01e788a797fbb2") { + body + } +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998774ba01e788a797fbb1" + } + ] +} +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "tmeasday", role: "editor", id: "59998774ba01e788a797fbb1", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59998774ba01e788a797fbb2") +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998774ba01e788a797fbb1" + } + ] +} +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 14:58:28 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59998774ba01e788a797fbb1" + } + ] +} +2017-08-20 14:58:28 removed tweet 59998774ba01e788a797fbb2. +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "tmeasday", role: "editor", id: "59998774ba01e788a797fbb1", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998774ba01e788a797fbb1" + } + ] +} +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 14:58:28 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59998774ba01e788a797fbb1" + } + ] +} +2017-08-20 14:58:28 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "tmeasday", role: "editor", id: "59998774ba01e788a797fbb1", +Operation: "", variables: "", +Query: +{ + tweet(id: "59998774ba01e788a797fbb2") { + body + } +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998774ba01e788a797fbb1" + } + ] +} +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "tmeasday", role: "editor", id: "59998774ba01e788a797fbb1", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59998774ba01e788a797fbb1") +} + +2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998774ba01e788a797fbb1" + } + ] +} +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 14:58:28 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998774ba01e788a797fbb1" + } + ] +} +2017-08-20 14:58:28 removed user 59998774ba01e788a797fbb1. +2017-08-20 14:58:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:58:28 -------------------------------------------------------------------------------- +2017-08-20 14:58:28 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59998774ba01e788a797fbb1") { + username + bio + role + } +} + +2017-08-20 14:58:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 14:59:38 Logger started +2017-08-20 14:59:49 Logger started +2017-08-20 15:03:11 -------------------------------------------------------------------------------- +2017-08-20 15:03:11 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-08-20 15:03:11 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:11 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + role + username + } +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + role + username + } +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca2") { + role + username + } +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + id + username + bio + } +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users { + username + createdAt + } +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(limit: 1) { + username + createdAt + } +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993) { + username + createdAt + } +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers { + username + createdAt + } + } +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(limit: 1) { + username + createdAt + } + } +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following { + username + createdAt + } + } +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(limit: 1) { + username + createdAt + } + } +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets { + id + createdAt + } + } +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(limit: 1) { + id + createdAt + } + } +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } + } +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } + } +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked { + id + createdAt + } + } +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(limit: 1) { + id + createdAt + } + } +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334) { + id + createdAt + } + } +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334, limit: 1) { + id + createdAt + } + } +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + id + body + } +} + +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + author { + username + } + } +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets { + id + createdAt + } +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(limit: 1) { + id + createdAt + } +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers { + username + createdAt + } + } +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(limit: 1) { + username + createdAt + } + } +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993) { + username + createdAt + } + } +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } + } +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { + id + role + } +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-20 15:03:54 inserted user 599988bae793e5892ed59c1e. +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "tobkle", role: "admin", id: "599988bae793e5892ed59c1e", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:03:54 inserted user 599988bae793e5892ed59c1f. +2017-08-20 15:03:54 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "tobkle", role: "admin", id: "599988bae793e5892ed59c1e", +Operation: "", variables: "", +Query: +{ + user(id: "599988bae793e5892ed59c1f") { + username + bio + role + } +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "tobkle", role: "admin", id: "599988bae793e5892ed59c1e", +Operation: "", variables: "", +Query: +{ + user(id: "599988bae793e5892ed59c1e") { + username + role + } +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "tobkle", role: "admin", id: "599988bae793e5892ed59c1e", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599988bae793e5892ed59c1f", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:03:54 updated user 599988bae793e5892ed59c1f. +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "tobkle", role: "admin", id: "599988bae793e5892ed59c1e", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599988bae793e5892ed59c1e", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:03:54 updated user 599988bae793e5892ed59c1e. +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "tobkle", role: "admin", id: "599988bae793e5892ed59c1e", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599988bae793e5892ed59c1f", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:03:54 updated user 599988bae793e5892ed59c1f. +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "tobkle", role: "admin", id: "599988bae793e5892ed59c1e", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599988bae793e5892ed59c1e", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:03:54 updated user 599988bae793e5892ed59c1e. +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "tobkle", role: "editor", id: "599988bae793e5892ed59c1e", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599988bae793e5892ed59c1e", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599988bae793e5892ed59c1e" + } + ] +} +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-20 15:03:54 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599988bae793e5892ed59c1e" + } + ] +} +2017-08-20 15:03:54 updated user 599988bae793e5892ed59c1e. +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "zoltan", role: "admin", id: "599988bae793e5892ed59c1f", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599988bae793e5892ed59c1e", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'zoltan' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'zoltan' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize update 'updateUser' with user 'zoltan' and role 'admin' is authorized +2017-08-20 15:03:54 updated user 599988bae793e5892ed59c1e. +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "tobkle", role: "admin", id: "599988bae793e5892ed59c1e", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "599988bae793e5892ed59c1f") +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:03:54 removed user 599988bae793e5892ed59c1f. +2017-08-20 15:03:54 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "tobkle", role: "admin", id: "599988bae793e5892ed59c1e", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "599988bae793e5892ed59c1e", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-20 15:03:54 inserted tweet 599988bae793e5892ed59c20. +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "tobkle", role: "admin", id: "599988bae793e5892ed59c1e", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "tobkle", role: "admin", id: "599988bae793e5892ed59c1e", +Operation: "", variables: "", +Query: +{ + tweet(id: "599988bae793e5892ed59c20") { + author { + id + } + body + } +} + +2017-08-20 15:03:54 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:03:54 inserted tweet 599988bae793e5892ed59c21. +2017-08-20 15:03:54 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "tobkle", role: "admin", id: "599988bae793e5892ed59c1e", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "tobkle", role: "admin", id: "599988bae793e5892ed59c1e", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "599988bae793e5892ed59c20", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:03:54 updated tweet 599988bae793e5892ed59c20. +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "tobkle", role: "admin", id: "599988bae793e5892ed59c1e", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "599988bae793e5892ed59c21", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:03:54 updated tweet 599988bae793e5892ed59c21. +2017-08-20 15:03:54 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "tobkle", role: "admin", id: "599988bae793e5892ed59c1e", +Operation: "", variables: "", +Query: +{ + tweet(id: "599988bae793e5892ed59c20") { + body + } +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "tobkle", role: "admin", id: "599988bae793e5892ed59c1e", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "599988bae793e5892ed59c20") +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:03:54 removed tweet 599988bae793e5892ed59c20. +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "tobkle", role: "admin", id: "599988bae793e5892ed59c1e", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "599988bae793e5892ed59c21") +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:03:54 removed tweet 599988bae793e5892ed59c21. +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "tobkle", role: "admin", id: "599988bae793e5892ed59c1e", +Operation: "", variables: "", +Query: +{ + tweet(id: "599988bae793e5892ed59c20") { + body + } +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "tobkle", role: "admin", id: "599988bae793e5892ed59c1e", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "599988bae793e5892ed59c1e") +} + +2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:03:54 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:03:54 removed user 599988bae793e5892ed59c1e. +2017-08-20 15:03:54 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "599988bae793e5892ed59c1e") { + username + bio + role + } +} + +2017-08-20 15:03:54 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 15:03:54 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-20 15:03:54 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-08-20 15:03:54 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 15:03:54 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-20 15:03:54 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-20 15:03:54 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 15:03:54 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. +2017-08-20 15:03:54 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 15:03:54 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 15:03:54 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. +2017-08-20 15:03:54 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-20 15:03:54 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-20 15:03:54 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 15:03:54 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-20 15:03:54 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:03:54 -------------------------------------------------------------------------------- +2017-08-20 15:03:54 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-20 15:03:54 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 15:03:55 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:03:55 -------------------------------------------------------------------------------- +2017-08-20 15:03:55 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-20 15:03:55 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-20 15:03:55 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 15:03:55 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-20 15:03:55 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:03:55 -------------------------------------------------------------------------------- +2017-08-20 15:03:55 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-20 15:03:55 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 15:03:55 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:03:55 -------------------------------------------------------------------------------- +2017-08-20 15:03:55 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-20 15:03:55 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 15:03:55 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 15:03:55 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-20 15:03:55 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:03:55 -------------------------------------------------------------------------------- +2017-08-20 15:03:55 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-20 15:03:55 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 15:03:55 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 15:03:55 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-20 15:03:55 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:03:55 -------------------------------------------------------------------------------- +2017-08-20 15:03:55 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-20 15:03:55 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-20 15:03:55 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 15:03:55 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-20 15:03:55 -------------------------------------------------------------------------------- +2017-08-20 15:03:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { + id + role + } +} + +2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:55 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:55 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-20 15:03:55 inserted user 599988bbe793e5892ed59c22. +2017-08-20 15:03:55 -------------------------------------------------------------------------------- +2017-08-20 15:03:55 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. +2017-08-20 15:03:55 Request: +User: "tobkle", role: "user", id: "599988bbe793e5892ed59c22", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599988bbe793e5892ed59c22" + } + ] +} +2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:03:55 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. +2017-08-20 15:03:55 -------------------------------------------------------------------------------- +2017-08-20 15:03:55 Request: +User: "tobkle", role: "user", id: "599988bbe793e5892ed59c22", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599988bbe793e5892ed59c22" + } + ] +} +2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:03:55 -------------------------------------------------------------------------------- +2017-08-20 15:03:55 Request: +User: "tobkle", role: "user", id: "599988bbe793e5892ed59c22", +Operation: "", variables: "", +Query: +{ + user(id: "599988bbe793e5892ed59c22") { + username + } +} + +2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599988bbe793e5892ed59c22" + } + ] +} +2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:03:55 -------------------------------------------------------------------------------- +2017-08-20 15:03:55 Request: +User: "tobkle", role: "user", id: "599988bbe793e5892ed59c22", +Operation: "", variables: "", +Query: +{ + user(id: "599988bbe793e5892ed59c22") { + username + role + } +} + +2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599988bbe793e5892ed59c22" + } + ] +} +2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:03:55 -------------------------------------------------------------------------------- +2017-08-20 15:03:55 Request: +User: "tobkle", role: "user", id: "599988bbe793e5892ed59c22", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599988bbe793e5892ed59c22" + } + ] +} +2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:03:55 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599988bbe793e5892ed59c22" + } + ] +} +2017-08-20 15:03:55 ERROR update user not possible for 583291a1638566b3c5a92ca1. +2017-08-20 15:03:55 -------------------------------------------------------------------------------- +2017-08-20 15:03:55 Request: +User: "tobkle", role: "user", id: "599988bbe793e5892ed59c22", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599988bbe793e5892ed59c22", input: {username: "tobkle", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599988bbe793e5892ed59c22" + } + ] +} +2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:03:55 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599988bbe793e5892ed59c22" + } + ] +} +2017-08-20 15:03:55 updated user 599988bbe793e5892ed59c22. +2017-08-20 15:03:55 -------------------------------------------------------------------------------- +2017-08-20 15:03:55 Request: +User: "tobkle", role: "user", id: "599988bbe793e5892ed59c22", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599988bbe793e5892ed59c22", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599988bbe793e5892ed59c22" + } + ] +} +2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:03:55 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599988bbe793e5892ed59c22" + } + ] +} +2017-08-20 15:03:55 updated user 599988bbe793e5892ed59c22. +2017-08-20 15:03:55 -------------------------------------------------------------------------------- +2017-08-20 15:03:55 Request: +User: "tobkle", role: "user", id: "599988bbe793e5892ed59c22", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599988bbe793e5892ed59c22" + } + ] +} +2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:03:55 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599988bbe793e5892ed59c22" + } + ] +} +2017-08-20 15:03:55 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-08-20 15:03:55 -------------------------------------------------------------------------------- +2017-08-20 15:03:55 Request: +User: "tobkle", role: "user", id: "599988bbe793e5892ed59c22", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "599988bbe793e5892ed59c22", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599988bbe793e5892ed59c22" + } + ] +} +2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:03:55 Authorize create 'createTweet' with user 'tobkle' and role: 'user' is authorized by docRole. +2017-08-20 15:03:55 inserted tweet 599988bbe793e5892ed59c23. +2017-08-20 15:03:55 -------------------------------------------------------------------------------- +2017-08-20 15:03:55 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. +2017-08-20 15:03:55 Request: +User: "tobkle", role: "user", id: "599988bbe793e5892ed59c22", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599988bbe793e5892ed59c22" + } + ] +} +2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:03:55 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. +2017-08-20 15:03:55 -------------------------------------------------------------------------------- +2017-08-20 15:03:55 Request: +User: "tobkle", role: "user", id: "599988bbe793e5892ed59c22", +Operation: "", variables: "", +Query: +{ + tweet(id: "599988bbe793e5892ed59c23") { + author { + id + } + body + } +} + +2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599988bbe793e5892ed59c22" + } + ] +} +2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:03:55 -------------------------------------------------------------------------------- +2017-08-20 15:03:55 Request: +User: "tobkle", role: "user", id: "599988bbe793e5892ed59c22", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599988bbe793e5892ed59c22" + } + ] +} +2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:03:55 -------------------------------------------------------------------------------- +2017-08-20 15:03:55 Request: +User: "tobkle", role: "user", id: "599988bbe793e5892ed59c22", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "599988bbe793e5892ed59c23", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599988bbe793e5892ed59c22" + } + ] +} +2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:03:55 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "599988bbe793e5892ed59c22" + }, + { + "coauthorsIds": "599988bbe793e5892ed59c22" + } + ] +} +2017-08-20 15:03:55 updated tweet 599988bbe793e5892ed59c23. +2017-08-20 15:03:55 -------------------------------------------------------------------------------- +2017-08-20 15:03:55 Request: +User: "tobkle", role: "user", id: "599988bbe793e5892ed59c22", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599988bbe793e5892ed59c22" + } + ] +} +2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:03:55 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "599988bbe793e5892ed59c22" + }, + { + "coauthorsIds": "599988bbe793e5892ed59c22" + } + ] +} +2017-08-20 15:03:55 ERROR update tweet not possible for 583676d3618530145474e352. +2017-08-20 15:03:55 -------------------------------------------------------------------------------- +2017-08-20 15:03:55 Request: +User: "tobkle", role: "user", id: "599988bbe793e5892ed59c22", +Operation: "", variables: "", +Query: +{ + tweet(id: "599988bbe793e5892ed59c23") { + body + } +} + +2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599988bbe793e5892ed59c22" + } + ] +} +2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:03:55 -------------------------------------------------------------------------------- +2017-08-20 15:03:55 Request: +User: "tobkle", role: "user", id: "599988bbe793e5892ed59c22", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "599988bbe793e5892ed59c23") +} + +2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599988bbe793e5892ed59c22" + } + ] +} +2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:03:55 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "599988bbe793e5892ed59c22" + } + ] +} +2017-08-20 15:03:55 removed tweet 599988bbe793e5892ed59c23. +2017-08-20 15:03:55 -------------------------------------------------------------------------------- +2017-08-20 15:03:55 Request: +User: "tobkle", role: "user", id: "599988bbe793e5892ed59c22", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599988bbe793e5892ed59c22" + } + ] +} +2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:03:55 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "599988bbe793e5892ed59c22" + } + ] +} +2017-08-20 15:03:55 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-08-20 15:03:55 -------------------------------------------------------------------------------- +2017-08-20 15:03:55 Request: +User: "tobkle", role: "user", id: "599988bbe793e5892ed59c22", +Operation: "", variables: "", +Query: +{ + tweet(id: "599988bbe793e5892ed59c23") { + body + } +} + +2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599988bbe793e5892ed59c22" + } + ] +} +2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:03:55 -------------------------------------------------------------------------------- +2017-08-20 15:03:55 Request: +User: "tobkle", role: "user", id: "599988bbe793e5892ed59c22", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "599988bbe793e5892ed59c22") +} + +2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599988bbe793e5892ed59c22" + } + ] +} +2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:03:55 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599988bbe793e5892ed59c22" + } + ] +} +2017-08-20 15:03:55 removed user 599988bbe793e5892ed59c22. +2017-08-20 15:03:55 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:03:55 -------------------------------------------------------------------------------- +2017-08-20 15:03:55 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "599988bbe793e5892ed59c22") { + username + bio + role + } +} + +2017-08-20 15:03:55 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 15:03:55 -------------------------------------------------------------------------------- +2017-08-20 15:03:55 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { + id + role + } +} + +2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:55 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:03:55 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-20 15:03:55 inserted user 599988bbe793e5892ed59c24. +2017-08-20 15:03:55 -------------------------------------------------------------------------------- +2017-08-20 15:03:55 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. +2017-08-20 15:03:55 Request: +User: "tobkle", role: "editor", id: "599988bbe793e5892ed59c24", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599988bbe793e5892ed59c24" + } + ] +} +2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-20 15:03:55 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. +2017-08-20 15:03:55 -------------------------------------------------------------------------------- +2017-08-20 15:03:55 Request: +User: "tobkle", role: "editor", id: "599988bbe793e5892ed59c24", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599988bbe793e5892ed59c24" + } + ] +} +2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-20 15:03:55 -------------------------------------------------------------------------------- +2017-08-20 15:03:55 Request: +User: "tobkle", role: "editor", id: "599988bbe793e5892ed59c24", +Operation: "", variables: "", +Query: +{ + user(id: "599988bbe793e5892ed59c24") { + username + role + } +} + +2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599988bbe793e5892ed59c24" + } + ] +} +2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-20 15:03:55 -------------------------------------------------------------------------------- +2017-08-20 15:03:55 Request: +User: "tobkle", role: "editor", id: "599988bbe793e5892ed59c24", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599988bbe793e5892ed59c24" + } + ] +} +2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-20 15:03:55 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599988bbe793e5892ed59c24" + } + ] +} +2017-08-20 15:03:55 ERROR update user not possible for 583291a1638566b3c5a92ca1. +2017-08-20 15:03:55 -------------------------------------------------------------------------------- +2017-08-20 15:03:55 Request: +User: "tobkle", role: "editor", id: "599988bbe793e5892ed59c24", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599988bbe793e5892ed59c24", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599988bbe793e5892ed59c24" + } + ] +} +2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-20 15:03:55 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599988bbe793e5892ed59c24" + } + ] +} +2017-08-20 15:03:55 updated user 599988bbe793e5892ed59c24. +2017-08-20 15:03:55 -------------------------------------------------------------------------------- +2017-08-20 15:03:55 Request: +User: "tmeasday", role: "editor", id: "599988bbe793e5892ed59c24", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599988bbe793e5892ed59c24", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599988bbe793e5892ed59c24" + } + ] +} +2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 15:03:55 Authorize update 'updateUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599988bbe793e5892ed59c24" + } + ] +} +2017-08-20 15:03:55 updated user 599988bbe793e5892ed59c24. +2017-08-20 15:03:55 -------------------------------------------------------------------------------- +2017-08-20 15:03:55 Request: +User: "tmeasday", role: "editor", id: "599988bbe793e5892ed59c24", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599988bbe793e5892ed59c24" + } + ] +} +2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 15:03:55 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599988bbe793e5892ed59c24" + } + ] +} +2017-08-20 15:03:55 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-08-20 15:03:55 -------------------------------------------------------------------------------- +2017-08-20 15:03:55 Request: +User: "tmeasday", role: "editor", id: "599988bbe793e5892ed59c24", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "599988bbe793e5892ed59c24", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599988bbe793e5892ed59c24" + } + ] +} +2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 15:03:55 Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is authorized by docRole. +2017-08-20 15:03:55 inserted tweet 599988bbe793e5892ed59c25. +2017-08-20 15:03:55 -------------------------------------------------------------------------------- +2017-08-20 15:03:55 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. +2017-08-20 15:03:55 Request: +User: "tmeasday", role: "editor", id: "599988bbe793e5892ed59c24", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599988bbe793e5892ed59c24" + } + ] +} +2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 15:03:55 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. +2017-08-20 15:03:55 -------------------------------------------------------------------------------- +2017-08-20 15:03:55 Request: +User: "tmeasday", role: "editor", id: "599988bbe793e5892ed59c24", +Operation: "", variables: "", +Query: +{ + tweet(id: "599988bbe793e5892ed59c25") { + author { + id + } + body + } +} + +2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599988bbe793e5892ed59c24" + } + ] +} +2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 15:03:55 -------------------------------------------------------------------------------- +2017-08-20 15:03:55 Request: +User: "tmeasday", role: "editor", id: "599988bbe793e5892ed59c24", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599988bbe793e5892ed59c24" + } + ] +} +2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 15:03:55 -------------------------------------------------------------------------------- +2017-08-20 15:03:55 Request: +User: "tmeasday", role: "editor", id: "599988bbe793e5892ed59c24", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "599988bbe793e5892ed59c25", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599988bbe793e5892ed59c24" + } + ] +} +2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 15:03:55 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "599988bbe793e5892ed59c24" + }, + { + "coauthorsIds": "599988bbe793e5892ed59c24" + } + ] +} +2017-08-20 15:03:55 updated tweet 599988bbe793e5892ed59c25. +2017-08-20 15:03:55 -------------------------------------------------------------------------------- +2017-08-20 15:03:55 Request: +User: "tmeasday", role: "editor", id: "599988bbe793e5892ed59c24", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599988bbe793e5892ed59c24" + } + ] +} +2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 15:03:55 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "599988bbe793e5892ed59c24" + }, + { + "coauthorsIds": "599988bbe793e5892ed59c24" + } + ] +} +2017-08-20 15:03:55 ERROR update tweet not possible for 583676d3618530145474e352. +2017-08-20 15:03:55 -------------------------------------------------------------------------------- +2017-08-20 15:03:55 Request: +User: "tmeasday", role: "editor", id: "599988bbe793e5892ed59c24", +Operation: "", variables: "", +Query: +{ + tweet(id: "599988bbe793e5892ed59c25") { + body + } +} + +2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599988bbe793e5892ed59c24" + } + ] +} +2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 15:03:55 -------------------------------------------------------------------------------- +2017-08-20 15:03:55 Request: +User: "tmeasday", role: "editor", id: "599988bbe793e5892ed59c24", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "599988bbe793e5892ed59c25") +} + +2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599988bbe793e5892ed59c24" + } + ] +} +2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 15:03:55 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "599988bbe793e5892ed59c24" + } + ] +} +2017-08-20 15:03:55 removed tweet 599988bbe793e5892ed59c25. +2017-08-20 15:03:55 -------------------------------------------------------------------------------- +2017-08-20 15:03:55 Request: +User: "tmeasday", role: "editor", id: "599988bbe793e5892ed59c24", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599988bbe793e5892ed59c24" + } + ] +} +2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 15:03:55 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "599988bbe793e5892ed59c24" + } + ] +} +2017-08-20 15:03:55 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-08-20 15:03:55 -------------------------------------------------------------------------------- +2017-08-20 15:03:55 Request: +User: "tmeasday", role: "editor", id: "599988bbe793e5892ed59c24", +Operation: "", variables: "", +Query: +{ + tweet(id: "599988bbe793e5892ed59c25") { + body + } +} + +2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599988bbe793e5892ed59c24" + } + ] +} +2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 15:03:55 -------------------------------------------------------------------------------- +2017-08-20 15:03:55 Request: +User: "tmeasday", role: "editor", id: "599988bbe793e5892ed59c24", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "599988bbe793e5892ed59c24") +} + +2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599988bbe793e5892ed59c24" + } + ] +} +2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 15:03:55 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599988bbe793e5892ed59c24" + } + ] +} +2017-08-20 15:03:55 removed user 599988bbe793e5892ed59c24. +2017-08-20 15:03:55 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:03:55 -------------------------------------------------------------------------------- +2017-08-20 15:03:55 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "599988bbe793e5892ed59c24") { + username + bio + role + } +} + +2017-08-20 15:03:55 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 15:07:56 Logger started +2017-08-20 15:08:24 -------------------------------------------------------------------------------- +2017-08-20 15:08:24 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-08-20 15:08:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:08:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 -------------------------------------------------------------------------------- +2017-08-20 15:09:08 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 -------------------------------------------------------------------------------- +2017-08-20 15:09:08 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + role + username + } +} + +2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 -------------------------------------------------------------------------------- +2017-08-20 15:09:08 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + role + username + } +} + +2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 -------------------------------------------------------------------------------- +2017-08-20 15:09:08 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca2") { + role + username + } +} + +2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 -------------------------------------------------------------------------------- +2017-08-20 15:09:08 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + id + username + bio + } +} + +2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 -------------------------------------------------------------------------------- +2017-08-20 15:09:08 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users { + username + createdAt + } +} + +2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 -------------------------------------------------------------------------------- +2017-08-20 15:09:08 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(limit: 1) { + username + createdAt + } +} + +2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 -------------------------------------------------------------------------------- +2017-08-20 15:09:08 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993) { + username + createdAt + } +} + +2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 -------------------------------------------------------------------------------- +2017-08-20 15:09:08 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } +} + +2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 -------------------------------------------------------------------------------- +2017-08-20 15:09:08 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers { + username + createdAt + } + } +} + +2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 -------------------------------------------------------------------------------- +2017-08-20 15:09:08 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(limit: 1) { + username + createdAt + } + } +} + +2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 -------------------------------------------------------------------------------- +2017-08-20 15:09:08 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 -------------------------------------------------------------------------------- +2017-08-20 15:09:08 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 -------------------------------------------------------------------------------- +2017-08-20 15:09:08 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following { + username + createdAt + } + } +} + +2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 -------------------------------------------------------------------------------- +2017-08-20 15:09:08 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(limit: 1) { + username + createdAt + } + } +} + +2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 -------------------------------------------------------------------------------- +2017-08-20 15:09:08 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 -------------------------------------------------------------------------------- +2017-08-20 15:09:08 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 -------------------------------------------------------------------------------- +2017-08-20 15:09:08 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets { + id + createdAt + } + } +} + +2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 -------------------------------------------------------------------------------- +2017-08-20 15:09:08 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(limit: 1) { + id + createdAt + } + } +} + +2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 -------------------------------------------------------------------------------- +2017-08-20 15:09:08 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } + } +} + +2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 -------------------------------------------------------------------------------- +2017-08-20 15:09:08 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } + } +} + +2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 -------------------------------------------------------------------------------- +2017-08-20 15:09:08 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked { + id + createdAt + } + } +} + +2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 -------------------------------------------------------------------------------- +2017-08-20 15:09:08 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(limit: 1) { + id + createdAt + } + } +} + +2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 -------------------------------------------------------------------------------- +2017-08-20 15:09:08 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334) { + id + createdAt + } + } +} + +2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 -------------------------------------------------------------------------------- +2017-08-20 15:09:08 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334, limit: 1) { + id + createdAt + } + } +} + +2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 -------------------------------------------------------------------------------- +2017-08-20 15:09:08 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + id + body + } +} + +2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 -------------------------------------------------------------------------------- +2017-08-20 15:09:08 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + author { + username + } + } +} + +2017-08-20 15:09:08 -------------------------------------------------------------------------------- +2017-08-20 15:09:08 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets { + id + createdAt + } +} + +2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 -------------------------------------------------------------------------------- +2017-08-20 15:09:08 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(limit: 1) { + id + createdAt + } +} + +2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 -------------------------------------------------------------------------------- +2017-08-20 15:09:08 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } +} + +2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 -------------------------------------------------------------------------------- +2017-08-20 15:09:08 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } +} + +2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 -------------------------------------------------------------------------------- +2017-08-20 15:09:08 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers { + username + createdAt + } + } +} + +2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 -------------------------------------------------------------------------------- +2017-08-20 15:09:08 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(limit: 1) { + username + createdAt + } + } +} + +2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:08 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993) { + username + createdAt + } + } +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:09 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } + } +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:09 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { + id + role + } +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:09 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:09 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-20 15:09:09 inserted user 599989f5b11e6e8a458161bb. +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "tobkle", role: "admin", id: "599989f5b11e6e8a458161bb", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:09:09 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:09:09 inserted user 599989f5b11e6e8a458161bc. +2017-08-20 15:09:09 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "tobkle", role: "admin", id: "599989f5b11e6e8a458161bb", +Operation: "", variables: "", +Query: +{ + user(id: "599989f5b11e6e8a458161bc") { + username + bio + role + } +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "tobkle", role: "admin", id: "599989f5b11e6e8a458161bb", +Operation: "", variables: "", +Query: +{ + user(id: "599989f5b11e6e8a458161bb") { + username + role + } +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "tobkle", role: "admin", id: "599989f5b11e6e8a458161bb", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599989f5b11e6e8a458161bc", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:09:09 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:09:09 updated user 599989f5b11e6e8a458161bc. +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "tobkle", role: "admin", id: "599989f5b11e6e8a458161bb", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599989f5b11e6e8a458161bb", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:09:09 updated user 599989f5b11e6e8a458161bb. +2017-08-20 15:09:09 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "tobkle", role: "admin", id: "599989f5b11e6e8a458161bb", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599989f5b11e6e8a458161bc", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:09:09 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:09:09 updated user 599989f5b11e6e8a458161bc. +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "tobkle", role: "admin", id: "599989f5b11e6e8a458161bb", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599989f5b11e6e8a458161bb", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:09:09 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:09:09 updated user 599989f5b11e6e8a458161bb. +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "tobkle", role: "editor", id: "599989f5b11e6e8a458161bb", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599989f5b11e6e8a458161bb", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599989f5b11e6e8a458161bb" + } + ] +} +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-20 15:09:09 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599989f5b11e6e8a458161bb" + } + ] +} +2017-08-20 15:09:09 updated user 599989f5b11e6e8a458161bb. +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "zoltan", role: "admin", id: "599989f5b11e6e8a458161bc", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599989f5b11e6e8a458161bb", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'zoltan' and role 'admin' is authorized +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'zoltan' and role 'admin' is authorized +2017-08-20 15:09:09 Authorize update 'updateUser' with user 'zoltan' and role 'admin' is authorized +2017-08-20 15:09:09 updated user 599989f5b11e6e8a458161bb. +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "tobkle", role: "admin", id: "599989f5b11e6e8a458161bb", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "599989f5b11e6e8a458161bc") +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:09:09 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:09:09 removed user 599989f5b11e6e8a458161bc. +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "tobkle", role: "admin", id: "599989f5b11e6e8a458161bb", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "599989f5b11e6e8a458161bb", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:09:09 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:09:09 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-20 15:09:09 inserted tweet 599989f5b11e6e8a458161bd. +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "tobkle", role: "admin", id: "599989f5b11e6e8a458161bb", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-20 15:09:09 inserted tweet 599989f5b11e6e8a458161be. +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:09:09 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "tobkle", role: "admin", id: "599989f5b11e6e8a458161bb", +Operation: "", variables: "", +Query: +{ + tweet(id: "599989f5b11e6e8a458161bd") { + author { + id + } + body + } +} + +2017-08-20 15:09:09 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "tobkle", role: "admin", id: "599989f5b11e6e8a458161bb", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "tobkle", role: "admin", id: "599989f5b11e6e8a458161bb", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "599989f5b11e6e8a458161bd", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:09:09 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:09:09 updated tweet 599989f5b11e6e8a458161bd. +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "tobkle", role: "admin", id: "599989f5b11e6e8a458161bb", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "599989f5b11e6e8a458161be", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:09:09 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:09:09 updated tweet 599989f5b11e6e8a458161be. +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "tobkle", role: "admin", id: "599989f5b11e6e8a458161bb", +Operation: "", variables: "", +Query: +{ + tweet(id: "599989f5b11e6e8a458161bd") { + body + } +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "tobkle", role: "admin", id: "599989f5b11e6e8a458161bb", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "599989f5b11e6e8a458161bd") +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:09:09 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:09:09 removed tweet 599989f5b11e6e8a458161bd. +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "tobkle", role: "admin", id: "599989f5b11e6e8a458161bb", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "599989f5b11e6e8a458161be") +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:09:09 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:09:09 removed tweet 599989f5b11e6e8a458161be. +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "tobkle", role: "admin", id: "599989f5b11e6e8a458161bb", +Operation: "", variables: "", +Query: +{ + tweet(id: "599989f5b11e6e8a458161bd") { + body + } +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "tobkle", role: "admin", id: "599989f5b11e6e8a458161bb", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "599989f5b11e6e8a458161bb") +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:09:09 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:09:09 removed user 599989f5b11e6e8a458161bb. +2017-08-20 15:09:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "599989f5b11e6e8a458161bb") { + username + bio + role + } +} + +2017-08-20 15:09:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 15:09:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-20 15:09:09 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-08-20 15:09:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 15:09:09 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-20 15:09:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-20 15:09:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 15:09:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. +2017-08-20 15:09:09 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 15:09:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 15:09:09 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. +2017-08-20 15:09:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-20 15:09:09 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-20 15:09:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 15:09:09 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-20 15:09:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-20 15:09:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 15:09:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-20 15:09:09 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-20 15:09:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 15:09:09 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-20 15:09:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-20 15:09:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 15:09:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-20 15:09:09 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 15:09:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 15:09:09 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-20 15:09:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-20 15:09:09 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 15:09:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 15:09:09 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-20 15:09:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-20 15:09:09 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-20 15:09:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 15:09:09 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { + id + role + } +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:09 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:09 inserted user 599989f5b11e6e8a458161bf. +2017-08-20 15:09:09 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. +2017-08-20 15:09:09 Request: +User: "tobkle", role: "user", id: "599989f5b11e6e8a458161bf", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599989f5b11e6e8a458161bf" + } + ] +} +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:09:09 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "tobkle", role: "user", id: "599989f5b11e6e8a458161bf", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599989f5b11e6e8a458161bf" + } + ] +} +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "tobkle", role: "user", id: "599989f5b11e6e8a458161bf", +Operation: "", variables: "", +Query: +{ + user(id: "599989f5b11e6e8a458161bf") { + username + } +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599989f5b11e6e8a458161bf" + } + ] +} +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "tobkle", role: "user", id: "599989f5b11e6e8a458161bf", +Operation: "", variables: "", +Query: +{ + user(id: "599989f5b11e6e8a458161bf") { + username + role + } +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599989f5b11e6e8a458161bf" + } + ] +} +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "tobkle", role: "user", id: "599989f5b11e6e8a458161bf", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599989f5b11e6e8a458161bf" + } + ] +} +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:09:09 ERROR update user not possible for 583291a1638566b3c5a92ca1. +2017-08-20 15:09:09 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599989f5b11e6e8a458161bf" + } + ] +} +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "tobkle", role: "user", id: "599989f5b11e6e8a458161bf", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599989f5b11e6e8a458161bf", input: {username: "tobkle", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599989f5b11e6e8a458161bf" + } + ] +} +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:09:09 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599989f5b11e6e8a458161bf" + } + ] +} +2017-08-20 15:09:09 updated user 599989f5b11e6e8a458161bf. +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "tobkle", role: "user", id: "599989f5b11e6e8a458161bf", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599989f5b11e6e8a458161bf", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599989f5b11e6e8a458161bf" + } + ] +} +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:09:09 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599989f5b11e6e8a458161bf" + } + ] +} +2017-08-20 15:09:09 updated user 599989f5b11e6e8a458161bf. +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "tobkle", role: "user", id: "599989f5b11e6e8a458161bf", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599989f5b11e6e8a458161bf" + } + ] +} +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:09:09 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599989f5b11e6e8a458161bf" + } + ] +} +2017-08-20 15:09:09 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "tobkle", role: "user", id: "599989f5b11e6e8a458161bf", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "599989f5b11e6e8a458161bf", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599989f5b11e6e8a458161bf" + } + ] +} +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:09:09 Authorize create 'createTweet' with user 'tobkle' and role: 'user' is authorized by docRole. +2017-08-20 15:09:09 inserted tweet 599989f5b11e6e8a458161c0. +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. +2017-08-20 15:09:09 Request: +User: "tobkle", role: "user", id: "599989f5b11e6e8a458161bf", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599989f5b11e6e8a458161bf" + } + ] +} +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:09:09 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "tobkle", role: "user", id: "599989f5b11e6e8a458161bf", +Operation: "", variables: "", +Query: +{ + tweet(id: "599989f5b11e6e8a458161c0") { + author { + id + } + body + } +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599989f5b11e6e8a458161bf" + } + ] +} +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "tobkle", role: "user", id: "599989f5b11e6e8a458161bf", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599989f5b11e6e8a458161bf" + } + ] +} +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "tobkle", role: "user", id: "599989f5b11e6e8a458161bf", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "599989f5b11e6e8a458161c0", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599989f5b11e6e8a458161bf" + } + ] +} +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:09:09 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "599989f5b11e6e8a458161bf" + }, + { + "coauthorsIds": "599989f5b11e6e8a458161bf" + } + ] +} +2017-08-20 15:09:09 updated tweet 599989f5b11e6e8a458161c0. +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "tobkle", role: "user", id: "599989f5b11e6e8a458161bf", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599989f5b11e6e8a458161bf" + } + ] +} +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:09:09 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "599989f5b11e6e8a458161bf" + }, + { + "coauthorsIds": "599989f5b11e6e8a458161bf" + } + ] +} +2017-08-20 15:09:09 ERROR update tweet not possible for 583676d3618530145474e352. +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "tobkle", role: "user", id: "599989f5b11e6e8a458161bf", +Operation: "", variables: "", +Query: +{ + tweet(id: "599989f5b11e6e8a458161c0") { + body + } +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599989f5b11e6e8a458161bf" + } + ] +} +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "tobkle", role: "user", id: "599989f5b11e6e8a458161bf", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "599989f5b11e6e8a458161c0") +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599989f5b11e6e8a458161bf" + } + ] +} +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:09:09 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "599989f5b11e6e8a458161bf" + } + ] +} +2017-08-20 15:09:09 removed tweet 599989f5b11e6e8a458161c0. +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "tobkle", role: "user", id: "599989f5b11e6e8a458161bf", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599989f5b11e6e8a458161bf" + } + ] +} +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:09:09 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "599989f5b11e6e8a458161bf" + } + ] +} +2017-08-20 15:09:09 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "tobkle", role: "user", id: "599989f5b11e6e8a458161bf", +Operation: "", variables: "", +Query: +{ + tweet(id: "599989f5b11e6e8a458161c0") { + body + } +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599989f5b11e6e8a458161bf" + } + ] +} +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "tobkle", role: "user", id: "599989f5b11e6e8a458161bf", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "599989f5b11e6e8a458161bf") +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599989f5b11e6e8a458161bf" + } + ] +} +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:09:09 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "599989f5b11e6e8a458161bf" + } + ] +} +2017-08-20 15:09:09 removed user 599989f5b11e6e8a458161bf. +2017-08-20 15:09:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "599989f5b11e6e8a458161bf") { + username + bio + role + } +} + +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 15:09:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { + id + role + } +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:09 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:09:09 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-20 15:09:09 inserted user 599989f5b11e6e8a458161c1. +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. +2017-08-20 15:09:09 Request: +User: "tobkle", role: "editor", id: "599989f5b11e6e8a458161c1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599989f5b11e6e8a458161c1" + } + ] +} +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-20 15:09:09 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "tobkle", role: "editor", id: "599989f5b11e6e8a458161c1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599989f5b11e6e8a458161c1" + } + ] +} +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "tobkle", role: "editor", id: "599989f5b11e6e8a458161c1", +Operation: "", variables: "", +Query: +{ + user(id: "599989f5b11e6e8a458161c1") { + username + role + } +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599989f5b11e6e8a458161c1" + } + ] +} +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "tobkle", role: "editor", id: "599989f5b11e6e8a458161c1", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599989f5b11e6e8a458161c1" + } + ] +} +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-20 15:09:09 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599989f5b11e6e8a458161c1" + } + ] +} +2017-08-20 15:09:09 ERROR update user not possible for 583291a1638566b3c5a92ca1. +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "tobkle", role: "editor", id: "599989f5b11e6e8a458161c1", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599989f5b11e6e8a458161c1", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599989f5b11e6e8a458161c1" + } + ] +} +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-20 15:09:09 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599989f5b11e6e8a458161c1" + } + ] +} +2017-08-20 15:09:09 updated user 599989f5b11e6e8a458161c1. +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "tmeasday", role: "editor", id: "599989f5b11e6e8a458161c1", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "599989f5b11e6e8a458161c1", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599989f5b11e6e8a458161c1" + } + ] +} +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 15:09:09 Authorize update 'updateUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599989f5b11e6e8a458161c1" + } + ] +} +2017-08-20 15:09:09 updated user 599989f5b11e6e8a458161c1. +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "tmeasday", role: "editor", id: "599989f5b11e6e8a458161c1", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599989f5b11e6e8a458161c1" + } + ] +} +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 15:09:09 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599989f5b11e6e8a458161c1" + } + ] +} +2017-08-20 15:09:09 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "tmeasday", role: "editor", id: "599989f5b11e6e8a458161c1", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "599989f5b11e6e8a458161c1", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599989f5b11e6e8a458161c1" + } + ] +} +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 15:09:09 Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is authorized by docRole. +2017-08-20 15:09:09 inserted tweet 599989f5b11e6e8a458161c2. +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. +2017-08-20 15:09:09 Request: +User: "tmeasday", role: "editor", id: "599989f5b11e6e8a458161c1", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599989f5b11e6e8a458161c1" + } + ] +} +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 15:09:09 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "tmeasday", role: "editor", id: "599989f5b11e6e8a458161c1", +Operation: "", variables: "", +Query: +{ + tweet(id: "599989f5b11e6e8a458161c2") { + author { + id + } + body + } +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599989f5b11e6e8a458161c1" + } + ] +} +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "tmeasday", role: "editor", id: "599989f5b11e6e8a458161c1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599989f5b11e6e8a458161c1" + } + ] +} +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "tmeasday", role: "editor", id: "599989f5b11e6e8a458161c1", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "599989f5b11e6e8a458161c2", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599989f5b11e6e8a458161c1" + } + ] +} +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 15:09:09 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "599989f5b11e6e8a458161c1" + }, + { + "coauthorsIds": "599989f5b11e6e8a458161c1" + } + ] +} +2017-08-20 15:09:09 updated tweet 599989f5b11e6e8a458161c2. +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "tmeasday", role: "editor", id: "599989f5b11e6e8a458161c1", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599989f5b11e6e8a458161c1" + } + ] +} +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 15:09:09 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "599989f5b11e6e8a458161c1" + }, + { + "coauthorsIds": "599989f5b11e6e8a458161c1" + } + ] +} +2017-08-20 15:09:09 ERROR update tweet not possible for 583676d3618530145474e352. +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "tmeasday", role: "editor", id: "599989f5b11e6e8a458161c1", +Operation: "", variables: "", +Query: +{ + tweet(id: "599989f5b11e6e8a458161c2") { + body + } +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599989f5b11e6e8a458161c1" + } + ] +} +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "tmeasday", role: "editor", id: "599989f5b11e6e8a458161c1", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "599989f5b11e6e8a458161c2") +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599989f5b11e6e8a458161c1" + } + ] +} +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 15:09:09 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "599989f5b11e6e8a458161c1" + } + ] +} +2017-08-20 15:09:09 removed tweet 599989f5b11e6e8a458161c2. +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "tmeasday", role: "editor", id: "599989f5b11e6e8a458161c1", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599989f5b11e6e8a458161c1" + } + ] +} +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 15:09:09 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-08-20 15:09:09 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "599989f5b11e6e8a458161c1" + } + ] +} +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "tmeasday", role: "editor", id: "599989f5b11e6e8a458161c1", +Operation: "", variables: "", +Query: +{ + tweet(id: "599989f5b11e6e8a458161c2") { + body + } +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599989f5b11e6e8a458161c1" + } + ] +} +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "tmeasday", role: "editor", id: "599989f5b11e6e8a458161c1", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "599989f5b11e6e8a458161c1") +} + +2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599989f5b11e6e8a458161c1" + } + ] +} +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 15:09:09 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "599989f5b11e6e8a458161c1" + } + ] +} +2017-08-20 15:09:09 removed user 599989f5b11e6e8a458161c1. +2017-08-20 15:09:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:09:09 -------------------------------------------------------------------------------- +2017-08-20 15:09:09 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "599989f5b11e6e8a458161c1") { + username + bio + role + } +} + +2017-08-20 15:09:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 15:12:40 Logger started +2017-08-20 15:13:32 -------------------------------------------------------------------------------- +2017-08-20 15:13:32 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-08-20 15:13:32 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:13:32 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 -------------------------------------------------------------------------------- +2017-08-20 15:14:16 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 -------------------------------------------------------------------------------- +2017-08-20 15:14:16 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + role + username + } +} + +2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 -------------------------------------------------------------------------------- +2017-08-20 15:14:16 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + role + username + } +} + +2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 -------------------------------------------------------------------------------- +2017-08-20 15:14:16 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca2") { + role + username + } +} + +2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 -------------------------------------------------------------------------------- +2017-08-20 15:14:16 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + id + username + bio + } +} + +2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 -------------------------------------------------------------------------------- +2017-08-20 15:14:16 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users { + username + createdAt + } +} + +2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 -------------------------------------------------------------------------------- +2017-08-20 15:14:16 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(limit: 1) { + username + createdAt + } +} + +2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 -------------------------------------------------------------------------------- +2017-08-20 15:14:16 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993) { + username + createdAt + } +} + +2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 -------------------------------------------------------------------------------- +2017-08-20 15:14:16 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } +} + +2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 -------------------------------------------------------------------------------- +2017-08-20 15:14:16 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers { + username + createdAt + } + } +} + +2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 -------------------------------------------------------------------------------- +2017-08-20 15:14:16 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(limit: 1) { + username + createdAt + } + } +} + +2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 -------------------------------------------------------------------------------- +2017-08-20 15:14:16 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 -------------------------------------------------------------------------------- +2017-08-20 15:14:16 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 -------------------------------------------------------------------------------- +2017-08-20 15:14:16 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following { + username + createdAt + } + } +} + +2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 -------------------------------------------------------------------------------- +2017-08-20 15:14:16 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(limit: 1) { + username + createdAt + } + } +} + +2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 -------------------------------------------------------------------------------- +2017-08-20 15:14:16 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 -------------------------------------------------------------------------------- +2017-08-20 15:14:16 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 -------------------------------------------------------------------------------- +2017-08-20 15:14:16 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets { + id + createdAt + } + } +} + +2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 -------------------------------------------------------------------------------- +2017-08-20 15:14:16 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(limit: 1) { + id + createdAt + } + } +} + +2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 -------------------------------------------------------------------------------- +2017-08-20 15:14:16 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } + } +} + +2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 -------------------------------------------------------------------------------- +2017-08-20 15:14:16 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } + } +} + +2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 -------------------------------------------------------------------------------- +2017-08-20 15:14:16 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked { + id + createdAt + } + } +} + +2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 -------------------------------------------------------------------------------- +2017-08-20 15:14:16 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(limit: 1) { + id + createdAt + } + } +} + +2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 -------------------------------------------------------------------------------- +2017-08-20 15:14:16 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334) { + id + createdAt + } + } +} + +2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 -------------------------------------------------------------------------------- +2017-08-20 15:14:16 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334, limit: 1) { + id + createdAt + } + } +} + +2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 -------------------------------------------------------------------------------- +2017-08-20 15:14:16 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + id + body + } +} + +2017-08-20 15:14:16 -------------------------------------------------------------------------------- +2017-08-20 15:14:16 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + author { + username + } + } +} + +2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 -------------------------------------------------------------------------------- +2017-08-20 15:14:16 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets { + id + createdAt + } +} + +2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 -------------------------------------------------------------------------------- +2017-08-20 15:14:16 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(limit: 1) { + id + createdAt + } +} + +2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers { + username + createdAt + } + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(limit: 1) { + username + createdAt + } + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993) { + username + createdAt + } + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { + id + role + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-20 15:14:17 inserted user 59998b29fa5e208b07f4c385. +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "tobkle", role: "admin", id: "59998b29fa5e208b07f4c385", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-20 15:14:17 inserted user 59998b29fa5e208b07f4c386. +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "tobkle", role: "admin", id: "59998b29fa5e208b07f4c385", +Operation: "", variables: "", +Query: +{ + user(id: "59998b29fa5e208b07f4c386") { + username + bio + role + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "tobkle", role: "admin", id: "59998b29fa5e208b07f4c385", +Operation: "", variables: "", +Query: +{ + user(id: "59998b29fa5e208b07f4c385") { + username + role + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "tobkle", role: "admin", id: "59998b29fa5e208b07f4c385", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59998b29fa5e208b07f4c386", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:14:17 updated user 59998b29fa5e208b07f4c386. +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "tobkle", role: "admin", id: "59998b29fa5e208b07f4c385", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59998b29fa5e208b07f4c385", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:14:17 updated user 59998b29fa5e208b07f4c385. +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "tobkle", role: "admin", id: "59998b29fa5e208b07f4c385", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59998b29fa5e208b07f4c386", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:14:17 updated user 59998b29fa5e208b07f4c386. +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "tobkle", role: "admin", id: "59998b29fa5e208b07f4c385", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59998b29fa5e208b07f4c385", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:14:17 updated user 59998b29fa5e208b07f4c385. +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "tobkle", role: "editor", id: "59998b29fa5e208b07f4c385", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59998b29fa5e208b07f4c385", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998b29fa5e208b07f4c385" + } + ] +} +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-20 15:14:17 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998b29fa5e208b07f4c385" + } + ] +} +2017-08-20 15:14:17 updated user 59998b29fa5e208b07f4c385. +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "zoltan", role: "admin", id: "59998b29fa5e208b07f4c386", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59998b29fa5e208b07f4c385", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'zoltan' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'zoltan' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize update 'updateUser' with user 'zoltan' and role 'admin' is authorized +2017-08-20 15:14:17 updated user 59998b29fa5e208b07f4c385. +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "tobkle", role: "admin", id: "59998b29fa5e208b07f4c385", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59998b29fa5e208b07f4c386") +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:14:17 removed user 59998b29fa5e208b07f4c386. +2017-08-20 15:14:17 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "tobkle", role: "admin", id: "59998b29fa5e208b07f4c385", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59998b29fa5e208b07f4c385", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-20 15:14:17 inserted tweet 59998b29fa5e208b07f4c387. +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "tobkle", role: "admin", id: "59998b29fa5e208b07f4c385", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "tobkle", role: "admin", id: "59998b29fa5e208b07f4c385", +Operation: "", variables: "", +Query: +{ + tweet(id: "59998b29fa5e208b07f4c387") { + author { + id + } + body + } +} + +2017-08-20 15:14:17 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:14:17 inserted tweet 59998b29fa5e208b07f4c388. +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "tobkle", role: "admin", id: "59998b29fa5e208b07f4c385", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "tobkle", role: "admin", id: "59998b29fa5e208b07f4c385", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59998b29fa5e208b07f4c387", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:14:17 updated tweet 59998b29fa5e208b07f4c387. +2017-08-20 15:14:17 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "tobkle", role: "admin", id: "59998b29fa5e208b07f4c385", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59998b29fa5e208b07f4c388", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:14:17 updated tweet 59998b29fa5e208b07f4c388. +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "tobkle", role: "admin", id: "59998b29fa5e208b07f4c385", +Operation: "", variables: "", +Query: +{ + tweet(id: "59998b29fa5e208b07f4c387") { + body + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "tobkle", role: "admin", id: "59998b29fa5e208b07f4c385", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59998b29fa5e208b07f4c387") +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:14:17 removed tweet 59998b29fa5e208b07f4c387. +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "tobkle", role: "admin", id: "59998b29fa5e208b07f4c385", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59998b29fa5e208b07f4c388") +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:14:17 removed tweet 59998b29fa5e208b07f4c388. +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "tobkle", role: "admin", id: "59998b29fa5e208b07f4c385", +Operation: "", variables: "", +Query: +{ + tweet(id: "59998b29fa5e208b07f4c387") { + body + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "tobkle", role: "admin", id: "59998b29fa5e208b07f4c385", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59998b29fa5e208b07f4c385") +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:14:17 removed user 59998b29fa5e208b07f4c385. +2017-08-20 15:14:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59998b29fa5e208b07f4c385") { + username + bio + role + } +} + +2017-08-20 15:14:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 15:14:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-20 15:14:17 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-08-20 15:14:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 15:14:17 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-20 15:14:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-20 15:14:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 15:14:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. +2017-08-20 15:14:17 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 15:14:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 15:14:17 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. +2017-08-20 15:14:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-20 15:14:17 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-20 15:14:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 15:14:17 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-20 15:14:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-20 15:14:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 15:14:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-20 15:14:17 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 15:14:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:14:17 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-20 15:14:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-20 15:14:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 15:14:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-20 15:14:17 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 15:14:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 15:14:17 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-20 15:14:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-20 15:14:17 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 15:14:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 15:14:17 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-20 15:14:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-20 15:14:17 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-20 15:14:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 15:14:17 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { + id + role + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-20 15:14:17 inserted user 59998b29fa5e208b07f4c389. +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. +2017-08-20 15:14:17 Request: +User: "tobkle", role: "user", id: "59998b29fa5e208b07f4c389", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998b29fa5e208b07f4c389" + } + ] +} +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:14:17 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "tobkle", role: "user", id: "59998b29fa5e208b07f4c389", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998b29fa5e208b07f4c389" + } + ] +} +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "tobkle", role: "user", id: "59998b29fa5e208b07f4c389", +Operation: "", variables: "", +Query: +{ + user(id: "59998b29fa5e208b07f4c389") { + username + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998b29fa5e208b07f4c389" + } + ] +} +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "tobkle", role: "user", id: "59998b29fa5e208b07f4c389", +Operation: "", variables: "", +Query: +{ + user(id: "59998b29fa5e208b07f4c389") { + username + role + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998b29fa5e208b07f4c389" + } + ] +} +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "tobkle", role: "user", id: "59998b29fa5e208b07f4c389", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998b29fa5e208b07f4c389" + } + ] +} +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:14:17 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998b29fa5e208b07f4c389" + } + ] +} +2017-08-20 15:14:17 ERROR update user not possible for 583291a1638566b3c5a92ca1. +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "tobkle", role: "user", id: "59998b29fa5e208b07f4c389", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59998b29fa5e208b07f4c389", input: {username: "tobkle", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998b29fa5e208b07f4c389" + } + ] +} +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:14:17 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998b29fa5e208b07f4c389" + } + ] +} +2017-08-20 15:14:17 updated user 59998b29fa5e208b07f4c389. +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "tobkle", role: "user", id: "59998b29fa5e208b07f4c389", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59998b29fa5e208b07f4c389", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998b29fa5e208b07f4c389" + } + ] +} +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:14:17 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998b29fa5e208b07f4c389" + } + ] +} +2017-08-20 15:14:17 updated user 59998b29fa5e208b07f4c389. +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "tobkle", role: "user", id: "59998b29fa5e208b07f4c389", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998b29fa5e208b07f4c389" + } + ] +} +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:14:17 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998b29fa5e208b07f4c389" + } + ] +} +2017-08-20 15:14:17 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "tobkle", role: "user", id: "59998b29fa5e208b07f4c389", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59998b29fa5e208b07f4c389", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998b29fa5e208b07f4c389" + } + ] +} +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:14:17 Authorize create 'createTweet' with user 'tobkle' and role: 'user' is authorized by docRole. +2017-08-20 15:14:17 inserted tweet 59998b29fa5e208b07f4c38a. +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. +2017-08-20 15:14:17 Request: +User: "tobkle", role: "user", id: "59998b29fa5e208b07f4c389", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998b29fa5e208b07f4c389" + } + ] +} +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:14:17 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "tobkle", role: "user", id: "59998b29fa5e208b07f4c389", +Operation: "", variables: "", +Query: +{ + tweet(id: "59998b29fa5e208b07f4c38a") { + author { + id + } + body + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998b29fa5e208b07f4c389" + } + ] +} +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "tobkle", role: "user", id: "59998b29fa5e208b07f4c389", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998b29fa5e208b07f4c389" + } + ] +} +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "tobkle", role: "user", id: "59998b29fa5e208b07f4c389", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59998b29fa5e208b07f4c38a", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998b29fa5e208b07f4c389" + } + ] +} +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:14:17 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59998b29fa5e208b07f4c389" + }, + { + "coauthorsIds": "59998b29fa5e208b07f4c389" + } + ] +} +2017-08-20 15:14:17 updated tweet 59998b29fa5e208b07f4c38a. +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "tobkle", role: "user", id: "59998b29fa5e208b07f4c389", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998b29fa5e208b07f4c389" + } + ] +} +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:14:17 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59998b29fa5e208b07f4c389" + }, + { + "coauthorsIds": "59998b29fa5e208b07f4c389" + } + ] +} +2017-08-20 15:14:17 ERROR update tweet not possible for 583676d3618530145474e352. +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "tobkle", role: "user", id: "59998b29fa5e208b07f4c389", +Operation: "", variables: "", +Query: +{ + tweet(id: "59998b29fa5e208b07f4c38a") { + body + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998b29fa5e208b07f4c389" + } + ] +} +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "tobkle", role: "user", id: "59998b29fa5e208b07f4c389", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59998b29fa5e208b07f4c38a") +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998b29fa5e208b07f4c389" + } + ] +} +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:14:17 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59998b29fa5e208b07f4c389" + } + ] +} +2017-08-20 15:14:17 removed tweet 59998b29fa5e208b07f4c38a. +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "tobkle", role: "user", id: "59998b29fa5e208b07f4c389", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998b29fa5e208b07f4c389" + } + ] +} +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:14:17 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59998b29fa5e208b07f4c389" + } + ] +} +2017-08-20 15:14:17 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "tobkle", role: "user", id: "59998b29fa5e208b07f4c389", +Operation: "", variables: "", +Query: +{ + tweet(id: "59998b29fa5e208b07f4c38a") { + body + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998b29fa5e208b07f4c389" + } + ] +} +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "tobkle", role: "user", id: "59998b29fa5e208b07f4c389", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59998b29fa5e208b07f4c389") +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998b29fa5e208b07f4c389" + } + ] +} +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:14:17 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998b29fa5e208b07f4c389" + } + ] +} +2017-08-20 15:14:17 removed user 59998b29fa5e208b07f4c389. +2017-08-20 15:14:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59998b29fa5e208b07f4c389") { + username + bio + role + } +} + +2017-08-20 15:14:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { + id + role + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:17 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:14:17 inserted user 59998b29fa5e208b07f4c38b. +2017-08-20 15:14:17 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. +2017-08-20 15:14:17 Request: +User: "tobkle", role: "editor", id: "59998b29fa5e208b07f4c38b", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998b29fa5e208b07f4c38b" + } + ] +} +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-20 15:14:17 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "tobkle", role: "editor", id: "59998b29fa5e208b07f4c38b", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998b29fa5e208b07f4c38b" + } + ] +} +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "tobkle", role: "editor", id: "59998b29fa5e208b07f4c38b", +Operation: "", variables: "", +Query: +{ + user(id: "59998b29fa5e208b07f4c38b") { + username + role + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998b29fa5e208b07f4c38b" + } + ] +} +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "tobkle", role: "editor", id: "59998b29fa5e208b07f4c38b", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998b29fa5e208b07f4c38b" + } + ] +} +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-20 15:14:17 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998b29fa5e208b07f4c38b" + } + ] +} +2017-08-20 15:14:17 ERROR update user not possible for 583291a1638566b3c5a92ca1. +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "tobkle", role: "editor", id: "59998b29fa5e208b07f4c38b", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59998b29fa5e208b07f4c38b", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998b29fa5e208b07f4c38b" + } + ] +} +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-20 15:14:17 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998b29fa5e208b07f4c38b" + } + ] +} +2017-08-20 15:14:17 updated user 59998b29fa5e208b07f4c38b. +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "tmeasday", role: "editor", id: "59998b29fa5e208b07f4c38b", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59998b29fa5e208b07f4c38b", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998b29fa5e208b07f4c38b" + } + ] +} +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 15:14:17 Authorize update 'updateUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998b29fa5e208b07f4c38b" + } + ] +} +2017-08-20 15:14:17 updated user 59998b29fa5e208b07f4c38b. +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "tmeasday", role: "editor", id: "59998b29fa5e208b07f4c38b", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998b29fa5e208b07f4c38b" + } + ] +} +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 15:14:17 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998b29fa5e208b07f4c38b" + } + ] +} +2017-08-20 15:14:17 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "tmeasday", role: "editor", id: "59998b29fa5e208b07f4c38b", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59998b29fa5e208b07f4c38b", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998b29fa5e208b07f4c38b" + } + ] +} +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 15:14:17 Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is authorized by docRole. +2017-08-20 15:14:17 inserted tweet 59998b29fa5e208b07f4c38c. +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. +2017-08-20 15:14:17 Request: +User: "tmeasday", role: "editor", id: "59998b29fa5e208b07f4c38b", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998b29fa5e208b07f4c38b" + } + ] +} +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 15:14:17 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "tmeasday", role: "editor", id: "59998b29fa5e208b07f4c38b", +Operation: "", variables: "", +Query: +{ + tweet(id: "59998b29fa5e208b07f4c38c") { + author { + id + } + body + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998b29fa5e208b07f4c38b" + } + ] +} +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "tmeasday", role: "editor", id: "59998b29fa5e208b07f4c38b", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998b29fa5e208b07f4c38b" + } + ] +} +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "tmeasday", role: "editor", id: "59998b29fa5e208b07f4c38b", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59998b29fa5e208b07f4c38c", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998b29fa5e208b07f4c38b" + } + ] +} +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 15:14:17 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59998b29fa5e208b07f4c38b" + }, + { + "coauthorsIds": "59998b29fa5e208b07f4c38b" + } + ] +} +2017-08-20 15:14:17 updated tweet 59998b29fa5e208b07f4c38c. +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "tmeasday", role: "editor", id: "59998b29fa5e208b07f4c38b", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998b29fa5e208b07f4c38b" + } + ] +} +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 15:14:17 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59998b29fa5e208b07f4c38b" + }, + { + "coauthorsIds": "59998b29fa5e208b07f4c38b" + } + ] +} +2017-08-20 15:14:17 ERROR update tweet not possible for 583676d3618530145474e352. +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "tmeasday", role: "editor", id: "59998b29fa5e208b07f4c38b", +Operation: "", variables: "", +Query: +{ + tweet(id: "59998b29fa5e208b07f4c38c") { + body + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998b29fa5e208b07f4c38b" + } + ] +} +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "tmeasday", role: "editor", id: "59998b29fa5e208b07f4c38b", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59998b29fa5e208b07f4c38c") +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998b29fa5e208b07f4c38b" + } + ] +} +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 15:14:17 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59998b29fa5e208b07f4c38b" + } + ] +} +2017-08-20 15:14:17 removed tweet 59998b29fa5e208b07f4c38c. +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "tmeasday", role: "editor", id: "59998b29fa5e208b07f4c38b", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998b29fa5e208b07f4c38b" + } + ] +} +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 15:14:17 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-08-20 15:14:17 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59998b29fa5e208b07f4c38b" + } + ] +} +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "tmeasday", role: "editor", id: "59998b29fa5e208b07f4c38b", +Operation: "", variables: "", +Query: +{ + tweet(id: "59998b29fa5e208b07f4c38c") { + body + } +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998b29fa5e208b07f4c38b" + } + ] +} +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "tmeasday", role: "editor", id: "59998b29fa5e208b07f4c38b", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59998b29fa5e208b07f4c38b") +} + +2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998b29fa5e208b07f4c38b" + } + ] +} +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 15:14:17 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998b29fa5e208b07f4c38b" + } + ] +} +2017-08-20 15:14:17 removed user 59998b29fa5e208b07f4c38b. +2017-08-20 15:14:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:14:17 -------------------------------------------------------------------------------- +2017-08-20 15:14:17 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59998b29fa5e208b07f4c38b") { + username + bio + role + } +} + +2017-08-20 15:14:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 15:15:29 Logger started +2017-08-20 15:16:18 Logger started +2017-08-20 15:16:38 -------------------------------------------------------------------------------- +2017-08-20 15:16:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-08-20 15:16:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:16:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 -------------------------------------------------------------------------------- +2017-08-20 15:17:21 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-08-20 15:17:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 -------------------------------------------------------------------------------- +2017-08-20 15:17:21 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + role + username + } +} + +2017-08-20 15:17:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 -------------------------------------------------------------------------------- +2017-08-20 15:17:21 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + role + username + } +} + +2017-08-20 15:17:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 -------------------------------------------------------------------------------- +2017-08-20 15:17:21 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca2") { + role + username + } +} + +2017-08-20 15:17:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 -------------------------------------------------------------------------------- +2017-08-20 15:17:21 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + id + username + bio + } +} + +2017-08-20 15:17:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 -------------------------------------------------------------------------------- +2017-08-20 15:17:21 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users { + username + createdAt + } +} + +2017-08-20 15:17:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 -------------------------------------------------------------------------------- +2017-08-20 15:17:21 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(limit: 1) { + username + createdAt + } +} + +2017-08-20 15:17:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 -------------------------------------------------------------------------------- +2017-08-20 15:17:21 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993) { + username + createdAt + } +} + +2017-08-20 15:17:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 -------------------------------------------------------------------------------- +2017-08-20 15:17:21 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } +} + +2017-08-20 15:17:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 -------------------------------------------------------------------------------- +2017-08-20 15:17:21 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers { + username + createdAt + } + } +} + +2017-08-20 15:17:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 -------------------------------------------------------------------------------- +2017-08-20 15:17:21 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(limit: 1) { + username + createdAt + } + } +} + +2017-08-20 15:17:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 -------------------------------------------------------------------------------- +2017-08-20 15:17:21 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-08-20 15:17:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 -------------------------------------------------------------------------------- +2017-08-20 15:17:21 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-08-20 15:17:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 -------------------------------------------------------------------------------- +2017-08-20 15:17:21 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following { + username + createdAt + } + } +} + +2017-08-20 15:17:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 -------------------------------------------------------------------------------- +2017-08-20 15:17:21 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(limit: 1) { + username + createdAt + } + } +} + +2017-08-20 15:17:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 -------------------------------------------------------------------------------- +2017-08-20 15:17:21 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-08-20 15:17:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 -------------------------------------------------------------------------------- +2017-08-20 15:17:21 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-08-20 15:17:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 -------------------------------------------------------------------------------- +2017-08-20 15:17:21 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets { + id + createdAt + } + } +} + +2017-08-20 15:17:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 -------------------------------------------------------------------------------- +2017-08-20 15:17:21 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(limit: 1) { + id + createdAt + } + } +} + +2017-08-20 15:17:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 -------------------------------------------------------------------------------- +2017-08-20 15:17:21 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } + } +} + +2017-08-20 15:17:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 -------------------------------------------------------------------------------- +2017-08-20 15:17:21 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } + } +} + +2017-08-20 15:17:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 -------------------------------------------------------------------------------- +2017-08-20 15:17:21 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked { + id + createdAt + } + } +} + +2017-08-20 15:17:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:21 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(limit: 1) { + id + createdAt + } + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334) { + id + createdAt + } + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334, limit: 1) { + id + createdAt + } + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + id + body + } +} + +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + author { + username + } + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets { + id + createdAt + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(limit: 1) { + id + createdAt + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers { + username + createdAt + } + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(limit: 1) { + username + createdAt + } + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993) { + username + createdAt + } + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { + id + role + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-20 15:17:22 inserted user 59998be255629a8bad7ec6e2. +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "tobkle", role: "admin", id: "59998be255629a8bad7ec6e2", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-20 15:17:22 inserted user 59998be255629a8bad7ec6e3. +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "tobkle", role: "admin", id: "59998be255629a8bad7ec6e2", +Operation: "", variables: "", +Query: +{ + user(id: "59998be255629a8bad7ec6e3") { + username + bio + role + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "tobkle", role: "admin", id: "59998be255629a8bad7ec6e2", +Operation: "", variables: "", +Query: +{ + user(id: "59998be255629a8bad7ec6e2") { + username + role + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "tobkle", role: "admin", id: "59998be255629a8bad7ec6e2", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59998be255629a8bad7ec6e3", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:17:22 updated user 59998be255629a8bad7ec6e3. +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "tobkle", role: "admin", id: "59998be255629a8bad7ec6e2", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59998be255629a8bad7ec6e2", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:17:22 updated user 59998be255629a8bad7ec6e2. +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "tobkle", role: "admin", id: "59998be255629a8bad7ec6e2", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59998be255629a8bad7ec6e3", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:17:22 updated user 59998be255629a8bad7ec6e3. +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "tobkle", role: "admin", id: "59998be255629a8bad7ec6e2", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59998be255629a8bad7ec6e2", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:17:22 updated user 59998be255629a8bad7ec6e2. +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "tobkle", role: "editor", id: "59998be255629a8bad7ec6e2", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59998be255629a8bad7ec6e2", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998be255629a8bad7ec6e2" + } + ] +} +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-20 15:17:22 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998be255629a8bad7ec6e2" + } + ] +} +2017-08-20 15:17:22 updated user 59998be255629a8bad7ec6e2. +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "zoltan", role: "admin", id: "59998be255629a8bad7ec6e3", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59998be255629a8bad7ec6e2", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'zoltan' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'zoltan' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize update 'updateUser' with user 'zoltan' and role 'admin' is authorized +2017-08-20 15:17:22 updated user 59998be255629a8bad7ec6e2. +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "tobkle", role: "admin", id: "59998be255629a8bad7ec6e2", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59998be255629a8bad7ec6e3") +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:17:22 removed user 59998be255629a8bad7ec6e3. +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "tobkle", role: "admin", id: "59998be255629a8bad7ec6e2", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59998be255629a8bad7ec6e2", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-20 15:17:22 inserted tweet 59998be255629a8bad7ec6e4. +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "tobkle", role: "admin", id: "59998be255629a8bad7ec6e2", +Operation: "", variables: "", +Query: +{ + tweet(id: "59998be255629a8bad7ec6e4") { + author { + id + } + body + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "tobkle", role: "admin", id: "59998be255629a8bad7ec6e2", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:17:22 inserted tweet 59998be255629a8bad7ec6e5. +2017-08-20 15:17:22 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "tobkle", role: "admin", id: "59998be255629a8bad7ec6e2", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "tobkle", role: "admin", id: "59998be255629a8bad7ec6e2", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59998be255629a8bad7ec6e4", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:17:22 updated tweet 59998be255629a8bad7ec6e4. +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "tobkle", role: "admin", id: "59998be255629a8bad7ec6e2", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59998be255629a8bad7ec6e5", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:17:22 updated tweet 59998be255629a8bad7ec6e5. +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "tobkle", role: "admin", id: "59998be255629a8bad7ec6e2", +Operation: "", variables: "", +Query: +{ + tweet(id: "59998be255629a8bad7ec6e4") { + body + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "tobkle", role: "admin", id: "59998be255629a8bad7ec6e2", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59998be255629a8bad7ec6e4") +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:17:22 removed tweet 59998be255629a8bad7ec6e4. +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "tobkle", role: "admin", id: "59998be255629a8bad7ec6e2", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59998be255629a8bad7ec6e5") +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:17:22 removed tweet 59998be255629a8bad7ec6e5. +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "tobkle", role: "admin", id: "59998be255629a8bad7ec6e2", +Operation: "", variables: "", +Query: +{ + tweet(id: "59998be255629a8bad7ec6e4") { + body + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "tobkle", role: "admin", id: "59998be255629a8bad7ec6e2", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59998be255629a8bad7ec6e2") +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 15:17:22 removed user 59998be255629a8bad7ec6e2. +2017-08-20 15:17:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59998be255629a8bad7ec6e2") { + username + bio + role + } +} + +2017-08-20 15:17:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 15:17:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-20 15:17:22 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-08-20 15:17:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 15:17:22 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-20 15:17:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-20 15:17:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 15:17:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. +2017-08-20 15:17:22 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 15:17:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 15:17:22 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. +2017-08-20 15:17:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-20 15:17:22 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-20 15:17:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 15:17:22 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-20 15:17:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-20 15:17:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 15:17:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-20 15:17:22 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-20 15:17:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 15:17:22 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-20 15:17:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-20 15:17:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 15:17:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-20 15:17:22 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 15:17:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 15:17:22 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-20 15:17:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-20 15:17:22 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 15:17:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 15:17:22 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-20 15:17:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-20 15:17:22 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-20 15:17:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 15:17:22 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { + id + role + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:22 inserted user 59998be255629a8bad7ec6e6. +2017-08-20 15:17:22 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. +2017-08-20 15:17:22 Request: +User: "tobkle", role: "user", id: "59998be255629a8bad7ec6e6", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998be255629a8bad7ec6e6" + } + ] +} +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:17:22 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "tobkle", role: "user", id: "59998be255629a8bad7ec6e6", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998be255629a8bad7ec6e6" + } + ] +} +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "tobkle", role: "user", id: "59998be255629a8bad7ec6e6", +Operation: "", variables: "", +Query: +{ + user(id: "59998be255629a8bad7ec6e6") { + username + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998be255629a8bad7ec6e6" + } + ] +} +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "tobkle", role: "user", id: "59998be255629a8bad7ec6e6", +Operation: "", variables: "", +Query: +{ + user(id: "59998be255629a8bad7ec6e6") { + username + role + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998be255629a8bad7ec6e6" + } + ] +} +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "tobkle", role: "user", id: "59998be255629a8bad7ec6e6", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998be255629a8bad7ec6e6" + } + ] +} +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:17:22 ERROR update user not possible for 583291a1638566b3c5a92ca1. +2017-08-20 15:17:22 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998be255629a8bad7ec6e6" + } + ] +} +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "tobkle", role: "user", id: "59998be255629a8bad7ec6e6", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59998be255629a8bad7ec6e6", input: {username: "tobkle", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998be255629a8bad7ec6e6" + } + ] +} +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:17:22 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998be255629a8bad7ec6e6" + } + ] +} +2017-08-20 15:17:22 updated user 59998be255629a8bad7ec6e6. +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "tobkle", role: "user", id: "59998be255629a8bad7ec6e6", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59998be255629a8bad7ec6e6", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998be255629a8bad7ec6e6" + } + ] +} +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:17:22 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998be255629a8bad7ec6e6" + } + ] +} +2017-08-20 15:17:22 updated user 59998be255629a8bad7ec6e6. +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "tobkle", role: "user", id: "59998be255629a8bad7ec6e6", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998be255629a8bad7ec6e6" + } + ] +} +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:17:22 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998be255629a8bad7ec6e6" + } + ] +} +2017-08-20 15:17:22 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "tobkle", role: "user", id: "59998be255629a8bad7ec6e6", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59998be255629a8bad7ec6e6", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998be255629a8bad7ec6e6" + } + ] +} +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:17:22 Authorize create 'createTweet' with user 'tobkle' and role: 'user' is authorized by docRole. +2017-08-20 15:17:22 inserted tweet 59998be255629a8bad7ec6e7. +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. +2017-08-20 15:17:22 Request: +User: "tobkle", role: "user", id: "59998be255629a8bad7ec6e6", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998be255629a8bad7ec6e6" + } + ] +} +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:17:22 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "tobkle", role: "user", id: "59998be255629a8bad7ec6e6", +Operation: "", variables: "", +Query: +{ + tweet(id: "59998be255629a8bad7ec6e7") { + author { + id + } + body + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998be255629a8bad7ec6e6" + } + ] +} +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "tobkle", role: "user", id: "59998be255629a8bad7ec6e6", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998be255629a8bad7ec6e6" + } + ] +} +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "tobkle", role: "user", id: "59998be255629a8bad7ec6e6", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59998be255629a8bad7ec6e7", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998be255629a8bad7ec6e6" + } + ] +} +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:17:22 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59998be255629a8bad7ec6e6" + }, + { + "coauthorsIds": "59998be255629a8bad7ec6e6" + } + ] +} +2017-08-20 15:17:22 updated tweet 59998be255629a8bad7ec6e7. +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "tobkle", role: "user", id: "59998be255629a8bad7ec6e6", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998be255629a8bad7ec6e6" + } + ] +} +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:17:22 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59998be255629a8bad7ec6e6" + }, + { + "coauthorsIds": "59998be255629a8bad7ec6e6" + } + ] +} +2017-08-20 15:17:22 ERROR update tweet not possible for 583676d3618530145474e352. +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "tobkle", role: "user", id: "59998be255629a8bad7ec6e6", +Operation: "", variables: "", +Query: +{ + tweet(id: "59998be255629a8bad7ec6e7") { + body + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998be255629a8bad7ec6e6" + } + ] +} +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "tobkle", role: "user", id: "59998be255629a8bad7ec6e6", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59998be255629a8bad7ec6e7") +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998be255629a8bad7ec6e6" + } + ] +} +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:17:22 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59998be255629a8bad7ec6e6" + } + ] +} +2017-08-20 15:17:22 removed tweet 59998be255629a8bad7ec6e7. +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "tobkle", role: "user", id: "59998be255629a8bad7ec6e6", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998be255629a8bad7ec6e6" + } + ] +} +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:17:22 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59998be255629a8bad7ec6e6" + } + ] +} +2017-08-20 15:17:22 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "tobkle", role: "user", id: "59998be255629a8bad7ec6e6", +Operation: "", variables: "", +Query: +{ + tweet(id: "59998be255629a8bad7ec6e7") { + body + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998be255629a8bad7ec6e6" + } + ] +} +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "tobkle", role: "user", id: "59998be255629a8bad7ec6e6", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59998be255629a8bad7ec6e6") +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998be255629a8bad7ec6e6" + } + ] +} +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 15:17:22 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59998be255629a8bad7ec6e6" + } + ] +} +2017-08-20 15:17:22 removed user 59998be255629a8bad7ec6e6. +2017-08-20 15:17:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59998be255629a8bad7ec6e6") { + username + bio + role + } +} + +2017-08-20 15:17:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { + id + role + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:22 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-20 15:17:22 inserted user 59998be255629a8bad7ec6e8. +2017-08-20 15:17:22 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. +2017-08-20 15:17:22 Request: +User: "tobkle", role: "editor", id: "59998be255629a8bad7ec6e8", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998be255629a8bad7ec6e8" + } + ] +} +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-20 15:17:22 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "tobkle", role: "editor", id: "59998be255629a8bad7ec6e8", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998be255629a8bad7ec6e8" + } + ] +} +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "tobkle", role: "editor", id: "59998be255629a8bad7ec6e8", +Operation: "", variables: "", +Query: +{ + user(id: "59998be255629a8bad7ec6e8") { + username + role + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998be255629a8bad7ec6e8" + } + ] +} +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "tobkle", role: "editor", id: "59998be255629a8bad7ec6e8", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998be255629a8bad7ec6e8" + } + ] +} +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-20 15:17:22 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998be255629a8bad7ec6e8" + } + ] +} +2017-08-20 15:17:22 ERROR update user not possible for 583291a1638566b3c5a92ca1. +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "tobkle", role: "editor", id: "59998be255629a8bad7ec6e8", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59998be255629a8bad7ec6e8", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998be255629a8bad7ec6e8" + } + ] +} +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-20 15:17:22 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998be255629a8bad7ec6e8" + } + ] +} +2017-08-20 15:17:22 updated user 59998be255629a8bad7ec6e8. +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "tmeasday", role: "editor", id: "59998be255629a8bad7ec6e8", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59998be255629a8bad7ec6e8", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998be255629a8bad7ec6e8" + } + ] +} +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 15:17:22 Authorize update 'updateUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998be255629a8bad7ec6e8" + } + ] +} +2017-08-20 15:17:22 updated user 59998be255629a8bad7ec6e8. +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "tmeasday", role: "editor", id: "59998be255629a8bad7ec6e8", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998be255629a8bad7ec6e8" + } + ] +} +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 15:17:22 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998be255629a8bad7ec6e8" + } + ] +} +2017-08-20 15:17:22 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "tmeasday", role: "editor", id: "59998be255629a8bad7ec6e8", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59998be255629a8bad7ec6e8", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998be255629a8bad7ec6e8" + } + ] +} +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 15:17:22 inserted tweet 59998be255629a8bad7ec6e9. +2017-08-20 15:17:22 Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is authorized by docRole. +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. +2017-08-20 15:17:22 Request: +User: "tmeasday", role: "editor", id: "59998be255629a8bad7ec6e8", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998be255629a8bad7ec6e8" + } + ] +} +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 15:17:22 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "tmeasday", role: "editor", id: "59998be255629a8bad7ec6e8", +Operation: "", variables: "", +Query: +{ + tweet(id: "59998be255629a8bad7ec6e9") { + author { + id + } + body + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998be255629a8bad7ec6e8" + } + ] +} +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "tmeasday", role: "editor", id: "59998be255629a8bad7ec6e8", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998be255629a8bad7ec6e8" + } + ] +} +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "tmeasday", role: "editor", id: "59998be255629a8bad7ec6e8", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59998be255629a8bad7ec6e9", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998be255629a8bad7ec6e8" + } + ] +} +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 15:17:22 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59998be255629a8bad7ec6e8" + }, + { + "coauthorsIds": "59998be255629a8bad7ec6e8" + } + ] +} +2017-08-20 15:17:22 updated tweet 59998be255629a8bad7ec6e9. +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "tmeasday", role: "editor", id: "59998be255629a8bad7ec6e8", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998be255629a8bad7ec6e8" + } + ] +} +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 15:17:22 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59998be255629a8bad7ec6e8" + }, + { + "coauthorsIds": "59998be255629a8bad7ec6e8" + } + ] +} +2017-08-20 15:17:22 ERROR update tweet not possible for 583676d3618530145474e352. +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "tmeasday", role: "editor", id: "59998be255629a8bad7ec6e8", +Operation: "", variables: "", +Query: +{ + tweet(id: "59998be255629a8bad7ec6e9") { + body + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998be255629a8bad7ec6e8" + } + ] +} +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "tmeasday", role: "editor", id: "59998be255629a8bad7ec6e8", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59998be255629a8bad7ec6e9") +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998be255629a8bad7ec6e8" + } + ] +} +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 15:17:22 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59998be255629a8bad7ec6e8" + } + ] +} +2017-08-20 15:17:22 removed tweet 59998be255629a8bad7ec6e9. +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "tmeasday", role: "editor", id: "59998be255629a8bad7ec6e8", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998be255629a8bad7ec6e8" + } + ] +} +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 15:17:22 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59998be255629a8bad7ec6e8" + } + ] +} +2017-08-20 15:17:22 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "tmeasday", role: "editor", id: "59998be255629a8bad7ec6e8", +Operation: "", variables: "", +Query: +{ + tweet(id: "59998be255629a8bad7ec6e9") { + body + } +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998be255629a8bad7ec6e8" + } + ] +} +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "tmeasday", role: "editor", id: "59998be255629a8bad7ec6e8", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59998be255629a8bad7ec6e8") +} + +2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998be255629a8bad7ec6e8" + } + ] +} +2017-08-20 15:17:22 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59998be255629a8bad7ec6e8" + } + ] +} +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 15:17:22 removed user 59998be255629a8bad7ec6e8. +2017-08-20 15:17:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:17:22 -------------------------------------------------------------------------------- +2017-08-20 15:17:22 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59998be255629a8bad7ec6e8") { + username + bio + role + } +} + +2017-08-20 15:17:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 16:12:23 Logger started +2017-08-20 16:15:01 Logger started +2017-08-20 16:18:43 Logger started +2017-08-20 16:19:35 -------------------------------------------------------------------------------- +2017-08-20 16:19:35 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-08-20 16:19:35 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:19:35 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + role + username + } +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + role + username + } +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca2") { + role + username + } +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + id + username + bio + } +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users { + username + createdAt + } +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(limit: 1) { + username + createdAt + } +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993) { + username + createdAt + } +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers { + username + createdAt + } + } +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(limit: 1) { + username + createdAt + } + } +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following { + username + createdAt + } + } +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(limit: 1) { + username + createdAt + } + } +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets { + id + createdAt + } + } +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(limit: 1) { + id + createdAt + } + } +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } + } +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } + } +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked { + id + createdAt + } + } +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(limit: 1) { + id + createdAt + } + } +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334) { + id + createdAt + } + } +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334, limit: 1) { + id + createdAt + } + } +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + id + body + } +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + author { + username + } + } +} + +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets { + id + createdAt + } +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(limit: 1) { + id + createdAt + } +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers { + username + createdAt + } + } +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(limit: 1) { + username + createdAt + } + } +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993) { + username + createdAt + } + } +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } + } +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { + id + role + } +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-20 16:20:19 inserted user 59999aa37218399058b5442d. +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "tobkle", role: "admin", id: "59999aa37218399058b5442d", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 16:20:19 inserted user 59999aa37218399058b5442e. +2017-08-20 16:20:19 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "tobkle", role: "admin", id: "59999aa37218399058b5442d", +Operation: "", variables: "", +Query: +{ + user(id: "59999aa37218399058b5442e") { + username + bio + role + } +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "tobkle", role: "admin", id: "59999aa37218399058b5442d", +Operation: "", variables: "", +Query: +{ + user(id: "59999aa37218399058b5442d") { + username + role + } +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "tobkle", role: "admin", id: "59999aa37218399058b5442d", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59999aa37218399058b5442e", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 16:20:19 updated user 59999aa37218399058b5442e. +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "tobkle", role: "admin", id: "59999aa37218399058b5442d", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59999aa37218399058b5442d", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 16:20:19 updated user 59999aa37218399058b5442d. +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "tobkle", role: "admin", id: "59999aa37218399058b5442d", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59999aa37218399058b5442e", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 16:20:19 updated user 59999aa37218399058b5442e. +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "tobkle", role: "admin", id: "59999aa37218399058b5442d", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59999aa37218399058b5442d", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 16:20:19 updated user 59999aa37218399058b5442d. +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "tobkle", role: "editor", id: "59999aa37218399058b5442d", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59999aa37218399058b5442d", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59999aa37218399058b5442d" + } + ] +} +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-20 16:20:19 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59999aa37218399058b5442d" + } + ] +} +2017-08-20 16:20:19 updated user 59999aa37218399058b5442d. +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "zoltan", role: "admin", id: "59999aa37218399058b5442e", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59999aa37218399058b5442d", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'zoltan' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'zoltan' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize update 'updateUser' with user 'zoltan' and role 'admin' is authorized +2017-08-20 16:20:19 updated user 59999aa37218399058b5442d. +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "tobkle", role: "admin", id: "59999aa37218399058b5442d", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59999aa37218399058b5442e") +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 16:20:19 removed user 59999aa37218399058b5442e. +2017-08-20 16:20:19 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "tobkle", role: "admin", id: "59999aa37218399058b5442d", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59999aa37218399058b5442d", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-20 16:20:19 inserted tweet 59999aa37218399058b5442f. +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "tobkle", role: "admin", id: "59999aa37218399058b5442d", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-20 16:20:19 inserted tweet 59999aa37218399058b54430. +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "tobkle", role: "admin", id: "59999aa37218399058b5442d", +Operation: "", variables: "", +Query: +{ + tweet(id: "59999aa37218399058b5442f") { + author { + id + } + body + } +} + +2017-08-20 16:20:19 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "tobkle", role: "admin", id: "59999aa37218399058b5442d", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "tobkle", role: "admin", id: "59999aa37218399058b5442d", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59999aa37218399058b5442f", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-20 16:20:19 updated tweet 59999aa37218399058b5442f. +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "tobkle", role: "admin", id: "59999aa37218399058b5442d", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59999aa37218399058b54430", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-20 16:20:19 updated tweet 59999aa37218399058b54430. +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "tobkle", role: "admin", id: "59999aa37218399058b5442d", +Operation: "", variables: "", +Query: +{ + tweet(id: "59999aa37218399058b5442f") { + body + } +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "tobkle", role: "admin", id: "59999aa37218399058b5442d", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59999aa37218399058b5442f") +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-20 16:20:19 removed tweet 59999aa37218399058b5442f. +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "tobkle", role: "admin", id: "59999aa37218399058b5442d", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59999aa37218399058b54430") +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-20 16:20:19 removed tweet 59999aa37218399058b54430. +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "tobkle", role: "admin", id: "59999aa37218399058b5442d", +Operation: "", variables: "", +Query: +{ + tweet(id: "59999aa37218399058b5442f") { + body + } +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:19 Request: +User: "tobkle", role: "admin", id: "59999aa37218399058b5442d", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59999aa37218399058b5442d") +} + +2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-20 16:20:19 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-20 16:20:19 removed user 59999aa37218399058b5442d. +2017-08-20 16:20:19 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 16:20:19 -------------------------------------------------------------------------------- +2017-08-20 16:20:20 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59999aa37218399058b5442d") { + username + bio + role + } +} + +2017-08-20 16:20:19 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 16:20:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 16:20:20 -------------------------------------------------------------------------------- +2017-08-20 16:20:20 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-20 16:20:20 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-08-20 16:20:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 16:20:20 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-20 16:20:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 16:20:20 -------------------------------------------------------------------------------- +2017-08-20 16:20:20 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-20 16:20:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 16:20:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 16:20:20 -------------------------------------------------------------------------------- +2017-08-20 16:20:20 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. +2017-08-20 16:20:20 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 16:20:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 16:20:20 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. +2017-08-20 16:20:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 16:20:20 -------------------------------------------------------------------------------- +2017-08-20 16:20:20 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-20 16:20:20 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-20 16:20:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 16:20:20 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-20 16:20:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 16:20:20 -------------------------------------------------------------------------------- +2017-08-20 16:20:20 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-20 16:20:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 16:20:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 16:20:20 -------------------------------------------------------------------------------- +2017-08-20 16:20:20 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-20 16:20:20 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-20 16:20:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 16:20:20 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-20 16:20:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 16:20:20 -------------------------------------------------------------------------------- +2017-08-20 16:20:20 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-20 16:20:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 16:20:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 16:20:20 -------------------------------------------------------------------------------- +2017-08-20 16:20:20 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-20 16:20:20 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 16:20:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 16:20:20 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-20 16:20:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 16:20:20 -------------------------------------------------------------------------------- +2017-08-20 16:20:20 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-20 16:20:20 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 16:20:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 16:20:20 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-20 16:20:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 16:20:20 -------------------------------------------------------------------------------- +2017-08-20 16:20:20 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-20 16:20:20 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-20 16:20:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 16:20:20 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-20 16:20:20 -------------------------------------------------------------------------------- +2017-08-20 16:20:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { + id + role + } +} + +2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:20 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:20 inserted user 59999aa47218399058b54431. +2017-08-20 16:20:20 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-20 16:20:20 -------------------------------------------------------------------------------- +2017-08-20 16:20:20 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. +2017-08-20 16:20:20 Request: +User: "tobkle", role: "user", id: "59999aa47218399058b54431", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59999aa47218399058b54431" + } + ] +} +2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 16:20:20 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. +2017-08-20 16:20:20 -------------------------------------------------------------------------------- +2017-08-20 16:20:20 Request: +User: "tobkle", role: "user", id: "59999aa47218399058b54431", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59999aa47218399058b54431" + } + ] +} +2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 16:20:20 -------------------------------------------------------------------------------- +2017-08-20 16:20:20 Request: +User: "tobkle", role: "user", id: "59999aa47218399058b54431", +Operation: "", variables: "", +Query: +{ + user(id: "59999aa47218399058b54431") { + username + } +} + +2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59999aa47218399058b54431" + } + ] +} +2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 16:20:20 -------------------------------------------------------------------------------- +2017-08-20 16:20:20 Request: +User: "tobkle", role: "user", id: "59999aa47218399058b54431", +Operation: "", variables: "", +Query: +{ + user(id: "59999aa47218399058b54431") { + username + role + } +} + +2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59999aa47218399058b54431" + } + ] +} +2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 16:20:20 -------------------------------------------------------------------------------- +2017-08-20 16:20:20 Request: +User: "tobkle", role: "user", id: "59999aa47218399058b54431", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59999aa47218399058b54431" + } + ] +} +2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 16:20:20 ERROR update user not possible for 583291a1638566b3c5a92ca1. +2017-08-20 16:20:20 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59999aa47218399058b54431" + } + ] +} +2017-08-20 16:20:20 -------------------------------------------------------------------------------- +2017-08-20 16:20:20 Request: +User: "tobkle", role: "user", id: "59999aa47218399058b54431", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59999aa47218399058b54431", input: {username: "tobkle", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59999aa47218399058b54431" + } + ] +} +2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 16:20:20 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59999aa47218399058b54431" + } + ] +} +2017-08-20 16:20:20 updated user 59999aa47218399058b54431. +2017-08-20 16:20:20 -------------------------------------------------------------------------------- +2017-08-20 16:20:20 Request: +User: "tobkle", role: "user", id: "59999aa47218399058b54431", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59999aa47218399058b54431", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59999aa47218399058b54431" + } + ] +} +2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 16:20:20 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59999aa47218399058b54431" + } + ] +} +2017-08-20 16:20:20 updated user 59999aa47218399058b54431. +2017-08-20 16:20:20 -------------------------------------------------------------------------------- +2017-08-20 16:20:20 Request: +User: "tobkle", role: "user", id: "59999aa47218399058b54431", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59999aa47218399058b54431" + } + ] +} +2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 16:20:20 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59999aa47218399058b54431" + } + ] +} +2017-08-20 16:20:20 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-08-20 16:20:20 -------------------------------------------------------------------------------- +2017-08-20 16:20:20 Request: +User: "tobkle", role: "user", id: "59999aa47218399058b54431", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59999aa47218399058b54431", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59999aa47218399058b54431" + } + ] +} +2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 16:20:20 Authorize create 'createTweet' with user 'tobkle' and role: 'user' is authorized by docRole. +2017-08-20 16:20:20 inserted tweet 59999aa47218399058b54432. +2017-08-20 16:20:20 -------------------------------------------------------------------------------- +2017-08-20 16:20:20 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. +2017-08-20 16:20:20 Request: +User: "tobkle", role: "user", id: "59999aa47218399058b54431", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59999aa47218399058b54431" + } + ] +} +2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 16:20:20 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. +2017-08-20 16:20:20 -------------------------------------------------------------------------------- +2017-08-20 16:20:20 Request: +User: "tobkle", role: "user", id: "59999aa47218399058b54431", +Operation: "", variables: "", +Query: +{ + tweet(id: "59999aa47218399058b54432") { + author { + id + } + body + } +} + +2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59999aa47218399058b54431" + } + ] +} +2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 16:20:20 -------------------------------------------------------------------------------- +2017-08-20 16:20:20 Request: +User: "tobkle", role: "user", id: "59999aa47218399058b54431", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59999aa47218399058b54431" + } + ] +} +2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 16:20:20 -------------------------------------------------------------------------------- +2017-08-20 16:20:20 Request: +User: "tobkle", role: "user", id: "59999aa47218399058b54431", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59999aa47218399058b54432", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59999aa47218399058b54431" + } + ] +} +2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 16:20:20 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59999aa47218399058b54431" + }, + { + "coauthorsIds": "59999aa47218399058b54431" + } + ] +} +2017-08-20 16:20:20 updated tweet 59999aa47218399058b54432. +2017-08-20 16:20:20 -------------------------------------------------------------------------------- +2017-08-20 16:20:20 Request: +User: "tobkle", role: "user", id: "59999aa47218399058b54431", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59999aa47218399058b54431" + } + ] +} +2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 16:20:20 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59999aa47218399058b54431" + }, + { + "coauthorsIds": "59999aa47218399058b54431" + } + ] +} +2017-08-20 16:20:20 ERROR update tweet not possible for 583676d3618530145474e352. +2017-08-20 16:20:20 -------------------------------------------------------------------------------- +2017-08-20 16:20:20 Request: +User: "tobkle", role: "user", id: "59999aa47218399058b54431", +Operation: "", variables: "", +Query: +{ + tweet(id: "59999aa47218399058b54432") { + body + } +} + +2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59999aa47218399058b54431" + } + ] +} +2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 16:20:20 -------------------------------------------------------------------------------- +2017-08-20 16:20:20 Request: +User: "tobkle", role: "user", id: "59999aa47218399058b54431", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59999aa47218399058b54432") +} + +2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59999aa47218399058b54431" + } + ] +} +2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 16:20:20 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59999aa47218399058b54431" + } + ] +} +2017-08-20 16:20:20 removed tweet 59999aa47218399058b54432. +2017-08-20 16:20:20 -------------------------------------------------------------------------------- +2017-08-20 16:20:20 Request: +User: "tobkle", role: "user", id: "59999aa47218399058b54431", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59999aa47218399058b54431" + } + ] +} +2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 16:20:20 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59999aa47218399058b54431" + } + ] +} +2017-08-20 16:20:20 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-08-20 16:20:20 -------------------------------------------------------------------------------- +2017-08-20 16:20:20 Request: +User: "tobkle", role: "user", id: "59999aa47218399058b54431", +Operation: "", variables: "", +Query: +{ + tweet(id: "59999aa47218399058b54432") { + body + } +} + +2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59999aa47218399058b54431" + } + ] +} +2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 16:20:20 -------------------------------------------------------------------------------- +2017-08-20 16:20:20 Request: +User: "tobkle", role: "user", id: "59999aa47218399058b54431", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59999aa47218399058b54431") +} + +2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59999aa47218399058b54431" + } + ] +} +2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-20 16:20:20 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59999aa47218399058b54431" + } + ] +} +2017-08-20 16:20:20 removed user 59999aa47218399058b54431. +2017-08-20 16:20:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 16:20:20 -------------------------------------------------------------------------------- +2017-08-20 16:20:20 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59999aa47218399058b54431") { + username + bio + role + } +} + +2017-08-20 16:20:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 16:20:20 -------------------------------------------------------------------------------- +2017-08-20 16:20:20 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { + id + role + } +} + +2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:20 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-20 16:20:20 inserted user 59999aa47218399058b54433. +2017-08-20 16:20:20 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-20 16:20:20 -------------------------------------------------------------------------------- +2017-08-20 16:20:20 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. +2017-08-20 16:20:20 Request: +User: "tobkle", role: "editor", id: "59999aa47218399058b54433", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59999aa47218399058b54433" + } + ] +} +2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-20 16:20:20 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. +2017-08-20 16:20:20 -------------------------------------------------------------------------------- +2017-08-20 16:20:20 Request: +User: "tobkle", role: "editor", id: "59999aa47218399058b54433", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59999aa47218399058b54433" + } + ] +} +2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-20 16:20:20 -------------------------------------------------------------------------------- +2017-08-20 16:20:20 Request: +User: "tobkle", role: "editor", id: "59999aa47218399058b54433", +Operation: "", variables: "", +Query: +{ + user(id: "59999aa47218399058b54433") { + username + role + } +} + +2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59999aa47218399058b54433" + } + ] +} +2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-20 16:20:20 -------------------------------------------------------------------------------- +2017-08-20 16:20:20 Request: +User: "tobkle", role: "editor", id: "59999aa47218399058b54433", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59999aa47218399058b54433" + } + ] +} +2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-20 16:20:20 ERROR update user not possible for 583291a1638566b3c5a92ca1. +2017-08-20 16:20:20 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59999aa47218399058b54433" + } + ] +} +2017-08-20 16:20:20 -------------------------------------------------------------------------------- +2017-08-20 16:20:20 Request: +User: "tobkle", role: "editor", id: "59999aa47218399058b54433", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59999aa47218399058b54433", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59999aa47218399058b54433" + } + ] +} +2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-20 16:20:20 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59999aa47218399058b54433" + } + ] +} +2017-08-20 16:20:20 updated user 59999aa47218399058b54433. +2017-08-20 16:20:20 -------------------------------------------------------------------------------- +2017-08-20 16:20:20 Request: +User: "tmeasday", role: "editor", id: "59999aa47218399058b54433", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59999aa47218399058b54433", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59999aa47218399058b54433" + } + ] +} +2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 16:20:20 Authorize update 'updateUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59999aa47218399058b54433" + } + ] +} +2017-08-20 16:20:20 updated user 59999aa47218399058b54433. +2017-08-20 16:20:20 -------------------------------------------------------------------------------- +2017-08-20 16:20:20 Request: +User: "tmeasday", role: "editor", id: "59999aa47218399058b54433", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59999aa47218399058b54433" + } + ] +} +2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 16:20:20 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59999aa47218399058b54433" + } + ] +} +2017-08-20 16:20:20 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-08-20 16:20:20 -------------------------------------------------------------------------------- +2017-08-20 16:20:20 Request: +User: "tmeasday", role: "editor", id: "59999aa47218399058b54433", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59999aa47218399058b54433", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59999aa47218399058b54433" + } + ] +} +2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 16:20:20 Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is authorized by docRole. +2017-08-20 16:20:20 inserted tweet 59999aa47218399058b54434. +2017-08-20 16:20:20 -------------------------------------------------------------------------------- +2017-08-20 16:20:20 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. +2017-08-20 16:20:20 Request: +User: "tmeasday", role: "editor", id: "59999aa47218399058b54433", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59999aa47218399058b54433" + } + ] +} +2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 16:20:20 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. +2017-08-20 16:20:20 -------------------------------------------------------------------------------- +2017-08-20 16:20:20 Request: +User: "tmeasday", role: "editor", id: "59999aa47218399058b54433", +Operation: "", variables: "", +Query: +{ + tweet(id: "59999aa47218399058b54434") { + author { + id + } + body + } +} + +2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59999aa47218399058b54433" + } + ] +} +2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 16:20:20 -------------------------------------------------------------------------------- +2017-08-20 16:20:20 Request: +User: "tmeasday", role: "editor", id: "59999aa47218399058b54433", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59999aa47218399058b54433" + } + ] +} +2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 16:20:20 -------------------------------------------------------------------------------- +2017-08-20 16:20:20 Request: +User: "tmeasday", role: "editor", id: "59999aa47218399058b54433", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59999aa47218399058b54434", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59999aa47218399058b54433" + } + ] +} +2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 16:20:20 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59999aa47218399058b54433" + }, + { + "coauthorsIds": "59999aa47218399058b54433" + } + ] +} +2017-08-20 16:20:20 updated tweet 59999aa47218399058b54434. +2017-08-20 16:20:20 -------------------------------------------------------------------------------- +2017-08-20 16:20:20 Request: +User: "tmeasday", role: "editor", id: "59999aa47218399058b54433", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59999aa47218399058b54433" + } + ] +} +2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 16:20:20 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59999aa47218399058b54433" + }, + { + "coauthorsIds": "59999aa47218399058b54433" + } + ] +} +2017-08-20 16:20:20 ERROR update tweet not possible for 583676d3618530145474e352. +2017-08-20 16:20:20 -------------------------------------------------------------------------------- +2017-08-20 16:20:20 Request: +User: "tmeasday", role: "editor", id: "59999aa47218399058b54433", +Operation: "", variables: "", +Query: +{ + tweet(id: "59999aa47218399058b54434") { + body + } +} + +2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59999aa47218399058b54433" + } + ] +} +2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 16:20:20 -------------------------------------------------------------------------------- +2017-08-20 16:20:20 Request: +User: "tmeasday", role: "editor", id: "59999aa47218399058b54433", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59999aa47218399058b54434") +} + +2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59999aa47218399058b54433" + } + ] +} +2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 16:20:20 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59999aa47218399058b54433" + } + ] +} +2017-08-20 16:20:20 removed tweet 59999aa47218399058b54434. +2017-08-20 16:20:20 -------------------------------------------------------------------------------- +2017-08-20 16:20:20 Request: +User: "tmeasday", role: "editor", id: "59999aa47218399058b54433", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59999aa47218399058b54433" + } + ] +} +2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 16:20:20 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59999aa47218399058b54433" + } + ] +} +2017-08-20 16:20:20 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-08-20 16:20:20 -------------------------------------------------------------------------------- +2017-08-20 16:20:20 Request: +User: "tmeasday", role: "editor", id: "59999aa47218399058b54433", +Operation: "", variables: "", +Query: +{ + tweet(id: "59999aa47218399058b54434") { + body + } +} + +2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59999aa47218399058b54433" + } + ] +} +2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 16:20:20 -------------------------------------------------------------------------------- +2017-08-20 16:20:20 Request: +User: "tmeasday", role: "editor", id: "59999aa47218399058b54433", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59999aa47218399058b54433") +} + +2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59999aa47218399058b54433" + } + ] +} +2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-20 16:20:20 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59999aa47218399058b54433" + } + ] +} +2017-08-20 16:20:20 removed user 59999aa47218399058b54433. +2017-08-20 16:20:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 16:20:20 -------------------------------------------------------------------------------- +2017-08-20 16:20:20 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59999aa47218399058b54433") { + username + bio + role + } +} + +2017-08-20 16:20:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-20 16:22:28 Logger started +2017-08-20 16:23:16 Logger started +2017-08-20 16:23:27 Logger started diff --git a/test/output-app/model/Tweet.js b/test/output-app/model/Tweet.js index 20c751d..de08f5b 100644 --- a/test/output-app/model/Tweet.js +++ b/test/output-app/model/Tweet.js @@ -1,5 +1,5 @@ import DataLoader from 'dataloader'; -import { findByIds, queryForRoles, getLogFilename, logger, authlog, checkAuthDoc } from 'create-graphql-server-authorization'; +import { findByIds, queryForRoles, getLogFilename, logger, authlog, checkAuthDoc, protectFields } from 'create-graphql-server-authorization'; const log = logger(getLogFilename()); export default class Tweet { @@ -10,31 +10,24 @@ export default class Tweet { const that = this; try { const { me, User } = context; - const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User }, authlog('tweet findOneById', 'readOne', me)); + const authQuery = queryForRoles(me, ['admin','world'], ['authorId','coauthorsIds'], { User }, authlog('tweet findOneById', 'readOne', me)); that.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); } catch (err) { log.error(err.message); } } async findOneById(id, me, resolver) { try { + if (!this.authorizedLoader) return null; return await this.authorizedLoader.load(id); } catch (err) { log.error(err.message); } } find({ lastCreatedAt = 0, limit = 10, baseQuery = {} }, me, resolver) { try { - const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); - const finalQuery = {...baseQuery, ...authQuery, createdAt: { $gt: lastCreatedAt }}; + const authQuery = queryForRoles(me, ['admin','world'], ['authorId','coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); + const finalQuery = {...baseQuery, ...authQuery, createdAt: { $gt: lastCreatedAt } }; return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); - } catch (err){ log.error(err.message); } - } - - createdBy(tweet, me, resolver) { - return this.context.User.findOneById(tweet.createdById, me, resolver); - } - - updatedBy(tweet, me, resolver) { - return this.context.User.findOneById(tweet.updatedById, me, resolver); + } catch (err) { log.error(err.message); } } author(tweet, me, resolver) { @@ -42,68 +35,66 @@ export default class Tweet { } coauthors(tweet, { lastCreatedAt = 0, limit = 10 }, me, resolver) { - const baseQuery = {_id: { $in: tweet.coauthorsIds } }; + const baseQuery = { _id: { $in: tweet.coauthorsIds || [] } }; return this.context.User.find({ lastCreatedAt, limit, baseQuery }, me, resolver); } likers(tweet, { lastCreatedAt = 0, limit = 10 }, me, resolver) { - const baseQuery = {likedIds: tweet._id, createdAt: { $gt: lastCreatedAt } }; + const baseQuery = { likedIds: tweet._id }; return this.context.User.find({ lastCreatedAt, limit, baseQuery }, me, resolver); } + createdBy(tweet, me, resolver) { + return this.context.User.findOneById(tweet.createdById, me, resolver); + } + + updatedBy(tweet, me, resolver) { + return this.context.User.findOneById(tweet.updatedById, me, resolver); + } + async insert(doc, me, resolver) { try { - let docToInsert = Object.assign({}, doc, { - createdAt: Date.now(), - updatedAt: Date.now(), - createdById: (me && me._id) ? me._id : 'unknown', - updatedById: (me && me._id) ? me._id : 'unknown', + createdAt: Date.now(), + updatedAt: Date.now(), + createdById: (me && me._id) ? me._id : 'unknown', + updatedById: (me && me._id) ? me._id : 'unknown', }); - log.debug(JSON.stringify(docToInsert, null, 2)); - checkAuthDoc(docToInsert, me, ['admin'], ['authorId'], { User: this.context.User }, authlog(resolver, 'create', me)); const id = (await this.collection.insertOne(docToInsert)).insertedId; if (!id) { throw new Error(`insert tweet not possible.`); } - log.debug(`inserted tweet ${id}.`); const insertedDoc = this.findOneById(id, me, 'pubsub tweetInserted'); this.pubsub.publish('tweetInserted', insertedDoc); return insertedDoc; - - } catch (err){ log.error(err.message); } + } catch (err) { log.error(err.message); } } async updateById(id, doc, me, resolver) { try { - let docToUpdate = {$set: Object.assign({}, doc, { updatedAt: Date.now(), updatedById: (me && me._id) ? me._id : 'unknown', })}; - const baseQuery = {_id: id}; - const authQuery = queryForRoles(me, ['admin'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'update', me)); + const authQuery = queryForRoles(me, ['admin'], ['authorId','coauthorsIds'], { User: this.context.User }, authlog(resolver, 'update', me)); const finalQuery = {...baseQuery, ...authQuery}; const result = await this.collection.updateOne(finalQuery, docToUpdate); if (result.result.ok !== 1 || result.result.n !== 1){ throw new Error(`update tweet not possible for ${id}.`); } - log.debug(`updated tweet ${id}.`); this.authorizedLoader.clear(id); const updatedDoc = this.findOneById(id, me, 'pubsub tweetUpdated'); this.pubsub.publish('tweetUpdated', updatedDoc); return updatedDoc; - - } catch (err){ log.error(err.message); } + } catch (err) { log.error(err.message); } } async removeById(id, me, resolver) { try { - const baseQuery = {_id: id}; const authQuery = queryForRoles(me, ['admin'], ['authorId'], { User: this.context.User }, authlog(resolver, 'delete', me)); const finalQuery = {...baseQuery, ...authQuery}; @@ -111,12 +102,10 @@ export default class Tweet { if (result.result.ok !== 1 || result.result.n !== 1){ throw new Error(`remove tweet not possible for ${id}.`); } - log.debug(`removed tweet ${id}.`); this.authorizedLoader.clear(id); this.pubsub.publish('tweetRemoved', id); return result; - - } catch (err){ log.error(err.message); } + } catch (err) { log.error(err.message); } } } diff --git a/test/output-app/model/User.js b/test/output-app/model/User.js index 757b62e..b472e1a 100644 --- a/test/output-app/model/User.js +++ b/test/output-app/model/User.js @@ -22,35 +22,36 @@ export default class User { async findOneById(id, me, resolver) { try { + if (!this.authorizedLoader) return null; return await this.authorizedLoader.load(id); } catch (err) { log.error(err.message); } } - find({ lastCreatedAt = 0, limit = 10, baseQuery = { createdAt: { $gt: lastCreatedAt } } }, me, resolver) { + find({ lastCreatedAt = 0, limit = 10, baseQuery = {} }, me, resolver) { try { const authQuery = queryForRoles(me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'readMany', me)); - const finalQuery = {...baseQuery, ...authQuery}; + const finalQuery = {...baseQuery, ...authQuery, createdAt: { $gt: lastCreatedAt } }; return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); } catch (err) { log.error(err.message); } } tweets(user, { minLikes, lastCreatedAt = 0, limit = 10 }, me, resolver) { - const baseQuery = { authorId: user._id, createdAt: { $gt: lastCreatedAt } }; + const baseQuery = { authorId: user._id }; return this.context.Tweet.find({ lastCreatedAt, limit, baseQuery }, me, resolver); } liked(user, { lastCreatedAt = 0, limit = 10 }, me, resolver) { - const baseQuery = { _id: { $in: user.likedIds || [] }, createdAt: { $gt: lastCreatedAt } }; + const baseQuery = { _id: { $in: user.likedIds || [] } }; return this.context.Tweet.find({ lastCreatedAt, limit, baseQuery }, me, resolver); } following(user, { lastCreatedAt = 0, limit = 10 }, me, resolver) { - const baseQuery = { _id: { $in: user.followingIds || [] }, createdAt: { $gt: lastCreatedAt } }; + const baseQuery = { _id: { $in: user.followingIds || [] } }; return this.context.User.find({ lastCreatedAt, limit, baseQuery }, me, resolver); } followers(user, { lastCreatedAt = 0, limit = 10 }, me, resolver) { - const baseQuery = { followingIds: user._id, createdAt: { $gt: lastCreatedAt } }; + const baseQuery = { followingIds: user._id }; return this.context.User.find({ lastCreatedAt, limit, baseQuery }, me, resolver); } @@ -99,7 +100,7 @@ export default class User { } log.debug(`updated user ${id}.`); this.authorizedLoader.clear(id); - const updatedDoc = this.findOneById(id, me, 'pubsub userUpdated') + const updatedDoc = this.findOneById(id, me, 'pubsub userUpdated'); this.pubsub.publish('userUpdated', updatedDoc); return updatedDoc; } catch (err) { log.error(err.message); } diff --git a/test/output-app/package.json b/test/output-app/package.json index 596fe1c..92a1423 100644 --- a/test/output-app/package.json +++ b/test/output-app/package.json @@ -49,7 +49,6 @@ "graphql-tools": "^0.8.2", "jwt-simple": "^0.5.1", "lodash": "4.16.4", - "mongo-find-by-ids": "^1.0.0", "mongodb": "^2.2.11", "morgan": "^1.8.2", "nodeify": "^1.0.1", diff --git a/test/output-app/resolvers/Tweet.js b/test/output-app/resolvers/Tweet.js index b361041..76e29b0 100644 --- a/test/output-app/resolvers/Tweet.js +++ b/test/output-app/resolvers/Tweet.js @@ -4,10 +4,6 @@ const resolvers = { return tweet._id; }, - author(tweet, args, { Tweet, me }) { - return Tweet.author(tweet, me, 'tweet author'); - }, - createdBy(tweet, args, { Tweet, me }) { return Tweet.createdBy(tweet, me, 'tweet createdBy'); }, @@ -16,6 +12,10 @@ const resolvers = { return Tweet.updatedBy(tweet, me, 'tweet updatedBy'); }, + author(tweet, args, { Tweet, me }) { + return Tweet.author(tweet, me, 'tweet author'); + }, + coauthors(tweet, { lastCreatedAt, limit }, { Tweet, me }) { return Tweet.coauthors(tweet, { lastCreatedAt, limit }, me, 'tweet coauthors'); }, @@ -30,7 +30,7 @@ const resolvers = { }, tweet(root, { id }, { Tweet, me }) { - return Tweet.findOneById(id, me, 'tweet'); + return Tweet.findOneById(id, me, 'tweet'); }, }, Mutation: { diff --git a/test/output-app/resolvers/User.js b/test/output-app/resolvers/User.js index 72eedad..e6a7c8a 100644 --- a/test/output-app/resolvers/User.js +++ b/test/output-app/resolvers/User.js @@ -1,4 +1,4 @@ - const resolvers = { +const resolvers = { User: { id(user) { return user._id; diff --git a/test/output-app/schema/Tweet.graphql b/test/output-app/schema/Tweet.graphql index f2144c7..62a7b47 100644 --- a/test/output-app/schema/Tweet.graphql +++ b/test/output-app/schema/Tweet.graphql @@ -1,12 +1,12 @@ -type Tweet { +type Tweet @authorize(admin: ["create", "read", "update", "delete"], author: ["create", "read", "update", "delete"], coauthors: ["read", "update"], world: ["read"]) { id: ObjID! author: User - coauthors: [User] - body: String! - likers(lastCreatedAt: Float, limit: Int): [User!] + coauthors(lastCreatedAt: Float, limit: Int): [User] + body: String + likers(lastCreatedAt: Float, limit: Int): [User] createdAt: Float! - createdBy: User updatedAt: Float! + createdBy: User updatedBy: User } @@ -16,14 +16,16 @@ extend type Query { } input CreateTweetInput { - authorId: ObjID! - body: String! + authorId: ObjID coauthorsIds: [ObjID] + body: String + likersIds: [ObjID] } input UpdateTweetInput { - body: String coauthorsIds: [ObjID] + body: String + likersIds: [ObjID] } extend type Mutation { diff --git a/test/output-app/schema/User.graphql b/test/output-app/schema/User.graphql index c0d28a8..819db64 100644 --- a/test/output-app/schema/User.graphql +++ b/test/output-app/schema/User.graphql @@ -1,16 +1,16 @@ -type User { +type User @authorize(admin: ["create", "read", "update", "delete"], this: ["create", "read", "update", "delete"]) { id: ObjID! role: String username: String! bio: String notify: Boolean - tweets(minLikes: Int, lastCreatedAt: Float, limit: Int): [Tweet!] - liked(lastCreatedAt: Float, limit: Int): [Tweet!] - following(lastCreatedAt: Float, limit: Int): [User!] - followers(lastCreatedAt: Float, limit: Int): [User!] + tweets(minLikes: Int, lastCreatedAt: Float, limit: Int): [Tweet] + liked(lastCreatedAt: Float, limit: Int): [Tweet] + following(lastCreatedAt: Float, limit: Int): [User] + followers(lastCreatedAt: Float, limit: Int): [User] createdAt: Float! - createdBy: User updatedAt: Float! + createdBy: User updatedBy: User } @@ -20,17 +20,25 @@ extend type Query { } input CreateUserInput { + role: String username: String! - role: String! bio: String notify: Boolean + tweetsIds: [ObjID] + likedIds: [ObjID] + followingIds: [ObjID] + followersIds: [ObjID] } input UpdateUserInput { - username: String role: String + username: String! bio: String notify: Boolean + tweetsIds: [ObjID] + likedIds: [ObjID] + followingIds: [ObjID] + followersIds: [ObjID] } extend type Mutation { diff --git a/test/output-app/server/index.js b/test/output-app/server/index.js index 686e6f1..bf36cd8 100644 --- a/test/output-app/server/index.js +++ b/test/output-app/server/index.js @@ -8,6 +8,7 @@ import { MongoClient } from 'mongodb'; import cors from 'cors'; import passport from 'passport'; import morgan from 'morgan'; + import { getLogFilename, logger } from 'create-graphql-server-authorization'; import typeDefs from '../schema'; import resolvers from '../resolvers'; diff --git a/yarn.lock b/yarn.lock deleted file mode 100644 index 1e7e5d8..0000000 --- a/yarn.lock +++ /dev/null @@ -1,3144 +0,0 @@ -# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY. -# yarn lockfile v1 - - -abbrev@1: - version "1.0.9" - resolved "https://registry.yarnpkg.com/abbrev/-/abbrev-1.0.9.tgz#91b4792588a7738c25f35dd6f63752a2f8776135" - -acorn-jsx@^3.0.0, acorn-jsx@^3.0.1: - version "3.0.1" - resolved "https://registry.yarnpkg.com/acorn-jsx/-/acorn-jsx-3.0.1.tgz#afdf9488fb1ecefc8348f6fb22f464e32a58b36b" - dependencies: - acorn "^3.0.4" - -acorn@^3.0.4: - version "3.3.0" - resolved "https://registry.yarnpkg.com/acorn/-/acorn-3.3.0.tgz#45e37fb39e8da3f25baee3ff5369e2bb5f22017a" - -acorn@^5.0.1: - version "5.0.3" - resolved "https://registry.yarnpkg.com/acorn/-/acorn-5.0.3.tgz#c460df08491463f028ccb82eab3730bf01087b3d" - -ajv-keywords@^1.0.0: - version "1.1.1" - resolved "https://registry.yarnpkg.com/ajv-keywords/-/ajv-keywords-1.1.1.tgz#02550bc605a3e576041565628af972e06c549d50" - -ajv@^4.7.0: - version "4.8.2" - resolved "https://registry.yarnpkg.com/ajv/-/ajv-4.8.2.tgz#65486936ca36fea39a1504332a78bebd5d447bdc" - dependencies: - co "^4.6.0" - json-stable-stringify "^1.0.1" - -<<<<<<< HEAD -<<<<<<< HEAD -<<<<<<< HEAD -ansi-escapes@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/ansi-escapes/-/ansi-escapes-2.0.0.tgz#5bae52be424878dd9783e8910e3fc2922e83c81b" -======= -ajv@^4.9.1: - version "4.11.8" - resolved "https://registry.yarnpkg.com/ajv/-/ajv-4.11.8.tgz#82ffb02b29e662ae53bdc20af15947706739c536" - dependencies: - co "^4.6.0" - json-stable-stringify "^1.0.1" - -======= ->>>>>>> Revert "add-user and authorization prototype" -ansi-escapes@^1.1.0: - version "1.4.0" - resolved "https://registry.yarnpkg.com/ansi-escapes/-/ansi-escapes-1.4.0.tgz#d3a8a83b319aa67793662b13e761c7911422306e" ->>>>>>> add-user and authorization prototype -======= -ansi-escapes@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/ansi-escapes/-/ansi-escapes-2.0.0.tgz#5bae52be424878dd9783e8910e3fc2922e83c81b" ->>>>>>> origin/master - -ansi-regex@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/ansi-regex/-/ansi-regex-2.0.0.tgz#c5061b6e0ef8a81775e50f5d66151bf6bf371107" - -ansi-styles@^2.1.0, ansi-styles@^2.2.1: - version "2.2.1" - resolved "https://registry.yarnpkg.com/ansi-styles/-/ansi-styles-2.2.1.tgz#b432dd3358b634cf75e1e4664368240533c1ddbe" - -anymatch@^1.3.0: - version "1.3.0" - resolved "https://registry.yarnpkg.com/anymatch/-/anymatch-1.3.0.tgz#a3e52fa39168c825ff57b0248126ce5a8ff95507" - dependencies: - arrify "^1.0.0" - micromatch "^2.1.5" - -aproba@^1.0.3: - version "1.0.4" - resolved "https://registry.yarnpkg.com/aproba/-/aproba-1.0.4.tgz#2713680775e7614c8ba186c065d4e2e52d1072c0" - -are-we-there-yet@~1.1.2: - version "1.1.2" - resolved "https://registry.yarnpkg.com/are-we-there-yet/-/are-we-there-yet-1.1.2.tgz#80e470e95a084794fe1899262c5667c6e88de1b3" - dependencies: - delegates "^1.0.0" - readable-stream "^2.0.0 || ^1.1.13" - -argparse@^1.0.7: - version "1.0.9" - resolved "https://registry.yarnpkg.com/argparse/-/argparse-1.0.9.tgz#73d83bc263f86e97f8cc4f6bae1b0e90a7d22c86" - dependencies: - sprintf-js "~1.0.2" - -arr-diff@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/arr-diff/-/arr-diff-2.0.0.tgz#8f3b827f955a8bd669697e4a4256ac3ceae356cf" - dependencies: - arr-flatten "^1.0.1" - -arr-flatten@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/arr-flatten/-/arr-flatten-1.0.1.tgz#e5ffe54d45e19f32f216e91eb99c8ce892bb604b" - -array-find-index@^1.0.1: - version "1.0.2" - resolved "https://registry.yarnpkg.com/array-find-index/-/array-find-index-1.0.2.tgz#df010aa1287e164bbda6f9723b0a96a1ec4187a1" - -array-union@^1.0.1: - version "1.0.2" - resolved "https://registry.yarnpkg.com/array-union/-/array-union-1.0.2.tgz#9a34410e4f4e3da23dea375be5be70f24778ec39" - dependencies: - array-uniq "^1.0.1" - -array-uniq@^1.0.0, array-uniq@^1.0.1: - version "1.0.3" - resolved "https://registry.yarnpkg.com/array-uniq/-/array-uniq-1.0.3.tgz#af6ac877a25cc7f74e058894753858dfdb24fdb6" - -array-unique@^0.2.1: - version "0.2.1" - resolved "https://registry.yarnpkg.com/array-unique/-/array-unique-0.2.1.tgz#a1d97ccafcbc2625cc70fadceb36a50c58b01a53" - -arrify@^1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/arrify/-/arrify-1.0.1.tgz#898508da2226f380df904728456849c1501a4b0d" - -asn1@~0.2.3: - version "0.2.3" - resolved "https://registry.yarnpkg.com/asn1/-/asn1-0.2.3.tgz#dac8787713c9966849fc8180777ebe9c1ddf3b86" - -assert-plus@^0.2.0: - version "0.2.0" - resolved "https://registry.yarnpkg.com/assert-plus/-/assert-plus-0.2.0.tgz#d74e1b87e7affc0db8aadb7021f3fe48101ab234" - -assert-plus@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/assert-plus/-/assert-plus-1.0.0.tgz#f12e0f3c5d77b0b1cdd9146942e4e96c1e4dd525" - -assertion-error@^1.0.1: - version "1.0.2" - resolved "https://registry.yarnpkg.com/assertion-error/-/assertion-error-1.0.2.tgz#13ca515d86206da0bac66e834dd397d87581094c" - -ast-types@0.9.2: - version "0.9.2" - resolved "https://registry.yarnpkg.com/ast-types/-/ast-types-0.9.2.tgz#2cc19979d15c655108bf565323b8e7ee38751f6b" - -async-each@^1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/async-each/-/async-each-1.0.1.tgz#19d386a1d9edc6e7c1c85d388aedbcc56d33602d" - -asynckit@^0.4.0: - version "0.4.0" - resolved "https://registry.yarnpkg.com/asynckit/-/asynckit-0.4.0.tgz#c79ed97f7f34cb8f2ba1bc9790bcc366474b4b79" - -aws-sign2@~0.6.0: - version "0.6.0" - resolved "https://registry.yarnpkg.com/aws-sign2/-/aws-sign2-0.6.0.tgz#14342dd38dbcc94d0e5b87d763cd63612c0e794f" - -aws4@^1.2.1: - version "1.5.0" - resolved "https://registry.yarnpkg.com/aws4/-/aws4-1.5.0.tgz#0a29ffb79c31c9e712eeb087e8e7a64b4a56d755" - -babel-cli@6.16.0: - version "6.16.0" - resolved "https://registry.yarnpkg.com/babel-cli/-/babel-cli-6.16.0.tgz#4e0d1cf40442ef78330f7fef88eb3a0a1b16bd37" - dependencies: - babel-core "^6.16.0" - babel-polyfill "^6.16.0" - babel-register "^6.16.0" - babel-runtime "^6.9.0" - bin-version-check "^2.1.0" - chalk "1.1.1" - commander "^2.8.1" - convert-source-map "^1.1.0" - fs-readdir-recursive "^0.1.0" - glob "^5.0.5" - lodash "^4.2.0" - log-symbols "^1.0.2" - output-file-sync "^1.1.0" - path-exists "^1.0.0" - path-is-absolute "^1.0.0" - request "^2.65.0" - slash "^1.0.0" - source-map "^0.5.0" - v8flags "^2.0.10" - optionalDependencies: - chokidar "^1.0.0" - -babel-code-frame@^6.16.0: - version "6.16.0" - resolved "https://registry.yarnpkg.com/babel-code-frame/-/babel-code-frame-6.16.0.tgz#f90e60da0862909d3ce098733b5d3987c97cb8de" - dependencies: - chalk "^1.1.0" - esutils "^2.0.2" - js-tokens "^2.0.0" - -babel-code-frame@^6.22.0: - version "6.22.0" - resolved "https://registry.yarnpkg.com/babel-code-frame/-/babel-code-frame-6.22.0.tgz#027620bee567a88c32561574e7fd0801d33118e4" - dependencies: - chalk "^1.1.0" - esutils "^2.0.2" - js-tokens "^3.0.0" - -babel-core@6.17.0, babel-core@^6.16.0: - version "6.17.0" - resolved "https://registry.yarnpkg.com/babel-core/-/babel-core-6.17.0.tgz#6c4576447df479e241e58c807e4bc7da4db7f425" - dependencies: - babel-code-frame "^6.16.0" - babel-generator "^6.17.0" - babel-helpers "^6.16.0" - babel-messages "^6.8.0" - babel-register "^6.16.0" - babel-runtime "^6.9.1" - babel-template "^6.16.0" - babel-traverse "^6.16.0" - babel-types "^6.16.0" - babylon "^6.11.0" - convert-source-map "^1.1.0" - debug "^2.1.1" - json5 "^0.4.0" - lodash "^4.2.0" - minimatch "^3.0.2" - path-exists "^1.0.0" - path-is-absolute "^1.0.0" - private "^0.1.6" - shebang-regex "^1.0.0" - slash "^1.0.0" - source-map "^0.5.0" - -babel-eslint@^7.0.0: - version "7.2.3" - resolved "https://registry.yarnpkg.com/babel-eslint/-/babel-eslint-7.2.3.tgz#b2fe2d80126470f5c19442dc757253a897710827" - dependencies: - babel-code-frame "^6.22.0" - babel-traverse "^6.23.1" - babel-types "^6.23.0" - babylon "^6.17.0" - -babel-generator@^6.17.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-generator/-/babel-generator-6.18.0.tgz#e4f104cb3063996d9850556a45aae4a022060a07" - dependencies: - babel-messages "^6.8.0" - babel-runtime "^6.9.0" - babel-types "^6.18.0" - detect-indent "^4.0.0" - jsesc "^1.3.0" - lodash "^4.2.0" - source-map "^0.5.0" - -babel-helper-bindify-decorators@^6.18.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-bindify-decorators/-/babel-helper-bindify-decorators-6.18.0.tgz#fc00c573676a6e702fffa00019580892ec8780a5" - dependencies: - babel-runtime "^6.0.0" - babel-traverse "^6.18.0" - babel-types "^6.18.0" - -babel-helper-builder-binary-assignment-operator-visitor@^6.8.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-builder-binary-assignment-operator-visitor/-/babel-helper-builder-binary-assignment-operator-visitor-6.18.0.tgz#8ae814989f7a53682152e3401a04fabd0bb333a6" - dependencies: - babel-helper-explode-assignable-expression "^6.18.0" - babel-runtime "^6.0.0" - babel-types "^6.18.0" - -babel-helper-builder-react-jsx@^6.8.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-builder-react-jsx/-/babel-helper-builder-react-jsx-6.18.0.tgz#ab02f19a2eb7ace936dd87fa55896d02be59bf71" - dependencies: - babel-runtime "^6.9.0" - babel-types "^6.18.0" - esutils "^2.0.0" - lodash "^4.2.0" - -babel-helper-call-delegate@^6.18.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-call-delegate/-/babel-helper-call-delegate-6.18.0.tgz#05b14aafa430884b034097ef29e9f067ea4133bd" - dependencies: - babel-helper-hoist-variables "^6.18.0" - babel-runtime "^6.0.0" - babel-traverse "^6.18.0" - babel-types "^6.18.0" - -babel-helper-define-map@^6.18.0, babel-helper-define-map@^6.8.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-define-map/-/babel-helper-define-map-6.18.0.tgz#8d6c85dc7fbb4c19be3de40474d18e97c3676ec2" - dependencies: - babel-helper-function-name "^6.18.0" - babel-runtime "^6.9.0" - babel-types "^6.18.0" - lodash "^4.2.0" - -babel-helper-explode-assignable-expression@^6.18.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-explode-assignable-expression/-/babel-helper-explode-assignable-expression-6.18.0.tgz#14b8e8c2d03ad735d4b20f1840b24cd1f65239fe" - dependencies: - babel-runtime "^6.0.0" - babel-traverse "^6.18.0" - babel-types "^6.18.0" - -babel-helper-explode-class@^6.8.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-explode-class/-/babel-helper-explode-class-6.18.0.tgz#c44f76f4fa23b9c5d607cbac5d4115e7a76f62cb" - dependencies: - babel-helper-bindify-decorators "^6.18.0" - babel-runtime "^6.0.0" - babel-traverse "^6.18.0" - babel-types "^6.18.0" - -babel-helper-function-name@^6.18.0, babel-helper-function-name@^6.8.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-function-name/-/babel-helper-function-name-6.18.0.tgz#68ec71aeba1f3e28b2a6f0730190b754a9bf30e6" - dependencies: - babel-helper-get-function-arity "^6.18.0" - babel-runtime "^6.0.0" - babel-template "^6.8.0" - babel-traverse "^6.18.0" - babel-types "^6.18.0" - -babel-helper-get-function-arity@^6.18.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-get-function-arity/-/babel-helper-get-function-arity-6.18.0.tgz#a5b19695fd3f9cdfc328398b47dafcd7094f9f24" - dependencies: - babel-runtime "^6.0.0" - babel-types "^6.18.0" - -babel-helper-hoist-variables@^6.18.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-hoist-variables/-/babel-helper-hoist-variables-6.18.0.tgz#a835b5ab8b46d6de9babefae4d98ea41e866b82a" - dependencies: - babel-runtime "^6.0.0" - babel-types "^6.18.0" - -babel-helper-optimise-call-expression@^6.18.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-optimise-call-expression/-/babel-helper-optimise-call-expression-6.18.0.tgz#9261d0299ee1a4f08a6dd28b7b7c777348fd8f0f" - dependencies: - babel-runtime "^6.0.0" - babel-types "^6.18.0" - -babel-helper-regex@^6.8.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-regex/-/babel-helper-regex-6.18.0.tgz#ae0ebfd77de86cb2f1af258e2cc20b5fe893ecc6" - dependencies: - babel-runtime "^6.9.0" - babel-types "^6.18.0" - lodash "^4.2.0" - -babel-helper-remap-async-to-generator@^6.16.0, babel-helper-remap-async-to-generator@^6.16.2: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-remap-async-to-generator/-/babel-helper-remap-async-to-generator-6.18.0.tgz#336cdf3cab650bb191b02fc16a3708e7be7f9ce5" - dependencies: - babel-helper-function-name "^6.18.0" - babel-runtime "^6.0.0" - babel-template "^6.16.0" - babel-traverse "^6.18.0" - babel-types "^6.18.0" - -babel-helper-replace-supers@^6.18.0, babel-helper-replace-supers@^6.8.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-helper-replace-supers/-/babel-helper-replace-supers-6.18.0.tgz#28ec69877be4144dbd64f4cc3a337e89f29a924e" - dependencies: - babel-helper-optimise-call-expression "^6.18.0" - babel-messages "^6.8.0" - babel-runtime "^6.0.0" - babel-template "^6.16.0" - babel-traverse "^6.18.0" - babel-types "^6.18.0" - -babel-helpers@^6.16.0: - version "6.16.0" - resolved "https://registry.yarnpkg.com/babel-helpers/-/babel-helpers-6.16.0.tgz#1095ec10d99279460553e67eb3eee9973d3867e3" - dependencies: - babel-runtime "^6.0.0" - babel-template "^6.16.0" - -babel-messages@^6.23.0: - version "6.23.0" - resolved "https://registry.yarnpkg.com/babel-messages/-/babel-messages-6.23.0.tgz#f3cdf4703858035b2a2951c6ec5edf6c62f2630e" - dependencies: - babel-runtime "^6.22.0" - -babel-messages@^6.8.0: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-messages/-/babel-messages-6.8.0.tgz#bf504736ca967e6d65ef0adb5a2a5f947c8e0eb9" - dependencies: - babel-runtime "^6.0.0" - -babel-plugin-check-es2015-constants@^6.3.13: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-plugin-check-es2015-constants/-/babel-plugin-check-es2015-constants-6.8.0.tgz#dbf024c32ed37bfda8dee1e76da02386a8d26fe7" - dependencies: - babel-runtime "^6.0.0" - -babel-plugin-syntax-async-functions@^6.8.0: - version "6.13.0" - resolved "https://registry.yarnpkg.com/babel-plugin-syntax-async-functions/-/babel-plugin-syntax-async-functions-6.13.0.tgz#cad9cad1191b5ad634bf30ae0872391e0647be95" - -babel-plugin-syntax-async-generators@^6.5.0: - version "6.13.0" - resolved "https://registry.yarnpkg.com/babel-plugin-syntax-async-generators/-/babel-plugin-syntax-async-generators-6.13.0.tgz#6bc963ebb16eccbae6b92b596eb7f35c342a8b9a" - -babel-plugin-syntax-class-properties@^6.8.0: - version "6.13.0" - resolved "https://registry.yarnpkg.com/babel-plugin-syntax-class-properties/-/babel-plugin-syntax-class-properties-6.13.0.tgz#d7eb23b79a317f8543962c505b827c7d6cac27de" - -babel-plugin-syntax-decorators@^6.13.0: - version "6.13.0" - resolved "https://registry.yarnpkg.com/babel-plugin-syntax-decorators/-/babel-plugin-syntax-decorators-6.13.0.tgz#312563b4dbde3cc806cee3e416cceeaddd11ac0b" - -babel-plugin-syntax-exponentiation-operator@^6.8.0: - version "6.13.0" - resolved "https://registry.yarnpkg.com/babel-plugin-syntax-exponentiation-operator/-/babel-plugin-syntax-exponentiation-operator-6.13.0.tgz#9ee7e8337290da95288201a6a57f4170317830de" - -babel-plugin-syntax-flow@^6.18.0, babel-plugin-syntax-flow@^6.3.13: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-syntax-flow/-/babel-plugin-syntax-flow-6.18.0.tgz#4c3ab20a2af26aa20cd25995c398c4eb70310c8d" - -babel-plugin-syntax-jsx@^6.3.13, babel-plugin-syntax-jsx@^6.8.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-syntax-jsx/-/babel-plugin-syntax-jsx-6.18.0.tgz#0af32a9a6e13ca7a3fd5069e62d7b0f58d0d8946" - -babel-plugin-syntax-object-rest-spread@^6.8.0: - version "6.13.0" - resolved "https://registry.yarnpkg.com/babel-plugin-syntax-object-rest-spread/-/babel-plugin-syntax-object-rest-spread-6.13.0.tgz#fd6536f2bce13836ffa3a5458c4903a597bb3bf5" - -babel-plugin-syntax-trailing-function-commas@^6.3.13: - version "6.13.0" - resolved "https://registry.yarnpkg.com/babel-plugin-syntax-trailing-function-commas/-/babel-plugin-syntax-trailing-function-commas-6.13.0.tgz#2b84b7d53dd744f94ff1fad7669406274b23f541" - -babel-plugin-transform-async-generator-functions@^6.17.0: - version "6.17.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-async-generator-functions/-/babel-plugin-transform-async-generator-functions-6.17.0.tgz#d0b5a2b2f0940f2b245fa20a00519ed7bc6cae54" - dependencies: - babel-helper-remap-async-to-generator "^6.16.2" - babel-plugin-syntax-async-generators "^6.5.0" - babel-runtime "^6.0.0" - -babel-plugin-transform-async-to-generator@^6.16.0: - version "6.16.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-async-to-generator/-/babel-plugin-transform-async-to-generator-6.16.0.tgz#19ec36cb1486b59f9f468adfa42ce13908ca2999" - dependencies: - babel-helper-remap-async-to-generator "^6.16.0" - babel-plugin-syntax-async-functions "^6.8.0" - babel-runtime "^6.0.0" - -babel-plugin-transform-class-properties@^6.16.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-class-properties/-/babel-plugin-transform-class-properties-6.18.0.tgz#bc1266a39d4c8726e0bd7b15c56235177e6ede57" - dependencies: - babel-helper-function-name "^6.18.0" - babel-plugin-syntax-class-properties "^6.8.0" - babel-runtime "^6.9.1" - -babel-plugin-transform-decorators@^6.13.0: - version "6.13.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-decorators/-/babel-plugin-transform-decorators-6.13.0.tgz#82d65c1470ae83e2d13eebecb0a1c2476d62da9d" - dependencies: - babel-helper-define-map "^6.8.0" - babel-helper-explode-class "^6.8.0" - babel-plugin-syntax-decorators "^6.13.0" - babel-runtime "^6.0.0" - babel-template "^6.8.0" - babel-types "^6.13.0" - -babel-plugin-transform-es2015-arrow-functions@^6.3.13: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-arrow-functions/-/babel-plugin-transform-es2015-arrow-functions-6.8.0.tgz#5b63afc3181bdc9a8c4d481b5a4f3f7d7fef3d9d" - dependencies: - babel-runtime "^6.0.0" - -babel-plugin-transform-es2015-block-scoped-functions@^6.3.13: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-block-scoped-functions/-/babel-plugin-transform-es2015-block-scoped-functions-6.8.0.tgz#ed95d629c4b5a71ae29682b998f70d9833eb366d" - dependencies: - babel-runtime "^6.0.0" - -babel-plugin-transform-es2015-block-scoping@^6.14.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-block-scoping/-/babel-plugin-transform-es2015-block-scoping-6.18.0.tgz#3bfdcfec318d46df22525cdea88f1978813653af" - dependencies: - babel-runtime "^6.9.0" - babel-template "^6.15.0" - babel-traverse "^6.18.0" - babel-types "^6.18.0" - lodash "^4.2.0" - -babel-plugin-transform-es2015-classes@^6.14.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-classes/-/babel-plugin-transform-es2015-classes-6.18.0.tgz#ffe7a17321bf83e494dcda0ae3fc72df48ffd1d9" - dependencies: - babel-helper-define-map "^6.18.0" - babel-helper-function-name "^6.18.0" - babel-helper-optimise-call-expression "^6.18.0" - babel-helper-replace-supers "^6.18.0" - babel-messages "^6.8.0" - babel-runtime "^6.9.0" - babel-template "^6.14.0" - babel-traverse "^6.18.0" - babel-types "^6.18.0" - -babel-plugin-transform-es2015-computed-properties@^6.3.13: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-computed-properties/-/babel-plugin-transform-es2015-computed-properties-6.8.0.tgz#f51010fd61b3bd7b6b60a5fdfd307bb7a5279870" - dependencies: - babel-helper-define-map "^6.8.0" - babel-runtime "^6.0.0" - babel-template "^6.8.0" - -babel-plugin-transform-es2015-destructuring@^6.16.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-destructuring/-/babel-plugin-transform-es2015-destructuring-6.18.0.tgz#a08fb89415ab82058649558bedb7bf8dafa76ba5" - dependencies: - babel-runtime "^6.9.0" - -babel-plugin-transform-es2015-duplicate-keys@^6.6.0: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-duplicate-keys/-/babel-plugin-transform-es2015-duplicate-keys-6.8.0.tgz#fd8f7f7171fc108cc1c70c3164b9f15a81c25f7d" - dependencies: - babel-runtime "^6.0.0" - babel-types "^6.8.0" - -babel-plugin-transform-es2015-for-of@^6.6.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-for-of/-/babel-plugin-transform-es2015-for-of-6.18.0.tgz#4c517504db64bf8cfc119a6b8f177211f2028a70" - dependencies: - babel-runtime "^6.0.0" - -babel-plugin-transform-es2015-function-name@^6.9.0: - version "6.9.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-function-name/-/babel-plugin-transform-es2015-function-name-6.9.0.tgz#8c135b17dbd064e5bba56ec511baaee2fca82719" - dependencies: - babel-helper-function-name "^6.8.0" - babel-runtime "^6.9.0" - babel-types "^6.9.0" - -babel-plugin-transform-es2015-literals@^6.3.13: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-literals/-/babel-plugin-transform-es2015-literals-6.8.0.tgz#50aa2e5c7958fc2ab25d74ec117e0cc98f046468" - dependencies: - babel-runtime "^6.0.0" - -babel-plugin-transform-es2015-modules-amd@^6.18.0, babel-plugin-transform-es2015-modules-amd@^6.8.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-modules-amd/-/babel-plugin-transform-es2015-modules-amd-6.18.0.tgz#49a054cbb762bdf9ae2d8a807076cfade6141e40" - dependencies: - babel-plugin-transform-es2015-modules-commonjs "^6.18.0" - babel-runtime "^6.0.0" - babel-template "^6.8.0" - -babel-plugin-transform-es2015-modules-commonjs@^6.16.0, babel-plugin-transform-es2015-modules-commonjs@^6.18.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-modules-commonjs/-/babel-plugin-transform-es2015-modules-commonjs-6.18.0.tgz#c15ae5bb11b32a0abdcc98a5837baa4ee8d67bcc" - dependencies: - babel-plugin-transform-strict-mode "^6.18.0" - babel-runtime "^6.0.0" - babel-template "^6.16.0" - babel-types "^6.18.0" - -babel-plugin-transform-es2015-modules-systemjs@^6.14.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-modules-systemjs/-/babel-plugin-transform-es2015-modules-systemjs-6.18.0.tgz#f09294707163edae4d3b3e8bfacecd01d920b7ad" - dependencies: - babel-helper-hoist-variables "^6.18.0" - babel-runtime "^6.11.6" - babel-template "^6.14.0" - -babel-plugin-transform-es2015-modules-umd@^6.12.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-modules-umd/-/babel-plugin-transform-es2015-modules-umd-6.18.0.tgz#23351770ece5c1f8e83ed67cb1d7992884491e50" - dependencies: - babel-plugin-transform-es2015-modules-amd "^6.18.0" - babel-runtime "^6.0.0" - babel-template "^6.8.0" - -babel-plugin-transform-es2015-object-super@^6.3.13: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-object-super/-/babel-plugin-transform-es2015-object-super-6.8.0.tgz#1b858740a5a4400887c23dcff6f4d56eea4a24c5" - dependencies: - babel-helper-replace-supers "^6.8.0" - babel-runtime "^6.0.0" - -babel-plugin-transform-es2015-parameters@^6.16.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-parameters/-/babel-plugin-transform-es2015-parameters-6.18.0.tgz#9b2cfe238c549f1635ba27fc1daa858be70608b1" - dependencies: - babel-helper-call-delegate "^6.18.0" - babel-helper-get-function-arity "^6.18.0" - babel-runtime "^6.9.0" - babel-template "^6.16.0" - babel-traverse "^6.18.0" - babel-types "^6.18.0" - -babel-plugin-transform-es2015-shorthand-properties@^6.3.13: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-shorthand-properties/-/babel-plugin-transform-es2015-shorthand-properties-6.18.0.tgz#e2ede3b7df47bf980151926534d1dd0cbea58f43" - dependencies: - babel-runtime "^6.0.0" - babel-types "^6.18.0" - -babel-plugin-transform-es2015-spread@^6.3.13: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-spread/-/babel-plugin-transform-es2015-spread-6.8.0.tgz#0217f737e3b821fa5a669f187c6ed59205f05e9c" - dependencies: - babel-runtime "^6.0.0" - -babel-plugin-transform-es2015-sticky-regex@^6.3.13: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-sticky-regex/-/babel-plugin-transform-es2015-sticky-regex-6.8.0.tgz#e73d300a440a35d5c64f5c2a344dc236e3df47be" - dependencies: - babel-helper-regex "^6.8.0" - babel-runtime "^6.0.0" - babel-types "^6.8.0" - -babel-plugin-transform-es2015-template-literals@^6.6.0: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-template-literals/-/babel-plugin-transform-es2015-template-literals-6.8.0.tgz#86eb876d0a2c635da4ec048b4f7de9dfc897e66b" - dependencies: - babel-runtime "^6.0.0" - -babel-plugin-transform-es2015-typeof-symbol@^6.6.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-typeof-symbol/-/babel-plugin-transform-es2015-typeof-symbol-6.18.0.tgz#0b14c48629c90ff47a0650077f6aa699bee35798" - dependencies: - babel-runtime "^6.0.0" - -babel-plugin-transform-es2015-unicode-regex@^6.3.13: - version "6.11.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-unicode-regex/-/babel-plugin-transform-es2015-unicode-regex-6.11.0.tgz#6298ceabaad88d50a3f4f392d8de997260f6ef2c" - dependencies: - babel-helper-regex "^6.8.0" - babel-runtime "^6.0.0" - regexpu-core "^2.0.0" - -babel-plugin-transform-exponentiation-operator@^6.3.13: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-exponentiation-operator/-/babel-plugin-transform-exponentiation-operator-6.8.0.tgz#db25742e9339eade676ca9acec46f955599a68a4" - dependencies: - babel-helper-builder-binary-assignment-operator-visitor "^6.8.0" - babel-plugin-syntax-exponentiation-operator "^6.8.0" - babel-runtime "^6.0.0" - -babel-plugin-transform-flow-strip-types@^6.3.13: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-flow-strip-types/-/babel-plugin-transform-flow-strip-types-6.18.0.tgz#4d3e642158661e9b40db457c004a30817fa32592" - dependencies: - babel-plugin-syntax-flow "^6.18.0" - babel-runtime "^6.0.0" - -babel-plugin-transform-object-rest-spread@^6.16.0: - version "6.16.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-object-rest-spread/-/babel-plugin-transform-object-rest-spread-6.16.0.tgz#db441d56fffc1999052fdebe2e2f25ebd28e36a9" - dependencies: - babel-plugin-syntax-object-rest-spread "^6.8.0" - babel-runtime "^6.0.0" - -babel-plugin-transform-react-display-name@^6.3.13: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-react-display-name/-/babel-plugin-transform-react-display-name-6.8.0.tgz#f7a084977383d728bdbdc2835bba0159577f660e" - dependencies: - babel-runtime "^6.0.0" - -babel-plugin-transform-react-jsx-self@^6.11.0: - version "6.11.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-react-jsx-self/-/babel-plugin-transform-react-jsx-self-6.11.0.tgz#605c9450c1429f97a930f7e1dfe3f0d9d0dbd0f4" - dependencies: - babel-plugin-syntax-jsx "^6.8.0" - babel-runtime "^6.9.0" - -babel-plugin-transform-react-jsx-source@^6.3.13: - version "6.9.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-react-jsx-source/-/babel-plugin-transform-react-jsx-source-6.9.0.tgz#af684a05c2067a86e0957d4f343295ccf5dccf00" - dependencies: - babel-plugin-syntax-jsx "^6.8.0" - babel-runtime "^6.9.0" - -babel-plugin-transform-react-jsx@^6.3.13: - version "6.8.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-react-jsx/-/babel-plugin-transform-react-jsx-6.8.0.tgz#94759942f70af18c617189aa7f3593f1644a71ab" - dependencies: - babel-helper-builder-react-jsx "^6.8.0" - babel-plugin-syntax-jsx "^6.8.0" - babel-runtime "^6.0.0" - -babel-plugin-transform-regenerator@^6.16.0: - version "6.16.1" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-regenerator/-/babel-plugin-transform-regenerator-6.16.1.tgz#a75de6b048a14154aae14b0122756c5bed392f59" - dependencies: - babel-runtime "^6.9.0" - babel-types "^6.16.0" - private "~0.1.5" - -babel-plugin-transform-strict-mode@^6.18.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-plugin-transform-strict-mode/-/babel-plugin-transform-strict-mode-6.18.0.tgz#df7cf2991fe046f44163dcd110d5ca43bc652b9d" - dependencies: - babel-runtime "^6.0.0" - babel-types "^6.18.0" - -babel-polyfill@^6.16.0: - version "6.16.0" - resolved "https://registry.yarnpkg.com/babel-polyfill/-/babel-polyfill-6.16.0.tgz#2d45021df87e26a374b6d4d1a9c65964d17f2422" - dependencies: - babel-runtime "^6.9.1" - core-js "^2.4.0" - regenerator-runtime "^0.9.5" - -babel-preset-es2015@6.16.0: - version "6.16.0" - resolved "https://registry.yarnpkg.com/babel-preset-es2015/-/babel-preset-es2015-6.16.0.tgz#59acecd1efbebaf48f89404840f2fe78c4d2ad5c" - dependencies: - babel-plugin-check-es2015-constants "^6.3.13" - babel-plugin-transform-es2015-arrow-functions "^6.3.13" - babel-plugin-transform-es2015-block-scoped-functions "^6.3.13" - babel-plugin-transform-es2015-block-scoping "^6.14.0" - babel-plugin-transform-es2015-classes "^6.14.0" - babel-plugin-transform-es2015-computed-properties "^6.3.13" - babel-plugin-transform-es2015-destructuring "^6.16.0" - babel-plugin-transform-es2015-duplicate-keys "^6.6.0" - babel-plugin-transform-es2015-for-of "^6.6.0" - babel-plugin-transform-es2015-function-name "^6.9.0" - babel-plugin-transform-es2015-literals "^6.3.13" - babel-plugin-transform-es2015-modules-amd "^6.8.0" - babel-plugin-transform-es2015-modules-commonjs "^6.16.0" - babel-plugin-transform-es2015-modules-systemjs "^6.14.0" - babel-plugin-transform-es2015-modules-umd "^6.12.0" - babel-plugin-transform-es2015-object-super "^6.3.13" - babel-plugin-transform-es2015-parameters "^6.16.0" - babel-plugin-transform-es2015-shorthand-properties "^6.3.13" - babel-plugin-transform-es2015-spread "^6.3.13" - babel-plugin-transform-es2015-sticky-regex "^6.3.13" - babel-plugin-transform-es2015-template-literals "^6.6.0" - babel-plugin-transform-es2015-typeof-symbol "^6.6.0" - babel-plugin-transform-es2015-unicode-regex "^6.3.13" - babel-plugin-transform-regenerator "^6.16.0" - -babel-preset-react@6.16.0: - version "6.16.0" - resolved "https://registry.yarnpkg.com/babel-preset-react/-/babel-preset-react-6.16.0.tgz#aa117d60de0928607e343c4828906e4661824316" - dependencies: - babel-plugin-syntax-flow "^6.3.13" - babel-plugin-syntax-jsx "^6.3.13" - babel-plugin-transform-flow-strip-types "^6.3.13" - babel-plugin-transform-react-display-name "^6.3.13" - babel-plugin-transform-react-jsx "^6.3.13" - babel-plugin-transform-react-jsx-self "^6.11.0" - babel-plugin-transform-react-jsx-source "^6.3.13" - -babel-preset-stage-2@6.17.0: - version "6.17.0" - resolved "https://registry.yarnpkg.com/babel-preset-stage-2/-/babel-preset-stage-2-6.17.0.tgz#dc4f84582781353cef36c41247eae5e36c4cae0d" - dependencies: - babel-plugin-transform-class-properties "^6.16.0" - babel-plugin-transform-decorators "^6.13.0" - babel-preset-stage-3 "^6.17.0" - -babel-preset-stage-3@^6.17.0: - version "6.17.0" - resolved "https://registry.yarnpkg.com/babel-preset-stage-3/-/babel-preset-stage-3-6.17.0.tgz#b6638e46db6e91e3f889013d8ce143917c685e39" - dependencies: - babel-plugin-syntax-trailing-function-commas "^6.3.13" - babel-plugin-transform-async-generator-functions "^6.17.0" - babel-plugin-transform-async-to-generator "^6.16.0" - babel-plugin-transform-exponentiation-operator "^6.3.13" - babel-plugin-transform-object-rest-spread "^6.16.0" - -babel-register@6.16.3, babel-register@^6.16.0: - version "6.16.3" - resolved "https://registry.yarnpkg.com/babel-register/-/babel-register-6.16.3.tgz#7b0c0ca7bfdeb9188ba4c27e5fcb7599a497c624" - dependencies: - babel-core "^6.16.0" - babel-runtime "^6.11.6" - core-js "^2.4.0" - home-or-tmp "^1.0.0" - lodash "^4.2.0" - mkdirp "^0.5.1" - path-exists "^1.0.0" - source-map-support "^0.4.2" - -babel-runtime@^6.0.0, babel-runtime@^6.11.6, babel-runtime@^6.9.0, babel-runtime@^6.9.1: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-runtime/-/babel-runtime-6.18.0.tgz#0f4177ffd98492ef13b9f823e9994a02584c9078" - dependencies: - core-js "^2.4.0" - regenerator-runtime "^0.9.5" - -babel-runtime@^6.22.0: - version "6.23.0" - resolved "https://registry.yarnpkg.com/babel-runtime/-/babel-runtime-6.23.0.tgz#0a9489f144de70efb3ce4300accdb329e2fc543b" - dependencies: - core-js "^2.4.0" - regenerator-runtime "^0.10.0" - -babel-template@^6.14.0, babel-template@^6.15.0, babel-template@^6.16.0, babel-template@^6.8.0: - version "6.16.0" - resolved "https://registry.yarnpkg.com/babel-template/-/babel-template-6.16.0.tgz#e149dd1a9f03a35f817ddbc4d0481988e7ebc8ca" - dependencies: - babel-runtime "^6.9.0" - babel-traverse "^6.16.0" - babel-types "^6.16.0" - babylon "^6.11.0" - lodash "^4.2.0" - -babel-traverse@^6.16.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-traverse/-/babel-traverse-6.18.0.tgz#5aeaa980baed2a07c8c47329cd90c3b90c80f05e" - dependencies: - babel-code-frame "^6.16.0" - babel-messages "^6.8.0" - babel-runtime "^6.9.0" - babel-types "^6.18.0" - babylon "^6.11.0" - debug "^2.2.0" - globals "^9.0.0" - invariant "^2.2.0" - lodash "^4.2.0" - -babel-traverse@^6.18.0, babel-traverse@^6.23.1: - version "6.24.1" - resolved "https://registry.yarnpkg.com/babel-traverse/-/babel-traverse-6.24.1.tgz#ab36673fd356f9a0948659e7b338d5feadb31695" - dependencies: - babel-code-frame "^6.22.0" - babel-messages "^6.23.0" - babel-runtime "^6.22.0" - babel-types "^6.24.1" - babylon "^6.15.0" - debug "^2.2.0" - globals "^9.0.0" - invariant "^2.2.0" - lodash "^4.2.0" - -babel-types@^6.13.0, babel-types@^6.18.0, babel-types@^6.23.0, babel-types@^6.24.1, babel-types@^6.8.0, babel-types@^6.9.0: - version "6.24.1" - resolved "https://registry.yarnpkg.com/babel-types/-/babel-types-6.24.1.tgz#a136879dc15b3606bda0d90c1fc74304c2ff0975" - dependencies: - babel-runtime "^6.22.0" - esutils "^2.0.2" - lodash "^4.2.0" - to-fast-properties "^1.0.1" - -babel-types@^6.16.0: - version "6.18.0" - resolved "https://registry.yarnpkg.com/babel-types/-/babel-types-6.18.0.tgz#1f7d5a73474c59eb9151b2417bbff4e4fce7c3f8" - dependencies: - babel-runtime "^6.9.1" - esutils "^2.0.2" - lodash "^4.2.0" - to-fast-properties "^1.0.1" - -babylon, babylon@^6.11.0: - version "6.14.1" - resolved "https://registry.yarnpkg.com/babylon/-/babylon-6.14.1.tgz#956275fab72753ad9b3435d7afe58f8bf0a29815" - -<<<<<<< HEAD -<<<<<<< HEAD -babylon@^6.15.0, babylon@^6.17.0: -<<<<<<< HEAD - version "6.17.1" - resolved "https://registry.yarnpkg.com/babylon/-/babylon-6.17.1.tgz#17f14fddf361b695981fe679385e4f1c01ebd86f" -======= - version "6.17.0" - resolved "https://registry.yarnpkg.com/babylon/-/babylon-6.17.0.tgz#37da948878488b9c4e3c4038893fa3314b3fc932" ->>>>>>> add-user and authorization prototype - -======= ->>>>>>> Revert "add-user and authorization prototype" -======= -babylon@^6.15.0, babylon@^6.17.0: - version "6.17.1" - resolved "https://registry.yarnpkg.com/babylon/-/babylon-6.17.1.tgz#17f14fddf361b695981fe679385e4f1c01ebd86f" - ->>>>>>> origin/master -balanced-match@^0.4.1: - version "0.4.2" - resolved "https://registry.yarnpkg.com/balanced-match/-/balanced-match-0.4.2.tgz#cb3f3e3c732dc0f01ee70b403f302e61d7709838" - -balanced-match@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/balanced-match/-/balanced-match-1.0.0.tgz#89b4d199ab2bee49de164ea02b89ce462d71b767" - -bcrypt-pbkdf@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.0.tgz#3ca76b85241c7170bf7d9703e7b9aa74630040d4" - dependencies: - tweetnacl "^0.14.3" - -bin-version-check@^2.1.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/bin-version-check/-/bin-version-check-2.1.0.tgz#e4e5df290b9069f7d111324031efc13fdd11a5b0" - dependencies: - bin-version "^1.0.0" - minimist "^1.1.0" - semver "^4.0.3" - semver-truncate "^1.0.0" - -bin-version@^1.0.0: - version "1.0.4" - resolved "https://registry.yarnpkg.com/bin-version/-/bin-version-1.0.4.tgz#9eb498ee6fd76f7ab9a7c160436f89579435d78e" - dependencies: - find-versions "^1.0.0" - -binary-extensions@^1.0.0: - version "1.7.0" - resolved "https://registry.yarnpkg.com/binary-extensions/-/binary-extensions-1.7.0.tgz#6c1610db163abfb34edfe42fa423343a1e01185d" - -block-stream@*: - version "0.0.9" - resolved "https://registry.yarnpkg.com/block-stream/-/block-stream-0.0.9.tgz#13ebfe778a03205cfe03751481ebb4b3300c126a" - dependencies: - inherits "~2.0.0" - -boom@2.x.x: - version "2.10.1" - resolved "https://registry.yarnpkg.com/boom/-/boom-2.10.1.tgz#39c8918ceff5799f83f9492a848f625add0c766f" - dependencies: - hoek "2.x.x" - -brace-expansion@^1.0.0: - version "1.1.6" - resolved "https://registry.yarnpkg.com/brace-expansion/-/brace-expansion-1.1.6.tgz#7197d7eaa9b87e648390ea61fc66c84427420df9" - dependencies: - balanced-match "^0.4.1" - concat-map "0.0.1" - -brace-expansion@^1.1.7: - version "1.1.8" - resolved "https://registry.yarnpkg.com/brace-expansion/-/brace-expansion-1.1.8.tgz#c07b211c7c952ec1f8efd51a77ef0d1d3990a292" - dependencies: - balanced-match "^1.0.0" - concat-map "0.0.1" - -braces@^1.8.2: - version "1.8.5" - resolved "https://registry.yarnpkg.com/braces/-/braces-1.8.5.tgz#ba77962e12dff969d6b76711e914b737857bf6a7" - dependencies: - expand-range "^1.8.1" - preserve "^0.2.0" - repeat-element "^1.1.2" - -browser-stdout@1.3.0: - version "1.3.0" - resolved "https://registry.yarnpkg.com/browser-stdout/-/browser-stdout-1.3.0.tgz#f351d32969d32fa5d7a5567154263d928ae3bd1f" - -buffer-shims@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/buffer-shims/-/buffer-shims-1.0.0.tgz#9978ce317388c649ad8793028c3477ef044a8b51" - -builtin-modules@^1.0.0, builtin-modules@^1.1.1: - version "1.1.1" - resolved "https://registry.yarnpkg.com/builtin-modules/-/builtin-modules-1.1.1.tgz#270f076c5a72c02f5b65a47df94c5fe3a278892f" - -caller-path@^0.1.0: - version "0.1.0" - resolved "https://registry.yarnpkg.com/caller-path/-/caller-path-0.1.0.tgz#94085ef63581ecd3daa92444a8fe94e82577751f" - dependencies: - callsites "^0.2.0" - -callsites@^0.2.0: - version "0.2.0" - resolved "https://registry.yarnpkg.com/callsites/-/callsites-0.2.0.tgz#afab96262910a7f33c19a5775825c69f34e350ca" - -camelcase-keys@^2.0.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/camelcase-keys/-/camelcase-keys-2.1.0.tgz#308beeaffdf28119051efa1d932213c91b8f92e7" - dependencies: - camelcase "^2.0.0" - map-obj "^1.0.0" - -camelcase@^2.0.0: - version "2.1.1" - resolved "https://registry.yarnpkg.com/camelcase/-/camelcase-2.1.1.tgz#7c1d16d679a1bbe59ca02cacecfb011e201f5a1f" - -caseless@~0.11.0: - version "0.11.0" - resolved "https://registry.yarnpkg.com/caseless/-/caseless-0.11.0.tgz#715b96ea9841593cc33067923f5ec60ebda4f7d7" - -chai: - version "3.5.0" - resolved "https://registry.yarnpkg.com/chai/-/chai-3.5.0.tgz#4d02637b067fe958bdbfdd3a40ec56fef7373247" - dependencies: - assertion-error "^1.0.1" - deep-eql "^0.1.3" - type-detect "^1.0.0" - -chai-diff: - version "1.0.1" - resolved "https://registry.yarnpkg.com/chai-diff/-/chai-diff-1.0.1.tgz#6c66894700d80cd90350ab4e4403625d4f53a1c1" - dependencies: - diff "^2.2.1" - -chalk@1.1.1: - version "1.1.1" - resolved "https://registry.yarnpkg.com/chalk/-/chalk-1.1.1.tgz#509afb67066e7499f7eb3535c77445772ae2d019" - dependencies: - ansi-styles "^2.1.0" - escape-string-regexp "^1.0.2" - has-ansi "^2.0.0" - strip-ansi "^3.0.0" - supports-color "^2.0.0" - -chalk@^1.0.0, chalk@^1.1.0, chalk@^1.1.1, chalk@^1.1.3: - version "1.1.3" - resolved "https://registry.yarnpkg.com/chalk/-/chalk-1.1.3.tgz#a8115c55e4a702fe4d150abd3872822a7e09fc98" - dependencies: - ansi-styles "^2.2.1" - escape-string-regexp "^1.0.2" - has-ansi "^2.0.0" - strip-ansi "^3.0.0" - supports-color "^2.0.0" - -charenc@~0.0.1: - version "0.0.2" - resolved "https://registry.yarnpkg.com/charenc/-/charenc-0.0.2.tgz#c0a1d2f3a7092e03774bfa83f14c0fc5790a8667" - -chokidar@^1.0.0: - version "1.6.1" - resolved "https://registry.yarnpkg.com/chokidar/-/chokidar-1.6.1.tgz#2f4447ab5e96e50fb3d789fd90d4c72e0e4c70c2" - dependencies: - anymatch "^1.3.0" - async-each "^1.0.0" - glob-parent "^2.0.0" - inherits "^2.0.1" - is-binary-path "^1.0.0" - is-glob "^2.0.0" - path-is-absolute "^1.0.0" - readdirp "^2.0.0" - optionalDependencies: - fsevents "^1.0.0" - -circular-json@^0.3.0: - version "0.3.1" - resolved "https://registry.yarnpkg.com/circular-json/-/circular-json-0.3.1.tgz#be8b36aefccde8b3ca7aa2d6afc07a37242c0d2d" - -cli-cursor@^2.1.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/cli-cursor/-/cli-cursor-2.1.0.tgz#b35dac376479facc3e94747d41d0d0f5238ffcb5" - dependencies: - restore-cursor "^2.0.0" - -cli-width@^2.0.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/cli-width/-/cli-width-2.1.0.tgz#b234ca209b29ef66fc518d9b98d5847b00edf00a" - -co@^4.6.0: - version "4.6.0" - resolved "https://registry.yarnpkg.com/co/-/co-4.6.0.tgz#6ea6bdf3d853ae54ccb8e47bfa0bf3f9031fb184" - -code-point-at@^1.0.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/code-point-at/-/code-point-at-1.1.0.tgz#0d070b4d043a5bea33a2f1a40e2edb3d9a4ccf77" - -combined-stream@^1.0.5, combined-stream@~1.0.5: - version "1.0.5" - resolved "https://registry.yarnpkg.com/combined-stream/-/combined-stream-1.0.5.tgz#938370a57b4a51dea2c77c15d5c5fdf895164009" - dependencies: - delayed-stream "~1.0.0" - -commander@2.9.0, commander@^2.8.1, commander@^2.9.0: - version "2.9.0" - resolved "https://registry.yarnpkg.com/commander/-/commander-2.9.0.tgz#9c99094176e12240cb22d6c5146098400fe0f7d4" - dependencies: - graceful-readlink ">= 1.0.0" - -concat-map@0.0.1: - version "0.0.1" - resolved "https://registry.yarnpkg.com/concat-map/-/concat-map-0.0.1.tgz#d8a96bd77fd68df7793a73036a3ba0d5405d477b" - -concat-stream@^1.6.0: - version "1.6.0" - resolved "https://registry.yarnpkg.com/concat-stream/-/concat-stream-1.6.0.tgz#0aac662fd52be78964d5532f694784e70110acf7" - dependencies: - inherits "^2.0.3" - readable-stream "^2.2.2" - typedarray "^0.0.6" - -console-control-strings@^1.0.0, console-control-strings@~1.1.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/console-control-strings/-/console-control-strings-1.1.0.tgz#3d7cf4464db6446ea644bf4b39507f9851008e8e" - -contains-path@^0.1.0: - version "0.1.0" - resolved "https://registry.yarnpkg.com/contains-path/-/contains-path-0.1.0.tgz#fe8cf184ff6670b6baef01a9d4861a5cbec4120a" - -convert-source-map@^1.1.0: - version "1.3.0" - resolved "https://registry.yarnpkg.com/convert-source-map/-/convert-source-map-1.3.0.tgz#e9f3e9c6e2728efc2676696a70eb382f73106a67" - -core-js@^2.4.0: - version "2.4.1" - resolved "https://registry.yarnpkg.com/core-js/-/core-js-2.4.1.tgz#4de911e667b0eae9124e34254b53aea6fc618d3e" - -core-util-is@~1.0.0: - version "1.0.2" - resolved "https://registry.yarnpkg.com/core-util-is/-/core-util-is-1.0.2.tgz#b5fd54220aa2bc5ab57aab7140c940754503c1a7" - -cpr: - version "2.0.0" - resolved "https://registry.yarnpkg.com/cpr/-/cpr-2.0.0.tgz#c2a447c9516c37ebb647caa2616beefa2ee67011" - dependencies: - graceful-fs "^4.1.5" - minimist "^1.2.0" - mkdirp "~0.5.1" - rimraf "^2.5.4" - -crypt@~0.0.1: - version "0.0.2" - resolved "https://registry.yarnpkg.com/crypt/-/crypt-0.0.2.tgz#88d7ff7ec0dfb86f713dc87bbb42d044d3e6c41b" - -cryptiles@2.x.x: - version "2.0.5" - resolved "https://registry.yarnpkg.com/cryptiles/-/cryptiles-2.0.5.tgz#3bdfecdc608147c1c67202fa291e7dca59eaa3b8" - dependencies: - boom "2.x.x" - -currently-unhandled@^0.4.1: - version "0.4.1" - resolved "https://registry.yarnpkg.com/currently-unhandled/-/currently-unhandled-0.4.1.tgz#988df33feab191ef799a61369dd76c17adf957ea" - dependencies: - array-find-index "^1.0.1" - -d@^0.1.1, d@~0.1.1: - version "0.1.1" - resolved "https://registry.yarnpkg.com/d/-/d-0.1.1.tgz#da184c535d18d8ee7ba2aa229b914009fae11309" - dependencies: - es5-ext "~0.10.2" - -damerau-levenshtein@^1.0.0: - version "1.0.3" - resolved "https://registry.yarnpkg.com/damerau-levenshtein/-/damerau-levenshtein-1.0.3.tgz#ae4f4ce0b62acae10ff63a01bb08f652f5213af2" - -dashdash@^1.12.0: - version "1.14.0" - resolved "https://registry.yarnpkg.com/dashdash/-/dashdash-1.14.0.tgz#29e486c5418bf0f356034a993d51686a33e84141" - dependencies: - assert-plus "^1.0.0" - -debug@2.2.0, debug@~2.2.0: - version "2.2.0" - resolved "https://registry.yarnpkg.com/debug/-/debug-2.2.0.tgz#f87057e995b1a1f6ae6a4960664137bc56f039da" - dependencies: - ms "0.7.1" - -debug@^2.1.1: - version "2.3.2" - resolved "https://registry.yarnpkg.com/debug/-/debug-2.3.2.tgz#94cb466ef7d6d2c7e5245cdd6e4104f2d0d70d30" - dependencies: - ms "0.7.2" - -debug@^2.2.0, debug@^2.6.8: - version "2.6.8" - resolved "https://registry.yarnpkg.com/debug/-/debug-2.6.8.tgz#e731531ca2ede27d188222427da17821d68ff4fc" - dependencies: - ms "2.0.0" - -decamelize@^1.1.2: - version "1.2.0" - resolved "https://registry.yarnpkg.com/decamelize/-/decamelize-1.2.0.tgz#f6534d15148269b20352e7bee26f501f9a191290" - -deep-eql@^0.1.3: - version "0.1.3" - resolved "https://registry.yarnpkg.com/deep-eql/-/deep-eql-0.1.3.tgz#ef558acab8de25206cd713906d74e56930eb69f2" - dependencies: - type-detect "0.1.1" - -deep-extend@~0.4.0: - version "0.4.1" - resolved "https://registry.yarnpkg.com/deep-extend/-/deep-extend-0.4.1.tgz#efe4113d08085f4e6f9687759810f807469e2253" - -deep-is@~0.1.3: - version "0.1.3" - resolved "https://registry.yarnpkg.com/deep-is/-/deep-is-0.1.3.tgz#b369d6fb5dbc13eecf524f91b070feedc357cf34" - -del@^2.0.2: - version "2.2.2" - resolved "https://registry.yarnpkg.com/del/-/del-2.2.2.tgz#c12c981d067846c84bcaf862cff930d907ffd1a8" - dependencies: - globby "^5.0.0" - is-path-cwd "^1.0.0" - is-path-in-cwd "^1.0.0" - object-assign "^4.0.1" - pify "^2.0.0" - pinkie-promise "^2.0.0" - rimraf "^2.2.8" - -delayed-stream@~1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/delayed-stream/-/delayed-stream-1.0.0.tgz#df3ae199acadfb7d440aaae0b29e2272b24ec619" - -delegates@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/delegates/-/delegates-1.0.0.tgz#84c6e159b81904fdca59a0ef44cd870d31250f9a" - -denodeify: - version "1.2.1" - resolved "https://registry.yarnpkg.com/denodeify/-/denodeify-1.2.1.tgz#3a36287f5034e699e7577901052c2e6c94251631" - -detect-indent@^4.0.0: - version "4.0.0" - resolved "https://registry.yarnpkg.com/detect-indent/-/detect-indent-4.0.0.tgz#f76d064352cdf43a1cb6ce619c4ee3a9475de208" - dependencies: - repeating "^2.0.0" - -diff@1.4.0: - version "1.4.0" - resolved "https://registry.yarnpkg.com/diff/-/diff-1.4.0.tgz#7f28d2eb9ee7b15a97efd89ce63dcfdaa3ccbabf" - -diff@^2.2.1: - version "2.2.3" - resolved "https://registry.yarnpkg.com/diff/-/diff-2.2.3.tgz#60eafd0d28ee906e4e8ff0a52c1229521033bf99" - -doctrine@1.3.x, doctrine@^1.2.2: - version "1.3.0" - resolved "https://registry.yarnpkg.com/doctrine/-/doctrine-1.3.0.tgz#13e75682b55518424276f7c173783456ef913d26" - dependencies: - esutils "^2.0.2" - isarray "^1.0.0" - -doctrine@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/doctrine/-/doctrine-2.0.0.tgz#c73d8d2909d22291e1a007a395804da8b665fe63" - dependencies: - esutils "^2.0.2" - isarray "^1.0.0" - -dom-walk@^0.1.0: - version "0.1.1" - resolved "https://registry.yarnpkg.com/dom-walk/-/dom-walk-0.1.1.tgz#672226dc74c8f799ad35307df936aba11acd6018" - -ecc-jsbn@~0.1.1: - version "0.1.1" - resolved "https://registry.yarnpkg.com/ecc-jsbn/-/ecc-jsbn-0.1.1.tgz#0fc73a9ed5f0d53c38193398523ef7e543777505" - dependencies: - jsbn "~0.1.0" - -encoding@^0.1.11: - version "0.1.12" - resolved "https://registry.yarnpkg.com/encoding/-/encoding-0.1.12.tgz#538b66f3ee62cd1ab51ec323829d1f9480c74beb" - dependencies: - iconv-lite "~0.4.13" - -error-ex@^1.2.0: - version "1.3.0" - resolved "https://registry.yarnpkg.com/error-ex/-/error-ex-1.3.0.tgz#e67b43f3e82c96ea3a584ffee0b9fc3325d802d9" - dependencies: - is-arrayish "^0.2.1" - -es5-ext@^0.10.7, es5-ext@~0.10.11, es5-ext@~0.10.2, es5-ext@~0.10.7: - version "0.10.12" - resolved "https://registry.yarnpkg.com/es5-ext/-/es5-ext-0.10.12.tgz#aa84641d4db76b62abba5e45fd805ecbab140047" - dependencies: - es6-iterator "2" - es6-symbol "~3.1" - -es6-iterator@2: - version "2.0.0" - resolved "https://registry.yarnpkg.com/es6-iterator/-/es6-iterator-2.0.0.tgz#bd968567d61635e33c0b80727613c9cb4b096bac" - dependencies: - d "^0.1.1" - es5-ext "^0.10.7" - es6-symbol "3" - -es6-map@^0.1.3: - version "0.1.4" - resolved "https://registry.yarnpkg.com/es6-map/-/es6-map-0.1.4.tgz#a34b147be224773a4d7da8072794cefa3632b897" - dependencies: - d "~0.1.1" - es5-ext "~0.10.11" - es6-iterator "2" - es6-set "~0.1.3" - es6-symbol "~3.1.0" - event-emitter "~0.3.4" - -es6-set@^0.1.4, es6-set@~0.1.3: - version "0.1.4" - resolved "https://registry.yarnpkg.com/es6-set/-/es6-set-0.1.4.tgz#9516b6761c2964b92ff479456233a247dc707ce8" - dependencies: - d "~0.1.1" - es5-ext "~0.10.11" - es6-iterator "2" - es6-symbol "3" - event-emitter "~0.3.4" - -es6-symbol@3, es6-symbol@~3.1, es6-symbol@~3.1.0: - version "3.1.0" - resolved "https://registry.yarnpkg.com/es6-symbol/-/es6-symbol-3.1.0.tgz#94481c655e7a7cad82eba832d97d5433496d7ffa" - dependencies: - d "~0.1.1" - es5-ext "~0.10.11" - -escape-string-regexp@1.0.5, escape-string-regexp@^1.0.2, escape-string-regexp@^1.0.5: - version "1.0.5" - resolved "https://registry.yarnpkg.com/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz#1b61c0562190a8dff6ae3bb2cf0200ca130b86d4" - -eslint-config-airbnb-base@^8.0.0: - version "8.0.0" - resolved "https://registry.yarnpkg.com/eslint-config-airbnb-base/-/eslint-config-airbnb-base-8.0.0.tgz#c5e958a469ab8af76aff068b43d784e5afe74ca7" - -eslint-config-airbnb@12.0.0: - version "12.0.0" - resolved "https://registry.yarnpkg.com/eslint-config-airbnb/-/eslint-config-airbnb-12.0.0.tgz#ab282b756a25f03d04ac264c24d673a08a803270" - dependencies: - eslint-config-airbnb-base "^8.0.0" - -eslint-import-resolver-node@^0.2.0: - version "0.2.3" - resolved "https://registry.yarnpkg.com/eslint-import-resolver-node/-/eslint-import-resolver-node-0.2.3.tgz#5add8106e8c928db2cba232bcd9efa846e3da16c" - dependencies: - debug "^2.2.0" - object-assign "^4.0.1" - resolve "^1.1.6" - -eslint-plugin-babel@3.3.0: - version "3.3.0" - resolved "https://registry.yarnpkg.com/eslint-plugin-babel/-/eslint-plugin-babel-3.3.0.tgz#2f494aedcf6f4aa4e75b9155980837bc1fbde193" - -eslint-plugin-import@1.16.0: - version "1.16.0" - resolved "https://registry.yarnpkg.com/eslint-plugin-import/-/eslint-plugin-import-1.16.0.tgz#b2fa07ebcc53504d0f2a4477582ec8bff1871b9f" - dependencies: - builtin-modules "^1.1.1" - contains-path "^0.1.0" - debug "^2.2.0" - doctrine "1.3.x" - es6-map "^0.1.3" - es6-set "^0.1.4" - eslint-import-resolver-node "^0.2.0" - has "^1.0.1" - lodash.cond "^4.3.0" - lodash.endswith "^4.0.1" - lodash.find "^4.3.0" - lodash.findindex "^4.3.0" - minimatch "^3.0.3" - object-assign "^4.0.1" - pkg-dir "^1.0.0" - pkg-up "^1.0.0" - -eslint-plugin-jsx-a11y@2.2.3: - version "2.2.3" - resolved "https://registry.yarnpkg.com/eslint-plugin-jsx-a11y/-/eslint-plugin-jsx-a11y-2.2.3.tgz#4e35cb71b8a7db702ac415c806eb8e8d9ea6c65d" - dependencies: - damerau-levenshtein "^1.0.0" - jsx-ast-utils "^1.0.0" - object-assign "^4.0.1" - -eslint-plugin-react@6.4.1: - version "6.4.1" - resolved "https://registry.yarnpkg.com/eslint-plugin-react/-/eslint-plugin-react-6.4.1.tgz#7d1aade747db15892f71eee1fea4addf97bcfa2b" - dependencies: - doctrine "^1.2.2" - jsx-ast-utils "^1.3.1" - -eslint-scope@^3.7.1: - version "3.7.1" - resolved "https://registry.yarnpkg.com/eslint-scope/-/eslint-scope-3.7.1.tgz#3d63c3edfda02e06e01a452ad88caacc7cdcb6e8" -<<<<<<< HEAD - dependencies: - esrecurse "^4.1.0" - estraverse "^4.1.1" - -eslint@^4.0.0: - version "4.0.0" - resolved "https://registry.yarnpkg.com/eslint/-/eslint-4.0.0.tgz#7277c01437fdf41dccd168d5aa0e49b75ca1f260" - dependencies: -======= - dependencies: - esrecurse "^4.1.0" - estraverse "^4.1.1" - -eslint@^4.0.0: - version "4.0.0" - resolved "https://registry.yarnpkg.com/eslint/-/eslint-4.0.0.tgz#7277c01437fdf41dccd168d5aa0e49b75ca1f260" - dependencies: ->>>>>>> origin/master - babel-code-frame "^6.22.0" - chalk "^1.1.3" - concat-stream "^1.6.0" - debug "^2.6.8" - doctrine "^2.0.0" - eslint-scope "^3.7.1" - espree "^3.4.3" - esquery "^1.0.0" - estraverse "^4.2.0" - esutils "^2.0.2" - file-entry-cache "^2.0.0" - glob "^7.1.2" - globals "^9.17.0" - ignore "^3.3.3" - imurmurhash "^0.1.4" - inquirer "^3.0.6" - is-my-json-valid "^2.16.0" - is-resolvable "^1.0.0" - js-yaml "^3.8.4" - json-stable-stringify "^1.0.1" - levn "^0.3.0" - lodash "^4.17.4" - mkdirp "^0.5.1" - natural-compare "^1.4.0" - optionator "^0.8.2" - path-is-inside "^1.0.2" - pluralize "^4.0.0" - progress "^2.0.0" - require-uncached "^1.0.3" - strip-json-comments "~2.0.1" - table "^4.0.1" - text-table "~0.2.0" - -espree@^3.4.3: - version "3.4.3" - resolved "https://registry.yarnpkg.com/espree/-/espree-3.4.3.tgz#2910b5ccd49ce893c2ffffaab4fd8b3a31b82374" - dependencies: - acorn "^5.0.1" - acorn-jsx "^3.0.0" - -esprima@^3.1.1, esprima@~3.1.0: - version "3.1.2" - resolved "https://registry.yarnpkg.com/esprima/-/esprima-3.1.2.tgz#954b5d19321ca436092fa90f06d6798531fe8184" - -esquery@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/esquery/-/esquery-1.0.0.tgz#cfba8b57d7fba93f17298a8a006a04cda13d80fa" - dependencies: - estraverse "^4.0.0" - -esrecurse@^4.1.0: - version "4.1.0" - resolved "https://registry.yarnpkg.com/esrecurse/-/esrecurse-4.1.0.tgz#4713b6536adf7f2ac4f327d559e7756bff648220" - dependencies: - estraverse "~4.1.0" - object-assign "^4.0.1" - -estraverse@^4.0.0, estraverse@^4.1.1, estraverse@^4.2.0: - version "4.2.0" - resolved "https://registry.yarnpkg.com/estraverse/-/estraverse-4.2.0.tgz#0dee3fed31fcd469618ce7342099fc1afa0bdb13" - -estraverse@~4.1.0: - version "4.1.1" - resolved "https://registry.yarnpkg.com/estraverse/-/estraverse-4.1.1.tgz#f6caca728933a850ef90661d0e17982ba47111a2" - -esutils@^2.0.0, esutils@^2.0.2: - version "2.0.2" - resolved "https://registry.yarnpkg.com/esutils/-/esutils-2.0.2.tgz#0abf4f1caa5bcb1f7a9d8acc6dea4faaa04bac9b" - -event-emitter@~0.3.4: - version "0.3.4" - resolved "https://registry.yarnpkg.com/event-emitter/-/event-emitter-0.3.4.tgz#8d63ddfb4cfe1fae3b32ca265c4c720222080bb5" - dependencies: - d "~0.1.1" - es5-ext "~0.10.7" - -expand-brackets@^0.1.4: - version "0.1.5" - resolved "https://registry.yarnpkg.com/expand-brackets/-/expand-brackets-0.1.5.tgz#df07284e342a807cd733ac5af72411e581d1177b" - dependencies: - is-posix-bracket "^0.1.0" - -expand-range@^1.8.1: - version "1.8.2" - resolved "https://registry.yarnpkg.com/expand-range/-/expand-range-1.8.2.tgz#a299effd335fe2721ebae8e257ec79644fc85337" - dependencies: - fill-range "^2.1.0" - -extend@~3.0.0: - version "3.0.0" - resolved "https://registry.yarnpkg.com/extend/-/extend-3.0.0.tgz#5a474353b9f3353ddd8176dfd37b91c83a46f1d4" - -external-editor@^2.0.4: - version "2.0.4" - resolved "https://registry.yarnpkg.com/external-editor/-/external-editor-2.0.4.tgz#1ed9199da9cbfe2ef2f7a31b2fde8b0d12368972" - dependencies: - iconv-lite "^0.4.17" - jschardet "^1.4.2" - tmp "^0.0.31" - -extglob@^0.3.1: - version "0.3.2" - resolved "https://registry.yarnpkg.com/extglob/-/extglob-0.3.2.tgz#2e18ff3d2f49ab2765cec9023f011daa8d8349a1" - dependencies: - is-extglob "^1.0.0" - -extsprintf@1.0.2: - version "1.0.2" - resolved "https://registry.yarnpkg.com/extsprintf/-/extsprintf-1.0.2.tgz#e1080e0658e300b06294990cc70e1502235fd550" - -fast-levenshtein@~2.0.4: - version "2.0.5" - resolved "https://registry.yarnpkg.com/fast-levenshtein/-/fast-levenshtein-2.0.5.tgz#bd33145744519ab1c36c3ee9f31f08e9079b67f2" - -figures@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/figures/-/figures-2.0.0.tgz#3ab1a2d2a62c8bfb431a0c94cb797a2fce27c962" - dependencies: - escape-string-regexp "^1.0.5" - -file-entry-cache@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/file-entry-cache/-/file-entry-cache-2.0.0.tgz#c392990c3e684783d838b8c84a45d8a048458361" - dependencies: - flat-cache "^1.2.1" - object-assign "^4.0.1" - -filename-regex@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/filename-regex/-/filename-regex-2.0.0.tgz#996e3e80479b98b9897f15a8a58b3d084e926775" - -fill-range@^2.1.0: - version "2.2.3" - resolved "https://registry.yarnpkg.com/fill-range/-/fill-range-2.2.3.tgz#50b77dfd7e469bc7492470963699fe7a8485a723" - dependencies: - is-number "^2.1.0" - isobject "^2.0.0" - randomatic "^1.1.3" - repeat-element "^1.1.2" - repeat-string "^1.5.2" - -find-up@^1.0.0: - version "1.1.2" - resolved "https://registry.yarnpkg.com/find-up/-/find-up-1.1.2.tgz#6b2e9822b1a2ce0a60ab64d610eccad53cb24d0f" - dependencies: - path-exists "^2.0.0" - pinkie-promise "^2.0.0" - -find-versions@^1.0.0: - version "1.2.1" - resolved "https://registry.yarnpkg.com/find-versions/-/find-versions-1.2.1.tgz#cbde9f12e38575a0af1be1b9a2c5d5fd8f186b62" - dependencies: - array-uniq "^1.0.0" - get-stdin "^4.0.1" - meow "^3.5.0" - semver-regex "^1.0.0" - -flat-cache@^1.2.1: - version "1.2.1" - resolved "https://registry.yarnpkg.com/flat-cache/-/flat-cache-1.2.1.tgz#6c837d6225a7de5659323740b36d5361f71691ff" - dependencies: - circular-json "^0.3.0" - del "^2.0.2" - graceful-fs "^4.1.2" - write "^0.2.1" - -for-in@^0.1.5: - version "0.1.6" - resolved "https://registry.yarnpkg.com/for-in/-/for-in-0.1.6.tgz#c9f96e89bfad18a545af5ec3ed352a1d9e5b4dc8" - -for-own@^0.1.4: - version "0.1.4" - resolved "https://registry.yarnpkg.com/for-own/-/for-own-0.1.4.tgz#0149b41a39088c7515f51ebe1c1386d45f935072" - dependencies: - for-in "^0.1.5" - -forever-agent@~0.6.1: - version "0.6.1" - resolved "https://registry.yarnpkg.com/forever-agent/-/forever-agent-0.6.1.tgz#fbc71f0c41adeb37f96c577ad1ed42d8fdacca91" - -form-data@~2.1.1: - version "2.1.2" - resolved "https://registry.yarnpkg.com/form-data/-/form-data-2.1.2.tgz#89c3534008b97eada4cbb157d58f6f5df025eae4" - dependencies: - asynckit "^0.4.0" - combined-stream "^1.0.5" - mime-types "^2.1.12" - -fs-readdir-recursive@^0.1.0: - version "0.1.2" - resolved "https://registry.yarnpkg.com/fs-readdir-recursive/-/fs-readdir-recursive-0.1.2.tgz#315b4fb8c1ca5b8c47defef319d073dad3568059" - -fs.realpath@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/fs.realpath/-/fs.realpath-1.0.0.tgz#1504ad2523158caa40db4a2787cb01411994ea4f" - -fsevents@^1.0.0: - version "1.0.15" - resolved "https://registry.yarnpkg.com/fsevents/-/fsevents-1.0.15.tgz#fa63f590f3c2ad91275e4972a6cea545fb0aae44" - dependencies: - nan "^2.3.0" - node-pre-gyp "^0.6.29" - -fstream-ignore@~1.0.5: - version "1.0.5" - resolved "https://registry.yarnpkg.com/fstream-ignore/-/fstream-ignore-1.0.5.tgz#9c31dae34767018fe1d249b24dada67d092da105" - dependencies: - fstream "^1.0.0" - inherits "2" - minimatch "^3.0.0" - -fstream@^1.0.0, fstream@^1.0.2, fstream@~1.0.10: - version "1.0.10" - resolved "https://registry.yarnpkg.com/fstream/-/fstream-1.0.10.tgz#604e8a92fe26ffd9f6fae30399d4984e1ab22822" - dependencies: - graceful-fs "^4.1.2" - inherits "~2.0.0" - mkdirp ">=0.5 0" - rimraf "2" - -function-bind@^1.0.2: - version "1.1.0" - resolved "https://registry.yarnpkg.com/function-bind/-/function-bind-1.1.0.tgz#16176714c801798e4e8f2cf7f7529467bb4a5771" - -gauge@~2.6.0: - version "2.6.0" - resolved "https://registry.yarnpkg.com/gauge/-/gauge-2.6.0.tgz#d35301ad18e96902b4751dcbbe40f4218b942a46" - dependencies: - aproba "^1.0.3" - console-control-strings "^1.0.0" - has-color "^0.1.7" - has-unicode "^2.0.0" - object-assign "^4.1.0" - signal-exit "^3.0.0" - string-width "^1.0.1" - strip-ansi "^3.0.1" - wide-align "^1.1.0" - -generate-function@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/generate-function/-/generate-function-2.0.0.tgz#6858fe7c0969b7d4e9093337647ac79f60dfbe74" - -generate-object-property@^1.1.0: - version "1.2.0" - resolved "https://registry.yarnpkg.com/generate-object-property/-/generate-object-property-1.2.0.tgz#9c0e1c40308ce804f4783618b937fa88f99d50d0" - dependencies: - is-property "^1.0.0" - -get-stdin@^4.0.1: - version "4.0.1" - resolved "https://registry.yarnpkg.com/get-stdin/-/get-stdin-4.0.1.tgz#b968c6b0a04384324902e8bf1a5df32579a450fe" - -getpass@^0.1.1: - version "0.1.6" - resolved "https://registry.yarnpkg.com/getpass/-/getpass-0.1.6.tgz#283ffd9fc1256840875311c1b60e8c40187110e6" - dependencies: - assert-plus "^1.0.0" - -glob-base@^0.3.0: - version "0.3.0" - resolved "https://registry.yarnpkg.com/glob-base/-/glob-base-0.3.0.tgz#dbb164f6221b1c0b1ccf82aea328b497df0ea3c4" - dependencies: - glob-parent "^2.0.0" - is-glob "^2.0.0" - -glob-parent@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/glob-parent/-/glob-parent-2.0.0.tgz#81383d72db054fcccf5336daa902f182f6edbb28" - dependencies: - is-glob "^2.0.0" - -glob@7.0.5: - version "7.0.5" - resolved "https://registry.yarnpkg.com/glob/-/glob-7.0.5.tgz#b4202a69099bbb4d292a7c1b95b6682b67ebdc95" - dependencies: - fs.realpath "^1.0.0" - inflight "^1.0.4" - inherits "2" - minimatch "^3.0.2" - once "^1.3.0" - path-is-absolute "^1.0.0" - -glob@^5.0.5: - version "5.0.15" - resolved "https://registry.yarnpkg.com/glob/-/glob-5.0.15.tgz#1bc936b9e02f4a603fcc222ecf7633d30b8b93b1" - dependencies: - inflight "^1.0.4" - inherits "2" - minimatch "2 || 3" - once "^1.3.0" - path-is-absolute "^1.0.0" - -glob@^7.0.3, glob@^7.1.2: - version "7.1.2" - resolved "https://registry.yarnpkg.com/glob/-/glob-7.1.2.tgz#c19c9df9a028702d678612384a6552404c636d15" - dependencies: - fs.realpath "^1.0.0" - inflight "^1.0.4" - inherits "2" - minimatch "^3.0.4" - once "^1.3.0" - path-is-absolute "^1.0.0" - -glob@^7.0.5: - version "7.1.1" - resolved "https://registry.yarnpkg.com/glob/-/glob-7.1.1.tgz#805211df04faaf1c63a3600306cdf5ade50b2ec8" - dependencies: - fs.realpath "^1.0.0" - inflight "^1.0.4" - inherits "2" - minimatch "^3.0.2" - once "^1.3.0" - path-is-absolute "^1.0.0" - -global@^4.3.2: - version "4.3.2" - resolved "https://registry.yarnpkg.com/global/-/global-4.3.2.tgz#e76989268a6c74c38908b1305b10fc0e394e9d0f" - dependencies: - min-document "^2.19.0" - process "~0.5.1" - -globals@^9.0.0, globals@^9.17.0: - version "9.18.0" - resolved "https://registry.yarnpkg.com/globals/-/globals-9.18.0.tgz#aa3896b3e69b487f17e31ed2143d69a8e30c2d8a" - -globby@^5.0.0: - version "5.0.0" - resolved "https://registry.yarnpkg.com/globby/-/globby-5.0.0.tgz#ebd84667ca0dbb330b99bcfc68eac2bc54370e0d" - dependencies: - array-union "^1.0.1" - arrify "^1.0.0" - glob "^7.0.3" - object-assign "^4.0.1" - pify "^2.0.0" - pinkie-promise "^2.0.0" - -graceful-fs@^4.1.2, graceful-fs@^4.1.4, graceful-fs@^4.1.5: - version "4.1.11" - resolved "https://registry.yarnpkg.com/graceful-fs/-/graceful-fs-4.1.11.tgz#0e8bdfe4d1ddb8854d64e04ea7c00e2a026e5658" - -"graceful-readlink@>= 1.0.0": - version "1.0.1" - resolved "https://registry.yarnpkg.com/graceful-readlink/-/graceful-readlink-1.0.1.tgz#4cafad76bc62f02fa039b2f94e9a3dd3a391a725" - -graphql@0.7.2: - version "0.7.2" - resolved "https://registry.yarnpkg.com/graphql/-/graphql-0.7.2.tgz#cc894a32823399b8a0cb012b9e9ecad35cd00f72" - dependencies: - iterall "1.0.2" - -growl@1.9.2: - version "1.9.2" - resolved "https://registry.yarnpkg.com/growl/-/growl-1.9.2.tgz#0ea7743715db8d8de2c5ede1775e1b45ac85c02f" - -har-validator@~2.0.6: - version "2.0.6" - resolved "https://registry.yarnpkg.com/har-validator/-/har-validator-2.0.6.tgz#cdcbc08188265ad119b6a5a7c8ab70eecfb5d27d" - dependencies: - chalk "^1.1.1" - commander "^2.9.0" - is-my-json-valid "^2.12.4" - pinkie-promise "^2.0.0" - -has-ansi@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/has-ansi/-/has-ansi-2.0.0.tgz#34f5049ce1ecdf2b0649af3ef24e45ed35416d91" - dependencies: - ansi-regex "^2.0.0" - -has-color@^0.1.7: - version "0.1.7" - resolved "https://registry.yarnpkg.com/has-color/-/has-color-0.1.7.tgz#67144a5260c34fc3cca677d041daf52fe7b78b2f" - -has-flag@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/has-flag/-/has-flag-1.0.0.tgz#9d9e793165ce017a00f00418c43f942a7b1d11fa" - -has-unicode@^2.0.0: - version "2.0.1" - resolved "https://registry.yarnpkg.com/has-unicode/-/has-unicode-2.0.1.tgz#e0e6fe6a28cf51138855e086d1691e771de2a8b9" - -has@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/has/-/has-1.0.1.tgz#8461733f538b0837c9361e39a9ab9e9704dc2f28" - dependencies: - function-bind "^1.0.2" - -hawk@~3.1.3: - version "3.1.3" - resolved "https://registry.yarnpkg.com/hawk/-/hawk-3.1.3.tgz#078444bd7c1640b0fe540d2c9b73d59678e8e1c4" - dependencies: - boom "2.x.x" - cryptiles "2.x.x" - hoek "2.x.x" - sntp "1.x.x" - -hoek@2.x.x: - version "2.16.3" - resolved "https://registry.yarnpkg.com/hoek/-/hoek-2.16.3.tgz#20bb7403d3cea398e91dc4710a8ff1b8274a25ed" - -home-or-tmp@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/home-or-tmp/-/home-or-tmp-1.0.0.tgz#4b9f1e40800c3e50c6c27f781676afcce71f3985" - dependencies: - os-tmpdir "^1.0.1" - user-home "^1.1.1" - -hosted-git-info@^2.1.4: - version "2.1.5" - resolved "https://registry.yarnpkg.com/hosted-git-info/-/hosted-git-info-2.1.5.tgz#0ba81d90da2e25ab34a332e6ec77936e1598118b" - -http-signature@~1.1.0: - version "1.1.1" - resolved "https://registry.yarnpkg.com/http-signature/-/http-signature-1.1.1.tgz#df72e267066cd0ac67fb76adf8e134a8fbcf91bf" - dependencies: - assert-plus "^0.2.0" - jsprim "^1.2.2" - sshpk "^1.7.0" - -iconv-lite@^0.4.17: - version "0.4.18" - resolved "https://registry.yarnpkg.com/iconv-lite/-/iconv-lite-0.4.18.tgz#23d8656b16aae6742ac29732ea8f0336a4789cf2" - -iconv-lite@~0.4.13: - version "0.4.15" - resolved "https://registry.yarnpkg.com/iconv-lite/-/iconv-lite-0.4.15.tgz#fe265a218ac6a57cfe854927e9d04c19825eddeb" - -ignore@^3.3.3: - version "3.3.3" - resolved "https://registry.yarnpkg.com/ignore/-/ignore-3.3.3.tgz#432352e57accd87ab3110e82d3fea0e47812156d" - -imurmurhash@^0.1.4: - version "0.1.4" - resolved "https://registry.yarnpkg.com/imurmurhash/-/imurmurhash-0.1.4.tgz#9218b9b2b928a238b13dc4fb6b6d576f231453ea" - -indent-string@^2.1.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/indent-string/-/indent-string-2.1.0.tgz#8e2d48348742121b4a8218b7a137e9a52049dc80" - dependencies: - repeating "^2.0.0" - -inflight@^1.0.4: - version "1.0.6" - resolved "https://registry.yarnpkg.com/inflight/-/inflight-1.0.6.tgz#49bd6331d7d02d0c09bc910a1075ba8165b56df9" - dependencies: - once "^1.3.0" - wrappy "1" - -inherits@2, inherits@^2.0.1, inherits@^2.0.3, inherits@~2.0.0, inherits@~2.0.1: - version "2.0.3" - resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.3.tgz#633c2c83e3da42a502f52466022480f4208261de" - -ini@~1.3.0: - version "1.3.4" - resolved "https://registry.yarnpkg.com/ini/-/ini-1.3.4.tgz#0537cb79daf59b59a1a517dff706c86ec039162e" - -inquirer@^3.0.6: - version "3.1.0" - resolved "https://registry.yarnpkg.com/inquirer/-/inquirer-3.1.0.tgz#e05400d48b94937c2d3caa7038663ba9189aab01" - dependencies: - ansi-escapes "^2.0.0" - chalk "^1.0.0" - cli-cursor "^2.1.0" - cli-width "^2.0.0" - external-editor "^2.0.4" - figures "^2.0.0" - lodash "^4.3.0" - mute-stream "0.0.7" - run-async "^2.2.0" - rx-lite "^4.0.8" - rx-lite-aggregates "^4.0.8" - string-width "^2.0.0" - strip-ansi "^3.0.0" - through "^2.3.6" - -invariant@^2.2.0: - version "2.2.1" - resolved "https://registry.yarnpkg.com/invariant/-/invariant-2.2.1.tgz#b097010547668c7e337028ebe816ebe36c8a8d54" - dependencies: - loose-envify "^1.0.0" - -is-arrayish@^0.2.1: - version "0.2.1" - resolved "https://registry.yarnpkg.com/is-arrayish/-/is-arrayish-0.2.1.tgz#77c99840527aa8ecb1a8ba697b80645a7a926a9d" - -is-binary-path@^1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/is-binary-path/-/is-binary-path-1.0.1.tgz#75f16642b480f187a711c814161fd3a4a7655898" - dependencies: - binary-extensions "^1.0.0" - -is-buffer@^1.0.2, is-buffer@~1.1.1: - version "1.1.4" - resolved "https://registry.yarnpkg.com/is-buffer/-/is-buffer-1.1.4.tgz#cfc86ccd5dc5a52fa80489111c6920c457e2d98b" - -is-builtin-module@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-builtin-module/-/is-builtin-module-1.0.0.tgz#540572d34f7ac3119f8f76c30cbc1b1e037affbe" - dependencies: - builtin-modules "^1.0.0" - -is-dotfile@^1.0.0: - version "1.0.2" - resolved "https://registry.yarnpkg.com/is-dotfile/-/is-dotfile-1.0.2.tgz#2c132383f39199f8edc268ca01b9b007d205cc4d" - -is-equal-shallow@^0.1.3: - version "0.1.3" - resolved "https://registry.yarnpkg.com/is-equal-shallow/-/is-equal-shallow-0.1.3.tgz#2238098fc221de0bcfa5d9eac4c45d638aa1c534" - dependencies: - is-primitive "^2.0.0" - -is-extendable@^0.1.1: - version "0.1.1" - resolved "https://registry.yarnpkg.com/is-extendable/-/is-extendable-0.1.1.tgz#62b110e289a471418e3ec36a617d472e301dfc89" - -is-extglob@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-extglob/-/is-extglob-1.0.0.tgz#ac468177c4943405a092fc8f29760c6ffc6206c0" - -is-finite@^1.0.0: - version "1.0.2" - resolved "https://registry.yarnpkg.com/is-finite/-/is-finite-1.0.2.tgz#cc6677695602be550ef11e8b4aa6305342b6d0aa" - dependencies: - number-is-nan "^1.0.0" - -is-fullwidth-code-point@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-fullwidth-code-point/-/is-fullwidth-code-point-1.0.0.tgz#ef9e31386f031a7f0d643af82fde50c457ef00cb" - dependencies: - number-is-nan "^1.0.0" - -is-fullwidth-code-point@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/is-fullwidth-code-point/-/is-fullwidth-code-point-2.0.0.tgz#a3b30a5c4f199183167aaab93beefae3ddfb654f" - -is-glob@^2.0.0, is-glob@^2.0.1: - version "2.0.1" - resolved "https://registry.yarnpkg.com/is-glob/-/is-glob-2.0.1.tgz#d096f926a3ded5600f3fdfd91198cb0888c2d863" - dependencies: - is-extglob "^1.0.0" - -is-my-json-valid@^2.12.4, is-my-json-valid@^2.16.0: - version "2.16.0" - resolved "https://registry.yarnpkg.com/is-my-json-valid/-/is-my-json-valid-2.16.0.tgz#f079dd9bfdae65ee2038aae8acbc86ab109e3693" - dependencies: - generate-function "^2.0.0" - generate-object-property "^1.1.0" - jsonpointer "^4.0.0" - xtend "^4.0.0" - -is-number@^2.0.2, is-number@^2.1.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/is-number/-/is-number-2.1.0.tgz#01fcbbb393463a548f2f466cce16dece49db908f" - dependencies: - kind-of "^3.0.2" - -is-path-cwd@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-path-cwd/-/is-path-cwd-1.0.0.tgz#d225ec23132e89edd38fda767472e62e65f1106d" - -is-path-in-cwd@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-path-in-cwd/-/is-path-in-cwd-1.0.0.tgz#6477582b8214d602346094567003be8a9eac04dc" - dependencies: - is-path-inside "^1.0.0" - -is-path-inside@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-path-inside/-/is-path-inside-1.0.0.tgz#fc06e5a1683fbda13de667aff717bbc10a48f37f" - dependencies: - path-is-inside "^1.0.1" - -is-posix-bracket@^0.1.0: - version "0.1.1" - resolved "https://registry.yarnpkg.com/is-posix-bracket/-/is-posix-bracket-0.1.1.tgz#3334dc79774368e92f016e6fbc0a88f5cd6e6bc4" - -is-primitive@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/is-primitive/-/is-primitive-2.0.0.tgz#207bab91638499c07b2adf240a41a87210034575" - -is-promise@^2.1.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/is-promise/-/is-promise-2.1.0.tgz#79a2a9ece7f096e80f36d2b2f3bc16c1ff4bf3fa" - -is-property@^1.0.0: - version "1.0.2" - resolved "https://registry.yarnpkg.com/is-property/-/is-property-1.0.2.tgz#57fe1c4e48474edd65b09911f26b1cd4095dda84" - -is-resolvable@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-resolvable/-/is-resolvable-1.0.0.tgz#8df57c61ea2e3c501408d100fb013cf8d6e0cc62" - dependencies: - tryit "^1.0.1" - -is-stream@^1.0.1: - version "1.1.0" - resolved "https://registry.yarnpkg.com/is-stream/-/is-stream-1.1.0.tgz#12d4a3dd4e68e0b79ceb8dbc84173ae80d91ca44" - -is-typedarray@~1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-typedarray/-/is-typedarray-1.0.0.tgz#e479c80858df0c1b11ddda6940f96011fcda4a9a" - -is-utf8@^0.2.0: - version "0.2.1" - resolved "https://registry.yarnpkg.com/is-utf8/-/is-utf8-0.2.1.tgz#4b0da1442104d1b336340e80797e865cf39f7d72" - -isarray@1.0.0, isarray@^1.0.0, isarray@~1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/isarray/-/isarray-1.0.0.tgz#bb935d48582cba168c06834957a54a3e07124f11" - -isobject@^2.0.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/isobject/-/isobject-2.1.0.tgz#f065561096a3f1da2ef46272f815c840d87e0c89" - dependencies: - isarray "1.0.0" - -isstream@~0.1.2: - version "0.1.2" - resolved "https://registry.yarnpkg.com/isstream/-/isstream-0.1.2.tgz#47e63f7af55afa6f92e1500e690eb8b8529c099a" - -iterall@1.0.2: - version "1.0.2" - resolved "https://registry.yarnpkg.com/iterall/-/iterall-1.0.2.tgz#41a2e96ce9eda5e61c767ee5dc312373bb046e91" - -jodid25519@^1.0.0: - version "1.0.2" - resolved "https://registry.yarnpkg.com/jodid25519/-/jodid25519-1.0.2.tgz#06d4912255093419477d425633606e0e90782967" - dependencies: - jsbn "~0.1.0" - -js-tokens@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/js-tokens/-/js-tokens-2.0.0.tgz#79903f5563ee778cc1162e6dcf1a0027c97f9cb5" - -<<<<<<< HEAD -<<<<<<< HEAD -======= ->>>>>>> origin/master -js-tokens@^3.0.0: - version "3.0.1" - resolved "https://registry.yarnpkg.com/js-tokens/-/js-tokens-3.0.1.tgz#08e9f132484a2c45a30907e9dc4d5567b7f114d7" - -<<<<<<< HEAD -<<<<<<< HEAD -js-yaml@^3.8.4: - version "3.8.4" - resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-3.8.4.tgz#520b4564f86573ba96662af85a8cafa7b4b5a6f6" -======= -======= ->>>>>>> Revert "add-user and authorization prototype" -js-yaml@^3.5.1: - version "3.7.0" - resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-3.7.0.tgz#5c967ddd837a9bfdca5f2de84253abe8a1c03b80" ->>>>>>> add-user and authorization prototype -======= -js-yaml@^3.8.4: - version "3.8.4" - resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-3.8.4.tgz#520b4564f86573ba96662af85a8cafa7b4b5a6f6" ->>>>>>> origin/master - dependencies: - argparse "^1.0.7" - esprima "^3.1.1" - -jsbn@~0.1.0: - version "0.1.0" - resolved "https://registry.yarnpkg.com/jsbn/-/jsbn-0.1.0.tgz#650987da0dd74f4ebf5a11377a2aa2d273e97dfd" - -jschardet@^1.4.2: - version "1.4.2" - resolved "https://registry.yarnpkg.com/jschardet/-/jschardet-1.4.2.tgz#2aa107f142af4121d145659d44f50830961e699a" - -jsesc@^1.3.0: - version "1.3.0" - resolved "https://registry.yarnpkg.com/jsesc/-/jsesc-1.3.0.tgz#46c3fec8c1892b12b0833db9bc7622176dbab34b" - -jsesc@~0.5.0: - version "0.5.0" - resolved "https://registry.yarnpkg.com/jsesc/-/jsesc-0.5.0.tgz#e7dee66e35d6fc16f710fe91d5cf69f70f08911d" - -json-schema@0.2.3: - version "0.2.3" - resolved "https://registry.yarnpkg.com/json-schema/-/json-schema-0.2.3.tgz#b480c892e59a2f05954ce727bd3f2a4e882f9e13" - -json-stable-stringify@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/json-stable-stringify/-/json-stable-stringify-1.0.1.tgz#9a759d39c5f2ff503fd5300646ed445f88c4f9af" - dependencies: - jsonify "~0.0.0" - -json-stringify-safe@~5.0.1: - version "5.0.1" - resolved "https://registry.yarnpkg.com/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz#1296a2d58fd45f19a0f6ce01d65701e2c735b6eb" - -json3@3.3.2: - version "3.3.2" - resolved "https://registry.yarnpkg.com/json3/-/json3-3.3.2.tgz#3c0434743df93e2f5c42aee7b19bcb483575f4e1" - -json5@^0.4.0: - version "0.4.0" - resolved "https://registry.yarnpkg.com/json5/-/json5-0.4.0.tgz#054352e4c4c80c86c0923877d449de176a732c8d" - -jsonify@~0.0.0: - version "0.0.0" - resolved "https://registry.yarnpkg.com/jsonify/-/jsonify-0.0.0.tgz#2c74b6ee41d93ca51b7b5aaee8f503631d252a73" - -jsonpointer@^4.0.0: - version "4.0.0" - resolved "https://registry.yarnpkg.com/jsonpointer/-/jsonpointer-4.0.0.tgz#6661e161d2fc445f19f98430231343722e1fcbd5" - -jsprim@^1.2.2: - version "1.3.1" - resolved "https://registry.yarnpkg.com/jsprim/-/jsprim-1.3.1.tgz#2a7256f70412a29ee3670aaca625994c4dcff252" - dependencies: - extsprintf "1.0.2" - json-schema "0.2.3" - verror "1.3.6" - -jsx-ast-utils@^1.0.0, jsx-ast-utils@^1.3.1: - version "1.3.3" - resolved "https://registry.yarnpkg.com/jsx-ast-utils/-/jsx-ast-utils-1.3.3.tgz#ccfdbe0320ba03f7a1fc4e67ceaf7e2cc0169721" - dependencies: - acorn-jsx "^3.0.1" - object-assign "^4.1.0" - -kind-of@^3.0.2: - version "3.0.4" - resolved "https://registry.yarnpkg.com/kind-of/-/kind-of-3.0.4.tgz#7b8ecf18a4e17f8269d73b501c9f232c96887a74" - dependencies: - is-buffer "^1.0.2" - -levn@^0.3.0, levn@~0.3.0: - version "0.3.0" - resolved "https://registry.yarnpkg.com/levn/-/levn-0.3.0.tgz#3b09924edf9f083c0490fdd4c0bc4421e04764ee" - dependencies: - prelude-ls "~1.1.2" - type-check "~0.3.2" - -load-json-file@^1.0.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/load-json-file/-/load-json-file-1.1.0.tgz#956905708d58b4bab4c2261b04f59f31c99374c0" - dependencies: - graceful-fs "^4.1.2" - parse-json "^2.2.0" - pify "^2.0.0" - pinkie-promise "^2.0.0" - strip-bom "^2.0.0" - -lodash._baseassign@^3.0.0: - version "3.2.0" - resolved "https://registry.yarnpkg.com/lodash._baseassign/-/lodash._baseassign-3.2.0.tgz#8c38a099500f215ad09e59f1722fd0c52bfe0a4e" - dependencies: - lodash._basecopy "^3.0.0" - lodash.keys "^3.0.0" - -lodash._basecopy@^3.0.0: - version "3.0.1" - resolved "https://registry.yarnpkg.com/lodash._basecopy/-/lodash._basecopy-3.0.1.tgz#8da0e6a876cf344c0ad8a54882111dd3c5c7ca36" - -lodash._basecreate@^3.0.0: - version "3.0.3" - resolved "https://registry.yarnpkg.com/lodash._basecreate/-/lodash._basecreate-3.0.3.tgz#1bc661614daa7fc311b7d03bf16806a0213cf821" - -lodash._getnative@^3.0.0: - version "3.9.1" - resolved "https://registry.yarnpkg.com/lodash._getnative/-/lodash._getnative-3.9.1.tgz#570bc7dede46d61cdcde687d65d3eecbaa3aaff5" - -lodash._isiterateecall@^3.0.0: - version "3.0.9" - resolved "https://registry.yarnpkg.com/lodash._isiterateecall/-/lodash._isiterateecall-3.0.9.tgz#5203ad7ba425fae842460e696db9cf3e6aac057c" - -lodash.clonedeep: - version "4.5.0" - resolved "https://registry.yarnpkg.com/lodash.clonedeep/-/lodash.clonedeep-4.5.0.tgz#e23f3f9c4f8fbdde872529c1071857a086e5ccef" - -lodash.cond@^4.3.0: - version "4.5.2" - resolved "https://registry.yarnpkg.com/lodash.cond/-/lodash.cond-4.5.2.tgz#f471a1da486be60f6ab955d17115523dd1d255d5" - -lodash.create@3.1.1: - version "3.1.1" - resolved "https://registry.yarnpkg.com/lodash.create/-/lodash.create-3.1.1.tgz#d7f2849f0dbda7e04682bb8cd72ab022461debe7" - dependencies: - lodash._baseassign "^3.0.0" - lodash._basecreate "^3.0.0" - lodash._isiterateecall "^3.0.0" - -lodash.endswith@^4.0.1: - version "4.2.1" - resolved "https://registry.yarnpkg.com/lodash.endswith/-/lodash.endswith-4.2.1.tgz#fed59ac1738ed3e236edd7064ec456448b37bc09" - -lodash.find@^4.3.0: - version "4.6.0" - resolved "https://registry.yarnpkg.com/lodash.find/-/lodash.find-4.6.0.tgz#cb0704d47ab71789ffa0de8b97dd926fb88b13b1" - -lodash.findindex@^4.3.0: - version "4.6.0" - resolved "https://registry.yarnpkg.com/lodash.findindex/-/lodash.findindex-4.6.0.tgz#a3245dee61fb9b6e0624b535125624bb69c11106" - -lodash.includes@^4.3.0: - version "4.3.0" - resolved "https://registry.yarnpkg.com/lodash.includes/-/lodash.includes-4.3.0.tgz#60bb98a87cb923c68ca1e51325483314849f553f" - -lodash.isarguments@^3.0.0: - version "3.1.0" - resolved "https://registry.yarnpkg.com/lodash.isarguments/-/lodash.isarguments-3.1.0.tgz#2f573d85c6a24289ff00663b491c1d338ff3458a" - -lodash.isarray@^3.0.0: - version "3.0.4" - resolved "https://registry.yarnpkg.com/lodash.isarray/-/lodash.isarray-3.0.4.tgz#79e4eb88c36a8122af86f844aa9bcd851b5fbb55" - -lodash.keys@^3.0.0: - version "3.1.2" - resolved "https://registry.yarnpkg.com/lodash.keys/-/lodash.keys-3.1.2.tgz#4dbc0472b156be50a0b286855d1bd0b0c656098a" - dependencies: - lodash._getnative "^3.0.0" - lodash.isarguments "^3.0.0" - lodash.isarray "^3.0.0" - -lodash.merge@^4.6.0: - version "4.6.0" - resolved "https://registry.yarnpkg.com/lodash.merge/-/lodash.merge-4.6.0.tgz#69884ba144ac33fe699737a6086deffadd0f89c5" - -<<<<<<< HEAD -<<<<<<< HEAD -<<<<<<< HEAD -<<<<<<< HEAD -<<<<<<< HEAD -lodash@^4.0.0, lodash@^4.17.4: - version "4.17.4" - resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.4.tgz#78203a4d1c328ae1d86dca6460e369b57f4055ae" - -lodash@^4.2.0, lodash@^4.3.0: -======= -======= -lodash.pickby@^4.6.0: - version "4.6.0" - resolved "https://registry.yarnpkg.com/lodash.pickby/-/lodash.pickby-4.6.0.tgz#7dea21d8c18d7703a27c704c15d3b84a67e33aff" - ->>>>>>> Revert "add-user and authorization prototype" -lodash@^4.0.0, lodash@^4.2.0, lodash@^4.3.0: ->>>>>>> add-user and authorization prototype -======= -lodash@4.16.4: - version "4.16.4" - resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.16.4.tgz#01ce306b9bad1319f2a5528674f88297aeb70127" - -======= ->>>>>>> harden -lodash@^4.0.0, lodash@^4.17.4, lodash@^4.3.0: - version "4.17.4" - resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.4.tgz#78203a4d1c328ae1d86dca6460e369b57f4055ae" - -lodash@^4.2.0: ->>>>>>> PR adjustments + npm package -======= -lodash@^4.0.0, lodash@^4.17.4, lodash@^4.3.0: - version "4.17.4" - resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.4.tgz#78203a4d1c328ae1d86dca6460e369b57f4055ae" - -lodash@^4.2.0: ->>>>>>> origin/master - version "4.16.6" - resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.16.6.tgz#d22c9ac660288f3843e16ba7d2b5d06cca27d777" - -log-symbols@^1.0.2: - version "1.0.2" - resolved "https://registry.yarnpkg.com/log-symbols/-/log-symbols-1.0.2.tgz#376ff7b58ea3086a0f09facc74617eca501e1a18" - dependencies: - chalk "^1.0.0" - -loose-envify@^1.0.0: - version "1.3.0" - resolved "https://registry.yarnpkg.com/loose-envify/-/loose-envify-1.3.0.tgz#6b26248c42f6d4fa4b0d8542f78edfcde35642a8" - dependencies: - js-tokens "^2.0.0" - -loud-rejection@^1.0.0: - version "1.6.0" - resolved "https://registry.yarnpkg.com/loud-rejection/-/loud-rejection-1.6.0.tgz#5b46f80147edee578870f086d04821cf998e551f" - dependencies: - currently-unhandled "^0.4.1" - signal-exit "^3.0.0" - -map-obj@^1.0.0, map-obj@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/map-obj/-/map-obj-1.0.1.tgz#d933ceb9205d82bdcf4886f6742bdc2b4dea146d" - -md5@^2.2.1: - version "2.2.1" - resolved "https://registry.yarnpkg.com/md5/-/md5-2.2.1.tgz#53ab38d5fe3c8891ba465329ea23fac0540126f9" - dependencies: - charenc "~0.0.1" - crypt "~0.0.1" - is-buffer "~1.1.1" - -meow@^3.5.0: - version "3.7.0" - resolved "https://registry.yarnpkg.com/meow/-/meow-3.7.0.tgz#72cb668b425228290abbfa856892587308a801fb" - dependencies: - camelcase-keys "^2.0.0" - decamelize "^1.1.2" - loud-rejection "^1.0.0" - map-obj "^1.0.1" - minimist "^1.1.3" - normalize-package-data "^2.3.4" - object-assign "^4.0.1" - read-pkg-up "^1.0.1" - redent "^1.0.0" - trim-newlines "^1.0.0" - -micromatch@^2.1.5: - version "2.3.11" - resolved "https://registry.yarnpkg.com/micromatch/-/micromatch-2.3.11.tgz#86677c97d1720b363431d04d0d15293bd38c1565" - dependencies: - arr-diff "^2.0.0" - array-unique "^0.2.1" - braces "^1.8.2" - expand-brackets "^0.1.4" - extglob "^0.3.1" - filename-regex "^2.0.0" - is-extglob "^1.0.0" - is-glob "^2.0.1" - kind-of "^3.0.2" - normalize-path "^2.0.1" - object.omit "^2.0.0" - parse-glob "^3.0.4" - regex-cache "^0.4.2" - -mime-db@~1.24.0: - version "1.24.0" - resolved "https://registry.yarnpkg.com/mime-db/-/mime-db-1.24.0.tgz#e2d13f939f0016c6e4e9ad25a8652f126c467f0c" - -mime-types@^2.1.12, mime-types@~2.1.7: - version "2.1.12" - resolved "https://registry.yarnpkg.com/mime-types/-/mime-types-2.1.12.tgz#152ba256777020dd4663f54c2e7bc26381e71729" - dependencies: - mime-db "~1.24.0" - -mimic-fn@^1.0.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/mimic-fn/-/mimic-fn-1.1.0.tgz#e667783d92e89dbd342818b5230b9d62a672ad18" - -min-document@^2.19.0: - version "2.19.0" - resolved "https://registry.yarnpkg.com/min-document/-/min-document-2.19.0.tgz#7bd282e3f5842ed295bb748cdd9f1ffa2c824685" - dependencies: - dom-walk "^0.1.0" - -"minimatch@2 || 3", minimatch@^3.0.2, minimatch@^3.0.3: - version "3.0.3" - resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-3.0.3.tgz#2a4e4090b96b2db06a9d7df01055a62a77c9b774" - dependencies: - brace-expansion "^1.0.0" - -minimatch@^3.0.0, minimatch@^3.0.4: - version "3.0.4" - resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-3.0.4.tgz#5166e286457f03306064be5497e8dbb0c3d32083" - dependencies: - brace-expansion "^1.1.7" - -minimist, minimist@^1.1.0, minimist@^1.1.3, minimist@^1.2.0: - version "1.2.0" - resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.0.tgz#a35008b20f41383eec1fb914f4cd5df79a264284" - -minimist@0.0.8: - version "0.0.8" - resolved "https://registry.yarnpkg.com/minimist/-/minimist-0.0.8.tgz#857fcabfc3397d2625b8228262e86aa7a011b05d" - -mkdirp, mkdirp@0.5.1, "mkdirp@>=0.5 0", mkdirp@^0.5.1, mkdirp@~0.5.1: - version "0.5.1" - resolved "https://registry.yarnpkg.com/mkdirp/-/mkdirp-0.5.1.tgz#30057438eac6cf7f8c4767f38648d6697d75c903" - dependencies: - minimist "0.0.8" - -mocha: - version "3.1.2" - resolved "https://registry.yarnpkg.com/mocha/-/mocha-3.1.2.tgz#51f93b432bf7e1b175ffc22883ccd0be32dba6b5" - dependencies: - browser-stdout "1.3.0" - commander "2.9.0" - debug "2.2.0" - diff "1.4.0" - escape-string-regexp "1.0.5" - glob "7.0.5" - growl "1.9.2" - json3 "3.3.2" - lodash.create "3.1.1" - mkdirp "0.5.1" - supports-color "3.1.2" - -ms@0.7.1: - version "0.7.1" - resolved "https://registry.yarnpkg.com/ms/-/ms-0.7.1.tgz#9cd13c03adbff25b65effde7ce864ee952017098" - -ms@0.7.2: - version "0.7.2" - resolved "https://registry.yarnpkg.com/ms/-/ms-0.7.2.tgz#ae25cf2512b3885a1d95d7f037868d8431124765" - -ms@2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/ms/-/ms-2.0.0.tgz#5608aeadfc00be6c2901df5f9861788de0d597c8" - -mute-stream@0.0.7: - version "0.0.7" - resolved "https://registry.yarnpkg.com/mute-stream/-/mute-stream-0.0.7.tgz#3075ce93bc21b8fab43e1bc4da7e8115ed1e7bab" - -nan@^2.3.0: - version "2.4.0" - resolved "https://registry.yarnpkg.com/nan/-/nan-2.4.0.tgz#fb3c59d45fe4effe215f0b890f8adf6eb32d2232" - -natural-compare@^1.4.0: - version "1.4.0" - resolved "https://registry.yarnpkg.com/natural-compare/-/natural-compare-1.4.0.tgz#4abebfeed7541f2c27acfb29bdbbd15c8d5ba4f7" - -node-fetch: - version "1.6.3" - resolved "https://registry.yarnpkg.com/node-fetch/-/node-fetch-1.6.3.tgz#dc234edd6489982d58e8f0db4f695029abcd8c04" - dependencies: - encoding "^0.1.11" - is-stream "^1.0.1" - -node-pre-gyp@^0.6.29: - version "0.6.31" - resolved "https://registry.yarnpkg.com/node-pre-gyp/-/node-pre-gyp-0.6.31.tgz#d8a00ddaa301a940615dbcc8caad4024d58f6017" - dependencies: - mkdirp "~0.5.1" - nopt "~3.0.6" - npmlog "^4.0.0" - rc "~1.1.6" - request "^2.75.0" - rimraf "~2.5.4" - semver "~5.3.0" - tar "~2.2.1" - tar-pack "~3.3.0" - -node-uuid@~1.4.7: - version "1.4.7" - resolved "https://registry.yarnpkg.com/node-uuid/-/node-uuid-1.4.7.tgz#6da5a17668c4b3dd59623bda11cf7fa4c1f60a6f" - -nopt@~3.0.6: - version "3.0.6" - resolved "https://registry.yarnpkg.com/nopt/-/nopt-3.0.6.tgz#c6465dbf08abcd4db359317f79ac68a646b28ff9" - dependencies: - abbrev "1" - -normalize-package-data@^2.3.2, normalize-package-data@^2.3.4: - version "2.3.5" - resolved "https://registry.yarnpkg.com/normalize-package-data/-/normalize-package-data-2.3.5.tgz#8d924f142960e1777e7ffe170543631cc7cb02df" - dependencies: - hosted-git-info "^2.1.4" - is-builtin-module "^1.0.0" - semver "2 || 3 || 4 || 5" - validate-npm-package-license "^3.0.1" - -normalize-path@^2.0.1: - version "2.0.1" - resolved "https://registry.yarnpkg.com/normalize-path/-/normalize-path-2.0.1.tgz#47886ac1662760d4261b7d979d241709d3ce3f7a" - -npmlog@^4.0.0: - version "4.0.0" - resolved "https://registry.yarnpkg.com/npmlog/-/npmlog-4.0.0.tgz#e094503961c70c1774eb76692080e8d578a9f88f" - dependencies: - are-we-there-yet "~1.1.2" - console-control-strings "~1.1.0" - gauge "~2.6.0" - set-blocking "~2.0.0" - -number-is-nan@^1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/number-is-nan/-/number-is-nan-1.0.1.tgz#097b602b53422a522c1afb8790318336941a011d" - -oauth-sign@~0.8.1: - version "0.8.2" - resolved "https://registry.yarnpkg.com/oauth-sign/-/oauth-sign-0.8.2.tgz#46a6ab7f0aead8deae9ec0565780b7d4efeb9d43" - -object-assign@^4.0.1, object-assign@^4.1.0: - version "4.1.0" - resolved "https://registry.yarnpkg.com/object-assign/-/object-assign-4.1.0.tgz#7a3b3d0e98063d43f4c03f2e8ae6cd51a86883a0" - -object.omit@^2.0.0: - version "2.0.1" - resolved "https://registry.yarnpkg.com/object.omit/-/object.omit-2.0.1.tgz#1a9c744829f39dbb858c76ca3579ae2a54ebd1fa" - dependencies: - for-own "^0.1.4" - is-extendable "^0.1.1" - -once@^1.3.0: - version "1.4.0" - resolved "https://registry.yarnpkg.com/once/-/once-1.4.0.tgz#583b1aa775961d4b113ac17d9c50baef9dd76bd1" - dependencies: - wrappy "1" - -once@~1.3.3: - version "1.3.3" - resolved "https://registry.yarnpkg.com/once/-/once-1.3.3.tgz#b2e261557ce4c314ec8304f3fa82663e4297ca20" - dependencies: - wrappy "1" - -onetime@^2.0.0: - version "2.0.1" - resolved "https://registry.yarnpkg.com/onetime/-/onetime-2.0.1.tgz#067428230fd67443b2794b22bba528b6867962d4" - dependencies: - mimic-fn "^1.0.0" - -optionator@^0.8.2: - version "0.8.2" - resolved "https://registry.yarnpkg.com/optionator/-/optionator-0.8.2.tgz#364c5e409d3f4d6301d6c0b4c05bba50180aeb64" - dependencies: - deep-is "~0.1.3" - fast-levenshtein "~2.0.4" - levn "~0.3.0" - prelude-ls "~1.1.2" - type-check "~0.3.2" - wordwrap "~1.0.0" - -os-tmpdir@^1.0.1, os-tmpdir@~1.0.1: - version "1.0.2" - resolved "https://registry.yarnpkg.com/os-tmpdir/-/os-tmpdir-1.0.2.tgz#bbe67406c79aa85c5cfec766fe5734555dfa1274" - -output-file-sync@^1.1.0: - version "1.1.2" - resolved "https://registry.yarnpkg.com/output-file-sync/-/output-file-sync-1.1.2.tgz#d0a33eefe61a205facb90092e826598d5245ce76" - dependencies: - graceful-fs "^4.1.4" - mkdirp "^0.5.1" - object-assign "^4.1.0" - -parse-glob@^3.0.4: - version "3.0.4" - resolved "https://registry.yarnpkg.com/parse-glob/-/parse-glob-3.0.4.tgz#b2c376cfb11f35513badd173ef0bb6e3a388391c" - dependencies: - glob-base "^0.3.0" - is-dotfile "^1.0.0" - is-extglob "^1.0.0" - is-glob "^2.0.0" - -parse-json@^2.2.0: - version "2.2.0" - resolved "https://registry.yarnpkg.com/parse-json/-/parse-json-2.2.0.tgz#f480f40434ef80741f8469099f8dea18f55a4dc9" - dependencies: - error-ex "^1.2.0" - -path-exists@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/path-exists/-/path-exists-1.0.0.tgz#d5a8998eb71ef37a74c34eb0d9eba6e878eea081" - -path-exists@^2.0.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/path-exists/-/path-exists-2.1.0.tgz#0feb6c64f0fc518d9a754dd5efb62c7022761f4b" - dependencies: - pinkie-promise "^2.0.0" - -path-is-absolute@^1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/path-is-absolute/-/path-is-absolute-1.0.1.tgz#174b9268735534ffbc7ace6bf53a5a9e1b5c5f5f" - -path-is-inside@^1.0.1, path-is-inside@^1.0.2: - version "1.0.2" - resolved "https://registry.yarnpkg.com/path-is-inside/-/path-is-inside-1.0.2.tgz#365417dede44430d1c11af61027facf074bdfc53" - -path-type@^1.0.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/path-type/-/path-type-1.1.0.tgz#59c44f7ee491da704da415da5a4070ba4f8fe441" - dependencies: - graceful-fs "^4.1.2" - pify "^2.0.0" - pinkie-promise "^2.0.0" - -pify@^2.0.0: - version "2.3.0" - resolved "https://registry.yarnpkg.com/pify/-/pify-2.3.0.tgz#ed141a6ac043a849ea588498e7dca8b15330e90c" - -pinkie-promise@^2.0.0: - version "2.0.1" - resolved "https://registry.yarnpkg.com/pinkie-promise/-/pinkie-promise-2.0.1.tgz#2135d6dfa7a358c069ac9b178776288228450ffa" - dependencies: - pinkie "^2.0.0" - -pinkie@^2.0.0: - version "2.0.4" - resolved "https://registry.yarnpkg.com/pinkie/-/pinkie-2.0.4.tgz#72556b80cfa0d48a974e80e77248e80ed4f7f870" - -pkg-dir@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/pkg-dir/-/pkg-dir-1.0.0.tgz#7a4b508a8d5bb2d629d447056ff4e9c9314cf3d4" - dependencies: - find-up "^1.0.0" - -pkg-up@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/pkg-up/-/pkg-up-1.0.0.tgz#3e08fb461525c4421624a33b9f7e6d0af5b05a26" - dependencies: - find-up "^1.0.0" - -pluralize@^4.0.0: - version "4.0.0" - resolved "https://registry.yarnpkg.com/pluralize/-/pluralize-4.0.0.tgz#59b708c1c0190a2f692f1c7618c446b052fd1762" - -prelude-ls@~1.1.2: - version "1.1.2" - resolved "https://registry.yarnpkg.com/prelude-ls/-/prelude-ls-1.1.2.tgz#21932a549f5e52ffd9a827f570e04be62a97da54" - -preserve@^0.2.0: - version "0.2.0" - resolved "https://registry.yarnpkg.com/preserve/-/preserve-0.2.0.tgz#815ed1f6ebc65926f865b310c0713bcb3315ce4b" - -private@^0.1.6, private@~0.1.5: - version "0.1.6" - resolved "https://registry.yarnpkg.com/private/-/private-0.1.6.tgz#55c6a976d0f9bafb9924851350fe47b9b5fbb7c1" - -process-nextick-args@~1.0.6: - version "1.0.7" - resolved "https://registry.yarnpkg.com/process-nextick-args/-/process-nextick-args-1.0.7.tgz#150e20b756590ad3f91093f25a4f2ad8bff30ba3" - -process@~0.5.1: - version "0.5.2" - resolved "https://registry.yarnpkg.com/process/-/process-0.5.2.tgz#1638d8a8e34c2f440a91db95ab9aeb677fc185cf" - -progress@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/progress/-/progress-2.0.0.tgz#8a1be366bf8fc23db2bd23f10c6fe920b4389d1f" - -punycode@^1.4.1: - version "1.4.1" - resolved "https://registry.yarnpkg.com/punycode/-/punycode-1.4.1.tgz#c0d5a63b2718800ad8e1eb0fa5269c84dd41845e" - -qs@~6.3.0: - version "6.3.0" - resolved "https://registry.yarnpkg.com/qs/-/qs-6.3.0.tgz#f403b264f23bc01228c74131b407f18d5ea5d442" - -randomatic@^1.1.3: - version "1.1.5" - resolved "https://registry.yarnpkg.com/randomatic/-/randomatic-1.1.5.tgz#5e9ef5f2d573c67bd2b8124ae90b5156e457840b" - dependencies: - is-number "^2.0.2" - kind-of "^3.0.2" - -rc@~1.1.6: - version "1.1.6" - resolved "https://registry.yarnpkg.com/rc/-/rc-1.1.6.tgz#43651b76b6ae53b5c802f1151fa3fc3b059969c9" - dependencies: - deep-extend "~0.4.0" - ini "~1.3.0" - minimist "^1.2.0" - strip-json-comments "~1.0.4" - -read-pkg-up@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/read-pkg-up/-/read-pkg-up-1.0.1.tgz#9d63c13276c065918d57f002a57f40a1b643fb02" - dependencies: - find-up "^1.0.0" - read-pkg "^1.0.0" - -read-pkg@^1.0.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/read-pkg/-/read-pkg-1.1.0.tgz#f5ffaa5ecd29cb31c0474bca7d756b6bb29e3f28" - dependencies: - load-json-file "^1.0.0" - normalize-package-data "^2.3.2" - path-type "^1.0.0" - -"readable-stream@^2.0.0 || ^1.1.13", readable-stream@^2.0.2, readable-stream@^2.2.2: - version "2.2.11" - resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.2.11.tgz#0796b31f8d7688007ff0b93a8088d34aa17c0f72" - dependencies: - core-util-is "~1.0.0" - inherits "~2.0.1" - isarray "~1.0.0" - process-nextick-args "~1.0.6" - safe-buffer "~5.0.1" - string_decoder "~1.0.0" - util-deprecate "~1.0.1" - -readable-stream@~2.1.4: - version "2.1.5" - resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.1.5.tgz#66fa8b720e1438b364681f2ad1a63c618448c9d0" - dependencies: - buffer-shims "^1.0.0" - core-util-is "~1.0.0" - inherits "~2.0.1" - isarray "~1.0.0" - process-nextick-args "~1.0.6" - string_decoder "~0.10.x" - util-deprecate "~1.0.1" - -readdirp@^2.0.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/readdirp/-/readdirp-2.1.0.tgz#4ed0ad060df3073300c48440373f72d1cc642d78" - dependencies: - graceful-fs "^4.1.2" - minimatch "^3.0.2" - readable-stream "^2.0.2" - set-immediate-shim "^1.0.1" - -recast: - version "0.11.18" - resolved "https://registry.yarnpkg.com/recast/-/recast-0.11.18.tgz#07af6257ca769868815209401d4d60eef1b5b947" - dependencies: - ast-types "0.9.2" - esprima "~3.1.0" - private "~0.1.5" - source-map "~0.5.0" - -redent@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/redent/-/redent-1.0.0.tgz#cf916ab1fd5f1f16dfb20822dd6ec7f730c2afde" - dependencies: - indent-string "^2.1.0" - strip-indent "^1.0.1" - -regenerate@^1.2.1: - version "1.3.2" - resolved "https://registry.yarnpkg.com/regenerate/-/regenerate-1.3.2.tgz#d1941c67bad437e1be76433add5b385f95b19260" - -regenerator-runtime@^0.10.0: - version "0.10.5" - resolved "https://registry.yarnpkg.com/regenerator-runtime/-/regenerator-runtime-0.10.5.tgz#336c3efc1220adcedda2c9fab67b5a7955a33658" - -regenerator-runtime@^0.9.5: - version "0.9.6" - resolved "https://registry.yarnpkg.com/regenerator-runtime/-/regenerator-runtime-0.9.6.tgz#d33eb95d0d2001a4be39659707c51b0cb71ce029" - -regex-cache@^0.4.2: - version "0.4.3" - resolved "https://registry.yarnpkg.com/regex-cache/-/regex-cache-0.4.3.tgz#9b1a6c35d4d0dfcef5711ae651e8e9d3d7114145" - dependencies: - is-equal-shallow "^0.1.3" - is-primitive "^2.0.0" - -regexpu-core@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/regexpu-core/-/regexpu-core-2.0.0.tgz#49d038837b8dcf8bfa5b9a42139938e6ea2ae240" - dependencies: - regenerate "^1.2.1" - regjsgen "^0.2.0" - regjsparser "^0.1.4" - -regjsgen@^0.2.0: - version "0.2.0" - resolved "https://registry.yarnpkg.com/regjsgen/-/regjsgen-0.2.0.tgz#6c016adeac554f75823fe37ac05b92d5a4edb1f7" - -regjsparser@^0.1.4: - version "0.1.5" - resolved "https://registry.yarnpkg.com/regjsparser/-/regjsparser-0.1.5.tgz#7ee8f84dc6fa792d3fd0ae228d24bd949ead205c" - dependencies: - jsesc "~0.5.0" - -repeat-element@^1.1.2: - version "1.1.2" - resolved "https://registry.yarnpkg.com/repeat-element/-/repeat-element-1.1.2.tgz#ef089a178d1483baae4d93eb98b4f9e4e11d990a" - -repeat-string@^1.5.2: - version "1.6.1" - resolved "https://registry.yarnpkg.com/repeat-string/-/repeat-string-1.6.1.tgz#8dcae470e1c88abc2d600fff4a776286da75e637" - -repeating@^2.0.0: - version "2.0.1" - resolved "https://registry.yarnpkg.com/repeating/-/repeating-2.0.1.tgz#5214c53a926d3552707527fbab415dbc08d06dda" - dependencies: - is-finite "^1.0.0" - -request@^2.65.0, request@^2.75.0: - version "2.78.0" - resolved "https://registry.yarnpkg.com/request/-/request-2.78.0.tgz#e1c8dec346e1c81923b24acdb337f11decabe9cc" - dependencies: - aws-sign2 "~0.6.0" - aws4 "^1.2.1" - caseless "~0.11.0" - combined-stream "~1.0.5" - extend "~3.0.0" - forever-agent "~0.6.1" - form-data "~2.1.1" - har-validator "~2.0.6" - hawk "~3.1.3" - http-signature "~1.1.0" - is-typedarray "~1.0.0" - isstream "~0.1.2" - json-stringify-safe "~5.0.1" - mime-types "~2.1.7" - node-uuid "~1.4.7" - oauth-sign "~0.8.1" - qs "~6.3.0" - stringstream "~0.0.4" - tough-cookie "~2.3.0" - tunnel-agent "~0.4.1" - -<<<<<<< HEAD -<<<<<<< HEAD -<<<<<<< HEAD -require-uncached@^1.0.3: -======= -request@^2.79.0: - version "2.81.0" - resolved "https://registry.yarnpkg.com/request/-/request-2.81.0.tgz#c6928946a0e06c5f8d6f8a9333469ffda46298a0" - dependencies: - aws-sign2 "~0.6.0" - aws4 "^1.2.1" - caseless "~0.12.0" - combined-stream "~1.0.5" - extend "~3.0.0" - forever-agent "~0.6.1" - form-data "~2.1.1" - har-validator "~4.2.1" - hawk "~3.1.3" - http-signature "~1.1.0" - is-typedarray "~1.0.0" - isstream "~0.1.2" - json-stringify-safe "~5.0.1" - mime-types "~2.1.7" - oauth-sign "~0.8.1" - performance-now "^0.2.0" - qs "~6.4.0" - safe-buffer "^5.0.1" - stringstream "~0.0.4" - tough-cookie "~2.3.0" - tunnel-agent "^0.6.0" - uuid "^3.0.0" - -======= ->>>>>>> Revert "add-user and authorization prototype" -require-uncached@^1.0.2: ->>>>>>> add-user and authorization prototype -======= -require-uncached@^1.0.3: ->>>>>>> origin/master - version "1.0.3" - resolved "https://registry.yarnpkg.com/require-uncached/-/require-uncached-1.0.3.tgz#4e0d56d6c9662fd31e43011c4b95aa49955421d3" - dependencies: - caller-path "^0.1.0" - resolve-from "^1.0.0" - -resolve-from@^1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/resolve-from/-/resolve-from-1.0.1.tgz#26cbfe935d1aeeeabb29bc3fe5aeb01e93d44226" - -resolve@^1.1.6: - version "1.1.7" - resolved "https://registry.yarnpkg.com/resolve/-/resolve-1.1.7.tgz#203114d82ad2c5ed9e8e0411b3932875e889e97b" - -restore-cursor@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/restore-cursor/-/restore-cursor-2.0.0.tgz#9f7ee287f82fd326d4fd162923d62129eee0dfaf" - dependencies: - onetime "^2.0.0" - signal-exit "^3.0.2" - -rimraf, rimraf@2, rimraf@^2.2.8, rimraf@^2.5.4, rimraf@~2.5.1, rimraf@~2.5.4: - version "2.5.4" - resolved "https://registry.yarnpkg.com/rimraf/-/rimraf-2.5.4.tgz#96800093cbf1a0c86bd95b4625467535c29dfa04" - dependencies: - glob "^7.0.5" - -run-async@^2.2.0: - version "2.3.0" - resolved "https://registry.yarnpkg.com/run-async/-/run-async-2.3.0.tgz#0371ab4ae0bdd720d4166d7dfda64ff7a445a6c0" - dependencies: - is-promise "^2.1.0" - -rx-lite-aggregates@^4.0.8: - version "4.0.8" - resolved "https://registry.yarnpkg.com/rx-lite-aggregates/-/rx-lite-aggregates-4.0.8.tgz#753b87a89a11c95467c4ac1626c4efc4e05c67be" - dependencies: - rx-lite "*" - -rx-lite@*, rx-lite@^4.0.8: - version "4.0.8" - resolved "https://registry.yarnpkg.com/rx-lite/-/rx-lite-4.0.8.tgz#0b1e11af8bc44836f04a6407e92da42467b79444" - -safe-buffer@~5.0.1: - version "5.0.1" - resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.0.1.tgz#d263ca54696cd8a306b5ca6551e92de57918fbe7" - -semver-regex@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/semver-regex/-/semver-regex-1.0.0.tgz#92a4969065f9c70c694753d55248fc68f8f652c9" - -semver-truncate@^1.0.0: - version "1.1.2" - resolved "https://registry.yarnpkg.com/semver-truncate/-/semver-truncate-1.1.2.tgz#57f41de69707a62709a7e0104ba2117109ea47e8" - dependencies: - semver "^5.3.0" - -"semver@2 || 3 || 4 || 5", semver@^5.3.0, semver@~5.3.0: - version "5.3.0" - resolved "https://registry.yarnpkg.com/semver/-/semver-5.3.0.tgz#9b2ce5d3de02d17c6012ad326aa6b4d0cf54f94f" - -semver@^4.0.3: - version "4.3.6" - resolved "https://registry.yarnpkg.com/semver/-/semver-4.3.6.tgz#300bc6e0e86374f7ba61068b5b1ecd57fc6532da" - -set-blocking@~2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/set-blocking/-/set-blocking-2.0.0.tgz#045f9782d011ae9a6803ddd382b24392b3d890f7" - -set-immediate-shim@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/set-immediate-shim/-/set-immediate-shim-1.0.1.tgz#4b2b1b27eb808a9f8dcc481a58e5e56f599f3f61" - -shebang-regex@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/shebang-regex/-/shebang-regex-1.0.0.tgz#da42f49740c0b42db2ca9728571cb190c98efea3" - -signal-exit@^3.0.0, signal-exit@^3.0.2: - version "3.0.2" - resolved "https://registry.yarnpkg.com/signal-exit/-/signal-exit-3.0.2.tgz#b5fdc08f1287ea1178628e415e25132b73646c6d" - -slash@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/slash/-/slash-1.0.0.tgz#c41f2f6c39fc16d1cd17ad4b5d896114ae470d55" - -slice-ansi@0.0.4: - version "0.0.4" - resolved "https://registry.yarnpkg.com/slice-ansi/-/slice-ansi-0.0.4.tgz#edbf8903f66f7ce2f8eafd6ceed65e264c831b35" - -sntp@1.x.x: - version "1.0.9" - resolved "https://registry.yarnpkg.com/sntp/-/sntp-1.0.9.tgz#6541184cc90aeea6c6e7b35e2659082443c66198" - dependencies: - hoek "2.x.x" - -source-map-support@^0.4.2: - version "0.4.6" - resolved "https://registry.yarnpkg.com/source-map-support/-/source-map-support-0.4.6.tgz#32552aa64b458392a85eab3b0b5ee61527167aeb" - dependencies: - source-map "^0.5.3" - -source-map@^0.5.0, source-map@^0.5.3, source-map@~0.5.0: - version "0.5.6" - resolved "https://registry.yarnpkg.com/source-map/-/source-map-0.5.6.tgz#75ce38f52bf0733c5a7f0c118d81334a2bb5f412" - -spdx-correct@~1.0.0: - version "1.0.2" - resolved "https://registry.yarnpkg.com/spdx-correct/-/spdx-correct-1.0.2.tgz#4b3073d933ff51f3912f03ac5519498a4150db40" - dependencies: - spdx-license-ids "^1.0.2" - -spdx-expression-parse@~1.0.0: - version "1.0.4" - resolved "https://registry.yarnpkg.com/spdx-expression-parse/-/spdx-expression-parse-1.0.4.tgz#9bdf2f20e1f40ed447fbe273266191fced51626c" - -spdx-license-ids@^1.0.2: - version "1.2.2" - resolved "https://registry.yarnpkg.com/spdx-license-ids/-/spdx-license-ids-1.2.2.tgz#c9df7a3424594ade6bd11900d596696dc06bac57" - -sprintf-js@~1.0.2: - version "1.0.3" - resolved "https://registry.yarnpkg.com/sprintf-js/-/sprintf-js-1.0.3.tgz#04e6926f662895354f3dd015203633b857297e2c" - -sshpk@^1.7.0: - version "1.10.1" - resolved "https://registry.yarnpkg.com/sshpk/-/sshpk-1.10.1.tgz#30e1a5d329244974a1af61511339d595af6638b0" - dependencies: - asn1 "~0.2.3" - assert-plus "^1.0.0" - dashdash "^1.12.0" - getpass "^0.1.1" - optionalDependencies: - bcrypt-pbkdf "^1.0.0" - ecc-jsbn "~0.1.1" - jodid25519 "^1.0.0" - jsbn "~0.1.0" - tweetnacl "~0.14.0" - -string-width@^1.0.1: - version "1.0.2" - resolved "https://registry.yarnpkg.com/string-width/-/string-width-1.0.2.tgz#118bdf5b8cdc51a2a7e70d211e07e2b0b9b107d3" - dependencies: - code-point-at "^1.0.0" - is-fullwidth-code-point "^1.0.0" - strip-ansi "^3.0.0" - -string-width@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/string-width/-/string-width-2.0.0.tgz#635c5436cc72a6e0c387ceca278d4e2eec52687e" - dependencies: - is-fullwidth-code-point "^2.0.0" - strip-ansi "^3.0.0" - -string_decoder@~0.10.x: - version "0.10.31" - resolved "https://registry.yarnpkg.com/string_decoder/-/string_decoder-0.10.31.tgz#62e203bc41766c6c28c9fc84301dab1c5310fa94" - -string_decoder@~1.0.0: - version "1.0.2" - resolved "https://registry.yarnpkg.com/string_decoder/-/string_decoder-1.0.2.tgz#b29e1f4e1125fa97a10382b8a533737b7491e179" - dependencies: - safe-buffer "~5.0.1" - -stringstream@~0.0.4: - version "0.0.5" - resolved "https://registry.yarnpkg.com/stringstream/-/stringstream-0.0.5.tgz#4e484cd4de5a0bbbee18e46307710a8a81621878" - -strip-ansi@^3.0.0, strip-ansi@^3.0.1: - version "3.0.1" - resolved "https://registry.yarnpkg.com/strip-ansi/-/strip-ansi-3.0.1.tgz#6a385fb8853d952d5ff05d0e8aaf94278dc63dcf" - dependencies: - ansi-regex "^2.0.0" - -strip-bom@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/strip-bom/-/strip-bom-2.0.0.tgz#6219a85616520491f35788bdbf1447a99c7e6b0e" - dependencies: - is-utf8 "^0.2.0" - -strip-indent@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/strip-indent/-/strip-indent-1.0.1.tgz#0c7962a6adefa7bbd4ac366460a638552ae1a0a2" - dependencies: - get-stdin "^4.0.1" - -strip-json-comments@~1.0.4: - version "1.0.4" - resolved "https://registry.yarnpkg.com/strip-json-comments/-/strip-json-comments-1.0.4.tgz#1e15fbcac97d3ee99bf2d73b4c656b082bbafb91" - -strip-json-comments@~2.0.1: - version "2.0.1" - resolved "https://registry.yarnpkg.com/strip-json-comments/-/strip-json-comments-2.0.1.tgz#3c531942e908c2697c0ec344858c286c7ca0a60a" - -supports-color@3.1.2: - version "3.1.2" - resolved "https://registry.yarnpkg.com/supports-color/-/supports-color-3.1.2.tgz#72a262894d9d408b956ca05ff37b2ed8a6e2a2d5" - dependencies: - has-flag "^1.0.0" - -supports-color@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/supports-color/-/supports-color-2.0.0.tgz#535d045ce6b6363fa40117084629995e9df324c7" - -table@^4.0.1: - version "4.0.1" - resolved "https://registry.yarnpkg.com/table/-/table-4.0.1.tgz#a8116c133fac2c61f4a420ab6cdf5c4d61f0e435" - dependencies: - ajv "^4.7.0" - ajv-keywords "^1.0.0" - chalk "^1.1.1" - lodash "^4.0.0" - slice-ansi "0.0.4" - string-width "^2.0.0" - -tar-pack@~3.3.0: - version "3.3.0" - resolved "https://registry.yarnpkg.com/tar-pack/-/tar-pack-3.3.0.tgz#30931816418f55afc4d21775afdd6720cee45dae" - dependencies: - debug "~2.2.0" - fstream "~1.0.10" - fstream-ignore "~1.0.5" - once "~1.3.3" - readable-stream "~2.1.4" - rimraf "~2.5.1" - tar "~2.2.1" - uid-number "~0.0.6" - -tar@~2.2.1: - version "2.2.1" - resolved "https://registry.yarnpkg.com/tar/-/tar-2.2.1.tgz#8e4d2a256c0e2185c6b18ad694aec968b83cb1d1" - dependencies: - block-stream "*" - fstream "^1.0.2" - inherits "2" - -text-table@~0.2.0: - version "0.2.0" - resolved "https://registry.yarnpkg.com/text-table/-/text-table-0.2.0.tgz#7f5ee823ae805207c00af2df4a84ec3fcfa570b4" - -through@^2.3.6: - version "2.3.8" - resolved "https://registry.yarnpkg.com/through/-/through-2.3.8.tgz#0dd4c9ffaabc357960b1b724115d7e0e86a2e1f5" - -tmp@^0.0.31: - version "0.0.31" - resolved "https://registry.yarnpkg.com/tmp/-/tmp-0.0.31.tgz#8f38ab9438e17315e5dbd8b3657e8bfb277ae4a7" - dependencies: - os-tmpdir "~1.0.1" - -to-fast-properties@^1.0.1: - version "1.0.2" - resolved "https://registry.yarnpkg.com/to-fast-properties/-/to-fast-properties-1.0.2.tgz#f3f5c0c3ba7299a7ef99427e44633257ade43320" - -tough-cookie@~2.3.0: - version "2.3.2" - resolved "https://registry.yarnpkg.com/tough-cookie/-/tough-cookie-2.3.2.tgz#f081f76e4c85720e6c37a5faced737150d84072a" - dependencies: - punycode "^1.4.1" - -trim-newlines@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/trim-newlines/-/trim-newlines-1.0.0.tgz#5887966bb582a4503a41eb524f7d35011815a613" - -tryit@^1.0.1: - version "1.0.3" - resolved "https://registry.yarnpkg.com/tryit/-/tryit-1.0.3.tgz#393be730a9446fd1ead6da59a014308f36c289cb" - -tunnel-agent@~0.4.1: - version "0.4.3" - resolved "https://registry.yarnpkg.com/tunnel-agent/-/tunnel-agent-0.4.3.tgz#6373db76909fe570e08d73583365ed828a74eeeb" - -tweetnacl@^0.14.3, tweetnacl@~0.14.0: - version "0.14.3" - resolved "https://registry.yarnpkg.com/tweetnacl/-/tweetnacl-0.14.3.tgz#3da382f670f25ded78d7b3d1792119bca0b7132d" - -type-check@~0.3.2: - version "0.3.2" - resolved "https://registry.yarnpkg.com/type-check/-/type-check-0.3.2.tgz#5884cab512cf1d355e3fb784f30804b2b520db72" - dependencies: - prelude-ls "~1.1.2" - -type-detect@0.1.1: - version "0.1.1" - resolved "https://registry.yarnpkg.com/type-detect/-/type-detect-0.1.1.tgz#0ba5ec2a885640e470ea4e8505971900dac58822" - -type-detect@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/type-detect/-/type-detect-1.0.0.tgz#762217cc06db258ec48908a1298e8b95121e8ea2" - -typedarray@^0.0.6: - version "0.0.6" - resolved "https://registry.yarnpkg.com/typedarray/-/typedarray-0.0.6.tgz#867ac74e3864187b1d3d47d996a78ec5c8830777" - -uid-number@~0.0.6: - version "0.0.6" - resolved "https://registry.yarnpkg.com/uid-number/-/uid-number-0.0.6.tgz#0ea10e8035e8eb5b8e4449f06da1c730663baa81" - -user-home@^1.1.1: - version "1.1.1" - resolved "https://registry.yarnpkg.com/user-home/-/user-home-1.1.1.tgz#2b5be23a32b63a7c9deb8d0f28d485724a3df190" - -util-deprecate@~1.0.1: - version "1.0.2" - resolved "https://registry.yarnpkg.com/util-deprecate/-/util-deprecate-1.0.2.tgz#450d4dc9fa70de732762fbd2d4a28981419a0ccf" - -v8flags@^2.0.10: - version "2.0.11" - resolved "https://registry.yarnpkg.com/v8flags/-/v8flags-2.0.11.tgz#bca8f30f0d6d60612cc2c00641e6962d42ae6881" - dependencies: - user-home "^1.1.1" - -validate-npm-package-license@^3.0.1: - version "3.0.1" - resolved "https://registry.yarnpkg.com/validate-npm-package-license/-/validate-npm-package-license-3.0.1.tgz#2804babe712ad3379459acfbe24746ab2c303fbc" - dependencies: - spdx-correct "~1.0.0" - spdx-expression-parse "~1.0.0" - -verror@1.3.6: - version "1.3.6" - resolved "https://registry.yarnpkg.com/verror/-/verror-1.3.6.tgz#cff5df12946d297d2baaefaa2689e25be01c005c" - dependencies: - extsprintf "1.0.2" - -wide-align@^1.1.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/wide-align/-/wide-align-1.1.0.tgz#40edde802a71fea1f070da3e62dcda2e7add96ad" - dependencies: - string-width "^1.0.1" - -wordwrap@~1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/wordwrap/-/wordwrap-1.0.0.tgz#27584810891456a4171c8d0226441ade90cbcaeb" - -wrappy@1: - version "1.0.2" - resolved "https://registry.yarnpkg.com/wrappy/-/wrappy-1.0.2.tgz#b5243d8f3ec1aa35f1364605bc0d1036e30ab69f" - -write@^0.2.1: - version "0.2.1" - resolved "https://registry.yarnpkg.com/write/-/write-0.2.1.tgz#5fc03828e264cea3fe91455476f7a3c566cb0757" - dependencies: - mkdirp "^0.5.1" - -xtend@^4.0.0: - version "4.0.1" - resolved "https://registry.yarnpkg.com/xtend/-/xtend-4.0.1.tgz#a5c6d532be656e23db820efb943a1f04998d63af" From e14762ba0f2c2dbad812de106f4efbb93737a6a6 Mon Sep 17 00:00:00 2001 From: tobkle Date: Fri, 25 Aug 2017 19:43:00 +0200 Subject: [PATCH 59/69] remove yarn.lock error --- test/output-app/log/all-logs-readable.log | 2104 ++++++++++ test/output-app/package.json | 2 +- test/output-app/yarn.lock | 4403 +++++++++++++++++++++ yarn.lock | 3047 ++++++++++++++ 4 files changed, 9555 insertions(+), 1 deletion(-) create mode 100644 test/output-app/yarn.lock create mode 100644 yarn.lock diff --git a/test/output-app/log/all-logs-readable.log b/test/output-app/log/all-logs-readable.log index 61f4460..dc0f131 100644 --- a/test/output-app/log/all-logs-readable.log +++ b/test/output-app/log/all-logs-readable.log @@ -25916,3 +25916,2107 @@ Query: 2017-08-20 16:22:28 Logger started 2017-08-20 16:23:16 Logger started 2017-08-20 16:23:27 Logger started +2017-08-25 19:39:58 Logger started +2017-08-25 19:40:49 -------------------------------------------------------------------------------- +2017-08-25 19:40:49 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-08-25 19:40:49 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:40:49 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:14 -------------------------------------------------------------------------------- +2017-08-25 19:41:14 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-08-25 19:41:14 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:14 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:14 -------------------------------------------------------------------------------- +2017-08-25 19:41:14 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + role + username + } +} + +2017-08-25 19:41:14 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:14 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:14 -------------------------------------------------------------------------------- +2017-08-25 19:41:14 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + role + username + } +} + +2017-08-25 19:41:14 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:14 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:14 -------------------------------------------------------------------------------- +2017-08-25 19:41:14 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca2") { + role + username + } +} + +2017-08-25 19:41:14 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:14 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:14 -------------------------------------------------------------------------------- +2017-08-25 19:41:14 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + id + username + bio + } +} + +2017-08-25 19:41:14 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:14 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:14 -------------------------------------------------------------------------------- +2017-08-25 19:41:14 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users { + username + createdAt + } +} + +2017-08-25 19:41:14 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:14 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:14 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:14 -------------------------------------------------------------------------------- +2017-08-25 19:41:14 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(limit: 1) { + username + createdAt + } +} + +2017-08-25 19:41:14 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:14 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:14 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:14 -------------------------------------------------------------------------------- +2017-08-25 19:41:14 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993) { + username + createdAt + } +} + +2017-08-25 19:41:14 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:14 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:14 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:14 -------------------------------------------------------------------------------- +2017-08-25 19:41:14 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } +} + +2017-08-25 19:41:14 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:14 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:14 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:14 -------------------------------------------------------------------------------- +2017-08-25 19:41:14 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers { + username + createdAt + } + } +} + +2017-08-25 19:41:14 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:14 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:14 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:14 -------------------------------------------------------------------------------- +2017-08-25 19:41:14 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(limit: 1) { + username + createdAt + } + } +} + +2017-08-25 19:41:14 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:14 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:14 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:14 -------------------------------------------------------------------------------- +2017-08-25 19:41:14 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-08-25 19:41:14 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:14 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:14 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-08-25 19:41:14 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:14 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following { + username + createdAt + } + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(limit: 1) { + username + createdAt + } + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets { + id + createdAt + } + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(limit: 1) { + id + createdAt + } + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked { + id + createdAt + } + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(limit: 1) { + id + createdAt + } + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334) { + id + createdAt + } + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334, limit: 1) { + id + createdAt + } + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + id + body + } +} + +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + author { + username + } + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets { + id + createdAt + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(limit: 1) { + id + createdAt + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers { + username + createdAt + } + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(limit: 1) { + username + createdAt + } + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993) { + username + createdAt + } + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { + id + role + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-25 19:41:15 inserted user 59a0613b1b8ffd322f99773f. +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "tobkle", role: "admin", id: "59a0613b1b8ffd322f99773f", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized +2017-08-25 19:41:15 inserted user 59a0613b1b8ffd322f997740. +2017-08-25 19:41:15 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "tobkle", role: "admin", id: "59a0613b1b8ffd322f99773f", +Operation: "", variables: "", +Query: +{ + user(id: "59a0613b1b8ffd322f997740") { + username + bio + role + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "tobkle", role: "admin", id: "59a0613b1b8ffd322f99773f", +Operation: "", variables: "", +Query: +{ + user(id: "59a0613b1b8ffd322f99773f") { + username + role + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "tobkle", role: "admin", id: "59a0613b1b8ffd322f99773f", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a0613b1b8ffd322f997740", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-25 19:41:15 updated user 59a0613b1b8ffd322f997740. +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "tobkle", role: "admin", id: "59a0613b1b8ffd322f99773f", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a0613b1b8ffd322f99773f", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-25 19:41:15 updated user 59a0613b1b8ffd322f99773f. +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "tobkle", role: "admin", id: "59a0613b1b8ffd322f99773f", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a0613b1b8ffd322f997740", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + username + bio + role + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-25 19:41:15 updated user 59a0613b1b8ffd322f997740. +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "tobkle", role: "admin", id: "59a0613b1b8ffd322f99773f", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a0613b1b8ffd322f99773f", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-25 19:41:15 updated user 59a0613b1b8ffd322f99773f. +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "tobkle", role: "editor", id: "59a0613b1b8ffd322f99773f", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a0613b1b8ffd322f99773f", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a0613b1b8ffd322f99773f" + } + ] +} +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-25 19:41:15 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a0613b1b8ffd322f99773f" + } + ] +} +2017-08-25 19:41:15 updated user 59a0613b1b8ffd322f99773f. +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "zoltan", role: "admin", id: "59a0613b1b8ffd322f997740", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a0613b1b8ffd322f99773f", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'zoltan' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'zoltan' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize update 'updateUser' with user 'zoltan' and role 'admin' is authorized +2017-08-25 19:41:15 updated user 59a0613b1b8ffd322f99773f. +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "tobkle", role: "admin", id: "59a0613b1b8ffd322f99773f", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59a0613b1b8ffd322f997740") +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-25 19:41:15 removed user 59a0613b1b8ffd322f997740. +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "tobkle", role: "admin", id: "59a0613b1b8ffd322f99773f", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59a0613b1b8ffd322f99773f", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-25 19:41:15 inserted tweet 59a0613b1b8ffd322f997741. +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "tobkle", role: "admin", id: "59a0613b1b8ffd322f99773f", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "tobkle", role: "admin", id: "59a0613b1b8ffd322f99773f", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a0613b1b8ffd322f997741") { + author { + id + } + body + } +} + +2017-08-25 19:41:15 inserted tweet 59a0613b1b8ffd322f997742. +2017-08-25 19:41:15 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "tobkle", role: "admin", id: "59a0613b1b8ffd322f99773f", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "tobkle", role: "admin", id: "59a0613b1b8ffd322f99773f", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59a0613b1b8ffd322f997741", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-25 19:41:15 updated tweet 59a0613b1b8ffd322f997741. +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "tobkle", role: "admin", id: "59a0613b1b8ffd322f99773f", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59a0613b1b8ffd322f997742", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-25 19:41:15 updated tweet 59a0613b1b8ffd322f997742. +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "tobkle", role: "admin", id: "59a0613b1b8ffd322f99773f", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a0613b1b8ffd322f997741") { + body + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "tobkle", role: "admin", id: "59a0613b1b8ffd322f99773f", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59a0613b1b8ffd322f997741") +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-25 19:41:15 removed tweet 59a0613b1b8ffd322f997741. +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "tobkle", role: "admin", id: "59a0613b1b8ffd322f99773f", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59a0613b1b8ffd322f997742") +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-25 19:41:15 removed tweet 59a0613b1b8ffd322f997742. +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "tobkle", role: "admin", id: "59a0613b1b8ffd322f99773f", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a0613b1b8ffd322f997741") { + body + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "tobkle", role: "admin", id: "59a0613b1b8ffd322f99773f", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59a0613b1b8ffd322f99773f") +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-25 19:41:15 removed user 59a0613b1b8ffd322f99773f. +2017-08-25 19:41:15 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59a0613b1b8ffd322f99773f") { + username + bio + role + } +} + +2017-08-25 19:41:15 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-25 19:41:15 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-25 19:41:15 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-08-25 19:41:15 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-25 19:41:15 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-25 19:41:15 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-25 19:41:15 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-25 19:41:15 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. +2017-08-25 19:41:15 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-25 19:41:15 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-25 19:41:15 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. +2017-08-25 19:41:15 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-25 19:41:15 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-25 19:41:15 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-25 19:41:15 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-25 19:41:15 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-25 19:41:15 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-25 19:41:15 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-25 19:41:15 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-25 19:41:15 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-25 19:41:15 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-25 19:41:15 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-25 19:41:15 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-25 19:41:15 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-25 19:41:15 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-25 19:41:15 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-25 19:41:15 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-25 19:41:15 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-25 19:41:15 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-25 19:41:15 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-25 19:41:15 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-25 19:41:15 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-25 19:41:15 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-25 19:41:15 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-25 19:41:15 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { + id + role + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 inserted user 59a0613b1b8ffd322f997743. +2017-08-25 19:41:15 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. +2017-08-25 19:41:15 Request: +User: "tobkle", role: "user", id: "59a0613b1b8ffd322f997743", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a0613b1b8ffd322f997743" + } + ] +} +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-25 19:41:15 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "tobkle", role: "user", id: "59a0613b1b8ffd322f997743", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a0613b1b8ffd322f997743" + } + ] +} +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "tobkle", role: "user", id: "59a0613b1b8ffd322f997743", +Operation: "", variables: "", +Query: +{ + user(id: "59a0613b1b8ffd322f997743") { + username + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a0613b1b8ffd322f997743" + } + ] +} +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "tobkle", role: "user", id: "59a0613b1b8ffd322f997743", +Operation: "", variables: "", +Query: +{ + user(id: "59a0613b1b8ffd322f997743") { + username + role + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a0613b1b8ffd322f997743" + } + ] +} +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "tobkle", role: "user", id: "59a0613b1b8ffd322f997743", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a0613b1b8ffd322f997743" + } + ] +} +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-25 19:41:15 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a0613b1b8ffd322f997743" + } + ] +} +2017-08-25 19:41:15 ERROR update user not possible for 583291a1638566b3c5a92ca1. +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "tobkle", role: "user", id: "59a0613b1b8ffd322f997743", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a0613b1b8ffd322f997743", input: {username: "tobkle", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a0613b1b8ffd322f997743" + } + ] +} +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-25 19:41:15 updated user 59a0613b1b8ffd322f997743. +2017-08-25 19:41:15 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a0613b1b8ffd322f997743" + } + ] +} +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "tobkle", role: "user", id: "59a0613b1b8ffd322f997743", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a0613b1b8ffd322f997743", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a0613b1b8ffd322f997743" + } + ] +} +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-25 19:41:15 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a0613b1b8ffd322f997743" + } + ] +} +2017-08-25 19:41:15 updated user 59a0613b1b8ffd322f997743. +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "tobkle", role: "user", id: "59a0613b1b8ffd322f997743", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a0613b1b8ffd322f997743" + } + ] +} +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-25 19:41:15 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a0613b1b8ffd322f997743" + } + ] +} +2017-08-25 19:41:15 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "tobkle", role: "user", id: "59a0613b1b8ffd322f997743", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59a0613b1b8ffd322f997743", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a0613b1b8ffd322f997743" + } + ] +} +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-25 19:41:15 Authorize create 'createTweet' with user 'tobkle' and role: 'user' is authorized by docRole. +2017-08-25 19:41:15 inserted tweet 59a0613b1b8ffd322f997744. +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. +2017-08-25 19:41:15 Request: +User: "tobkle", role: "user", id: "59a0613b1b8ffd322f997743", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a0613b1b8ffd322f997743" + } + ] +} +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-25 19:41:15 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "tobkle", role: "user", id: "59a0613b1b8ffd322f997743", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a0613b1b8ffd322f997744") { + author { + id + } + body + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a0613b1b8ffd322f997743" + } + ] +} +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "tobkle", role: "user", id: "59a0613b1b8ffd322f997743", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a0613b1b8ffd322f997743" + } + ] +} +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "tobkle", role: "user", id: "59a0613b1b8ffd322f997743", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59a0613b1b8ffd322f997744", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a0613b1b8ffd322f997743" + } + ] +} +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-25 19:41:15 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59a0613b1b8ffd322f997743" + }, + { + "coauthorsIds": "59a0613b1b8ffd322f997743" + } + ] +} +2017-08-25 19:41:15 updated tweet 59a0613b1b8ffd322f997744. +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "tobkle", role: "user", id: "59a0613b1b8ffd322f997743", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a0613b1b8ffd322f997743" + } + ] +} +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-25 19:41:15 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59a0613b1b8ffd322f997743" + }, + { + "coauthorsIds": "59a0613b1b8ffd322f997743" + } + ] +} +2017-08-25 19:41:15 ERROR update tweet not possible for 583676d3618530145474e352. +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "tobkle", role: "user", id: "59a0613b1b8ffd322f997743", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a0613b1b8ffd322f997744") { + body + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a0613b1b8ffd322f997743" + } + ] +} +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "tobkle", role: "user", id: "59a0613b1b8ffd322f997743", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59a0613b1b8ffd322f997744") +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a0613b1b8ffd322f997743" + } + ] +} +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-25 19:41:15 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59a0613b1b8ffd322f997743" + } + ] +} +2017-08-25 19:41:15 removed tweet 59a0613b1b8ffd322f997744. +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "tobkle", role: "user", id: "59a0613b1b8ffd322f997743", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a0613b1b8ffd322f997743" + } + ] +} +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-25 19:41:15 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59a0613b1b8ffd322f997743" + } + ] +} +2017-08-25 19:41:15 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "tobkle", role: "user", id: "59a0613b1b8ffd322f997743", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a0613b1b8ffd322f997744") { + body + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a0613b1b8ffd322f997743" + } + ] +} +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "tobkle", role: "user", id: "59a0613b1b8ffd322f997743", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59a0613b1b8ffd322f997743") +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a0613b1b8ffd322f997743" + } + ] +} +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-25 19:41:15 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a0613b1b8ffd322f997743" + } + ] +} +2017-08-25 19:41:15 removed user 59a0613b1b8ffd322f997743. +2017-08-25 19:41:15 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59a0613b1b8ffd322f997743") { + username + bio + role + } +} + +2017-08-25 19:41:15 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { + id + role + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-25 19:41:15 inserted user 59a0613b1b8ffd322f997745. +2017-08-25 19:41:15 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. +2017-08-25 19:41:15 Request: +User: "tobkle", role: "editor", id: "59a0613b1b8ffd322f997745", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a0613b1b8ffd322f997745" + } + ] +} +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-25 19:41:15 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "tobkle", role: "editor", id: "59a0613b1b8ffd322f997745", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a0613b1b8ffd322f997745" + } + ] +} +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "tobkle", role: "editor", id: "59a0613b1b8ffd322f997745", +Operation: "", variables: "", +Query: +{ + user(id: "59a0613b1b8ffd322f997745") { + username + role + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a0613b1b8ffd322f997745" + } + ] +} +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-25 19:41:15 -------------------------------------------------------------------------------- +2017-08-25 19:41:15 Request: +User: "tobkle", role: "editor", id: "59a0613b1b8ffd322f997745", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a0613b1b8ffd322f997745" + } + ] +} +2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-25 19:41:15 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a0613b1b8ffd322f997745" + } + ] +} +2017-08-25 19:41:15 ERROR update user not possible for 583291a1638566b3c5a92ca1. +2017-08-25 19:41:16 -------------------------------------------------------------------------------- +2017-08-25 19:41:16 Request: +User: "tobkle", role: "editor", id: "59a0613b1b8ffd322f997745", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a0613b1b8ffd322f997745", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-08-25 19:41:16 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a0613b1b8ffd322f997745" + } + ] +} +2017-08-25 19:41:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-25 19:41:16 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a0613b1b8ffd322f997745" + } + ] +} +2017-08-25 19:41:16 updated user 59a0613b1b8ffd322f997745. +2017-08-25 19:41:16 -------------------------------------------------------------------------------- +2017-08-25 19:41:16 Request: +User: "tmeasday", role: "editor", id: "59a0613b1b8ffd322f997745", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a0613b1b8ffd322f997745", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-25 19:41:16 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a0613b1b8ffd322f997745" + } + ] +} +2017-08-25 19:41:16 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-25 19:41:16 Authorize update 'updateUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a0613b1b8ffd322f997745" + } + ] +} +2017-08-25 19:41:16 updated user 59a0613b1b8ffd322f997745. +2017-08-25 19:41:16 -------------------------------------------------------------------------------- +2017-08-25 19:41:16 Request: +User: "tmeasday", role: "editor", id: "59a0613b1b8ffd322f997745", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-25 19:41:16 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a0613b1b8ffd322f997745" + } + ] +} +2017-08-25 19:41:16 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-25 19:41:16 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a0613b1b8ffd322f997745" + } + ] +} +2017-08-25 19:41:16 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-08-25 19:41:16 -------------------------------------------------------------------------------- +2017-08-25 19:41:16 Request: +User: "tmeasday", role: "editor", id: "59a0613b1b8ffd322f997745", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59a0613b1b8ffd322f997745", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-25 19:41:16 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a0613b1b8ffd322f997745" + } + ] +} +2017-08-25 19:41:16 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-25 19:41:16 Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is authorized by docRole. +2017-08-25 19:41:16 inserted tweet 59a0613c1b8ffd322f997746. +2017-08-25 19:41:16 -------------------------------------------------------------------------------- +2017-08-25 19:41:16 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. +2017-08-25 19:41:16 Request: +User: "tmeasday", role: "editor", id: "59a0613b1b8ffd322f997745", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-25 19:41:16 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a0613b1b8ffd322f997745" + } + ] +} +2017-08-25 19:41:16 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-25 19:41:16 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. +2017-08-25 19:41:16 -------------------------------------------------------------------------------- +2017-08-25 19:41:16 Request: +User: "tmeasday", role: "editor", id: "59a0613b1b8ffd322f997745", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a0613c1b8ffd322f997746") { + author { + id + } + body + } +} + +2017-08-25 19:41:16 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a0613b1b8ffd322f997745" + } + ] +} +2017-08-25 19:41:16 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-25 19:41:16 -------------------------------------------------------------------------------- +2017-08-25 19:41:16 Request: +User: "tmeasday", role: "editor", id: "59a0613b1b8ffd322f997745", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-25 19:41:16 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a0613b1b8ffd322f997745" + } + ] +} +2017-08-25 19:41:16 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-25 19:41:16 -------------------------------------------------------------------------------- +2017-08-25 19:41:16 Request: +User: "tmeasday", role: "editor", id: "59a0613b1b8ffd322f997745", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59a0613c1b8ffd322f997746", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-25 19:41:16 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a0613b1b8ffd322f997745" + } + ] +} +2017-08-25 19:41:16 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-25 19:41:16 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59a0613b1b8ffd322f997745" + }, + { + "coauthorsIds": "59a0613b1b8ffd322f997745" + } + ] +} +2017-08-25 19:41:16 updated tweet 59a0613c1b8ffd322f997746. +2017-08-25 19:41:16 -------------------------------------------------------------------------------- +2017-08-25 19:41:16 Request: +User: "tmeasday", role: "editor", id: "59a0613b1b8ffd322f997745", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-25 19:41:16 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a0613b1b8ffd322f997745" + } + ] +} +2017-08-25 19:41:16 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59a0613b1b8ffd322f997745" + }, + { + "coauthorsIds": "59a0613b1b8ffd322f997745" + } + ] +} +2017-08-25 19:41:16 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-25 19:41:16 ERROR update tweet not possible for 583676d3618530145474e352. +2017-08-25 19:41:16 -------------------------------------------------------------------------------- +2017-08-25 19:41:16 Request: +User: "tmeasday", role: "editor", id: "59a0613b1b8ffd322f997745", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a0613c1b8ffd322f997746") { + body + } +} + +2017-08-25 19:41:16 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a0613b1b8ffd322f997745" + } + ] +} +2017-08-25 19:41:16 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-25 19:41:16 -------------------------------------------------------------------------------- +2017-08-25 19:41:16 Request: +User: "tmeasday", role: "editor", id: "59a0613b1b8ffd322f997745", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59a0613c1b8ffd322f997746") +} + +2017-08-25 19:41:16 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a0613b1b8ffd322f997745" + } + ] +} +2017-08-25 19:41:16 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-25 19:41:16 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59a0613b1b8ffd322f997745" + } + ] +} +2017-08-25 19:41:16 removed tweet 59a0613c1b8ffd322f997746. +2017-08-25 19:41:16 -------------------------------------------------------------------------------- +2017-08-25 19:41:16 Request: +User: "tmeasday", role: "editor", id: "59a0613b1b8ffd322f997745", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-25 19:41:16 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a0613b1b8ffd322f997745" + } + ] +} +2017-08-25 19:41:16 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-25 19:41:16 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59a0613b1b8ffd322f997745" + } + ] +} +2017-08-25 19:41:16 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-08-25 19:41:16 -------------------------------------------------------------------------------- +2017-08-25 19:41:16 Request: +User: "tmeasday", role: "editor", id: "59a0613b1b8ffd322f997745", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a0613c1b8ffd322f997746") { + body + } +} + +2017-08-25 19:41:16 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a0613b1b8ffd322f997745" + } + ] +} +2017-08-25 19:41:16 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-25 19:41:16 -------------------------------------------------------------------------------- +2017-08-25 19:41:16 Request: +User: "tmeasday", role: "editor", id: "59a0613b1b8ffd322f997745", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59a0613b1b8ffd322f997745") +} + +2017-08-25 19:41:16 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a0613b1b8ffd322f997745" + } + ] +} +2017-08-25 19:41:16 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-25 19:41:16 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a0613b1b8ffd322f997745" + } + ] +} +2017-08-25 19:41:16 removed user 59a0613b1b8ffd322f997745. +2017-08-25 19:41:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-25 19:41:16 -------------------------------------------------------------------------------- +2017-08-25 19:41:16 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59a0613b1b8ffd322f997745") { + username + bio + role + } +} + +2017-08-25 19:41:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-25 19:41:16 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized diff --git a/test/output-app/package.json b/test/output-app/package.json index 92a1423..abec3b1 100644 --- a/test/output-app/package.json +++ b/test/output-app/package.json @@ -36,7 +36,7 @@ "bcrypt": "^1.0.2", "body-parser": "1.15.2", "cors": "^2.8.1", - "create-graphql-server-authorization": "^0.0.27", + "create-graphql-server-authorization": "^0.0.28", "dataloader": "^1.2.0", "denodeify": "^1.2.1", "dotenv": "2.0.0", diff --git a/test/output-app/yarn.lock b/test/output-app/yarn.lock new file mode 100644 index 0000000..17c9d5f --- /dev/null +++ b/test/output-app/yarn.lock @@ -0,0 +1,4403 @@ +# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY. +# yarn lockfile v1 + + +"@types/express-serve-static-core@*": + version "4.0.50" + resolved "https://registry.yarnpkg.com/@types/express-serve-static-core/-/express-serve-static-core-4.0.50.tgz#c5a139b5d29d2305aae6d982f69cef36120beacf" + dependencies: + "@types/node" "*" + +"@types/express@^4.0.33": + version "4.0.37" + resolved "https://registry.yarnpkg.com/@types/express/-/express-4.0.37.tgz#625ac3765169676e01897ca47011c26375784971" + dependencies: + "@types/express-serve-static-core" "*" + "@types/serve-static" "*" + +"@types/mime@*": + version "1.3.1" + resolved "https://registry.yarnpkg.com/@types/mime/-/mime-1.3.1.tgz#2cf42972d0931c1060c7d5fa6627fce6bd876f2f" + +"@types/node@*": + version "8.0.25" + resolved "https://registry.yarnpkg.com/@types/node/-/node-8.0.25.tgz#66ecaf4df93f5281b48427ee96fbcdfc4f0cdce1" + +"@types/node@^6.0.38": + version "6.0.88" + resolved "https://registry.yarnpkg.com/@types/node/-/node-6.0.88.tgz#f618f11a944f6a18d92b5c472028728a3e3d4b66" + +"@types/serve-static@*": + version "1.7.32" + resolved "https://registry.yarnpkg.com/@types/serve-static/-/serve-static-1.7.32.tgz#0f6732e4dab0813771dd8fc8fe14940f34728b4c" + dependencies: + "@types/express-serve-static-core" "*" + "@types/mime" "*" + +abbrev@1: + version "1.1.0" + resolved "https://registry.yarnpkg.com/abbrev/-/abbrev-1.1.0.tgz#d0554c2256636e2f56e7c2e5ad183f859428d81f" + +accepts@~1.3.3: + version "1.3.4" + resolved "https://registry.yarnpkg.com/accepts/-/accepts-1.3.4.tgz#86246758c7dd6d21a6474ff084a4740ec05eb21f" + dependencies: + mime-types "~2.1.16" + negotiator "0.6.1" + +acorn-jsx@^3.0.0: + version "3.0.1" + resolved "https://registry.yarnpkg.com/acorn-jsx/-/acorn-jsx-3.0.1.tgz#afdf9488fb1ecefc8348f6fb22f464e32a58b36b" + dependencies: + acorn "^3.0.4" + +acorn@^3.0.4: + version "3.3.0" + resolved "https://registry.yarnpkg.com/acorn/-/acorn-3.3.0.tgz#45e37fb39e8da3f25baee3ff5369e2bb5f22017a" + +acorn@^5.1.1: + version "5.1.1" + resolved "https://registry.yarnpkg.com/acorn/-/acorn-5.1.1.tgz#53fe161111f912ab999ee887a90a0bc52822fd75" + +agent-base@2: + version "2.1.1" + resolved "https://registry.yarnpkg.com/agent-base/-/agent-base-2.1.1.tgz#d6de10d5af6132d5bd692427d46fc538539094c7" + dependencies: + extend "~3.0.0" + semver "~5.0.1" + +ajv-keywords@^1.0.0: + version "1.5.1" + resolved "https://registry.yarnpkg.com/ajv-keywords/-/ajv-keywords-1.5.1.tgz#314dd0a4b3368fad3dfcdc54ede6171b886daf3c" + +ajv@^4.7.0, ajv@^4.9.1: + version "4.11.8" + resolved "https://registry.yarnpkg.com/ajv/-/ajv-4.11.8.tgz#82ffb02b29e662ae53bdc20af15947706739c536" + dependencies: + co "^4.6.0" + json-stable-stringify "^1.0.1" + +ansi-escapes@^1.1.0: + version "1.4.0" + resolved "https://registry.yarnpkg.com/ansi-escapes/-/ansi-escapes-1.4.0.tgz#d3a8a83b319aa67793662b13e761c7911422306e" + +ansi-regex@^2.0.0: + version "2.1.1" + resolved "https://registry.yarnpkg.com/ansi-regex/-/ansi-regex-2.1.1.tgz#c3b33ab5ee360d86e0e628f0468ae7ef27d654df" + +ansi-regex@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/ansi-regex/-/ansi-regex-3.0.0.tgz#ed0317c322064f79466c02966bddb605ab37d998" + +ansi-styles@^2.1.0, ansi-styles@^2.2.1: + version "2.2.1" + resolved "https://registry.yarnpkg.com/ansi-styles/-/ansi-styles-2.2.1.tgz#b432dd3358b634cf75e1e4664368240533c1ddbe" + +anymatch@^1.3.0: + version "1.3.2" + resolved "https://registry.yarnpkg.com/anymatch/-/anymatch-1.3.2.tgz#553dcb8f91e3c889845dfdba34c77721b90b9d7a" + dependencies: + micromatch "^2.1.5" + normalize-path "^2.0.0" + +aproba@^1.0.3: + version "1.1.2" + resolved "https://registry.yarnpkg.com/aproba/-/aproba-1.1.2.tgz#45c6629094de4e96f693ef7eab74ae079c240fc1" + +are-we-there-yet@~1.1.2: + version "1.1.4" + resolved "https://registry.yarnpkg.com/are-we-there-yet/-/are-we-there-yet-1.1.4.tgz#bb5dca382bb94f05e15194373d16fd3ba1ca110d" + dependencies: + delegates "^1.0.0" + readable-stream "^2.0.6" + +argparse@^1.0.7: + version "1.0.9" + resolved "https://registry.yarnpkg.com/argparse/-/argparse-1.0.9.tgz#73d83bc263f86e97f8cc4f6bae1b0e90a7d22c86" + dependencies: + sprintf-js "~1.0.2" + +arr-diff@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/arr-diff/-/arr-diff-2.0.0.tgz#8f3b827f955a8bd669697e4a4256ac3ceae356cf" + dependencies: + arr-flatten "^1.0.1" + +arr-flatten@^1.0.1: + version "1.1.0" + resolved "https://registry.yarnpkg.com/arr-flatten/-/arr-flatten-1.1.0.tgz#36048bbff4e7b47e136644316c99669ea5ae91f1" + +array-find-index@^1.0.1: + version "1.0.2" + resolved "https://registry.yarnpkg.com/array-find-index/-/array-find-index-1.0.2.tgz#df010aa1287e164bbda6f9723b0a96a1ec4187a1" + +array-flatten@1.1.1: + version "1.1.1" + resolved "https://registry.yarnpkg.com/array-flatten/-/array-flatten-1.1.1.tgz#9a5f699051b1e7073328f2a008968b64ea2955d2" + +array-union@^1.0.1: + version "1.0.2" + resolved "https://registry.yarnpkg.com/array-union/-/array-union-1.0.2.tgz#9a34410e4f4e3da23dea375be5be70f24778ec39" + dependencies: + array-uniq "^1.0.1" + +array-uniq@^1.0.0, array-uniq@^1.0.1: + version "1.0.3" + resolved "https://registry.yarnpkg.com/array-uniq/-/array-uniq-1.0.3.tgz#af6ac877a25cc7f74e058894753858dfdb24fdb6" + +array-unique@^0.2.1: + version "0.2.1" + resolved "https://registry.yarnpkg.com/array-unique/-/array-unique-0.2.1.tgz#a1d97ccafcbc2625cc70fadceb36a50c58b01a53" + +arrify@^1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/arrify/-/arrify-1.0.1.tgz#898508da2226f380df904728456849c1501a4b0d" + +asn1@~0.2.3: + version "0.2.3" + resolved "https://registry.yarnpkg.com/asn1/-/asn1-0.2.3.tgz#dac8787713c9966849fc8180777ebe9c1ddf3b86" + +assert-plus@1.0.0, assert-plus@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/assert-plus/-/assert-plus-1.0.0.tgz#f12e0f3c5d77b0b1cdd9146942e4e96c1e4dd525" + +assert-plus@^0.2.0: + version "0.2.0" + resolved "https://registry.yarnpkg.com/assert-plus/-/assert-plus-0.2.0.tgz#d74e1b87e7affc0db8aadb7021f3fe48101ab234" + +assertion-error@^1.0.1: + version "1.0.2" + resolved "https://registry.yarnpkg.com/assertion-error/-/assertion-error-1.0.2.tgz#13ca515d86206da0bac66e834dd397d87581094c" + +async-each@^1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/async-each/-/async-each-1.0.1.tgz#19d386a1d9edc6e7c1c85d388aedbcc56d33602d" + +async@2.1.4: + version "2.1.4" + resolved "https://registry.yarnpkg.com/async/-/async-2.1.4.tgz#2d2160c7788032e4dd6cbe2502f1f9a2c8f6cde4" + dependencies: + lodash "^4.14.0" + +async@~1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/async/-/async-1.0.0.tgz#f8fc04ca3a13784ade9e1641af98578cfbd647a9" + +asynckit@^0.4.0: + version "0.4.0" + resolved "https://registry.yarnpkg.com/asynckit/-/asynckit-0.4.0.tgz#c79ed97f7f34cb8f2ba1bc9790bcc366474b4b79" + +aws-sign2@~0.6.0: + version "0.6.0" + resolved "https://registry.yarnpkg.com/aws-sign2/-/aws-sign2-0.6.0.tgz#14342dd38dbcc94d0e5b87d763cd63612c0e794f" + +aws4@^1.2.1: + version "1.6.0" + resolved "https://registry.yarnpkg.com/aws4/-/aws4-1.6.0.tgz#83ef5ca860b2b32e4a0deedee8c771b9db57471e" + +babel-cli@6.16.0: + version "6.16.0" + resolved "https://registry.yarnpkg.com/babel-cli/-/babel-cli-6.16.0.tgz#4e0d1cf40442ef78330f7fef88eb3a0a1b16bd37" + dependencies: + babel-core "^6.16.0" + babel-polyfill "^6.16.0" + babel-register "^6.16.0" + babel-runtime "^6.9.0" + bin-version-check "^2.1.0" + chalk "1.1.1" + commander "^2.8.1" + convert-source-map "^1.1.0" + fs-readdir-recursive "^0.1.0" + glob "^5.0.5" + lodash "^4.2.0" + log-symbols "^1.0.2" + output-file-sync "^1.1.0" + path-exists "^1.0.0" + path-is-absolute "^1.0.0" + request "^2.65.0" + slash "^1.0.0" + source-map "^0.5.0" + v8flags "^2.0.10" + optionalDependencies: + chokidar "^1.0.0" + +babel-code-frame@^6.16.0, babel-code-frame@^6.26.0: + version "6.26.0" + resolved "https://registry.yarnpkg.com/babel-code-frame/-/babel-code-frame-6.26.0.tgz#63fd43f7dc1e3bb7ce35947db8fe369a3f58c74b" + dependencies: + chalk "^1.1.3" + esutils "^2.0.2" + js-tokens "^3.0.2" + +babel-core@6.17.0: + version "6.17.0" + resolved "https://registry.yarnpkg.com/babel-core/-/babel-core-6.17.0.tgz#6c4576447df479e241e58c807e4bc7da4db7f425" + dependencies: + babel-code-frame "^6.16.0" + babel-generator "^6.17.0" + babel-helpers "^6.16.0" + babel-messages "^6.8.0" + babel-register "^6.16.0" + babel-runtime "^6.9.1" + babel-template "^6.16.0" + babel-traverse "^6.16.0" + babel-types "^6.16.0" + babylon "^6.11.0" + convert-source-map "^1.1.0" + debug "^2.1.1" + json5 "^0.4.0" + lodash "^4.2.0" + minimatch "^3.0.2" + path-exists "^1.0.0" + path-is-absolute "^1.0.0" + private "^0.1.6" + shebang-regex "^1.0.0" + slash "^1.0.0" + source-map "^0.5.0" + +babel-core@^6.16.0, babel-core@^6.26.0: + version "6.26.0" + resolved "https://registry.yarnpkg.com/babel-core/-/babel-core-6.26.0.tgz#af32f78b31a6fcef119c87b0fd8d9753f03a0bb8" + dependencies: + babel-code-frame "^6.26.0" + babel-generator "^6.26.0" + babel-helpers "^6.24.1" + babel-messages "^6.23.0" + babel-register "^6.26.0" + babel-runtime "^6.26.0" + babel-template "^6.26.0" + babel-traverse "^6.26.0" + babel-types "^6.26.0" + babylon "^6.18.0" + convert-source-map "^1.5.0" + debug "^2.6.8" + json5 "^0.5.1" + lodash "^4.17.4" + minimatch "^3.0.4" + path-is-absolute "^1.0.1" + private "^0.1.7" + slash "^1.0.0" + source-map "^0.5.6" + +babel-eslint@7.0.0: + version "7.0.0" + resolved "https://registry.yarnpkg.com/babel-eslint/-/babel-eslint-7.0.0.tgz#54e51b4033f54ac81326ecea4c646a779935196d" + dependencies: + babel-traverse "^6.15.0" + babel-types "^6.15.0" + babylon "^6.11.2" + lodash.pickby "^4.6.0" + +babel-generator@^6.17.0, babel-generator@^6.26.0: + version "6.26.0" + resolved "https://registry.yarnpkg.com/babel-generator/-/babel-generator-6.26.0.tgz#ac1ae20070b79f6e3ca1d3269613053774f20dc5" + dependencies: + babel-messages "^6.23.0" + babel-runtime "^6.26.0" + babel-types "^6.26.0" + detect-indent "^4.0.0" + jsesc "^1.3.0" + lodash "^4.17.4" + source-map "^0.5.6" + trim-right "^1.0.1" + +babel-helper-bindify-decorators@^6.24.1: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-helper-bindify-decorators/-/babel-helper-bindify-decorators-6.24.1.tgz#14c19e5f142d7b47f19a52431e52b1ccbc40a330" + dependencies: + babel-runtime "^6.22.0" + babel-traverse "^6.24.1" + babel-types "^6.24.1" + +babel-helper-builder-binary-assignment-operator-visitor@^6.24.1: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-helper-builder-binary-assignment-operator-visitor/-/babel-helper-builder-binary-assignment-operator-visitor-6.24.1.tgz#cce4517ada356f4220bcae8a02c2b346f9a56664" + dependencies: + babel-helper-explode-assignable-expression "^6.24.1" + babel-runtime "^6.22.0" + babel-types "^6.24.1" + +babel-helper-builder-react-jsx@^6.24.1: + version "6.26.0" + resolved "https://registry.yarnpkg.com/babel-helper-builder-react-jsx/-/babel-helper-builder-react-jsx-6.26.0.tgz#39ff8313b75c8b65dceff1f31d383e0ff2a408a0" + dependencies: + babel-runtime "^6.26.0" + babel-types "^6.26.0" + esutils "^2.0.2" + +babel-helper-call-delegate@^6.24.1: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-helper-call-delegate/-/babel-helper-call-delegate-6.24.1.tgz#ece6aacddc76e41c3461f88bfc575bd0daa2df8d" + dependencies: + babel-helper-hoist-variables "^6.24.1" + babel-runtime "^6.22.0" + babel-traverse "^6.24.1" + babel-types "^6.24.1" + +babel-helper-define-map@^6.24.1: + version "6.26.0" + resolved "https://registry.yarnpkg.com/babel-helper-define-map/-/babel-helper-define-map-6.26.0.tgz#a5f56dab41a25f97ecb498c7ebaca9819f95be5f" + dependencies: + babel-helper-function-name "^6.24.1" + babel-runtime "^6.26.0" + babel-types "^6.26.0" + lodash "^4.17.4" + +babel-helper-explode-assignable-expression@^6.24.1: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-helper-explode-assignable-expression/-/babel-helper-explode-assignable-expression-6.24.1.tgz#f25b82cf7dc10433c55f70592d5746400ac22caa" + dependencies: + babel-runtime "^6.22.0" + babel-traverse "^6.24.1" + babel-types "^6.24.1" + +babel-helper-explode-class@^6.24.1: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-helper-explode-class/-/babel-helper-explode-class-6.24.1.tgz#7dc2a3910dee007056e1e31d640ced3d54eaa9eb" + dependencies: + babel-helper-bindify-decorators "^6.24.1" + babel-runtime "^6.22.0" + babel-traverse "^6.24.1" + babel-types "^6.24.1" + +babel-helper-function-name@^6.24.1: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-helper-function-name/-/babel-helper-function-name-6.24.1.tgz#d3475b8c03ed98242a25b48351ab18399d3580a9" + dependencies: + babel-helper-get-function-arity "^6.24.1" + babel-runtime "^6.22.0" + babel-template "^6.24.1" + babel-traverse "^6.24.1" + babel-types "^6.24.1" + +babel-helper-get-function-arity@^6.24.1: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-helper-get-function-arity/-/babel-helper-get-function-arity-6.24.1.tgz#8f7782aa93407c41d3aa50908f89b031b1b6853d" + dependencies: + babel-runtime "^6.22.0" + babel-types "^6.24.1" + +babel-helper-hoist-variables@^6.24.1: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-helper-hoist-variables/-/babel-helper-hoist-variables-6.24.1.tgz#1ecb27689c9d25513eadbc9914a73f5408be7a76" + dependencies: + babel-runtime "^6.22.0" + babel-types "^6.24.1" + +babel-helper-optimise-call-expression@^6.24.1: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-helper-optimise-call-expression/-/babel-helper-optimise-call-expression-6.24.1.tgz#f7a13427ba9f73f8f4fa993c54a97882d1244257" + dependencies: + babel-runtime "^6.22.0" + babel-types "^6.24.1" + +babel-helper-regex@^6.24.1: + version "6.26.0" + resolved "https://registry.yarnpkg.com/babel-helper-regex/-/babel-helper-regex-6.26.0.tgz#325c59f902f82f24b74faceed0363954f6495e72" + dependencies: + babel-runtime "^6.26.0" + babel-types "^6.26.0" + lodash "^4.17.4" + +babel-helper-remap-async-to-generator@^6.24.1: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-helper-remap-async-to-generator/-/babel-helper-remap-async-to-generator-6.24.1.tgz#5ec581827ad723fecdd381f1c928390676e4551b" + dependencies: + babel-helper-function-name "^6.24.1" + babel-runtime "^6.22.0" + babel-template "^6.24.1" + babel-traverse "^6.24.1" + babel-types "^6.24.1" + +babel-helper-replace-supers@^6.24.1: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-helper-replace-supers/-/babel-helper-replace-supers-6.24.1.tgz#bf6dbfe43938d17369a213ca8a8bf74b6a90ab1a" + dependencies: + babel-helper-optimise-call-expression "^6.24.1" + babel-messages "^6.23.0" + babel-runtime "^6.22.0" + babel-template "^6.24.1" + babel-traverse "^6.24.1" + babel-types "^6.24.1" + +babel-helpers@^6.16.0, babel-helpers@^6.24.1: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-helpers/-/babel-helpers-6.24.1.tgz#3471de9caec388e5c850e597e58a26ddf37602b2" + dependencies: + babel-runtime "^6.22.0" + babel-template "^6.24.1" + +babel-messages@^6.23.0, babel-messages@^6.8.0: + version "6.23.0" + resolved "https://registry.yarnpkg.com/babel-messages/-/babel-messages-6.23.0.tgz#f3cdf4703858035b2a2951c6ec5edf6c62f2630e" + dependencies: + babel-runtime "^6.22.0" + +babel-plugin-check-es2015-constants@^6.3.13: + version "6.22.0" + resolved "https://registry.yarnpkg.com/babel-plugin-check-es2015-constants/-/babel-plugin-check-es2015-constants-6.22.0.tgz#35157b101426fd2ffd3da3f75c7d1e91835bbf8a" + dependencies: + babel-runtime "^6.22.0" + +babel-plugin-syntax-async-functions@^6.8.0: + version "6.13.0" + resolved "https://registry.yarnpkg.com/babel-plugin-syntax-async-functions/-/babel-plugin-syntax-async-functions-6.13.0.tgz#cad9cad1191b5ad634bf30ae0872391e0647be95" + +babel-plugin-syntax-async-generators@^6.5.0: + version "6.13.0" + resolved "https://registry.yarnpkg.com/babel-plugin-syntax-async-generators/-/babel-plugin-syntax-async-generators-6.13.0.tgz#6bc963ebb16eccbae6b92b596eb7f35c342a8b9a" + +babel-plugin-syntax-class-properties@^6.8.0: + version "6.13.0" + resolved "https://registry.yarnpkg.com/babel-plugin-syntax-class-properties/-/babel-plugin-syntax-class-properties-6.13.0.tgz#d7eb23b79a317f8543962c505b827c7d6cac27de" + +babel-plugin-syntax-decorators@^6.13.0: + version "6.13.0" + resolved "https://registry.yarnpkg.com/babel-plugin-syntax-decorators/-/babel-plugin-syntax-decorators-6.13.0.tgz#312563b4dbde3cc806cee3e416cceeaddd11ac0b" + +babel-plugin-syntax-exponentiation-operator@^6.8.0: + version "6.13.0" + resolved "https://registry.yarnpkg.com/babel-plugin-syntax-exponentiation-operator/-/babel-plugin-syntax-exponentiation-operator-6.13.0.tgz#9ee7e8337290da95288201a6a57f4170317830de" + +babel-plugin-syntax-flow@^6.18.0, babel-plugin-syntax-flow@^6.3.13: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-plugin-syntax-flow/-/babel-plugin-syntax-flow-6.18.0.tgz#4c3ab20a2af26aa20cd25995c398c4eb70310c8d" + +babel-plugin-syntax-jsx@^6.3.13, babel-plugin-syntax-jsx@^6.8.0: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-plugin-syntax-jsx/-/babel-plugin-syntax-jsx-6.18.0.tgz#0af32a9a6e13ca7a3fd5069e62d7b0f58d0d8946" + +babel-plugin-syntax-object-rest-spread@^6.8.0: + version "6.13.0" + resolved "https://registry.yarnpkg.com/babel-plugin-syntax-object-rest-spread/-/babel-plugin-syntax-object-rest-spread-6.13.0.tgz#fd6536f2bce13836ffa3a5458c4903a597bb3bf5" + +babel-plugin-syntax-trailing-function-commas@^6.22.0: + version "6.22.0" + resolved "https://registry.yarnpkg.com/babel-plugin-syntax-trailing-function-commas/-/babel-plugin-syntax-trailing-function-commas-6.22.0.tgz#ba0360937f8d06e40180a43fe0d5616fff532cf3" + +babel-plugin-transform-async-generator-functions@^6.24.1: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-async-generator-functions/-/babel-plugin-transform-async-generator-functions-6.24.1.tgz#f058900145fd3e9907a6ddf28da59f215258a5db" + dependencies: + babel-helper-remap-async-to-generator "^6.24.1" + babel-plugin-syntax-async-generators "^6.5.0" + babel-runtime "^6.22.0" + +babel-plugin-transform-async-to-generator@^6.24.1: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-async-to-generator/-/babel-plugin-transform-async-to-generator-6.24.1.tgz#6536e378aff6cb1d5517ac0e40eb3e9fc8d08761" + dependencies: + babel-helper-remap-async-to-generator "^6.24.1" + babel-plugin-syntax-async-functions "^6.8.0" + babel-runtime "^6.22.0" + +babel-plugin-transform-class-properties@^6.16.0: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-class-properties/-/babel-plugin-transform-class-properties-6.24.1.tgz#6a79763ea61d33d36f37b611aa9def81a81b46ac" + dependencies: + babel-helper-function-name "^6.24.1" + babel-plugin-syntax-class-properties "^6.8.0" + babel-runtime "^6.22.0" + babel-template "^6.24.1" + +babel-plugin-transform-decorators@^6.13.0: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-decorators/-/babel-plugin-transform-decorators-6.24.1.tgz#788013d8f8c6b5222bdf7b344390dfd77569e24d" + dependencies: + babel-helper-explode-class "^6.24.1" + babel-plugin-syntax-decorators "^6.13.0" + babel-runtime "^6.22.0" + babel-template "^6.24.1" + babel-types "^6.24.1" + +babel-plugin-transform-es2015-arrow-functions@^6.3.13: + version "6.22.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-arrow-functions/-/babel-plugin-transform-es2015-arrow-functions-6.22.0.tgz#452692cb711d5f79dc7f85e440ce41b9f244d221" + dependencies: + babel-runtime "^6.22.0" + +babel-plugin-transform-es2015-block-scoped-functions@^6.3.13: + version "6.22.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-block-scoped-functions/-/babel-plugin-transform-es2015-block-scoped-functions-6.22.0.tgz#bbc51b49f964d70cb8d8e0b94e820246ce3a6141" + dependencies: + babel-runtime "^6.22.0" + +babel-plugin-transform-es2015-block-scoping@^6.14.0: + version "6.26.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-block-scoping/-/babel-plugin-transform-es2015-block-scoping-6.26.0.tgz#d70f5299c1308d05c12f463813b0a09e73b1895f" + dependencies: + babel-runtime "^6.26.0" + babel-template "^6.26.0" + babel-traverse "^6.26.0" + babel-types "^6.26.0" + lodash "^4.17.4" + +babel-plugin-transform-es2015-classes@^6.14.0: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-classes/-/babel-plugin-transform-es2015-classes-6.24.1.tgz#5a4c58a50c9c9461e564b4b2a3bfabc97a2584db" + dependencies: + babel-helper-define-map "^6.24.1" + babel-helper-function-name "^6.24.1" + babel-helper-optimise-call-expression "^6.24.1" + babel-helper-replace-supers "^6.24.1" + babel-messages "^6.23.0" + babel-runtime "^6.22.0" + babel-template "^6.24.1" + babel-traverse "^6.24.1" + babel-types "^6.24.1" + +babel-plugin-transform-es2015-computed-properties@^6.3.13: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-computed-properties/-/babel-plugin-transform-es2015-computed-properties-6.24.1.tgz#6fe2a8d16895d5634f4cd999b6d3480a308159b3" + dependencies: + babel-runtime "^6.22.0" + babel-template "^6.24.1" + +babel-plugin-transform-es2015-destructuring@^6.16.0: + version "6.23.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-destructuring/-/babel-plugin-transform-es2015-destructuring-6.23.0.tgz#997bb1f1ab967f682d2b0876fe358d60e765c56d" + dependencies: + babel-runtime "^6.22.0" + +babel-plugin-transform-es2015-duplicate-keys@^6.6.0: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-duplicate-keys/-/babel-plugin-transform-es2015-duplicate-keys-6.24.1.tgz#73eb3d310ca969e3ef9ec91c53741a6f1576423e" + dependencies: + babel-runtime "^6.22.0" + babel-types "^6.24.1" + +babel-plugin-transform-es2015-for-of@^6.6.0: + version "6.23.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-for-of/-/babel-plugin-transform-es2015-for-of-6.23.0.tgz#f47c95b2b613df1d3ecc2fdb7573623c75248691" + dependencies: + babel-runtime "^6.22.0" + +babel-plugin-transform-es2015-function-name@^6.9.0: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-function-name/-/babel-plugin-transform-es2015-function-name-6.24.1.tgz#834c89853bc36b1af0f3a4c5dbaa94fd8eacaa8b" + dependencies: + babel-helper-function-name "^6.24.1" + babel-runtime "^6.22.0" + babel-types "^6.24.1" + +babel-plugin-transform-es2015-literals@^6.3.13: + version "6.22.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-literals/-/babel-plugin-transform-es2015-literals-6.22.0.tgz#4f54a02d6cd66cf915280019a31d31925377ca2e" + dependencies: + babel-runtime "^6.22.0" + +babel-plugin-transform-es2015-modules-amd@^6.24.1, babel-plugin-transform-es2015-modules-amd@^6.8.0: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-modules-amd/-/babel-plugin-transform-es2015-modules-amd-6.24.1.tgz#3b3e54017239842d6d19c3011c4bd2f00a00d154" + dependencies: + babel-plugin-transform-es2015-modules-commonjs "^6.24.1" + babel-runtime "^6.22.0" + babel-template "^6.24.1" + +babel-plugin-transform-es2015-modules-commonjs@^6.16.0, babel-plugin-transform-es2015-modules-commonjs@^6.24.1: + version "6.26.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-modules-commonjs/-/babel-plugin-transform-es2015-modules-commonjs-6.26.0.tgz#0d8394029b7dc6abe1a97ef181e00758dd2e5d8a" + dependencies: + babel-plugin-transform-strict-mode "^6.24.1" + babel-runtime "^6.26.0" + babel-template "^6.26.0" + babel-types "^6.26.0" + +babel-plugin-transform-es2015-modules-systemjs@^6.14.0: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-modules-systemjs/-/babel-plugin-transform-es2015-modules-systemjs-6.24.1.tgz#ff89a142b9119a906195f5f106ecf305d9407d23" + dependencies: + babel-helper-hoist-variables "^6.24.1" + babel-runtime "^6.22.0" + babel-template "^6.24.1" + +babel-plugin-transform-es2015-modules-umd@^6.12.0: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-modules-umd/-/babel-plugin-transform-es2015-modules-umd-6.24.1.tgz#ac997e6285cd18ed6176adb607d602344ad38468" + dependencies: + babel-plugin-transform-es2015-modules-amd "^6.24.1" + babel-runtime "^6.22.0" + babel-template "^6.24.1" + +babel-plugin-transform-es2015-object-super@^6.3.13: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-object-super/-/babel-plugin-transform-es2015-object-super-6.24.1.tgz#24cef69ae21cb83a7f8603dad021f572eb278f8d" + dependencies: + babel-helper-replace-supers "^6.24.1" + babel-runtime "^6.22.0" + +babel-plugin-transform-es2015-parameters@^6.16.0: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-parameters/-/babel-plugin-transform-es2015-parameters-6.24.1.tgz#57ac351ab49caf14a97cd13b09f66fdf0a625f2b" + dependencies: + babel-helper-call-delegate "^6.24.1" + babel-helper-get-function-arity "^6.24.1" + babel-runtime "^6.22.0" + babel-template "^6.24.1" + babel-traverse "^6.24.1" + babel-types "^6.24.1" + +babel-plugin-transform-es2015-shorthand-properties@^6.3.13: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-shorthand-properties/-/babel-plugin-transform-es2015-shorthand-properties-6.24.1.tgz#24f875d6721c87661bbd99a4622e51f14de38aa0" + dependencies: + babel-runtime "^6.22.0" + babel-types "^6.24.1" + +babel-plugin-transform-es2015-spread@^6.3.13: + version "6.22.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-spread/-/babel-plugin-transform-es2015-spread-6.22.0.tgz#d6d68a99f89aedc4536c81a542e8dd9f1746f8d1" + dependencies: + babel-runtime "^6.22.0" + +babel-plugin-transform-es2015-sticky-regex@^6.3.13: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-sticky-regex/-/babel-plugin-transform-es2015-sticky-regex-6.24.1.tgz#00c1cdb1aca71112cdf0cf6126c2ed6b457ccdbc" + dependencies: + babel-helper-regex "^6.24.1" + babel-runtime "^6.22.0" + babel-types "^6.24.1" + +babel-plugin-transform-es2015-template-literals@^6.6.0: + version "6.22.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-template-literals/-/babel-plugin-transform-es2015-template-literals-6.22.0.tgz#a84b3450f7e9f8f1f6839d6d687da84bb1236d8d" + dependencies: + babel-runtime "^6.22.0" + +babel-plugin-transform-es2015-typeof-symbol@^6.6.0: + version "6.23.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-typeof-symbol/-/babel-plugin-transform-es2015-typeof-symbol-6.23.0.tgz#dec09f1cddff94b52ac73d505c84df59dcceb372" + dependencies: + babel-runtime "^6.22.0" + +babel-plugin-transform-es2015-unicode-regex@^6.3.13: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-unicode-regex/-/babel-plugin-transform-es2015-unicode-regex-6.24.1.tgz#d38b12f42ea7323f729387f18a7c5ae1faeb35e9" + dependencies: + babel-helper-regex "^6.24.1" + babel-runtime "^6.22.0" + regexpu-core "^2.0.0" + +babel-plugin-transform-exponentiation-operator@^6.24.1: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-exponentiation-operator/-/babel-plugin-transform-exponentiation-operator-6.24.1.tgz#2ab0c9c7f3098fa48907772bb813fe41e8de3a0e" + dependencies: + babel-helper-builder-binary-assignment-operator-visitor "^6.24.1" + babel-plugin-syntax-exponentiation-operator "^6.8.0" + babel-runtime "^6.22.0" + +babel-plugin-transform-flow-strip-types@^6.3.13: + version "6.22.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-flow-strip-types/-/babel-plugin-transform-flow-strip-types-6.22.0.tgz#84cb672935d43714fdc32bce84568d87441cf7cf" + dependencies: + babel-plugin-syntax-flow "^6.18.0" + babel-runtime "^6.22.0" + +babel-plugin-transform-object-rest-spread@^6.22.0: + version "6.26.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-object-rest-spread/-/babel-plugin-transform-object-rest-spread-6.26.0.tgz#0f36692d50fef6b7e2d4b3ac1478137a963b7b06" + dependencies: + babel-plugin-syntax-object-rest-spread "^6.8.0" + babel-runtime "^6.26.0" + +babel-plugin-transform-react-display-name@^6.3.13: + version "6.25.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-react-display-name/-/babel-plugin-transform-react-display-name-6.25.0.tgz#67e2bf1f1e9c93ab08db96792e05392bf2cc28d1" + dependencies: + babel-runtime "^6.22.0" + +babel-plugin-transform-react-jsx-self@^6.11.0: + version "6.22.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-react-jsx-self/-/babel-plugin-transform-react-jsx-self-6.22.0.tgz#df6d80a9da2612a121e6ddd7558bcbecf06e636e" + dependencies: + babel-plugin-syntax-jsx "^6.8.0" + babel-runtime "^6.22.0" + +babel-plugin-transform-react-jsx-source@^6.3.13: + version "6.22.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-react-jsx-source/-/babel-plugin-transform-react-jsx-source-6.22.0.tgz#66ac12153f5cd2d17b3c19268f4bf0197f44ecd6" + dependencies: + babel-plugin-syntax-jsx "^6.8.0" + babel-runtime "^6.22.0" + +babel-plugin-transform-react-jsx@^6.3.13: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-react-jsx/-/babel-plugin-transform-react-jsx-6.24.1.tgz#840a028e7df460dfc3a2d29f0c0d91f6376e66a3" + dependencies: + babel-helper-builder-react-jsx "^6.24.1" + babel-plugin-syntax-jsx "^6.8.0" + babel-runtime "^6.22.0" + +babel-plugin-transform-regenerator@^6.16.0: + version "6.26.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-regenerator/-/babel-plugin-transform-regenerator-6.26.0.tgz#e0703696fbde27f0a3efcacf8b4dca2f7b3a8f2f" + dependencies: + regenerator-transform "^0.10.0" + +babel-plugin-transform-strict-mode@^6.24.1: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-strict-mode/-/babel-plugin-transform-strict-mode-6.24.1.tgz#d5faf7aa578a65bbe591cf5edae04a0c67020758" + dependencies: + babel-runtime "^6.22.0" + babel-types "^6.24.1" + +babel-polyfill@^6.16.0: + version "6.26.0" + resolved "https://registry.yarnpkg.com/babel-polyfill/-/babel-polyfill-6.26.0.tgz#379937abc67d7895970adc621f284cd966cf2153" + dependencies: + babel-runtime "^6.26.0" + core-js "^2.5.0" + regenerator-runtime "^0.10.5" + +babel-preset-es2015@6.16.0: + version "6.16.0" + resolved "https://registry.yarnpkg.com/babel-preset-es2015/-/babel-preset-es2015-6.16.0.tgz#59acecd1efbebaf48f89404840f2fe78c4d2ad5c" + dependencies: + babel-plugin-check-es2015-constants "^6.3.13" + babel-plugin-transform-es2015-arrow-functions "^6.3.13" + babel-plugin-transform-es2015-block-scoped-functions "^6.3.13" + babel-plugin-transform-es2015-block-scoping "^6.14.0" + babel-plugin-transform-es2015-classes "^6.14.0" + babel-plugin-transform-es2015-computed-properties "^6.3.13" + babel-plugin-transform-es2015-destructuring "^6.16.0" + babel-plugin-transform-es2015-duplicate-keys "^6.6.0" + babel-plugin-transform-es2015-for-of "^6.6.0" + babel-plugin-transform-es2015-function-name "^6.9.0" + babel-plugin-transform-es2015-literals "^6.3.13" + babel-plugin-transform-es2015-modules-amd "^6.8.0" + babel-plugin-transform-es2015-modules-commonjs "^6.16.0" + babel-plugin-transform-es2015-modules-systemjs "^6.14.0" + babel-plugin-transform-es2015-modules-umd "^6.12.0" + babel-plugin-transform-es2015-object-super "^6.3.13" + babel-plugin-transform-es2015-parameters "^6.16.0" + babel-plugin-transform-es2015-shorthand-properties "^6.3.13" + babel-plugin-transform-es2015-spread "^6.3.13" + babel-plugin-transform-es2015-sticky-regex "^6.3.13" + babel-plugin-transform-es2015-template-literals "^6.6.0" + babel-plugin-transform-es2015-typeof-symbol "^6.6.0" + babel-plugin-transform-es2015-unicode-regex "^6.3.13" + babel-plugin-transform-regenerator "^6.16.0" + +babel-preset-react@6.16.0: + version "6.16.0" + resolved "https://registry.yarnpkg.com/babel-preset-react/-/babel-preset-react-6.16.0.tgz#aa117d60de0928607e343c4828906e4661824316" + dependencies: + babel-plugin-syntax-flow "^6.3.13" + babel-plugin-syntax-jsx "^6.3.13" + babel-plugin-transform-flow-strip-types "^6.3.13" + babel-plugin-transform-react-display-name "^6.3.13" + babel-plugin-transform-react-jsx "^6.3.13" + babel-plugin-transform-react-jsx-self "^6.11.0" + babel-plugin-transform-react-jsx-source "^6.3.13" + +babel-preset-stage-2@6.17.0: + version "6.17.0" + resolved "https://registry.yarnpkg.com/babel-preset-stage-2/-/babel-preset-stage-2-6.17.0.tgz#dc4f84582781353cef36c41247eae5e36c4cae0d" + dependencies: + babel-plugin-transform-class-properties "^6.16.0" + babel-plugin-transform-decorators "^6.13.0" + babel-preset-stage-3 "^6.17.0" + +babel-preset-stage-3@^6.17.0: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-preset-stage-3/-/babel-preset-stage-3-6.24.1.tgz#836ada0a9e7a7fa37cb138fb9326f87934a48395" + dependencies: + babel-plugin-syntax-trailing-function-commas "^6.22.0" + babel-plugin-transform-async-generator-functions "^6.24.1" + babel-plugin-transform-async-to-generator "^6.24.1" + babel-plugin-transform-exponentiation-operator "^6.24.1" + babel-plugin-transform-object-rest-spread "^6.22.0" + +babel-register@6.16.3: + version "6.16.3" + resolved "https://registry.yarnpkg.com/babel-register/-/babel-register-6.16.3.tgz#7b0c0ca7bfdeb9188ba4c27e5fcb7599a497c624" + dependencies: + babel-core "^6.16.0" + babel-runtime "^6.11.6" + core-js "^2.4.0" + home-or-tmp "^1.0.0" + lodash "^4.2.0" + mkdirp "^0.5.1" + path-exists "^1.0.0" + source-map-support "^0.4.2" + +babel-register@^6.16.0, babel-register@^6.26.0: + version "6.26.0" + resolved "https://registry.yarnpkg.com/babel-register/-/babel-register-6.26.0.tgz#6ed021173e2fcb486d7acb45c6009a856f647071" + dependencies: + babel-core "^6.26.0" + babel-runtime "^6.26.0" + core-js "^2.5.0" + home-or-tmp "^2.0.0" + lodash "^4.17.4" + mkdirp "^0.5.1" + source-map-support "^0.4.15" + +babel-runtime@^6.11.6, babel-runtime@^6.18.0, babel-runtime@^6.22.0, babel-runtime@^6.26.0, babel-runtime@^6.9.0, babel-runtime@^6.9.1: + version "6.26.0" + resolved "https://registry.yarnpkg.com/babel-runtime/-/babel-runtime-6.26.0.tgz#965c7058668e82b55d7bfe04ff2337bc8b5647fe" + dependencies: + core-js "^2.4.0" + regenerator-runtime "^0.11.0" + +babel-template@^6.16.0, babel-template@^6.24.1, babel-template@^6.26.0: + version "6.26.0" + resolved "https://registry.yarnpkg.com/babel-template/-/babel-template-6.26.0.tgz#de03e2d16396b069f46dd9fff8521fb1a0e35e02" + dependencies: + babel-runtime "^6.26.0" + babel-traverse "^6.26.0" + babel-types "^6.26.0" + babylon "^6.18.0" + lodash "^4.17.4" + +babel-traverse@^6.15.0, babel-traverse@^6.16.0, babel-traverse@^6.24.1, babel-traverse@^6.26.0: + version "6.26.0" + resolved "https://registry.yarnpkg.com/babel-traverse/-/babel-traverse-6.26.0.tgz#46a9cbd7edcc62c8e5c064e2d2d8d0f4035766ee" + dependencies: + babel-code-frame "^6.26.0" + babel-messages "^6.23.0" + babel-runtime "^6.26.0" + babel-types "^6.26.0" + babylon "^6.18.0" + debug "^2.6.8" + globals "^9.18.0" + invariant "^2.2.2" + lodash "^4.17.4" + +babel-types@^6.15.0, babel-types@^6.16.0, babel-types@^6.19.0, babel-types@^6.24.1, babel-types@^6.26.0: + version "6.26.0" + resolved "https://registry.yarnpkg.com/babel-types/-/babel-types-6.26.0.tgz#a3b073f94ab49eb6fa55cd65227a334380632497" + dependencies: + babel-runtime "^6.26.0" + esutils "^2.0.2" + lodash "^4.17.4" + to-fast-properties "^1.0.3" + +babylon@^6.11.0, babylon@^6.11.2, babylon@^6.18.0: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babylon/-/babylon-6.18.0.tgz#af2f3b88fa6f5c1e4c634d1a0f8eac4f55b395e3" + +backo2@^1.0.2: + version "1.0.2" + resolved "https://registry.yarnpkg.com/backo2/-/backo2-1.0.2.tgz#31ab1ac8b129363463e35b3ebb69f4dfcfba7947" + +balanced-match@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/balanced-match/-/balanced-match-1.0.0.tgz#89b4d199ab2bee49de164ea02b89ce462d71b767" + +base64url@2.0.0, base64url@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/base64url/-/base64url-2.0.0.tgz#eac16e03ea1438eff9423d69baa36262ed1f70bb" + +basic-auth@~1.1.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/basic-auth/-/basic-auth-1.1.0.tgz#45221ee429f7ee1e5035be3f51533f1cdfd29884" + +bcrypt-pbkdf@^1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.1.tgz#63bc5dcb61331b92bc05fd528953c33462a06f8d" + dependencies: + tweetnacl "^0.14.3" + +bcrypt@^1.0.2: + version "1.0.3" + resolved "https://registry.yarnpkg.com/bcrypt/-/bcrypt-1.0.3.tgz#b02ddc6c0b52ea16b8d3cf375d5a32e780dab548" + dependencies: + nan "2.6.2" + node-pre-gyp "0.6.36" + +bin-version-check@^2.1.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/bin-version-check/-/bin-version-check-2.1.0.tgz#e4e5df290b9069f7d111324031efc13fdd11a5b0" + dependencies: + bin-version "^1.0.0" + minimist "^1.1.0" + semver "^4.0.3" + semver-truncate "^1.0.0" + +bin-version@^1.0.0: + version "1.0.4" + resolved "https://registry.yarnpkg.com/bin-version/-/bin-version-1.0.4.tgz#9eb498ee6fd76f7ab9a7c160436f89579435d78e" + dependencies: + find-versions "^1.0.0" + +binary-extensions@^1.0.0: + version "1.10.0" + resolved "https://registry.yarnpkg.com/binary-extensions/-/binary-extensions-1.10.0.tgz#9aeb9a6c5e88638aad171e167f5900abe24835d0" + +bl@^1.0.0: + version "1.2.1" + resolved "https://registry.yarnpkg.com/bl/-/bl-1.2.1.tgz#cac328f7bee45730d404b692203fcb590e172d5e" + dependencies: + readable-stream "^2.0.5" + +block-stream@*: + version "0.0.9" + resolved "https://registry.yarnpkg.com/block-stream/-/block-stream-0.0.9.tgz#13ebfe778a03205cfe03751481ebb4b3300c126a" + dependencies: + inherits "~2.0.0" + +body-parser@1.15.2: + version "1.15.2" + resolved "https://registry.yarnpkg.com/body-parser/-/body-parser-1.15.2.tgz#d7578cf4f1d11d5f6ea804cef35dc7a7ff6dae67" + dependencies: + bytes "2.4.0" + content-type "~1.0.2" + debug "~2.2.0" + depd "~1.1.0" + http-errors "~1.5.0" + iconv-lite "0.4.13" + on-finished "~2.3.0" + qs "6.2.0" + raw-body "~2.1.7" + type-is "~1.6.13" + +boom@2.x.x: + version "2.10.1" + resolved "https://registry.yarnpkg.com/boom/-/boom-2.10.1.tgz#39c8918ceff5799f83f9492a848f625add0c766f" + dependencies: + hoek "2.x.x" + +boom@^4.0.0: + version "4.3.1" + resolved "https://registry.yarnpkg.com/boom/-/boom-4.3.1.tgz#4f8a3005cb4a7e3889f749030fd25b96e01d2e31" + dependencies: + hoek "4.x.x" + +brace-expansion@^1.1.7: + version "1.1.8" + resolved "https://registry.yarnpkg.com/brace-expansion/-/brace-expansion-1.1.8.tgz#c07b211c7c952ec1f8efd51a77ef0d1d3990a292" + dependencies: + balanced-match "^1.0.0" + concat-map "0.0.1" + +braces@^1.8.2: + version "1.8.5" + resolved "https://registry.yarnpkg.com/braces/-/braces-1.8.5.tgz#ba77962e12dff969d6b76711e914b737857bf6a7" + dependencies: + expand-range "^1.8.1" + preserve "^0.2.0" + repeat-element "^1.1.2" + +browser-stdout@1.3.0: + version "1.3.0" + resolved "https://registry.yarnpkg.com/browser-stdout/-/browser-stdout-1.3.0.tgz#f351d32969d32fa5d7a5567154263d928ae3bd1f" + +bson@~1.0.4: + version "1.0.4" + resolved "https://registry.yarnpkg.com/bson/-/bson-1.0.4.tgz#93c10d39eaa5b58415cbc4052f3e53e562b0b72c" + +buffer-crc32@~0.2.3: + version "0.2.13" + resolved "https://registry.yarnpkg.com/buffer-crc32/-/buffer-crc32-0.2.13.tgz#0d333e3f00eac50aa1454abd30ef8c2a5d9a7242" + +buffer-equal-constant-time@1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/buffer-equal-constant-time/-/buffer-equal-constant-time-1.0.1.tgz#f8e71132f7ffe6e01a5c9697a4c6f3e48d5cc819" + +buffer-shims@~1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/buffer-shims/-/buffer-shims-1.0.0.tgz#9978ce317388c649ad8793028c3477ef044a8b51" + +buffer-to-vinyl@^1.0.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/buffer-to-vinyl/-/buffer-to-vinyl-1.1.0.tgz#00f15faee3ab7a1dda2cde6d9121bffdd07b2262" + dependencies: + file-type "^3.1.0" + readable-stream "^2.0.2" + uuid "^2.0.1" + vinyl "^1.0.0" + +builtin-modules@^1.0.0, builtin-modules@^1.1.1: + version "1.1.1" + resolved "https://registry.yarnpkg.com/builtin-modules/-/builtin-modules-1.1.1.tgz#270f076c5a72c02f5b65a47df94c5fe3a278892f" + +bytes@2.4.0: + version "2.4.0" + resolved "https://registry.yarnpkg.com/bytes/-/bytes-2.4.0.tgz#7d97196f9d5baf7f6935e25985549edd2a6c2339" + +caller-path@^0.1.0: + version "0.1.0" + resolved "https://registry.yarnpkg.com/caller-path/-/caller-path-0.1.0.tgz#94085ef63581ecd3daa92444a8fe94e82577751f" + dependencies: + callsites "^0.2.0" + +callsites@^0.2.0: + version "0.2.0" + resolved "https://registry.yarnpkg.com/callsites/-/callsites-0.2.0.tgz#afab96262910a7f33c19a5775825c69f34e350ca" + +camelcase-keys@^2.0.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/camelcase-keys/-/camelcase-keys-2.1.0.tgz#308beeaffdf28119051efa1d932213c91b8f92e7" + dependencies: + camelcase "^2.0.0" + map-obj "^1.0.0" + +camelcase@^2.0.0, camelcase@^2.0.1: + version "2.1.1" + resolved "https://registry.yarnpkg.com/camelcase/-/camelcase-2.1.1.tgz#7c1d16d679a1bbe59ca02cacecfb011e201f5a1f" + +caseless@~0.12.0: + version "0.12.0" + resolved "https://registry.yarnpkg.com/caseless/-/caseless-0.12.0.tgz#1b681c21ff84033c826543090689420d187151dc" + +chai@^3.5.0: + version "3.5.0" + resolved "https://registry.yarnpkg.com/chai/-/chai-3.5.0.tgz#4d02637b067fe958bdbfdd3a40ec56fef7373247" + dependencies: + assertion-error "^1.0.1" + deep-eql "^0.1.3" + type-detect "^1.0.0" + +chalk@1.1.1: + version "1.1.1" + resolved "https://registry.yarnpkg.com/chalk/-/chalk-1.1.1.tgz#509afb67066e7499f7eb3535c77445772ae2d019" + dependencies: + ansi-styles "^2.1.0" + escape-string-regexp "^1.0.2" + has-ansi "^2.0.0" + strip-ansi "^3.0.0" + supports-color "^2.0.0" + +chalk@^1.0.0, chalk@^1.1.1, chalk@^1.1.3: + version "1.1.3" + resolved "https://registry.yarnpkg.com/chalk/-/chalk-1.1.3.tgz#a8115c55e4a702fe4d150abd3872822a7e09fc98" + dependencies: + ansi-styles "^2.2.1" + escape-string-regexp "^1.0.2" + has-ansi "^2.0.0" + strip-ansi "^3.0.0" + supports-color "^2.0.0" + +chokidar@^1.0.0, chokidar@^1.4.3: + version "1.7.0" + resolved "https://registry.yarnpkg.com/chokidar/-/chokidar-1.7.0.tgz#798e689778151c8076b4b360e5edd28cda2bb468" + dependencies: + anymatch "^1.3.0" + async-each "^1.0.0" + glob-parent "^2.0.0" + inherits "^2.0.1" + is-binary-path "^1.0.0" + is-glob "^2.0.0" + path-is-absolute "^1.0.0" + readdirp "^2.0.0" + optionalDependencies: + fsevents "^1.0.0" + +circular-json@^0.3.1: + version "0.3.3" + resolved "https://registry.yarnpkg.com/circular-json/-/circular-json-0.3.3.tgz#815c99ea84f6809529d2f45791bdf82711352d66" + +cli-cursor@^1.0.1: + version "1.0.2" + resolved "https://registry.yarnpkg.com/cli-cursor/-/cli-cursor-1.0.2.tgz#64da3f7d56a54412e59794bd62dc35295e8f2987" + dependencies: + restore-cursor "^1.0.1" + +cli-width@^2.0.0: + version "2.2.0" + resolved "https://registry.yarnpkg.com/cli-width/-/cli-width-2.2.0.tgz#ff19ede8a9a5e579324147b0c11f0fbcbabed639" + +cliui@^3.0.3: + version "3.2.0" + resolved "https://registry.yarnpkg.com/cliui/-/cliui-3.2.0.tgz#120601537a916d29940f934da3b48d585a39213d" + dependencies: + string-width "^1.0.1" + strip-ansi "^3.0.1" + wrap-ansi "^2.0.0" + +clone-stats@^0.0.1: + version "0.0.1" + resolved "https://registry.yarnpkg.com/clone-stats/-/clone-stats-0.0.1.tgz#b88f94a82cf38b8791d58046ea4029ad88ca99d1" + +clone@^0.2.0: + version "0.2.0" + resolved "https://registry.yarnpkg.com/clone/-/clone-0.2.0.tgz#c6126a90ad4f72dbf5acdb243cc37724fe93fc1f" + +clone@^1.0.0: + version "1.0.2" + resolved "https://registry.yarnpkg.com/clone/-/clone-1.0.2.tgz#260b7a99ebb1edfe247538175f783243cb19d149" + +co@^4.6.0: + version "4.6.0" + resolved "https://registry.yarnpkg.com/co/-/co-4.6.0.tgz#6ea6bdf3d853ae54ccb8e47bfa0bf3f9031fb184" + +code-point-at@^1.0.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/code-point-at/-/code-point-at-1.1.0.tgz#0d070b4d043a5bea33a2f1a40e2edb3d9a4ccf77" + +colors@1.0.x: + version "1.0.3" + resolved "https://registry.yarnpkg.com/colors/-/colors-1.0.3.tgz#0433f44d809680fdeb60ed260f1b0c262e82a40b" + +combined-stream@^1.0.5, combined-stream@~1.0.5: + version "1.0.5" + resolved "https://registry.yarnpkg.com/combined-stream/-/combined-stream-1.0.5.tgz#938370a57b4a51dea2c77c15d5c5fdf895164009" + dependencies: + delayed-stream "~1.0.0" + +commander@2.9.0: + version "2.9.0" + resolved "https://registry.yarnpkg.com/commander/-/commander-2.9.0.tgz#9c99094176e12240cb22d6c5146098400fe0f7d4" + dependencies: + graceful-readlink ">= 1.0.0" + +commander@^2.8.1: + version "2.11.0" + resolved "https://registry.yarnpkg.com/commander/-/commander-2.11.0.tgz#157152fd1e7a6c8d98a5b715cf376df928004563" + +commander@~2.8.1: + version "2.8.1" + resolved "https://registry.yarnpkg.com/commander/-/commander-2.8.1.tgz#06be367febfda0c330aa1e2a072d3dc9762425d4" + dependencies: + graceful-readlink ">= 1.0.0" + +concat-map@0.0.1: + version "0.0.1" + resolved "https://registry.yarnpkg.com/concat-map/-/concat-map-0.0.1.tgz#d8a96bd77fd68df7793a73036a3ba0d5405d477b" + +concat-stream@^1.4.6, concat-stream@^1.4.7: + version "1.6.0" + resolved "https://registry.yarnpkg.com/concat-stream/-/concat-stream-1.6.0.tgz#0aac662fd52be78964d5532f694784e70110acf7" + dependencies: + inherits "^2.0.3" + readable-stream "^2.2.2" + typedarray "^0.0.6" + +configstore@^1.0.0: + version "1.4.0" + resolved "https://registry.yarnpkg.com/configstore/-/configstore-1.4.0.tgz#c35781d0501d268c25c54b8b17f6240e8a4fb021" + dependencies: + graceful-fs "^4.1.2" + mkdirp "^0.5.0" + object-assign "^4.0.1" + os-tmpdir "^1.0.0" + osenv "^0.1.0" + uuid "^2.0.1" + write-file-atomic "^1.1.2" + xdg-basedir "^2.0.0" + +console-control-strings@^1.0.0, console-control-strings@~1.1.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/console-control-strings/-/console-control-strings-1.1.0.tgz#3d7cf4464db6446ea644bf4b39507f9851008e8e" + +contains-path@^0.1.0: + version "0.1.0" + resolved "https://registry.yarnpkg.com/contains-path/-/contains-path-0.1.0.tgz#fe8cf184ff6670b6baef01a9d4861a5cbec4120a" + +content-disposition@0.5.1: + version "0.5.1" + resolved "https://registry.yarnpkg.com/content-disposition/-/content-disposition-0.5.1.tgz#87476c6a67c8daa87e32e87616df883ba7fb071b" + +content-type@~1.0.2: + version "1.0.2" + resolved "https://registry.yarnpkg.com/content-type/-/content-type-1.0.2.tgz#b7d113aee7a8dd27bd21133c4dc2529df1721eed" + +convert-source-map@^1.1.0, convert-source-map@^1.1.1, convert-source-map@^1.5.0: + version "1.5.0" + resolved "https://registry.yarnpkg.com/convert-source-map/-/convert-source-map-1.5.0.tgz#9acd70851c6d5dfdd93d9282e5edf94a03ff46b5" + +cookie-signature@1.0.6: + version "1.0.6" + resolved "https://registry.yarnpkg.com/cookie-signature/-/cookie-signature-1.0.6.tgz#e303a882b342cc3ee8ca513a79999734dab3ae2c" + +cookie@0.3.1: + version "0.3.1" + resolved "https://registry.yarnpkg.com/cookie/-/cookie-0.3.1.tgz#e7e0a1f9ef43b4c8ba925c5c5a96e806d16873bb" + +core-js@^2.4.0, core-js@^2.5.0: + version "2.5.0" + resolved "https://registry.yarnpkg.com/core-js/-/core-js-2.5.0.tgz#569c050918be6486b3837552028ae0466b717086" + +core-util-is@1.0.2, core-util-is@~1.0.0: + version "1.0.2" + resolved "https://registry.yarnpkg.com/core-util-is/-/core-util-is-1.0.2.tgz#b5fd54220aa2bc5ab57aab7140c940754503c1a7" + +cors@^2.8.1: + version "2.8.4" + resolved "https://registry.yarnpkg.com/cors/-/cors-2.8.4.tgz#2bd381f2eb201020105cd50ea59da63090694686" + dependencies: + object-assign "^4" + vary "^1" + +crc@3.4.0: + version "3.4.0" + resolved "https://registry.yarnpkg.com/crc/-/crc-3.4.0.tgz#4258e351613a74ef1153dfcb05e820c3e9715d7f" + +create-graphql-server-authorization@^0.0.28: + version "0.0.28" + resolved "https://registry.yarnpkg.com/create-graphql-server-authorization/-/create-graphql-server-authorization-0.0.28.tgz#cccb2d70bcee51ea555cad419c7a72fe77161354" + dependencies: + global "^4.3.2" + iterall "^1.1.0" + lodash "4.16.4" + mongodb "^2.2.31" + winston "^2.3.1" + +cryptiles@2.x.x: + version "2.0.5" + resolved "https://registry.yarnpkg.com/cryptiles/-/cryptiles-2.0.5.tgz#3bdfecdc608147c1c67202fa291e7dca59eaa3b8" + dependencies: + boom "2.x.x" + +currently-unhandled@^0.4.1: + version "0.4.1" + resolved "https://registry.yarnpkg.com/currently-unhandled/-/currently-unhandled-0.4.1.tgz#988df33feab191ef799a61369dd76c17adf957ea" + dependencies: + array-find-index "^1.0.1" + +cycle@1.0.x: + version "1.0.3" + resolved "https://registry.yarnpkg.com/cycle/-/cycle-1.0.3.tgz#21e80b2be8580f98b468f379430662b046c34ad2" + +d@1: + version "1.0.0" + resolved "https://registry.yarnpkg.com/d/-/d-1.0.0.tgz#754bb5bfe55451da69a58b94d45f4c5b0462d58f" + dependencies: + es5-ext "^0.10.9" + +damerau-levenshtein@^1.0.0: + version "1.0.4" + resolved "https://registry.yarnpkg.com/damerau-levenshtein/-/damerau-levenshtein-1.0.4.tgz#03191c432cb6eea168bb77f3a55ffdccb8978514" + +dashdash@^1.12.0: + version "1.14.1" + resolved "https://registry.yarnpkg.com/dashdash/-/dashdash-1.14.1.tgz#853cfa0f7cbe2fed5de20326b8dd581035f6e2f0" + dependencies: + assert-plus "^1.0.0" + +dataloader@^1.2.0: + version "1.3.0" + resolved "https://registry.yarnpkg.com/dataloader/-/dataloader-1.3.0.tgz#6fec5be4b30a712e4afd30b86b4334566b97673b" + +debug@2, debug@2.6.8, debug@^2.1.1, debug@^2.2.0, debug@^2.6.8: + version "2.6.8" + resolved "https://registry.yarnpkg.com/debug/-/debug-2.6.8.tgz#e731531ca2ede27d188222427da17821d68ff4fc" + dependencies: + ms "2.0.0" + +debug@2.2.0, debug@~2.2.0: + version "2.2.0" + resolved "https://registry.yarnpkg.com/debug/-/debug-2.2.0.tgz#f87057e995b1a1f6ae6a4960664137bc56f039da" + dependencies: + ms "0.7.1" + +decamelize@^1.1.1, decamelize@^1.1.2: + version "1.2.0" + resolved "https://registry.yarnpkg.com/decamelize/-/decamelize-1.2.0.tgz#f6534d15148269b20352e7bee26f501f9a191290" + +decompress-tar@^3.0.0: + version "3.1.0" + resolved "https://registry.yarnpkg.com/decompress-tar/-/decompress-tar-3.1.0.tgz#217c789f9b94450efaadc5c5e537978fc333c466" + dependencies: + is-tar "^1.0.0" + object-assign "^2.0.0" + strip-dirs "^1.0.0" + tar-stream "^1.1.1" + through2 "^0.6.1" + vinyl "^0.4.3" + +decompress-tarbz2@^3.0.0: + version "3.1.0" + resolved "https://registry.yarnpkg.com/decompress-tarbz2/-/decompress-tarbz2-3.1.0.tgz#8b23935681355f9f189d87256a0f8bdd96d9666d" + dependencies: + is-bzip2 "^1.0.0" + object-assign "^2.0.0" + seek-bzip "^1.0.3" + strip-dirs "^1.0.0" + tar-stream "^1.1.1" + through2 "^0.6.1" + vinyl "^0.4.3" + +decompress-targz@^3.0.0: + version "3.1.0" + resolved "https://registry.yarnpkg.com/decompress-targz/-/decompress-targz-3.1.0.tgz#b2c13df98166268991b715d6447f642e9696f5a0" + dependencies: + is-gzip "^1.0.0" + object-assign "^2.0.0" + strip-dirs "^1.0.0" + tar-stream "^1.1.1" + through2 "^0.6.1" + vinyl "^0.4.3" + +decompress-unzip@^3.0.0: + version "3.4.0" + resolved "https://registry.yarnpkg.com/decompress-unzip/-/decompress-unzip-3.4.0.tgz#61475b4152066bbe3fee12f9d629d15fe6478eeb" + dependencies: + is-zip "^1.0.0" + read-all-stream "^3.0.0" + stat-mode "^0.2.0" + strip-dirs "^1.0.0" + through2 "^2.0.0" + vinyl "^1.0.0" + yauzl "^2.2.1" + +decompress@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/decompress/-/decompress-3.0.0.tgz#af1dd50d06e3bfc432461d37de11b38c0d991bed" + dependencies: + buffer-to-vinyl "^1.0.0" + concat-stream "^1.4.6" + decompress-tar "^3.0.0" + decompress-tarbz2 "^3.0.0" + decompress-targz "^3.0.0" + decompress-unzip "^3.0.0" + stream-combiner2 "^1.1.1" + vinyl-assign "^1.0.1" + vinyl-fs "^2.2.0" + +deep-eql@^0.1.3: + version "0.1.3" + resolved "https://registry.yarnpkg.com/deep-eql/-/deep-eql-0.1.3.tgz#ef558acab8de25206cd713906d74e56930eb69f2" + dependencies: + type-detect "0.1.1" + +deep-extend@~0.4.0: + version "0.4.2" + resolved "https://registry.yarnpkg.com/deep-extend/-/deep-extend-0.4.2.tgz#48b699c27e334bf89f10892be432f6e4c7d34a7f" + +deep-is@~0.1.3: + version "0.1.3" + resolved "https://registry.yarnpkg.com/deep-is/-/deep-is-0.1.3.tgz#b369d6fb5dbc13eecf524f91b070feedc357cf34" + +del@^2.0.2: + version "2.2.2" + resolved "https://registry.yarnpkg.com/del/-/del-2.2.2.tgz#c12c981d067846c84bcaf862cff930d907ffd1a8" + dependencies: + globby "^5.0.0" + is-path-cwd "^1.0.0" + is-path-in-cwd "^1.0.0" + object-assign "^4.0.1" + pify "^2.0.0" + pinkie-promise "^2.0.0" + rimraf "^2.2.8" + +delayed-stream@~1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/delayed-stream/-/delayed-stream-1.0.0.tgz#df3ae199acadfb7d440aaae0b29e2272b24ec619" + +delegates@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/delegates/-/delegates-1.0.0.tgz#84c6e159b81904fdca59a0ef44cd870d31250f9a" + +denodeify@^1.2.1: + version "1.2.1" + resolved "https://registry.yarnpkg.com/denodeify/-/denodeify-1.2.1.tgz#3a36287f5034e699e7577901052c2e6c94251631" + +depd@1.1.1, depd@~1.1.0: + version "1.1.1" + resolved "https://registry.yarnpkg.com/depd/-/depd-1.1.1.tgz#5783b4e1c459f06fa5ca27f991f3d06e7a310359" + +deprecated-decorator@^0.1.6: + version "0.1.6" + resolved "https://registry.yarnpkg.com/deprecated-decorator/-/deprecated-decorator-0.1.6.tgz#00966317b7a12fe92f3cc831f7583af329b86c37" + +destroy@~1.0.4: + version "1.0.4" + resolved "https://registry.yarnpkg.com/destroy/-/destroy-1.0.4.tgz#978857442c44749e4206613e37946205826abd80" + +detect-indent@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/detect-indent/-/detect-indent-4.0.0.tgz#f76d064352cdf43a1cb6ce619c4ee3a9475de208" + dependencies: + repeating "^2.0.0" + +diff@3.2.0: + version "3.2.0" + resolved "https://registry.yarnpkg.com/diff/-/diff-3.2.0.tgz#c9ce393a4b7cbd0b058a725c93df299027868ff9" + +doctrine@1.3.x: + version "1.3.0" + resolved "https://registry.yarnpkg.com/doctrine/-/doctrine-1.3.0.tgz#13e75682b55518424276f7c173783456ef913d26" + dependencies: + esutils "^2.0.2" + isarray "^1.0.0" + +doctrine@^1.2.2: + version "1.5.0" + resolved "https://registry.yarnpkg.com/doctrine/-/doctrine-1.5.0.tgz#379dce730f6166f76cefa4e6707a159b02c5a6fa" + dependencies: + esutils "^2.0.2" + isarray "^1.0.0" + +dom-walk@^0.1.0: + version "0.1.1" + resolved "https://registry.yarnpkg.com/dom-walk/-/dom-walk-0.1.1.tgz#672226dc74c8f799ad35307df936aba11acd6018" + +dotenv@2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/dotenv/-/dotenv-2.0.0.tgz#bd759c357aaa70365e01c96b7b0bec08a6e0d949" + +duplexer2@~0.1.0: + version "0.1.4" + resolved "https://registry.yarnpkg.com/duplexer2/-/duplexer2-0.1.4.tgz#8b12dab878c0d69e3e7891051662a32fc6bddcc1" + dependencies: + readable-stream "^2.0.2" + +duplexer@~0.1.1: + version "0.1.1" + resolved "https://registry.yarnpkg.com/duplexer/-/duplexer-0.1.1.tgz#ace6ff808c1ce66b57d1ebf97977acb02334cfc1" + +duplexify@^3.2.0: + version "3.5.1" + resolved "https://registry.yarnpkg.com/duplexify/-/duplexify-3.5.1.tgz#4e1516be68838bc90a49994f0b39a6e5960befcd" + dependencies: + end-of-stream "^1.0.0" + inherits "^2.0.1" + readable-stream "^2.0.0" + stream-shift "^1.0.0" + +ecc-jsbn@~0.1.1: + version "0.1.1" + resolved "https://registry.yarnpkg.com/ecc-jsbn/-/ecc-jsbn-0.1.1.tgz#0fc73a9ed5f0d53c38193398523ef7e543777505" + dependencies: + jsbn "~0.1.0" + +ecdsa-sig-formatter@1.0.9: + version "1.0.9" + resolved "https://registry.yarnpkg.com/ecdsa-sig-formatter/-/ecdsa-sig-formatter-1.0.9.tgz#4bc926274ec3b5abb5016e7e1d60921ac262b2a1" + dependencies: + base64url "^2.0.0" + safe-buffer "^5.0.1" + +ee-first@1.1.1: + version "1.1.1" + resolved "https://registry.yarnpkg.com/ee-first/-/ee-first-1.1.1.tgz#590c61156b0ae2f4f0255732a158b266bc56b21d" + +encodeurl@~1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/encodeurl/-/encodeurl-1.0.1.tgz#79e3d58655346909fe6f0f45a5de68103b294d20" + +encoding@^0.1.11: + version "0.1.12" + resolved "https://registry.yarnpkg.com/encoding/-/encoding-0.1.12.tgz#538b66f3ee62cd1ab51ec323829d1f9480c74beb" + dependencies: + iconv-lite "~0.4.13" + +end-of-stream@^1.0.0: + version "1.4.0" + resolved "https://registry.yarnpkg.com/end-of-stream/-/end-of-stream-1.4.0.tgz#7a90d833efda6cfa6eac0f4949dbb0fad3a63206" + dependencies: + once "^1.4.0" + +error-ex@^1.2.0: + version "1.3.1" + resolved "https://registry.yarnpkg.com/error-ex/-/error-ex-1.3.1.tgz#f855a86ce61adc4e8621c3cda21e7a7612c3a8dc" + dependencies: + is-arrayish "^0.2.1" + +es5-ext@^0.10.14, es5-ext@^0.10.9, es5-ext@~0.10.14: + version "0.10.30" + resolved "https://registry.yarnpkg.com/es5-ext/-/es5-ext-0.10.30.tgz#7141a16836697dbabfaaaeee41495ce29f52c939" + dependencies: + es6-iterator "2" + es6-symbol "~3.1" + +es6-iterator@2, es6-iterator@^2.0.1, es6-iterator@~2.0.1: + version "2.0.1" + resolved "https://registry.yarnpkg.com/es6-iterator/-/es6-iterator-2.0.1.tgz#8e319c9f0453bf575d374940a655920e59ca5512" + dependencies: + d "1" + es5-ext "^0.10.14" + es6-symbol "^3.1" + +es6-map@^0.1.3: + version "0.1.5" + resolved "https://registry.yarnpkg.com/es6-map/-/es6-map-0.1.5.tgz#9136e0503dcc06a301690f0bb14ff4e364e949f0" + dependencies: + d "1" + es5-ext "~0.10.14" + es6-iterator "~2.0.1" + es6-set "~0.1.5" + es6-symbol "~3.1.1" + event-emitter "~0.3.5" + +es6-promise@3.2.1: + version "3.2.1" + resolved "https://registry.yarnpkg.com/es6-promise/-/es6-promise-3.2.1.tgz#ec56233868032909207170c39448e24449dd1fc4" + +es6-promise@^3.0.2, es6-promise@^3.2.1: + version "3.3.1" + resolved "https://registry.yarnpkg.com/es6-promise/-/es6-promise-3.3.1.tgz#a08cdde84ccdbf34d027a1451bc91d4bcd28a613" + +es6-set@~0.1.5: + version "0.1.5" + resolved "https://registry.yarnpkg.com/es6-set/-/es6-set-0.1.5.tgz#d2b3ec5d4d800ced818db538d28974db0a73ccb1" + dependencies: + d "1" + es5-ext "~0.10.14" + es6-iterator "~2.0.1" + es6-symbol "3.1.1" + event-emitter "~0.3.5" + +es6-symbol@3.1.1, es6-symbol@^3.1, es6-symbol@^3.1.1, es6-symbol@~3.1, es6-symbol@~3.1.1: + version "3.1.1" + resolved "https://registry.yarnpkg.com/es6-symbol/-/es6-symbol-3.1.1.tgz#bf00ef4fdab6ba1b46ecb7b629b4c7ed5715cc77" + dependencies: + d "1" + es5-ext "~0.10.14" + +es6-weak-map@^2.0.1: + version "2.0.2" + resolved "https://registry.yarnpkg.com/es6-weak-map/-/es6-weak-map-2.0.2.tgz#5e3ab32251ffd1538a1f8e5ffa1357772f92d96f" + dependencies: + d "1" + es5-ext "^0.10.14" + es6-iterator "^2.0.1" + es6-symbol "^3.1.1" + +escape-html@~1.0.3: + version "1.0.3" + resolved "https://registry.yarnpkg.com/escape-html/-/escape-html-1.0.3.tgz#0258eae4d3d0c0974de1c169188ef0051d1d1988" + +escape-string-regexp@1.0.5, escape-string-regexp@^1.0.2, escape-string-regexp@^1.0.5: + version "1.0.5" + resolved "https://registry.yarnpkg.com/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz#1b61c0562190a8dff6ae3bb2cf0200ca130b86d4" + +escope@^3.6.0: + version "3.6.0" + resolved "https://registry.yarnpkg.com/escope/-/escope-3.6.0.tgz#e01975e812781a163a6dadfdd80398dc64c889c3" + dependencies: + es6-map "^0.1.3" + es6-weak-map "^2.0.1" + esrecurse "^4.1.0" + estraverse "^4.1.1" + +eslint-config-react-app@^0.4.0: + version "0.4.0" + resolved "https://registry.yarnpkg.com/eslint-config-react-app/-/eslint-config-react-app-0.4.0.tgz#7f87bfd2a35ed7aa17860b6b002b4197fea385d0" + +eslint-import-resolver-node@^0.2.0: + version "0.2.3" + resolved "https://registry.yarnpkg.com/eslint-import-resolver-node/-/eslint-import-resolver-node-0.2.3.tgz#5add8106e8c928db2cba232bcd9efa846e3da16c" + dependencies: + debug "^2.2.0" + object-assign "^4.0.1" + resolve "^1.1.6" + +eslint-module-utils@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/eslint-module-utils/-/eslint-module-utils-1.0.0.tgz#c4a57fd3a53efd8426cc2d5550aadab9bbd05fd0" + dependencies: + debug "2.2.0" + pkg-dir "^1.0.0" + +eslint-plugin-babel@3.3.0: + version "3.3.0" + resolved "https://registry.yarnpkg.com/eslint-plugin-babel/-/eslint-plugin-babel-3.3.0.tgz#2f494aedcf6f4aa4e75b9155980837bc1fbde193" + +eslint-plugin-flowtype@2.21.0: + version "2.21.0" + resolved "https://registry.yarnpkg.com/eslint-plugin-flowtype/-/eslint-plugin-flowtype-2.21.0.tgz#a47e85abcdd181d37a336054bd552149ae387d9c" + dependencies: + lodash "^4.15.0" + +eslint-plugin-import@2.0.1: + version "2.0.1" + resolved "https://registry.yarnpkg.com/eslint-plugin-import/-/eslint-plugin-import-2.0.1.tgz#dcfe96357d476b3f822570d42c29bec66f5d9c5c" + dependencies: + builtin-modules "^1.1.1" + contains-path "^0.1.0" + debug "^2.2.0" + doctrine "1.3.x" + eslint-import-resolver-node "^0.2.0" + eslint-module-utils "^1.0.0" + has "^1.0.1" + lodash.cond "^4.3.0" + minimatch "^3.0.3" + pkg-up "^1.0.0" + +eslint-plugin-jsx-a11y@2.2.3: + version "2.2.3" + resolved "https://registry.yarnpkg.com/eslint-plugin-jsx-a11y/-/eslint-plugin-jsx-a11y-2.2.3.tgz#4e35cb71b8a7db702ac415c806eb8e8d9ea6c65d" + dependencies: + damerau-levenshtein "^1.0.0" + jsx-ast-utils "^1.0.0" + object-assign "^4.0.1" + +eslint-plugin-react@6.4.1: + version "6.4.1" + resolved "https://registry.yarnpkg.com/eslint-plugin-react/-/eslint-plugin-react-6.4.1.tgz#7d1aade747db15892f71eee1fea4addf97bcfa2b" + dependencies: + doctrine "^1.2.2" + jsx-ast-utils "^1.3.1" + +eslint@3.8.1: + version "3.8.1" + resolved "https://registry.yarnpkg.com/eslint/-/eslint-3.8.1.tgz#7d02db44cd5aaf4fa7aa489e1f083baa454342ba" + dependencies: + chalk "^1.1.3" + concat-stream "^1.4.6" + debug "^2.1.1" + doctrine "^1.2.2" + escope "^3.6.0" + espree "^3.3.1" + estraverse "^4.2.0" + esutils "^2.0.2" + file-entry-cache "^2.0.0" + glob "^7.0.3" + globals "^9.2.0" + ignore "^3.1.5" + imurmurhash "^0.1.4" + inquirer "^0.12.0" + is-my-json-valid "^2.10.0" + is-resolvable "^1.0.0" + js-yaml "^3.5.1" + json-stable-stringify "^1.0.0" + levn "^0.3.0" + lodash "^4.0.0" + mkdirp "^0.5.0" + natural-compare "^1.4.0" + optionator "^0.8.2" + path-is-inside "^1.0.1" + pluralize "^1.2.1" + progress "^1.1.8" + require-uncached "^1.0.2" + shelljs "^0.6.0" + strip-bom "^3.0.0" + strip-json-comments "~1.0.1" + table "^3.7.8" + text-table "~0.2.0" + user-home "^2.0.0" + +espree@^3.3.1: + version "3.5.0" + resolved "https://registry.yarnpkg.com/espree/-/espree-3.5.0.tgz#98358625bdd055861ea27e2867ea729faf463d8d" + dependencies: + acorn "^5.1.1" + acorn-jsx "^3.0.0" + +esprima@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/esprima/-/esprima-4.0.0.tgz#4499eddcd1110e0b218bacf2fa7f7f59f55ca804" + +esrecurse@^4.1.0: + version "4.2.0" + resolved "https://registry.yarnpkg.com/esrecurse/-/esrecurse-4.2.0.tgz#fa9568d98d3823f9a41d91e902dcab9ea6e5b163" + dependencies: + estraverse "^4.1.0" + object-assign "^4.0.1" + +estraverse@^4.1.0, estraverse@^4.1.1, estraverse@^4.2.0: + version "4.2.0" + resolved "https://registry.yarnpkg.com/estraverse/-/estraverse-4.2.0.tgz#0dee3fed31fcd469618ce7342099fc1afa0bdb13" + +esutils@^2.0.2: + version "2.0.2" + resolved "https://registry.yarnpkg.com/esutils/-/esutils-2.0.2.tgz#0abf4f1caa5bcb1f7a9d8acc6dea4faaa04bac9b" + +etag@~1.7.0: + version "1.7.0" + resolved "https://registry.yarnpkg.com/etag/-/etag-1.7.0.tgz#03d30b5f67dd6e632d2945d30d6652731a34d5d8" + +event-emitter@~0.3.5: + version "0.3.5" + resolved "https://registry.yarnpkg.com/event-emitter/-/event-emitter-0.3.5.tgz#df8c69eef1647923c7157b9ce83840610b02cc39" + dependencies: + d "1" + es5-ext "~0.10.14" + +event-stream@~3.3.0: + version "3.3.4" + resolved "https://registry.yarnpkg.com/event-stream/-/event-stream-3.3.4.tgz#4ab4c9a0f5a54db9338b4c34d86bfce8f4b35571" + dependencies: + duplexer "~0.1.1" + from "~0" + map-stream "~0.1.0" + pause-stream "0.0.11" + split "0.3" + stream-combiner "~0.0.4" + through "~2.3.1" + +exit-hook@^1.0.0: + version "1.1.1" + resolved "https://registry.yarnpkg.com/exit-hook/-/exit-hook-1.1.1.tgz#f05ca233b48c05d54fff07765df8507e95c02ff8" + +expand-brackets@^0.1.4: + version "0.1.5" + resolved "https://registry.yarnpkg.com/expand-brackets/-/expand-brackets-0.1.5.tgz#df07284e342a807cd733ac5af72411e581d1177b" + dependencies: + is-posix-bracket "^0.1.0" + +expand-range@^1.8.1: + version "1.8.2" + resolved "https://registry.yarnpkg.com/expand-range/-/expand-range-1.8.2.tgz#a299effd335fe2721ebae8e257ec79644fc85337" + dependencies: + fill-range "^2.1.0" + +express-session@1.14.1: + version "1.14.1" + resolved "https://registry.yarnpkg.com/express-session/-/express-session-1.14.1.tgz#600364f0f6bf5dce32649e006770bdeee80aec99" + dependencies: + cookie "0.3.1" + cookie-signature "1.0.6" + crc "3.4.0" + debug "~2.2.0" + depd "~1.1.0" + on-headers "~1.0.1" + parseurl "~1.3.1" + uid-safe "~2.1.2" + utils-merge "1.0.0" + +express@4.14.0: + version "4.14.0" + resolved "https://registry.yarnpkg.com/express/-/express-4.14.0.tgz#c1ee3f42cdc891fb3dc650a8922d51ec847d0d66" + dependencies: + accepts "~1.3.3" + array-flatten "1.1.1" + content-disposition "0.5.1" + content-type "~1.0.2" + cookie "0.3.1" + cookie-signature "1.0.6" + debug "~2.2.0" + depd "~1.1.0" + encodeurl "~1.0.1" + escape-html "~1.0.3" + etag "~1.7.0" + finalhandler "0.5.0" + fresh "0.3.0" + merge-descriptors "1.0.1" + methods "~1.1.2" + on-finished "~2.3.0" + parseurl "~1.3.1" + path-to-regexp "0.1.7" + proxy-addr "~1.1.2" + qs "6.2.0" + range-parser "~1.2.0" + send "0.14.1" + serve-static "~1.11.1" + type-is "~1.6.13" + utils-merge "1.0.0" + vary "~1.1.0" + +extend-shallow@^2.0.1: + version "2.0.1" + resolved "https://registry.yarnpkg.com/extend-shallow/-/extend-shallow-2.0.1.tgz#51af7d614ad9a9f610ea1bafbb989d6b1c56890f" + dependencies: + is-extendable "^0.1.0" + +extend@3, extend@^3.0.0, extend@~3.0.0: + version "3.0.1" + resolved "https://registry.yarnpkg.com/extend/-/extend-3.0.1.tgz#a755ea7bc1adfcc5a31ce7e762dbaadc5e636444" + +extglob@^0.3.1: + version "0.3.2" + resolved "https://registry.yarnpkg.com/extglob/-/extglob-0.3.2.tgz#2e18ff3d2f49ab2765cec9023f011daa8d8349a1" + dependencies: + is-extglob "^1.0.0" + +extsprintf@1.3.0, extsprintf@^1.2.0: + version "1.3.0" + resolved "https://registry.yarnpkg.com/extsprintf/-/extsprintf-1.3.0.tgz#96918440e3041a7a414f8c52e3c574eb3c3e1e05" + +eyes@0.1.x: + version "0.1.8" + resolved "https://registry.yarnpkg.com/eyes/-/eyes-0.1.8.tgz#62cf120234c683785d902348a800ef3e0cc20bc0" + +fast-levenshtein@~2.0.4: + version "2.0.6" + resolved "https://registry.yarnpkg.com/fast-levenshtein/-/fast-levenshtein-2.0.6.tgz#3d8a5c66883a16a30ca8643e851f19baa7797917" + +fd-slicer@~1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/fd-slicer/-/fd-slicer-1.0.1.tgz#8b5bcbd9ec327c5041bf9ab023fd6750f1177e65" + dependencies: + pend "~1.2.0" + +figures@^1.3.5: + version "1.7.0" + resolved "https://registry.yarnpkg.com/figures/-/figures-1.7.0.tgz#cbe1e3affcf1cd44b80cadfed28dc793a9701d2e" + dependencies: + escape-string-regexp "^1.0.5" + object-assign "^4.1.0" + +file-entry-cache@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/file-entry-cache/-/file-entry-cache-2.0.0.tgz#c392990c3e684783d838b8c84a45d8a048458361" + dependencies: + flat-cache "^1.2.1" + object-assign "^4.0.1" + +file-type@^3.1.0: + version "3.9.0" + resolved "https://registry.yarnpkg.com/file-type/-/file-type-3.9.0.tgz#257a078384d1db8087bc449d107d52a52672b9e9" + +filename-regex@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/filename-regex/-/filename-regex-2.0.1.tgz#c1c4b9bee3e09725ddb106b75c1e301fe2f18b26" + +fill-range@^2.1.0: + version "2.2.3" + resolved "https://registry.yarnpkg.com/fill-range/-/fill-range-2.2.3.tgz#50b77dfd7e469bc7492470963699fe7a8485a723" + dependencies: + is-number "^2.1.0" + isobject "^2.0.0" + randomatic "^1.1.3" + repeat-element "^1.1.2" + repeat-string "^1.5.2" + +finalhandler@0.5.0: + version "0.5.0" + resolved "https://registry.yarnpkg.com/finalhandler/-/finalhandler-0.5.0.tgz#e9508abece9b6dba871a6942a1d7911b91911ac7" + dependencies: + debug "~2.2.0" + escape-html "~1.0.3" + on-finished "~2.3.0" + statuses "~1.3.0" + unpipe "~1.0.0" + +find-up@^1.0.0: + version "1.1.2" + resolved "https://registry.yarnpkg.com/find-up/-/find-up-1.1.2.tgz#6b2e9822b1a2ce0a60ab64d610eccad53cb24d0f" + dependencies: + path-exists "^2.0.0" + pinkie-promise "^2.0.0" + +find-versions@^1.0.0: + version "1.2.1" + resolved "https://registry.yarnpkg.com/find-versions/-/find-versions-1.2.1.tgz#cbde9f12e38575a0af1be1b9a2c5d5fd8f186b62" + dependencies: + array-uniq "^1.0.0" + get-stdin "^4.0.1" + meow "^3.5.0" + semver-regex "^1.0.0" + +first-chunk-stream@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/first-chunk-stream/-/first-chunk-stream-1.0.0.tgz#59bfb50cd905f60d7c394cd3d9acaab4e6ad934e" + +flat-cache@^1.2.1: + version "1.2.2" + resolved "https://registry.yarnpkg.com/flat-cache/-/flat-cache-1.2.2.tgz#fa86714e72c21db88601761ecf2f555d1abc6b96" + dependencies: + circular-json "^0.3.1" + del "^2.0.2" + graceful-fs "^4.1.2" + write "^0.2.1" + +for-in@^1.0.1: + version "1.0.2" + resolved "https://registry.yarnpkg.com/for-in/-/for-in-1.0.2.tgz#81068d295a8142ec0ac726c6e2200c30fb6d5e80" + +for-own@^0.1.4: + version "0.1.5" + resolved "https://registry.yarnpkg.com/for-own/-/for-own-0.1.5.tgz#5265c681a4f294dabbf17c9509b6763aa84510ce" + dependencies: + for-in "^1.0.1" + +forever-agent@~0.6.1: + version "0.6.1" + resolved "https://registry.yarnpkg.com/forever-agent/-/forever-agent-0.6.1.tgz#fbc71f0c41adeb37f96c577ad1ed42d8fdacca91" + +form-data@~2.1.1: + version "2.1.4" + resolved "https://registry.yarnpkg.com/form-data/-/form-data-2.1.4.tgz#33c183acf193276ecaa98143a69e94bfee1750d1" + dependencies: + asynckit "^0.4.0" + combined-stream "^1.0.5" + mime-types "^2.1.12" + +forwarded@~0.1.0: + version "0.1.0" + resolved "https://registry.yarnpkg.com/forwarded/-/forwarded-0.1.0.tgz#19ef9874c4ae1c297bcf078fde63a09b66a84363" + +fresh@0.3.0: + version "0.3.0" + resolved "https://registry.yarnpkg.com/fresh/-/fresh-0.3.0.tgz#651f838e22424e7566de161d8358caa199f83d4f" + +from@~0: + version "0.1.7" + resolved "https://registry.yarnpkg.com/from/-/from-0.1.7.tgz#83c60afc58b9c56997007ed1a768b3ab303a44fe" + +fs-readdir-recursive@^0.1.0: + version "0.1.2" + resolved "https://registry.yarnpkg.com/fs-readdir-recursive/-/fs-readdir-recursive-0.1.2.tgz#315b4fb8c1ca5b8c47defef319d073dad3568059" + +fs.realpath@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/fs.realpath/-/fs.realpath-1.0.0.tgz#1504ad2523158caa40db4a2787cb01411994ea4f" + +fsevents@^1.0.0: + version "1.1.2" + resolved "https://registry.yarnpkg.com/fsevents/-/fsevents-1.1.2.tgz#3282b713fb3ad80ede0e9fcf4611b5aa6fc033f4" + dependencies: + nan "^2.3.0" + node-pre-gyp "^0.6.36" + +fstream-ignore@^1.0.5: + version "1.0.5" + resolved "https://registry.yarnpkg.com/fstream-ignore/-/fstream-ignore-1.0.5.tgz#9c31dae34767018fe1d249b24dada67d092da105" + dependencies: + fstream "^1.0.0" + inherits "2" + minimatch "^3.0.0" + +fstream@^1.0.0, fstream@^1.0.10, fstream@^1.0.2: + version "1.0.11" + resolved "https://registry.yarnpkg.com/fstream/-/fstream-1.0.11.tgz#5c1fb1f117477114f0632a0eb4b71b3cb0fd3171" + dependencies: + graceful-fs "^4.1.2" + inherits "~2.0.0" + mkdirp ">=0.5 0" + rimraf "2" + +function-bind@^1.0.2: + version "1.1.0" + resolved "https://registry.yarnpkg.com/function-bind/-/function-bind-1.1.0.tgz#16176714c801798e4e8f2cf7f7529467bb4a5771" + +gauge@~2.7.3: + version "2.7.4" + resolved "https://registry.yarnpkg.com/gauge/-/gauge-2.7.4.tgz#2c03405c7538c39d7eb37b317022e325fb018bf7" + dependencies: + aproba "^1.0.3" + console-control-strings "^1.0.0" + has-unicode "^2.0.0" + object-assign "^4.1.0" + signal-exit "^3.0.0" + string-width "^1.0.1" + strip-ansi "^3.0.1" + wide-align "^1.1.0" + +generate-function@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/generate-function/-/generate-function-2.0.0.tgz#6858fe7c0969b7d4e9093337647ac79f60dfbe74" + +generate-object-property@^1.1.0: + version "1.2.0" + resolved "https://registry.yarnpkg.com/generate-object-property/-/generate-object-property-1.2.0.tgz#9c0e1c40308ce804f4783618b937fa88f99d50d0" + dependencies: + is-property "^1.0.0" + +get-stdin@^4.0.1: + version "4.0.1" + resolved "https://registry.yarnpkg.com/get-stdin/-/get-stdin-4.0.1.tgz#b968c6b0a04384324902e8bf1a5df32579a450fe" + +getos@^2.7.0: + version "2.8.4" + resolved "https://registry.yarnpkg.com/getos/-/getos-2.8.4.tgz#7b8603d3619c28e38cb0fe7a4f63c3acb80d5163" + dependencies: + async "2.1.4" + +getpass@^0.1.1: + version "0.1.7" + resolved "https://registry.yarnpkg.com/getpass/-/getpass-0.1.7.tgz#5eff8e3e684d569ae4cb2b1282604e8ba62149fa" + dependencies: + assert-plus "^1.0.0" + +glob-base@^0.3.0: + version "0.3.0" + resolved "https://registry.yarnpkg.com/glob-base/-/glob-base-0.3.0.tgz#dbb164f6221b1c0b1ccf82aea328b497df0ea3c4" + dependencies: + glob-parent "^2.0.0" + is-glob "^2.0.0" + +glob-parent@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/glob-parent/-/glob-parent-2.0.0.tgz#81383d72db054fcccf5336daa902f182f6edbb28" + dependencies: + is-glob "^2.0.0" + +glob-parent@^3.0.0: + version "3.1.0" + resolved "https://registry.yarnpkg.com/glob-parent/-/glob-parent-3.1.0.tgz#9e6af6299d8d3bd2bd40430832bd113df906c5ae" + dependencies: + is-glob "^3.1.0" + path-dirname "^1.0.0" + +glob-stream@^5.3.2: + version "5.3.5" + resolved "https://registry.yarnpkg.com/glob-stream/-/glob-stream-5.3.5.tgz#a55665a9a8ccdc41915a87c701e32d4e016fad22" + dependencies: + extend "^3.0.0" + glob "^5.0.3" + glob-parent "^3.0.0" + micromatch "^2.3.7" + ordered-read-streams "^0.3.0" + through2 "^0.6.0" + to-absolute-glob "^0.1.1" + unique-stream "^2.0.2" + +glob@7.1.1: + version "7.1.1" + resolved "https://registry.yarnpkg.com/glob/-/glob-7.1.1.tgz#805211df04faaf1c63a3600306cdf5ade50b2ec8" + dependencies: + fs.realpath "^1.0.0" + inflight "^1.0.4" + inherits "2" + minimatch "^3.0.2" + once "^1.3.0" + path-is-absolute "^1.0.0" + +glob@^5.0.3, glob@^5.0.5: + version "5.0.15" + resolved "https://registry.yarnpkg.com/glob/-/glob-5.0.15.tgz#1bc936b9e02f4a603fcc222ecf7633d30b8b93b1" + dependencies: + inflight "^1.0.4" + inherits "2" + minimatch "2 || 3" + once "^1.3.0" + path-is-absolute "^1.0.0" + +glob@^7.0.3, glob@^7.0.5: + version "7.1.2" + resolved "https://registry.yarnpkg.com/glob/-/glob-7.1.2.tgz#c19c9df9a028702d678612384a6552404c636d15" + dependencies: + fs.realpath "^1.0.0" + inflight "^1.0.4" + inherits "2" + minimatch "^3.0.4" + once "^1.3.0" + path-is-absolute "^1.0.0" + +global@^4.3.2: + version "4.3.2" + resolved "https://registry.yarnpkg.com/global/-/global-4.3.2.tgz#e76989268a6c74c38908b1305b10fc0e394e9d0f" + dependencies: + min-document "^2.19.0" + process "~0.5.1" + +globals@^9.18.0, globals@^9.2.0: + version "9.18.0" + resolved "https://registry.yarnpkg.com/globals/-/globals-9.18.0.tgz#aa3896b3e69b487f17e31ed2143d69a8e30c2d8a" + +globby@^5.0.0: + version "5.0.0" + resolved "https://registry.yarnpkg.com/globby/-/globby-5.0.0.tgz#ebd84667ca0dbb330b99bcfc68eac2bc54370e0d" + dependencies: + array-union "^1.0.1" + arrify "^1.0.0" + glob "^7.0.3" + object-assign "^4.0.1" + pify "^2.0.0" + pinkie-promise "^2.0.0" + +got@^3.2.0: + version "3.3.1" + resolved "https://registry.yarnpkg.com/got/-/got-3.3.1.tgz#e5d0ed4af55fc3eef4d56007769d98192bcb2eca" + dependencies: + duplexify "^3.2.0" + infinity-agent "^2.0.0" + is-redirect "^1.0.0" + is-stream "^1.0.0" + lowercase-keys "^1.0.0" + nested-error-stacks "^1.0.0" + object-assign "^3.0.0" + prepend-http "^1.0.0" + read-all-stream "^3.0.0" + timed-out "^2.0.0" + +graceful-fs@^4.0.0, graceful-fs@^4.1.11, graceful-fs@^4.1.2, graceful-fs@^4.1.4: + version "4.1.11" + resolved "https://registry.yarnpkg.com/graceful-fs/-/graceful-fs-4.1.11.tgz#0e8bdfe4d1ddb8854d64e04ea7c00e2a026e5658" + +"graceful-readlink@>= 1.0.0": + version "1.0.1" + resolved "https://registry.yarnpkg.com/graceful-readlink/-/graceful-readlink-1.0.1.tgz#4cafad76bc62f02fa039b2f94e9a3dd3a391a725" + +graphql-server-core@^0.4.4: + version "0.4.4" + resolved "https://registry.yarnpkg.com/graphql-server-core/-/graphql-server-core-0.4.4.tgz#d5b502f1300b4f775ee3dfa6f8a1bf9fb3cf48a9" + optionalDependencies: + typed-graphql "^1.0.2" + +graphql-server-express@^0.4.3: + version "0.4.4" + resolved "https://registry.yarnpkg.com/graphql-server-express/-/graphql-server-express-0.4.4.tgz#ed4c7b1cc158d03cc95e4eea712def4d1f46d9a0" + dependencies: + graphql-server-core "^0.4.4" + graphql-server-module-graphiql "^0.4.4" + optionalDependencies: + "@types/express" "^4.0.33" + +graphql-server-module-graphiql@^0.4.4: + version "0.4.4" + resolved "https://registry.yarnpkg.com/graphql-server-module-graphiql/-/graphql-server-module-graphiql-0.4.4.tgz#9b8ca9444de7eb40458bf9264579ae200d7029a0" + +graphql-server@^0.3.2: + version "0.3.2" + resolved "https://registry.yarnpkg.com/graphql-server/-/graphql-server-0.3.2.tgz#ac3299963221be784fc78a22784d2d9ab7116e5e" + dependencies: + boom "^4.0.0" + http-errors "^1.5.0" + source-map-support "^0.4.2" + +graphql-subscriptions@0.2.0: + version "0.2.0" + resolved "https://registry.yarnpkg.com/graphql-subscriptions/-/graphql-subscriptions-0.2.0.tgz#9aebf19283f797354615b263090e15246a4c6c8d" + dependencies: + es6-promise "^3.2.1" + graphql "^0.7.0" + +graphql-subscriptions@^0.1.3: + version "0.1.5" + resolved "https://registry.yarnpkg.com/graphql-subscriptions/-/graphql-subscriptions-0.1.5.tgz#603422c0a7ea3818b630751d1c9798bfa1a820ee" + dependencies: + es6-promise "^3.2.1" + graphql "^0.7.0" + +graphql-tools@^0.8.2: + version "0.8.4" + resolved "https://registry.yarnpkg.com/graphql-tools/-/graphql-tools-0.8.4.tgz#3cf4b2a650e0322b655ca274ec24914b608fb562" + dependencies: + deprecated-decorator "^0.1.6" + lodash "^4.3.0" + uuid "^3.0.1" + optionalDependencies: + typed-graphql "^1.0.2" + +graphql@0.7.2, graphql@^0.7.0: + version "0.7.2" + resolved "https://registry.yarnpkg.com/graphql/-/graphql-0.7.2.tgz#cc894a32823399b8a0cb012b9e9ecad35cd00f72" + dependencies: + iterall "1.0.2" + +growl@1.9.2: + version "1.9.2" + resolved "https://registry.yarnpkg.com/growl/-/growl-1.9.2.tgz#0ea7743715db8d8de2c5ede1775e1b45ac85c02f" + +gulp-sourcemaps@1.6.0: + version "1.6.0" + resolved "https://registry.yarnpkg.com/gulp-sourcemaps/-/gulp-sourcemaps-1.6.0.tgz#b86ff349d801ceb56e1d9e7dc7bbcb4b7dee600c" + dependencies: + convert-source-map "^1.1.1" + graceful-fs "^4.1.2" + strip-bom "^2.0.0" + through2 "^2.0.0" + vinyl "^1.0.0" + +har-schema@^1.0.5: + version "1.0.5" + resolved "https://registry.yarnpkg.com/har-schema/-/har-schema-1.0.5.tgz#d263135f43307c02c602afc8fe95970c0151369e" + +har-validator@~4.2.1: + version "4.2.1" + resolved "https://registry.yarnpkg.com/har-validator/-/har-validator-4.2.1.tgz#33481d0f1bbff600dd203d75812a6a5fba002e2a" + dependencies: + ajv "^4.9.1" + har-schema "^1.0.5" + +has-ansi@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/has-ansi/-/has-ansi-2.0.0.tgz#34f5049ce1ecdf2b0649af3ef24e45ed35416d91" + dependencies: + ansi-regex "^2.0.0" + +has-flag@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/has-flag/-/has-flag-1.0.0.tgz#9d9e793165ce017a00f00418c43f942a7b1d11fa" + +has-unicode@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/has-unicode/-/has-unicode-2.0.1.tgz#e0e6fe6a28cf51138855e086d1691e771de2a8b9" + +has@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/has/-/has-1.0.1.tgz#8461733f538b0837c9361e39a9ab9e9704dc2f28" + dependencies: + function-bind "^1.0.2" + +hawk@~3.1.3: + version "3.1.3" + resolved "https://registry.yarnpkg.com/hawk/-/hawk-3.1.3.tgz#078444bd7c1640b0fe540d2c9b73d59678e8e1c4" + dependencies: + boom "2.x.x" + cryptiles "2.x.x" + hoek "2.x.x" + sntp "1.x.x" + +hoek@2.x.x: + version "2.16.3" + resolved "https://registry.yarnpkg.com/hoek/-/hoek-2.16.3.tgz#20bb7403d3cea398e91dc4710a8ff1b8274a25ed" + +hoek@4.x.x: + version "4.2.0" + resolved "https://registry.yarnpkg.com/hoek/-/hoek-4.2.0.tgz#72d9d0754f7fe25ca2d01ad8f8f9a9449a89526d" + +home-or-tmp@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/home-or-tmp/-/home-or-tmp-1.0.0.tgz#4b9f1e40800c3e50c6c27f781676afcce71f3985" + dependencies: + os-tmpdir "^1.0.1" + user-home "^1.1.1" + +home-or-tmp@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/home-or-tmp/-/home-or-tmp-2.0.0.tgz#e36c3f2d2cae7d746a857e38d18d5f32a7882db8" + dependencies: + os-homedir "^1.0.0" + os-tmpdir "^1.0.1" + +hosted-git-info@^2.1.4: + version "2.5.0" + resolved "https://registry.yarnpkg.com/hosted-git-info/-/hosted-git-info-2.5.0.tgz#6d60e34b3abbc8313062c3b798ef8d901a07af3c" + +http-errors@^1.5.0: + version "1.6.2" + resolved "https://registry.yarnpkg.com/http-errors/-/http-errors-1.6.2.tgz#0a002cc85707192a7e7946ceedc11155f60ec736" + dependencies: + depd "1.1.1" + inherits "2.0.3" + setprototypeof "1.0.3" + statuses ">= 1.3.1 < 2" + +http-errors@~1.5.0, http-errors@~1.5.1: + version "1.5.1" + resolved "https://registry.yarnpkg.com/http-errors/-/http-errors-1.5.1.tgz#788c0d2c1de2c81b9e6e8c01843b6b97eb920750" + dependencies: + inherits "2.0.3" + setprototypeof "1.0.2" + statuses ">= 1.3.1 < 2" + +http-signature@~1.1.0: + version "1.1.1" + resolved "https://registry.yarnpkg.com/http-signature/-/http-signature-1.1.1.tgz#df72e267066cd0ac67fb76adf8e134a8fbcf91bf" + dependencies: + assert-plus "^0.2.0" + jsprim "^1.2.2" + sshpk "^1.7.0" + +https-proxy-agent@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/https-proxy-agent/-/https-proxy-agent-1.0.0.tgz#35f7da6c48ce4ddbfa264891ac593ee5ff8671e6" + dependencies: + agent-base "2" + debug "2" + extend "3" + +iconv-lite@0.4.13: + version "0.4.13" + resolved "https://registry.yarnpkg.com/iconv-lite/-/iconv-lite-0.4.13.tgz#1f88aba4ab0b1508e8312acc39345f36e992e2f2" + +iconv-lite@~0.4.13: + version "0.4.18" + resolved "https://registry.yarnpkg.com/iconv-lite/-/iconv-lite-0.4.18.tgz#23d8656b16aae6742ac29732ea8f0336a4789cf2" + +ignore-by-default@^1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/ignore-by-default/-/ignore-by-default-1.0.1.tgz#48ca6d72f6c6a3af00a9ad4ae6876be3889e2b09" + +ignore@^3.1.5: + version "3.3.3" + resolved "https://registry.yarnpkg.com/ignore/-/ignore-3.3.3.tgz#432352e57accd87ab3110e82d3fea0e47812156d" + +imurmurhash@^0.1.4: + version "0.1.4" + resolved "https://registry.yarnpkg.com/imurmurhash/-/imurmurhash-0.1.4.tgz#9218b9b2b928a238b13dc4fb6b6d576f231453ea" + +indent-string@^2.1.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/indent-string/-/indent-string-2.1.0.tgz#8e2d48348742121b4a8218b7a137e9a52049dc80" + dependencies: + repeating "^2.0.0" + +infinity-agent@^2.0.0: + version "2.0.3" + resolved "https://registry.yarnpkg.com/infinity-agent/-/infinity-agent-2.0.3.tgz#45e0e2ff7a9eb030b27d62b74b3744b7a7ac4216" + +inflight@^1.0.4: + version "1.0.6" + resolved "https://registry.yarnpkg.com/inflight/-/inflight-1.0.6.tgz#49bd6331d7d02d0c09bc910a1075ba8165b56df9" + dependencies: + once "^1.3.0" + wrappy "1" + +inherits@2, inherits@2.0.3, inherits@^2.0.1, inherits@^2.0.3, inherits@~2.0.0, inherits@~2.0.1, inherits@~2.0.3: + version "2.0.3" + resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.3.tgz#633c2c83e3da42a502f52466022480f4208261de" + +ini@~1.3.0: + version "1.3.4" + resolved "https://registry.yarnpkg.com/ini/-/ini-1.3.4.tgz#0537cb79daf59b59a1a517dff706c86ec039162e" + +inquirer@^0.12.0: + version "0.12.0" + resolved "https://registry.yarnpkg.com/inquirer/-/inquirer-0.12.0.tgz#1ef2bfd63504df0bc75785fff8c2c41df12f077e" + dependencies: + ansi-escapes "^1.1.0" + ansi-regex "^2.0.0" + chalk "^1.0.0" + cli-cursor "^1.0.1" + cli-width "^2.0.0" + figures "^1.3.5" + lodash "^4.3.0" + readline2 "^1.0.1" + run-async "^0.1.0" + rx-lite "^3.1.2" + string-width "^1.0.1" + strip-ansi "^3.0.0" + through "^2.3.6" + +invariant@^2.2.2: + version "2.2.2" + resolved "https://registry.yarnpkg.com/invariant/-/invariant-2.2.2.tgz#9e1f56ac0acdb6bf303306f338be3b204ae60360" + dependencies: + loose-envify "^1.0.0" + +invert-kv@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/invert-kv/-/invert-kv-1.0.0.tgz#104a8e4aaca6d3d8cd157a8ef8bfab2d7a3ffdb6" + +ipaddr.js@1.4.0: + version "1.4.0" + resolved "https://registry.yarnpkg.com/ipaddr.js/-/ipaddr.js-1.4.0.tgz#296aca878a821816e5b85d0a285a99bcff4582f0" + +is-absolute@^0.1.5: + version "0.1.7" + resolved "https://registry.yarnpkg.com/is-absolute/-/is-absolute-0.1.7.tgz#847491119fccb5fb436217cc737f7faad50f603f" + dependencies: + is-relative "^0.1.0" + +is-arrayish@^0.2.1: + version "0.2.1" + resolved "https://registry.yarnpkg.com/is-arrayish/-/is-arrayish-0.2.1.tgz#77c99840527aa8ecb1a8ba697b80645a7a926a9d" + +is-binary-path@^1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/is-binary-path/-/is-binary-path-1.0.1.tgz#75f16642b480f187a711c814161fd3a4a7655898" + dependencies: + binary-extensions "^1.0.0" + +is-buffer@^1.1.5: + version "1.1.5" + resolved "https://registry.yarnpkg.com/is-buffer/-/is-buffer-1.1.5.tgz#1f3b26ef613b214b88cbca23cc6c01d87961eecc" + +is-builtin-module@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-builtin-module/-/is-builtin-module-1.0.0.tgz#540572d34f7ac3119f8f76c30cbc1b1e037affbe" + dependencies: + builtin-modules "^1.0.0" + +is-bzip2@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-bzip2/-/is-bzip2-1.0.0.tgz#5ee58eaa5a2e9c80e21407bedf23ae5ac091b3fc" + +is-dotfile@^1.0.0: + version "1.0.3" + resolved "https://registry.yarnpkg.com/is-dotfile/-/is-dotfile-1.0.3.tgz#a6a2f32ffd2dfb04f5ca25ecd0f6b83cf798a1e1" + +is-equal-shallow@^0.1.3: + version "0.1.3" + resolved "https://registry.yarnpkg.com/is-equal-shallow/-/is-equal-shallow-0.1.3.tgz#2238098fc221de0bcfa5d9eac4c45d638aa1c534" + dependencies: + is-primitive "^2.0.0" + +is-extendable@^0.1.0, is-extendable@^0.1.1: + version "0.1.1" + resolved "https://registry.yarnpkg.com/is-extendable/-/is-extendable-0.1.1.tgz#62b110e289a471418e3ec36a617d472e301dfc89" + +is-extglob@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-extglob/-/is-extglob-1.0.0.tgz#ac468177c4943405a092fc8f29760c6ffc6206c0" + +is-extglob@^2.1.0: + version "2.1.1" + resolved "https://registry.yarnpkg.com/is-extglob/-/is-extglob-2.1.1.tgz#a88c02535791f02ed37c76a1b9ea9773c833f8c2" + +is-finite@^1.0.0: + version "1.0.2" + resolved "https://registry.yarnpkg.com/is-finite/-/is-finite-1.0.2.tgz#cc6677695602be550ef11e8b4aa6305342b6d0aa" + dependencies: + number-is-nan "^1.0.0" + +is-fullwidth-code-point@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-fullwidth-code-point/-/is-fullwidth-code-point-1.0.0.tgz#ef9e31386f031a7f0d643af82fde50c457ef00cb" + dependencies: + number-is-nan "^1.0.0" + +is-fullwidth-code-point@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/is-fullwidth-code-point/-/is-fullwidth-code-point-2.0.0.tgz#a3b30a5c4f199183167aaab93beefae3ddfb654f" + +is-glob@^2.0.0, is-glob@^2.0.1: + version "2.0.1" + resolved "https://registry.yarnpkg.com/is-glob/-/is-glob-2.0.1.tgz#d096f926a3ded5600f3fdfd91198cb0888c2d863" + dependencies: + is-extglob "^1.0.0" + +is-glob@^3.1.0: + version "3.1.0" + resolved "https://registry.yarnpkg.com/is-glob/-/is-glob-3.1.0.tgz#7ba5ae24217804ac70707b96922567486cc3e84a" + dependencies: + is-extglob "^2.1.0" + +is-gzip@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-gzip/-/is-gzip-1.0.0.tgz#6ca8b07b99c77998025900e555ced8ed80879a83" + +is-my-json-valid@^2.10.0: + version "2.16.1" + resolved "https://registry.yarnpkg.com/is-my-json-valid/-/is-my-json-valid-2.16.1.tgz#5a846777e2c2620d1e69104e5d3a03b1f6088f11" + dependencies: + generate-function "^2.0.0" + generate-object-property "^1.1.0" + jsonpointer "^4.0.0" + xtend "^4.0.0" + +is-natural-number@^2.0.0: + version "2.1.1" + resolved "https://registry.yarnpkg.com/is-natural-number/-/is-natural-number-2.1.1.tgz#7d4c5728377ef386c3e194a9911bf57c6dc335e7" + +is-npm@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-npm/-/is-npm-1.0.0.tgz#f2fb63a65e4905b406c86072765a1a4dc793b9f4" + +is-number@^2.1.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/is-number/-/is-number-2.1.0.tgz#01fcbbb393463a548f2f466cce16dece49db908f" + dependencies: + kind-of "^3.0.2" + +is-number@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/is-number/-/is-number-3.0.0.tgz#24fd6201a4782cf50561c810276afc7d12d71195" + dependencies: + kind-of "^3.0.2" + +is-path-cwd@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-path-cwd/-/is-path-cwd-1.0.0.tgz#d225ec23132e89edd38fda767472e62e65f1106d" + +is-path-in-cwd@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-path-in-cwd/-/is-path-in-cwd-1.0.0.tgz#6477582b8214d602346094567003be8a9eac04dc" + dependencies: + is-path-inside "^1.0.0" + +is-path-inside@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-path-inside/-/is-path-inside-1.0.0.tgz#fc06e5a1683fbda13de667aff717bbc10a48f37f" + dependencies: + path-is-inside "^1.0.1" + +is-posix-bracket@^0.1.0: + version "0.1.1" + resolved "https://registry.yarnpkg.com/is-posix-bracket/-/is-posix-bracket-0.1.1.tgz#3334dc79774368e92f016e6fbc0a88f5cd6e6bc4" + +is-primitive@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/is-primitive/-/is-primitive-2.0.0.tgz#207bab91638499c07b2adf240a41a87210034575" + +is-promise@~1, is-promise@~1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/is-promise/-/is-promise-1.0.1.tgz#31573761c057e33c2e91aab9e96da08cefbe76e5" + +is-property@^1.0.0: + version "1.0.2" + resolved "https://registry.yarnpkg.com/is-property/-/is-property-1.0.2.tgz#57fe1c4e48474edd65b09911f26b1cd4095dda84" + +is-redirect@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-redirect/-/is-redirect-1.0.0.tgz#1d03dded53bd8db0f30c26e4f95d36fc7c87dc24" + +is-relative@^0.1.0: + version "0.1.3" + resolved "https://registry.yarnpkg.com/is-relative/-/is-relative-0.1.3.tgz#905fee8ae86f45b3ec614bc3c15c869df0876e82" + +is-resolvable@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-resolvable/-/is-resolvable-1.0.0.tgz#8df57c61ea2e3c501408d100fb013cf8d6e0cc62" + dependencies: + tryit "^1.0.1" + +is-stream@^1.0.0, is-stream@^1.0.1: + version "1.1.0" + resolved "https://registry.yarnpkg.com/is-stream/-/is-stream-1.1.0.tgz#12d4a3dd4e68e0b79ceb8dbc84173ae80d91ca44" + +is-tar@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-tar/-/is-tar-1.0.0.tgz#2f6b2e1792c1f5bb36519acaa9d65c0d26fe853d" + +is-typedarray@^1.0.0, is-typedarray@~1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-typedarray/-/is-typedarray-1.0.0.tgz#e479c80858df0c1b11ddda6940f96011fcda4a9a" + +is-utf8@^0.2.0: + version "0.2.1" + resolved "https://registry.yarnpkg.com/is-utf8/-/is-utf8-0.2.1.tgz#4b0da1442104d1b336340e80797e865cf39f7d72" + +is-valid-glob@^0.3.0: + version "0.3.0" + resolved "https://registry.yarnpkg.com/is-valid-glob/-/is-valid-glob-0.3.0.tgz#d4b55c69f51886f9b65c70d6c2622d37e29f48fe" + +is-zip@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-zip/-/is-zip-1.0.0.tgz#47b0a8ff4d38a76431ccfd99a8e15a4c86ba2325" + +isarray@0.0.1: + version "0.0.1" + resolved "https://registry.yarnpkg.com/isarray/-/isarray-0.0.1.tgz#8a18acfca9a8f4177e09abfc6038939b05d1eedf" + +isarray@1.0.0, isarray@^1.0.0, isarray@~1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/isarray/-/isarray-1.0.0.tgz#bb935d48582cba168c06834957a54a3e07124f11" + +isemail@1.x.x: + version "1.2.0" + resolved "https://registry.yarnpkg.com/isemail/-/isemail-1.2.0.tgz#be03df8cc3e29de4d2c5df6501263f1fa4595e9a" + +isobject@^2.0.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/isobject/-/isobject-2.1.0.tgz#f065561096a3f1da2ef46272f815c840d87e0c89" + dependencies: + isarray "1.0.0" + +isstream@0.1.x, isstream@~0.1.2: + version "0.1.2" + resolved "https://registry.yarnpkg.com/isstream/-/isstream-0.1.2.tgz#47e63f7af55afa6f92e1500e690eb8b8529c099a" + +iterall@1.0.2: + version "1.0.2" + resolved "https://registry.yarnpkg.com/iterall/-/iterall-1.0.2.tgz#41a2e96ce9eda5e61c767ee5dc312373bb046e91" + +iterall@^1.1.0: + version "1.1.1" + resolved "https://registry.yarnpkg.com/iterall/-/iterall-1.1.1.tgz#f7f0af11e9a04ec6426260f5019d9fcca4d50214" + +joi@^6.10.1: + version "6.10.1" + resolved "https://registry.yarnpkg.com/joi/-/joi-6.10.1.tgz#4d50c318079122000fe5f16af1ff8e1917b77e06" + dependencies: + hoek "2.x.x" + isemail "1.x.x" + moment "2.x.x" + topo "1.x.x" + +js-tokens@^3.0.0, js-tokens@^3.0.2: + version "3.0.2" + resolved "https://registry.yarnpkg.com/js-tokens/-/js-tokens-3.0.2.tgz#9866df395102130e38f7f996bceb65443209c25b" + +js-yaml@^3.5.1: + version "3.9.1" + resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-3.9.1.tgz#08775cebdfdd359209f0d2acd383c8f86a6904a0" + dependencies: + argparse "^1.0.7" + esprima "^4.0.0" + +jsbn@~0.1.0: + version "0.1.1" + resolved "https://registry.yarnpkg.com/jsbn/-/jsbn-0.1.1.tgz#a5e654c2e5a2deb5f201d96cefbca80c0ef2f513" + +jsesc@^1.3.0: + version "1.3.0" + resolved "https://registry.yarnpkg.com/jsesc/-/jsesc-1.3.0.tgz#46c3fec8c1892b12b0833db9bc7622176dbab34b" + +jsesc@~0.5.0: + version "0.5.0" + resolved "https://registry.yarnpkg.com/jsesc/-/jsesc-0.5.0.tgz#e7dee66e35d6fc16f710fe91d5cf69f70f08911d" + +json-schema@0.2.3: + version "0.2.3" + resolved "https://registry.yarnpkg.com/json-schema/-/json-schema-0.2.3.tgz#b480c892e59a2f05954ce727bd3f2a4e882f9e13" + +json-stable-stringify@^1.0.0, json-stable-stringify@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/json-stable-stringify/-/json-stable-stringify-1.0.1.tgz#9a759d39c5f2ff503fd5300646ed445f88c4f9af" + dependencies: + jsonify "~0.0.0" + +json-stringify-safe@~5.0.1: + version "5.0.1" + resolved "https://registry.yarnpkg.com/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz#1296a2d58fd45f19a0f6ce01d65701e2c735b6eb" + +json3@3.3.2: + version "3.3.2" + resolved "https://registry.yarnpkg.com/json3/-/json3-3.3.2.tgz#3c0434743df93e2f5c42aee7b19bcb483575f4e1" + +json5@^0.4.0: + version "0.4.0" + resolved "https://registry.yarnpkg.com/json5/-/json5-0.4.0.tgz#054352e4c4c80c86c0923877d449de176a732c8d" + +json5@^0.5.1: + version "0.5.1" + resolved "https://registry.yarnpkg.com/json5/-/json5-0.5.1.tgz#1eade7acc012034ad84e2396767ead9fa5495821" + +jsonify@~0.0.0: + version "0.0.0" + resolved "https://registry.yarnpkg.com/jsonify/-/jsonify-0.0.0.tgz#2c74b6ee41d93ca51b7b5aaee8f503631d252a73" + +jsonpointer@^4.0.0: + version "4.0.1" + resolved "https://registry.yarnpkg.com/jsonpointer/-/jsonpointer-4.0.1.tgz#4fd92cb34e0e9db3c89c8622ecf51f9b978c6cb9" + +jsonwebtoken@^7.0.0: + version "7.4.3" + resolved "https://registry.yarnpkg.com/jsonwebtoken/-/jsonwebtoken-7.4.3.tgz#77f5021de058b605a1783fa1283e99812e645638" + dependencies: + joi "^6.10.1" + jws "^3.1.4" + lodash.once "^4.0.0" + ms "^2.0.0" + xtend "^4.0.1" + +jsprim@^1.2.2: + version "1.4.1" + resolved "https://registry.yarnpkg.com/jsprim/-/jsprim-1.4.1.tgz#313e66bc1e5cc06e438bc1b7499c2e5c56acb6a2" + dependencies: + assert-plus "1.0.0" + extsprintf "1.3.0" + json-schema "0.2.3" + verror "1.10.0" + +jsx-ast-utils@^1.0.0, jsx-ast-utils@^1.3.1: + version "1.4.1" + resolved "https://registry.yarnpkg.com/jsx-ast-utils/-/jsx-ast-utils-1.4.1.tgz#3867213e8dd79bf1e8f2300c0cfc1efb182c0df1" + +jwa@^1.1.4: + version "1.1.5" + resolved "https://registry.yarnpkg.com/jwa/-/jwa-1.1.5.tgz#a0552ce0220742cd52e153774a32905c30e756e5" + dependencies: + base64url "2.0.0" + buffer-equal-constant-time "1.0.1" + ecdsa-sig-formatter "1.0.9" + safe-buffer "^5.0.1" + +jws@^3.1.4: + version "3.1.4" + resolved "https://registry.yarnpkg.com/jws/-/jws-3.1.4.tgz#f9e8b9338e8a847277d6444b1464f61880e050a2" + dependencies: + base64url "^2.0.0" + jwa "^1.1.4" + safe-buffer "^5.0.1" + +jwt-simple@^0.5.1: + version "0.5.1" + resolved "https://registry.yarnpkg.com/jwt-simple/-/jwt-simple-0.5.1.tgz#79ea01891b61de6b68e13e67c0b4b5bda937b294" + +kind-of@^3.0.2: + version "3.2.2" + resolved "https://registry.yarnpkg.com/kind-of/-/kind-of-3.2.2.tgz#31ea21a734bab9bbb0f32466d893aea51e4a3c64" + dependencies: + is-buffer "^1.1.5" + +kind-of@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/kind-of/-/kind-of-4.0.0.tgz#20813df3d712928b207378691a45066fae72dd57" + dependencies: + is-buffer "^1.1.5" + +latest-version@^1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/latest-version/-/latest-version-1.0.1.tgz#72cfc46e3e8d1be651e1ebb54ea9f6ea96f374bb" + dependencies: + package-json "^1.0.0" + +lazystream@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/lazystream/-/lazystream-1.0.0.tgz#f6995fe0f820392f61396be89462407bb77168e4" + dependencies: + readable-stream "^2.0.5" + +lcid@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/lcid/-/lcid-1.0.0.tgz#308accafa0bc483a3867b4b6f2b9506251d1b835" + dependencies: + invert-kv "^1.0.0" + +levn@^0.3.0, levn@~0.3.0: + version "0.3.0" + resolved "https://registry.yarnpkg.com/levn/-/levn-0.3.0.tgz#3b09924edf9f083c0490fdd4c0bc4421e04764ee" + dependencies: + prelude-ls "~1.1.2" + type-check "~0.3.2" + +load-json-file@^1.0.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/load-json-file/-/load-json-file-1.1.0.tgz#956905708d58b4bab4c2261b04f59f31c99374c0" + dependencies: + graceful-fs "^4.1.2" + parse-json "^2.2.0" + pify "^2.0.0" + pinkie-promise "^2.0.0" + strip-bom "^2.0.0" + +lodash._baseassign@^3.0.0: + version "3.2.0" + resolved "https://registry.yarnpkg.com/lodash._baseassign/-/lodash._baseassign-3.2.0.tgz#8c38a099500f215ad09e59f1722fd0c52bfe0a4e" + dependencies: + lodash._basecopy "^3.0.0" + lodash.keys "^3.0.0" + +lodash._basecopy@^3.0.0: + version "3.0.1" + resolved "https://registry.yarnpkg.com/lodash._basecopy/-/lodash._basecopy-3.0.1.tgz#8da0e6a876cf344c0ad8a54882111dd3c5c7ca36" + +lodash._basecreate@^3.0.0: + version "3.0.3" + resolved "https://registry.yarnpkg.com/lodash._basecreate/-/lodash._basecreate-3.0.3.tgz#1bc661614daa7fc311b7d03bf16806a0213cf821" + +lodash._bindcallback@^3.0.0: + version "3.0.1" + resolved "https://registry.yarnpkg.com/lodash._bindcallback/-/lodash._bindcallback-3.0.1.tgz#e531c27644cf8b57a99e17ed95b35c748789392e" + +lodash._createassigner@^3.0.0: + version "3.1.1" + resolved "https://registry.yarnpkg.com/lodash._createassigner/-/lodash._createassigner-3.1.1.tgz#838a5bae2fdaca63ac22dee8e19fa4e6d6970b11" + dependencies: + lodash._bindcallback "^3.0.0" + lodash._isiterateecall "^3.0.0" + lodash.restparam "^3.0.0" + +lodash._getnative@^3.0.0: + version "3.9.1" + resolved "https://registry.yarnpkg.com/lodash._getnative/-/lodash._getnative-3.9.1.tgz#570bc7dede46d61cdcde687d65d3eecbaa3aaff5" + +lodash._isiterateecall@^3.0.0: + version "3.0.9" + resolved "https://registry.yarnpkg.com/lodash._isiterateecall/-/lodash._isiterateecall-3.0.9.tgz#5203ad7ba425fae842460e696db9cf3e6aac057c" + +lodash.assign@^3.0.0: + version "3.2.0" + resolved "https://registry.yarnpkg.com/lodash.assign/-/lodash.assign-3.2.0.tgz#3ce9f0234b4b2223e296b8fa0ac1fee8ebca64fa" + dependencies: + lodash._baseassign "^3.0.0" + lodash._createassigner "^3.0.0" + lodash.keys "^3.0.0" + +lodash.cond@^4.3.0: + version "4.5.2" + resolved "https://registry.yarnpkg.com/lodash.cond/-/lodash.cond-4.5.2.tgz#f471a1da486be60f6ab955d17115523dd1d255d5" + +lodash.create@3.1.1: + version "3.1.1" + resolved "https://registry.yarnpkg.com/lodash.create/-/lodash.create-3.1.1.tgz#d7f2849f0dbda7e04682bb8cd72ab022461debe7" + dependencies: + lodash._baseassign "^3.0.0" + lodash._basecreate "^3.0.0" + lodash._isiterateecall "^3.0.0" + +lodash.defaults@^3.1.2: + version "3.1.2" + resolved "https://registry.yarnpkg.com/lodash.defaults/-/lodash.defaults-3.1.2.tgz#c7308b18dbf8bc9372d701a73493c61192bd2e2c" + dependencies: + lodash.assign "^3.0.0" + lodash.restparam "^3.0.0" + +lodash.isarguments@^3.0.0: + version "3.1.0" + resolved "https://registry.yarnpkg.com/lodash.isarguments/-/lodash.isarguments-3.1.0.tgz#2f573d85c6a24289ff00663b491c1d338ff3458a" + +lodash.isarray@^3.0.0: + version "3.0.4" + resolved "https://registry.yarnpkg.com/lodash.isarray/-/lodash.isarray-3.0.4.tgz#79e4eb88c36a8122af86f844aa9bcd851b5fbb55" + +lodash.isequal@^4.0.0: + version "4.5.0" + resolved "https://registry.yarnpkg.com/lodash.isequal/-/lodash.isequal-4.5.0.tgz#415c4478f2bcc30120c22ce10ed3226f7d3e18e0" + +lodash.isobject@^3.0.2: + version "3.0.2" + resolved "https://registry.yarnpkg.com/lodash.isobject/-/lodash.isobject-3.0.2.tgz#3c8fb8d5b5bf4bf90ae06e14f2a530a4ed935e1d" + +lodash.isstring@^4.0.1: + version "4.0.1" + resolved "https://registry.yarnpkg.com/lodash.isstring/-/lodash.isstring-4.0.1.tgz#d527dfb5456eca7cc9bb95d5daeaf88ba54a5451" + +lodash.keys@^3.0.0: + version "3.1.2" + resolved "https://registry.yarnpkg.com/lodash.keys/-/lodash.keys-3.1.2.tgz#4dbc0472b156be50a0b286855d1bd0b0c656098a" + dependencies: + lodash._getnative "^3.0.0" + lodash.isarguments "^3.0.0" + lodash.isarray "^3.0.0" + +lodash.once@^4.0.0: + version "4.1.1" + resolved "https://registry.yarnpkg.com/lodash.once/-/lodash.once-4.1.1.tgz#0dd3971213c7c56df880977d504c88fb471a97ac" + +lodash.pickby@^4.6.0: + version "4.6.0" + resolved "https://registry.yarnpkg.com/lodash.pickby/-/lodash.pickby-4.6.0.tgz#7dea21d8c18d7703a27c704c15d3b84a67e33aff" + +lodash.restparam@^3.0.0: + version "3.6.1" + resolved "https://registry.yarnpkg.com/lodash.restparam/-/lodash.restparam-3.6.1.tgz#936a4e309ef330a7645ed4145986c85ae5b20805" + +lodash@4.16.4: + version "4.16.4" + resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.16.4.tgz#01ce306b9bad1319f2a5528674f88297aeb70127" + +lodash@^4.0.0, lodash@^4.14.0, lodash@^4.15.0, lodash@^4.17.4, lodash@^4.2.0, lodash@^4.3.0: + version "4.17.4" + resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.4.tgz#78203a4d1c328ae1d86dca6460e369b57f4055ae" + +log-symbols@^1.0.2: + version "1.0.2" + resolved "https://registry.yarnpkg.com/log-symbols/-/log-symbols-1.0.2.tgz#376ff7b58ea3086a0f09facc74617eca501e1a18" + dependencies: + chalk "^1.0.0" + +loose-envify@^1.0.0: + version "1.3.1" + resolved "https://registry.yarnpkg.com/loose-envify/-/loose-envify-1.3.1.tgz#d1a8ad33fa9ce0e713d65fdd0ac8b748d478c848" + dependencies: + js-tokens "^3.0.0" + +loud-rejection@^1.0.0: + version "1.6.0" + resolved "https://registry.yarnpkg.com/loud-rejection/-/loud-rejection-1.6.0.tgz#5b46f80147edee578870f086d04821cf998e551f" + dependencies: + currently-unhandled "^0.4.1" + signal-exit "^3.0.0" + +lowercase-keys@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/lowercase-keys/-/lowercase-keys-1.0.0.tgz#4e3366b39e7f5457e35f1324bdf6f88d0bfc7306" + +map-obj@^1.0.0, map-obj@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/map-obj/-/map-obj-1.0.1.tgz#d933ceb9205d82bdcf4886f6742bdc2b4dea146d" + +map-stream@~0.1.0: + version "0.1.0" + resolved "https://registry.yarnpkg.com/map-stream/-/map-stream-0.1.0.tgz#e56aa94c4c8055a16404a0674b78f215f7c8e194" + +media-typer@0.3.0: + version "0.3.0" + resolved "https://registry.yarnpkg.com/media-typer/-/media-typer-0.3.0.tgz#8710d7af0aa626f8fffa1ce00168545263255748" + +meow@^3.5.0: + version "3.7.0" + resolved "https://registry.yarnpkg.com/meow/-/meow-3.7.0.tgz#72cb668b425228290abbfa856892587308a801fb" + dependencies: + camelcase-keys "^2.0.0" + decamelize "^1.1.2" + loud-rejection "^1.0.0" + map-obj "^1.0.1" + minimist "^1.1.3" + normalize-package-data "^2.3.4" + object-assign "^4.0.1" + read-pkg-up "^1.0.1" + redent "^1.0.0" + trim-newlines "^1.0.0" + +merge-descriptors@1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/merge-descriptors/-/merge-descriptors-1.0.1.tgz#b00aaa556dd8b44568150ec9d1b953f3f90cbb61" + +merge-stream@^1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/merge-stream/-/merge-stream-1.0.1.tgz#4041202d508a342ba00174008df0c251b8c135e1" + dependencies: + readable-stream "^2.0.1" + +methods@~1.1.2: + version "1.1.2" + resolved "https://registry.yarnpkg.com/methods/-/methods-1.1.2.tgz#5529a4d67654134edcc5266656835b0f851afcee" + +micromatch@^2.1.5, micromatch@^2.3.7: + version "2.3.11" + resolved "https://registry.yarnpkg.com/micromatch/-/micromatch-2.3.11.tgz#86677c97d1720b363431d04d0d15293bd38c1565" + dependencies: + arr-diff "^2.0.0" + array-unique "^0.2.1" + braces "^1.8.2" + expand-brackets "^0.1.4" + extglob "^0.3.1" + filename-regex "^2.0.0" + is-extglob "^1.0.0" + is-glob "^2.0.1" + kind-of "^3.0.2" + normalize-path "^2.0.1" + object.omit "^2.0.0" + parse-glob "^3.0.4" + regex-cache "^0.4.2" + +mime-db@~1.29.0: + version "1.29.0" + resolved "https://registry.yarnpkg.com/mime-db/-/mime-db-1.29.0.tgz#48d26d235589651704ac5916ca06001914266878" + +mime-types@^2.1.12, mime-types@~2.1.15, mime-types@~2.1.16, mime-types@~2.1.7: + version "2.1.16" + resolved "https://registry.yarnpkg.com/mime-types/-/mime-types-2.1.16.tgz#2b858a52e5ecd516db897ac2be87487830698e23" + dependencies: + mime-db "~1.29.0" + +mime@1.3.4: + version "1.3.4" + resolved "https://registry.yarnpkg.com/mime/-/mime-1.3.4.tgz#115f9e3b6b3daf2959983cb38f149a2d40eb5d53" + +min-document@^2.19.0: + version "2.19.0" + resolved "https://registry.yarnpkg.com/min-document/-/min-document-2.19.0.tgz#7bd282e3f5842ed295bb748cdd9f1ffa2c824685" + dependencies: + dom-walk "^0.1.0" + +"minimatch@2 || 3", minimatch@^3.0.0, minimatch@^3.0.2, minimatch@^3.0.3, minimatch@^3.0.4: + version "3.0.4" + resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-3.0.4.tgz#5166e286457f03306064be5497e8dbb0c3d32083" + dependencies: + brace-expansion "^1.1.7" + +minimist@0.0.8: + version "0.0.8" + resolved "https://registry.yarnpkg.com/minimist/-/minimist-0.0.8.tgz#857fcabfc3397d2625b8228262e86aa7a011b05d" + +minimist@^1.1.0, minimist@^1.1.3, minimist@^1.2.0: + version "1.2.0" + resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.0.tgz#a35008b20f41383eec1fb914f4cd5df79a264284" + +mkdirp@0.5.1, "mkdirp@>=0.5 0", mkdirp@^0.5.0, mkdirp@^0.5.1: + version "0.5.1" + resolved "https://registry.yarnpkg.com/mkdirp/-/mkdirp-0.5.1.tgz#30057438eac6cf7f8c4767f38648d6697d75c903" + dependencies: + minimist "0.0.8" + +mocha@^3.1.2: + version "3.5.0" + resolved "https://registry.yarnpkg.com/mocha/-/mocha-3.5.0.tgz#1328567d2717f997030f8006234bce9b8cd72465" + dependencies: + browser-stdout "1.3.0" + commander "2.9.0" + debug "2.6.8" + diff "3.2.0" + escape-string-regexp "1.0.5" + glob "7.1.1" + growl "1.9.2" + json3 "3.3.2" + lodash.create "3.1.1" + mkdirp "0.5.1" + supports-color "3.1.2" + +moment@2.x.x: + version "2.18.1" + resolved "https://registry.yarnpkg.com/moment/-/moment-2.18.1.tgz#c36193dd3ce1c2eed2adb7c802dbbc77a81b1c0f" + +mongodb-core@2.1.15: + version "2.1.15" + resolved "https://registry.yarnpkg.com/mongodb-core/-/mongodb-core-2.1.15.tgz#841f53b87ffff4c7458189c35c8ae827e1169764" + dependencies: + bson "~1.0.4" + require_optional "~1.0.0" + +mongodb-download@^1.3.2: + version "1.3.2" + resolved "https://registry.yarnpkg.com/mongodb-download/-/mongodb-download-1.3.2.tgz#0a2e8868eaea6c18e2a7f7cb7c8048ff10809337" + dependencies: + debug "^2.2.0" + getos "^2.7.0" + yargs "^3.26.0" + +mongodb-prebuilt@^5.0.7: + version "5.0.8" + resolved "https://registry.yarnpkg.com/mongodb-prebuilt/-/mongodb-prebuilt-5.0.8.tgz#82eb96336688888c3a614efbf6c5613fb656fbed" + dependencies: + debug "^2.2.0" + decompress "^3.0.0" + https-proxy-agent "^1.0.0" + mongodb-download "^1.3.2" + spawn-sync "1.0.15" + yargs "^3.26.0" + +mongodb@^2.2.11, mongodb@^2.2.31: + version "2.2.31" + resolved "https://registry.yarnpkg.com/mongodb/-/mongodb-2.2.31.tgz#1940445c661e19217bb3bf8245d9854aaef548db" + dependencies: + es6-promise "3.2.1" + mongodb-core "2.1.15" + readable-stream "2.2.7" + +morgan@^1.8.2: + version "1.8.2" + resolved "https://registry.yarnpkg.com/morgan/-/morgan-1.8.2.tgz#784ac7734e4a453a9c6e6e8680a9329275c8b687" + dependencies: + basic-auth "~1.1.0" + debug "2.6.8" + depd "~1.1.0" + on-finished "~2.3.0" + on-headers "~1.0.1" + +ms@0.7.1: + version "0.7.1" + resolved "https://registry.yarnpkg.com/ms/-/ms-0.7.1.tgz#9cd13c03adbff25b65effde7ce864ee952017098" + +ms@0.7.2: + version "0.7.2" + resolved "https://registry.yarnpkg.com/ms/-/ms-0.7.2.tgz#ae25cf2512b3885a1d95d7f037868d8431124765" + +ms@2.0.0, ms@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/ms/-/ms-2.0.0.tgz#5608aeadfc00be6c2901df5f9861788de0d597c8" + +mute-stream@0.0.5: + version "0.0.5" + resolved "https://registry.yarnpkg.com/mute-stream/-/mute-stream-0.0.5.tgz#8fbfabb0a98a253d3184331f9e8deb7372fac6c0" + +nan@2.6.2, nan@^2.3.0, nan@^2.3.3: + version "2.6.2" + resolved "https://registry.yarnpkg.com/nan/-/nan-2.6.2.tgz#e4ff34e6c95fdfb5aecc08de6596f43605a7db45" + +natural-compare@^1.4.0: + version "1.4.0" + resolved "https://registry.yarnpkg.com/natural-compare/-/natural-compare-1.4.0.tgz#4abebfeed7541f2c27acfb29bdbbd15c8d5ba4f7" + +negotiator@0.6.1: + version "0.6.1" + resolved "https://registry.yarnpkg.com/negotiator/-/negotiator-0.6.1.tgz#2b327184e8992101177b28563fb5e7102acd0ca9" + +nested-error-stacks@^1.0.0: + version "1.0.2" + resolved "https://registry.yarnpkg.com/nested-error-stacks/-/nested-error-stacks-1.0.2.tgz#19f619591519f096769a5ba9a86e6eeec823c3cf" + dependencies: + inherits "~2.0.1" + +node-fetch@^1.6.3: + version "1.7.2" + resolved "https://registry.yarnpkg.com/node-fetch/-/node-fetch-1.7.2.tgz#c54e9aac57e432875233525f3c891c4159ffefd7" + dependencies: + encoding "^0.1.11" + is-stream "^1.0.1" + +node-pre-gyp@0.6.36, node-pre-gyp@^0.6.36: + version "0.6.36" + resolved "https://registry.yarnpkg.com/node-pre-gyp/-/node-pre-gyp-0.6.36.tgz#db604112cb74e0d477554e9b505b17abddfab786" + dependencies: + mkdirp "^0.5.1" + nopt "^4.0.1" + npmlog "^4.0.2" + rc "^1.1.7" + request "^2.81.0" + rimraf "^2.6.1" + semver "^5.3.0" + tar "^2.2.1" + tar-pack "^3.4.0" + +node-static@0.5.9: + version "0.5.9" + resolved "https://registry.yarnpkg.com/node-static/-/node-static-0.5.9.tgz#2f5bf30949e1735958266c269413aebce8cbe899" + +nodeify@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/nodeify/-/nodeify-1.0.1.tgz#64ab69a7bdbaf03ce107b4f0335c87c0b9e91b1d" + dependencies: + is-promise "~1.0.0" + promise "~1.3.0" + +nodemon@1.11.0: + version "1.11.0" + resolved "https://registry.yarnpkg.com/nodemon/-/nodemon-1.11.0.tgz#226c562bd2a7b13d3d7518b49ad4828a3623d06c" + dependencies: + chokidar "^1.4.3" + debug "^2.2.0" + es6-promise "^3.0.2" + ignore-by-default "^1.0.0" + lodash.defaults "^3.1.2" + minimatch "^3.0.0" + ps-tree "^1.0.1" + touch "1.0.0" + undefsafe "0.0.3" + update-notifier "0.5.0" + +nopt@^4.0.1: + version "4.0.1" + resolved "https://registry.yarnpkg.com/nopt/-/nopt-4.0.1.tgz#d0d4685afd5415193c8c7505602d0d17cd64474d" + dependencies: + abbrev "1" + osenv "^0.1.4" + +nopt@~1.0.10: + version "1.0.10" + resolved "https://registry.yarnpkg.com/nopt/-/nopt-1.0.10.tgz#6ddd21bd2a31417b92727dd585f8a6f37608ebee" + dependencies: + abbrev "1" + +normalize-package-data@^2.3.2, normalize-package-data@^2.3.4: + version "2.4.0" + resolved "https://registry.yarnpkg.com/normalize-package-data/-/normalize-package-data-2.4.0.tgz#12f95a307d58352075a04907b84ac8be98ac012f" + dependencies: + hosted-git-info "^2.1.4" + is-builtin-module "^1.0.0" + semver "2 || 3 || 4 || 5" + validate-npm-package-license "^3.0.1" + +normalize-path@^2.0.0, normalize-path@^2.0.1: + version "2.1.1" + resolved "https://registry.yarnpkg.com/normalize-path/-/normalize-path-2.1.1.tgz#1ab28b556e198363a8c1a6f7e6fa20137fe6aed9" + dependencies: + remove-trailing-separator "^1.0.1" + +npmlog@^4.0.2: + version "4.1.2" + resolved "https://registry.yarnpkg.com/npmlog/-/npmlog-4.1.2.tgz#08a7f2a8bf734604779a9efa4ad5cc717abb954b" + dependencies: + are-we-there-yet "~1.1.2" + console-control-strings "~1.1.0" + gauge "~2.7.3" + set-blocking "~2.0.0" + +number-is-nan@^1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/number-is-nan/-/number-is-nan-1.0.1.tgz#097b602b53422a522c1afb8790318336941a011d" + +oauth-sign@~0.8.1: + version "0.8.2" + resolved "https://registry.yarnpkg.com/oauth-sign/-/oauth-sign-0.8.2.tgz#46a6ab7f0aead8deae9ec0565780b7d4efeb9d43" + +object-assign@^2.0.0: + version "2.1.1" + resolved "https://registry.yarnpkg.com/object-assign/-/object-assign-2.1.1.tgz#43c36e5d569ff8e4816c4efa8be02d26967c18aa" + +object-assign@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/object-assign/-/object-assign-3.0.0.tgz#9bedd5ca0897949bca47e7ff408062d549f587f2" + +object-assign@^4, object-assign@^4.0.0, object-assign@^4.0.1, object-assign@^4.1.0: + version "4.1.1" + resolved "https://registry.yarnpkg.com/object-assign/-/object-assign-4.1.1.tgz#2109adc7965887cfc05cbbd442cac8bfbb360863" + +object.omit@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/object.omit/-/object.omit-2.0.1.tgz#1a9c744829f39dbb858c76ca3579ae2a54ebd1fa" + dependencies: + for-own "^0.1.4" + is-extendable "^0.1.1" + +on-finished@~2.3.0: + version "2.3.0" + resolved "https://registry.yarnpkg.com/on-finished/-/on-finished-2.3.0.tgz#20f1336481b083cd75337992a16971aa2d906947" + dependencies: + ee-first "1.1.1" + +on-headers@~1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/on-headers/-/on-headers-1.0.1.tgz#928f5d0f470d49342651ea6794b0857c100693f7" + +once@^1.3.0, once@^1.3.3, once@^1.4.0: + version "1.4.0" + resolved "https://registry.yarnpkg.com/once/-/once-1.4.0.tgz#583b1aa775961d4b113ac17d9c50baef9dd76bd1" + dependencies: + wrappy "1" + +onetime@^1.0.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/onetime/-/onetime-1.1.0.tgz#a1f7838f8314c516f05ecefcbc4ccfe04b4ed789" + +optionator@^0.8.2: + version "0.8.2" + resolved "https://registry.yarnpkg.com/optionator/-/optionator-0.8.2.tgz#364c5e409d3f4d6301d6c0b4c05bba50180aeb64" + dependencies: + deep-is "~0.1.3" + fast-levenshtein "~2.0.4" + levn "~0.3.0" + prelude-ls "~1.1.2" + type-check "~0.3.2" + wordwrap "~1.0.0" + +ordered-read-streams@^0.3.0: + version "0.3.0" + resolved "https://registry.yarnpkg.com/ordered-read-streams/-/ordered-read-streams-0.3.0.tgz#7137e69b3298bb342247a1bbee3881c80e2fd78b" + dependencies: + is-stream "^1.0.1" + readable-stream "^2.0.1" + +os-homedir@^1.0.0: + version "1.0.2" + resolved "https://registry.yarnpkg.com/os-homedir/-/os-homedir-1.0.2.tgz#ffbc4988336e0e833de0c168c7ef152121aa7fb3" + +os-locale@^1.4.0: + version "1.4.0" + resolved "https://registry.yarnpkg.com/os-locale/-/os-locale-1.4.0.tgz#20f9f17ae29ed345e8bde583b13d2009803c14d9" + dependencies: + lcid "^1.0.0" + +os-shim@^0.1.2: + version "0.1.3" + resolved "https://registry.yarnpkg.com/os-shim/-/os-shim-0.1.3.tgz#6b62c3791cf7909ea35ed46e17658bb417cb3917" + +os-tmpdir@^1.0.0, os-tmpdir@^1.0.1: + version "1.0.2" + resolved "https://registry.yarnpkg.com/os-tmpdir/-/os-tmpdir-1.0.2.tgz#bbe67406c79aa85c5cfec766fe5734555dfa1274" + +osenv@^0.1.0, osenv@^0.1.4: + version "0.1.4" + resolved "https://registry.yarnpkg.com/osenv/-/osenv-0.1.4.tgz#42fe6d5953df06c8064be6f176c3d05aaaa34644" + dependencies: + os-homedir "^1.0.0" + os-tmpdir "^1.0.0" + +output-file-sync@^1.1.0: + version "1.1.2" + resolved "https://registry.yarnpkg.com/output-file-sync/-/output-file-sync-1.1.2.tgz#d0a33eefe61a205facb90092e826598d5245ce76" + dependencies: + graceful-fs "^4.1.4" + mkdirp "^0.5.1" + object-assign "^4.1.0" + +package-json@^1.0.0: + version "1.2.0" + resolved "https://registry.yarnpkg.com/package-json/-/package-json-1.2.0.tgz#c8ecac094227cdf76a316874ed05e27cc939a0e0" + dependencies: + got "^3.2.0" + registry-url "^3.0.0" + +parse-glob@^3.0.4: + version "3.0.4" + resolved "https://registry.yarnpkg.com/parse-glob/-/parse-glob-3.0.4.tgz#b2c376cfb11f35513badd173ef0bb6e3a388391c" + dependencies: + glob-base "^0.3.0" + is-dotfile "^1.0.0" + is-extglob "^1.0.0" + is-glob "^2.0.0" + +parse-json@^2.2.0: + version "2.2.0" + resolved "https://registry.yarnpkg.com/parse-json/-/parse-json-2.2.0.tgz#f480f40434ef80741f8469099f8dea18f55a4dc9" + dependencies: + error-ex "^1.2.0" + +parseurl@~1.3.1: + version "1.3.1" + resolved "https://registry.yarnpkg.com/parseurl/-/parseurl-1.3.1.tgz#c8ab8c9223ba34888aa64a297b28853bec18da56" + +passport-jwt@^2.2.1: + version "2.2.1" + resolved "https://registry.yarnpkg.com/passport-jwt/-/passport-jwt-2.2.1.tgz#0e004c94071319d673d9d9bcfd1574a868011527" + dependencies: + jsonwebtoken "^7.0.0" + passport-strategy "^1.0.0" + +passport-strategy@1.x.x, passport-strategy@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/passport-strategy/-/passport-strategy-1.0.0.tgz#b5539aa8fc225a3d1ad179476ddf236b440f52e4" + +passport@^0.3.2: + version "0.3.2" + resolved "https://registry.yarnpkg.com/passport/-/passport-0.3.2.tgz#9dd009f915e8fe095b0124a01b8f82da07510102" + dependencies: + passport-strategy "1.x.x" + pause "0.0.1" + +path-dirname@^1.0.0: + version "1.0.2" + resolved "https://registry.yarnpkg.com/path-dirname/-/path-dirname-1.0.2.tgz#cc33d24d525e099a5388c0336c6e32b9160609e0" + +path-exists@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/path-exists/-/path-exists-1.0.0.tgz#d5a8998eb71ef37a74c34eb0d9eba6e878eea081" + +path-exists@^2.0.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/path-exists/-/path-exists-2.1.0.tgz#0feb6c64f0fc518d9a754dd5efb62c7022761f4b" + dependencies: + pinkie-promise "^2.0.0" + +path-is-absolute@^1.0.0, path-is-absolute@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/path-is-absolute/-/path-is-absolute-1.0.1.tgz#174b9268735534ffbc7ace6bf53a5a9e1b5c5f5f" + +path-is-inside@^1.0.1: + version "1.0.2" + resolved "https://registry.yarnpkg.com/path-is-inside/-/path-is-inside-1.0.2.tgz#365417dede44430d1c11af61027facf074bdfc53" + +path-parse@^1.0.5: + version "1.0.5" + resolved "https://registry.yarnpkg.com/path-parse/-/path-parse-1.0.5.tgz#3c1adf871ea9cd6c9431b6ea2bd74a0ff055c4c1" + +path-to-regexp@0.1.7: + version "0.1.7" + resolved "https://registry.yarnpkg.com/path-to-regexp/-/path-to-regexp-0.1.7.tgz#df604178005f522f15eb4490e7247a1bfaa67f8c" + +path-type@^1.0.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/path-type/-/path-type-1.1.0.tgz#59c44f7ee491da704da415da5a4070ba4f8fe441" + dependencies: + graceful-fs "^4.1.2" + pify "^2.0.0" + pinkie-promise "^2.0.0" + +pause-stream@0.0.11: + version "0.0.11" + resolved "https://registry.yarnpkg.com/pause-stream/-/pause-stream-0.0.11.tgz#fe5a34b0cbce12b5aa6a2b403ee2e73b602f1445" + dependencies: + through "~2.3" + +pause@0.0.1: + version "0.0.1" + resolved "https://registry.yarnpkg.com/pause/-/pause-0.0.1.tgz#1d408b3fdb76923b9543d96fb4c9dfd535d9cb5d" + +pend@~1.2.0: + version "1.2.0" + resolved "https://registry.yarnpkg.com/pend/-/pend-1.2.0.tgz#7a57eb550a6783f9115331fcf4663d5c8e007a50" + +performance-now@^0.2.0: + version "0.2.0" + resolved "https://registry.yarnpkg.com/performance-now/-/performance-now-0.2.0.tgz#33ef30c5c77d4ea21c5a53869d91b56d8f2555e5" + +pify@^2.0.0: + version "2.3.0" + resolved "https://registry.yarnpkg.com/pify/-/pify-2.3.0.tgz#ed141a6ac043a849ea588498e7dca8b15330e90c" + +pinkie-promise@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/pinkie-promise/-/pinkie-promise-2.0.1.tgz#2135d6dfa7a358c069ac9b178776288228450ffa" + dependencies: + pinkie "^2.0.0" + +pinkie@^2.0.0: + version "2.0.4" + resolved "https://registry.yarnpkg.com/pinkie/-/pinkie-2.0.4.tgz#72556b80cfa0d48a974e80e77248e80ed4f7f870" + +pkg-dir@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/pkg-dir/-/pkg-dir-1.0.0.tgz#7a4b508a8d5bb2d629d447056ff4e9c9314cf3d4" + dependencies: + find-up "^1.0.0" + +pkg-up@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/pkg-up/-/pkg-up-1.0.0.tgz#3e08fb461525c4421624a33b9f7e6d0af5b05a26" + dependencies: + find-up "^1.0.0" + +pluralize@^1.2.1: + version "1.2.1" + resolved "https://registry.yarnpkg.com/pluralize/-/pluralize-1.2.1.tgz#d1a21483fd22bb41e58a12fa3421823140897c45" + +prelude-ls@~1.1.2: + version "1.1.2" + resolved "https://registry.yarnpkg.com/prelude-ls/-/prelude-ls-1.1.2.tgz#21932a549f5e52ffd9a827f570e04be62a97da54" + +prepend-http@^1.0.0: + version "1.0.4" + resolved "https://registry.yarnpkg.com/prepend-http/-/prepend-http-1.0.4.tgz#d4f4562b0ce3696e41ac52d0e002e57a635dc6dc" + +preserve@^0.2.0: + version "0.2.0" + resolved "https://registry.yarnpkg.com/preserve/-/preserve-0.2.0.tgz#815ed1f6ebc65926f865b310c0713bcb3315ce4b" + +private@^0.1.6, private@^0.1.7: + version "0.1.7" + resolved "https://registry.yarnpkg.com/private/-/private-0.1.7.tgz#68ce5e8a1ef0a23bb570cc28537b5332aba63ef1" + +process-nextick-args@~1.0.6: + version "1.0.7" + resolved "https://registry.yarnpkg.com/process-nextick-args/-/process-nextick-args-1.0.7.tgz#150e20b756590ad3f91093f25a4f2ad8bff30ba3" + +process@~0.5.1: + version "0.5.2" + resolved "https://registry.yarnpkg.com/process/-/process-0.5.2.tgz#1638d8a8e34c2f440a91db95ab9aeb677fc185cf" + +progress@^1.1.8: + version "1.1.8" + resolved "https://registry.yarnpkg.com/progress/-/progress-1.1.8.tgz#e260c78f6161cdd9b0e56cc3e0a85de17c7a57be" + +promise@~1.3.0: + version "1.3.0" + resolved "https://registry.yarnpkg.com/promise/-/promise-1.3.0.tgz#e5cc9a4c8278e4664ffedc01c7da84842b040175" + dependencies: + is-promise "~1" + +proxy-addr@~1.1.2: + version "1.1.5" + resolved "https://registry.yarnpkg.com/proxy-addr/-/proxy-addr-1.1.5.tgz#71c0ee3b102de3f202f3b64f608d173fcba1a918" + dependencies: + forwarded "~0.1.0" + ipaddr.js "1.4.0" + +ps-tree@^1.0.1: + version "1.1.0" + resolved "https://registry.yarnpkg.com/ps-tree/-/ps-tree-1.1.0.tgz#b421b24140d6203f1ed3c76996b4427b08e8c014" + dependencies: + event-stream "~3.3.0" + +punycode@^1.4.1: + version "1.4.1" + resolved "https://registry.yarnpkg.com/punycode/-/punycode-1.4.1.tgz#c0d5a63b2718800ad8e1eb0fa5269c84dd41845e" + +qs@6.2.0: + version "6.2.0" + resolved "https://registry.yarnpkg.com/qs/-/qs-6.2.0.tgz#3b7848c03c2dece69a9522b0fae8c4126d745f3b" + +qs@~6.4.0: + version "6.4.0" + resolved "https://registry.yarnpkg.com/qs/-/qs-6.4.0.tgz#13e26d28ad6b0ffaa91312cd3bf708ed351e7233" + +random-bytes@~1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/random-bytes/-/random-bytes-1.0.0.tgz#4f68a1dc0ae58bd3fb95848c30324db75d64360b" + +randomatic@^1.1.3: + version "1.1.7" + resolved "https://registry.yarnpkg.com/randomatic/-/randomatic-1.1.7.tgz#c7abe9cc8b87c0baa876b19fde83fd464797e38c" + dependencies: + is-number "^3.0.0" + kind-of "^4.0.0" + +range-parser@~1.2.0: + version "1.2.0" + resolved "https://registry.yarnpkg.com/range-parser/-/range-parser-1.2.0.tgz#f49be6b487894ddc40dcc94a322f611092e00d5e" + +raw-body@~2.1.7: + version "2.1.7" + resolved "https://registry.yarnpkg.com/raw-body/-/raw-body-2.1.7.tgz#adfeace2e4fb3098058014d08c072dcc59758774" + dependencies: + bytes "2.4.0" + iconv-lite "0.4.13" + unpipe "1.0.0" + +rc@^1.0.1, rc@^1.1.7: + version "1.2.1" + resolved "https://registry.yarnpkg.com/rc/-/rc-1.2.1.tgz#2e03e8e42ee450b8cb3dce65be1bf8974e1dfd95" + dependencies: + deep-extend "~0.4.0" + ini "~1.3.0" + minimist "^1.2.0" + strip-json-comments "~2.0.1" + +read-all-stream@^3.0.0: + version "3.1.0" + resolved "https://registry.yarnpkg.com/read-all-stream/-/read-all-stream-3.1.0.tgz#35c3e177f2078ef789ee4bfafa4373074eaef4fa" + dependencies: + pinkie-promise "^2.0.0" + readable-stream "^2.0.0" + +read-pkg-up@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/read-pkg-up/-/read-pkg-up-1.0.1.tgz#9d63c13276c065918d57f002a57f40a1b643fb02" + dependencies: + find-up "^1.0.0" + read-pkg "^1.0.0" + +read-pkg@^1.0.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/read-pkg/-/read-pkg-1.1.0.tgz#f5ffaa5ecd29cb31c0474bca7d756b6bb29e3f28" + dependencies: + load-json-file "^1.0.0" + normalize-package-data "^2.3.2" + path-type "^1.0.0" + +readable-stream@2.2.7: + version "2.2.7" + resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.2.7.tgz#07057acbe2467b22042d36f98c5ad507054e95b1" + dependencies: + buffer-shims "~1.0.0" + core-util-is "~1.0.0" + inherits "~2.0.1" + isarray "~1.0.0" + process-nextick-args "~1.0.6" + string_decoder "~1.0.0" + util-deprecate "~1.0.1" + +"readable-stream@>=1.0.33-1 <1.1.0-0": + version "1.0.34" + resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-1.0.34.tgz#125820e34bc842d2f2aaafafe4c2916ee32c157c" + dependencies: + core-util-is "~1.0.0" + inherits "~2.0.1" + isarray "0.0.1" + string_decoder "~0.10.x" + +readable-stream@^2.0.0, readable-stream@^2.0.1, readable-stream@^2.0.2, readable-stream@^2.0.4, readable-stream@^2.0.5, readable-stream@^2.0.6, readable-stream@^2.1.4, readable-stream@^2.1.5, readable-stream@^2.2.2: + version "2.3.3" + resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.3.3.tgz#368f2512d79f9d46fdfc71349ae7878bbc1eb95c" + dependencies: + core-util-is "~1.0.0" + inherits "~2.0.3" + isarray "~1.0.0" + process-nextick-args "~1.0.6" + safe-buffer "~5.1.1" + string_decoder "~1.0.3" + util-deprecate "~1.0.1" + +readdirp@^2.0.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/readdirp/-/readdirp-2.1.0.tgz#4ed0ad060df3073300c48440373f72d1cc642d78" + dependencies: + graceful-fs "^4.1.2" + minimatch "^3.0.2" + readable-stream "^2.0.2" + set-immediate-shim "^1.0.1" + +readline2@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/readline2/-/readline2-1.0.1.tgz#41059608ffc154757b715d9989d199ffbf372e35" + dependencies: + code-point-at "^1.0.0" + is-fullwidth-code-point "^1.0.0" + mute-stream "0.0.5" + +redent@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/redent/-/redent-1.0.0.tgz#cf916ab1fd5f1f16dfb20822dd6ec7f730c2afde" + dependencies: + indent-string "^2.1.0" + strip-indent "^1.0.1" + +regenerate@^1.2.1: + version "1.3.2" + resolved "https://registry.yarnpkg.com/regenerate/-/regenerate-1.3.2.tgz#d1941c67bad437e1be76433add5b385f95b19260" + +regenerator-runtime@^0.10.5: + version "0.10.5" + resolved "https://registry.yarnpkg.com/regenerator-runtime/-/regenerator-runtime-0.10.5.tgz#336c3efc1220adcedda2c9fab67b5a7955a33658" + +regenerator-runtime@^0.11.0: + version "0.11.0" + resolved "https://registry.yarnpkg.com/regenerator-runtime/-/regenerator-runtime-0.11.0.tgz#7e54fe5b5ccd5d6624ea6255c3473be090b802e1" + +regenerator-transform@^0.10.0: + version "0.10.1" + resolved "https://registry.yarnpkg.com/regenerator-transform/-/regenerator-transform-0.10.1.tgz#1e4996837231da8b7f3cf4114d71b5691a0680dd" + dependencies: + babel-runtime "^6.18.0" + babel-types "^6.19.0" + private "^0.1.6" + +regex-cache@^0.4.2: + version "0.4.3" + resolved "https://registry.yarnpkg.com/regex-cache/-/regex-cache-0.4.3.tgz#9b1a6c35d4d0dfcef5711ae651e8e9d3d7114145" + dependencies: + is-equal-shallow "^0.1.3" + is-primitive "^2.0.0" + +regexpu-core@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/regexpu-core/-/regexpu-core-2.0.0.tgz#49d038837b8dcf8bfa5b9a42139938e6ea2ae240" + dependencies: + regenerate "^1.2.1" + regjsgen "^0.2.0" + regjsparser "^0.1.4" + +registry-url@^3.0.0: + version "3.1.0" + resolved "https://registry.yarnpkg.com/registry-url/-/registry-url-3.1.0.tgz#3d4ef870f73dde1d77f0cf9a381432444e174942" + dependencies: + rc "^1.0.1" + +regjsgen@^0.2.0: + version "0.2.0" + resolved "https://registry.yarnpkg.com/regjsgen/-/regjsgen-0.2.0.tgz#6c016adeac554f75823fe37ac05b92d5a4edb1f7" + +regjsparser@^0.1.4: + version "0.1.5" + resolved "https://registry.yarnpkg.com/regjsparser/-/regjsparser-0.1.5.tgz#7ee8f84dc6fa792d3fd0ae228d24bd949ead205c" + dependencies: + jsesc "~0.5.0" + +remove-trailing-separator@^1.0.1: + version "1.1.0" + resolved "https://registry.yarnpkg.com/remove-trailing-separator/-/remove-trailing-separator-1.1.0.tgz#c24bce2a283adad5bc3f58e0d48249b92379d8ef" + +repeat-element@^1.1.2: + version "1.1.2" + resolved "https://registry.yarnpkg.com/repeat-element/-/repeat-element-1.1.2.tgz#ef089a178d1483baae4d93eb98b4f9e4e11d990a" + +repeat-string@^1.5.2: + version "1.6.1" + resolved "https://registry.yarnpkg.com/repeat-string/-/repeat-string-1.6.1.tgz#8dcae470e1c88abc2d600fff4a776286da75e637" + +repeating@^1.1.2: + version "1.1.3" + resolved "https://registry.yarnpkg.com/repeating/-/repeating-1.1.3.tgz#3d4114218877537494f97f77f9785fab810fa4ac" + dependencies: + is-finite "^1.0.0" + +repeating@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/repeating/-/repeating-2.0.1.tgz#5214c53a926d3552707527fbab415dbc08d06dda" + dependencies: + is-finite "^1.0.0" + +replace-ext@0.0.1: + version "0.0.1" + resolved "https://registry.yarnpkg.com/replace-ext/-/replace-ext-0.0.1.tgz#29bbd92078a739f0bcce2b4ee41e837953522924" + +request@^2.65.0, request@^2.81.0: + version "2.81.0" + resolved "https://registry.yarnpkg.com/request/-/request-2.81.0.tgz#c6928946a0e06c5f8d6f8a9333469ffda46298a0" + dependencies: + aws-sign2 "~0.6.0" + aws4 "^1.2.1" + caseless "~0.12.0" + combined-stream "~1.0.5" + extend "~3.0.0" + forever-agent "~0.6.1" + form-data "~2.1.1" + har-validator "~4.2.1" + hawk "~3.1.3" + http-signature "~1.1.0" + is-typedarray "~1.0.0" + isstream "~0.1.2" + json-stringify-safe "~5.0.1" + mime-types "~2.1.7" + oauth-sign "~0.8.1" + performance-now "^0.2.0" + qs "~6.4.0" + safe-buffer "^5.0.1" + stringstream "~0.0.4" + tough-cookie "~2.3.0" + tunnel-agent "^0.6.0" + uuid "^3.0.0" + +require-uncached@^1.0.2: + version "1.0.3" + resolved "https://registry.yarnpkg.com/require-uncached/-/require-uncached-1.0.3.tgz#4e0d56d6c9662fd31e43011c4b95aa49955421d3" + dependencies: + caller-path "^0.1.0" + resolve-from "^1.0.0" + +require_optional@~1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/require_optional/-/require_optional-1.0.1.tgz#4cf35a4247f64ca3df8c2ef208cc494b1ca8fc2e" + dependencies: + resolve-from "^2.0.0" + semver "^5.1.0" + +resolve-from@^1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/resolve-from/-/resolve-from-1.0.1.tgz#26cbfe935d1aeeeabb29bc3fe5aeb01e93d44226" + +resolve-from@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/resolve-from/-/resolve-from-2.0.0.tgz#9480ab20e94ffa1d9e80a804c7ea147611966b57" + +resolve@^1.1.6: + version "1.4.0" + resolved "https://registry.yarnpkg.com/resolve/-/resolve-1.4.0.tgz#a75be01c53da25d934a98ebd0e4c4a7312f92a86" + dependencies: + path-parse "^1.0.5" + +restore-cursor@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/restore-cursor/-/restore-cursor-1.0.1.tgz#34661f46886327fed2991479152252df92daa541" + dependencies: + exit-hook "^1.0.0" + onetime "^1.0.0" + +rimraf@2, rimraf@^2.2.8, rimraf@^2.5.1, rimraf@^2.6.1: + version "2.6.1" + resolved "https://registry.yarnpkg.com/rimraf/-/rimraf-2.6.1.tgz#c2338ec643df7a1b7fe5c54fa86f57428a55f33d" + dependencies: + glob "^7.0.5" + +run-async@^0.1.0: + version "0.1.0" + resolved "https://registry.yarnpkg.com/run-async/-/run-async-0.1.0.tgz#c8ad4a5e110661e402a7d21b530e009f25f8e389" + dependencies: + once "^1.3.0" + +rx-lite@^3.1.2: + version "3.1.2" + resolved "https://registry.yarnpkg.com/rx-lite/-/rx-lite-3.1.2.tgz#19ce502ca572665f3b647b10939f97fd1615f102" + +safe-buffer@^5.0.1, safe-buffer@~5.1.0, safe-buffer@~5.1.1: + version "5.1.1" + resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.1.1.tgz#893312af69b2123def71f57889001671eeb2c853" + +seek-bzip@^1.0.3: + version "1.0.5" + resolved "https://registry.yarnpkg.com/seek-bzip/-/seek-bzip-1.0.5.tgz#cfe917cb3d274bcffac792758af53173eb1fabdc" + dependencies: + commander "~2.8.1" + +semver-diff@^2.0.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/semver-diff/-/semver-diff-2.1.0.tgz#4bbb8437c8d37e4b0cf1a68fd726ec6d645d6d36" + dependencies: + semver "^5.0.3" + +semver-regex@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/semver-regex/-/semver-regex-1.0.0.tgz#92a4969065f9c70c694753d55248fc68f8f652c9" + +semver-truncate@^1.0.0: + version "1.1.2" + resolved "https://registry.yarnpkg.com/semver-truncate/-/semver-truncate-1.1.2.tgz#57f41de69707a62709a7e0104ba2117109ea47e8" + dependencies: + semver "^5.3.0" + +"semver@2 || 3 || 4 || 5", semver@^5.0.3, semver@^5.1.0, semver@^5.3.0: + version "5.4.1" + resolved "https://registry.yarnpkg.com/semver/-/semver-5.4.1.tgz#e059c09d8571f0540823733433505d3a2f00b18e" + +semver@^4.0.3: + version "4.3.6" + resolved "https://registry.yarnpkg.com/semver/-/semver-4.3.6.tgz#300bc6e0e86374f7ba61068b5b1ecd57fc6532da" + +semver@~5.0.1: + version "5.0.3" + resolved "https://registry.yarnpkg.com/semver/-/semver-5.0.3.tgz#77466de589cd5d3c95f138aa78bc569a3cb5d27a" + +send@0.14.1: + version "0.14.1" + resolved "https://registry.yarnpkg.com/send/-/send-0.14.1.tgz#a954984325392f51532a7760760e459598c89f7a" + dependencies: + debug "~2.2.0" + depd "~1.1.0" + destroy "~1.0.4" + encodeurl "~1.0.1" + escape-html "~1.0.3" + etag "~1.7.0" + fresh "0.3.0" + http-errors "~1.5.0" + mime "1.3.4" + ms "0.7.1" + on-finished "~2.3.0" + range-parser "~1.2.0" + statuses "~1.3.0" + +send@0.14.2: + version "0.14.2" + resolved "https://registry.yarnpkg.com/send/-/send-0.14.2.tgz#39b0438b3f510be5dc6f667a11f71689368cdeef" + dependencies: + debug "~2.2.0" + depd "~1.1.0" + destroy "~1.0.4" + encodeurl "~1.0.1" + escape-html "~1.0.3" + etag "~1.7.0" + fresh "0.3.0" + http-errors "~1.5.1" + mime "1.3.4" + ms "0.7.2" + on-finished "~2.3.0" + range-parser "~1.2.0" + statuses "~1.3.1" + +serve-static@~1.11.1: + version "1.11.2" + resolved "https://registry.yarnpkg.com/serve-static/-/serve-static-1.11.2.tgz#2cf9889bd4435a320cc36895c9aa57bd662e6ac7" + dependencies: + encodeurl "~1.0.1" + escape-html "~1.0.3" + parseurl "~1.3.1" + send "0.14.2" + +set-blocking@~2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/set-blocking/-/set-blocking-2.0.0.tgz#045f9782d011ae9a6803ddd382b24392b3d890f7" + +set-immediate-shim@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/set-immediate-shim/-/set-immediate-shim-1.0.1.tgz#4b2b1b27eb808a9f8dcc481a58e5e56f599f3f61" + +setprototypeof@1.0.2: + version "1.0.2" + resolved "https://registry.yarnpkg.com/setprototypeof/-/setprototypeof-1.0.2.tgz#81a552141ec104b88e89ce383103ad5c66564d08" + +setprototypeof@1.0.3: + version "1.0.3" + resolved "https://registry.yarnpkg.com/setprototypeof/-/setprototypeof-1.0.3.tgz#66567e37043eeb4f04d91bd658c0cbefb55b8e04" + +shebang-regex@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/shebang-regex/-/shebang-regex-1.0.0.tgz#da42f49740c0b42db2ca9728571cb190c98efea3" + +shelljs@^0.6.0: + version "0.6.1" + resolved "https://registry.yarnpkg.com/shelljs/-/shelljs-0.6.1.tgz#ec6211bed1920442088fe0f70b2837232ed2c8a8" + +signal-exit@^3.0.0: + version "3.0.2" + resolved "https://registry.yarnpkg.com/signal-exit/-/signal-exit-3.0.2.tgz#b5fdc08f1287ea1178628e415e25132b73646c6d" + +slash@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/slash/-/slash-1.0.0.tgz#c41f2f6c39fc16d1cd17ad4b5d896114ae470d55" + +slice-ansi@0.0.4: + version "0.0.4" + resolved "https://registry.yarnpkg.com/slice-ansi/-/slice-ansi-0.0.4.tgz#edbf8903f66f7ce2f8eafd6ceed65e264c831b35" + +slide@^1.1.5: + version "1.1.6" + resolved "https://registry.yarnpkg.com/slide/-/slide-1.1.6.tgz#56eb027d65b4d2dce6cb2e2d32c4d4afc9e1d707" + +sntp@1.x.x: + version "1.0.9" + resolved "https://registry.yarnpkg.com/sntp/-/sntp-1.0.9.tgz#6541184cc90aeea6c6e7b35e2659082443c66198" + dependencies: + hoek "2.x.x" + +source-map-support@^0.4.15, source-map-support@^0.4.2: + version "0.4.16" + resolved "https://registry.yarnpkg.com/source-map-support/-/source-map-support-0.4.16.tgz#16fecf98212467d017d586a2af68d628b9421cd8" + dependencies: + source-map "^0.5.6" + +source-map@^0.5.0, source-map@^0.5.6: + version "0.5.7" + resolved "https://registry.yarnpkg.com/source-map/-/source-map-0.5.7.tgz#8a039d2d1021d22d1ea14c80d8ea468ba2ef3fcc" + +spawn-sync@1.0.15: + version "1.0.15" + resolved "https://registry.yarnpkg.com/spawn-sync/-/spawn-sync-1.0.15.tgz#b00799557eb7fb0c8376c29d44e8a1ea67e57476" + dependencies: + concat-stream "^1.4.7" + os-shim "^0.1.2" + +spdx-correct@~1.0.0: + version "1.0.2" + resolved "https://registry.yarnpkg.com/spdx-correct/-/spdx-correct-1.0.2.tgz#4b3073d933ff51f3912f03ac5519498a4150db40" + dependencies: + spdx-license-ids "^1.0.2" + +spdx-expression-parse@~1.0.0: + version "1.0.4" + resolved "https://registry.yarnpkg.com/spdx-expression-parse/-/spdx-expression-parse-1.0.4.tgz#9bdf2f20e1f40ed447fbe273266191fced51626c" + +spdx-license-ids@^1.0.2: + version "1.2.2" + resolved "https://registry.yarnpkg.com/spdx-license-ids/-/spdx-license-ids-1.2.2.tgz#c9df7a3424594ade6bd11900d596696dc06bac57" + +split@0.3: + version "0.3.3" + resolved "https://registry.yarnpkg.com/split/-/split-0.3.3.tgz#cd0eea5e63a211dfff7eb0f091c4133e2d0dd28f" + dependencies: + through "2" + +sprintf-js@~1.0.2: + version "1.0.3" + resolved "https://registry.yarnpkg.com/sprintf-js/-/sprintf-js-1.0.3.tgz#04e6926f662895354f3dd015203633b857297e2c" + +sshpk@^1.7.0: + version "1.13.1" + resolved "https://registry.yarnpkg.com/sshpk/-/sshpk-1.13.1.tgz#512df6da6287144316dc4c18fe1cf1d940739be3" + dependencies: + asn1 "~0.2.3" + assert-plus "^1.0.0" + dashdash "^1.12.0" + getpass "^0.1.1" + optionalDependencies: + bcrypt-pbkdf "^1.0.0" + ecc-jsbn "~0.1.1" + jsbn "~0.1.0" + tweetnacl "~0.14.0" + +stack-trace@0.0.x: + version "0.0.10" + resolved "https://registry.yarnpkg.com/stack-trace/-/stack-trace-0.0.10.tgz#547c70b347e8d32b4e108ea1a2a159e5fdde19c0" + +stat-mode@^0.2.0: + version "0.2.2" + resolved "https://registry.yarnpkg.com/stat-mode/-/stat-mode-0.2.2.tgz#e6c80b623123d7d80cf132ce538f346289072502" + +"statuses@>= 1.3.1 < 2", statuses@~1.3.0, statuses@~1.3.1: + version "1.3.1" + resolved "https://registry.yarnpkg.com/statuses/-/statuses-1.3.1.tgz#faf51b9eb74aaef3b3acf4ad5f61abf24cb7b93e" + +stream-combiner2@^1.1.1: + version "1.1.1" + resolved "https://registry.yarnpkg.com/stream-combiner2/-/stream-combiner2-1.1.1.tgz#fb4d8a1420ea362764e21ad4780397bebcb41cbe" + dependencies: + duplexer2 "~0.1.0" + readable-stream "^2.0.2" + +stream-combiner@~0.0.4: + version "0.0.4" + resolved "https://registry.yarnpkg.com/stream-combiner/-/stream-combiner-0.0.4.tgz#4d5e433c185261dde623ca3f44c586bcf5c4ad14" + dependencies: + duplexer "~0.1.1" + +stream-shift@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/stream-shift/-/stream-shift-1.0.0.tgz#d5c752825e5367e786f78e18e445ea223a155952" + +string-length@^1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/string-length/-/string-length-1.0.1.tgz#56970fb1c38558e9e70b728bf3de269ac45adfac" + dependencies: + strip-ansi "^3.0.0" + +string-width@^1.0.1, string-width@^1.0.2: + version "1.0.2" + resolved "https://registry.yarnpkg.com/string-width/-/string-width-1.0.2.tgz#118bdf5b8cdc51a2a7e70d211e07e2b0b9b107d3" + dependencies: + code-point-at "^1.0.0" + is-fullwidth-code-point "^1.0.0" + strip-ansi "^3.0.0" + +string-width@^2.0.0: + version "2.1.1" + resolved "https://registry.yarnpkg.com/string-width/-/string-width-2.1.1.tgz#ab93f27a8dc13d28cac815c462143a6d9012ae9e" + dependencies: + is-fullwidth-code-point "^2.0.0" + strip-ansi "^4.0.0" + +string_decoder@~0.10.x: + version "0.10.31" + resolved "https://registry.yarnpkg.com/string_decoder/-/string_decoder-0.10.31.tgz#62e203bc41766c6c28c9fc84301dab1c5310fa94" + +string_decoder@~1.0.0, string_decoder@~1.0.3: + version "1.0.3" + resolved "https://registry.yarnpkg.com/string_decoder/-/string_decoder-1.0.3.tgz#0fc67d7c141825de94282dd536bec6b9bce860ab" + dependencies: + safe-buffer "~5.1.0" + +stringstream@~0.0.4: + version "0.0.5" + resolved "https://registry.yarnpkg.com/stringstream/-/stringstream-0.0.5.tgz#4e484cd4de5a0bbbee18e46307710a8a81621878" + +strip-ansi@^3.0.0, strip-ansi@^3.0.1: + version "3.0.1" + resolved "https://registry.yarnpkg.com/strip-ansi/-/strip-ansi-3.0.1.tgz#6a385fb8853d952d5ff05d0e8aaf94278dc63dcf" + dependencies: + ansi-regex "^2.0.0" + +strip-ansi@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/strip-ansi/-/strip-ansi-4.0.0.tgz#a8479022eb1ac368a871389b635262c505ee368f" + dependencies: + ansi-regex "^3.0.0" + +strip-bom-stream@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/strip-bom-stream/-/strip-bom-stream-1.0.0.tgz#e7144398577d51a6bed0fa1994fa05f43fd988ee" + dependencies: + first-chunk-stream "^1.0.0" + strip-bom "^2.0.0" + +strip-bom@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/strip-bom/-/strip-bom-2.0.0.tgz#6219a85616520491f35788bdbf1447a99c7e6b0e" + dependencies: + is-utf8 "^0.2.0" + +strip-bom@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/strip-bom/-/strip-bom-3.0.0.tgz#2334c18e9c759f7bdd56fdef7e9ae3d588e68ed3" + +strip-dirs@^1.0.0: + version "1.1.1" + resolved "https://registry.yarnpkg.com/strip-dirs/-/strip-dirs-1.1.1.tgz#960bbd1287844f3975a4558aa103a8255e2456a0" + dependencies: + chalk "^1.0.0" + get-stdin "^4.0.1" + is-absolute "^0.1.5" + is-natural-number "^2.0.0" + minimist "^1.1.0" + sum-up "^1.0.1" + +strip-indent@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/strip-indent/-/strip-indent-1.0.1.tgz#0c7962a6adefa7bbd4ac366460a638552ae1a0a2" + dependencies: + get-stdin "^4.0.1" + +strip-json-comments@~1.0.1: + version "1.0.4" + resolved "https://registry.yarnpkg.com/strip-json-comments/-/strip-json-comments-1.0.4.tgz#1e15fbcac97d3ee99bf2d73b4c656b082bbafb91" + +strip-json-comments@~2.0.1: + version "2.0.1" + resolved "https://registry.yarnpkg.com/strip-json-comments/-/strip-json-comments-2.0.1.tgz#3c531942e908c2697c0ec344858c286c7ca0a60a" + +subscriptions-transport-ws@0.2.6: + version "0.2.6" + resolved "https://registry.yarnpkg.com/subscriptions-transport-ws/-/subscriptions-transport-ws-0.2.6.tgz#433861167c25ef9a2b8697e9403afa2a77656cb3" + dependencies: + "@types/node" "^6.0.38" + backo2 "^1.0.2" + es6-promise "^3.2.1" + graphql-subscriptions "^0.1.3" + lodash.isobject "^3.0.2" + lodash.isstring "^4.0.1" + node-static "0.5.9" + websocket "^1.0.23" + +sum-up@^1.0.1: + version "1.0.3" + resolved "https://registry.yarnpkg.com/sum-up/-/sum-up-1.0.3.tgz#1c661f667057f63bcb7875aa1438bc162525156e" + dependencies: + chalk "^1.0.0" + +supports-color@3.1.2: + version "3.1.2" + resolved "https://registry.yarnpkg.com/supports-color/-/supports-color-3.1.2.tgz#72a262894d9d408b956ca05ff37b2ed8a6e2a2d5" + dependencies: + has-flag "^1.0.0" + +supports-color@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/supports-color/-/supports-color-2.0.0.tgz#535d045ce6b6363fa40117084629995e9df324c7" + +table@^3.7.8: + version "3.8.3" + resolved "https://registry.yarnpkg.com/table/-/table-3.8.3.tgz#2bbc542f0fda9861a755d3947fefd8b3f513855f" + dependencies: + ajv "^4.7.0" + ajv-keywords "^1.0.0" + chalk "^1.1.1" + lodash "^4.0.0" + slice-ansi "0.0.4" + string-width "^2.0.0" + +tar-pack@^3.4.0: + version "3.4.0" + resolved "https://registry.yarnpkg.com/tar-pack/-/tar-pack-3.4.0.tgz#23be2d7f671a8339376cbdb0b8fe3fdebf317984" + dependencies: + debug "^2.2.0" + fstream "^1.0.10" + fstream-ignore "^1.0.5" + once "^1.3.3" + readable-stream "^2.1.4" + rimraf "^2.5.1" + tar "^2.2.1" + uid-number "^0.0.6" + +tar-stream@^1.1.1: + version "1.5.4" + resolved "https://registry.yarnpkg.com/tar-stream/-/tar-stream-1.5.4.tgz#36549cf04ed1aee9b2a30c0143252238daf94016" + dependencies: + bl "^1.0.0" + end-of-stream "^1.0.0" + readable-stream "^2.0.0" + xtend "^4.0.0" + +tar@^2.2.1: + version "2.2.1" + resolved "https://registry.yarnpkg.com/tar/-/tar-2.2.1.tgz#8e4d2a256c0e2185c6b18ad694aec968b83cb1d1" + dependencies: + block-stream "*" + fstream "^1.0.2" + inherits "2" + +text-table@~0.2.0: + version "0.2.0" + resolved "https://registry.yarnpkg.com/text-table/-/text-table-0.2.0.tgz#7f5ee823ae805207c00af2df4a84ec3fcfa570b4" + +through2-filter@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/through2-filter/-/through2-filter-2.0.0.tgz#60bc55a0dacb76085db1f9dae99ab43f83d622ec" + dependencies: + through2 "~2.0.0" + xtend "~4.0.0" + +through2@^0.6.0, through2@^0.6.1: + version "0.6.5" + resolved "https://registry.yarnpkg.com/through2/-/through2-0.6.5.tgz#41ab9c67b29d57209071410e1d7a7a968cd3ad48" + dependencies: + readable-stream ">=1.0.33-1 <1.1.0-0" + xtend ">=4.0.0 <4.1.0-0" + +through2@^2.0.0, through2@~2.0.0: + version "2.0.3" + resolved "https://registry.yarnpkg.com/through2/-/through2-2.0.3.tgz#0004569b37c7c74ba39c43f3ced78d1ad94140be" + dependencies: + readable-stream "^2.1.5" + xtend "~4.0.1" + +through@2, through@^2.3.6, through@~2.3, through@~2.3.1: + version "2.3.8" + resolved "https://registry.yarnpkg.com/through/-/through-2.3.8.tgz#0dd4c9ffaabc357960b1b724115d7e0e86a2e1f5" + +timed-out@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/timed-out/-/timed-out-2.0.0.tgz#f38b0ae81d3747d628001f41dafc652ace671c0a" + +to-absolute-glob@^0.1.1: + version "0.1.1" + resolved "https://registry.yarnpkg.com/to-absolute-glob/-/to-absolute-glob-0.1.1.tgz#1cdfa472a9ef50c239ee66999b662ca0eb39937f" + dependencies: + extend-shallow "^2.0.1" + +to-fast-properties@^1.0.3: + version "1.0.3" + resolved "https://registry.yarnpkg.com/to-fast-properties/-/to-fast-properties-1.0.3.tgz#b83571fa4d8c25b82e231b06e3a3055de4ca1a47" + +topo@1.x.x: + version "1.1.0" + resolved "https://registry.yarnpkg.com/topo/-/topo-1.1.0.tgz#e9d751615d1bb87dc865db182fa1ca0a5ef536d5" + dependencies: + hoek "2.x.x" + +touch@1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/touch/-/touch-1.0.0.tgz#449cbe2dbae5a8c8038e30d71fa0ff464947c4de" + dependencies: + nopt "~1.0.10" + +tough-cookie@~2.3.0: + version "2.3.2" + resolved "https://registry.yarnpkg.com/tough-cookie/-/tough-cookie-2.3.2.tgz#f081f76e4c85720e6c37a5faced737150d84072a" + dependencies: + punycode "^1.4.1" + +trim-newlines@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/trim-newlines/-/trim-newlines-1.0.0.tgz#5887966bb582a4503a41eb524f7d35011815a613" + +trim-right@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/trim-right/-/trim-right-1.0.1.tgz#cb2e1203067e0c8de1f614094b9fe45704ea6003" + +tryit@^1.0.1: + version "1.0.3" + resolved "https://registry.yarnpkg.com/tryit/-/tryit-1.0.3.tgz#393be730a9446fd1ead6da59a014308f36c289cb" + +tunnel-agent@^0.6.0: + version "0.6.0" + resolved "https://registry.yarnpkg.com/tunnel-agent/-/tunnel-agent-0.6.0.tgz#27a5dea06b36b04a0a9966774b290868f0fc40fd" + dependencies: + safe-buffer "^5.0.1" + +tweetnacl@^0.14.3, tweetnacl@~0.14.0: + version "0.14.5" + resolved "https://registry.yarnpkg.com/tweetnacl/-/tweetnacl-0.14.5.tgz#5ae68177f192d4456269d108afa93ff8743f4f64" + +type-check@~0.3.2: + version "0.3.2" + resolved "https://registry.yarnpkg.com/type-check/-/type-check-0.3.2.tgz#5884cab512cf1d355e3fb784f30804b2b520db72" + dependencies: + prelude-ls "~1.1.2" + +type-detect@0.1.1: + version "0.1.1" + resolved "https://registry.yarnpkg.com/type-detect/-/type-detect-0.1.1.tgz#0ba5ec2a885640e470ea4e8505971900dac58822" + +type-detect@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/type-detect/-/type-detect-1.0.0.tgz#762217cc06db258ec48908a1298e8b95121e8ea2" + +type-is@~1.6.13: + version "1.6.15" + resolved "https://registry.yarnpkg.com/type-is/-/type-is-1.6.15.tgz#cab10fb4909e441c82842eafe1ad646c81804410" + dependencies: + media-typer "0.3.0" + mime-types "~2.1.15" + +typed-graphql@^1.0.2: + version "1.0.2" + resolved "https://registry.yarnpkg.com/typed-graphql/-/typed-graphql-1.0.2.tgz#4c0f788775d552df4d4ec3d73f25469252f40fb8" + +typedarray-to-buffer@^3.1.2: + version "3.1.2" + resolved "https://registry.yarnpkg.com/typedarray-to-buffer/-/typedarray-to-buffer-3.1.2.tgz#1017b32d984ff556eba100f501589aba1ace2e04" + dependencies: + is-typedarray "^1.0.0" + +typedarray@^0.0.6: + version "0.0.6" + resolved "https://registry.yarnpkg.com/typedarray/-/typedarray-0.0.6.tgz#867ac74e3864187b1d3d47d996a78ec5c8830777" + +uid-number@^0.0.6: + version "0.0.6" + resolved "https://registry.yarnpkg.com/uid-number/-/uid-number-0.0.6.tgz#0ea10e8035e8eb5b8e4449f06da1c730663baa81" + +uid-safe@~2.1.2: + version "2.1.5" + resolved "https://registry.yarnpkg.com/uid-safe/-/uid-safe-2.1.5.tgz#2b3d5c7240e8fc2e58f8aa269e5ee49c0857bd3a" + dependencies: + random-bytes "~1.0.0" + +undefsafe@0.0.3: + version "0.0.3" + resolved "https://registry.yarnpkg.com/undefsafe/-/undefsafe-0.0.3.tgz#ecca3a03e56b9af17385baac812ac83b994a962f" + +unique-stream@^2.0.2: + version "2.2.1" + resolved "https://registry.yarnpkg.com/unique-stream/-/unique-stream-2.2.1.tgz#5aa003cfbe94c5ff866c4e7d668bb1c4dbadb369" + dependencies: + json-stable-stringify "^1.0.0" + through2-filter "^2.0.0" + +unpipe@1.0.0, unpipe@~1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/unpipe/-/unpipe-1.0.0.tgz#b2bf4ee8514aae6165b4817829d21b2ef49904ec" + +update-notifier@0.5.0: + version "0.5.0" + resolved "https://registry.yarnpkg.com/update-notifier/-/update-notifier-0.5.0.tgz#07b5dc2066b3627ab3b4f530130f7eddda07a4cc" + dependencies: + chalk "^1.0.0" + configstore "^1.0.0" + is-npm "^1.0.0" + latest-version "^1.0.0" + repeating "^1.1.2" + semver-diff "^2.0.0" + string-length "^1.0.0" + +user-home@^1.1.1: + version "1.1.1" + resolved "https://registry.yarnpkg.com/user-home/-/user-home-1.1.1.tgz#2b5be23a32b63a7c9deb8d0f28d485724a3df190" + +user-home@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/user-home/-/user-home-2.0.0.tgz#9c70bfd8169bc1dcbf48604e0f04b8b49cde9e9f" + dependencies: + os-homedir "^1.0.0" + +util-deprecate@~1.0.1: + version "1.0.2" + resolved "https://registry.yarnpkg.com/util-deprecate/-/util-deprecate-1.0.2.tgz#450d4dc9fa70de732762fbd2d4a28981419a0ccf" + +utils-merge@1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/utils-merge/-/utils-merge-1.0.0.tgz#0294fb922bb9375153541c4f7096231f287c8af8" + +uuid@^2.0.1: + version "2.0.3" + resolved "https://registry.yarnpkg.com/uuid/-/uuid-2.0.3.tgz#67e2e863797215530dff318e5bf9dcebfd47b21a" + +uuid@^3.0.0, uuid@^3.0.1: + version "3.1.0" + resolved "https://registry.yarnpkg.com/uuid/-/uuid-3.1.0.tgz#3dd3d3e790abc24d7b0d3a034ffababe28ebbc04" + +v8flags@^2.0.10: + version "2.1.1" + resolved "https://registry.yarnpkg.com/v8flags/-/v8flags-2.1.1.tgz#aab1a1fa30d45f88dd321148875ac02c0b55e5b4" + dependencies: + user-home "^1.1.1" + +vali-date@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/vali-date/-/vali-date-1.0.0.tgz#1b904a59609fb328ef078138420934f6b86709a6" + +validate-npm-package-license@^3.0.1: + version "3.0.1" + resolved "https://registry.yarnpkg.com/validate-npm-package-license/-/validate-npm-package-license-3.0.1.tgz#2804babe712ad3379459acfbe24746ab2c303fbc" + dependencies: + spdx-correct "~1.0.0" + spdx-expression-parse "~1.0.0" + +vary@^1, vary@~1.1.0: + version "1.1.1" + resolved "https://registry.yarnpkg.com/vary/-/vary-1.1.1.tgz#67535ebb694c1d52257457984665323f587e8d37" + +verror@1.10.0: + version "1.10.0" + resolved "https://registry.yarnpkg.com/verror/-/verror-1.10.0.tgz#3a105ca17053af55d6e270c1f8288682e18da400" + dependencies: + assert-plus "^1.0.0" + core-util-is "1.0.2" + extsprintf "^1.2.0" + +vinyl-assign@^1.0.1: + version "1.2.1" + resolved "https://registry.yarnpkg.com/vinyl-assign/-/vinyl-assign-1.2.1.tgz#4d198891b5515911d771a8cd9c5480a46a074a45" + dependencies: + object-assign "^4.0.1" + readable-stream "^2.0.0" + +vinyl-fs@^2.2.0: + version "2.4.4" + resolved "https://registry.yarnpkg.com/vinyl-fs/-/vinyl-fs-2.4.4.tgz#be6ff3270cb55dfd7d3063640de81f25d7532239" + dependencies: + duplexify "^3.2.0" + glob-stream "^5.3.2" + graceful-fs "^4.0.0" + gulp-sourcemaps "1.6.0" + is-valid-glob "^0.3.0" + lazystream "^1.0.0" + lodash.isequal "^4.0.0" + merge-stream "^1.0.0" + mkdirp "^0.5.0" + object-assign "^4.0.0" + readable-stream "^2.0.4" + strip-bom "^2.0.0" + strip-bom-stream "^1.0.0" + through2 "^2.0.0" + through2-filter "^2.0.0" + vali-date "^1.0.0" + vinyl "^1.0.0" + +vinyl@^0.4.3: + version "0.4.6" + resolved "https://registry.yarnpkg.com/vinyl/-/vinyl-0.4.6.tgz#2f356c87a550a255461f36bbeb2a5ba8bf784847" + dependencies: + clone "^0.2.0" + clone-stats "^0.0.1" + +vinyl@^1.0.0: + version "1.2.0" + resolved "https://registry.yarnpkg.com/vinyl/-/vinyl-1.2.0.tgz#5c88036cf565e5df05558bfc911f8656df218884" + dependencies: + clone "^1.0.0" + clone-stats "^0.0.1" + replace-ext "0.0.1" + +websocket@^1.0.23: + version "1.0.24" + resolved "https://registry.yarnpkg.com/websocket/-/websocket-1.0.24.tgz#74903e75f2545b6b2e1de1425bc1c905917a1890" + dependencies: + debug "^2.2.0" + nan "^2.3.3" + typedarray-to-buffer "^3.1.2" + yaeti "^0.0.6" + +wide-align@^1.1.0: + version "1.1.2" + resolved "https://registry.yarnpkg.com/wide-align/-/wide-align-1.1.2.tgz#571e0f1b0604636ebc0dfc21b0339bbe31341710" + dependencies: + string-width "^1.0.2" + +window-size@^0.1.4: + version "0.1.4" + resolved "https://registry.yarnpkg.com/window-size/-/window-size-0.1.4.tgz#f8e1aa1ee5a53ec5bf151ffa09742a6ad7697876" + +winston@^2.3.1: + version "2.3.1" + resolved "https://registry.yarnpkg.com/winston/-/winston-2.3.1.tgz#0b48420d978c01804cf0230b648861598225a119" + dependencies: + async "~1.0.0" + colors "1.0.x" + cycle "1.0.x" + eyes "0.1.x" + isstream "0.1.x" + stack-trace "0.0.x" + +wordwrap@~1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/wordwrap/-/wordwrap-1.0.0.tgz#27584810891456a4171c8d0226441ade90cbcaeb" + +wrap-ansi@^2.0.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/wrap-ansi/-/wrap-ansi-2.1.0.tgz#d8fc3d284dd05794fe84973caecdd1cf824fdd85" + dependencies: + string-width "^1.0.1" + strip-ansi "^3.0.1" + +wrappy@1: + version "1.0.2" + resolved "https://registry.yarnpkg.com/wrappy/-/wrappy-1.0.2.tgz#b5243d8f3ec1aa35f1364605bc0d1036e30ab69f" + +write-file-atomic@^1.1.2: + version "1.3.4" + resolved "https://registry.yarnpkg.com/write-file-atomic/-/write-file-atomic-1.3.4.tgz#f807a4f0b1d9e913ae7a48112e6cc3af1991b45f" + dependencies: + graceful-fs "^4.1.11" + imurmurhash "^0.1.4" + slide "^1.1.5" + +write@^0.2.1: + version "0.2.1" + resolved "https://registry.yarnpkg.com/write/-/write-0.2.1.tgz#5fc03828e264cea3fe91455476f7a3c566cb0757" + dependencies: + mkdirp "^0.5.1" + +xdg-basedir@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/xdg-basedir/-/xdg-basedir-2.0.0.tgz#edbc903cc385fc04523d966a335504b5504d1bd2" + dependencies: + os-homedir "^1.0.0" + +"xtend@>=4.0.0 <4.1.0-0", xtend@^4.0.0, xtend@^4.0.1, xtend@~4.0.0, xtend@~4.0.1: + version "4.0.1" + resolved "https://registry.yarnpkg.com/xtend/-/xtend-4.0.1.tgz#a5c6d532be656e23db820efb943a1f04998d63af" + +y18n@^3.2.0: + version "3.2.1" + resolved "https://registry.yarnpkg.com/y18n/-/y18n-3.2.1.tgz#6d15fba884c08679c0d77e88e7759e811e07fa41" + +yaeti@^0.0.6: + version "0.0.6" + resolved "https://registry.yarnpkg.com/yaeti/-/yaeti-0.0.6.tgz#f26f484d72684cf42bedfb76970aa1608fbf9577" + +yargs@^3.26.0: + version "3.32.0" + resolved "https://registry.yarnpkg.com/yargs/-/yargs-3.32.0.tgz#03088e9ebf9e756b69751611d2a5ef591482c995" + dependencies: + camelcase "^2.0.1" + cliui "^3.0.3" + decamelize "^1.1.1" + os-locale "^1.4.0" + string-width "^1.0.1" + window-size "^0.1.4" + y18n "^3.2.0" + +yauzl@^2.2.1: + version "2.8.0" + resolved "https://registry.yarnpkg.com/yauzl/-/yauzl-2.8.0.tgz#79450aff22b2a9c5a41ef54e02db907ccfbf9ee2" + dependencies: + buffer-crc32 "~0.2.3" + fd-slicer "~1.0.1" diff --git a/yarn.lock b/yarn.lock new file mode 100644 index 0000000..4edea39 --- /dev/null +++ b/yarn.lock @@ -0,0 +1,3047 @@ +# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY. +# yarn lockfile v1 + + +abbrev@1: + version "1.1.0" + resolved "https://registry.yarnpkg.com/abbrev/-/abbrev-1.1.0.tgz#d0554c2256636e2f56e7c2e5ad183f859428d81f" + +acorn-jsx@^3.0.0: + version "3.0.1" + resolved "https://registry.yarnpkg.com/acorn-jsx/-/acorn-jsx-3.0.1.tgz#afdf9488fb1ecefc8348f6fb22f464e32a58b36b" + dependencies: + acorn "^3.0.4" + +acorn@^3.0.4: + version "3.3.0" + resolved "https://registry.yarnpkg.com/acorn/-/acorn-3.3.0.tgz#45e37fb39e8da3f25baee3ff5369e2bb5f22017a" + +acorn@^5.1.1: + version "5.1.1" + resolved "https://registry.yarnpkg.com/acorn/-/acorn-5.1.1.tgz#53fe161111f912ab999ee887a90a0bc52822fd75" + +ajv-keywords@^1.0.0: + version "1.5.1" + resolved "https://registry.yarnpkg.com/ajv-keywords/-/ajv-keywords-1.5.1.tgz#314dd0a4b3368fad3dfcdc54ede6171b886daf3c" + +ajv@^4.7.0, ajv@^4.9.1: + version "4.11.8" + resolved "https://registry.yarnpkg.com/ajv/-/ajv-4.11.8.tgz#82ffb02b29e662ae53bdc20af15947706739c536" + dependencies: + co "^4.6.0" + json-stable-stringify "^1.0.1" + +ajv@^5.2.0: + version "5.2.2" + resolved "https://registry.yarnpkg.com/ajv/-/ajv-5.2.2.tgz#47c68d69e86f5d953103b0074a9430dc63da5e39" + dependencies: + co "^4.6.0" + fast-deep-equal "^1.0.0" + json-schema-traverse "^0.3.0" + json-stable-stringify "^1.0.1" + +ansi-escapes@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/ansi-escapes/-/ansi-escapes-2.0.0.tgz#5bae52be424878dd9783e8910e3fc2922e83c81b" + +ansi-regex@^2.0.0: + version "2.1.1" + resolved "https://registry.yarnpkg.com/ansi-regex/-/ansi-regex-2.1.1.tgz#c3b33ab5ee360d86e0e628f0468ae7ef27d654df" + +ansi-regex@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/ansi-regex/-/ansi-regex-3.0.0.tgz#ed0317c322064f79466c02966bddb605ab37d998" + +ansi-styles@^2.1.0, ansi-styles@^2.2.1: + version "2.2.1" + resolved "https://registry.yarnpkg.com/ansi-styles/-/ansi-styles-2.2.1.tgz#b432dd3358b634cf75e1e4664368240533c1ddbe" + +ansi-styles@^3.1.0: + version "3.2.0" + resolved "https://registry.yarnpkg.com/ansi-styles/-/ansi-styles-3.2.0.tgz#c159b8d5be0f9e5a6f346dab94f16ce022161b88" + dependencies: + color-convert "^1.9.0" + +anymatch@^1.3.0: + version "1.3.2" + resolved "https://registry.yarnpkg.com/anymatch/-/anymatch-1.3.2.tgz#553dcb8f91e3c889845dfdba34c77721b90b9d7a" + dependencies: + micromatch "^2.1.5" + normalize-path "^2.0.0" + +aproba@^1.0.3: + version "1.1.2" + resolved "https://registry.yarnpkg.com/aproba/-/aproba-1.1.2.tgz#45c6629094de4e96f693ef7eab74ae079c240fc1" + +are-we-there-yet@~1.1.2: + version "1.1.4" + resolved "https://registry.yarnpkg.com/are-we-there-yet/-/are-we-there-yet-1.1.4.tgz#bb5dca382bb94f05e15194373d16fd3ba1ca110d" + dependencies: + delegates "^1.0.0" + readable-stream "^2.0.6" + +argparse@^1.0.7: + version "1.0.9" + resolved "https://registry.yarnpkg.com/argparse/-/argparse-1.0.9.tgz#73d83bc263f86e97f8cc4f6bae1b0e90a7d22c86" + dependencies: + sprintf-js "~1.0.2" + +arr-diff@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/arr-diff/-/arr-diff-2.0.0.tgz#8f3b827f955a8bd669697e4a4256ac3ceae356cf" + dependencies: + arr-flatten "^1.0.1" + +arr-flatten@^1.0.1: + version "1.1.0" + resolved "https://registry.yarnpkg.com/arr-flatten/-/arr-flatten-1.1.0.tgz#36048bbff4e7b47e136644316c99669ea5ae91f1" + +array-find-index@^1.0.1: + version "1.0.2" + resolved "https://registry.yarnpkg.com/array-find-index/-/array-find-index-1.0.2.tgz#df010aa1287e164bbda6f9723b0a96a1ec4187a1" + +array-union@^1.0.1: + version "1.0.2" + resolved "https://registry.yarnpkg.com/array-union/-/array-union-1.0.2.tgz#9a34410e4f4e3da23dea375be5be70f24778ec39" + dependencies: + array-uniq "^1.0.1" + +array-uniq@^1.0.0, array-uniq@^1.0.1: + version "1.0.3" + resolved "https://registry.yarnpkg.com/array-uniq/-/array-uniq-1.0.3.tgz#af6ac877a25cc7f74e058894753858dfdb24fdb6" + +array-unique@^0.2.1: + version "0.2.1" + resolved "https://registry.yarnpkg.com/array-unique/-/array-unique-0.2.1.tgz#a1d97ccafcbc2625cc70fadceb36a50c58b01a53" + +arrify@^1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/arrify/-/arrify-1.0.1.tgz#898508da2226f380df904728456849c1501a4b0d" + +asn1@~0.2.3: + version "0.2.3" + resolved "https://registry.yarnpkg.com/asn1/-/asn1-0.2.3.tgz#dac8787713c9966849fc8180777ebe9c1ddf3b86" + +assert-plus@1.0.0, assert-plus@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/assert-plus/-/assert-plus-1.0.0.tgz#f12e0f3c5d77b0b1cdd9146942e4e96c1e4dd525" + +assert-plus@^0.2.0: + version "0.2.0" + resolved "https://registry.yarnpkg.com/assert-plus/-/assert-plus-0.2.0.tgz#d74e1b87e7affc0db8aadb7021f3fe48101ab234" + +assertion-error@^1.0.1: + version "1.0.2" + resolved "https://registry.yarnpkg.com/assertion-error/-/assertion-error-1.0.2.tgz#13ca515d86206da0bac66e834dd397d87581094c" + +ast-types@0.9.6: + version "0.9.6" + resolved "https://registry.yarnpkg.com/ast-types/-/ast-types-0.9.6.tgz#102c9e9e9005d3e7e3829bf0c4fa24ee862ee9b9" + +async-each@^1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/async-each/-/async-each-1.0.1.tgz#19d386a1d9edc6e7c1c85d388aedbcc56d33602d" + +asynckit@^0.4.0: + version "0.4.0" + resolved "https://registry.yarnpkg.com/asynckit/-/asynckit-0.4.0.tgz#c79ed97f7f34cb8f2ba1bc9790bcc366474b4b79" + +aws-sign2@~0.6.0: + version "0.6.0" + resolved "https://registry.yarnpkg.com/aws-sign2/-/aws-sign2-0.6.0.tgz#14342dd38dbcc94d0e5b87d763cd63612c0e794f" + +aws4@^1.2.1: + version "1.6.0" + resolved "https://registry.yarnpkg.com/aws4/-/aws4-1.6.0.tgz#83ef5ca860b2b32e4a0deedee8c771b9db57471e" + +babel-cli@6.16.0: + version "6.16.0" + resolved "https://registry.yarnpkg.com/babel-cli/-/babel-cli-6.16.0.tgz#4e0d1cf40442ef78330f7fef88eb3a0a1b16bd37" + dependencies: + babel-core "^6.16.0" + babel-polyfill "^6.16.0" + babel-register "^6.16.0" + babel-runtime "^6.9.0" + bin-version-check "^2.1.0" + chalk "1.1.1" + commander "^2.8.1" + convert-source-map "^1.1.0" + fs-readdir-recursive "^0.1.0" + glob "^5.0.5" + lodash "^4.2.0" + log-symbols "^1.0.2" + output-file-sync "^1.1.0" + path-exists "^1.0.0" + path-is-absolute "^1.0.0" + request "^2.65.0" + slash "^1.0.0" + source-map "^0.5.0" + v8flags "^2.0.10" + optionalDependencies: + chokidar "^1.0.0" + +babel-code-frame@^6.16.0, babel-code-frame@^6.22.0, babel-code-frame@^6.26.0: + version "6.26.0" + resolved "https://registry.yarnpkg.com/babel-code-frame/-/babel-code-frame-6.26.0.tgz#63fd43f7dc1e3bb7ce35947db8fe369a3f58c74b" + dependencies: + chalk "^1.1.3" + esutils "^2.0.2" + js-tokens "^3.0.2" + +babel-core@6.17.0: + version "6.17.0" + resolved "https://registry.yarnpkg.com/babel-core/-/babel-core-6.17.0.tgz#6c4576447df479e241e58c807e4bc7da4db7f425" + dependencies: + babel-code-frame "^6.16.0" + babel-generator "^6.17.0" + babel-helpers "^6.16.0" + babel-messages "^6.8.0" + babel-register "^6.16.0" + babel-runtime "^6.9.1" + babel-template "^6.16.0" + babel-traverse "^6.16.0" + babel-types "^6.16.0" + babylon "^6.11.0" + convert-source-map "^1.1.0" + debug "^2.1.1" + json5 "^0.4.0" + lodash "^4.2.0" + minimatch "^3.0.2" + path-exists "^1.0.0" + path-is-absolute "^1.0.0" + private "^0.1.6" + shebang-regex "^1.0.0" + slash "^1.0.0" + source-map "^0.5.0" + +babel-core@^6.16.0, babel-core@^6.26.0: + version "6.26.0" + resolved "https://registry.yarnpkg.com/babel-core/-/babel-core-6.26.0.tgz#af32f78b31a6fcef119c87b0fd8d9753f03a0bb8" + dependencies: + babel-code-frame "^6.26.0" + babel-generator "^6.26.0" + babel-helpers "^6.24.1" + babel-messages "^6.23.0" + babel-register "^6.26.0" + babel-runtime "^6.26.0" + babel-template "^6.26.0" + babel-traverse "^6.26.0" + babel-types "^6.26.0" + babylon "^6.18.0" + convert-source-map "^1.5.0" + debug "^2.6.8" + json5 "^0.5.1" + lodash "^4.17.4" + minimatch "^3.0.4" + path-is-absolute "^1.0.1" + private "^0.1.7" + slash "^1.0.0" + source-map "^0.5.6" + +babel-eslint@^7.0.0: + version "7.2.3" + resolved "https://registry.yarnpkg.com/babel-eslint/-/babel-eslint-7.2.3.tgz#b2fe2d80126470f5c19442dc757253a897710827" + dependencies: + babel-code-frame "^6.22.0" + babel-traverse "^6.23.1" + babel-types "^6.23.0" + babylon "^6.17.0" + +babel-generator@^6.17.0, babel-generator@^6.26.0: + version "6.26.0" + resolved "https://registry.yarnpkg.com/babel-generator/-/babel-generator-6.26.0.tgz#ac1ae20070b79f6e3ca1d3269613053774f20dc5" + dependencies: + babel-messages "^6.23.0" + babel-runtime "^6.26.0" + babel-types "^6.26.0" + detect-indent "^4.0.0" + jsesc "^1.3.0" + lodash "^4.17.4" + source-map "^0.5.6" + trim-right "^1.0.1" + +babel-helper-bindify-decorators@^6.24.1: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-helper-bindify-decorators/-/babel-helper-bindify-decorators-6.24.1.tgz#14c19e5f142d7b47f19a52431e52b1ccbc40a330" + dependencies: + babel-runtime "^6.22.0" + babel-traverse "^6.24.1" + babel-types "^6.24.1" + +babel-helper-builder-binary-assignment-operator-visitor@^6.24.1: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-helper-builder-binary-assignment-operator-visitor/-/babel-helper-builder-binary-assignment-operator-visitor-6.24.1.tgz#cce4517ada356f4220bcae8a02c2b346f9a56664" + dependencies: + babel-helper-explode-assignable-expression "^6.24.1" + babel-runtime "^6.22.0" + babel-types "^6.24.1" + +babel-helper-builder-react-jsx@^6.24.1: + version "6.26.0" + resolved "https://registry.yarnpkg.com/babel-helper-builder-react-jsx/-/babel-helper-builder-react-jsx-6.26.0.tgz#39ff8313b75c8b65dceff1f31d383e0ff2a408a0" + dependencies: + babel-runtime "^6.26.0" + babel-types "^6.26.0" + esutils "^2.0.2" + +babel-helper-call-delegate@^6.24.1: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-helper-call-delegate/-/babel-helper-call-delegate-6.24.1.tgz#ece6aacddc76e41c3461f88bfc575bd0daa2df8d" + dependencies: + babel-helper-hoist-variables "^6.24.1" + babel-runtime "^6.22.0" + babel-traverse "^6.24.1" + babel-types "^6.24.1" + +babel-helper-define-map@^6.24.1: + version "6.26.0" + resolved "https://registry.yarnpkg.com/babel-helper-define-map/-/babel-helper-define-map-6.26.0.tgz#a5f56dab41a25f97ecb498c7ebaca9819f95be5f" + dependencies: + babel-helper-function-name "^6.24.1" + babel-runtime "^6.26.0" + babel-types "^6.26.0" + lodash "^4.17.4" + +babel-helper-explode-assignable-expression@^6.24.1: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-helper-explode-assignable-expression/-/babel-helper-explode-assignable-expression-6.24.1.tgz#f25b82cf7dc10433c55f70592d5746400ac22caa" + dependencies: + babel-runtime "^6.22.0" + babel-traverse "^6.24.1" + babel-types "^6.24.1" + +babel-helper-explode-class@^6.24.1: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-helper-explode-class/-/babel-helper-explode-class-6.24.1.tgz#7dc2a3910dee007056e1e31d640ced3d54eaa9eb" + dependencies: + babel-helper-bindify-decorators "^6.24.1" + babel-runtime "^6.22.0" + babel-traverse "^6.24.1" + babel-types "^6.24.1" + +babel-helper-function-name@^6.24.1: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-helper-function-name/-/babel-helper-function-name-6.24.1.tgz#d3475b8c03ed98242a25b48351ab18399d3580a9" + dependencies: + babel-helper-get-function-arity "^6.24.1" + babel-runtime "^6.22.0" + babel-template "^6.24.1" + babel-traverse "^6.24.1" + babel-types "^6.24.1" + +babel-helper-get-function-arity@^6.24.1: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-helper-get-function-arity/-/babel-helper-get-function-arity-6.24.1.tgz#8f7782aa93407c41d3aa50908f89b031b1b6853d" + dependencies: + babel-runtime "^6.22.0" + babel-types "^6.24.1" + +babel-helper-hoist-variables@^6.24.1: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-helper-hoist-variables/-/babel-helper-hoist-variables-6.24.1.tgz#1ecb27689c9d25513eadbc9914a73f5408be7a76" + dependencies: + babel-runtime "^6.22.0" + babel-types "^6.24.1" + +babel-helper-optimise-call-expression@^6.24.1: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-helper-optimise-call-expression/-/babel-helper-optimise-call-expression-6.24.1.tgz#f7a13427ba9f73f8f4fa993c54a97882d1244257" + dependencies: + babel-runtime "^6.22.0" + babel-types "^6.24.1" + +babel-helper-regex@^6.24.1: + version "6.26.0" + resolved "https://registry.yarnpkg.com/babel-helper-regex/-/babel-helper-regex-6.26.0.tgz#325c59f902f82f24b74faceed0363954f6495e72" + dependencies: + babel-runtime "^6.26.0" + babel-types "^6.26.0" + lodash "^4.17.4" + +babel-helper-remap-async-to-generator@^6.24.1: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-helper-remap-async-to-generator/-/babel-helper-remap-async-to-generator-6.24.1.tgz#5ec581827ad723fecdd381f1c928390676e4551b" + dependencies: + babel-helper-function-name "^6.24.1" + babel-runtime "^6.22.0" + babel-template "^6.24.1" + babel-traverse "^6.24.1" + babel-types "^6.24.1" + +babel-helper-replace-supers@^6.24.1: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-helper-replace-supers/-/babel-helper-replace-supers-6.24.1.tgz#bf6dbfe43938d17369a213ca8a8bf74b6a90ab1a" + dependencies: + babel-helper-optimise-call-expression "^6.24.1" + babel-messages "^6.23.0" + babel-runtime "^6.22.0" + babel-template "^6.24.1" + babel-traverse "^6.24.1" + babel-types "^6.24.1" + +babel-helpers@^6.16.0, babel-helpers@^6.24.1: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-helpers/-/babel-helpers-6.24.1.tgz#3471de9caec388e5c850e597e58a26ddf37602b2" + dependencies: + babel-runtime "^6.22.0" + babel-template "^6.24.1" + +babel-messages@^6.23.0, babel-messages@^6.8.0: + version "6.23.0" + resolved "https://registry.yarnpkg.com/babel-messages/-/babel-messages-6.23.0.tgz#f3cdf4703858035b2a2951c6ec5edf6c62f2630e" + dependencies: + babel-runtime "^6.22.0" + +babel-plugin-check-es2015-constants@^6.3.13: + version "6.22.0" + resolved "https://registry.yarnpkg.com/babel-plugin-check-es2015-constants/-/babel-plugin-check-es2015-constants-6.22.0.tgz#35157b101426fd2ffd3da3f75c7d1e91835bbf8a" + dependencies: + babel-runtime "^6.22.0" + +babel-plugin-syntax-async-functions@^6.8.0: + version "6.13.0" + resolved "https://registry.yarnpkg.com/babel-plugin-syntax-async-functions/-/babel-plugin-syntax-async-functions-6.13.0.tgz#cad9cad1191b5ad634bf30ae0872391e0647be95" + +babel-plugin-syntax-async-generators@^6.5.0: + version "6.13.0" + resolved "https://registry.yarnpkg.com/babel-plugin-syntax-async-generators/-/babel-plugin-syntax-async-generators-6.13.0.tgz#6bc963ebb16eccbae6b92b596eb7f35c342a8b9a" + +babel-plugin-syntax-class-properties@^6.8.0: + version "6.13.0" + resolved "https://registry.yarnpkg.com/babel-plugin-syntax-class-properties/-/babel-plugin-syntax-class-properties-6.13.0.tgz#d7eb23b79a317f8543962c505b827c7d6cac27de" + +babel-plugin-syntax-decorators@^6.13.0: + version "6.13.0" + resolved "https://registry.yarnpkg.com/babel-plugin-syntax-decorators/-/babel-plugin-syntax-decorators-6.13.0.tgz#312563b4dbde3cc806cee3e416cceeaddd11ac0b" + +babel-plugin-syntax-exponentiation-operator@^6.8.0: + version "6.13.0" + resolved "https://registry.yarnpkg.com/babel-plugin-syntax-exponentiation-operator/-/babel-plugin-syntax-exponentiation-operator-6.13.0.tgz#9ee7e8337290da95288201a6a57f4170317830de" + +babel-plugin-syntax-flow@^6.18.0, babel-plugin-syntax-flow@^6.3.13: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-plugin-syntax-flow/-/babel-plugin-syntax-flow-6.18.0.tgz#4c3ab20a2af26aa20cd25995c398c4eb70310c8d" + +babel-plugin-syntax-jsx@^6.3.13, babel-plugin-syntax-jsx@^6.8.0: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babel-plugin-syntax-jsx/-/babel-plugin-syntax-jsx-6.18.0.tgz#0af32a9a6e13ca7a3fd5069e62d7b0f58d0d8946" + +babel-plugin-syntax-object-rest-spread@^6.8.0: + version "6.13.0" + resolved "https://registry.yarnpkg.com/babel-plugin-syntax-object-rest-spread/-/babel-plugin-syntax-object-rest-spread-6.13.0.tgz#fd6536f2bce13836ffa3a5458c4903a597bb3bf5" + +babel-plugin-syntax-trailing-function-commas@^6.22.0: + version "6.22.0" + resolved "https://registry.yarnpkg.com/babel-plugin-syntax-trailing-function-commas/-/babel-plugin-syntax-trailing-function-commas-6.22.0.tgz#ba0360937f8d06e40180a43fe0d5616fff532cf3" + +babel-plugin-transform-async-generator-functions@^6.24.1: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-async-generator-functions/-/babel-plugin-transform-async-generator-functions-6.24.1.tgz#f058900145fd3e9907a6ddf28da59f215258a5db" + dependencies: + babel-helper-remap-async-to-generator "^6.24.1" + babel-plugin-syntax-async-generators "^6.5.0" + babel-runtime "^6.22.0" + +babel-plugin-transform-async-to-generator@^6.24.1: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-async-to-generator/-/babel-plugin-transform-async-to-generator-6.24.1.tgz#6536e378aff6cb1d5517ac0e40eb3e9fc8d08761" + dependencies: + babel-helper-remap-async-to-generator "^6.24.1" + babel-plugin-syntax-async-functions "^6.8.0" + babel-runtime "^6.22.0" + +babel-plugin-transform-class-properties@^6.16.0: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-class-properties/-/babel-plugin-transform-class-properties-6.24.1.tgz#6a79763ea61d33d36f37b611aa9def81a81b46ac" + dependencies: + babel-helper-function-name "^6.24.1" + babel-plugin-syntax-class-properties "^6.8.0" + babel-runtime "^6.22.0" + babel-template "^6.24.1" + +babel-plugin-transform-decorators@^6.13.0: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-decorators/-/babel-plugin-transform-decorators-6.24.1.tgz#788013d8f8c6b5222bdf7b344390dfd77569e24d" + dependencies: + babel-helper-explode-class "^6.24.1" + babel-plugin-syntax-decorators "^6.13.0" + babel-runtime "^6.22.0" + babel-template "^6.24.1" + babel-types "^6.24.1" + +babel-plugin-transform-es2015-arrow-functions@^6.3.13: + version "6.22.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-arrow-functions/-/babel-plugin-transform-es2015-arrow-functions-6.22.0.tgz#452692cb711d5f79dc7f85e440ce41b9f244d221" + dependencies: + babel-runtime "^6.22.0" + +babel-plugin-transform-es2015-block-scoped-functions@^6.3.13: + version "6.22.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-block-scoped-functions/-/babel-plugin-transform-es2015-block-scoped-functions-6.22.0.tgz#bbc51b49f964d70cb8d8e0b94e820246ce3a6141" + dependencies: + babel-runtime "^6.22.0" + +babel-plugin-transform-es2015-block-scoping@^6.14.0: + version "6.26.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-block-scoping/-/babel-plugin-transform-es2015-block-scoping-6.26.0.tgz#d70f5299c1308d05c12f463813b0a09e73b1895f" + dependencies: + babel-runtime "^6.26.0" + babel-template "^6.26.0" + babel-traverse "^6.26.0" + babel-types "^6.26.0" + lodash "^4.17.4" + +babel-plugin-transform-es2015-classes@^6.14.0: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-classes/-/babel-plugin-transform-es2015-classes-6.24.1.tgz#5a4c58a50c9c9461e564b4b2a3bfabc97a2584db" + dependencies: + babel-helper-define-map "^6.24.1" + babel-helper-function-name "^6.24.1" + babel-helper-optimise-call-expression "^6.24.1" + babel-helper-replace-supers "^6.24.1" + babel-messages "^6.23.0" + babel-runtime "^6.22.0" + babel-template "^6.24.1" + babel-traverse "^6.24.1" + babel-types "^6.24.1" + +babel-plugin-transform-es2015-computed-properties@^6.3.13: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-computed-properties/-/babel-plugin-transform-es2015-computed-properties-6.24.1.tgz#6fe2a8d16895d5634f4cd999b6d3480a308159b3" + dependencies: + babel-runtime "^6.22.0" + babel-template "^6.24.1" + +babel-plugin-transform-es2015-destructuring@^6.16.0: + version "6.23.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-destructuring/-/babel-plugin-transform-es2015-destructuring-6.23.0.tgz#997bb1f1ab967f682d2b0876fe358d60e765c56d" + dependencies: + babel-runtime "^6.22.0" + +babel-plugin-transform-es2015-duplicate-keys@^6.6.0: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-duplicate-keys/-/babel-plugin-transform-es2015-duplicate-keys-6.24.1.tgz#73eb3d310ca969e3ef9ec91c53741a6f1576423e" + dependencies: + babel-runtime "^6.22.0" + babel-types "^6.24.1" + +babel-plugin-transform-es2015-for-of@^6.6.0: + version "6.23.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-for-of/-/babel-plugin-transform-es2015-for-of-6.23.0.tgz#f47c95b2b613df1d3ecc2fdb7573623c75248691" + dependencies: + babel-runtime "^6.22.0" + +babel-plugin-transform-es2015-function-name@^6.9.0: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-function-name/-/babel-plugin-transform-es2015-function-name-6.24.1.tgz#834c89853bc36b1af0f3a4c5dbaa94fd8eacaa8b" + dependencies: + babel-helper-function-name "^6.24.1" + babel-runtime "^6.22.0" + babel-types "^6.24.1" + +babel-plugin-transform-es2015-literals@^6.3.13: + version "6.22.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-literals/-/babel-plugin-transform-es2015-literals-6.22.0.tgz#4f54a02d6cd66cf915280019a31d31925377ca2e" + dependencies: + babel-runtime "^6.22.0" + +babel-plugin-transform-es2015-modules-amd@^6.24.1, babel-plugin-transform-es2015-modules-amd@^6.8.0: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-modules-amd/-/babel-plugin-transform-es2015-modules-amd-6.24.1.tgz#3b3e54017239842d6d19c3011c4bd2f00a00d154" + dependencies: + babel-plugin-transform-es2015-modules-commonjs "^6.24.1" + babel-runtime "^6.22.0" + babel-template "^6.24.1" + +babel-plugin-transform-es2015-modules-commonjs@^6.16.0, babel-plugin-transform-es2015-modules-commonjs@^6.24.1: + version "6.26.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-modules-commonjs/-/babel-plugin-transform-es2015-modules-commonjs-6.26.0.tgz#0d8394029b7dc6abe1a97ef181e00758dd2e5d8a" + dependencies: + babel-plugin-transform-strict-mode "^6.24.1" + babel-runtime "^6.26.0" + babel-template "^6.26.0" + babel-types "^6.26.0" + +babel-plugin-transform-es2015-modules-systemjs@^6.14.0: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-modules-systemjs/-/babel-plugin-transform-es2015-modules-systemjs-6.24.1.tgz#ff89a142b9119a906195f5f106ecf305d9407d23" + dependencies: + babel-helper-hoist-variables "^6.24.1" + babel-runtime "^6.22.0" + babel-template "^6.24.1" + +babel-plugin-transform-es2015-modules-umd@^6.12.0: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-modules-umd/-/babel-plugin-transform-es2015-modules-umd-6.24.1.tgz#ac997e6285cd18ed6176adb607d602344ad38468" + dependencies: + babel-plugin-transform-es2015-modules-amd "^6.24.1" + babel-runtime "^6.22.0" + babel-template "^6.24.1" + +babel-plugin-transform-es2015-object-super@^6.3.13: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-object-super/-/babel-plugin-transform-es2015-object-super-6.24.1.tgz#24cef69ae21cb83a7f8603dad021f572eb278f8d" + dependencies: + babel-helper-replace-supers "^6.24.1" + babel-runtime "^6.22.0" + +babel-plugin-transform-es2015-parameters@^6.16.0: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-parameters/-/babel-plugin-transform-es2015-parameters-6.24.1.tgz#57ac351ab49caf14a97cd13b09f66fdf0a625f2b" + dependencies: + babel-helper-call-delegate "^6.24.1" + babel-helper-get-function-arity "^6.24.1" + babel-runtime "^6.22.0" + babel-template "^6.24.1" + babel-traverse "^6.24.1" + babel-types "^6.24.1" + +babel-plugin-transform-es2015-shorthand-properties@^6.3.13: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-shorthand-properties/-/babel-plugin-transform-es2015-shorthand-properties-6.24.1.tgz#24f875d6721c87661bbd99a4622e51f14de38aa0" + dependencies: + babel-runtime "^6.22.0" + babel-types "^6.24.1" + +babel-plugin-transform-es2015-spread@^6.3.13: + version "6.22.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-spread/-/babel-plugin-transform-es2015-spread-6.22.0.tgz#d6d68a99f89aedc4536c81a542e8dd9f1746f8d1" + dependencies: + babel-runtime "^6.22.0" + +babel-plugin-transform-es2015-sticky-regex@^6.3.13: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-sticky-regex/-/babel-plugin-transform-es2015-sticky-regex-6.24.1.tgz#00c1cdb1aca71112cdf0cf6126c2ed6b457ccdbc" + dependencies: + babel-helper-regex "^6.24.1" + babel-runtime "^6.22.0" + babel-types "^6.24.1" + +babel-plugin-transform-es2015-template-literals@^6.6.0: + version "6.22.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-template-literals/-/babel-plugin-transform-es2015-template-literals-6.22.0.tgz#a84b3450f7e9f8f1f6839d6d687da84bb1236d8d" + dependencies: + babel-runtime "^6.22.0" + +babel-plugin-transform-es2015-typeof-symbol@^6.6.0: + version "6.23.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-typeof-symbol/-/babel-plugin-transform-es2015-typeof-symbol-6.23.0.tgz#dec09f1cddff94b52ac73d505c84df59dcceb372" + dependencies: + babel-runtime "^6.22.0" + +babel-plugin-transform-es2015-unicode-regex@^6.3.13: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-es2015-unicode-regex/-/babel-plugin-transform-es2015-unicode-regex-6.24.1.tgz#d38b12f42ea7323f729387f18a7c5ae1faeb35e9" + dependencies: + babel-helper-regex "^6.24.1" + babel-runtime "^6.22.0" + regexpu-core "^2.0.0" + +babel-plugin-transform-exponentiation-operator@^6.24.1: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-exponentiation-operator/-/babel-plugin-transform-exponentiation-operator-6.24.1.tgz#2ab0c9c7f3098fa48907772bb813fe41e8de3a0e" + dependencies: + babel-helper-builder-binary-assignment-operator-visitor "^6.24.1" + babel-plugin-syntax-exponentiation-operator "^6.8.0" + babel-runtime "^6.22.0" + +babel-plugin-transform-flow-strip-types@^6.3.13: + version "6.22.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-flow-strip-types/-/babel-plugin-transform-flow-strip-types-6.22.0.tgz#84cb672935d43714fdc32bce84568d87441cf7cf" + dependencies: + babel-plugin-syntax-flow "^6.18.0" + babel-runtime "^6.22.0" + +babel-plugin-transform-object-rest-spread@^6.22.0: + version "6.26.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-object-rest-spread/-/babel-plugin-transform-object-rest-spread-6.26.0.tgz#0f36692d50fef6b7e2d4b3ac1478137a963b7b06" + dependencies: + babel-plugin-syntax-object-rest-spread "^6.8.0" + babel-runtime "^6.26.0" + +babel-plugin-transform-react-display-name@^6.3.13: + version "6.25.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-react-display-name/-/babel-plugin-transform-react-display-name-6.25.0.tgz#67e2bf1f1e9c93ab08db96792e05392bf2cc28d1" + dependencies: + babel-runtime "^6.22.0" + +babel-plugin-transform-react-jsx-self@^6.11.0: + version "6.22.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-react-jsx-self/-/babel-plugin-transform-react-jsx-self-6.22.0.tgz#df6d80a9da2612a121e6ddd7558bcbecf06e636e" + dependencies: + babel-plugin-syntax-jsx "^6.8.0" + babel-runtime "^6.22.0" + +babel-plugin-transform-react-jsx-source@^6.3.13: + version "6.22.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-react-jsx-source/-/babel-plugin-transform-react-jsx-source-6.22.0.tgz#66ac12153f5cd2d17b3c19268f4bf0197f44ecd6" + dependencies: + babel-plugin-syntax-jsx "^6.8.0" + babel-runtime "^6.22.0" + +babel-plugin-transform-react-jsx@^6.3.13: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-react-jsx/-/babel-plugin-transform-react-jsx-6.24.1.tgz#840a028e7df460dfc3a2d29f0c0d91f6376e66a3" + dependencies: + babel-helper-builder-react-jsx "^6.24.1" + babel-plugin-syntax-jsx "^6.8.0" + babel-runtime "^6.22.0" + +babel-plugin-transform-regenerator@^6.16.0: + version "6.26.0" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-regenerator/-/babel-plugin-transform-regenerator-6.26.0.tgz#e0703696fbde27f0a3efcacf8b4dca2f7b3a8f2f" + dependencies: + regenerator-transform "^0.10.0" + +babel-plugin-transform-strict-mode@^6.24.1: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-plugin-transform-strict-mode/-/babel-plugin-transform-strict-mode-6.24.1.tgz#d5faf7aa578a65bbe591cf5edae04a0c67020758" + dependencies: + babel-runtime "^6.22.0" + babel-types "^6.24.1" + +babel-polyfill@^6.16.0: + version "6.26.0" + resolved "https://registry.yarnpkg.com/babel-polyfill/-/babel-polyfill-6.26.0.tgz#379937abc67d7895970adc621f284cd966cf2153" + dependencies: + babel-runtime "^6.26.0" + core-js "^2.5.0" + regenerator-runtime "^0.10.5" + +babel-preset-es2015@6.16.0: + version "6.16.0" + resolved "https://registry.yarnpkg.com/babel-preset-es2015/-/babel-preset-es2015-6.16.0.tgz#59acecd1efbebaf48f89404840f2fe78c4d2ad5c" + dependencies: + babel-plugin-check-es2015-constants "^6.3.13" + babel-plugin-transform-es2015-arrow-functions "^6.3.13" + babel-plugin-transform-es2015-block-scoped-functions "^6.3.13" + babel-plugin-transform-es2015-block-scoping "^6.14.0" + babel-plugin-transform-es2015-classes "^6.14.0" + babel-plugin-transform-es2015-computed-properties "^6.3.13" + babel-plugin-transform-es2015-destructuring "^6.16.0" + babel-plugin-transform-es2015-duplicate-keys "^6.6.0" + babel-plugin-transform-es2015-for-of "^6.6.0" + babel-plugin-transform-es2015-function-name "^6.9.0" + babel-plugin-transform-es2015-literals "^6.3.13" + babel-plugin-transform-es2015-modules-amd "^6.8.0" + babel-plugin-transform-es2015-modules-commonjs "^6.16.0" + babel-plugin-transform-es2015-modules-systemjs "^6.14.0" + babel-plugin-transform-es2015-modules-umd "^6.12.0" + babel-plugin-transform-es2015-object-super "^6.3.13" + babel-plugin-transform-es2015-parameters "^6.16.0" + babel-plugin-transform-es2015-shorthand-properties "^6.3.13" + babel-plugin-transform-es2015-spread "^6.3.13" + babel-plugin-transform-es2015-sticky-regex "^6.3.13" + babel-plugin-transform-es2015-template-literals "^6.6.0" + babel-plugin-transform-es2015-typeof-symbol "^6.6.0" + babel-plugin-transform-es2015-unicode-regex "^6.3.13" + babel-plugin-transform-regenerator "^6.16.0" + +babel-preset-react@6.16.0: + version "6.16.0" + resolved "https://registry.yarnpkg.com/babel-preset-react/-/babel-preset-react-6.16.0.tgz#aa117d60de0928607e343c4828906e4661824316" + dependencies: + babel-plugin-syntax-flow "^6.3.13" + babel-plugin-syntax-jsx "^6.3.13" + babel-plugin-transform-flow-strip-types "^6.3.13" + babel-plugin-transform-react-display-name "^6.3.13" + babel-plugin-transform-react-jsx "^6.3.13" + babel-plugin-transform-react-jsx-self "^6.11.0" + babel-plugin-transform-react-jsx-source "^6.3.13" + +babel-preset-stage-2@6.17.0: + version "6.17.0" + resolved "https://registry.yarnpkg.com/babel-preset-stage-2/-/babel-preset-stage-2-6.17.0.tgz#dc4f84582781353cef36c41247eae5e36c4cae0d" + dependencies: + babel-plugin-transform-class-properties "^6.16.0" + babel-plugin-transform-decorators "^6.13.0" + babel-preset-stage-3 "^6.17.0" + +babel-preset-stage-3@^6.17.0: + version "6.24.1" + resolved "https://registry.yarnpkg.com/babel-preset-stage-3/-/babel-preset-stage-3-6.24.1.tgz#836ada0a9e7a7fa37cb138fb9326f87934a48395" + dependencies: + babel-plugin-syntax-trailing-function-commas "^6.22.0" + babel-plugin-transform-async-generator-functions "^6.24.1" + babel-plugin-transform-async-to-generator "^6.24.1" + babel-plugin-transform-exponentiation-operator "^6.24.1" + babel-plugin-transform-object-rest-spread "^6.22.0" + +babel-register@6.16.3: + version "6.16.3" + resolved "https://registry.yarnpkg.com/babel-register/-/babel-register-6.16.3.tgz#7b0c0ca7bfdeb9188ba4c27e5fcb7599a497c624" + dependencies: + babel-core "^6.16.0" + babel-runtime "^6.11.6" + core-js "^2.4.0" + home-or-tmp "^1.0.0" + lodash "^4.2.0" + mkdirp "^0.5.1" + path-exists "^1.0.0" + source-map-support "^0.4.2" + +babel-register@^6.16.0, babel-register@^6.26.0: + version "6.26.0" + resolved "https://registry.yarnpkg.com/babel-register/-/babel-register-6.26.0.tgz#6ed021173e2fcb486d7acb45c6009a856f647071" + dependencies: + babel-core "^6.26.0" + babel-runtime "^6.26.0" + core-js "^2.5.0" + home-or-tmp "^2.0.0" + lodash "^4.17.4" + mkdirp "^0.5.1" + source-map-support "^0.4.15" + +babel-runtime@^6.11.6, babel-runtime@^6.18.0, babel-runtime@^6.22.0, babel-runtime@^6.26.0, babel-runtime@^6.9.0, babel-runtime@^6.9.1: + version "6.26.0" + resolved "https://registry.yarnpkg.com/babel-runtime/-/babel-runtime-6.26.0.tgz#965c7058668e82b55d7bfe04ff2337bc8b5647fe" + dependencies: + core-js "^2.4.0" + regenerator-runtime "^0.11.0" + +babel-template@^6.16.0, babel-template@^6.24.1, babel-template@^6.26.0: + version "6.26.0" + resolved "https://registry.yarnpkg.com/babel-template/-/babel-template-6.26.0.tgz#de03e2d16396b069f46dd9fff8521fb1a0e35e02" + dependencies: + babel-runtime "^6.26.0" + babel-traverse "^6.26.0" + babel-types "^6.26.0" + babylon "^6.18.0" + lodash "^4.17.4" + +babel-traverse@^6.16.0, babel-traverse@^6.23.1, babel-traverse@^6.24.1, babel-traverse@^6.26.0: + version "6.26.0" + resolved "https://registry.yarnpkg.com/babel-traverse/-/babel-traverse-6.26.0.tgz#46a9cbd7edcc62c8e5c064e2d2d8d0f4035766ee" + dependencies: + babel-code-frame "^6.26.0" + babel-messages "^6.23.0" + babel-runtime "^6.26.0" + babel-types "^6.26.0" + babylon "^6.18.0" + debug "^2.6.8" + globals "^9.18.0" + invariant "^2.2.2" + lodash "^4.17.4" + +babel-types@^6.16.0, babel-types@^6.19.0, babel-types@^6.23.0, babel-types@^6.24.1, babel-types@^6.26.0: + version "6.26.0" + resolved "https://registry.yarnpkg.com/babel-types/-/babel-types-6.26.0.tgz#a3b073f94ab49eb6fa55cd65227a334380632497" + dependencies: + babel-runtime "^6.26.0" + esutils "^2.0.2" + lodash "^4.17.4" + to-fast-properties "^1.0.3" + +babylon@^6.11.0, babylon@^6.14.1, babylon@^6.17.0, babylon@^6.18.0: + version "6.18.0" + resolved "https://registry.yarnpkg.com/babylon/-/babylon-6.18.0.tgz#af2f3b88fa6f5c1e4c634d1a0f8eac4f55b395e3" + +balanced-match@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/balanced-match/-/balanced-match-1.0.0.tgz#89b4d199ab2bee49de164ea02b89ce462d71b767" + +bcrypt-pbkdf@^1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.1.tgz#63bc5dcb61331b92bc05fd528953c33462a06f8d" + dependencies: + tweetnacl "^0.14.3" + +bin-version-check@^2.1.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/bin-version-check/-/bin-version-check-2.1.0.tgz#e4e5df290b9069f7d111324031efc13fdd11a5b0" + dependencies: + bin-version "^1.0.0" + minimist "^1.1.0" + semver "^4.0.3" + semver-truncate "^1.0.0" + +bin-version@^1.0.0: + version "1.0.4" + resolved "https://registry.yarnpkg.com/bin-version/-/bin-version-1.0.4.tgz#9eb498ee6fd76f7ab9a7c160436f89579435d78e" + dependencies: + find-versions "^1.0.0" + +binary-extensions@^1.0.0: + version "1.10.0" + resolved "https://registry.yarnpkg.com/binary-extensions/-/binary-extensions-1.10.0.tgz#9aeb9a6c5e88638aad171e167f5900abe24835d0" + +block-stream@*: + version "0.0.9" + resolved "https://registry.yarnpkg.com/block-stream/-/block-stream-0.0.9.tgz#13ebfe778a03205cfe03751481ebb4b3300c126a" + dependencies: + inherits "~2.0.0" + +boom@2.x.x: + version "2.10.1" + resolved "https://registry.yarnpkg.com/boom/-/boom-2.10.1.tgz#39c8918ceff5799f83f9492a848f625add0c766f" + dependencies: + hoek "2.x.x" + +brace-expansion@^1.1.7: + version "1.1.8" + resolved "https://registry.yarnpkg.com/brace-expansion/-/brace-expansion-1.1.8.tgz#c07b211c7c952ec1f8efd51a77ef0d1d3990a292" + dependencies: + balanced-match "^1.0.0" + concat-map "0.0.1" + +braces@^1.8.2: + version "1.8.5" + resolved "https://registry.yarnpkg.com/braces/-/braces-1.8.5.tgz#ba77962e12dff969d6b76711e914b737857bf6a7" + dependencies: + expand-range "^1.8.1" + preserve "^0.2.0" + repeat-element "^1.1.2" + +browser-stdout@1.3.0: + version "1.3.0" + resolved "https://registry.yarnpkg.com/browser-stdout/-/browser-stdout-1.3.0.tgz#f351d32969d32fa5d7a5567154263d928ae3bd1f" + +builtin-modules@^1.0.0, builtin-modules@^1.1.1: + version "1.1.1" + resolved "https://registry.yarnpkg.com/builtin-modules/-/builtin-modules-1.1.1.tgz#270f076c5a72c02f5b65a47df94c5fe3a278892f" + +caller-path@^0.1.0: + version "0.1.0" + resolved "https://registry.yarnpkg.com/caller-path/-/caller-path-0.1.0.tgz#94085ef63581ecd3daa92444a8fe94e82577751f" + dependencies: + callsites "^0.2.0" + +callsites@^0.2.0: + version "0.2.0" + resolved "https://registry.yarnpkg.com/callsites/-/callsites-0.2.0.tgz#afab96262910a7f33c19a5775825c69f34e350ca" + +camelcase-keys@^2.0.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/camelcase-keys/-/camelcase-keys-2.1.0.tgz#308beeaffdf28119051efa1d932213c91b8f92e7" + dependencies: + camelcase "^2.0.0" + map-obj "^1.0.0" + +camelcase@^2.0.0: + version "2.1.1" + resolved "https://registry.yarnpkg.com/camelcase/-/camelcase-2.1.1.tgz#7c1d16d679a1bbe59ca02cacecfb011e201f5a1f" + +caseless@~0.12.0: + version "0.12.0" + resolved "https://registry.yarnpkg.com/caseless/-/caseless-0.12.0.tgz#1b681c21ff84033c826543090689420d187151dc" + +chai-diff@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/chai-diff/-/chai-diff-1.0.1.tgz#6c66894700d80cd90350ab4e4403625d4f53a1c1" + dependencies: + diff "^2.2.1" + +chai@^3.5.0: + version "3.5.0" + resolved "https://registry.yarnpkg.com/chai/-/chai-3.5.0.tgz#4d02637b067fe958bdbfdd3a40ec56fef7373247" + dependencies: + assertion-error "^1.0.1" + deep-eql "^0.1.3" + type-detect "^1.0.0" + +chalk@1.1.1: + version "1.1.1" + resolved "https://registry.yarnpkg.com/chalk/-/chalk-1.1.1.tgz#509afb67066e7499f7eb3535c77445772ae2d019" + dependencies: + ansi-styles "^2.1.0" + escape-string-regexp "^1.0.2" + has-ansi "^2.0.0" + strip-ansi "^3.0.0" + supports-color "^2.0.0" + +chalk@^1.0.0, chalk@^1.1.1, chalk@^1.1.3: + version "1.1.3" + resolved "https://registry.yarnpkg.com/chalk/-/chalk-1.1.3.tgz#a8115c55e4a702fe4d150abd3872822a7e09fc98" + dependencies: + ansi-styles "^2.2.1" + escape-string-regexp "^1.0.2" + has-ansi "^2.0.0" + strip-ansi "^3.0.0" + supports-color "^2.0.0" + +chalk@^2.0.0, chalk@^2.1.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/chalk/-/chalk-2.1.0.tgz#ac5becf14fa21b99c6c92ca7a7d7cfd5b17e743e" + dependencies: + ansi-styles "^3.1.0" + escape-string-regexp "^1.0.5" + supports-color "^4.0.0" + +charenc@~0.0.1: + version "0.0.2" + resolved "https://registry.yarnpkg.com/charenc/-/charenc-0.0.2.tgz#c0a1d2f3a7092e03774bfa83f14c0fc5790a8667" + +chokidar@^1.0.0: + version "1.7.0" + resolved "https://registry.yarnpkg.com/chokidar/-/chokidar-1.7.0.tgz#798e689778151c8076b4b360e5edd28cda2bb468" + dependencies: + anymatch "^1.3.0" + async-each "^1.0.0" + glob-parent "^2.0.0" + inherits "^2.0.1" + is-binary-path "^1.0.0" + is-glob "^2.0.0" + path-is-absolute "^1.0.0" + readdirp "^2.0.0" + optionalDependencies: + fsevents "^1.0.0" + +circular-json@^0.3.1: + version "0.3.3" + resolved "https://registry.yarnpkg.com/circular-json/-/circular-json-0.3.3.tgz#815c99ea84f6809529d2f45791bdf82711352d66" + +cli-cursor@^2.1.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/cli-cursor/-/cli-cursor-2.1.0.tgz#b35dac376479facc3e94747d41d0d0f5238ffcb5" + dependencies: + restore-cursor "^2.0.0" + +cli-width@^2.0.0: + version "2.2.0" + resolved "https://registry.yarnpkg.com/cli-width/-/cli-width-2.2.0.tgz#ff19ede8a9a5e579324147b0c11f0fbcbabed639" + +co@^4.6.0: + version "4.6.0" + resolved "https://registry.yarnpkg.com/co/-/co-4.6.0.tgz#6ea6bdf3d853ae54ccb8e47bfa0bf3f9031fb184" + +code-point-at@^1.0.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/code-point-at/-/code-point-at-1.1.0.tgz#0d070b4d043a5bea33a2f1a40e2edb3d9a4ccf77" + +color-convert@^1.9.0: + version "1.9.0" + resolved "https://registry.yarnpkg.com/color-convert/-/color-convert-1.9.0.tgz#1accf97dd739b983bf994d56fec8f95853641b7a" + dependencies: + color-name "^1.1.1" + +color-name@^1.1.1: + version "1.1.3" + resolved "https://registry.yarnpkg.com/color-name/-/color-name-1.1.3.tgz#a7d0558bd89c42f795dd42328f740831ca53bc25" + +combined-stream@^1.0.5, combined-stream@~1.0.5: + version "1.0.5" + resolved "https://registry.yarnpkg.com/combined-stream/-/combined-stream-1.0.5.tgz#938370a57b4a51dea2c77c15d5c5fdf895164009" + dependencies: + delayed-stream "~1.0.0" + +commander@2.9.0: + version "2.9.0" + resolved "https://registry.yarnpkg.com/commander/-/commander-2.9.0.tgz#9c99094176e12240cb22d6c5146098400fe0f7d4" + dependencies: + graceful-readlink ">= 1.0.0" + +commander@^2.8.1: + version "2.11.0" + resolved "https://registry.yarnpkg.com/commander/-/commander-2.11.0.tgz#157152fd1e7a6c8d98a5b715cf376df928004563" + +concat-map@0.0.1: + version "0.0.1" + resolved "https://registry.yarnpkg.com/concat-map/-/concat-map-0.0.1.tgz#d8a96bd77fd68df7793a73036a3ba0d5405d477b" + +concat-stream@^1.6.0: + version "1.6.0" + resolved "https://registry.yarnpkg.com/concat-stream/-/concat-stream-1.6.0.tgz#0aac662fd52be78964d5532f694784e70110acf7" + dependencies: + inherits "^2.0.3" + readable-stream "^2.2.2" + typedarray "^0.0.6" + +console-control-strings@^1.0.0, console-control-strings@~1.1.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/console-control-strings/-/console-control-strings-1.1.0.tgz#3d7cf4464db6446ea644bf4b39507f9851008e8e" + +contains-path@^0.1.0: + version "0.1.0" + resolved "https://registry.yarnpkg.com/contains-path/-/contains-path-0.1.0.tgz#fe8cf184ff6670b6baef01a9d4861a5cbec4120a" + +convert-source-map@^1.1.0, convert-source-map@^1.5.0: + version "1.5.0" + resolved "https://registry.yarnpkg.com/convert-source-map/-/convert-source-map-1.5.0.tgz#9acd70851c6d5dfdd93d9282e5edf94a03ff46b5" + +core-js@^2.4.0, core-js@^2.5.0: + version "2.5.0" + resolved "https://registry.yarnpkg.com/core-js/-/core-js-2.5.0.tgz#569c050918be6486b3837552028ae0466b717086" + +core-util-is@1.0.2, core-util-is@~1.0.0: + version "1.0.2" + resolved "https://registry.yarnpkg.com/core-util-is/-/core-util-is-1.0.2.tgz#b5fd54220aa2bc5ab57aab7140c940754503c1a7" + +cpr@^2.0.0: + version "2.2.0" + resolved "https://registry.yarnpkg.com/cpr/-/cpr-2.2.0.tgz#2dc6c87dfb78012489cdd994227628c320e9a17b" + dependencies: + graceful-fs "^4.1.5" + minimist "^1.2.0" + mkdirp "~0.5.1" + rimraf "^2.5.4" + +cross-spawn@^5.1.0: + version "5.1.0" + resolved "https://registry.yarnpkg.com/cross-spawn/-/cross-spawn-5.1.0.tgz#e8bd0efee58fcff6f8f94510a0a554bbfa235449" + dependencies: + lru-cache "^4.0.1" + shebang-command "^1.2.0" + which "^1.2.9" + +crypt@~0.0.1: + version "0.0.2" + resolved "https://registry.yarnpkg.com/crypt/-/crypt-0.0.2.tgz#88d7ff7ec0dfb86f713dc87bbb42d044d3e6c41b" + +cryptiles@2.x.x: + version "2.0.5" + resolved "https://registry.yarnpkg.com/cryptiles/-/cryptiles-2.0.5.tgz#3bdfecdc608147c1c67202fa291e7dca59eaa3b8" + dependencies: + boom "2.x.x" + +currently-unhandled@^0.4.1: + version "0.4.1" + resolved "https://registry.yarnpkg.com/currently-unhandled/-/currently-unhandled-0.4.1.tgz#988df33feab191ef799a61369dd76c17adf957ea" + dependencies: + array-find-index "^1.0.1" + +d@1: + version "1.0.0" + resolved "https://registry.yarnpkg.com/d/-/d-1.0.0.tgz#754bb5bfe55451da69a58b94d45f4c5b0462d58f" + dependencies: + es5-ext "^0.10.9" + +damerau-levenshtein@^1.0.0: + version "1.0.4" + resolved "https://registry.yarnpkg.com/damerau-levenshtein/-/damerau-levenshtein-1.0.4.tgz#03191c432cb6eea168bb77f3a55ffdccb8978514" + +dashdash@^1.12.0: + version "1.14.1" + resolved "https://registry.yarnpkg.com/dashdash/-/dashdash-1.14.1.tgz#853cfa0f7cbe2fed5de20326b8dd581035f6e2f0" + dependencies: + assert-plus "^1.0.0" + +debug@2.6.8, debug@^2.1.1, debug@^2.2.0, debug@^2.6.8: + version "2.6.8" + resolved "https://registry.yarnpkg.com/debug/-/debug-2.6.8.tgz#e731531ca2ede27d188222427da17821d68ff4fc" + dependencies: + ms "2.0.0" + +decamelize@^1.1.2: + version "1.2.0" + resolved "https://registry.yarnpkg.com/decamelize/-/decamelize-1.2.0.tgz#f6534d15148269b20352e7bee26f501f9a191290" + +deep-eql@^0.1.3: + version "0.1.3" + resolved "https://registry.yarnpkg.com/deep-eql/-/deep-eql-0.1.3.tgz#ef558acab8de25206cd713906d74e56930eb69f2" + dependencies: + type-detect "0.1.1" + +deep-extend@~0.4.0: + version "0.4.2" + resolved "https://registry.yarnpkg.com/deep-extend/-/deep-extend-0.4.2.tgz#48b699c27e334bf89f10892be432f6e4c7d34a7f" + +deep-is@~0.1.3: + version "0.1.3" + resolved "https://registry.yarnpkg.com/deep-is/-/deep-is-0.1.3.tgz#b369d6fb5dbc13eecf524f91b070feedc357cf34" + +del@^2.0.2: + version "2.2.2" + resolved "https://registry.yarnpkg.com/del/-/del-2.2.2.tgz#c12c981d067846c84bcaf862cff930d907ffd1a8" + dependencies: + globby "^5.0.0" + is-path-cwd "^1.0.0" + is-path-in-cwd "^1.0.0" + object-assign "^4.0.1" + pify "^2.0.0" + pinkie-promise "^2.0.0" + rimraf "^2.2.8" + +delayed-stream@~1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/delayed-stream/-/delayed-stream-1.0.0.tgz#df3ae199acadfb7d440aaae0b29e2272b24ec619" + +delegates@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/delegates/-/delegates-1.0.0.tgz#84c6e159b81904fdca59a0ef44cd870d31250f9a" + +denodeify@^1.2.1: + version "1.2.1" + resolved "https://registry.yarnpkg.com/denodeify/-/denodeify-1.2.1.tgz#3a36287f5034e699e7577901052c2e6c94251631" + +detect-indent@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/detect-indent/-/detect-indent-4.0.0.tgz#f76d064352cdf43a1cb6ce619c4ee3a9475de208" + dependencies: + repeating "^2.0.0" + +diff@3.2.0: + version "3.2.0" + resolved "https://registry.yarnpkg.com/diff/-/diff-3.2.0.tgz#c9ce393a4b7cbd0b058a725c93df299027868ff9" + +diff@^2.2.1: + version "2.2.3" + resolved "https://registry.yarnpkg.com/diff/-/diff-2.2.3.tgz#60eafd0d28ee906e4e8ff0a52c1229521033bf99" + +doctrine@1.3.x: + version "1.3.0" + resolved "https://registry.yarnpkg.com/doctrine/-/doctrine-1.3.0.tgz#13e75682b55518424276f7c173783456ef913d26" + dependencies: + esutils "^2.0.2" + isarray "^1.0.0" + +doctrine@^1.2.2: + version "1.5.0" + resolved "https://registry.yarnpkg.com/doctrine/-/doctrine-1.5.0.tgz#379dce730f6166f76cefa4e6707a159b02c5a6fa" + dependencies: + esutils "^2.0.2" + isarray "^1.0.0" + +doctrine@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/doctrine/-/doctrine-2.0.0.tgz#c73d8d2909d22291e1a007a395804da8b665fe63" + dependencies: + esutils "^2.0.2" + isarray "^1.0.0" + +dom-walk@^0.1.0: + version "0.1.1" + resolved "https://registry.yarnpkg.com/dom-walk/-/dom-walk-0.1.1.tgz#672226dc74c8f799ad35307df936aba11acd6018" + +ecc-jsbn@~0.1.1: + version "0.1.1" + resolved "https://registry.yarnpkg.com/ecc-jsbn/-/ecc-jsbn-0.1.1.tgz#0fc73a9ed5f0d53c38193398523ef7e543777505" + dependencies: + jsbn "~0.1.0" + +encoding@^0.1.11: + version "0.1.12" + resolved "https://registry.yarnpkg.com/encoding/-/encoding-0.1.12.tgz#538b66f3ee62cd1ab51ec323829d1f9480c74beb" + dependencies: + iconv-lite "~0.4.13" + +error-ex@^1.2.0: + version "1.3.1" + resolved "https://registry.yarnpkg.com/error-ex/-/error-ex-1.3.1.tgz#f855a86ce61adc4e8621c3cda21e7a7612c3a8dc" + dependencies: + is-arrayish "^0.2.1" + +es5-ext@^0.10.14, es5-ext@^0.10.9, es5-ext@~0.10.14: + version "0.10.30" + resolved "https://registry.yarnpkg.com/es5-ext/-/es5-ext-0.10.30.tgz#7141a16836697dbabfaaaeee41495ce29f52c939" + dependencies: + es6-iterator "2" + es6-symbol "~3.1" + +es6-iterator@2, es6-iterator@~2.0.1: + version "2.0.1" + resolved "https://registry.yarnpkg.com/es6-iterator/-/es6-iterator-2.0.1.tgz#8e319c9f0453bf575d374940a655920e59ca5512" + dependencies: + d "1" + es5-ext "^0.10.14" + es6-symbol "^3.1" + +es6-map@^0.1.3: + version "0.1.5" + resolved "https://registry.yarnpkg.com/es6-map/-/es6-map-0.1.5.tgz#9136e0503dcc06a301690f0bb14ff4e364e949f0" + dependencies: + d "1" + es5-ext "~0.10.14" + es6-iterator "~2.0.1" + es6-set "~0.1.5" + es6-symbol "~3.1.1" + event-emitter "~0.3.5" + +es6-set@^0.1.4, es6-set@~0.1.5: + version "0.1.5" + resolved "https://registry.yarnpkg.com/es6-set/-/es6-set-0.1.5.tgz#d2b3ec5d4d800ced818db538d28974db0a73ccb1" + dependencies: + d "1" + es5-ext "~0.10.14" + es6-iterator "~2.0.1" + es6-symbol "3.1.1" + event-emitter "~0.3.5" + +es6-symbol@3.1.1, es6-symbol@^3.1, es6-symbol@~3.1, es6-symbol@~3.1.1: + version "3.1.1" + resolved "https://registry.yarnpkg.com/es6-symbol/-/es6-symbol-3.1.1.tgz#bf00ef4fdab6ba1b46ecb7b629b4c7ed5715cc77" + dependencies: + d "1" + es5-ext "~0.10.14" + +escape-string-regexp@1.0.5, escape-string-regexp@^1.0.2, escape-string-regexp@^1.0.5: + version "1.0.5" + resolved "https://registry.yarnpkg.com/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz#1b61c0562190a8dff6ae3bb2cf0200ca130b86d4" + +eslint-config-airbnb-base@^8.0.0: + version "8.0.0" + resolved "https://registry.yarnpkg.com/eslint-config-airbnb-base/-/eslint-config-airbnb-base-8.0.0.tgz#c5e958a469ab8af76aff068b43d784e5afe74ca7" + +eslint-config-airbnb@12.0.0: + version "12.0.0" + resolved "https://registry.yarnpkg.com/eslint-config-airbnb/-/eslint-config-airbnb-12.0.0.tgz#ab282b756a25f03d04ac264c24d673a08a803270" + dependencies: + eslint-config-airbnb-base "^8.0.0" + +eslint-import-resolver-node@^0.2.0: + version "0.2.3" + resolved "https://registry.yarnpkg.com/eslint-import-resolver-node/-/eslint-import-resolver-node-0.2.3.tgz#5add8106e8c928db2cba232bcd9efa846e3da16c" + dependencies: + debug "^2.2.0" + object-assign "^4.0.1" + resolve "^1.1.6" + +eslint-plugin-babel@3.3.0: + version "3.3.0" + resolved "https://registry.yarnpkg.com/eslint-plugin-babel/-/eslint-plugin-babel-3.3.0.tgz#2f494aedcf6f4aa4e75b9155980837bc1fbde193" + +eslint-plugin-import@1.16.0: + version "1.16.0" + resolved "https://registry.yarnpkg.com/eslint-plugin-import/-/eslint-plugin-import-1.16.0.tgz#b2fa07ebcc53504d0f2a4477582ec8bff1871b9f" + dependencies: + builtin-modules "^1.1.1" + contains-path "^0.1.0" + debug "^2.2.0" + doctrine "1.3.x" + es6-map "^0.1.3" + es6-set "^0.1.4" + eslint-import-resolver-node "^0.2.0" + has "^1.0.1" + lodash.cond "^4.3.0" + lodash.endswith "^4.0.1" + lodash.find "^4.3.0" + lodash.findindex "^4.3.0" + minimatch "^3.0.3" + object-assign "^4.0.1" + pkg-dir "^1.0.0" + pkg-up "^1.0.0" + +eslint-plugin-jsx-a11y@2.2.3: + version "2.2.3" + resolved "https://registry.yarnpkg.com/eslint-plugin-jsx-a11y/-/eslint-plugin-jsx-a11y-2.2.3.tgz#4e35cb71b8a7db702ac415c806eb8e8d9ea6c65d" + dependencies: + damerau-levenshtein "^1.0.0" + jsx-ast-utils "^1.0.0" + object-assign "^4.0.1" + +eslint-plugin-react@6.4.1: + version "6.4.1" + resolved "https://registry.yarnpkg.com/eslint-plugin-react/-/eslint-plugin-react-6.4.1.tgz#7d1aade747db15892f71eee1fea4addf97bcfa2b" + dependencies: + doctrine "^1.2.2" + jsx-ast-utils "^1.3.1" + +eslint-scope@^3.7.1: + version "3.7.1" + resolved "https://registry.yarnpkg.com/eslint-scope/-/eslint-scope-3.7.1.tgz#3d63c3edfda02e06e01a452ad88caacc7cdcb6e8" + dependencies: + esrecurse "^4.1.0" + estraverse "^4.1.1" + +eslint@^4.0.0: + version "4.5.0" + resolved "https://registry.yarnpkg.com/eslint/-/eslint-4.5.0.tgz#bb75d3b8bde97fb5e13efcd539744677feb019c3" + dependencies: + ajv "^5.2.0" + babel-code-frame "^6.22.0" + chalk "^2.1.0" + concat-stream "^1.6.0" + cross-spawn "^5.1.0" + debug "^2.6.8" + doctrine "^2.0.0" + eslint-scope "^3.7.1" + espree "^3.5.0" + esquery "^1.0.0" + estraverse "^4.2.0" + esutils "^2.0.2" + file-entry-cache "^2.0.0" + functional-red-black-tree "^1.0.1" + glob "^7.1.2" + globals "^9.17.0" + ignore "^3.3.3" + imurmurhash "^0.1.4" + inquirer "^3.0.6" + is-resolvable "^1.0.0" + js-yaml "^3.9.1" + json-stable-stringify "^1.0.1" + levn "^0.3.0" + lodash "^4.17.4" + minimatch "^3.0.2" + mkdirp "^0.5.1" + natural-compare "^1.4.0" + optionator "^0.8.2" + path-is-inside "^1.0.2" + pluralize "^4.0.0" + progress "^2.0.0" + require-uncached "^1.0.3" + semver "^5.3.0" + strip-ansi "^4.0.0" + strip-json-comments "~2.0.1" + table "^4.0.1" + text-table "~0.2.0" + +espree@^3.5.0: + version "3.5.0" + resolved "https://registry.yarnpkg.com/espree/-/espree-3.5.0.tgz#98358625bdd055861ea27e2867ea729faf463d8d" + dependencies: + acorn "^5.1.1" + acorn-jsx "^3.0.0" + +esprima@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/esprima/-/esprima-4.0.0.tgz#4499eddcd1110e0b218bacf2fa7f7f59f55ca804" + +esprima@~3.1.0: + version "3.1.3" + resolved "https://registry.yarnpkg.com/esprima/-/esprima-3.1.3.tgz#fdca51cee6133895e3c88d535ce49dbff62a4633" + +esquery@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/esquery/-/esquery-1.0.0.tgz#cfba8b57d7fba93f17298a8a006a04cda13d80fa" + dependencies: + estraverse "^4.0.0" + +esrecurse@^4.1.0: + version "4.2.0" + resolved "https://registry.yarnpkg.com/esrecurse/-/esrecurse-4.2.0.tgz#fa9568d98d3823f9a41d91e902dcab9ea6e5b163" + dependencies: + estraverse "^4.1.0" + object-assign "^4.0.1" + +estraverse@^4.0.0, estraverse@^4.1.0, estraverse@^4.1.1, estraverse@^4.2.0: + version "4.2.0" + resolved "https://registry.yarnpkg.com/estraverse/-/estraverse-4.2.0.tgz#0dee3fed31fcd469618ce7342099fc1afa0bdb13" + +esutils@^2.0.2: + version "2.0.2" + resolved "https://registry.yarnpkg.com/esutils/-/esutils-2.0.2.tgz#0abf4f1caa5bcb1f7a9d8acc6dea4faaa04bac9b" + +event-emitter@~0.3.5: + version "0.3.5" + resolved "https://registry.yarnpkg.com/event-emitter/-/event-emitter-0.3.5.tgz#df8c69eef1647923c7157b9ce83840610b02cc39" + dependencies: + d "1" + es5-ext "~0.10.14" + +expand-brackets@^0.1.4: + version "0.1.5" + resolved "https://registry.yarnpkg.com/expand-brackets/-/expand-brackets-0.1.5.tgz#df07284e342a807cd733ac5af72411e581d1177b" + dependencies: + is-posix-bracket "^0.1.0" + +expand-range@^1.8.1: + version "1.8.2" + resolved "https://registry.yarnpkg.com/expand-range/-/expand-range-1.8.2.tgz#a299effd335fe2721ebae8e257ec79644fc85337" + dependencies: + fill-range "^2.1.0" + +extend@~3.0.0: + version "3.0.1" + resolved "https://registry.yarnpkg.com/extend/-/extend-3.0.1.tgz#a755ea7bc1adfcc5a31ce7e762dbaadc5e636444" + +external-editor@^2.0.4: + version "2.0.4" + resolved "https://registry.yarnpkg.com/external-editor/-/external-editor-2.0.4.tgz#1ed9199da9cbfe2ef2f7a31b2fde8b0d12368972" + dependencies: + iconv-lite "^0.4.17" + jschardet "^1.4.2" + tmp "^0.0.31" + +extglob@^0.3.1: + version "0.3.2" + resolved "https://registry.yarnpkg.com/extglob/-/extglob-0.3.2.tgz#2e18ff3d2f49ab2765cec9023f011daa8d8349a1" + dependencies: + is-extglob "^1.0.0" + +extsprintf@1.3.0, extsprintf@^1.2.0: + version "1.3.0" + resolved "https://registry.yarnpkg.com/extsprintf/-/extsprintf-1.3.0.tgz#96918440e3041a7a414f8c52e3c574eb3c3e1e05" + +fast-deep-equal@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/fast-deep-equal/-/fast-deep-equal-1.0.0.tgz#96256a3bc975595eb36d82e9929d060d893439ff" + +fast-levenshtein@~2.0.4: + version "2.0.6" + resolved "https://registry.yarnpkg.com/fast-levenshtein/-/fast-levenshtein-2.0.6.tgz#3d8a5c66883a16a30ca8643e851f19baa7797917" + +figures@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/figures/-/figures-2.0.0.tgz#3ab1a2d2a62c8bfb431a0c94cb797a2fce27c962" + dependencies: + escape-string-regexp "^1.0.5" + +file-entry-cache@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/file-entry-cache/-/file-entry-cache-2.0.0.tgz#c392990c3e684783d838b8c84a45d8a048458361" + dependencies: + flat-cache "^1.2.1" + object-assign "^4.0.1" + +filename-regex@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/filename-regex/-/filename-regex-2.0.1.tgz#c1c4b9bee3e09725ddb106b75c1e301fe2f18b26" + +fill-range@^2.1.0: + version "2.2.3" + resolved "https://registry.yarnpkg.com/fill-range/-/fill-range-2.2.3.tgz#50b77dfd7e469bc7492470963699fe7a8485a723" + dependencies: + is-number "^2.1.0" + isobject "^2.0.0" + randomatic "^1.1.3" + repeat-element "^1.1.2" + repeat-string "^1.5.2" + +find-up@^1.0.0: + version "1.1.2" + resolved "https://registry.yarnpkg.com/find-up/-/find-up-1.1.2.tgz#6b2e9822b1a2ce0a60ab64d610eccad53cb24d0f" + dependencies: + path-exists "^2.0.0" + pinkie-promise "^2.0.0" + +find-versions@^1.0.0: + version "1.2.1" + resolved "https://registry.yarnpkg.com/find-versions/-/find-versions-1.2.1.tgz#cbde9f12e38575a0af1be1b9a2c5d5fd8f186b62" + dependencies: + array-uniq "^1.0.0" + get-stdin "^4.0.1" + meow "^3.5.0" + semver-regex "^1.0.0" + +flat-cache@^1.2.1: + version "1.2.2" + resolved "https://registry.yarnpkg.com/flat-cache/-/flat-cache-1.2.2.tgz#fa86714e72c21db88601761ecf2f555d1abc6b96" + dependencies: + circular-json "^0.3.1" + del "^2.0.2" + graceful-fs "^4.1.2" + write "^0.2.1" + +for-in@^1.0.1: + version "1.0.2" + resolved "https://registry.yarnpkg.com/for-in/-/for-in-1.0.2.tgz#81068d295a8142ec0ac726c6e2200c30fb6d5e80" + +for-own@^0.1.4: + version "0.1.5" + resolved "https://registry.yarnpkg.com/for-own/-/for-own-0.1.5.tgz#5265c681a4f294dabbf17c9509b6763aa84510ce" + dependencies: + for-in "^1.0.1" + +forever-agent@~0.6.1: + version "0.6.1" + resolved "https://registry.yarnpkg.com/forever-agent/-/forever-agent-0.6.1.tgz#fbc71f0c41adeb37f96c577ad1ed42d8fdacca91" + +form-data@~2.1.1: + version "2.1.4" + resolved "https://registry.yarnpkg.com/form-data/-/form-data-2.1.4.tgz#33c183acf193276ecaa98143a69e94bfee1750d1" + dependencies: + asynckit "^0.4.0" + combined-stream "^1.0.5" + mime-types "^2.1.12" + +fs-readdir-recursive@^0.1.0: + version "0.1.2" + resolved "https://registry.yarnpkg.com/fs-readdir-recursive/-/fs-readdir-recursive-0.1.2.tgz#315b4fb8c1ca5b8c47defef319d073dad3568059" + +fs.realpath@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/fs.realpath/-/fs.realpath-1.0.0.tgz#1504ad2523158caa40db4a2787cb01411994ea4f" + +fsevents@^1.0.0: + version "1.1.2" + resolved "https://registry.yarnpkg.com/fsevents/-/fsevents-1.1.2.tgz#3282b713fb3ad80ede0e9fcf4611b5aa6fc033f4" + dependencies: + nan "^2.3.0" + node-pre-gyp "^0.6.36" + +fstream-ignore@^1.0.5: + version "1.0.5" + resolved "https://registry.yarnpkg.com/fstream-ignore/-/fstream-ignore-1.0.5.tgz#9c31dae34767018fe1d249b24dada67d092da105" + dependencies: + fstream "^1.0.0" + inherits "2" + minimatch "^3.0.0" + +fstream@^1.0.0, fstream@^1.0.10, fstream@^1.0.2: + version "1.0.11" + resolved "https://registry.yarnpkg.com/fstream/-/fstream-1.0.11.tgz#5c1fb1f117477114f0632a0eb4b71b3cb0fd3171" + dependencies: + graceful-fs "^4.1.2" + inherits "~2.0.0" + mkdirp ">=0.5 0" + rimraf "2" + +function-bind@^1.0.2: + version "1.1.0" + resolved "https://registry.yarnpkg.com/function-bind/-/function-bind-1.1.0.tgz#16176714c801798e4e8f2cf7f7529467bb4a5771" + +functional-red-black-tree@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/functional-red-black-tree/-/functional-red-black-tree-1.0.1.tgz#1b0ab3bd553b2a0d6399d29c0e3ea0b252078327" + +gauge@~2.7.3: + version "2.7.4" + resolved "https://registry.yarnpkg.com/gauge/-/gauge-2.7.4.tgz#2c03405c7538c39d7eb37b317022e325fb018bf7" + dependencies: + aproba "^1.0.3" + console-control-strings "^1.0.0" + has-unicode "^2.0.0" + object-assign "^4.1.0" + signal-exit "^3.0.0" + string-width "^1.0.1" + strip-ansi "^3.0.1" + wide-align "^1.1.0" + +get-stdin@^4.0.1: + version "4.0.1" + resolved "https://registry.yarnpkg.com/get-stdin/-/get-stdin-4.0.1.tgz#b968c6b0a04384324902e8bf1a5df32579a450fe" + +getpass@^0.1.1: + version "0.1.7" + resolved "https://registry.yarnpkg.com/getpass/-/getpass-0.1.7.tgz#5eff8e3e684d569ae4cb2b1282604e8ba62149fa" + dependencies: + assert-plus "^1.0.0" + +glob-base@^0.3.0: + version "0.3.0" + resolved "https://registry.yarnpkg.com/glob-base/-/glob-base-0.3.0.tgz#dbb164f6221b1c0b1ccf82aea328b497df0ea3c4" + dependencies: + glob-parent "^2.0.0" + is-glob "^2.0.0" + +glob-parent@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/glob-parent/-/glob-parent-2.0.0.tgz#81383d72db054fcccf5336daa902f182f6edbb28" + dependencies: + is-glob "^2.0.0" + +glob@7.1.1: + version "7.1.1" + resolved "https://registry.yarnpkg.com/glob/-/glob-7.1.1.tgz#805211df04faaf1c63a3600306cdf5ade50b2ec8" + dependencies: + fs.realpath "^1.0.0" + inflight "^1.0.4" + inherits "2" + minimatch "^3.0.2" + once "^1.3.0" + path-is-absolute "^1.0.0" + +glob@^5.0.5: + version "5.0.15" + resolved "https://registry.yarnpkg.com/glob/-/glob-5.0.15.tgz#1bc936b9e02f4a603fcc222ecf7633d30b8b93b1" + dependencies: + inflight "^1.0.4" + inherits "2" + minimatch "2 || 3" + once "^1.3.0" + path-is-absolute "^1.0.0" + +glob@^7.0.3, glob@^7.0.5, glob@^7.1.2: + version "7.1.2" + resolved "https://registry.yarnpkg.com/glob/-/glob-7.1.2.tgz#c19c9df9a028702d678612384a6552404c636d15" + dependencies: + fs.realpath "^1.0.0" + inflight "^1.0.4" + inherits "2" + minimatch "^3.0.4" + once "^1.3.0" + path-is-absolute "^1.0.0" + +global@^4.3.2: + version "4.3.2" + resolved "https://registry.yarnpkg.com/global/-/global-4.3.2.tgz#e76989268a6c74c38908b1305b10fc0e394e9d0f" + dependencies: + min-document "^2.19.0" + process "~0.5.1" + +globals@^9.17.0, globals@^9.18.0: + version "9.18.0" + resolved "https://registry.yarnpkg.com/globals/-/globals-9.18.0.tgz#aa3896b3e69b487f17e31ed2143d69a8e30c2d8a" + +globby@^5.0.0: + version "5.0.0" + resolved "https://registry.yarnpkg.com/globby/-/globby-5.0.0.tgz#ebd84667ca0dbb330b99bcfc68eac2bc54370e0d" + dependencies: + array-union "^1.0.1" + arrify "^1.0.0" + glob "^7.0.3" + object-assign "^4.0.1" + pify "^2.0.0" + pinkie-promise "^2.0.0" + +graceful-fs@^4.1.2, graceful-fs@^4.1.4, graceful-fs@^4.1.5: + version "4.1.11" + resolved "https://registry.yarnpkg.com/graceful-fs/-/graceful-fs-4.1.11.tgz#0e8bdfe4d1ddb8854d64e04ea7c00e2a026e5658" + +"graceful-readlink@>= 1.0.0": + version "1.0.1" + resolved "https://registry.yarnpkg.com/graceful-readlink/-/graceful-readlink-1.0.1.tgz#4cafad76bc62f02fa039b2f94e9a3dd3a391a725" + +graphql@0.7.2: + version "0.7.2" + resolved "https://registry.yarnpkg.com/graphql/-/graphql-0.7.2.tgz#cc894a32823399b8a0cb012b9e9ecad35cd00f72" + dependencies: + iterall "1.0.2" + +growl@1.9.2: + version "1.9.2" + resolved "https://registry.yarnpkg.com/growl/-/growl-1.9.2.tgz#0ea7743715db8d8de2c5ede1775e1b45ac85c02f" + +har-schema@^1.0.5: + version "1.0.5" + resolved "https://registry.yarnpkg.com/har-schema/-/har-schema-1.0.5.tgz#d263135f43307c02c602afc8fe95970c0151369e" + +har-validator@~4.2.1: + version "4.2.1" + resolved "https://registry.yarnpkg.com/har-validator/-/har-validator-4.2.1.tgz#33481d0f1bbff600dd203d75812a6a5fba002e2a" + dependencies: + ajv "^4.9.1" + har-schema "^1.0.5" + +has-ansi@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/has-ansi/-/has-ansi-2.0.0.tgz#34f5049ce1ecdf2b0649af3ef24e45ed35416d91" + dependencies: + ansi-regex "^2.0.0" + +has-flag@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/has-flag/-/has-flag-1.0.0.tgz#9d9e793165ce017a00f00418c43f942a7b1d11fa" + +has-flag@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/has-flag/-/has-flag-2.0.0.tgz#e8207af1cc7b30d446cc70b734b5e8be18f88d51" + +has-unicode@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/has-unicode/-/has-unicode-2.0.1.tgz#e0e6fe6a28cf51138855e086d1691e771de2a8b9" + +has@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/has/-/has-1.0.1.tgz#8461733f538b0837c9361e39a9ab9e9704dc2f28" + dependencies: + function-bind "^1.0.2" + +hawk@~3.1.3: + version "3.1.3" + resolved "https://registry.yarnpkg.com/hawk/-/hawk-3.1.3.tgz#078444bd7c1640b0fe540d2c9b73d59678e8e1c4" + dependencies: + boom "2.x.x" + cryptiles "2.x.x" + hoek "2.x.x" + sntp "1.x.x" + +hoek@2.x.x: + version "2.16.3" + resolved "https://registry.yarnpkg.com/hoek/-/hoek-2.16.3.tgz#20bb7403d3cea398e91dc4710a8ff1b8274a25ed" + +home-or-tmp@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/home-or-tmp/-/home-or-tmp-1.0.0.tgz#4b9f1e40800c3e50c6c27f781676afcce71f3985" + dependencies: + os-tmpdir "^1.0.1" + user-home "^1.1.1" + +home-or-tmp@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/home-or-tmp/-/home-or-tmp-2.0.0.tgz#e36c3f2d2cae7d746a857e38d18d5f32a7882db8" + dependencies: + os-homedir "^1.0.0" + os-tmpdir "^1.0.1" + +hosted-git-info@^2.1.4: + version "2.5.0" + resolved "https://registry.yarnpkg.com/hosted-git-info/-/hosted-git-info-2.5.0.tgz#6d60e34b3abbc8313062c3b798ef8d901a07af3c" + +http-signature@~1.1.0: + version "1.1.1" + resolved "https://registry.yarnpkg.com/http-signature/-/http-signature-1.1.1.tgz#df72e267066cd0ac67fb76adf8e134a8fbcf91bf" + dependencies: + assert-plus "^0.2.0" + jsprim "^1.2.2" + sshpk "^1.7.0" + +iconv-lite@^0.4.17, iconv-lite@~0.4.13: + version "0.4.18" + resolved "https://registry.yarnpkg.com/iconv-lite/-/iconv-lite-0.4.18.tgz#23d8656b16aae6742ac29732ea8f0336a4789cf2" + +ignore@^3.3.3: + version "3.3.3" + resolved "https://registry.yarnpkg.com/ignore/-/ignore-3.3.3.tgz#432352e57accd87ab3110e82d3fea0e47812156d" + +imurmurhash@^0.1.4: + version "0.1.4" + resolved "https://registry.yarnpkg.com/imurmurhash/-/imurmurhash-0.1.4.tgz#9218b9b2b928a238b13dc4fb6b6d576f231453ea" + +indent-string@^2.1.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/indent-string/-/indent-string-2.1.0.tgz#8e2d48348742121b4a8218b7a137e9a52049dc80" + dependencies: + repeating "^2.0.0" + +inflight@^1.0.4: + version "1.0.6" + resolved "https://registry.yarnpkg.com/inflight/-/inflight-1.0.6.tgz#49bd6331d7d02d0c09bc910a1075ba8165b56df9" + dependencies: + once "^1.3.0" + wrappy "1" + +inherits@2, inherits@^2.0.1, inherits@^2.0.3, inherits@~2.0.0, inherits@~2.0.3: + version "2.0.3" + resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.3.tgz#633c2c83e3da42a502f52466022480f4208261de" + +ini@~1.3.0: + version "1.3.4" + resolved "https://registry.yarnpkg.com/ini/-/ini-1.3.4.tgz#0537cb79daf59b59a1a517dff706c86ec039162e" + +inquirer@^3.0.6: + version "3.2.2" + resolved "https://registry.yarnpkg.com/inquirer/-/inquirer-3.2.2.tgz#c2aaede1507cc54d826818737742d621bef2e823" + dependencies: + ansi-escapes "^2.0.0" + chalk "^2.0.0" + cli-cursor "^2.1.0" + cli-width "^2.0.0" + external-editor "^2.0.4" + figures "^2.0.0" + lodash "^4.3.0" + mute-stream "0.0.7" + run-async "^2.2.0" + rx-lite "^4.0.8" + rx-lite-aggregates "^4.0.8" + string-width "^2.1.0" + strip-ansi "^4.0.0" + through "^2.3.6" + +invariant@^2.2.2: + version "2.2.2" + resolved "https://registry.yarnpkg.com/invariant/-/invariant-2.2.2.tgz#9e1f56ac0acdb6bf303306f338be3b204ae60360" + dependencies: + loose-envify "^1.0.0" + +is-arrayish@^0.2.1: + version "0.2.1" + resolved "https://registry.yarnpkg.com/is-arrayish/-/is-arrayish-0.2.1.tgz#77c99840527aa8ecb1a8ba697b80645a7a926a9d" + +is-binary-path@^1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/is-binary-path/-/is-binary-path-1.0.1.tgz#75f16642b480f187a711c814161fd3a4a7655898" + dependencies: + binary-extensions "^1.0.0" + +is-buffer@^1.1.5, is-buffer@~1.1.1: + version "1.1.5" + resolved "https://registry.yarnpkg.com/is-buffer/-/is-buffer-1.1.5.tgz#1f3b26ef613b214b88cbca23cc6c01d87961eecc" + +is-builtin-module@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-builtin-module/-/is-builtin-module-1.0.0.tgz#540572d34f7ac3119f8f76c30cbc1b1e037affbe" + dependencies: + builtin-modules "^1.0.0" + +is-dotfile@^1.0.0: + version "1.0.3" + resolved "https://registry.yarnpkg.com/is-dotfile/-/is-dotfile-1.0.3.tgz#a6a2f32ffd2dfb04f5ca25ecd0f6b83cf798a1e1" + +is-equal-shallow@^0.1.3: + version "0.1.3" + resolved "https://registry.yarnpkg.com/is-equal-shallow/-/is-equal-shallow-0.1.3.tgz#2238098fc221de0bcfa5d9eac4c45d638aa1c534" + dependencies: + is-primitive "^2.0.0" + +is-extendable@^0.1.1: + version "0.1.1" + resolved "https://registry.yarnpkg.com/is-extendable/-/is-extendable-0.1.1.tgz#62b110e289a471418e3ec36a617d472e301dfc89" + +is-extglob@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-extglob/-/is-extglob-1.0.0.tgz#ac468177c4943405a092fc8f29760c6ffc6206c0" + +is-finite@^1.0.0: + version "1.0.2" + resolved "https://registry.yarnpkg.com/is-finite/-/is-finite-1.0.2.tgz#cc6677695602be550ef11e8b4aa6305342b6d0aa" + dependencies: + number-is-nan "^1.0.0" + +is-fullwidth-code-point@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-fullwidth-code-point/-/is-fullwidth-code-point-1.0.0.tgz#ef9e31386f031a7f0d643af82fde50c457ef00cb" + dependencies: + number-is-nan "^1.0.0" + +is-fullwidth-code-point@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/is-fullwidth-code-point/-/is-fullwidth-code-point-2.0.0.tgz#a3b30a5c4f199183167aaab93beefae3ddfb654f" + +is-glob@^2.0.0, is-glob@^2.0.1: + version "2.0.1" + resolved "https://registry.yarnpkg.com/is-glob/-/is-glob-2.0.1.tgz#d096f926a3ded5600f3fdfd91198cb0888c2d863" + dependencies: + is-extglob "^1.0.0" + +is-number@^2.1.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/is-number/-/is-number-2.1.0.tgz#01fcbbb393463a548f2f466cce16dece49db908f" + dependencies: + kind-of "^3.0.2" + +is-number@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/is-number/-/is-number-3.0.0.tgz#24fd6201a4782cf50561c810276afc7d12d71195" + dependencies: + kind-of "^3.0.2" + +is-path-cwd@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-path-cwd/-/is-path-cwd-1.0.0.tgz#d225ec23132e89edd38fda767472e62e65f1106d" + +is-path-in-cwd@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-path-in-cwd/-/is-path-in-cwd-1.0.0.tgz#6477582b8214d602346094567003be8a9eac04dc" + dependencies: + is-path-inside "^1.0.0" + +is-path-inside@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-path-inside/-/is-path-inside-1.0.0.tgz#fc06e5a1683fbda13de667aff717bbc10a48f37f" + dependencies: + path-is-inside "^1.0.1" + +is-posix-bracket@^0.1.0: + version "0.1.1" + resolved "https://registry.yarnpkg.com/is-posix-bracket/-/is-posix-bracket-0.1.1.tgz#3334dc79774368e92f016e6fbc0a88f5cd6e6bc4" + +is-primitive@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/is-primitive/-/is-primitive-2.0.0.tgz#207bab91638499c07b2adf240a41a87210034575" + +is-promise@^2.1.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/is-promise/-/is-promise-2.1.0.tgz#79a2a9ece7f096e80f36d2b2f3bc16c1ff4bf3fa" + +is-resolvable@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-resolvable/-/is-resolvable-1.0.0.tgz#8df57c61ea2e3c501408d100fb013cf8d6e0cc62" + dependencies: + tryit "^1.0.1" + +is-stream@^1.0.1: + version "1.1.0" + resolved "https://registry.yarnpkg.com/is-stream/-/is-stream-1.1.0.tgz#12d4a3dd4e68e0b79ceb8dbc84173ae80d91ca44" + +is-typedarray@~1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-typedarray/-/is-typedarray-1.0.0.tgz#e479c80858df0c1b11ddda6940f96011fcda4a9a" + +is-utf8@^0.2.0: + version "0.2.1" + resolved "https://registry.yarnpkg.com/is-utf8/-/is-utf8-0.2.1.tgz#4b0da1442104d1b336340e80797e865cf39f7d72" + +isarray@1.0.0, isarray@^1.0.0, isarray@~1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/isarray/-/isarray-1.0.0.tgz#bb935d48582cba168c06834957a54a3e07124f11" + +isexe@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/isexe/-/isexe-2.0.0.tgz#e8fbf374dc556ff8947a10dcb0572d633f2cfa10" + +isobject@^2.0.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/isobject/-/isobject-2.1.0.tgz#f065561096a3f1da2ef46272f815c840d87e0c89" + dependencies: + isarray "1.0.0" + +isstream@~0.1.2: + version "0.1.2" + resolved "https://registry.yarnpkg.com/isstream/-/isstream-0.1.2.tgz#47e63f7af55afa6f92e1500e690eb8b8529c099a" + +iterall@1.0.2: + version "1.0.2" + resolved "https://registry.yarnpkg.com/iterall/-/iterall-1.0.2.tgz#41a2e96ce9eda5e61c767ee5dc312373bb046e91" + +js-tokens@^3.0.0, js-tokens@^3.0.2: + version "3.0.2" + resolved "https://registry.yarnpkg.com/js-tokens/-/js-tokens-3.0.2.tgz#9866df395102130e38f7f996bceb65443209c25b" + +js-yaml@^3.9.1: + version "3.9.1" + resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-3.9.1.tgz#08775cebdfdd359209f0d2acd383c8f86a6904a0" + dependencies: + argparse "^1.0.7" + esprima "^4.0.0" + +jsbn@~0.1.0: + version "0.1.1" + resolved "https://registry.yarnpkg.com/jsbn/-/jsbn-0.1.1.tgz#a5e654c2e5a2deb5f201d96cefbca80c0ef2f513" + +jschardet@^1.4.2: + version "1.5.1" + resolved "https://registry.yarnpkg.com/jschardet/-/jschardet-1.5.1.tgz#c519f629f86b3a5bedba58a88d311309eec097f9" + +jsesc@^1.3.0: + version "1.3.0" + resolved "https://registry.yarnpkg.com/jsesc/-/jsesc-1.3.0.tgz#46c3fec8c1892b12b0833db9bc7622176dbab34b" + +jsesc@~0.5.0: + version "0.5.0" + resolved "https://registry.yarnpkg.com/jsesc/-/jsesc-0.5.0.tgz#e7dee66e35d6fc16f710fe91d5cf69f70f08911d" + +json-schema-traverse@^0.3.0: + version "0.3.1" + resolved "https://registry.yarnpkg.com/json-schema-traverse/-/json-schema-traverse-0.3.1.tgz#349a6d44c53a51de89b40805c5d5e59b417d3340" + +json-schema@0.2.3: + version "0.2.3" + resolved "https://registry.yarnpkg.com/json-schema/-/json-schema-0.2.3.tgz#b480c892e59a2f05954ce727bd3f2a4e882f9e13" + +json-stable-stringify@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/json-stable-stringify/-/json-stable-stringify-1.0.1.tgz#9a759d39c5f2ff503fd5300646ed445f88c4f9af" + dependencies: + jsonify "~0.0.0" + +json-stringify-safe@~5.0.1: + version "5.0.1" + resolved "https://registry.yarnpkg.com/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz#1296a2d58fd45f19a0f6ce01d65701e2c735b6eb" + +json3@3.3.2: + version "3.3.2" + resolved "https://registry.yarnpkg.com/json3/-/json3-3.3.2.tgz#3c0434743df93e2f5c42aee7b19bcb483575f4e1" + +json5@^0.4.0: + version "0.4.0" + resolved "https://registry.yarnpkg.com/json5/-/json5-0.4.0.tgz#054352e4c4c80c86c0923877d449de176a732c8d" + +json5@^0.5.1: + version "0.5.1" + resolved "https://registry.yarnpkg.com/json5/-/json5-0.5.1.tgz#1eade7acc012034ad84e2396767ead9fa5495821" + +jsonify@~0.0.0: + version "0.0.0" + resolved "https://registry.yarnpkg.com/jsonify/-/jsonify-0.0.0.tgz#2c74b6ee41d93ca51b7b5aaee8f503631d252a73" + +jsprim@^1.2.2: + version "1.4.1" + resolved "https://registry.yarnpkg.com/jsprim/-/jsprim-1.4.1.tgz#313e66bc1e5cc06e438bc1b7499c2e5c56acb6a2" + dependencies: + assert-plus "1.0.0" + extsprintf "1.3.0" + json-schema "0.2.3" + verror "1.10.0" + +jsx-ast-utils@^1.0.0, jsx-ast-utils@^1.3.1: + version "1.4.1" + resolved "https://registry.yarnpkg.com/jsx-ast-utils/-/jsx-ast-utils-1.4.1.tgz#3867213e8dd79bf1e8f2300c0cfc1efb182c0df1" + +kind-of@^3.0.2: + version "3.2.2" + resolved "https://registry.yarnpkg.com/kind-of/-/kind-of-3.2.2.tgz#31ea21a734bab9bbb0f32466d893aea51e4a3c64" + dependencies: + is-buffer "^1.1.5" + +kind-of@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/kind-of/-/kind-of-4.0.0.tgz#20813df3d712928b207378691a45066fae72dd57" + dependencies: + is-buffer "^1.1.5" + +levn@^0.3.0, levn@~0.3.0: + version "0.3.0" + resolved "https://registry.yarnpkg.com/levn/-/levn-0.3.0.tgz#3b09924edf9f083c0490fdd4c0bc4421e04764ee" + dependencies: + prelude-ls "~1.1.2" + type-check "~0.3.2" + +load-json-file@^1.0.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/load-json-file/-/load-json-file-1.1.0.tgz#956905708d58b4bab4c2261b04f59f31c99374c0" + dependencies: + graceful-fs "^4.1.2" + parse-json "^2.2.0" + pify "^2.0.0" + pinkie-promise "^2.0.0" + strip-bom "^2.0.0" + +lodash._baseassign@^3.0.0: + version "3.2.0" + resolved "https://registry.yarnpkg.com/lodash._baseassign/-/lodash._baseassign-3.2.0.tgz#8c38a099500f215ad09e59f1722fd0c52bfe0a4e" + dependencies: + lodash._basecopy "^3.0.0" + lodash.keys "^3.0.0" + +lodash._basecopy@^3.0.0: + version "3.0.1" + resolved "https://registry.yarnpkg.com/lodash._basecopy/-/lodash._basecopy-3.0.1.tgz#8da0e6a876cf344c0ad8a54882111dd3c5c7ca36" + +lodash._basecreate@^3.0.0: + version "3.0.3" + resolved "https://registry.yarnpkg.com/lodash._basecreate/-/lodash._basecreate-3.0.3.tgz#1bc661614daa7fc311b7d03bf16806a0213cf821" + +lodash._getnative@^3.0.0: + version "3.9.1" + resolved "https://registry.yarnpkg.com/lodash._getnative/-/lodash._getnative-3.9.1.tgz#570bc7dede46d61cdcde687d65d3eecbaa3aaff5" + +lodash._isiterateecall@^3.0.0: + version "3.0.9" + resolved "https://registry.yarnpkg.com/lodash._isiterateecall/-/lodash._isiterateecall-3.0.9.tgz#5203ad7ba425fae842460e696db9cf3e6aac057c" + +lodash.clonedeep@^4.5.0: + version "4.5.0" + resolved "https://registry.yarnpkg.com/lodash.clonedeep/-/lodash.clonedeep-4.5.0.tgz#e23f3f9c4f8fbdde872529c1071857a086e5ccef" + +lodash.cond@^4.3.0: + version "4.5.2" + resolved "https://registry.yarnpkg.com/lodash.cond/-/lodash.cond-4.5.2.tgz#f471a1da486be60f6ab955d17115523dd1d255d5" + +lodash.create@3.1.1: + version "3.1.1" + resolved "https://registry.yarnpkg.com/lodash.create/-/lodash.create-3.1.1.tgz#d7f2849f0dbda7e04682bb8cd72ab022461debe7" + dependencies: + lodash._baseassign "^3.0.0" + lodash._basecreate "^3.0.0" + lodash._isiterateecall "^3.0.0" + +lodash.endswith@^4.0.1: + version "4.2.1" + resolved "https://registry.yarnpkg.com/lodash.endswith/-/lodash.endswith-4.2.1.tgz#fed59ac1738ed3e236edd7064ec456448b37bc09" + +lodash.find@^4.3.0: + version "4.6.0" + resolved "https://registry.yarnpkg.com/lodash.find/-/lodash.find-4.6.0.tgz#cb0704d47ab71789ffa0de8b97dd926fb88b13b1" + +lodash.findindex@^4.3.0: + version "4.6.0" + resolved "https://registry.yarnpkg.com/lodash.findindex/-/lodash.findindex-4.6.0.tgz#a3245dee61fb9b6e0624b535125624bb69c11106" + +lodash.includes@^4.3.0: + version "4.3.0" + resolved "https://registry.yarnpkg.com/lodash.includes/-/lodash.includes-4.3.0.tgz#60bb98a87cb923c68ca1e51325483314849f553f" + +lodash.isarguments@^3.0.0: + version "3.1.0" + resolved "https://registry.yarnpkg.com/lodash.isarguments/-/lodash.isarguments-3.1.0.tgz#2f573d85c6a24289ff00663b491c1d338ff3458a" + +lodash.isarray@^3.0.0: + version "3.0.4" + resolved "https://registry.yarnpkg.com/lodash.isarray/-/lodash.isarray-3.0.4.tgz#79e4eb88c36a8122af86f844aa9bcd851b5fbb55" + +lodash.keys@^3.0.0: + version "3.1.2" + resolved "https://registry.yarnpkg.com/lodash.keys/-/lodash.keys-3.1.2.tgz#4dbc0472b156be50a0b286855d1bd0b0c656098a" + dependencies: + lodash._getnative "^3.0.0" + lodash.isarguments "^3.0.0" + lodash.isarray "^3.0.0" + +lodash.merge@^4.6.0: + version "4.6.0" + resolved "https://registry.yarnpkg.com/lodash.merge/-/lodash.merge-4.6.0.tgz#69884ba144ac33fe699737a6086deffadd0f89c5" + +lodash@^4.0.0, lodash@^4.17.4, lodash@^4.2.0, lodash@^4.3.0: + version "4.17.4" + resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.4.tgz#78203a4d1c328ae1d86dca6460e369b57f4055ae" + +log-symbols@^1.0.2: + version "1.0.2" + resolved "https://registry.yarnpkg.com/log-symbols/-/log-symbols-1.0.2.tgz#376ff7b58ea3086a0f09facc74617eca501e1a18" + dependencies: + chalk "^1.0.0" + +loose-envify@^1.0.0: + version "1.3.1" + resolved "https://registry.yarnpkg.com/loose-envify/-/loose-envify-1.3.1.tgz#d1a8ad33fa9ce0e713d65fdd0ac8b748d478c848" + dependencies: + js-tokens "^3.0.0" + +loud-rejection@^1.0.0: + version "1.6.0" + resolved "https://registry.yarnpkg.com/loud-rejection/-/loud-rejection-1.6.0.tgz#5b46f80147edee578870f086d04821cf998e551f" + dependencies: + currently-unhandled "^0.4.1" + signal-exit "^3.0.0" + +lru-cache@^4.0.1: + version "4.1.1" + resolved "https://registry.yarnpkg.com/lru-cache/-/lru-cache-4.1.1.tgz#622e32e82488b49279114a4f9ecf45e7cd6bba55" + dependencies: + pseudomap "^1.0.2" + yallist "^2.1.2" + +map-obj@^1.0.0, map-obj@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/map-obj/-/map-obj-1.0.1.tgz#d933ceb9205d82bdcf4886f6742bdc2b4dea146d" + +md5@^2.2.1: + version "2.2.1" + resolved "https://registry.yarnpkg.com/md5/-/md5-2.2.1.tgz#53ab38d5fe3c8891ba465329ea23fac0540126f9" + dependencies: + charenc "~0.0.1" + crypt "~0.0.1" + is-buffer "~1.1.1" + +meow@^3.5.0: + version "3.7.0" + resolved "https://registry.yarnpkg.com/meow/-/meow-3.7.0.tgz#72cb668b425228290abbfa856892587308a801fb" + dependencies: + camelcase-keys "^2.0.0" + decamelize "^1.1.2" + loud-rejection "^1.0.0" + map-obj "^1.0.1" + minimist "^1.1.3" + normalize-package-data "^2.3.4" + object-assign "^4.0.1" + read-pkg-up "^1.0.1" + redent "^1.0.0" + trim-newlines "^1.0.0" + +micromatch@^2.1.5: + version "2.3.11" + resolved "https://registry.yarnpkg.com/micromatch/-/micromatch-2.3.11.tgz#86677c97d1720b363431d04d0d15293bd38c1565" + dependencies: + arr-diff "^2.0.0" + array-unique "^0.2.1" + braces "^1.8.2" + expand-brackets "^0.1.4" + extglob "^0.3.1" + filename-regex "^2.0.0" + is-extglob "^1.0.0" + is-glob "^2.0.1" + kind-of "^3.0.2" + normalize-path "^2.0.1" + object.omit "^2.0.0" + parse-glob "^3.0.4" + regex-cache "^0.4.2" + +mime-db@~1.29.0: + version "1.29.0" + resolved "https://registry.yarnpkg.com/mime-db/-/mime-db-1.29.0.tgz#48d26d235589651704ac5916ca06001914266878" + +mime-types@^2.1.12, mime-types@~2.1.7: + version "2.1.16" + resolved "https://registry.yarnpkg.com/mime-types/-/mime-types-2.1.16.tgz#2b858a52e5ecd516db897ac2be87487830698e23" + dependencies: + mime-db "~1.29.0" + +mimic-fn@^1.0.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/mimic-fn/-/mimic-fn-1.1.0.tgz#e667783d92e89dbd342818b5230b9d62a672ad18" + +min-document@^2.19.0: + version "2.19.0" + resolved "https://registry.yarnpkg.com/min-document/-/min-document-2.19.0.tgz#7bd282e3f5842ed295bb748cdd9f1ffa2c824685" + dependencies: + dom-walk "^0.1.0" + +"minimatch@2 || 3", minimatch@^3.0.0, minimatch@^3.0.2, minimatch@^3.0.3, minimatch@^3.0.4: + version "3.0.4" + resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-3.0.4.tgz#5166e286457f03306064be5497e8dbb0c3d32083" + dependencies: + brace-expansion "^1.1.7" + +minimist@0.0.8: + version "0.0.8" + resolved "https://registry.yarnpkg.com/minimist/-/minimist-0.0.8.tgz#857fcabfc3397d2625b8228262e86aa7a011b05d" + +minimist@^1.1.0, minimist@^1.1.3, minimist@^1.2.0: + version "1.2.0" + resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.0.tgz#a35008b20f41383eec1fb914f4cd5df79a264284" + +mkdirp@0.5.1, "mkdirp@>=0.5 0", mkdirp@^0.5.1, mkdirp@~0.5.1: + version "0.5.1" + resolved "https://registry.yarnpkg.com/mkdirp/-/mkdirp-0.5.1.tgz#30057438eac6cf7f8c4767f38648d6697d75c903" + dependencies: + minimist "0.0.8" + +mocha@^3.1.2: + version "3.5.0" + resolved "https://registry.yarnpkg.com/mocha/-/mocha-3.5.0.tgz#1328567d2717f997030f8006234bce9b8cd72465" + dependencies: + browser-stdout "1.3.0" + commander "2.9.0" + debug "2.6.8" + diff "3.2.0" + escape-string-regexp "1.0.5" + glob "7.1.1" + growl "1.9.2" + json3 "3.3.2" + lodash.create "3.1.1" + mkdirp "0.5.1" + supports-color "3.1.2" + +ms@2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/ms/-/ms-2.0.0.tgz#5608aeadfc00be6c2901df5f9861788de0d597c8" + +mute-stream@0.0.7: + version "0.0.7" + resolved "https://registry.yarnpkg.com/mute-stream/-/mute-stream-0.0.7.tgz#3075ce93bc21b8fab43e1bc4da7e8115ed1e7bab" + +nan@^2.3.0: + version "2.6.2" + resolved "https://registry.yarnpkg.com/nan/-/nan-2.6.2.tgz#e4ff34e6c95fdfb5aecc08de6596f43605a7db45" + +natural-compare@^1.4.0: + version "1.4.0" + resolved "https://registry.yarnpkg.com/natural-compare/-/natural-compare-1.4.0.tgz#4abebfeed7541f2c27acfb29bdbbd15c8d5ba4f7" + +node-fetch@^1.6.3: + version "1.7.2" + resolved "https://registry.yarnpkg.com/node-fetch/-/node-fetch-1.7.2.tgz#c54e9aac57e432875233525f3c891c4159ffefd7" + dependencies: + encoding "^0.1.11" + is-stream "^1.0.1" + +node-pre-gyp@^0.6.36: + version "0.6.36" + resolved "https://registry.yarnpkg.com/node-pre-gyp/-/node-pre-gyp-0.6.36.tgz#db604112cb74e0d477554e9b505b17abddfab786" + dependencies: + mkdirp "^0.5.1" + nopt "^4.0.1" + npmlog "^4.0.2" + rc "^1.1.7" + request "^2.81.0" + rimraf "^2.6.1" + semver "^5.3.0" + tar "^2.2.1" + tar-pack "^3.4.0" + +nopt@^4.0.1: + version "4.0.1" + resolved "https://registry.yarnpkg.com/nopt/-/nopt-4.0.1.tgz#d0d4685afd5415193c8c7505602d0d17cd64474d" + dependencies: + abbrev "1" + osenv "^0.1.4" + +normalize-package-data@^2.3.2, normalize-package-data@^2.3.4: + version "2.4.0" + resolved "https://registry.yarnpkg.com/normalize-package-data/-/normalize-package-data-2.4.0.tgz#12f95a307d58352075a04907b84ac8be98ac012f" + dependencies: + hosted-git-info "^2.1.4" + is-builtin-module "^1.0.0" + semver "2 || 3 || 4 || 5" + validate-npm-package-license "^3.0.1" + +normalize-path@^2.0.0, normalize-path@^2.0.1: + version "2.1.1" + resolved "https://registry.yarnpkg.com/normalize-path/-/normalize-path-2.1.1.tgz#1ab28b556e198363a8c1a6f7e6fa20137fe6aed9" + dependencies: + remove-trailing-separator "^1.0.1" + +npmlog@^4.0.2: + version "4.1.2" + resolved "https://registry.yarnpkg.com/npmlog/-/npmlog-4.1.2.tgz#08a7f2a8bf734604779a9efa4ad5cc717abb954b" + dependencies: + are-we-there-yet "~1.1.2" + console-control-strings "~1.1.0" + gauge "~2.7.3" + set-blocking "~2.0.0" + +number-is-nan@^1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/number-is-nan/-/number-is-nan-1.0.1.tgz#097b602b53422a522c1afb8790318336941a011d" + +oauth-sign@~0.8.1: + version "0.8.2" + resolved "https://registry.yarnpkg.com/oauth-sign/-/oauth-sign-0.8.2.tgz#46a6ab7f0aead8deae9ec0565780b7d4efeb9d43" + +object-assign@^4.0.1, object-assign@^4.1.0: + version "4.1.1" + resolved "https://registry.yarnpkg.com/object-assign/-/object-assign-4.1.1.tgz#2109adc7965887cfc05cbbd442cac8bfbb360863" + +object.omit@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/object.omit/-/object.omit-2.0.1.tgz#1a9c744829f39dbb858c76ca3579ae2a54ebd1fa" + dependencies: + for-own "^0.1.4" + is-extendable "^0.1.1" + +once@^1.3.0, once@^1.3.3: + version "1.4.0" + resolved "https://registry.yarnpkg.com/once/-/once-1.4.0.tgz#583b1aa775961d4b113ac17d9c50baef9dd76bd1" + dependencies: + wrappy "1" + +onetime@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/onetime/-/onetime-2.0.1.tgz#067428230fd67443b2794b22bba528b6867962d4" + dependencies: + mimic-fn "^1.0.0" + +optionator@^0.8.2: + version "0.8.2" + resolved "https://registry.yarnpkg.com/optionator/-/optionator-0.8.2.tgz#364c5e409d3f4d6301d6c0b4c05bba50180aeb64" + dependencies: + deep-is "~0.1.3" + fast-levenshtein "~2.0.4" + levn "~0.3.0" + prelude-ls "~1.1.2" + type-check "~0.3.2" + wordwrap "~1.0.0" + +os-homedir@^1.0.0: + version "1.0.2" + resolved "https://registry.yarnpkg.com/os-homedir/-/os-homedir-1.0.2.tgz#ffbc4988336e0e833de0c168c7ef152121aa7fb3" + +os-tmpdir@^1.0.0, os-tmpdir@^1.0.1, os-tmpdir@~1.0.1: + version "1.0.2" + resolved "https://registry.yarnpkg.com/os-tmpdir/-/os-tmpdir-1.0.2.tgz#bbe67406c79aa85c5cfec766fe5734555dfa1274" + +osenv@^0.1.4: + version "0.1.4" + resolved "https://registry.yarnpkg.com/osenv/-/osenv-0.1.4.tgz#42fe6d5953df06c8064be6f176c3d05aaaa34644" + dependencies: + os-homedir "^1.0.0" + os-tmpdir "^1.0.0" + +output-file-sync@^1.1.0: + version "1.1.2" + resolved "https://registry.yarnpkg.com/output-file-sync/-/output-file-sync-1.1.2.tgz#d0a33eefe61a205facb90092e826598d5245ce76" + dependencies: + graceful-fs "^4.1.4" + mkdirp "^0.5.1" + object-assign "^4.1.0" + +parse-glob@^3.0.4: + version "3.0.4" + resolved "https://registry.yarnpkg.com/parse-glob/-/parse-glob-3.0.4.tgz#b2c376cfb11f35513badd173ef0bb6e3a388391c" + dependencies: + glob-base "^0.3.0" + is-dotfile "^1.0.0" + is-extglob "^1.0.0" + is-glob "^2.0.0" + +parse-json@^2.2.0: + version "2.2.0" + resolved "https://registry.yarnpkg.com/parse-json/-/parse-json-2.2.0.tgz#f480f40434ef80741f8469099f8dea18f55a4dc9" + dependencies: + error-ex "^1.2.0" + +path-exists@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/path-exists/-/path-exists-1.0.0.tgz#d5a8998eb71ef37a74c34eb0d9eba6e878eea081" + +path-exists@^2.0.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/path-exists/-/path-exists-2.1.0.tgz#0feb6c64f0fc518d9a754dd5efb62c7022761f4b" + dependencies: + pinkie-promise "^2.0.0" + +path-is-absolute@^1.0.0, path-is-absolute@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/path-is-absolute/-/path-is-absolute-1.0.1.tgz#174b9268735534ffbc7ace6bf53a5a9e1b5c5f5f" + +path-is-inside@^1.0.1, path-is-inside@^1.0.2: + version "1.0.2" + resolved "https://registry.yarnpkg.com/path-is-inside/-/path-is-inside-1.0.2.tgz#365417dede44430d1c11af61027facf074bdfc53" + +path-parse@^1.0.5: + version "1.0.5" + resolved "https://registry.yarnpkg.com/path-parse/-/path-parse-1.0.5.tgz#3c1adf871ea9cd6c9431b6ea2bd74a0ff055c4c1" + +path-type@^1.0.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/path-type/-/path-type-1.1.0.tgz#59c44f7ee491da704da415da5a4070ba4f8fe441" + dependencies: + graceful-fs "^4.1.2" + pify "^2.0.0" + pinkie-promise "^2.0.0" + +performance-now@^0.2.0: + version "0.2.0" + resolved "https://registry.yarnpkg.com/performance-now/-/performance-now-0.2.0.tgz#33ef30c5c77d4ea21c5a53869d91b56d8f2555e5" + +pify@^2.0.0: + version "2.3.0" + resolved "https://registry.yarnpkg.com/pify/-/pify-2.3.0.tgz#ed141a6ac043a849ea588498e7dca8b15330e90c" + +pinkie-promise@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/pinkie-promise/-/pinkie-promise-2.0.1.tgz#2135d6dfa7a358c069ac9b178776288228450ffa" + dependencies: + pinkie "^2.0.0" + +pinkie@^2.0.0: + version "2.0.4" + resolved "https://registry.yarnpkg.com/pinkie/-/pinkie-2.0.4.tgz#72556b80cfa0d48a974e80e77248e80ed4f7f870" + +pkg-dir@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/pkg-dir/-/pkg-dir-1.0.0.tgz#7a4b508a8d5bb2d629d447056ff4e9c9314cf3d4" + dependencies: + find-up "^1.0.0" + +pkg-up@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/pkg-up/-/pkg-up-1.0.0.tgz#3e08fb461525c4421624a33b9f7e6d0af5b05a26" + dependencies: + find-up "^1.0.0" + +pluralize@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/pluralize/-/pluralize-4.0.0.tgz#59b708c1c0190a2f692f1c7618c446b052fd1762" + +prelude-ls@~1.1.2: + version "1.1.2" + resolved "https://registry.yarnpkg.com/prelude-ls/-/prelude-ls-1.1.2.tgz#21932a549f5e52ffd9a827f570e04be62a97da54" + +preserve@^0.2.0: + version "0.2.0" + resolved "https://registry.yarnpkg.com/preserve/-/preserve-0.2.0.tgz#815ed1f6ebc65926f865b310c0713bcb3315ce4b" + +private@^0.1.6, private@^0.1.7, private@~0.1.5: + version "0.1.7" + resolved "https://registry.yarnpkg.com/private/-/private-0.1.7.tgz#68ce5e8a1ef0a23bb570cc28537b5332aba63ef1" + +process-nextick-args@~1.0.6: + version "1.0.7" + resolved "https://registry.yarnpkg.com/process-nextick-args/-/process-nextick-args-1.0.7.tgz#150e20b756590ad3f91093f25a4f2ad8bff30ba3" + +process@~0.5.1: + version "0.5.2" + resolved "https://registry.yarnpkg.com/process/-/process-0.5.2.tgz#1638d8a8e34c2f440a91db95ab9aeb677fc185cf" + +progress@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/progress/-/progress-2.0.0.tgz#8a1be366bf8fc23db2bd23f10c6fe920b4389d1f" + +pseudomap@^1.0.2: + version "1.0.2" + resolved "https://registry.yarnpkg.com/pseudomap/-/pseudomap-1.0.2.tgz#f052a28da70e618917ef0a8ac34c1ae5a68286b3" + +punycode@^1.4.1: + version "1.4.1" + resolved "https://registry.yarnpkg.com/punycode/-/punycode-1.4.1.tgz#c0d5a63b2718800ad8e1eb0fa5269c84dd41845e" + +qs@~6.4.0: + version "6.4.0" + resolved "https://registry.yarnpkg.com/qs/-/qs-6.4.0.tgz#13e26d28ad6b0ffaa91312cd3bf708ed351e7233" + +randomatic@^1.1.3: + version "1.1.7" + resolved "https://registry.yarnpkg.com/randomatic/-/randomatic-1.1.7.tgz#c7abe9cc8b87c0baa876b19fde83fd464797e38c" + dependencies: + is-number "^3.0.0" + kind-of "^4.0.0" + +rc@^1.1.7: + version "1.2.1" + resolved "https://registry.yarnpkg.com/rc/-/rc-1.2.1.tgz#2e03e8e42ee450b8cb3dce65be1bf8974e1dfd95" + dependencies: + deep-extend "~0.4.0" + ini "~1.3.0" + minimist "^1.2.0" + strip-json-comments "~2.0.1" + +read-pkg-up@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/read-pkg-up/-/read-pkg-up-1.0.1.tgz#9d63c13276c065918d57f002a57f40a1b643fb02" + dependencies: + find-up "^1.0.0" + read-pkg "^1.0.0" + +read-pkg@^1.0.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/read-pkg/-/read-pkg-1.1.0.tgz#f5ffaa5ecd29cb31c0474bca7d756b6bb29e3f28" + dependencies: + load-json-file "^1.0.0" + normalize-package-data "^2.3.2" + path-type "^1.0.0" + +readable-stream@^2.0.2, readable-stream@^2.0.6, readable-stream@^2.1.4, readable-stream@^2.2.2: + version "2.3.3" + resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.3.3.tgz#368f2512d79f9d46fdfc71349ae7878bbc1eb95c" + dependencies: + core-util-is "~1.0.0" + inherits "~2.0.3" + isarray "~1.0.0" + process-nextick-args "~1.0.6" + safe-buffer "~5.1.1" + string_decoder "~1.0.3" + util-deprecate "~1.0.1" + +readdirp@^2.0.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/readdirp/-/readdirp-2.1.0.tgz#4ed0ad060df3073300c48440373f72d1cc642d78" + dependencies: + graceful-fs "^4.1.2" + minimatch "^3.0.2" + readable-stream "^2.0.2" + set-immediate-shim "^1.0.1" + +recast@^0.11.18: + version "0.11.23" + resolved "https://registry.yarnpkg.com/recast/-/recast-0.11.23.tgz#451fd3004ab1e4df9b4e4b66376b2a21912462d3" + dependencies: + ast-types "0.9.6" + esprima "~3.1.0" + private "~0.1.5" + source-map "~0.5.0" + +redent@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/redent/-/redent-1.0.0.tgz#cf916ab1fd5f1f16dfb20822dd6ec7f730c2afde" + dependencies: + indent-string "^2.1.0" + strip-indent "^1.0.1" + +regenerate@^1.2.1: + version "1.3.2" + resolved "https://registry.yarnpkg.com/regenerate/-/regenerate-1.3.2.tgz#d1941c67bad437e1be76433add5b385f95b19260" + +regenerator-runtime@^0.10.5: + version "0.10.5" + resolved "https://registry.yarnpkg.com/regenerator-runtime/-/regenerator-runtime-0.10.5.tgz#336c3efc1220adcedda2c9fab67b5a7955a33658" + +regenerator-runtime@^0.11.0: + version "0.11.0" + resolved "https://registry.yarnpkg.com/regenerator-runtime/-/regenerator-runtime-0.11.0.tgz#7e54fe5b5ccd5d6624ea6255c3473be090b802e1" + +regenerator-transform@^0.10.0: + version "0.10.1" + resolved "https://registry.yarnpkg.com/regenerator-transform/-/regenerator-transform-0.10.1.tgz#1e4996837231da8b7f3cf4114d71b5691a0680dd" + dependencies: + babel-runtime "^6.18.0" + babel-types "^6.19.0" + private "^0.1.6" + +regex-cache@^0.4.2: + version "0.4.3" + resolved "https://registry.yarnpkg.com/regex-cache/-/regex-cache-0.4.3.tgz#9b1a6c35d4d0dfcef5711ae651e8e9d3d7114145" + dependencies: + is-equal-shallow "^0.1.3" + is-primitive "^2.0.0" + +regexpu-core@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/regexpu-core/-/regexpu-core-2.0.0.tgz#49d038837b8dcf8bfa5b9a42139938e6ea2ae240" + dependencies: + regenerate "^1.2.1" + regjsgen "^0.2.0" + regjsparser "^0.1.4" + +regjsgen@^0.2.0: + version "0.2.0" + resolved "https://registry.yarnpkg.com/regjsgen/-/regjsgen-0.2.0.tgz#6c016adeac554f75823fe37ac05b92d5a4edb1f7" + +regjsparser@^0.1.4: + version "0.1.5" + resolved "https://registry.yarnpkg.com/regjsparser/-/regjsparser-0.1.5.tgz#7ee8f84dc6fa792d3fd0ae228d24bd949ead205c" + dependencies: + jsesc "~0.5.0" + +remove-trailing-separator@^1.0.1: + version "1.1.0" + resolved "https://registry.yarnpkg.com/remove-trailing-separator/-/remove-trailing-separator-1.1.0.tgz#c24bce2a283adad5bc3f58e0d48249b92379d8ef" + +repeat-element@^1.1.2: + version "1.1.2" + resolved "https://registry.yarnpkg.com/repeat-element/-/repeat-element-1.1.2.tgz#ef089a178d1483baae4d93eb98b4f9e4e11d990a" + +repeat-string@^1.5.2: + version "1.6.1" + resolved "https://registry.yarnpkg.com/repeat-string/-/repeat-string-1.6.1.tgz#8dcae470e1c88abc2d600fff4a776286da75e637" + +repeating@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/repeating/-/repeating-2.0.1.tgz#5214c53a926d3552707527fbab415dbc08d06dda" + dependencies: + is-finite "^1.0.0" + +request@^2.65.0, request@^2.81.0: + version "2.81.0" + resolved "https://registry.yarnpkg.com/request/-/request-2.81.0.tgz#c6928946a0e06c5f8d6f8a9333469ffda46298a0" + dependencies: + aws-sign2 "~0.6.0" + aws4 "^1.2.1" + caseless "~0.12.0" + combined-stream "~1.0.5" + extend "~3.0.0" + forever-agent "~0.6.1" + form-data "~2.1.1" + har-validator "~4.2.1" + hawk "~3.1.3" + http-signature "~1.1.0" + is-typedarray "~1.0.0" + isstream "~0.1.2" + json-stringify-safe "~5.0.1" + mime-types "~2.1.7" + oauth-sign "~0.8.1" + performance-now "^0.2.0" + qs "~6.4.0" + safe-buffer "^5.0.1" + stringstream "~0.0.4" + tough-cookie "~2.3.0" + tunnel-agent "^0.6.0" + uuid "^3.0.0" + +require-uncached@^1.0.3: + version "1.0.3" + resolved "https://registry.yarnpkg.com/require-uncached/-/require-uncached-1.0.3.tgz#4e0d56d6c9662fd31e43011c4b95aa49955421d3" + dependencies: + caller-path "^0.1.0" + resolve-from "^1.0.0" + +resolve-from@^1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/resolve-from/-/resolve-from-1.0.1.tgz#26cbfe935d1aeeeabb29bc3fe5aeb01e93d44226" + +resolve@^1.1.6: + version "1.4.0" + resolved "https://registry.yarnpkg.com/resolve/-/resolve-1.4.0.tgz#a75be01c53da25d934a98ebd0e4c4a7312f92a86" + dependencies: + path-parse "^1.0.5" + +restore-cursor@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/restore-cursor/-/restore-cursor-2.0.0.tgz#9f7ee287f82fd326d4fd162923d62129eee0dfaf" + dependencies: + onetime "^2.0.0" + signal-exit "^3.0.2" + +rimraf@2, rimraf@^2.2.8, rimraf@^2.5.1, rimraf@^2.5.4, rimraf@^2.6.1: + version "2.6.1" + resolved "https://registry.yarnpkg.com/rimraf/-/rimraf-2.6.1.tgz#c2338ec643df7a1b7fe5c54fa86f57428a55f33d" + dependencies: + glob "^7.0.5" + +run-async@^2.2.0: + version "2.3.0" + resolved "https://registry.yarnpkg.com/run-async/-/run-async-2.3.0.tgz#0371ab4ae0bdd720d4166d7dfda64ff7a445a6c0" + dependencies: + is-promise "^2.1.0" + +rx-lite-aggregates@^4.0.8: + version "4.0.8" + resolved "https://registry.yarnpkg.com/rx-lite-aggregates/-/rx-lite-aggregates-4.0.8.tgz#753b87a89a11c95467c4ac1626c4efc4e05c67be" + dependencies: + rx-lite "*" + +rx-lite@*, rx-lite@^4.0.8: + version "4.0.8" + resolved "https://registry.yarnpkg.com/rx-lite/-/rx-lite-4.0.8.tgz#0b1e11af8bc44836f04a6407e92da42467b79444" + +safe-buffer@^5.0.1, safe-buffer@~5.1.0, safe-buffer@~5.1.1: + version "5.1.1" + resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.1.1.tgz#893312af69b2123def71f57889001671eeb2c853" + +semver-regex@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/semver-regex/-/semver-regex-1.0.0.tgz#92a4969065f9c70c694753d55248fc68f8f652c9" + +semver-truncate@^1.0.0: + version "1.1.2" + resolved "https://registry.yarnpkg.com/semver-truncate/-/semver-truncate-1.1.2.tgz#57f41de69707a62709a7e0104ba2117109ea47e8" + dependencies: + semver "^5.3.0" + +"semver@2 || 3 || 4 || 5", semver@^5.3.0: + version "5.4.1" + resolved "https://registry.yarnpkg.com/semver/-/semver-5.4.1.tgz#e059c09d8571f0540823733433505d3a2f00b18e" + +semver@^4.0.3: + version "4.3.6" + resolved "https://registry.yarnpkg.com/semver/-/semver-4.3.6.tgz#300bc6e0e86374f7ba61068b5b1ecd57fc6532da" + +set-blocking@~2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/set-blocking/-/set-blocking-2.0.0.tgz#045f9782d011ae9a6803ddd382b24392b3d890f7" + +set-immediate-shim@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/set-immediate-shim/-/set-immediate-shim-1.0.1.tgz#4b2b1b27eb808a9f8dcc481a58e5e56f599f3f61" + +shebang-command@^1.2.0: + version "1.2.0" + resolved "https://registry.yarnpkg.com/shebang-command/-/shebang-command-1.2.0.tgz#44aac65b695b03398968c39f363fee5deafdf1ea" + dependencies: + shebang-regex "^1.0.0" + +shebang-regex@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/shebang-regex/-/shebang-regex-1.0.0.tgz#da42f49740c0b42db2ca9728571cb190c98efea3" + +signal-exit@^3.0.0, signal-exit@^3.0.2: + version "3.0.2" + resolved "https://registry.yarnpkg.com/signal-exit/-/signal-exit-3.0.2.tgz#b5fdc08f1287ea1178628e415e25132b73646c6d" + +slash@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/slash/-/slash-1.0.0.tgz#c41f2f6c39fc16d1cd17ad4b5d896114ae470d55" + +slice-ansi@0.0.4: + version "0.0.4" + resolved "https://registry.yarnpkg.com/slice-ansi/-/slice-ansi-0.0.4.tgz#edbf8903f66f7ce2f8eafd6ceed65e264c831b35" + +sntp@1.x.x: + version "1.0.9" + resolved "https://registry.yarnpkg.com/sntp/-/sntp-1.0.9.tgz#6541184cc90aeea6c6e7b35e2659082443c66198" + dependencies: + hoek "2.x.x" + +source-map-support@^0.4.15, source-map-support@^0.4.2: + version "0.4.16" + resolved "https://registry.yarnpkg.com/source-map-support/-/source-map-support-0.4.16.tgz#16fecf98212467d017d586a2af68d628b9421cd8" + dependencies: + source-map "^0.5.6" + +source-map@^0.5.0, source-map@^0.5.6, source-map@~0.5.0: + version "0.5.7" + resolved "https://registry.yarnpkg.com/source-map/-/source-map-0.5.7.tgz#8a039d2d1021d22d1ea14c80d8ea468ba2ef3fcc" + +spdx-correct@~1.0.0: + version "1.0.2" + resolved "https://registry.yarnpkg.com/spdx-correct/-/spdx-correct-1.0.2.tgz#4b3073d933ff51f3912f03ac5519498a4150db40" + dependencies: + spdx-license-ids "^1.0.2" + +spdx-expression-parse@~1.0.0: + version "1.0.4" + resolved "https://registry.yarnpkg.com/spdx-expression-parse/-/spdx-expression-parse-1.0.4.tgz#9bdf2f20e1f40ed447fbe273266191fced51626c" + +spdx-license-ids@^1.0.2: + version "1.2.2" + resolved "https://registry.yarnpkg.com/spdx-license-ids/-/spdx-license-ids-1.2.2.tgz#c9df7a3424594ade6bd11900d596696dc06bac57" + +sprintf-js@~1.0.2: + version "1.0.3" + resolved "https://registry.yarnpkg.com/sprintf-js/-/sprintf-js-1.0.3.tgz#04e6926f662895354f3dd015203633b857297e2c" + +sshpk@^1.7.0: + version "1.13.1" + resolved "https://registry.yarnpkg.com/sshpk/-/sshpk-1.13.1.tgz#512df6da6287144316dc4c18fe1cf1d940739be3" + dependencies: + asn1 "~0.2.3" + assert-plus "^1.0.0" + dashdash "^1.12.0" + getpass "^0.1.1" + optionalDependencies: + bcrypt-pbkdf "^1.0.0" + ecc-jsbn "~0.1.1" + jsbn "~0.1.0" + tweetnacl "~0.14.0" + +string-width@^1.0.1, string-width@^1.0.2: + version "1.0.2" + resolved "https://registry.yarnpkg.com/string-width/-/string-width-1.0.2.tgz#118bdf5b8cdc51a2a7e70d211e07e2b0b9b107d3" + dependencies: + code-point-at "^1.0.0" + is-fullwidth-code-point "^1.0.0" + strip-ansi "^3.0.0" + +string-width@^2.0.0, string-width@^2.1.0: + version "2.1.1" + resolved "https://registry.yarnpkg.com/string-width/-/string-width-2.1.1.tgz#ab93f27a8dc13d28cac815c462143a6d9012ae9e" + dependencies: + is-fullwidth-code-point "^2.0.0" + strip-ansi "^4.0.0" + +string_decoder@~1.0.3: + version "1.0.3" + resolved "https://registry.yarnpkg.com/string_decoder/-/string_decoder-1.0.3.tgz#0fc67d7c141825de94282dd536bec6b9bce860ab" + dependencies: + safe-buffer "~5.1.0" + +stringstream@~0.0.4: + version "0.0.5" + resolved "https://registry.yarnpkg.com/stringstream/-/stringstream-0.0.5.tgz#4e484cd4de5a0bbbee18e46307710a8a81621878" + +strip-ansi@^3.0.0, strip-ansi@^3.0.1: + version "3.0.1" + resolved "https://registry.yarnpkg.com/strip-ansi/-/strip-ansi-3.0.1.tgz#6a385fb8853d952d5ff05d0e8aaf94278dc63dcf" + dependencies: + ansi-regex "^2.0.0" + +strip-ansi@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/strip-ansi/-/strip-ansi-4.0.0.tgz#a8479022eb1ac368a871389b635262c505ee368f" + dependencies: + ansi-regex "^3.0.0" + +strip-bom@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/strip-bom/-/strip-bom-2.0.0.tgz#6219a85616520491f35788bdbf1447a99c7e6b0e" + dependencies: + is-utf8 "^0.2.0" + +strip-indent@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/strip-indent/-/strip-indent-1.0.1.tgz#0c7962a6adefa7bbd4ac366460a638552ae1a0a2" + dependencies: + get-stdin "^4.0.1" + +strip-json-comments@~2.0.1: + version "2.0.1" + resolved "https://registry.yarnpkg.com/strip-json-comments/-/strip-json-comments-2.0.1.tgz#3c531942e908c2697c0ec344858c286c7ca0a60a" + +supports-color@3.1.2: + version "3.1.2" + resolved "https://registry.yarnpkg.com/supports-color/-/supports-color-3.1.2.tgz#72a262894d9d408b956ca05ff37b2ed8a6e2a2d5" + dependencies: + has-flag "^1.0.0" + +supports-color@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/supports-color/-/supports-color-2.0.0.tgz#535d045ce6b6363fa40117084629995e9df324c7" + +supports-color@^4.0.0: + version "4.2.1" + resolved "https://registry.yarnpkg.com/supports-color/-/supports-color-4.2.1.tgz#65a4bb2631e90e02420dba5554c375a4754bb836" + dependencies: + has-flag "^2.0.0" + +table@^4.0.1: + version "4.0.1" + resolved "https://registry.yarnpkg.com/table/-/table-4.0.1.tgz#a8116c133fac2c61f4a420ab6cdf5c4d61f0e435" + dependencies: + ajv "^4.7.0" + ajv-keywords "^1.0.0" + chalk "^1.1.1" + lodash "^4.0.0" + slice-ansi "0.0.4" + string-width "^2.0.0" + +tar-pack@^3.4.0: + version "3.4.0" + resolved "https://registry.yarnpkg.com/tar-pack/-/tar-pack-3.4.0.tgz#23be2d7f671a8339376cbdb0b8fe3fdebf317984" + dependencies: + debug "^2.2.0" + fstream "^1.0.10" + fstream-ignore "^1.0.5" + once "^1.3.3" + readable-stream "^2.1.4" + rimraf "^2.5.1" + tar "^2.2.1" + uid-number "^0.0.6" + +tar@^2.2.1: + version "2.2.1" + resolved "https://registry.yarnpkg.com/tar/-/tar-2.2.1.tgz#8e4d2a256c0e2185c6b18ad694aec968b83cb1d1" + dependencies: + block-stream "*" + fstream "^1.0.2" + inherits "2" + +text-table@~0.2.0: + version "0.2.0" + resolved "https://registry.yarnpkg.com/text-table/-/text-table-0.2.0.tgz#7f5ee823ae805207c00af2df4a84ec3fcfa570b4" + +through@^2.3.6: + version "2.3.8" + resolved "https://registry.yarnpkg.com/through/-/through-2.3.8.tgz#0dd4c9ffaabc357960b1b724115d7e0e86a2e1f5" + +tmp@^0.0.31: + version "0.0.31" + resolved "https://registry.yarnpkg.com/tmp/-/tmp-0.0.31.tgz#8f38ab9438e17315e5dbd8b3657e8bfb277ae4a7" + dependencies: + os-tmpdir "~1.0.1" + +to-fast-properties@^1.0.3: + version "1.0.3" + resolved "https://registry.yarnpkg.com/to-fast-properties/-/to-fast-properties-1.0.3.tgz#b83571fa4d8c25b82e231b06e3a3055de4ca1a47" + +tough-cookie@~2.3.0: + version "2.3.2" + resolved "https://registry.yarnpkg.com/tough-cookie/-/tough-cookie-2.3.2.tgz#f081f76e4c85720e6c37a5faced737150d84072a" + dependencies: + punycode "^1.4.1" + +trim-newlines@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/trim-newlines/-/trim-newlines-1.0.0.tgz#5887966bb582a4503a41eb524f7d35011815a613" + +trim-right@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/trim-right/-/trim-right-1.0.1.tgz#cb2e1203067e0c8de1f614094b9fe45704ea6003" + +tryit@^1.0.1: + version "1.0.3" + resolved "https://registry.yarnpkg.com/tryit/-/tryit-1.0.3.tgz#393be730a9446fd1ead6da59a014308f36c289cb" + +tunnel-agent@^0.6.0: + version "0.6.0" + resolved "https://registry.yarnpkg.com/tunnel-agent/-/tunnel-agent-0.6.0.tgz#27a5dea06b36b04a0a9966774b290868f0fc40fd" + dependencies: + safe-buffer "^5.0.1" + +tweetnacl@^0.14.3, tweetnacl@~0.14.0: + version "0.14.5" + resolved "https://registry.yarnpkg.com/tweetnacl/-/tweetnacl-0.14.5.tgz#5ae68177f192d4456269d108afa93ff8743f4f64" + +type-check@~0.3.2: + version "0.3.2" + resolved "https://registry.yarnpkg.com/type-check/-/type-check-0.3.2.tgz#5884cab512cf1d355e3fb784f30804b2b520db72" + dependencies: + prelude-ls "~1.1.2" + +type-detect@0.1.1: + version "0.1.1" + resolved "https://registry.yarnpkg.com/type-detect/-/type-detect-0.1.1.tgz#0ba5ec2a885640e470ea4e8505971900dac58822" + +type-detect@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/type-detect/-/type-detect-1.0.0.tgz#762217cc06db258ec48908a1298e8b95121e8ea2" + +typedarray@^0.0.6: + version "0.0.6" + resolved "https://registry.yarnpkg.com/typedarray/-/typedarray-0.0.6.tgz#867ac74e3864187b1d3d47d996a78ec5c8830777" + +uid-number@^0.0.6: + version "0.0.6" + resolved "https://registry.yarnpkg.com/uid-number/-/uid-number-0.0.6.tgz#0ea10e8035e8eb5b8e4449f06da1c730663baa81" + +user-home@^1.1.1: + version "1.1.1" + resolved "https://registry.yarnpkg.com/user-home/-/user-home-1.1.1.tgz#2b5be23a32b63a7c9deb8d0f28d485724a3df190" + +util-deprecate@~1.0.1: + version "1.0.2" + resolved "https://registry.yarnpkg.com/util-deprecate/-/util-deprecate-1.0.2.tgz#450d4dc9fa70de732762fbd2d4a28981419a0ccf" + +uuid@^3.0.0: + version "3.1.0" + resolved "https://registry.yarnpkg.com/uuid/-/uuid-3.1.0.tgz#3dd3d3e790abc24d7b0d3a034ffababe28ebbc04" + +v8flags@^2.0.10: + version "2.1.1" + resolved "https://registry.yarnpkg.com/v8flags/-/v8flags-2.1.1.tgz#aab1a1fa30d45f88dd321148875ac02c0b55e5b4" + dependencies: + user-home "^1.1.1" + +validate-npm-package-license@^3.0.1: + version "3.0.1" + resolved "https://registry.yarnpkg.com/validate-npm-package-license/-/validate-npm-package-license-3.0.1.tgz#2804babe712ad3379459acfbe24746ab2c303fbc" + dependencies: + spdx-correct "~1.0.0" + spdx-expression-parse "~1.0.0" + +verror@1.10.0: + version "1.10.0" + resolved "https://registry.yarnpkg.com/verror/-/verror-1.10.0.tgz#3a105ca17053af55d6e270c1f8288682e18da400" + dependencies: + assert-plus "^1.0.0" + core-util-is "1.0.2" + extsprintf "^1.2.0" + +which@^1.2.9: + version "1.3.0" + resolved "https://registry.yarnpkg.com/which/-/which-1.3.0.tgz#ff04bdfc010ee547d780bec38e1ac1c2777d253a" + dependencies: + isexe "^2.0.0" + +wide-align@^1.1.0: + version "1.1.2" + resolved "https://registry.yarnpkg.com/wide-align/-/wide-align-1.1.2.tgz#571e0f1b0604636ebc0dfc21b0339bbe31341710" + dependencies: + string-width "^1.0.2" + +wordwrap@~1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/wordwrap/-/wordwrap-1.0.0.tgz#27584810891456a4171c8d0226441ade90cbcaeb" + +wrappy@1: + version "1.0.2" + resolved "https://registry.yarnpkg.com/wrappy/-/wrappy-1.0.2.tgz#b5243d8f3ec1aa35f1364605bc0d1036e30ab69f" + +write@^0.2.1: + version "0.2.1" + resolved "https://registry.yarnpkg.com/write/-/write-0.2.1.tgz#5fc03828e264cea3fe91455476f7a3c566cb0757" + dependencies: + mkdirp "^0.5.1" + +yallist@^2.1.2: + version "2.1.2" + resolved "https://registry.yarnpkg.com/yallist/-/yallist-2.1.2.tgz#1c11f9218f076089a47dd512f93c6699a6a81d52" From 5ab4acd715114d479562746b81af6f72a7339d07 Mon Sep 17 00:00:00 2001 From: tobkle Date: Fri, 25 Aug 2017 19:55:38 +0200 Subject: [PATCH 60/69] indexOf instead of includes polyfill problem --- generate/authorize.js | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/generate/authorize.js b/generate/authorize.js index c27bb37..4ebdb07 100644 --- a/generate/authorize.js +++ b/generate/authorize.js @@ -127,7 +127,8 @@ function getRoles ( authorize, inputSchema ) { // check, if there is already another userRole field if (roleFieldNamesFound.length > 0 && role.roleFieldName !== '' && - !roleFieldNamesFound.includes(role.roleFieldName)) { + !roleFieldNamesFound.indexOf(role.roleFieldName) >= 0 ) { + //!roleFieldNamesFound.includes(role.roleFieldName)) { // We allow only one field which keeps all userRoles throw new Error(`Please adjust type definition, that there is only ONE field, @@ -217,7 +218,8 @@ function getAllRoles ( allRolesArguments = [], inputSchema ) { if (mode.kind && mode.kind === STRING_VALUE && mode.value && - MODES.includes(mode.value) ){ + MODES.indexOf(mode.value) >= 0){ + //MODES.includes(mode.value) ){ // it is a valid authorization mode: // e.g. { @@ -246,7 +248,8 @@ function getAllRoles ( allRolesArguments = [], inputSchema ) { } else if (roleArgument.name.value.kind && roleArgument.name.value.kind === STRING_VALUE && roleArgument.name.value && - MODES.includes(roleArgument.name.value) ) { + MODES.indexOf(roleArgument.name.value) >= 0 ) { + //MODES.includes(roleArgument.name.value) ) { // 'create' = 'admin' // special case 'read' means both, 'readOne' and 'readMany' From 21d10b11a492a5bc430cc43341ef927417c66aaf Mon Sep 17 00:00:00 2001 From: tobkle Date: Fri, 25 Aug 2017 20:08:30 +0200 Subject: [PATCH 61/69] README.md file had changed --- skel/README.md | 19 +++---------------- skel/package.json | 2 +- test/output-app-generation-test.sh | 2 +- 3 files changed, 5 insertions(+), 18 deletions(-) diff --git a/skel/README.md b/skel/README.md index 36e0e12..fad4cb5 100644 --- a/skel/README.md +++ b/skel/README.md @@ -183,8 +183,8 @@ type Tweet ) { - author: User! @unmodifiable @belongsTo @authRole("author") - coauthors: [User] @belongsTo @authRole("coauthors") + author: User! @unmodifiable @belongsTo @authRole(for: ["author"]) + coauthors: [User] @belongsTo @authRole(for: ["coauthors"]) body: String! likers: [User!] @hasAndBelongsToMany(as: "liked") @@ -211,7 +211,7 @@ type User ) { - role: String @authRole("admin") + role: String @authRole(for: ["admin"]) username: String! bio: String @@ -233,19 +233,6 @@ This has the following meaning: * document-role: "this", is created (document roles have own fields in the document, but this is a special case for the field _id, which is not shown in the input type, but will be generated in the later schema file.) Only the user id of "this" meaning _id is allowed to readOne, update, delete its single User document. -** Caution ** -A default security rule is applied to the User's role field: Not every user should be allowed, to upgrade himself to a super user. So we added an additional opinionated security rule: The first userRole in the User's @authorize directive, is assumed to be the most important userRole with highest authorizations. So as a suggestion, it protects the User authRole field. Only the first mentioned userRole is allowed, to create and to update this authRole field. (Have a look in the generated model/User.js in the create/update mutation. There you will see a protectField function, which receives two arguments: The first mentioned userRole, and the authRole field. Feel free to adjust the generated userRoles in the code to your specific needs. This is only a suggestion.) - -** Caution ** -To keep authorization easy, there is only one authRole field allowed, to store all the different userRoles in the User type. But you are free to add as many userRoles you require to this authRole field: - -Example: -```javascript -role: String @authRole(for: ["super-admin", "admin"]) -``` - -You are free to add as many docRoles and docRoles authRole directives as you require. - Use create-graphql-server command to generate the according schema, resolver, model files with the create-graphql-server command line interface. After its generation, you will find the generated files in the sub folders: schema, resolvers, model. The generated model files will use the following functions to implement the authorization logic. ### model.js diff --git a/skel/package.json b/skel/package.json index b90f28d..70df03a 100644 --- a/skel/package.json +++ b/skel/package.json @@ -36,7 +36,7 @@ "bcrypt": "^1.0.2", "body-parser": "1.15.2", "cors": "^2.8.1", - "create-graphql-server-authorization": "^0.0.27", + "create-graphql-server-authorization": "^0.0.28", "dataloader": "^1.2.0", "denodeify": "^1.2.1", "dotenv": "2.0.0", diff --git a/test/output-app-generation-test.sh b/test/output-app-generation-test.sh index a1c03e4..80fe842 100755 --- a/test/output-app-generation-test.sh +++ b/test/output-app-generation-test.sh @@ -26,7 +26,7 @@ cd output-app $CGS add-type "$INPUT_DIR/Tweet.graphql" $CGS add-type "$INPUT_DIR/User.graphql" -diff -rb . "$EXPECTED_OUTPUT_DIR" -x "db" -x "node_modules" -x "nohup.out" -x ".create-graphql-server.checksums" +diff -rb . "$EXPECTED_OUTPUT_DIR" -x "db" -x "node_modules" -x "nohup.out" -x ".create-graphql-server.checksums" -x "yarn.lock" set +e trap - EXIT From bf3dcae7a7638af98c9e702f1e09af0454ce4b7b Mon Sep 17 00:00:00 2001 From: tobkle Date: Fri, 25 Aug 2017 21:00:46 +0200 Subject: [PATCH 62/69] without .DS_STORE --- test/output-app-generation-test.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/output-app-generation-test.sh b/test/output-app-generation-test.sh index 80fe842..ca9d7d8 100755 --- a/test/output-app-generation-test.sh +++ b/test/output-app-generation-test.sh @@ -26,7 +26,7 @@ cd output-app $CGS add-type "$INPUT_DIR/Tweet.graphql" $CGS add-type "$INPUT_DIR/User.graphql" -diff -rb . "$EXPECTED_OUTPUT_DIR" -x "db" -x "node_modules" -x "nohup.out" -x ".create-graphql-server.checksums" -x "yarn.lock" +diff -rb . "$EXPECTED_OUTPUT_DIR" -x "db" -x "node_modules" -x "nohup.out" -x ".create-graphql-server.checksums" -x "yarn.lock" -x "log" -x ".DS_Store" set +e trap - EXIT From 072171be8fe3bd6888c9bef0ef1d081b5e7b7735 Mon Sep 17 00:00:00 2001 From: tobkle Date: Sat, 26 Aug 2017 19:35:30 +0200 Subject: [PATCH 63/69] moved authorize.js to npm module --- .gitignore | 1 + generate/authorize.js | 837 ---- generate/model/index.js | 2 +- generate/resolvers/index.js | 1 - generate/schema/index.js | 2 +- package.json | 1 + skel/package.json | 2 +- test/output-app/log/all-logs-readable.log | 4460 +++++++++++++++++++++ test/output-app/package.json | 2 +- test/output-app/yarn.lock | 6 +- test/test-add-update-remove.sh | 6 +- yarn.lock | 107 +- 12 files changed, 4575 insertions(+), 852 deletions(-) delete mode 100644 generate/authorize.js diff --git a/.gitignore b/.gitignore index 77b3da4..311b9a6 100644 --- a/.gitignore +++ b/.gitignore @@ -8,4 +8,5 @@ db dist log/all-logs-readable.log yarn-error.log +bin/test-model-generator.js diff --git a/generate/authorize.js b/generate/authorize.js deleted file mode 100644 index 4ebdb07..0000000 --- a/generate/authorize.js +++ /dev/null @@ -1,837 +0,0 @@ -/* - * Authorization Code Generator functions - * - * @module create-graphql-server-authorization - * @export function generateAuthCode(typeName, inputSchema) - * - */ - -// name of the @authorize directive, which triggers authorization logic - const AUTHORIZE_DIRECTIVE = 'authorize'; - -// constants to read GraphQL Abstract Syntax Tree (AST) - const OBJECT_TYPE_DEFINITION = 'ObjectTypeDefinition'; - const FIELD_DEFINITION = 'FieldDefinition'; - const NON_NULL_TYPE = 'NonNullType'; - const STRING_VALUE = 'StringValue'; - const LIST_TYPE = 'ListType'; - const LIST_VALUE = 'ListValue'; - const DIRECTIVE = 'Directive'; - const ARGUMENT = 'Argument'; - const NAME = 'Name'; - -// valid authorization mode values: - const CREATE = 'create'; - const READ = 'read'; // which means both: 'readOne' and 'readMany' - const READ_ONE = 'readOne'; - const READ_MANY = 'readMany'; - const UPDATE = 'update'; - const DELETE = 'delete'; - -// for the role definitions - const USER_ROLE = 'userRole'; - const DOC_ROLE = 'docRole'; - const AUTH_ROLE = 'authRole'; - const FOR = 'for'; - const THIS = 'this'; - const WORLD = 'world'; - const NAMED_TYPE = 'NamedType'; - const STRING = 'String'; - const LIST_OF_STRINGS = '[String]'; - const USER = 'User'; - const LIST_OF_USERS = '[User]'; - const ID_FIELD = '_id'; - const ID_SINGULAR = 'Id'; - const ID_PLURAL = 'Ids'; - -// valid authorization modes -const MODES = [ CREATE, READ, READ_ONE, READ_MANY, UPDATE, DELETE ]; - -// template for default allRoles, to prepare one role -const CODE_MODES = [ CREATE, READ_ONE, READ_MANY, UPDATE, DELETE ]; - -/* - * generate authorization code - * @param {string} typeName - * @param {object} inputSchema - * @return {object} generatedCode - */ -export function generateAuthorizationCode ( typeName = '', inputSchema = {} ){ - const authorize = isAuthorizeDirectiveDefined ( inputSchema ); - const { userRoles, docRoles, roleFieldName } = getRoles ( authorize, inputSchema ); - return { - generateAuthCodeModeReadOne: generateAuthCodeModeReadOne( authorize, typeName, userRoles.readOne, docRoles.readOne ), - generateAuthCodeModeReadMany: generateAuthCodeModeReadMany( authorize, typeName, userRoles.readMany, docRoles.readMany ), - generateAuthCodeModeCreate: generateAuthCodeModeCreate( authorize, typeName, userRoles.create, docRoles.create, roleFieldName ), - generateAuthCodeModeUpdate: generateAuthCodeModeUpdate( authorize, typeName, userRoles.update, docRoles.update, roleFieldName ), - generateAuthCodeModeDelete: generateAuthCodeModeDelete( authorize, typeName, userRoles.delete, docRoles.delete ), - generateCreatedBy: generateCreatedBy( authorize, typeName ), - generateUpdatedBy: generateUpdatedBy( authorize, typeName ), - generateAuthRoleDefinition: generateAuthRoleDefinition( authorize, typeName ), - generateAuthRoleMethod: generateAuthRoleMethod( authorize, typeName, roleFieldName ), - } -} - -/* - * check, if there is a @authorize directive in the header - * of the type's inputSchema - * if there is an @authorize directive => true - * if thers is no @authorize directive => false - * @param {object} inputSchema - * @return {boolean} authorized - */ -export function isAuthorizeDirectiveDefined ( inputSchema ) { - - const authorized = ( - inputSchema.definitions && - inputSchema.definitions[0] && - inputSchema.definitions[0].directives && - inputSchema.definitions[0].directives[0] && - inputSchema.definitions[0].directives[0].name && - inputSchema.definitions[0].directives[0].name.value === AUTHORIZE_DIRECTIVE - || false); - - return authorized; -} - -/* - * get userRoles and docRoles - * @param {boolean} authorize - * @param {object} inputSchema - * @return {object} { - * {object} userRoles, - * {object} docRoles, - * {string} roleFieldName, - * } - */ -function getRoles ( authorize, inputSchema ) { - // create empty userRoles and docRoles objects - // as default values, which are used - // if there is not @authorize directive - const userRoles = {}; - const docRoles = {}; - let roleFieldNamesFound = []; - CODE_MODES.forEach(mode => userRoles[mode] = []); - CODE_MODES.forEach(mode => docRoles[mode] = []); - - // check if there is an @authorize directive - if ( authorize ) { - // then re-determine the userRoles and docRoles - // from the @authorize tag of the type definition - const allRolesArguments = inputSchema.definitions[0].directives[0].arguments || {}; - const allRoles = getAllRoles ( allRolesArguments, inputSchema ); - allRoles.forEach(role => { - switch (role.type) { - - case USER_ROLE: - // check, if there is already another userRole field - if (roleFieldNamesFound.length > 0 && - role.roleFieldName !== '' && - !roleFieldNamesFound.indexOf(role.roleFieldName) >= 0 ) { - //!roleFieldNamesFound.includes(role.roleFieldName)) { - - // We allow only one field which keeps all userRoles - throw new Error(`Please adjust type definition, that there is only ONE field, - which keeps all user roles. You've tried to add a second userRole field: '${role.roleFieldName}', - but there is already another userRole field: '${roleFieldNamesFound[0]}' defined. - Please try instead: '${roleFieldNamesFound[0]}: String @authRole(for: ["otherRole", "${role.roleName}"])'`); - } - if (role.roleFieldName !== '') roleFieldNamesFound.push(role.roleFieldName); - - Object.keys(role.modes).forEach(mode => { - if(role.modes[mode]) userRoles[mode].push(role.roleName); - }); - break; - - case DOC_ROLE: - Object.keys(role.modes).forEach(mode => { - if(role.modes[mode]) docRoles[mode].push(role.roleName); - }); - break; - } - }); - } - - return { - userRoles, - docRoles, - roleFieldName: roleFieldNamesFound.length > 0 ? roleFieldNamesFound[0] : '', - }; - -} - -/* - * get the roles from the @authorize directive - * by reading the input schema's abstract syntax tree - * to get the roles and their authorized modes - * @param {object} allRolesArguments - * @return {array} allRoles - */ -function getAllRoles ( allRolesArguments = [], inputSchema ) { - /* Example: - @authorize( - //role: roleModes: [mode.value] - admin: ["create", "read", "update", "delete"] - this: ["read", "update", "delete"] - ) - */ - let allRoles = []; - - // get all Roles of the type's @authorize directives - // e.g. 'admin', 'this' - allRolesArguments.forEach(roleArgument => { - // new role found - const role = {}; - - // check if it is a valid role - if (roleArgument.kind === ARGUMENT && - roleArgument.name && - roleArgument.name.kind === NAME && - roleArgument.name.value && - roleArgument.name.value !== ''){ - - // define the new role - role.name = roleArgument.name.value; - - // determine, if it is a 'userRole' or 'docRole' - const { roleType, roleName, roleFieldName } = getRoleType(role.name, inputSchema); - role.type = roleType; - role.roleName = roleName; - role.roleFieldName = roleFieldName; - - // create a default object, necessary for missing modes - role.modes = {}; - CODE_MODES.forEach(mode => role.modes[mode] = ''); - - // check, if it is a list of values - if (roleArgument.value.kind && - roleArgument.value.kind === LIST_VALUE && - roleArgument.value.values && - roleArgument.value.values.length > 0){ - - // get all authorized modes of the role - const roleModes = roleArgument.value.values; - roleModes.forEach(mode => { - - // check, if it is a valid authorization mode - // e.g. 'create', 'update', 'delete', etc. - if (mode.kind && - mode.kind === STRING_VALUE && - mode.value && - MODES.indexOf(mode.value) >= 0){ - //MODES.includes(mode.value) ){ - - // it is a valid authorization mode: - // e.g. { - // name: 'admin', - // type: null, // later: => 'userRole' || 'docRole' - // modes: { - // create: 'admin', - // readOne: 'admin', - // readMany: 'admin', - // update: 'admin',, - // delete: 'admin', - // } - // 'create' = 'admin' - // special case 'read' means both, 'readOne' and 'readMany' - - if (mode.value === READ){ - role.modes[READ_ONE] = role.roleName; - role.modes[READ_MANY] = role.roleName; - } else{ - role.modes[mode.value] = role.roleName; - } - } - }); - - // check, if it is a simple string value: - } else if (roleArgument.name.value.kind && - roleArgument.name.value.kind === STRING_VALUE && - roleArgument.name.value && - MODES.indexOf(roleArgument.name.value) >= 0 ) { - //MODES.includes(roleArgument.name.value) ) { - - // 'create' = 'admin' - // special case 'read' means both, 'readOne' and 'readMany' - if (roleArgument.name.value === READ){ - role.modes[READ_ONE] = role.roleName; - role.modes[READ_MANY] = role.roleName; - } else{ - role.modes[roleArgument.name.value] = role.roleName; - } - - } - // add it to the list of roles - allRoles.push(role); - } - }); - - return allRoles; -} - -/* - * decide, if the given role is whether - * a 'userRole' or a 'docRole' - * - * Procedure: - * 1. Determine, if this field is used as a roleField - * 2. Check, if this roleField... - * a) is of type: String or [String] ==> userRole - * b) is of type: User or [User] ==> docRole - * c) roleName = 'this' ==> docRole - * 3. If there is no roleField in this type - * it must be a userRole - * - * For 1. is a roleField: - * read the type's abstract syntax tree - * loop over all provided fields, - * check, if the field has a directive '@authRole' - * and if this authRole is 'for' the provided 'roleName' - * or the roleName is the special case 'this' - * ==> then it is a roleField - * - * For 2. get it's fieldType: - * read the type's abstract syntax tree - * for the roleField and read it's type - * - * a) if it is a String or List of Strings, - * then the roleType = 'userRole' - * - * b) if it is a User or List of Users (userIds), - * then the roleType = 'docType' - * - * c) special case: roleName = 'this' - * (it doesn't look for an authRole for 'this') - * it means the document's id field is used for this - * meaning the role defines the authorizations, - * a User has upon his own User document - * - * For 3. none of the above applies - * so the role must be a userRole - * - * @param {string} roleName - * @return {string} roleType => 'userRole' || 'docRole' || exception - */ -function getRoleType ( name = '', inputSchema = {} ) { - - // all field definitions of the type - const allFields = inputSchema.definitions[0].fields; - let roleType = null; - let roleName = ''; - let roleFieldName = ''; - - // special case 'this' - if (name === THIS) return { - roleType: DOC_ROLE, - roleName: ID_FIELD, - roleFieldName: ID_FIELD, - }; - - // loop over all fields to find authRole directive - allFields.forEach(field => { - if (field.kind && - field.kind === FIELD_DEFINITION && - field.name && - field.name.kind && - field.name.kind === NAME && - field.name.value && - field.directives && - field.directives.length > 0) { - - // 1. check, if it is a roleField - if ( isRoleField ( name, field.directives ) ) { - // 2. get the type of the field - const fieldType = getFieldType ( field ); - // determine the roleType: 'userRole' || 'docRole' - // and the roleName for... - // userRoles: 'admin', 'user',... - // docRoles: 'authorId', 'coAuthorsIds',... - switch (fieldType) { - - case STRING: - // a) userRole - roleType = USER_ROLE; - roleName = name; - roleFieldName = field.name.value; - break; - - case LIST_OF_STRINGS: - // a) userRole - roleType = USER_ROLE; - roleName = name; - roleFieldName = field.name.value; - break; - - case USER: - // b) docRole - roleType = DOC_ROLE; - roleName = `${field.name.value}${ID_SINGULAR}`; - roleFieldName = field.name.value; - break; - - case LIST_OF_USERS: - // b) docRole - roleType = DOC_ROLE; - roleName = `${field.name.value}${ID_PLURAL}`; - roleFieldName = field.name.value; - break; - - } - } - } - }); - - if (roleType) { - // 2. a) userRole or b) docRole applies - return { - roleType, - roleName, - roleFieldName, - } - } else if ( name !== '' ) { - // 3. none of the above applies, so it must be a userRole - return { - roleType: USER_ROLE, - roleName: name, - roleFieldName: '', - } - }; - -} - -/* - * is this field a roleField - * check, if this field has the authRole directive - * @param {string} roleName - * @param {array} fieldDirectives - * @return {boolean} isRoleField - */ -function isRoleField ( roleName, fieldDirectives ){ - let found = false; - - // loop over all field directives for an 'authRole' - fieldDirectives.forEach(fieldDirective => { - if (fieldDirective.kind && - fieldDirective.kind === DIRECTIVE && - fieldDirective.name && - fieldDirective.name.kind === NAME && - fieldDirective.name.value === AUTH_ROLE && - fieldDirective.arguments && - fieldDirective.arguments.length > 0) { - - // loop over all arguments, if it is for our roleName - // e.g. roleName: 'admin' find @authRole(for: ["admin"]) - fieldDirective.arguments.forEach(fieldDirectiveArgument => { - - // check, if there is a 'for' - if (fieldDirectiveArgument.name && - fieldDirectiveArgument.name.kind && - fieldDirectiveArgument.name.kind === NAME && - fieldDirectiveArgument.name.value && - fieldDirectiveArgument.name.value === FOR && - fieldDirectiveArgument.value && - fieldDirectiveArgument.value.kind) { - - // check, if it is a list value: - if (fieldDirectiveArgument.value.kind === LIST_VALUE && - fieldDirectiveArgument.value.values && - fieldDirectiveArgument.value.values.length > 0){ - // loop over all values, if there is one with our roleName - const fieldRoles = fieldDirectiveArgument.value.values; - fieldRoles.forEach(fieldRole => { - //check, if it is our roleName - if (fieldRole.kind && - fieldRole.kind === STRING_VALUE && - fieldRole.value && - fieldRole.value !== '' && - fieldRole.value === roleName) { - // we found it! - found = true; - } - }); - // check, if it is a single value: - } else if (fieldDirectiveArgument.value.kind === STRING_VALUE && - fieldDirectiveArgument.value.value && - fieldDirectiveArgument.value.value !== '' && - fieldDirectiveArgument.value.value === roleName){ - // we found it! - found = true; - } - } - }); - - } - }); - return found; -} - -/* - * get the field's type - * @param {object} field - * @return {type} fieldType - */ -function getFieldType ( field ) { - - // pattern: 'role: String' - if (field.type && - field.type.kind && - field.type.kind === NAMED_TYPE && - field.type.name && - field.type.name.kind && - field.type.name.kind === NAME && - field.type.name.value){ - - if (field.type.name.value === STRING) - return STRING; - - if (field.type.name.value === USER) - return USER; - - } - - // pattern: 'role: String!' - if (field.type && - field.type.kind && - field.type.kind === NON_NULL_TYPE && - field.type.type && - field.type.type.name && - field.type.type.name.kind && - field.type.type.name.kind === NAME && - field.type.type.name.value){ - - if (field.type.type.name.value === STRING) - return STRING; - - if (field.type.type.name.value === USER) - return USER; - - } - - // pattern: 'coauthors: [User]' - if (field.type && - field.type.kind && - field.type.kind === LIST_TYPE && - field.type.type && - field.type.type.name && - field.type.type.name.kind && - field.type.type.name.kind === NAME && - field.type.type.name.value){ - - if (field.type.type.name.value === STRING) - return LIST_OF_STRINGS; - - if (field.type.type.name.value === USER) - return LIST_OF_USERS; - - } - - // pattern: 'coauthors: [User]!' - if (field.type && - field.type.kind && - field.type.kind === NON_NULL_TYPE && - field.type.type && - field.type.type.kind && - field.type.type.kind === LIST_TYPE && - field.type.type.type && - field.type.type.type.kind && - field.type.type.type.kind === NAMED_TYPE && - field.type.type.type.name && - field.type.type.type.name.kind && - field.type.type.type.name.kind === NAME && - field.type.type.type.name.value){ - - if (field.type.type.type.name.value === STRING) - return LIST_OF_STRINGS; - - if (field.type.type.type.name.value === USER) - return LIST_OF_USERS; - - } - - // pattern: 'coauthors: [User!]' - if (field.type && - field.type.kind && - field.type.kind === LIST_TYPE && - field.type.type && - field.type.type.kind && - field.type.type.kind === NON_NULL_TYPE && - field.type.type.type && - field.type.type.type.kind && - field.type.type.type.kind === NAMED_TYPE && - field.type.type.type.name && - field.type.type.type.name.kind && - field.type.type.type.name.kind === NAME && - field.type.type.type.name.value){ - - if (field.type.type.type.name.value === STRING) - return LIST_OF_STRINGS; - - if (field.type.type.type.name.value === USER) - return LIST_OF_USERS; - } - - // pattern: 'coauthors: [User!]!' - if (field.type && - field.type.kind && - field.type.kind === NON_NULL_TYPE && - field.type.type && - field.type.type.kind && - field.type.type.kind === LIST_TYPE && - field.type.type.type && - field.type.type.type.kind && - field.type.type.type.kind === NON_NULL_TYPE && - field.type.type.type.type && - field.type.type.type.type.kind && - field.type.type.type.type.kind === NAMED_TYPE && - field.type.type.type.type.name && - field.type.type.type.type.name.kind && - field.type.type.type.type.name.kind === NAME && - field.type.type.type.type.name.value){ - - if (field.type.type.type.type.name.value === STRING) - return LIST_OF_STRINGS; - - if (field.type.type.type.type.name.value === USER) - return LIST_OF_USERS; - - } - - return null; -} - -/* - * prepare roles for code generator - * convert array to String value - * replace " by ' - * @param {array} role - * @return {string} roleString - */ -function prep ( role ) { - return JSON.stringify(role).replace(/\"/g, "'"); -} - -/* - * generate authorization code for mode readOne - * @param {boolean} authorize - * @param {string} typeName - * @param {string} userRoles - * @param {string} docRoles - * @return {string} generatedCode - */ -function generateAuthCodeModeReadOne ( authorize = false, typeName = '', userRoles = [], docRoles = [] ){ - // default code - let generatedCode = `const { me } = context; - that.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids))`; - - // with @authorize directive - if (authorize){ - - if (typeName === 'user') { - // User has to come from current class context - generatedCode = `const { me } = context; - const authQuery = queryForRoles(me, ${prep(userRoles)}, ${prep(docRoles)}, { User }, authlog('${typeName} findOneById', 'readOne', me)); - that.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery));`; - } else { - // User has to come from this.context.User - generatedCode = `const { me, User } = context; - const authQuery = queryForRoles(me, ${prep(userRoles)}, ${prep(docRoles)}, { User }, authlog('${typeName} findOneById', 'readOne', me)); - that.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery));`; - } - - } - - return generatedCode; -} - -/* - * generate authorization code for mode readMany - * @param {boolean} authorize - * @param {string} typeName - * @param {string} userRoles - * @param {string} docRoles - * @return {string} generatedCode - */ -function generateAuthCodeModeReadMany ( authorize = false, typeName = '', userRoles = [], docRoles = [] ){ - // default code - let generatedCode = `const finalQuery = {...baseQuery, createdAt: { $gt: lastCreatedAt } };`; - - // with @authorize directive - if (authorize){ - generatedCode = `const authQuery = queryForRoles(me, ${prep(userRoles)}, ${prep(docRoles)}, { User: this.context.User }, authlog(resolver, 'readMany', me)); - const finalQuery = {...baseQuery, ...authQuery, createdAt: { $gt: lastCreatedAt } };`; - } - - return generatedCode; -} - -/* - * generate authorization code for mode create - * @param {boolean} authorize - * @param {string} typeName - * @param {string} userRoles - * @param {string} docRoles - * @return {string} generatedCode - */ -function generateAuthCodeModeCreate ( authorize = false, typeName = '', userRoles = [], docRoles = [], roleFieldName = null ){ - // default code - let generatedCode = ``; - - // with @authorize directive - if (authorize){ - - if (typeName === 'user') { - // protectFields only on the user type - // if the fields are filled, than convert them to proper strings, otherwise set them to null - // take the first userRole into the protectFields as a suggestion to the programmer, - // assuming this is the most important role, with higher authorization (see in README.md) - const firstUserRole = userRoles.length > 0 && userRoles[0] ? `'${userRoles[0]}'` : null; - const roleField = roleFieldName ? `'${roleFieldName}'` : null; - generatedCode = `checkAuthDoc(docToInsert, me, ${prep(userRoles)}, ${prep(docRoles)}, { User: this.context.User }, authlog(resolver, 'create', me)); - docToInsert = protectFields(me, [${firstUserRole}], [${roleField}], docToInsert, { User: this.context.User });`; - } else { - // without protectFields - generatedCode = `checkAuthDoc(docToInsert, me, ${prep(userRoles)}, ${prep(docRoles)}, { User: this.context.User }, authlog(resolver, 'create', me));`; - } - - } - - return generatedCode; -} - -/* - * generate authorization code for mode update - * @param {boolean} authorize - * @param {string} typeName - * @param {string} userRoles - * @param {string} docRoles - * @return {string} generatedCode - */ -function generateAuthCodeModeUpdate ( authorize = false, typeName = '', userRoles = [], docRoles = [], roleFieldName = null ){ - // default code - let generatedCode = `const finalQuery = {...baseQuery};`; - - // with @authorize directive - if (authorize){ - - if (typeName === 'user') { - // protectFields only on the user type - // if the fields are filled, than convert them to proper strings, otherwise set them to null - // take the first userRole into the protectFields as a suggestion to the programmer, - // assuming this is the most important role, with higher authorization (see in README.md) - const firstUserRole = userRoles.length > 0 && userRoles[0] ? `'${userRoles[0]}'` : null; - const roleField = roleFieldName ? `'${roleFieldName}'` : null; - generatedCode = `const authQuery = queryForRoles(me, ${prep(userRoles)}, ${prep(docRoles)}, { User: this.context.User }, authlog(resolver, 'update', me)); - const finalQuery = {...baseQuery, ...authQuery}; - docToUpdate.$set = protectFields(me, [${firstUserRole}], [${roleField}], docToUpdate.$set, { User: this.context.User });`; - } else { - // without protectFields - generatedCode = `const authQuery = queryForRoles(me, ${prep(userRoles)}, ${prep(docRoles)}, { User: this.context.User }, authlog(resolver, 'update', me)); - const finalQuery = {...baseQuery, ...authQuery};`; - } - - } - - return generatedCode; -} - -/* - * generate authorization code for mode delete - * @param {boolean} authorize - * @param {string} typeName - * @param {string} userRoles - * @param {string} docRoles - * @return {string} generatedCode - */ -function generateAuthCodeModeDelete ( authorize = false, typeName = '', userRoles = [], docRoles = [] ){ - // default code - let generatedCode = `const finalQuery = {...baseQuery};`; - - // with @authorize directive - if (authorize){ - generatedCode = `const authQuery = queryForRoles(me, ${prep(userRoles)}, ${prep(docRoles)}, { User: this.context.User }, authlog(resolver, 'delete', me)); - const finalQuery = {...baseQuery, ...authQuery};`; - } - - return generatedCode; -} - -/* - * generate createdBy method - * @param {boolean} authorize - * @param {string} typeName - * @return {string} generatedCode - */ -function generateCreatedBy ( authorize = false, typeName = '' ){ - // default code - let generatedCode = ``; - - // with @authorize directive: means there must be a User type - if (authorize){ - generatedCode = `createdBy(${typeName}, me, resolver) { - return this.context.User.findOneById(${typeName}.createdById, me, resolver); - }`; - } - - return generatedCode; -} - -/* - * generate updatedBy method - * @param {boolean} authorize - * @param {string} typeName - * @return {string} generatedCode - */ -function generateUpdatedBy ( authorize = false, typeName = '' ){ - // default code - let generatedCode = ``; - - // with @authorize directive: means there must be a User type - if (authorize){ - generatedCode = `updatedBy(${typeName}, me, resolver) { - return this.context.User.findOneById(${typeName}.updatedById, me, resolver); - }`; - } - - return generatedCode; -} - -/* - * generate updatedBy method - * @param {boolean} authorize - * @param {string} typeName - * @return {string} generatedCode - */ -function generateAuthRoleDefinition ( authorize, typeName ){ - // default code - let generatedCode = ``; - - // with @authorize directive: means there must be a User type - if (authorize && typeName === 'user'){ - generatedCode = ` - this.authRole = User.authRole;`; - } - - return generatedCode; -} - -/* - * generate authRole() method - * @param {boolean} authorize - * @param {string} typeName - * @return {string} generatedCode - */ - function generateAuthRoleMethod ( authorize, typeName, roleFieldName ){ - // default code - let generatedCode = ``; - - // with @authorize directive: means there must be a User type - if (authorize && roleFieldName !== '' && typeName === 'user'){ - generatedCode = ` - static authRole(${typeName}){ - return (${typeName} && ${typeName}.${roleFieldName}) ? ${typeName}.${roleFieldName} : null; - } - `; - } - - return generatedCode; -} diff --git a/generate/model/index.js b/generate/model/index.js index 1015b3e..9fa205c 100644 --- a/generate/model/index.js +++ b/generate/model/index.js @@ -4,7 +4,7 @@ import { print } from 'recast'; import { templateToAst } from '../read'; import { lcFirst } from '../util/capitalization'; import generatePerField from '../util/generatePerField'; -import { generateAuthorizationCode } from '../authorize'; +import { generateAuthorizationCode } from 'create-graphql-server-authorization'; function read(name) { return fs.readFileSync(`${__dirname}/templates/${name}.js.template`, 'utf8'); diff --git a/generate/resolvers/index.js b/generate/resolvers/index.js index c9b870d..b983b3c 100644 --- a/generate/resolvers/index.js +++ b/generate/resolvers/index.js @@ -4,7 +4,6 @@ import { print } from 'recast'; import { templateToAst } from '../read'; import generatePerField from '../util/generatePerField'; import { lcFirst } from '../util/capitalization'; -import { isAuthorizeDirectiveDefined } from '../authorize'; function read(name) { return fs.readFileSync(`${__dirname}/templates/${name}.js.template`, 'utf8'); diff --git a/generate/schema/index.js b/generate/schema/index.js index d232f8f..f1b50ec 100644 --- a/generate/schema/index.js +++ b/generate/schema/index.js @@ -14,7 +14,7 @@ import { SCALAR_TYPE_NAMES, } from '../util/graphql'; -import { isAuthorizeDirectiveDefined } from '../authorize'; +import { isAuthorizeDirectiveDefined } from 'create-graphql-server-authorization'; /* eslint-disable no-param-reassign */ diff --git a/package.json b/package.json index 105db52..9b7afe4 100644 --- a/package.json +++ b/package.json @@ -50,6 +50,7 @@ "babylon": "^6.14.1", "chalk": "^1.1.3", "cpr": "^2.0.0", + "create-graphql-server-authorization": "^0.0.32", "denodeify": "^1.2.1", "escape-string-regexp": "^1.0.5", "global": "^4.3.2", diff --git a/skel/package.json b/skel/package.json index 70df03a..e1b9cb5 100644 --- a/skel/package.json +++ b/skel/package.json @@ -36,7 +36,7 @@ "bcrypt": "^1.0.2", "body-parser": "1.15.2", "cors": "^2.8.1", - "create-graphql-server-authorization": "^0.0.28", + "create-graphql-server-authorization": "^0.0.32", "dataloader": "^1.2.0", "denodeify": "^1.2.1", "dotenv": "2.0.0", diff --git a/test/output-app/log/all-logs-readable.log b/test/output-app/log/all-logs-readable.log index dc0f131..84533d9 100644 --- a/test/output-app/log/all-logs-readable.log +++ b/test/output-app/log/all-logs-readable.log @@ -28020,3 +28020,4463 @@ Query: 2017-08-25 19:41:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. 2017-08-25 19:41:16 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-26 10:51:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 10:51:05 -------------------------------------------------------------------------------- +2017-08-26 10:51:05 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +query IntrospectionQuery { + __schema { + queryType { + name + } + mutationType { + name + } + subscriptionType { + name + } + types { + ...FullType + } + directives { + name + description + locations + args { + ...InputValue + } + } + } +} + +fragment FullType on __Type { + kind + name + description + fields(includeDeprecated: true) { + name + description + args { + ...InputValue + } + type { + ...TypeRef + } + isDeprecated + deprecationReason + } + inputFields { + ...InputValue + } + interfaces { + ...TypeRef + } + enumValues(includeDeprecated: true) { + name + description + isDeprecated + deprecationReason + } + possibleTypes { + ...TypeRef + } +} + +fragment InputValue on __InputValue { + name + description + type { + ...TypeRef + } + defaultValue +} + +fragment TypeRef on __Type { + kind + name + ofType { + kind + name + ofType { + kind + name + ofType { + kind + name + ofType { + kind + name + ofType { + kind + name + ofType { + kind + name + ofType { + kind + name + } + } + } + } + } + } + } +} + +2017-08-26 10:51:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 10:51:05 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-26 10:51:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 10:51:09 -------------------------------------------------------------------------------- +2017-08-26 10:51:09 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +query IntrospectionQuery { + __schema { + queryType { + name + } + mutationType { + name + } + subscriptionType { + name + } + types { + ...FullType + } + directives { + name + description + locations + args { + ...InputValue + } + } + } +} + +fragment FullType on __Type { + kind + name + description + fields(includeDeprecated: true) { + name + description + args { + ...InputValue + } + type { + ...TypeRef + } + isDeprecated + deprecationReason + } + inputFields { + ...InputValue + } + interfaces { + ...TypeRef + } + enumValues(includeDeprecated: true) { + name + description + isDeprecated + deprecationReason + } + possibleTypes { + ...TypeRef + } +} + +fragment InputValue on __InputValue { + name + description + type { + ...TypeRef + } + defaultValue +} + +fragment TypeRef on __Type { + kind + name + ofType { + kind + name + ofType { + kind + name + ofType { + kind + name + ofType { + kind + name + ofType { + kind + name + ofType { + kind + name + ofType { + kind + name + } + } + } + } + } + } + } +} + +2017-08-26 10:51:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 10:51:09 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-26 10:51:12 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 10:51:12 -------------------------------------------------------------------------------- +2017-08-26 10:51:12 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 10:51:12 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-26 10:51:36 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 10:51:36 -------------------------------------------------------------------------------- +2017-08-26 10:51:36 Request: +User: "", role: "", id: "", +Operation: "", variables: "{}", +Query: +{ + tweets { + id + body + } +} + +2017-08-26 10:51:36 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 10:51:36 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-26 10:51:36 Authorize readMany 'tweets' with user '' and role '' is authorized +2017-08-26 10:56:01 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 10:56:01 -------------------------------------------------------------------------------- +2017-08-26 10:56:01 ERROR Authorize readMany 'users' with user '' and role: 'null' is not authorized. +2017-08-26 10:56:01 Request: +User: "", role: "", id: "", +Operation: "", variables: "{}", +Query: +{ + users { + id + } +} + +2017-08-26 10:56:01 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 10:56:01 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-26 10:56:01 ERROR Authorize readMany 'users' with user '' and role: 'null' is not authorized. +2017-08-26 13:56:20 Logger started +2017-08-26 13:59:02 -------------------------------------------------------------------------------- +2017-08-26 13:59:02 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-08-26 13:59:02 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:02 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 -------------------------------------------------------------------------------- +2017-08-26 13:59:26 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 -------------------------------------------------------------------------------- +2017-08-26 13:59:26 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + role + username + } +} + +2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 -------------------------------------------------------------------------------- +2017-08-26 13:59:26 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + role + username + } +} + +2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 -------------------------------------------------------------------------------- +2017-08-26 13:59:26 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca2") { + role + username + } +} + +2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 -------------------------------------------------------------------------------- +2017-08-26 13:59:26 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + id + username + bio + } +} + +2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 -------------------------------------------------------------------------------- +2017-08-26 13:59:26 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users { + username + createdAt + } +} + +2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 -------------------------------------------------------------------------------- +2017-08-26 13:59:26 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(limit: 1) { + username + createdAt + } +} + +2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 -------------------------------------------------------------------------------- +2017-08-26 13:59:26 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993) { + username + createdAt + } +} + +2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 -------------------------------------------------------------------------------- +2017-08-26 13:59:26 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } +} + +2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 -------------------------------------------------------------------------------- +2017-08-26 13:59:26 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers { + username + createdAt + } + } +} + +2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 -------------------------------------------------------------------------------- +2017-08-26 13:59:26 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(limit: 1) { + username + createdAt + } + } +} + +2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 -------------------------------------------------------------------------------- +2017-08-26 13:59:26 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 -------------------------------------------------------------------------------- +2017-08-26 13:59:26 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 -------------------------------------------------------------------------------- +2017-08-26 13:59:26 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following { + username + createdAt + } + } +} + +2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 -------------------------------------------------------------------------------- +2017-08-26 13:59:26 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(limit: 1) { + username + createdAt + } + } +} + +2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 -------------------------------------------------------------------------------- +2017-08-26 13:59:26 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 -------------------------------------------------------------------------------- +2017-08-26 13:59:26 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 -------------------------------------------------------------------------------- +2017-08-26 13:59:26 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets { + id + createdAt + } + } +} + +2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 -------------------------------------------------------------------------------- +2017-08-26 13:59:26 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(limit: 1) { + id + createdAt + } + } +} + +2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 -------------------------------------------------------------------------------- +2017-08-26 13:59:26 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } + } +} + +2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 -------------------------------------------------------------------------------- +2017-08-26 13:59:26 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } + } +} + +2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 -------------------------------------------------------------------------------- +2017-08-26 13:59:26 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked { + id + createdAt + } + } +} + +2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 -------------------------------------------------------------------------------- +2017-08-26 13:59:26 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(limit: 1) { + id + createdAt + } + } +} + +2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 -------------------------------------------------------------------------------- +2017-08-26 13:59:26 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334) { + id + createdAt + } + } +} + +2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 -------------------------------------------------------------------------------- +2017-08-26 13:59:26 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334, limit: 1) { + id + createdAt + } + } +} + +2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 -------------------------------------------------------------------------------- +2017-08-26 13:59:26 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + id + body + } +} + +2017-08-26 13:59:26 -------------------------------------------------------------------------------- +2017-08-26 13:59:26 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + author { + username + } + } +} + +2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 -------------------------------------------------------------------------------- +2017-08-26 13:59:26 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets { + id + createdAt + } +} + +2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 -------------------------------------------------------------------------------- +2017-08-26 13:59:26 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(limit: 1) { + id + createdAt + } +} + +2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 -------------------------------------------------------------------------------- +2017-08-26 13:59:26 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } +} + +2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 -------------------------------------------------------------------------------- +2017-08-26 13:59:26 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } +} + +2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 -------------------------------------------------------------------------------- +2017-08-26 13:59:26 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers { + username + createdAt + } + } +} + +2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 -------------------------------------------------------------------------------- +2017-08-26 13:59:26 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(limit: 1) { + username + createdAt + } + } +} + +2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 -------------------------------------------------------------------------------- +2017-08-26 13:59:26 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993) { + username + createdAt + } + } +} + +2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 -------------------------------------------------------------------------------- +2017-08-26 13:59:26 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } + } +} + +2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 -------------------------------------------------------------------------------- +2017-08-26 13:59:26 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { + id + role + } +} + +2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-26 13:59:26 inserted user 59a1629e423109630b4dfcec. +2017-08-26 13:59:26 -------------------------------------------------------------------------------- +2017-08-26 13:59:26 Request: +User: "tobkle", role: "admin", id: "59a1629e423109630b4dfcec", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized +2017-08-26 13:59:26 inserted user 59a1629e423109630b4dfced. +2017-08-26 13:59:26 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-26 13:59:26 -------------------------------------------------------------------------------- +2017-08-26 13:59:26 Request: +User: "tobkle", role: "admin", id: "59a1629e423109630b4dfcec", +Operation: "", variables: "", +Query: +{ + user(id: "59a1629e423109630b4dfced") { + username + bio + role + } +} + +2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 13:59:26 -------------------------------------------------------------------------------- +2017-08-26 13:59:26 Request: +User: "tobkle", role: "admin", id: "59a1629e423109630b4dfcec", +Operation: "", variables: "", +Query: +{ + user(id: "59a1629e423109630b4dfcec") { + username + role + } +} + +2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 13:59:26 -------------------------------------------------------------------------------- +2017-08-26 13:59:26 Request: +User: "tobkle", role: "admin", id: "59a1629e423109630b4dfcec", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a1629e423109630b4dfced", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-26 13:59:26 updated user 59a1629e423109630b4dfced. +2017-08-26 13:59:26 -------------------------------------------------------------------------------- +2017-08-26 13:59:26 Request: +User: "tobkle", role: "admin", id: "59a1629e423109630b4dfcec", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a1629e423109630b4dfcec", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 13:59:26 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-26 13:59:26 updated user 59a1629e423109630b4dfcec. +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "tobkle", role: "admin", id: "59a1629e423109630b4dfcec", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a1629e423109630b4dfced", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + username + bio + role + } +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 13:59:27 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-26 13:59:27 updated user 59a1629e423109630b4dfced. +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "tobkle", role: "admin", id: "59a1629e423109630b4dfcec", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a1629e423109630b4dfcec", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 13:59:27 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-26 13:59:27 updated user 59a1629e423109630b4dfcec. +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "tobkle", role: "editor", id: "59a1629e423109630b4dfcec", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a1629e423109630b4dfcec", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1629e423109630b4dfcec" + } + ] +} +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-26 13:59:27 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1629e423109630b4dfcec" + } + ] +} +2017-08-26 13:59:27 updated user 59a1629e423109630b4dfcec. +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "zoltan", role: "admin", id: "59a1629e423109630b4dfced", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a1629e423109630b4dfcec", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'zoltan' and role 'admin' is authorized +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'zoltan' and role 'admin' is authorized +2017-08-26 13:59:27 Authorize update 'updateUser' with user 'zoltan' and role 'admin' is authorized +2017-08-26 13:59:27 updated user 59a1629e423109630b4dfcec. +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "tobkle", role: "admin", id: "59a1629e423109630b4dfcec", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59a1629e423109630b4dfced") +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 13:59:27 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-26 13:59:27 removed user 59a1629e423109630b4dfced. +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "tobkle", role: "admin", id: "59a1629e423109630b4dfcec", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59a1629e423109630b4dfcec", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 13:59:27 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-26 13:59:27 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-26 13:59:27 inserted tweet 59a1629f423109630b4dfcee. +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "tobkle", role: "admin", id: "59a1629e423109630b4dfcec", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "tobkle", role: "admin", id: "59a1629e423109630b4dfcec", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a1629f423109630b4dfcee") { + author { + id + } + body + } +} + +2017-08-26 13:59:27 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-26 13:59:27 inserted tweet 59a1629f423109630b4dfcef. +2017-08-26 13:59:27 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "tobkle", role: "admin", id: "59a1629e423109630b4dfcec", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "tobkle", role: "admin", id: "59a1629e423109630b4dfcec", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59a1629f423109630b4dfcee", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 13:59:27 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-26 13:59:27 updated tweet 59a1629f423109630b4dfcee. +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "tobkle", role: "admin", id: "59a1629e423109630b4dfcec", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59a1629f423109630b4dfcef", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 13:59:27 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-26 13:59:27 updated tweet 59a1629f423109630b4dfcef. +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "tobkle", role: "admin", id: "59a1629e423109630b4dfcec", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a1629f423109630b4dfcee") { + body + } +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "tobkle", role: "admin", id: "59a1629e423109630b4dfcec", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59a1629f423109630b4dfcee") +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 13:59:27 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-26 13:59:27 removed tweet 59a1629f423109630b4dfcee. +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "tobkle", role: "admin", id: "59a1629e423109630b4dfcec", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59a1629f423109630b4dfcef") +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 13:59:27 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-26 13:59:27 removed tweet 59a1629f423109630b4dfcef. +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "tobkle", role: "admin", id: "59a1629e423109630b4dfcec", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a1629f423109630b4dfcee") { + body + } +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "tobkle", role: "admin", id: "59a1629e423109630b4dfcec", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59a1629e423109630b4dfcec") +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 13:59:27 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-26 13:59:27 removed user 59a1629e423109630b4dfcec. +2017-08-26 13:59:27 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59a1629e423109630b4dfcec") { + username + bio + role + } +} + +2017-08-26 13:59:27 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-26 13:59:27 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-26 13:59:27 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-08-26 13:59:27 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-26 13:59:27 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-26 13:59:27 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-26 13:59:27 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-26 13:59:27 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. +2017-08-26 13:59:27 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-26 13:59:27 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-26 13:59:27 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. +2017-08-26 13:59:27 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-26 13:59:27 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-26 13:59:27 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-26 13:59:27 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-26 13:59:27 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-26 13:59:27 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-26 13:59:27 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-26 13:59:27 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-26 13:59:27 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-26 13:59:27 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-26 13:59:27 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-26 13:59:27 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-26 13:59:27 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-26 13:59:27 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-26 13:59:27 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-26 13:59:27 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-26 13:59:27 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-26 13:59:27 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-26 13:59:27 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-26 13:59:27 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-26 13:59:27 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-26 13:59:27 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-26 13:59:27 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-26 13:59:27 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { + id + role + } +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:27 inserted user 59a1629f423109630b4dfcf0. +2017-08-26 13:59:27 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:27 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. +2017-08-26 13:59:27 Request: +User: "tobkle", role: "user", id: "59a1629f423109630b4dfcf0", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1629f423109630b4dfcf0" + } + ] +} +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 13:59:27 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "tobkle", role: "user", id: "59a1629f423109630b4dfcf0", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1629f423109630b4dfcf0" + } + ] +} +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "tobkle", role: "user", id: "59a1629f423109630b4dfcf0", +Operation: "", variables: "", +Query: +{ + user(id: "59a1629f423109630b4dfcf0") { + username + } +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1629f423109630b4dfcf0" + } + ] +} +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "tobkle", role: "user", id: "59a1629f423109630b4dfcf0", +Operation: "", variables: "", +Query: +{ + user(id: "59a1629f423109630b4dfcf0") { + username + role + } +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1629f423109630b4dfcf0" + } + ] +} +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "tobkle", role: "user", id: "59a1629f423109630b4dfcf0", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1629f423109630b4dfcf0" + } + ] +} +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 13:59:27 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1629f423109630b4dfcf0" + } + ] +} +2017-08-26 13:59:27 ERROR update user not possible for 583291a1638566b3c5a92ca1. +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "tobkle", role: "user", id: "59a1629f423109630b4dfcf0", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a1629f423109630b4dfcf0", input: {username: "tobkle", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1629f423109630b4dfcf0" + } + ] +} +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 13:59:27 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1629f423109630b4dfcf0" + } + ] +} +2017-08-26 13:59:27 updated user 59a1629f423109630b4dfcf0. +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "tobkle", role: "user", id: "59a1629f423109630b4dfcf0", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a1629f423109630b4dfcf0", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1629f423109630b4dfcf0" + } + ] +} +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 13:59:27 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1629f423109630b4dfcf0" + } + ] +} +2017-08-26 13:59:27 updated user 59a1629f423109630b4dfcf0. +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "tobkle", role: "user", id: "59a1629f423109630b4dfcf0", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1629f423109630b4dfcf0" + } + ] +} +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 13:59:27 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1629f423109630b4dfcf0" + } + ] +} +2017-08-26 13:59:27 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "tobkle", role: "user", id: "59a1629f423109630b4dfcf0", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59a1629f423109630b4dfcf0", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1629f423109630b4dfcf0" + } + ] +} +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 13:59:27 Authorize create 'createTweet' with user 'tobkle' and role: 'user' is authorized by docRole. +2017-08-26 13:59:27 inserted tweet 59a1629f423109630b4dfcf1. +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. +2017-08-26 13:59:27 Request: +User: "tobkle", role: "user", id: "59a1629f423109630b4dfcf0", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1629f423109630b4dfcf0" + } + ] +} +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 13:59:27 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "tobkle", role: "user", id: "59a1629f423109630b4dfcf0", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a1629f423109630b4dfcf1") { + author { + id + } + body + } +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1629f423109630b4dfcf0" + } + ] +} +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "tobkle", role: "user", id: "59a1629f423109630b4dfcf0", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1629f423109630b4dfcf0" + } + ] +} +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "tobkle", role: "user", id: "59a1629f423109630b4dfcf0", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59a1629f423109630b4dfcf1", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1629f423109630b4dfcf0" + } + ] +} +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 13:59:27 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59a1629f423109630b4dfcf0" + }, + { + "coauthorsIds": "59a1629f423109630b4dfcf0" + } + ] +} +2017-08-26 13:59:27 updated tweet 59a1629f423109630b4dfcf1. +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "tobkle", role: "user", id: "59a1629f423109630b4dfcf0", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1629f423109630b4dfcf0" + } + ] +} +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 13:59:27 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59a1629f423109630b4dfcf0" + }, + { + "coauthorsIds": "59a1629f423109630b4dfcf0" + } + ] +} +2017-08-26 13:59:27 ERROR update tweet not possible for 583676d3618530145474e352. +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "tobkle", role: "user", id: "59a1629f423109630b4dfcf0", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a1629f423109630b4dfcf1") { + body + } +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1629f423109630b4dfcf0" + } + ] +} +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "tobkle", role: "user", id: "59a1629f423109630b4dfcf0", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59a1629f423109630b4dfcf1") +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1629f423109630b4dfcf0" + } + ] +} +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 13:59:27 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59a1629f423109630b4dfcf0" + } + ] +} +2017-08-26 13:59:27 removed tweet 59a1629f423109630b4dfcf1. +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "tobkle", role: "user", id: "59a1629f423109630b4dfcf0", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1629f423109630b4dfcf0" + } + ] +} +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 13:59:27 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59a1629f423109630b4dfcf0" + } + ] +} +2017-08-26 13:59:27 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "tobkle", role: "user", id: "59a1629f423109630b4dfcf0", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a1629f423109630b4dfcf1") { + body + } +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1629f423109630b4dfcf0" + } + ] +} +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "tobkle", role: "user", id: "59a1629f423109630b4dfcf0", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59a1629f423109630b4dfcf0") +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1629f423109630b4dfcf0" + } + ] +} +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 13:59:27 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1629f423109630b4dfcf0" + } + ] +} +2017-08-26 13:59:27 removed user 59a1629f423109630b4dfcf0. +2017-08-26 13:59:27 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59a1629f423109630b4dfcf0") { + username + bio + role + } +} + +2017-08-26 13:59:27 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { + id + role + } +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:27 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-26 13:59:27 inserted user 59a1629f423109630b4dfcf2. +2017-08-26 13:59:27 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. +2017-08-26 13:59:27 Request: +User: "tobkle", role: "editor", id: "59a1629f423109630b4dfcf2", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1629f423109630b4dfcf2" + } + ] +} +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-26 13:59:27 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "tobkle", role: "editor", id: "59a1629f423109630b4dfcf2", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1629f423109630b4dfcf2" + } + ] +} +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "tobkle", role: "editor", id: "59a1629f423109630b4dfcf2", +Operation: "", variables: "", +Query: +{ + user(id: "59a1629f423109630b4dfcf2") { + username + role + } +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1629f423109630b4dfcf2" + } + ] +} +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "tobkle", role: "editor", id: "59a1629f423109630b4dfcf2", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1629f423109630b4dfcf2" + } + ] +} +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-26 13:59:27 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1629f423109630b4dfcf2" + } + ] +} +2017-08-26 13:59:27 ERROR update user not possible for 583291a1638566b3c5a92ca1. +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "tobkle", role: "editor", id: "59a1629f423109630b4dfcf2", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a1629f423109630b4dfcf2", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1629f423109630b4dfcf2" + } + ] +} +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-26 13:59:27 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1629f423109630b4dfcf2" + } + ] +} +2017-08-26 13:59:27 updated user 59a1629f423109630b4dfcf2. +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "tmeasday", role: "editor", id: "59a1629f423109630b4dfcf2", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a1629f423109630b4dfcf2", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1629f423109630b4dfcf2" + } + ] +} +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-26 13:59:27 Authorize update 'updateUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1629f423109630b4dfcf2" + } + ] +} +2017-08-26 13:59:27 updated user 59a1629f423109630b4dfcf2. +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "tmeasday", role: "editor", id: "59a1629f423109630b4dfcf2", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1629f423109630b4dfcf2" + } + ] +} +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-26 13:59:27 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1629f423109630b4dfcf2" + } + ] +} +2017-08-26 13:59:27 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "tmeasday", role: "editor", id: "59a1629f423109630b4dfcf2", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59a1629f423109630b4dfcf2", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1629f423109630b4dfcf2" + } + ] +} +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-26 13:59:27 Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is authorized by docRole. +2017-08-26 13:59:27 inserted tweet 59a1629f423109630b4dfcf3. +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. +2017-08-26 13:59:27 Request: +User: "tmeasday", role: "editor", id: "59a1629f423109630b4dfcf2", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1629f423109630b4dfcf2" + } + ] +} +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-26 13:59:27 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "tmeasday", role: "editor", id: "59a1629f423109630b4dfcf2", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a1629f423109630b4dfcf3") { + author { + id + } + body + } +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1629f423109630b4dfcf2" + } + ] +} +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "tmeasday", role: "editor", id: "59a1629f423109630b4dfcf2", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1629f423109630b4dfcf2" + } + ] +} +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "tmeasday", role: "editor", id: "59a1629f423109630b4dfcf2", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59a1629f423109630b4dfcf3", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1629f423109630b4dfcf2" + } + ] +} +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-26 13:59:27 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59a1629f423109630b4dfcf2" + }, + { + "coauthorsIds": "59a1629f423109630b4dfcf2" + } + ] +} +2017-08-26 13:59:27 updated tweet 59a1629f423109630b4dfcf3. +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "tmeasday", role: "editor", id: "59a1629f423109630b4dfcf2", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1629f423109630b4dfcf2" + } + ] +} +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-26 13:59:27 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59a1629f423109630b4dfcf2" + }, + { + "coauthorsIds": "59a1629f423109630b4dfcf2" + } + ] +} +2017-08-26 13:59:27 ERROR update tweet not possible for 583676d3618530145474e352. +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "tmeasday", role: "editor", id: "59a1629f423109630b4dfcf2", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a1629f423109630b4dfcf3") { + body + } +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1629f423109630b4dfcf2" + } + ] +} +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "tmeasday", role: "editor", id: "59a1629f423109630b4dfcf2", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59a1629f423109630b4dfcf3") +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1629f423109630b4dfcf2" + } + ] +} +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-26 13:59:27 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59a1629f423109630b4dfcf2" + } + ] +} +2017-08-26 13:59:27 removed tweet 59a1629f423109630b4dfcf3. +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "tmeasday", role: "editor", id: "59a1629f423109630b4dfcf2", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1629f423109630b4dfcf2" + } + ] +} +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-26 13:59:27 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-08-26 13:59:27 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59a1629f423109630b4dfcf2" + } + ] +} +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "tmeasday", role: "editor", id: "59a1629f423109630b4dfcf2", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a1629f423109630b4dfcf3") { + body + } +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1629f423109630b4dfcf2" + } + ] +} +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "tmeasday", role: "editor", id: "59a1629f423109630b4dfcf2", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59a1629f423109630b4dfcf2") +} + +2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1629f423109630b4dfcf2" + } + ] +} +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-26 13:59:27 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1629f423109630b4dfcf2" + } + ] +} +2017-08-26 13:59:27 removed user 59a1629f423109630b4dfcf2. +2017-08-26 13:59:27 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 13:59:27 -------------------------------------------------------------------------------- +2017-08-26 13:59:27 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59a1629f423109630b4dfcf2") { + username + bio + role + } +} + +2017-08-26 13:59:27 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-26 19:23:51 Logger started +2017-08-26 19:25:14 -------------------------------------------------------------------------------- +2017-08-26 19:25:14 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-08-26 19:25:14 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:14 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 -------------------------------------------------------------------------------- +2017-08-26 19:25:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 -------------------------------------------------------------------------------- +2017-08-26 19:25:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + role + username + } +} + +2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 -------------------------------------------------------------------------------- +2017-08-26 19:25:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + role + username + } +} + +2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 -------------------------------------------------------------------------------- +2017-08-26 19:25:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca2") { + role + username + } +} + +2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 -------------------------------------------------------------------------------- +2017-08-26 19:25:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + id + username + bio + } +} + +2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 -------------------------------------------------------------------------------- +2017-08-26 19:25:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users { + username + createdAt + } +} + +2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 -------------------------------------------------------------------------------- +2017-08-26 19:25:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(limit: 1) { + username + createdAt + } +} + +2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 -------------------------------------------------------------------------------- +2017-08-26 19:25:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993) { + username + createdAt + } +} + +2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 -------------------------------------------------------------------------------- +2017-08-26 19:25:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } +} + +2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 -------------------------------------------------------------------------------- +2017-08-26 19:25:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers { + username + createdAt + } + } +} + +2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 -------------------------------------------------------------------------------- +2017-08-26 19:25:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(limit: 1) { + username + createdAt + } + } +} + +2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 -------------------------------------------------------------------------------- +2017-08-26 19:25:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 -------------------------------------------------------------------------------- +2017-08-26 19:25:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 -------------------------------------------------------------------------------- +2017-08-26 19:25:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following { + username + createdAt + } + } +} + +2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 -------------------------------------------------------------------------------- +2017-08-26 19:25:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(limit: 1) { + username + createdAt + } + } +} + +2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 -------------------------------------------------------------------------------- +2017-08-26 19:25:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 -------------------------------------------------------------------------------- +2017-08-26 19:25:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 -------------------------------------------------------------------------------- +2017-08-26 19:25:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets { + id + createdAt + } + } +} + +2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 -------------------------------------------------------------------------------- +2017-08-26 19:25:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(limit: 1) { + id + createdAt + } + } +} + +2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 -------------------------------------------------------------------------------- +2017-08-26 19:25:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } + } +} + +2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 -------------------------------------------------------------------------------- +2017-08-26 19:25:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } + } +} + +2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 -------------------------------------------------------------------------------- +2017-08-26 19:25:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked { + id + createdAt + } + } +} + +2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 -------------------------------------------------------------------------------- +2017-08-26 19:25:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(limit: 1) { + id + createdAt + } + } +} + +2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 -------------------------------------------------------------------------------- +2017-08-26 19:25:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334) { + id + createdAt + } + } +} + +2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 -------------------------------------------------------------------------------- +2017-08-26 19:25:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334, limit: 1) { + id + createdAt + } + } +} + +2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 -------------------------------------------------------------------------------- +2017-08-26 19:25:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + id + body + } +} + +2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 -------------------------------------------------------------------------------- +2017-08-26 19:25:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + author { + username + } + } +} + +2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 -------------------------------------------------------------------------------- +2017-08-26 19:25:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets { + id + createdAt + } +} + +2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 -------------------------------------------------------------------------------- +2017-08-26 19:25:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(limit: 1) { + id + createdAt + } +} + +2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 -------------------------------------------------------------------------------- +2017-08-26 19:25:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } +} + +2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 -------------------------------------------------------------------------------- +2017-08-26 19:25:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } +} + +2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 -------------------------------------------------------------------------------- +2017-08-26 19:25:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers { + username + createdAt + } + } +} + +2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 -------------------------------------------------------------------------------- +2017-08-26 19:25:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(limit: 1) { + username + createdAt + } + } +} + +2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 -------------------------------------------------------------------------------- +2017-08-26 19:25:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993) { + username + createdAt + } + } +} + +2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 -------------------------------------------------------------------------------- +2017-08-26 19:25:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } + } +} + +2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 -------------------------------------------------------------------------------- +2017-08-26 19:25:38 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { + id + role + } +} + +2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-26 19:25:38 inserted user 59a1af121bc7a4ac0e0e0e4f. +2017-08-26 19:25:38 -------------------------------------------------------------------------------- +2017-08-26 19:25:38 Request: +User: "tobkle", role: "admin", id: "59a1af121bc7a4ac0e0e0e4f", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-26 19:25:38 inserted user 59a1af121bc7a4ac0e0e0e50. +2017-08-26 19:25:38 -------------------------------------------------------------------------------- +2017-08-26 19:25:38 Request: +User: "tobkle", role: "admin", id: "59a1af121bc7a4ac0e0e0e4f", +Operation: "", variables: "", +Query: +{ + user(id: "59a1af121bc7a4ac0e0e0e50") { + username + bio + role + } +} + +2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "tobkle", role: "admin", id: "59a1af121bc7a4ac0e0e0e4f", +Operation: "", variables: "", +Query: +{ + user(id: "59a1af121bc7a4ac0e0e0e4f") { + username + role + } +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "tobkle", role: "admin", id: "59a1af121bc7a4ac0e0e0e4f", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a1af121bc7a4ac0e0e0e50", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 19:25:39 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-26 19:25:39 updated user 59a1af121bc7a4ac0e0e0e50. +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "tobkle", role: "admin", id: "59a1af121bc7a4ac0e0e0e4f", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a1af121bc7a4ac0e0e0e4f", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 19:25:39 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-26 19:25:39 updated user 59a1af121bc7a4ac0e0e0e4f. +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "tobkle", role: "admin", id: "59a1af121bc7a4ac0e0e0e4f", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a1af121bc7a4ac0e0e0e50", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + username + bio + role + } +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 19:25:39 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-26 19:25:39 updated user 59a1af121bc7a4ac0e0e0e50. +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "tobkle", role: "admin", id: "59a1af121bc7a4ac0e0e0e4f", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a1af121bc7a4ac0e0e0e4f", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 19:25:39 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-26 19:25:39 updated user 59a1af121bc7a4ac0e0e0e4f. +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "tobkle", role: "editor", id: "59a1af121bc7a4ac0e0e0e4f", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a1af121bc7a4ac0e0e0e4f", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1af121bc7a4ac0e0e0e4f" + } + ] +} +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-26 19:25:39 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1af121bc7a4ac0e0e0e4f" + } + ] +} +2017-08-26 19:25:39 updated user 59a1af121bc7a4ac0e0e0e4f. +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "zoltan", role: "admin", id: "59a1af121bc7a4ac0e0e0e50", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a1af121bc7a4ac0e0e0e4f", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'zoltan' and role 'admin' is authorized +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'zoltan' and role 'admin' is authorized +2017-08-26 19:25:39 Authorize update 'updateUser' with user 'zoltan' and role 'admin' is authorized +2017-08-26 19:25:39 updated user 59a1af121bc7a4ac0e0e0e4f. +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "tobkle", role: "admin", id: "59a1af121bc7a4ac0e0e0e4f", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59a1af121bc7a4ac0e0e0e50") +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 19:25:39 removed user 59a1af121bc7a4ac0e0e0e50. +2017-08-26 19:25:39 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "tobkle", role: "admin", id: "59a1af121bc7a4ac0e0e0e4f", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59a1af121bc7a4ac0e0e0e4f", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 19:25:39 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-26 19:25:39 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-26 19:25:39 inserted tweet 59a1af131bc7a4ac0e0e0e51. +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "tobkle", role: "admin", id: "59a1af121bc7a4ac0e0e0e4f", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "tobkle", role: "admin", id: "59a1af121bc7a4ac0e0e0e4f", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a1af131bc7a4ac0e0e0e51") { + author { + id + } + body + } +} + +2017-08-26 19:25:39 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-26 19:25:39 inserted tweet 59a1af131bc7a4ac0e0e0e52. +2017-08-26 19:25:39 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "tobkle", role: "admin", id: "59a1af121bc7a4ac0e0e0e4f", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "tobkle", role: "admin", id: "59a1af121bc7a4ac0e0e0e4f", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59a1af131bc7a4ac0e0e0e51", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 19:25:39 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-26 19:25:39 updated tweet 59a1af131bc7a4ac0e0e0e51. +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "tobkle", role: "admin", id: "59a1af121bc7a4ac0e0e0e4f", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59a1af131bc7a4ac0e0e0e52", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 19:25:39 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-26 19:25:39 updated tweet 59a1af131bc7a4ac0e0e0e52. +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "tobkle", role: "admin", id: "59a1af121bc7a4ac0e0e0e4f", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a1af131bc7a4ac0e0e0e51") { + body + } +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "tobkle", role: "admin", id: "59a1af121bc7a4ac0e0e0e4f", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59a1af131bc7a4ac0e0e0e51") +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 19:25:39 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-26 19:25:39 removed tweet 59a1af131bc7a4ac0e0e0e51. +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "tobkle", role: "admin", id: "59a1af121bc7a4ac0e0e0e4f", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59a1af131bc7a4ac0e0e0e52") +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 19:25:39 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-26 19:25:39 removed tweet 59a1af131bc7a4ac0e0e0e52. +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "tobkle", role: "admin", id: "59a1af121bc7a4ac0e0e0e4f", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a1af131bc7a4ac0e0e0e51") { + body + } +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "tobkle", role: "admin", id: "59a1af121bc7a4ac0e0e0e4f", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59a1af121bc7a4ac0e0e0e4f") +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 19:25:39 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-26 19:25:39 removed user 59a1af121bc7a4ac0e0e0e4f. +2017-08-26 19:25:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59a1af121bc7a4ac0e0e0e4f") { + username + bio + role + } +} + +2017-08-26 19:25:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-26 19:25:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-26 19:25:39 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-08-26 19:25:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-26 19:25:39 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-26 19:25:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-26 19:25:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-26 19:25:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. +2017-08-26 19:25:39 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-26 19:25:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-26 19:25:39 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. +2017-08-26 19:25:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-26 19:25:39 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-26 19:25:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-26 19:25:39 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-26 19:25:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-26 19:25:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-26 19:25:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-26 19:25:39 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-26 19:25:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-26 19:25:39 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-26 19:25:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-26 19:25:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-26 19:25:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-26 19:25:39 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-26 19:25:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-26 19:25:39 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-26 19:25:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-26 19:25:39 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-26 19:25:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-26 19:25:39 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-26 19:25:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-26 19:25:39 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-26 19:25:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-26 19:25:39 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { + id + role + } +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:39 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:39 inserted user 59a1af131bc7a4ac0e0e0e53. +2017-08-26 19:25:39 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. +2017-08-26 19:25:39 Request: +User: "tobkle", role: "user", id: "59a1af131bc7a4ac0e0e0e53", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1af131bc7a4ac0e0e0e53" + } + ] +} +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 19:25:39 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "tobkle", role: "user", id: "59a1af131bc7a4ac0e0e0e53", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1af131bc7a4ac0e0e0e53" + } + ] +} +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "tobkle", role: "user", id: "59a1af131bc7a4ac0e0e0e53", +Operation: "", variables: "", +Query: +{ + user(id: "59a1af131bc7a4ac0e0e0e53") { + username + } +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1af131bc7a4ac0e0e0e53" + } + ] +} +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "tobkle", role: "user", id: "59a1af131bc7a4ac0e0e0e53", +Operation: "", variables: "", +Query: +{ + user(id: "59a1af131bc7a4ac0e0e0e53") { + username + role + } +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1af131bc7a4ac0e0e0e53" + } + ] +} +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "tobkle", role: "user", id: "59a1af131bc7a4ac0e0e0e53", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1af131bc7a4ac0e0e0e53" + } + ] +} +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 19:25:39 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1af131bc7a4ac0e0e0e53" + } + ] +} +2017-08-26 19:25:39 ERROR update user not possible for 583291a1638566b3c5a92ca1. +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "tobkle", role: "user", id: "59a1af131bc7a4ac0e0e0e53", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a1af131bc7a4ac0e0e0e53", input: {username: "tobkle", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1af131bc7a4ac0e0e0e53" + } + ] +} +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 19:25:39 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1af131bc7a4ac0e0e0e53" + } + ] +} +2017-08-26 19:25:39 updated user 59a1af131bc7a4ac0e0e0e53. +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "tobkle", role: "user", id: "59a1af131bc7a4ac0e0e0e53", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a1af131bc7a4ac0e0e0e53", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1af131bc7a4ac0e0e0e53" + } + ] +} +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 19:25:39 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1af131bc7a4ac0e0e0e53" + } + ] +} +2017-08-26 19:25:39 updated user 59a1af131bc7a4ac0e0e0e53. +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "tobkle", role: "user", id: "59a1af131bc7a4ac0e0e0e53", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1af131bc7a4ac0e0e0e53" + } + ] +} +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 19:25:39 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1af131bc7a4ac0e0e0e53" + } + ] +} +2017-08-26 19:25:39 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "tobkle", role: "user", id: "59a1af131bc7a4ac0e0e0e53", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59a1af131bc7a4ac0e0e0e53", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1af131bc7a4ac0e0e0e53" + } + ] +} +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 19:25:39 Authorize create 'createTweet' with user 'tobkle' and role: 'user' is authorized by docRole. +2017-08-26 19:25:39 inserted tweet 59a1af131bc7a4ac0e0e0e54. +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. +2017-08-26 19:25:39 Request: +User: "tobkle", role: "user", id: "59a1af131bc7a4ac0e0e0e53", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1af131bc7a4ac0e0e0e53" + } + ] +} +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 19:25:39 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "tobkle", role: "user", id: "59a1af131bc7a4ac0e0e0e53", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a1af131bc7a4ac0e0e0e54") { + author { + id + } + body + } +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1af131bc7a4ac0e0e0e53" + } + ] +} +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "tobkle", role: "user", id: "59a1af131bc7a4ac0e0e0e53", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1af131bc7a4ac0e0e0e53" + } + ] +} +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "tobkle", role: "user", id: "59a1af131bc7a4ac0e0e0e53", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59a1af131bc7a4ac0e0e0e54", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1af131bc7a4ac0e0e0e53" + } + ] +} +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 19:25:39 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59a1af131bc7a4ac0e0e0e53" + }, + { + "coauthorsIds": "59a1af131bc7a4ac0e0e0e53" + } + ] +} +2017-08-26 19:25:39 updated tweet 59a1af131bc7a4ac0e0e0e54. +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "tobkle", role: "user", id: "59a1af131bc7a4ac0e0e0e53", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-26 19:25:39 ERROR update tweet not possible for 583676d3618530145474e352. +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1af131bc7a4ac0e0e0e53" + } + ] +} +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 19:25:39 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59a1af131bc7a4ac0e0e0e53" + }, + { + "coauthorsIds": "59a1af131bc7a4ac0e0e0e53" + } + ] +} +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "tobkle", role: "user", id: "59a1af131bc7a4ac0e0e0e53", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a1af131bc7a4ac0e0e0e54") { + body + } +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1af131bc7a4ac0e0e0e53" + } + ] +} +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "tobkle", role: "user", id: "59a1af131bc7a4ac0e0e0e53", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59a1af131bc7a4ac0e0e0e54") +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1af131bc7a4ac0e0e0e53" + } + ] +} +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 19:25:39 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59a1af131bc7a4ac0e0e0e53" + } + ] +} +2017-08-26 19:25:39 removed tweet 59a1af131bc7a4ac0e0e0e54. +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "tobkle", role: "user", id: "59a1af131bc7a4ac0e0e0e53", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1af131bc7a4ac0e0e0e53" + } + ] +} +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 19:25:39 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59a1af131bc7a4ac0e0e0e53" + } + ] +} +2017-08-26 19:25:39 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "tobkle", role: "user", id: "59a1af131bc7a4ac0e0e0e53", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a1af131bc7a4ac0e0e0e54") { + body + } +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1af131bc7a4ac0e0e0e53" + } + ] +} +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "tobkle", role: "user", id: "59a1af131bc7a4ac0e0e0e53", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59a1af131bc7a4ac0e0e0e53") +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1af131bc7a4ac0e0e0e53" + } + ] +} +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 19:25:39 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1af131bc7a4ac0e0e0e53" + } + ] +} +2017-08-26 19:25:39 removed user 59a1af131bc7a4ac0e0e0e53. +2017-08-26 19:25:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59a1af131bc7a4ac0e0e0e53") { + username + bio + role + } +} + +2017-08-26 19:25:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { + id + role + } +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:39 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-26 19:25:39 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-26 19:25:39 inserted user 59a1af131bc7a4ac0e0e0e55. +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. +2017-08-26 19:25:39 Request: +User: "tobkle", role: "editor", id: "59a1af131bc7a4ac0e0e0e55", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1af131bc7a4ac0e0e0e55" + } + ] +} +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-26 19:25:39 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "tobkle", role: "editor", id: "59a1af131bc7a4ac0e0e0e55", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1af131bc7a4ac0e0e0e55" + } + ] +} +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "tobkle", role: "editor", id: "59a1af131bc7a4ac0e0e0e55", +Operation: "", variables: "", +Query: +{ + user(id: "59a1af131bc7a4ac0e0e0e55") { + username + role + } +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1af131bc7a4ac0e0e0e55" + } + ] +} +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "tobkle", role: "editor", id: "59a1af131bc7a4ac0e0e0e55", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1af131bc7a4ac0e0e0e55" + } + ] +} +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-26 19:25:39 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1af131bc7a4ac0e0e0e55" + } + ] +} +2017-08-26 19:25:39 ERROR update user not possible for 583291a1638566b3c5a92ca1. +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "tobkle", role: "editor", id: "59a1af131bc7a4ac0e0e0e55", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a1af131bc7a4ac0e0e0e55", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1af131bc7a4ac0e0e0e55" + } + ] +} +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-26 19:25:39 updated user 59a1af131bc7a4ac0e0e0e55. +2017-08-26 19:25:39 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1af131bc7a4ac0e0e0e55" + } + ] +} +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "tmeasday", role: "editor", id: "59a1af131bc7a4ac0e0e0e55", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a1af131bc7a4ac0e0e0e55", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1af131bc7a4ac0e0e0e55" + } + ] +} +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-26 19:25:39 Authorize update 'updateUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1af131bc7a4ac0e0e0e55" + } + ] +} +2017-08-26 19:25:39 updated user 59a1af131bc7a4ac0e0e0e55. +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "tmeasday", role: "editor", id: "59a1af131bc7a4ac0e0e0e55", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1af131bc7a4ac0e0e0e55" + } + ] +} +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-26 19:25:39 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1af131bc7a4ac0e0e0e55" + } + ] +} +2017-08-26 19:25:39 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "tmeasday", role: "editor", id: "59a1af131bc7a4ac0e0e0e55", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59a1af131bc7a4ac0e0e0e55", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1af131bc7a4ac0e0e0e55" + } + ] +} +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-26 19:25:39 Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is authorized by docRole. +2017-08-26 19:25:39 inserted tweet 59a1af131bc7a4ac0e0e0e56. +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. +2017-08-26 19:25:39 Request: +User: "tmeasday", role: "editor", id: "59a1af131bc7a4ac0e0e0e55", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1af131bc7a4ac0e0e0e55" + } + ] +} +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-26 19:25:39 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "tmeasday", role: "editor", id: "59a1af131bc7a4ac0e0e0e55", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a1af131bc7a4ac0e0e0e56") { + author { + id + } + body + } +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1af131bc7a4ac0e0e0e55" + } + ] +} +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "tmeasday", role: "editor", id: "59a1af131bc7a4ac0e0e0e55", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1af131bc7a4ac0e0e0e55" + } + ] +} +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "tmeasday", role: "editor", id: "59a1af131bc7a4ac0e0e0e55", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59a1af131bc7a4ac0e0e0e56", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1af131bc7a4ac0e0e0e55" + } + ] +} +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-26 19:25:39 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59a1af131bc7a4ac0e0e0e55" + }, + { + "coauthorsIds": "59a1af131bc7a4ac0e0e0e55" + } + ] +} +2017-08-26 19:25:39 updated tweet 59a1af131bc7a4ac0e0e0e56. +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "tmeasday", role: "editor", id: "59a1af131bc7a4ac0e0e0e55", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1af131bc7a4ac0e0e0e55" + } + ] +} +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-26 19:25:39 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59a1af131bc7a4ac0e0e0e55" + }, + { + "coauthorsIds": "59a1af131bc7a4ac0e0e0e55" + } + ] +} +2017-08-26 19:25:39 ERROR update tweet not possible for 583676d3618530145474e352. +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "tmeasday", role: "editor", id: "59a1af131bc7a4ac0e0e0e55", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a1af131bc7a4ac0e0e0e56") { + body + } +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1af131bc7a4ac0e0e0e55" + } + ] +} +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "tmeasday", role: "editor", id: "59a1af131bc7a4ac0e0e0e55", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59a1af131bc7a4ac0e0e0e56") +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1af131bc7a4ac0e0e0e55" + } + ] +} +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-26 19:25:39 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59a1af131bc7a4ac0e0e0e55" + } + ] +} +2017-08-26 19:25:39 removed tweet 59a1af131bc7a4ac0e0e0e56. +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "tmeasday", role: "editor", id: "59a1af131bc7a4ac0e0e0e55", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1af131bc7a4ac0e0e0e55" + } + ] +} +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-26 19:25:39 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59a1af131bc7a4ac0e0e0e55" + } + ] +} +2017-08-26 19:25:39 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "tmeasday", role: "editor", id: "59a1af131bc7a4ac0e0e0e55", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a1af131bc7a4ac0e0e0e56") { + body + } +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1af131bc7a4ac0e0e0e55" + } + ] +} +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "tmeasday", role: "editor", id: "59a1af131bc7a4ac0e0e0e55", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59a1af131bc7a4ac0e0e0e55") +} + +2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1af131bc7a4ac0e0e0e55" + } + ] +} +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-26 19:25:39 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1af131bc7a4ac0e0e0e55" + } + ] +} +2017-08-26 19:25:39 removed user 59a1af131bc7a4ac0e0e0e55. +2017-08-26 19:25:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 19:25:39 -------------------------------------------------------------------------------- +2017-08-26 19:25:39 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59a1af131bc7a4ac0e0e0e55") { + username + bio + role + } +} + +2017-08-26 19:25:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized diff --git a/test/output-app/package.json b/test/output-app/package.json index abec3b1..cc108e3 100644 --- a/test/output-app/package.json +++ b/test/output-app/package.json @@ -36,7 +36,7 @@ "bcrypt": "^1.0.2", "body-parser": "1.15.2", "cors": "^2.8.1", - "create-graphql-server-authorization": "^0.0.28", + "create-graphql-server-authorization": "^0.0.32", "dataloader": "^1.2.0", "denodeify": "^1.2.1", "dotenv": "2.0.0", diff --git a/test/output-app/yarn.lock b/test/output-app/yarn.lock index 17c9d5f..b9a3a1e 100644 --- a/test/output-app/yarn.lock +++ b/test/output-app/yarn.lock @@ -1224,9 +1224,9 @@ crc@3.4.0: version "3.4.0" resolved "https://registry.yarnpkg.com/crc/-/crc-3.4.0.tgz#4258e351613a74ef1153dfcb05e820c3e9715d7f" -create-graphql-server-authorization@^0.0.28: - version "0.0.28" - resolved "https://registry.yarnpkg.com/create-graphql-server-authorization/-/create-graphql-server-authorization-0.0.28.tgz#cccb2d70bcee51ea555cad419c7a72fe77161354" +create-graphql-server-authorization@^0.0.32: + version "0.0.32" + resolved "https://registry.yarnpkg.com/create-graphql-server-authorization/-/create-graphql-server-authorization-0.0.32.tgz#2fd5edab9c97e8686080e6b74e74291bcdebc231" dependencies: global "^4.3.2" iterall "^1.1.0" diff --git a/test/test-add-update-remove.sh b/test/test-add-update-remove.sh index 40fb69e..9b7e96b 100755 --- a/test/test-add-update-remove.sh +++ b/test/test-add-update-remove.sh @@ -105,7 +105,7 @@ if exists "./model/User.js" && exists "./schema/User.graphql" && exists "./schema/Tweet.graphql" && exists "./schema/Order.graphql" && - hasRef "./model/index.js" "User" 4 && + hasRef "./model/index.js" "User" 9 && hasRef "./model/index.js" "Tweet" 4 && hasRef "./model/index.js" "Order" 4 && hasRef "./resolvers/index.js" "userResolvers" 2 && @@ -133,7 +133,7 @@ if exists "./model/User.js" && exists "./schema/User.graphql" && exists "./schema/Tweet.graphql" && exists "./schema/Order.graphql" && - hasRef "./model/index.js" "User" 4 && + hasRef "./model/index.js" "User" 9 && hasRef "./model/index.js" "Tweet" 4 && hasRef "./model/index.js" "Order" 4 && hasRef "./resolvers/index.js" "userResolvers" 2 && @@ -215,7 +215,7 @@ if exists "./model/User.js" && exists "./schema/User.graphql" && exists "./schema/Tweet.graphql" && exists "./schema/Order.graphql" && - hasRef "./model/index.js" "User" 4 && + hasRef "./model/index.js" "User" 9 && hasRef "./model/index.js" "Tweet" 4 && hasRef "./model/index.js" "Order" 4 && hasRef "./resolvers/index.js" "userResolvers" 2 && diff --git a/yarn.lock b/yarn.lock index 4edea39..c2e1aa2 100644 --- a/yarn.lock +++ b/yarn.lock @@ -142,6 +142,10 @@ async-each@^1.0.0: version "1.0.1" resolved "https://registry.yarnpkg.com/async-each/-/async-each-1.0.1.tgz#19d386a1d9edc6e7c1c85d388aedbcc56d33602d" +async@~1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/async/-/async-1.0.0.tgz#f8fc04ca3a13784ade9e1641af98578cfbd647a9" + asynckit@^0.4.0: version "0.4.0" resolved "https://registry.yarnpkg.com/asynckit/-/asynckit-0.4.0.tgz#c79ed97f7f34cb8f2ba1bc9790bcc366474b4b79" @@ -896,6 +900,14 @@ browser-stdout@1.3.0: version "1.3.0" resolved "https://registry.yarnpkg.com/browser-stdout/-/browser-stdout-1.3.0.tgz#f351d32969d32fa5d7a5567154263d928ae3bd1f" +bson@~1.0.4: + version "1.0.4" + resolved "https://registry.yarnpkg.com/bson/-/bson-1.0.4.tgz#93c10d39eaa5b58415cbc4052f3e53e562b0b72c" + +buffer-shims@~1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/buffer-shims/-/buffer-shims-1.0.0.tgz#9978ce317388c649ad8793028c3477ef044a8b51" + builtin-modules@^1.0.0, builtin-modules@^1.1.1: version "1.1.1" resolved "https://registry.yarnpkg.com/builtin-modules/-/builtin-modules-1.1.1.tgz#270f076c5a72c02f5b65a47df94c5fe3a278892f" @@ -1018,6 +1030,10 @@ color-name@^1.1.1: version "1.1.3" resolved "https://registry.yarnpkg.com/color-name/-/color-name-1.1.3.tgz#a7d0558bd89c42f795dd42328f740831ca53bc25" +colors@1.0.x: + version "1.0.3" + resolved "https://registry.yarnpkg.com/colors/-/colors-1.0.3.tgz#0433f44d809680fdeb60ed260f1b0c262e82a40b" + combined-stream@^1.0.5, combined-stream@~1.0.5: version "1.0.5" resolved "https://registry.yarnpkg.com/combined-stream/-/combined-stream-1.0.5.tgz#938370a57b4a51dea2c77c15d5c5fdf895164009" @@ -1075,6 +1091,16 @@ cpr@^2.0.0: mkdirp "~0.5.1" rimraf "^2.5.4" +create-graphql-server-authorization@^0.0.32: + version "0.0.32" + resolved "https://registry.yarnpkg.com/create-graphql-server-authorization/-/create-graphql-server-authorization-0.0.32.tgz#2fd5edab9c97e8686080e6b74e74291bcdebc231" + dependencies: + global "^4.3.2" + iterall "^1.1.0" + lodash "4.16.4" + mongodb "^2.2.31" + winston "^2.3.1" + cross-spawn@^5.1.0: version "5.1.0" resolved "https://registry.yarnpkg.com/cross-spawn/-/cross-spawn-5.1.0.tgz#e8bd0efee58fcff6f8f94510a0a554bbfa235449" @@ -1099,6 +1125,10 @@ currently-unhandled@^0.4.1: dependencies: array-find-index "^1.0.1" +cycle@1.0.x: + version "1.0.3" + resolved "https://registry.yarnpkg.com/cycle/-/cycle-1.0.3.tgz#21e80b2be8580f98b468f379430662b046c34ad2" + d@1: version "1.0.0" resolved "https://registry.yarnpkg.com/d/-/d-1.0.0.tgz#754bb5bfe55451da69a58b94d45f4c5b0462d58f" @@ -1246,6 +1276,10 @@ es6-map@^0.1.3: es6-symbol "~3.1.1" event-emitter "~0.3.5" +es6-promise@3.2.1: + version "3.2.1" + resolved "https://registry.yarnpkg.com/es6-promise/-/es6-promise-3.2.1.tgz#ec56233868032909207170c39448e24449dd1fc4" + es6-set@^0.1.4, es6-set@~0.1.5: version "0.1.5" resolved "https://registry.yarnpkg.com/es6-set/-/es6-set-0.1.5.tgz#d2b3ec5d4d800ced818db538d28974db0a73ccb1" @@ -1451,6 +1485,10 @@ extsprintf@1.3.0, extsprintf@^1.2.0: version "1.3.0" resolved "https://registry.yarnpkg.com/extsprintf/-/extsprintf-1.3.0.tgz#96918440e3041a7a414f8c52e3c574eb3c3e1e05" +eyes@0.1.x: + version "0.1.8" + resolved "https://registry.yarnpkg.com/eyes/-/eyes-0.1.8.tgz#62cf120234c683785d902348a800ef3e0cc20bc0" + fast-deep-equal@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/fast-deep-equal/-/fast-deep-equal-1.0.0.tgz#96256a3bc975595eb36d82e9929d060d893439ff" @@ -1780,7 +1818,7 @@ inflight@^1.0.4: once "^1.3.0" wrappy "1" -inherits@2, inherits@^2.0.1, inherits@^2.0.3, inherits@~2.0.0, inherits@~2.0.3: +inherits@2, inherits@^2.0.1, inherits@^2.0.3, inherits@~2.0.0, inherits@~2.0.1, inherits@~2.0.3: version "2.0.3" resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.3.tgz#633c2c83e3da42a502f52466022480f4208261de" @@ -1945,7 +1983,7 @@ isobject@^2.0.0: dependencies: isarray "1.0.0" -isstream@~0.1.2: +isstream@0.1.x, isstream@~0.1.2: version "0.1.2" resolved "https://registry.yarnpkg.com/isstream/-/isstream-0.1.2.tgz#47e63f7af55afa6f92e1500e690eb8b8529c099a" @@ -1953,6 +1991,10 @@ iterall@1.0.2: version "1.0.2" resolved "https://registry.yarnpkg.com/iterall/-/iterall-1.0.2.tgz#41a2e96ce9eda5e61c767ee5dc312373bb046e91" +iterall@^1.1.0: + version "1.1.1" + resolved "https://registry.yarnpkg.com/iterall/-/iterall-1.1.1.tgz#f7f0af11e9a04ec6426260f5019d9fcca4d50214" + js-tokens@^3.0.0, js-tokens@^3.0.2: version "3.0.2" resolved "https://registry.yarnpkg.com/js-tokens/-/js-tokens-3.0.2.tgz#9866df395102130e38f7f996bceb65443209c25b" @@ -2131,6 +2173,10 @@ lodash.merge@^4.6.0: version "4.6.0" resolved "https://registry.yarnpkg.com/lodash.merge/-/lodash.merge-4.6.0.tgz#69884ba144ac33fe699737a6086deffadd0f89c5" +lodash@4.16.4: + version "4.16.4" + resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.16.4.tgz#01ce306b9bad1319f2a5528674f88297aeb70127" + lodash@^4.0.0, lodash@^4.17.4, lodash@^4.2.0, lodash@^4.3.0: version "4.17.4" resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.4.tgz#78203a4d1c328ae1d86dca6460e369b57f4055ae" @@ -2262,6 +2308,21 @@ mocha@^3.1.2: mkdirp "0.5.1" supports-color "3.1.2" +mongodb-core@2.1.15: + version "2.1.15" + resolved "https://registry.yarnpkg.com/mongodb-core/-/mongodb-core-2.1.15.tgz#841f53b87ffff4c7458189c35c8ae827e1169764" + dependencies: + bson "~1.0.4" + require_optional "~1.0.0" + +mongodb@^2.2.31: + version "2.2.31" + resolved "https://registry.yarnpkg.com/mongodb/-/mongodb-2.2.31.tgz#1940445c661e19217bb3bf8245d9854aaef548db" + dependencies: + es6-promise "3.2.1" + mongodb-core "2.1.15" + readable-stream "2.2.7" + ms@2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/ms/-/ms-2.0.0.tgz#5608aeadfc00be6c2901df5f9861788de0d597c8" @@ -2541,6 +2602,18 @@ read-pkg@^1.0.0: normalize-package-data "^2.3.2" path-type "^1.0.0" +readable-stream@2.2.7: + version "2.2.7" + resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.2.7.tgz#07057acbe2467b22042d36f98c5ad507054e95b1" + dependencies: + buffer-shims "~1.0.0" + core-util-is "~1.0.0" + inherits "~2.0.1" + isarray "~1.0.0" + process-nextick-args "~1.0.6" + string_decoder "~1.0.0" + util-deprecate "~1.0.1" + readable-stream@^2.0.2, readable-stream@^2.0.6, readable-stream@^2.1.4, readable-stream@^2.2.2: version "2.3.3" resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.3.3.tgz#368f2512d79f9d46fdfc71349ae7878bbc1eb95c" @@ -2675,10 +2748,21 @@ require-uncached@^1.0.3: caller-path "^0.1.0" resolve-from "^1.0.0" +require_optional@~1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/require_optional/-/require_optional-1.0.1.tgz#4cf35a4247f64ca3df8c2ef208cc494b1ca8fc2e" + dependencies: + resolve-from "^2.0.0" + semver "^5.1.0" + resolve-from@^1.0.0: version "1.0.1" resolved "https://registry.yarnpkg.com/resolve-from/-/resolve-from-1.0.1.tgz#26cbfe935d1aeeeabb29bc3fe5aeb01e93d44226" +resolve-from@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/resolve-from/-/resolve-from-2.0.0.tgz#9480ab20e94ffa1d9e80a804c7ea147611966b57" + resolve@^1.1.6: version "1.4.0" resolved "https://registry.yarnpkg.com/resolve/-/resolve-1.4.0.tgz#a75be01c53da25d934a98ebd0e4c4a7312f92a86" @@ -2728,7 +2812,7 @@ semver-truncate@^1.0.0: dependencies: semver "^5.3.0" -"semver@2 || 3 || 4 || 5", semver@^5.3.0: +"semver@2 || 3 || 4 || 5", semver@^5.1.0, semver@^5.3.0: version "5.4.1" resolved "https://registry.yarnpkg.com/semver/-/semver-5.4.1.tgz#e059c09d8571f0540823733433505d3a2f00b18e" @@ -2814,6 +2898,10 @@ sshpk@^1.7.0: jsbn "~0.1.0" tweetnacl "~0.14.0" +stack-trace@0.0.x: + version "0.0.10" + resolved "https://registry.yarnpkg.com/stack-trace/-/stack-trace-0.0.10.tgz#547c70b347e8d32b4e108ea1a2a159e5fdde19c0" + string-width@^1.0.1, string-width@^1.0.2: version "1.0.2" resolved "https://registry.yarnpkg.com/string-width/-/string-width-1.0.2.tgz#118bdf5b8cdc51a2a7e70d211e07e2b0b9b107d3" @@ -2829,7 +2917,7 @@ string-width@^2.0.0, string-width@^2.1.0: is-fullwidth-code-point "^2.0.0" strip-ansi "^4.0.0" -string_decoder@~1.0.3: +string_decoder@~1.0.0, string_decoder@~1.0.3: version "1.0.3" resolved "https://registry.yarnpkg.com/string_decoder/-/string_decoder-1.0.3.tgz#0fc67d7c141825de94282dd536bec6b9bce860ab" dependencies: @@ -3028,6 +3116,17 @@ wide-align@^1.1.0: dependencies: string-width "^1.0.2" +winston@^2.3.1: + version "2.3.1" + resolved "https://registry.yarnpkg.com/winston/-/winston-2.3.1.tgz#0b48420d978c01804cf0230b648861598225a119" + dependencies: + async "~1.0.0" + colors "1.0.x" + cycle "1.0.x" + eyes "0.1.x" + isstream "0.1.x" + stack-trace "0.0.x" + wordwrap@~1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/wordwrap/-/wordwrap-1.0.0.tgz#27584810891456a4171c8d0226441ade90cbcaeb" From 40fd0072a78e4f17771d8f4559834b2fcacdf997 Mon Sep 17 00:00:00 2001 From: tobkle Date: Sat, 26 Aug 2017 22:10:13 +0200 Subject: [PATCH 64/69] modularize authorize --- package.json | 7 +- skel/package.json | 7 +- test/output-app/log/all-logs-readable.log | 2104 +++++++++++++++++++++ test/output-app/package.json | 7 +- test/output-app/yarn.lock | 6 +- yarn.lock | 6 +- 6 files changed, 2125 insertions(+), 12 deletions(-) diff --git a/package.json b/package.json index 9b7afe4..f541369 100644 --- a/package.json +++ b/package.json @@ -23,7 +23,10 @@ "prepublish": "npm run build" }, "config": { - "logfile": "log/all-logs-readable.log" + "logfile": "log/all-logs-readable.log", + "loglevel": "debug", + "maxsize": 5, + "maxfiles": 5 }, "author": "Tom Coleman", "license": "MIT", @@ -50,7 +53,7 @@ "babylon": "^6.14.1", "chalk": "^1.1.3", "cpr": "^2.0.0", - "create-graphql-server-authorization": "^0.0.32", + "create-graphql-server-authorization": "^0.0.33", "denodeify": "^1.2.1", "escape-string-regexp": "^1.0.5", "global": "^4.3.2", diff --git a/skel/package.json b/skel/package.json index e1b9cb5..0a79482 100644 --- a/skel/package.json +++ b/skel/package.json @@ -6,7 +6,10 @@ "start": "babel-node index.js" }, "config": { - "logfile": "log/all-logs-readable.log" + "logfile": "log/all-logs-readable.log", + "loglevel": "debug", + "maxsize": 5, + "maxfiles": 5 }, "private": true, "author": "", @@ -36,7 +39,7 @@ "bcrypt": "^1.0.2", "body-parser": "1.15.2", "cors": "^2.8.1", - "create-graphql-server-authorization": "^0.0.32", + "create-graphql-server-authorization": "^0.0.33", "dataloader": "^1.2.0", "denodeify": "^1.2.1", "dotenv": "2.0.0", diff --git a/test/output-app/log/all-logs-readable.log b/test/output-app/log/all-logs-readable.log index 84533d9..338f21b 100644 --- a/test/output-app/log/all-logs-readable.log +++ b/test/output-app/log/all-logs-readable.log @@ -32480,3 +32480,2107 @@ Query: 2017-08-26 19:25:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. 2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-26 22:06:57 Logger started +2017-08-26 22:07:58 -------------------------------------------------------------------------------- +2017-08-26 22:07:58 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-08-26 22:07:58 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:07:58 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + role + username + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + role + username + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca2") { + role + username + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + id + username + bio + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users { + username + createdAt + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(limit: 1) { + username + createdAt + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993) { + username + createdAt + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers { + username + createdAt + } + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(limit: 1) { + username + createdAt + } + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following { + username + createdAt + } + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(limit: 1) { + username + createdAt + } + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets { + id + createdAt + } + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(limit: 1) { + id + createdAt + } + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked { + id + createdAt + } + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(limit: 1) { + id + createdAt + } + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334) { + id + createdAt + } + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334, limit: 1) { + id + createdAt + } + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + id + body + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets { + id + createdAt + } +} + +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + author { + username + } + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(limit: 1) { + id + createdAt + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers { + username + createdAt + } + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(limit: 1) { + username + createdAt + } + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993) { + username + createdAt + } + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { + id + role + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-26 22:08:22 inserted user 59a1d536e5c828d8c857b586. +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "tobkle", role: "admin", id: "59a1d536e5c828d8c857b586", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-26 22:08:22 inserted user 59a1d536e5c828d8c857b587. +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "tobkle", role: "admin", id: "59a1d536e5c828d8c857b586", +Operation: "", variables: "", +Query: +{ + user(id: "59a1d536e5c828d8c857b587") { + username + bio + role + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "tobkle", role: "admin", id: "59a1d536e5c828d8c857b586", +Operation: "", variables: "", +Query: +{ + user(id: "59a1d536e5c828d8c857b586") { + username + role + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "tobkle", role: "admin", id: "59a1d536e5c828d8c857b586", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a1d536e5c828d8c857b587", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-26 22:08:22 updated user 59a1d536e5c828d8c857b587. +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "tobkle", role: "admin", id: "59a1d536e5c828d8c857b586", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a1d536e5c828d8c857b586", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-26 22:08:22 updated user 59a1d536e5c828d8c857b586. +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "tobkle", role: "admin", id: "59a1d536e5c828d8c857b586", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a1d536e5c828d8c857b587", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + username + bio + role + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-26 22:08:22 updated user 59a1d536e5c828d8c857b587. +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "tobkle", role: "admin", id: "59a1d536e5c828d8c857b586", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a1d536e5c828d8c857b586", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-26 22:08:22 updated user 59a1d536e5c828d8c857b586. +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "tobkle", role: "editor", id: "59a1d536e5c828d8c857b586", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a1d536e5c828d8c857b586", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1d536e5c828d8c857b586" + } + ] +} +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-26 22:08:22 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1d536e5c828d8c857b586" + } + ] +} +2017-08-26 22:08:22 updated user 59a1d536e5c828d8c857b586. +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "zoltan", role: "admin", id: "59a1d536e5c828d8c857b587", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a1d536e5c828d8c857b586", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'zoltan' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'zoltan' and role 'admin' is authorized +2017-08-26 22:08:22 updated user 59a1d536e5c828d8c857b586. +2017-08-26 22:08:22 Authorize update 'updateUser' with user 'zoltan' and role 'admin' is authorized +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "tobkle", role: "admin", id: "59a1d536e5c828d8c857b586", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59a1d536e5c828d8c857b587") +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 22:08:22 removed user 59a1d536e5c828d8c857b587. +2017-08-26 22:08:22 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "tobkle", role: "admin", id: "59a1d536e5c828d8c857b586", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59a1d536e5c828d8c857b586", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-26 22:08:22 inserted tweet 59a1d536e5c828d8c857b588. +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "tobkle", role: "admin", id: "59a1d536e5c828d8c857b586", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "tobkle", role: "admin", id: "59a1d536e5c828d8c857b586", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a1d536e5c828d8c857b588") { + author { + id + } + body + } +} + +2017-08-26 22:08:22 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-26 22:08:22 inserted tweet 59a1d536e5c828d8c857b589. +2017-08-26 22:08:22 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "tobkle", role: "admin", id: "59a1d536e5c828d8c857b586", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "tobkle", role: "admin", id: "59a1d536e5c828d8c857b586", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59a1d536e5c828d8c857b588", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-26 22:08:22 updated tweet 59a1d536e5c828d8c857b588. +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "tobkle", role: "admin", id: "59a1d536e5c828d8c857b586", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59a1d536e5c828d8c857b589", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-26 22:08:22 updated tweet 59a1d536e5c828d8c857b589. +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "tobkle", role: "admin", id: "59a1d536e5c828d8c857b586", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a1d536e5c828d8c857b588") { + body + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "tobkle", role: "admin", id: "59a1d536e5c828d8c857b586", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59a1d536e5c828d8c857b588") +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-26 22:08:22 removed tweet 59a1d536e5c828d8c857b588. +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "tobkle", role: "admin", id: "59a1d536e5c828d8c857b586", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59a1d536e5c828d8c857b589") +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-26 22:08:22 removed tweet 59a1d536e5c828d8c857b589. +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "tobkle", role: "admin", id: "59a1d536e5c828d8c857b586", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a1d536e5c828d8c857b588") { + body + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "tobkle", role: "admin", id: "59a1d536e5c828d8c857b586", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59a1d536e5c828d8c857b586") +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-26 22:08:22 removed user 59a1d536e5c828d8c857b586. +2017-08-26 22:08:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59a1d536e5c828d8c857b586") { + username + bio + role + } +} + +2017-08-26 22:08:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-26 22:08:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-26 22:08:22 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-08-26 22:08:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-26 22:08:22 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-26 22:08:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-26 22:08:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-26 22:08:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. +2017-08-26 22:08:22 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-26 22:08:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-26 22:08:22 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. +2017-08-26 22:08:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-26 22:08:22 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-26 22:08:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-26 22:08:22 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-26 22:08:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-26 22:08:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-26 22:08:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-26 22:08:22 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-26 22:08:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-26 22:08:22 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-26 22:08:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-26 22:08:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-26 22:08:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-26 22:08:22 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-26 22:08:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-26 22:08:22 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-26 22:08:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-26 22:08:22 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-26 22:08:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-26 22:08:22 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-26 22:08:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-26 22:08:22 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-26 22:08:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-26 22:08:22 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { + id + role + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:22 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-26 22:08:22 inserted user 59a1d536e5c828d8c857b58a. +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. +2017-08-26 22:08:22 Request: +User: "tobkle", role: "user", id: "59a1d536e5c828d8c857b58a", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1d536e5c828d8c857b58a" + } + ] +} +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 22:08:22 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "tobkle", role: "user", id: "59a1d536e5c828d8c857b58a", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1d536e5c828d8c857b58a" + } + ] +} +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "tobkle", role: "user", id: "59a1d536e5c828d8c857b58a", +Operation: "", variables: "", +Query: +{ + user(id: "59a1d536e5c828d8c857b58a") { + username + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1d536e5c828d8c857b58a" + } + ] +} +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "tobkle", role: "user", id: "59a1d536e5c828d8c857b58a", +Operation: "", variables: "", +Query: +{ + user(id: "59a1d536e5c828d8c857b58a") { + username + role + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1d536e5c828d8c857b58a" + } + ] +} +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "tobkle", role: "user", id: "59a1d536e5c828d8c857b58a", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1d536e5c828d8c857b58a" + } + ] +} +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 22:08:22 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1d536e5c828d8c857b58a" + } + ] +} +2017-08-26 22:08:22 ERROR update user not possible for 583291a1638566b3c5a92ca1. +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "tobkle", role: "user", id: "59a1d536e5c828d8c857b58a", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a1d536e5c828d8c857b58a", input: {username: "tobkle", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1d536e5c828d8c857b58a" + } + ] +} +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 22:08:22 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1d536e5c828d8c857b58a" + } + ] +} +2017-08-26 22:08:22 updated user 59a1d536e5c828d8c857b58a. +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "tobkle", role: "user", id: "59a1d536e5c828d8c857b58a", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a1d536e5c828d8c857b58a", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1d536e5c828d8c857b58a" + } + ] +} +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 22:08:22 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1d536e5c828d8c857b58a" + } + ] +} +2017-08-26 22:08:22 updated user 59a1d536e5c828d8c857b58a. +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "tobkle", role: "user", id: "59a1d536e5c828d8c857b58a", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1d536e5c828d8c857b58a" + } + ] +} +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 22:08:22 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1d536e5c828d8c857b58a" + } + ] +} +2017-08-26 22:08:22 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "tobkle", role: "user", id: "59a1d536e5c828d8c857b58a", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59a1d536e5c828d8c857b58a", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1d536e5c828d8c857b58a" + } + ] +} +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 22:08:22 Authorize create 'createTweet' with user 'tobkle' and role: 'user' is authorized by docRole. +2017-08-26 22:08:22 inserted tweet 59a1d536e5c828d8c857b58b. +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. +2017-08-26 22:08:22 Request: +User: "tobkle", role: "user", id: "59a1d536e5c828d8c857b58a", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1d536e5c828d8c857b58a" + } + ] +} +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 22:08:22 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "tobkle", role: "user", id: "59a1d536e5c828d8c857b58a", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a1d536e5c828d8c857b58b") { + author { + id + } + body + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1d536e5c828d8c857b58a" + } + ] +} +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "tobkle", role: "user", id: "59a1d536e5c828d8c857b58a", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1d536e5c828d8c857b58a" + } + ] +} +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "tobkle", role: "user", id: "59a1d536e5c828d8c857b58a", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59a1d536e5c828d8c857b58b", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1d536e5c828d8c857b58a" + } + ] +} +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 22:08:22 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59a1d536e5c828d8c857b58a" + }, + { + "coauthorsIds": "59a1d536e5c828d8c857b58a" + } + ] +} +2017-08-26 22:08:22 updated tweet 59a1d536e5c828d8c857b58b. +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "tobkle", role: "user", id: "59a1d536e5c828d8c857b58a", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1d536e5c828d8c857b58a" + } + ] +} +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 22:08:22 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59a1d536e5c828d8c857b58a" + }, + { + "coauthorsIds": "59a1d536e5c828d8c857b58a" + } + ] +} +2017-08-26 22:08:22 ERROR update tweet not possible for 583676d3618530145474e352. +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "tobkle", role: "user", id: "59a1d536e5c828d8c857b58a", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a1d536e5c828d8c857b58b") { + body + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1d536e5c828d8c857b58a" + } + ] +} +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "tobkle", role: "user", id: "59a1d536e5c828d8c857b58a", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59a1d536e5c828d8c857b58b") +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1d536e5c828d8c857b58a" + } + ] +} +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 22:08:22 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59a1d536e5c828d8c857b58a" + } + ] +} +2017-08-26 22:08:22 removed tweet 59a1d536e5c828d8c857b58b. +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "tobkle", role: "user", id: "59a1d536e5c828d8c857b58a", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1d536e5c828d8c857b58a" + } + ] +} +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 22:08:22 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59a1d536e5c828d8c857b58a" + } + ] +} +2017-08-26 22:08:22 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-08-26 22:08:22 -------------------------------------------------------------------------------- +2017-08-26 22:08:22 Request: +User: "tobkle", role: "user", id: "59a1d536e5c828d8c857b58a", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a1d536e5c828d8c857b58b") { + body + } +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1d536e5c828d8c857b58a" + } + ] +} +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 22:08:23 -------------------------------------------------------------------------------- +2017-08-26 22:08:23 Request: +User: "tobkle", role: "user", id: "59a1d536e5c828d8c857b58a", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59a1d536e5c828d8c857b58a") +} + +2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1d536e5c828d8c857b58a" + } + ] +} +2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-26 22:08:23 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a1d536e5c828d8c857b58a" + } + ] +} +2017-08-26 22:08:23 removed user 59a1d536e5c828d8c857b58a. +2017-08-26 22:08:23 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 22:08:23 -------------------------------------------------------------------------------- +2017-08-26 22:08:23 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59a1d536e5c828d8c857b58a") { + username + bio + role + } +} + +2017-08-26 22:08:23 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 22:08:23 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-26 22:08:23 -------------------------------------------------------------------------------- +2017-08-26 22:08:23 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { + id + role + } +} + +2017-08-26 22:08:23 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:23 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:23 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-26 22:08:23 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-26 22:08:23 inserted user 59a1d537e5c828d8c857b58c. +2017-08-26 22:08:23 -------------------------------------------------------------------------------- +2017-08-26 22:08:23 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. +2017-08-26 22:08:23 Request: +User: "tobkle", role: "editor", id: "59a1d537e5c828d8c857b58c", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-08-26 22:08:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1d537e5c828d8c857b58c" + } + ] +} +2017-08-26 22:08:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-26 22:08:23 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. +2017-08-26 22:08:23 -------------------------------------------------------------------------------- +2017-08-26 22:08:23 Request: +User: "tobkle", role: "editor", id: "59a1d537e5c828d8c857b58c", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-26 22:08:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1d537e5c828d8c857b58c" + } + ] +} +2017-08-26 22:08:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-26 22:08:23 -------------------------------------------------------------------------------- +2017-08-26 22:08:23 Request: +User: "tobkle", role: "editor", id: "59a1d537e5c828d8c857b58c", +Operation: "", variables: "", +Query: +{ + user(id: "59a1d537e5c828d8c857b58c") { + username + role + } +} + +2017-08-26 22:08:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1d537e5c828d8c857b58c" + } + ] +} +2017-08-26 22:08:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-26 22:08:23 -------------------------------------------------------------------------------- +2017-08-26 22:08:23 Request: +User: "tobkle", role: "editor", id: "59a1d537e5c828d8c857b58c", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-26 22:08:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1d537e5c828d8c857b58c" + } + ] +} +2017-08-26 22:08:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-26 22:08:23 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1d537e5c828d8c857b58c" + } + ] +} +2017-08-26 22:08:23 ERROR update user not possible for 583291a1638566b3c5a92ca1. +2017-08-26 22:08:23 -------------------------------------------------------------------------------- +2017-08-26 22:08:23 Request: +User: "tobkle", role: "editor", id: "59a1d537e5c828d8c857b58c", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a1d537e5c828d8c857b58c", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-08-26 22:08:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1d537e5c828d8c857b58c" + } + ] +} +2017-08-26 22:08:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-26 22:08:23 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1d537e5c828d8c857b58c" + } + ] +} +2017-08-26 22:08:23 updated user 59a1d537e5c828d8c857b58c. +2017-08-26 22:08:23 -------------------------------------------------------------------------------- +2017-08-26 22:08:23 Request: +User: "tmeasday", role: "editor", id: "59a1d537e5c828d8c857b58c", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a1d537e5c828d8c857b58c", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-26 22:08:23 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1d537e5c828d8c857b58c" + } + ] +} +2017-08-26 22:08:23 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-26 22:08:23 Authorize update 'updateUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1d537e5c828d8c857b58c" + } + ] +} +2017-08-26 22:08:23 updated user 59a1d537e5c828d8c857b58c. +2017-08-26 22:08:23 -------------------------------------------------------------------------------- +2017-08-26 22:08:23 Request: +User: "tmeasday", role: "editor", id: "59a1d537e5c828d8c857b58c", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-26 22:08:23 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1d537e5c828d8c857b58c" + } + ] +} +2017-08-26 22:08:23 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-26 22:08:23 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-08-26 22:08:23 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1d537e5c828d8c857b58c" + } + ] +} +2017-08-26 22:08:23 -------------------------------------------------------------------------------- +2017-08-26 22:08:23 Request: +User: "tmeasday", role: "editor", id: "59a1d537e5c828d8c857b58c", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59a1d537e5c828d8c857b58c", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-26 22:08:23 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1d537e5c828d8c857b58c" + } + ] +} +2017-08-26 22:08:23 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-26 22:08:23 inserted tweet 59a1d537e5c828d8c857b58d. +2017-08-26 22:08:23 Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is authorized by docRole. +2017-08-26 22:08:23 -------------------------------------------------------------------------------- +2017-08-26 22:08:23 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. +2017-08-26 22:08:23 Request: +User: "tmeasday", role: "editor", id: "59a1d537e5c828d8c857b58c", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-26 22:08:23 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1d537e5c828d8c857b58c" + } + ] +} +2017-08-26 22:08:23 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-26 22:08:23 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. +2017-08-26 22:08:23 -------------------------------------------------------------------------------- +2017-08-26 22:08:23 Request: +User: "tmeasday", role: "editor", id: "59a1d537e5c828d8c857b58c", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a1d537e5c828d8c857b58d") { + author { + id + } + body + } +} + +2017-08-26 22:08:23 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1d537e5c828d8c857b58c" + } + ] +} +2017-08-26 22:08:23 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-26 22:08:23 -------------------------------------------------------------------------------- +2017-08-26 22:08:23 Request: +User: "tmeasday", role: "editor", id: "59a1d537e5c828d8c857b58c", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-26 22:08:23 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1d537e5c828d8c857b58c" + } + ] +} +2017-08-26 22:08:23 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-26 22:08:23 -------------------------------------------------------------------------------- +2017-08-26 22:08:23 Request: +User: "tmeasday", role: "editor", id: "59a1d537e5c828d8c857b58c", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59a1d537e5c828d8c857b58d", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-26 22:08:23 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1d537e5c828d8c857b58c" + } + ] +} +2017-08-26 22:08:23 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-26 22:08:23 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59a1d537e5c828d8c857b58c" + }, + { + "coauthorsIds": "59a1d537e5c828d8c857b58c" + } + ] +} +2017-08-26 22:08:23 updated tweet 59a1d537e5c828d8c857b58d. +2017-08-26 22:08:23 -------------------------------------------------------------------------------- +2017-08-26 22:08:23 Request: +User: "tmeasday", role: "editor", id: "59a1d537e5c828d8c857b58c", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-26 22:08:23 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1d537e5c828d8c857b58c" + } + ] +} +2017-08-26 22:08:23 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-26 22:08:23 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59a1d537e5c828d8c857b58c" + }, + { + "coauthorsIds": "59a1d537e5c828d8c857b58c" + } + ] +} +2017-08-26 22:08:23 ERROR update tweet not possible for 583676d3618530145474e352. +2017-08-26 22:08:23 -------------------------------------------------------------------------------- +2017-08-26 22:08:23 Request: +User: "tmeasday", role: "editor", id: "59a1d537e5c828d8c857b58c", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a1d537e5c828d8c857b58d") { + body + } +} + +2017-08-26 22:08:23 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1d537e5c828d8c857b58c" + } + ] +} +2017-08-26 22:08:23 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-26 22:08:23 -------------------------------------------------------------------------------- +2017-08-26 22:08:23 Request: +User: "tmeasday", role: "editor", id: "59a1d537e5c828d8c857b58c", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59a1d537e5c828d8c857b58d") +} + +2017-08-26 22:08:23 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1d537e5c828d8c857b58c" + } + ] +} +2017-08-26 22:08:23 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-26 22:08:23 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59a1d537e5c828d8c857b58c" + } + ] +} +2017-08-26 22:08:23 removed tweet 59a1d537e5c828d8c857b58d. +2017-08-26 22:08:23 -------------------------------------------------------------------------------- +2017-08-26 22:08:23 Request: +User: "tmeasday", role: "editor", id: "59a1d537e5c828d8c857b58c", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-26 22:08:23 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1d537e5c828d8c857b58c" + } + ] +} +2017-08-26 22:08:23 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-26 22:08:23 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59a1d537e5c828d8c857b58c" + } + ] +} +2017-08-26 22:08:23 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-08-26 22:08:23 -------------------------------------------------------------------------------- +2017-08-26 22:08:23 Request: +User: "tmeasday", role: "editor", id: "59a1d537e5c828d8c857b58c", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a1d537e5c828d8c857b58d") { + body + } +} + +2017-08-26 22:08:23 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1d537e5c828d8c857b58c" + } + ] +} +2017-08-26 22:08:23 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-26 22:08:23 -------------------------------------------------------------------------------- +2017-08-26 22:08:23 Request: +User: "tmeasday", role: "editor", id: "59a1d537e5c828d8c857b58c", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59a1d537e5c828d8c857b58c") +} + +2017-08-26 22:08:23 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1d537e5c828d8c857b58c" + } + ] +} +2017-08-26 22:08:23 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-26 22:08:23 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a1d537e5c828d8c857b58c" + } + ] +} +2017-08-26 22:08:23 removed user 59a1d537e5c828d8c857b58c. +2017-08-26 22:08:23 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 22:08:23 -------------------------------------------------------------------------------- +2017-08-26 22:08:23 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59a1d537e5c828d8c857b58c") { + username + bio + role + } +} + +2017-08-26 22:08:23 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-26 22:08:23 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized diff --git a/test/output-app/package.json b/test/output-app/package.json index cc108e3..8e13d69 100644 --- a/test/output-app/package.json +++ b/test/output-app/package.json @@ -6,7 +6,10 @@ "start": "babel-node index.js" }, "config": { - "logfile": "log/all-logs-readable.log" + "logfile": "log/all-logs-readable.log", + "loglevel": "debug", + "maxsize": 5, + "maxfiles": 5 }, "private": true, "author": "", @@ -36,7 +39,7 @@ "bcrypt": "^1.0.2", "body-parser": "1.15.2", "cors": "^2.8.1", - "create-graphql-server-authorization": "^0.0.32", + "create-graphql-server-authorization": "^0.0.33", "dataloader": "^1.2.0", "denodeify": "^1.2.1", "dotenv": "2.0.0", diff --git a/test/output-app/yarn.lock b/test/output-app/yarn.lock index b9a3a1e..8e5b238 100644 --- a/test/output-app/yarn.lock +++ b/test/output-app/yarn.lock @@ -1224,9 +1224,9 @@ crc@3.4.0: version "3.4.0" resolved "https://registry.yarnpkg.com/crc/-/crc-3.4.0.tgz#4258e351613a74ef1153dfcb05e820c3e9715d7f" -create-graphql-server-authorization@^0.0.32: - version "0.0.32" - resolved "https://registry.yarnpkg.com/create-graphql-server-authorization/-/create-graphql-server-authorization-0.0.32.tgz#2fd5edab9c97e8686080e6b74e74291bcdebc231" +create-graphql-server-authorization@^0.0.33: + version "0.0.33" + resolved "https://registry.yarnpkg.com/create-graphql-server-authorization/-/create-graphql-server-authorization-0.0.33.tgz#17c36eb43533a81a03617cb1055a29a588a60d10" dependencies: global "^4.3.2" iterall "^1.1.0" diff --git a/yarn.lock b/yarn.lock index c2e1aa2..b1167c7 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1091,9 +1091,9 @@ cpr@^2.0.0: mkdirp "~0.5.1" rimraf "^2.5.4" -create-graphql-server-authorization@^0.0.32: - version "0.0.32" - resolved "https://registry.yarnpkg.com/create-graphql-server-authorization/-/create-graphql-server-authorization-0.0.32.tgz#2fd5edab9c97e8686080e6b74e74291bcdebc231" +create-graphql-server-authorization@^0.0.33: + version "0.0.33" + resolved "https://registry.yarnpkg.com/create-graphql-server-authorization/-/create-graphql-server-authorization-0.0.33.tgz#17c36eb43533a81a03617cb1055a29a588a60d10" dependencies: global "^4.3.2" iterall "^1.1.0" From a69684f0281b1a5378cce63deff4ffce37b579f2 Mon Sep 17 00:00:00 2001 From: tobkle Date: Sun, 27 Aug 2017 03:19:17 +0200 Subject: [PATCH 65/69] with user password hash --- bin/test-model-generator.js | 2 + generate/model/index.js | 49 +- generate/model/templates/base.js.template | 8 +- generate/schema/index.js | 112 +- package.json | 3 +- skel/package.json | 2 +- test/input/User.graphql | 5 +- .../test-3-mutations-with-user-role-admin.js | 25 +- .../test-4-mutations-with-unknown-user.js | 27 +- .../test-5-mutations-with-user-role-user.js | 35 +- .../test-6-mutations-with-user-role-editor.js | 33 +- test/output-app/log/all-logs-readable.log | 12201 ++++++++++++++++ test/output-app/model/User.js | 8 +- test/output-app/package.json | 2 +- test/output-app/schema/Tweet.graphql | 4 +- test/output-app/schema/User.graphql | 14 +- test/output-app/yarn.lock | 6 +- yarn.lock | 6 +- 18 files changed, 12412 insertions(+), 130 deletions(-) diff --git a/bin/test-model-generator.js b/bin/test-model-generator.js index 478df5f..16d7ae1 100644 --- a/bin/test-model-generator.js +++ b/bin/test-model-generator.js @@ -10,8 +10,10 @@ import generateResolvers from '../generate/resolvers'; import generateModel from '../generate/model'; const input = readInput(`${__dirname}/../test/input/User.graphql`); +// const input = readInput(`${__dirname}/../test/input/Tweet.graphql`); const schema = generateSchema(input); const resolverOutput = generateResolvers(input, schema); const modelOutput = generateModel(input, schema); console.log(print(schema)); +// console.log(modelOutput); \ No newline at end of file diff --git a/generate/model/index.js b/generate/model/index.js index 9fa205c..3a56a71 100644 --- a/generate/model/index.js +++ b/generate/model/index.js @@ -73,6 +73,45 @@ const generators = { }, }; +function getClassMethods(program){ + let classMethodsAst; + if (program && program.body.length > 0){ + program.body.forEach(Node => { + if (Node.type && + Node.type === 'ExportDefaultDeclaration' && + Node.declaration && + Node.declaration.type && + Node.declaration.type === 'ClassDeclaration' && + Node.declaration.body && + Node.declaration.body.type && + Node.declaration.body.type === 'ClassBody' && + Node.declaration.body.body){ + classMethodsAst = Node.declaration.body.body; + } + }); + } + return classMethodsAst; +} + +function getResolverClassMethod(program){ + let classMethodsAst; + if (program && program.body.length > 0){ + program.body.forEach(Node => { + if (Node.type && + Node.type === 'ClassDeclaration' && + Node.body && + Node.body.type && + Node.body.type === 'ClassBody' && + Node.body.body && + Node.body.body.length > 0 && + Node.body.body[0].type === 'ClassMethod'){ + classMethodsAst = Node.body.body[0]; + } + }); + } + return classMethodsAst; +} + export function generateModelAst(inputSchema) { const type = inputSchema.definitions[0]; const TypeName = type.name.value; @@ -87,19 +126,13 @@ export function generateModelAst(inputSchema) { // XXX: rather than hardcoding in array indices it would be less brittle to // walk the tree using https://github.com/benjamn/ast-types // find: 'ExportDefaultDeclaration' - const classMethodsAst = ast.program.body[3] - // find class declaration - .declaration - .body.body; + const classMethodsAst = getClassMethods(ast.program); const findOneMethod = classMethodsAst.find(m => m.key.name === 'find'); let nextIndex = classMethodsAst.indexOf(findOneMethod) + 1; - generatePerField(type, generators).forEach((resolverFunctionAst) => { - const classMethodAst = resolverFunctionAst.program.body[0] // class declaration - .body.body[0]; // classMethod - + const classMethodAst = getResolverClassMethod(resolverFunctionAst.program); classMethodsAst.splice(nextIndex, 0, classMethodAst); nextIndex += 1; }); diff --git a/generate/model/templates/base.js.template b/generate/model/templates/base.js.template index a022aaf..916803d 100644 --- a/generate/model/templates/base.js.template +++ b/generate/model/templates/base.js.template @@ -1,5 +1,5 @@ import DataLoader from 'dataloader'; -import { findByIds, queryForRoles, getLogFilename, logger, authlog, checkAuthDoc, protectFields } from 'create-graphql-server-authorization'; +import { findByIds, queryForRoles, getLogFilename, logger, authlog, checkAuthDoc, protectFields } from 'create-graphql-server-authorization';generateBcryptDefinition const log = logger(getLogFilename()); export default class TypeName { @@ -33,12 +33,6 @@ export default class TypeName { async insert(doc, me, resolver) { try { - let docToInsert = Object.assign({}, doc, { - createdAt: Date.now(), - updatedAt: Date.now(), - createdById: (me && me._id) ? me._id : 'unknown', - updatedById: (me && me._id) ? me._id : 'unknown', - }); generateAuthCodeModeCreate const id = (await this.collection.insertOne(docToInsert)).insertedId; if (!id) { diff --git a/generate/schema/index.js b/generate/schema/index.js index f1b50ec..c2913db 100644 --- a/generate/schema/index.js +++ b/generate/schema/index.js @@ -14,13 +14,36 @@ import { SCALAR_TYPE_NAMES, } from '../util/graphql'; -import { isAuthorizeDirectiveDefined } from 'create-graphql-server-authorization'; +import { lcFirst } from '../util/capitalization'; +import { adjustSchemaForAuthorization } from 'create-graphql-server-authorization'; /* eslint-disable no-param-reassign */ -export default function generateSchema(inputSchema) { +function getType(field){ + if (field && + field.type && + field.type.kind && + (field.type.kind === 'Name' || + field.type.kind === 'NamedType') && + field.type.name && + field.type.name.value) + return field.type.name.value; + else if (field && + field.type && + field.type.kind && + field.type.kind === 'NonNullType' && + field.type.type && + field.type.type.kind && + (field.type.type.kind === 'Name' || + field.type.type.kind === 'NamedType') && + field.type.type.name && + field.type.type.name.value + ) + return field.type.type.name.value; + return ''; +} - debugger; +export default function generateSchema(inputSchema) { // Check that the input looks like we expect -- a single ObjectType definition assert(inputSchema.kind === 'Document'); assert(inputSchema.definitions.length === 1); @@ -28,11 +51,12 @@ export default function generateSchema(inputSchema) { const outputSchema = cloneDeep(inputSchema); const type = outputSchema.definitions[0]; - const typeName = type.name.value; - const authorize = isAuthorizeDirectiveDefined(outputSchema); + const TypeName = type.name.value; + const typeName = lcFirst(TypeName); const createInputFields = []; const updateInputFields = []; + type.fields.forEach((field) => { const directivesByName = {}; field.directives.forEach((directive) => { @@ -51,16 +75,19 @@ export default function generateSchema(inputSchema) { if (possibleInputType.kind === 'NamedType') { const isScalarField = includes(SCALAR_TYPE_NAMES, possibleInputType.name.value); - let inputField; + let inputFieldCreate = ''; + let inputFieldUpdate = ''; if (isScalarField || !!directivesByName.enum) { - inputField = field; + inputFieldCreate = field; + inputFieldUpdate = buildField(`${field.name.value}`, [], `${getType(field)}`); } else { - inputField = buildField(`${field.name.value}Id`, [], `ObjID${inputTypeModifier}`); + inputFieldCreate = buildField(`${field.name.value}Id`, [], `ObjID${inputTypeModifier}`); + inputFieldUpdate = buildField(`${field.name.value}Id`, [], `ObjID`); } - createInputFields.push(inputField); + createInputFields.push(inputFieldCreate); if (!directivesByName.unmodifiable) { - updateInputFields.push(inputField); + updateInputFields.push(inputFieldUpdate); } } @@ -76,16 +103,19 @@ export default function generateSchema(inputSchema) { } const isScalarField = includes(SCALAR_TYPE_NAMES, possibleInputType.name.value); - let inputField; + let inputFieldCreate = ''; + let inputFieldUpdate = ''; if (isScalarField || !!directivesByName.enum) { - inputField = `[${field}]`; + inputFieldCreate = `[${field}]`; + inputFieldUpdate = `[${field}]`; } else { - inputField = buildField(`${field.name.value}Ids`, [], `[ObjID${inputTypeModifier}]`); + inputFieldCreate = buildField(`${field.name.value}Ids`, [], `[ObjID${inputTypeModifier}]`); + inputFieldUpdate = buildField(`${field.name.value}Ids`, [], `[ObjID]`); } - createInputFields.push(inputField); + createInputFields.push(inputFieldCreate); if (!directivesByName.unmodifiable) { - updateInputFields.push(inputField); + updateInputFields.push(inputFieldUpdate); } } @@ -93,29 +123,37 @@ export default function generateSchema(inputSchema) { }); type.fields.unshift(buildField('id', [], 'ObjID!')); - type.fields.push(buildField('createdAt', [], 'Float!')); - type.fields.push(buildField('updatedAt', [], 'Float!')); - - // for safety reasons: - // only with @authorize we know that there is a "User" type defined - if (authorize){ - type.fields.push(buildField('createdBy', [], 'User')); - type.fields.push(buildField('updatedBy', [], 'User')); - } - - const queryOneField = buildField(typeName.toLowerCase(), [idArgument()], typeName); - const queryAllField = buildField(`${typeName.toLowerCase()}s`, [], `[${typeName}!]`); + + // adjustments to types from authorization + const adjustments = adjustSchemaForAuthorization(typeName, inputSchema); + adjustments && adjustments.forEach(field => { + const fieldSetup = buildField(field.name, [], field.type); + switch (field.mode){ + case 'create': + createInputFields.push(fieldSetup); + break; + case 'update': + updateInputFields.push(fieldSetup); + break; + case 'read': + type.fields.push(fieldSetup); + break; + } + }); + + const queryOneField = buildField(TypeName.toLowerCase(), [idArgument()], TypeName); + const queryAllField = buildField(`${TypeName.toLowerCase()}s`, [], `[${TypeName}!]`); addPaginationArguments(queryAllField); outputSchema.definitions.push( buildTypeExtension(buildTypeDefinition('Query', [queryAllField, queryOneField])) ); - const createInputTypeName = `Create${typeName}Input`; + const createInputTypeName = `Create${TypeName}Input`; outputSchema.definitions.push( buildTypeDefinition(createInputTypeName, createInputFields, 'InputObjectTypeDefinition') ); - const updateInputTypeName = `Update${typeName}Input`; + const updateInputTypeName = `Update${TypeName}Input`; outputSchema.definitions.push( buildTypeDefinition(updateInputTypeName, updateInputFields, 'InputObjectTypeDefinition') ); @@ -124,24 +162,24 @@ export default function generateSchema(inputSchema) { outputSchema.definitions.push(buildTypeExtension( buildTypeDefinition('Mutation', [ - buildField(`create${typeName}`, [ + buildField(`create${TypeName}`, [ buildArgument('input', `${createInputTypeName}!`), - ], typeName), + ], TypeName), - buildField(`update${typeName}`, [ + buildField(`update${TypeName}`, [ idArgument(), buildArgument('input', `${updateInputTypeName}!`), - ], typeName), + ], TypeName), - buildField(`remove${typeName}`, [idArgument()], 'Boolean'), + buildField(`remove${TypeName}`, [idArgument()], 'Boolean'), ]) )); outputSchema.definitions.push(buildTypeExtension( buildTypeDefinition('Subscription', [ - buildField(`${typeName.toLowerCase()}Created`, [], typeName), - buildField(`${typeName.toLowerCase()}Updated`, [], typeName), - buildField(`${typeName.toLowerCase()}Removed`, [], 'ObjID'), + buildField(`${TypeName.toLowerCase()}Created`, [], TypeName), + buildField(`${TypeName.toLowerCase()}Updated`, [], TypeName), + buildField(`${TypeName.toLowerCase()}Removed`, [], 'ObjID'), ]) )); diff --git a/package.json b/package.json index f541369..5293d88 100644 --- a/package.json +++ b/package.json @@ -53,11 +53,12 @@ "babylon": "^6.14.1", "chalk": "^1.1.3", "cpr": "^2.0.0", - "create-graphql-server-authorization": "^0.0.33", + "create-graphql-server-authorization": "^0.0.35", "denodeify": "^1.2.1", "escape-string-regexp": "^1.0.5", "global": "^4.3.2", "graphql": "0.7.2", + "lodash": "^4.17.4", "lodash.clonedeep": "^4.5.0", "lodash.includes": "^4.3.0", "lodash.merge": "^4.6.0", diff --git a/skel/package.json b/skel/package.json index 0a79482..a7f1f12 100644 --- a/skel/package.json +++ b/skel/package.json @@ -39,7 +39,7 @@ "bcrypt": "^1.0.2", "body-parser": "1.15.2", "cors": "^2.8.1", - "create-graphql-server-authorization": "^0.0.33", + "create-graphql-server-authorization": "^0.0.35", "dataloader": "^1.2.0", "denodeify": "^1.2.1", "dotenv": "2.0.0", diff --git a/test/input/User.graphql b/test/input/User.graphql index 1a89101..2fbe6bc 100644 --- a/test/input/User.graphql +++ b/test/input/User.graphql @@ -6,8 +6,9 @@ type User ) { - role: String @authRole(for: ["admin"]) - username: String! + role: String @authRole(for: ["admin"]) + email: String! + username: String bio: String notify: Boolean diff --git a/test/output-app-end-to-end/test-3-mutations-with-user-role-admin.js b/test/output-app-end-to-end/test-3-mutations-with-user-role-admin.js index 7724602..5538aa4 100644 --- a/test/output-app-end-to-end/test-3-mutations-with-user-role-admin.js +++ b/test/output-app-end-to-end/test-3-mutations-with-user-role-admin.js @@ -9,17 +9,14 @@ let tweetId2; let tweetIdOthers; function makeUserInput(user) { - if (user.role) - return `{ - username: "${user.username}", - bio: "${user.bio}", - role: "${user.role}" - }`; - else - return `{ - username: "${user.username}", - bio: "${user.bio}" - }`; + let query = `{`; + Object.keys(user).forEach(field => { + query = query + ` + ${field}: "${user[field]}"`; + }); + query = query + ` + }`; + return query; } function makeTweetInput(tweet, userId) { @@ -39,6 +36,8 @@ describe('test-3: user with role "admin"', () => { before(function(done) { const expectedUser = { + email: 'tobias@gmail.com', + password: 'password', username: 'tobkle', bio: 'someone', role: 'admin' @@ -78,6 +77,8 @@ describe('test-3: user with role "admin"', () => { it('admin user created new "other" user with role "editor"', () => { const expectedUser = { + email: 'zol@gmail.com', + password: 'password', username: 'zol', bio: 'Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead', role: 'editor' @@ -125,7 +126,7 @@ describe('test-3: user with role "admin"', () => { }); it('can update other users', () => { - const modifiedUser = { + const modifiedUser = { username: 'zoltan', bio: 'Maker of things, I guess', role: 'editor' diff --git a/test/output-app-end-to-end/test-4-mutations-with-unknown-user.js b/test/output-app-end-to-end/test-4-mutations-with-unknown-user.js index b9654db..b0cd010 100644 --- a/test/output-app-end-to-end/test-4-mutations-with-unknown-user.js +++ b/test/output-app-end-to-end/test-4-mutations-with-unknown-user.js @@ -7,17 +7,14 @@ let tweetId; const tweetIdOthers = '583676d3618530145474e352'; function makeUserInput(user) { - if (user.role) - return `{ - username: "${user.username}", - bio: "${user.bio}", - role: "${user.role}" - }`; - else - return `{ - username: "${user.username}", - bio: "${user.bio}" - }`; + let query = `{`; + Object.keys(user).forEach(field => { + query = query + ` + ${field}: "${user[field]}"`; + }); + query = query + ` + }`; + return query; } function makeTweetInput(tweet, userId) { @@ -39,9 +36,11 @@ describe('test-4: unkown user (e.g. not signed in, or expired token)', () => { it('can not create users', () => { const expectedUser = { - username: 'zol', - bio: 'Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead', - role: 'user' + email: 'tobias@gmail.com', + password: 'password', + username: 'tobkle', + bio: 'someone', + role: 'admin' }; return sendQuery({query: ` mutation { diff --git a/test/output-app-end-to-end/test-5-mutations-with-user-role-user.js b/test/output-app-end-to-end/test-5-mutations-with-user-role-user.js index aa585f8..9800a7e 100644 --- a/test/output-app-end-to-end/test-5-mutations-with-user-role-user.js +++ b/test/output-app-end-to-end/test-5-mutations-with-user-role-user.js @@ -7,17 +7,14 @@ let tweetId; const tweetIdOthers = '583676d3618530145474e352'; function makeUserInput(user) { - if (user.role) - return `{ - username: "${user.username}", - bio: "${user.bio}", - role: "${user.role}" - }`; - else - return `{ - username: "${user.username}", - bio: "${user.bio}" - }`; + let query = `{`; + Object.keys(user).forEach(field => { + query = query + ` + ${field}: "${user[field]}"`; + }); + query = query + ` + }`; + return query; } function makeTweetInput(tweet, userId) { @@ -36,11 +33,13 @@ function makeTweetInput(tweet, userId) { describe('test-5: user with role "user"', () => { before(function(done) { - const expectedUser = { - username: 'tobkle', - bio: 'someone', - role: 'user' - }; + const expectedUser = { + email: 'tobias@gmail.com', + password: 'password', + username: 'tobkle', + bio: 'someone', + role: 'user' + }; sendQuery({query: ` mutation { createUser(input: ${makeUserInput(expectedUser)}) { @@ -73,9 +72,11 @@ describe('test-5: user with role "user"', () => { it('can not create users', () => { const expectedUser = { + email: 'zol@gmail.com', + password: 'password', username: 'zol', bio: 'Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead', - role: 'user' + role: 'editor' }; return sendQuery({query: ` mutation { diff --git a/test/output-app-end-to-end/test-6-mutations-with-user-role-editor.js b/test/output-app-end-to-end/test-6-mutations-with-user-role-editor.js index 5cdc327..674c587 100644 --- a/test/output-app-end-to-end/test-6-mutations-with-user-role-editor.js +++ b/test/output-app-end-to-end/test-6-mutations-with-user-role-editor.js @@ -7,17 +7,14 @@ let tweetId; const tweetIdOthers = '583676d3618530145474e352'; function makeUserInput(user) { - if (user.role) - return `{ - username: "${user.username}", - bio: "${user.bio}", - role: "${user.role}" - }`; - else - return `{ - username: "${user.username}", - bio: "${user.bio}" - }`; + let query = `{`; + Object.keys(user).forEach(field => { + query = query + ` + ${field}: "${user[field]}"`; + }); + query = query + ` + }`; + return query; } function makeTweetInput(tweet, userId) { @@ -36,11 +33,13 @@ function makeTweetInput(tweet, userId) { describe('test-6: user with role "editor"', () => { before(function(done) { - const expectedUser = { - username: 'tobkle', - bio: 'someone', - role: 'editor' - }; + const expectedUser = { + email: 'tobias@gmail.com', + password: 'password', + username: 'tobkle', + bio: 'someone', + role: 'editor' + }; sendQuery({query: ` mutation { createUser(input: ${makeUserInput(expectedUser)}) { @@ -73,6 +72,8 @@ describe('test-6: user with role "editor"', () => { it('can not create users', () => { const expectedUser = { + email: 'zol@gmail.com', + password: 'password', username: 'zol', bio: 'Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead', role: 'editor' diff --git a/test/output-app/log/all-logs-readable.log b/test/output-app/log/all-logs-readable.log index 338f21b..f52f07c 100644 --- a/test/output-app/log/all-logs-readable.log +++ b/test/output-app/log/all-logs-readable.log @@ -34584,3 +34584,12204 @@ Query: 2017-08-26 22:08:23 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. 2017-08-26 22:08:23 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-26 22:26:03 Logger started +2017-08-26 22:27:06 Logger started +2017-08-26 22:36:38 Logger started +2017-08-26 22:38:14 Logger started +2017-08-26 22:47:37 Logger started +2017-08-26 22:48:05 Logger started +2017-08-26 22:48:28 Logger started +2017-08-26 22:48:46 Logger started +2017-08-26 22:48:54 Logger started +2017-08-26 22:58:41 Logger started +2017-08-27 01:25:19 Logger started +2017-08-27 01:27:29 Logger started +2017-08-27 01:41:46 Logger started +2017-08-27 01:54:39 -------------------------------------------------------------------------------- +2017-08-27 01:54:39 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-08-27 01:54:39 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:54:39 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + role + username + } +} + +2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + role + username + } +} + +2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca2") { + role + username + } +} + +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + id + username + bio + } +} + +2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users { + username + createdAt + } +} + +2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(limit: 1) { + username + createdAt + } +} + +2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993) { + username + createdAt + } +} + +2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } +} + +2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers { + username + createdAt + } + } +} + +2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(limit: 1) { + username + createdAt + } + } +} + +2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following { + username + createdAt + } + } +} + +2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(limit: 1) { + username + createdAt + } + } +} + +2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets { + id + createdAt + } + } +} + +2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(limit: 1) { + id + createdAt + } + } +} + +2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } + } +} + +2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } + } +} + +2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked { + id + createdAt + } + } +} + +2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(limit: 1) { + id + createdAt + } + } +} + +2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334) { + id + createdAt + } + } +} + +2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334, limit: 1) { + id + createdAt + } + } +} + +2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + id + body + } +} + +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + author { + username + } + } +} + +2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets { + id + createdAt + } +} + +2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(limit: 1) { + id + createdAt + } +} + +2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } +} + +2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } +} + +2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers { + username + createdAt + } + } +} + +2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(limit: 1) { + username + createdAt + } + } +} + +2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993) { + username + createdAt + } + } +} + +2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } + } +} + +2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { + id + role + } +} + +2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "undefined") { + username + bio + role + } +} + +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "undefined") { + username + role + } +} + +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "undefined", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "undefined", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "undefined") +} + +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "undefined", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "undefined") { + author { + id + } + body + } +} + +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:03 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "undefined", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "undefined", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "undefined") { + body + } +} + +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "undefined") +} + +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "undefined") +} + +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "undefined") { + body + } +} + +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "undefined") +} + +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "undefined") { + username + bio + role + } +} + +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:03 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:03 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:03 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:03 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:03 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { + id + role + } +} + +2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + id + } +} + +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "undefined") { + username + } +} + +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "undefined") { + username + role + } +} + +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 -------------------------------------------------------------------------------- +2017-08-27 01:55:03 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 -------------------------------------------------------------------------------- +2017-08-27 01:55:04 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 -------------------------------------------------------------------------------- +2017-08-27 01:55:04 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 -------------------------------------------------------------------------------- +2017-08-27 01:55:04 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "undefined", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 -------------------------------------------------------------------------------- +2017-08-27 01:55:04 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:04 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 -------------------------------------------------------------------------------- +2017-08-27 01:55:04 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "undefined") { + author { + id + } + body + } +} + +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 -------------------------------------------------------------------------------- +2017-08-27 01:55:04 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 -------------------------------------------------------------------------------- +2017-08-27 01:55:04 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "undefined", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 -------------------------------------------------------------------------------- +2017-08-27 01:55:04 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:04 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 -------------------------------------------------------------------------------- +2017-08-27 01:55:04 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "undefined") { + body + } +} + +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 -------------------------------------------------------------------------------- +2017-08-27 01:55:04 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "undefined") +} + +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 -------------------------------------------------------------------------------- +2017-08-27 01:55:04 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:04 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 -------------------------------------------------------------------------------- +2017-08-27 01:55:04 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "undefined") { + body + } +} + +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 -------------------------------------------------------------------------------- +2017-08-27 01:55:04 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "undefined") +} + +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 -------------------------------------------------------------------------------- +2017-08-27 01:55:04 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "undefined") { + username + bio + role + } +} + +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:04 -------------------------------------------------------------------------------- +2017-08-27 01:55:04 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { + id + role + } +} + +2017-08-27 01:55:04 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 -------------------------------------------------------------------------------- +2017-08-27 01:55:04 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 -------------------------------------------------------------------------------- +2017-08-27 01:55:04 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 -------------------------------------------------------------------------------- +2017-08-27 01:55:04 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "undefined") { + username + role + } +} + +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 -------------------------------------------------------------------------------- +2017-08-27 01:55:04 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 -------------------------------------------------------------------------------- +2017-08-27 01:55:04 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "undefined", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 -------------------------------------------------------------------------------- +2017-08-27 01:55:04 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "undefined", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 -------------------------------------------------------------------------------- +2017-08-27 01:55:04 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:04 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 -------------------------------------------------------------------------------- +2017-08-27 01:55:04 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "undefined", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 -------------------------------------------------------------------------------- +2017-08-27 01:55:04 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:04 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 -------------------------------------------------------------------------------- +2017-08-27 01:55:04 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "undefined") { + author { + id + } + body + } +} + +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 -------------------------------------------------------------------------------- +2017-08-27 01:55:04 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 -------------------------------------------------------------------------------- +2017-08-27 01:55:04 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "undefined", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 -------------------------------------------------------------------------------- +2017-08-27 01:55:04 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:04 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 -------------------------------------------------------------------------------- +2017-08-27 01:55:04 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "undefined") { + body + } +} + +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 -------------------------------------------------------------------------------- +2017-08-27 01:55:04 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "undefined") +} + +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 -------------------------------------------------------------------------------- +2017-08-27 01:55:04 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:04 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 -------------------------------------------------------------------------------- +2017-08-27 01:55:04 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "undefined") { + body + } +} + +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 -------------------------------------------------------------------------------- +2017-08-27 01:55:04 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "undefined") +} + +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 -------------------------------------------------------------------------------- +2017-08-27 01:55:04 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "undefined") { + username + bio + role + } +} + +2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 01:58:33 Logger started +2017-08-27 02:05:06 -------------------------------------------------------------------------------- +2017-08-27 02:05:06 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-08-27 02:05:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:05:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:05:28 -------------------------------------------------------------------------------- +2017-08-27 02:05:28 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "admin"}) { + id + role + } +} + +2017-08-27 02:05:28 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:05:28 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:05:28 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:05:28 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-27 02:05:28 inserted user 59a20cc84bf691038d8fccea. +2017-08-27 02:05:28 -------------------------------------------------------------------------------- +2017-08-27 02:05:28 Request: +User: "tobkle", role: "admin", id: "59a20cc84bf691038d8fccea", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {email: "zol@gmail.com", password: "password", username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-08-27 02:05:28 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:05:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:05:28 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:05:28 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-27 02:05:28 inserted user 59a20cc84bf691038d8fcceb. +2017-08-27 02:05:28 -------------------------------------------------------------------------------- +2017-08-27 02:05:28 Request: +User: "tobkle", role: "admin", id: "59a20cc84bf691038d8fccea", +Operation: "", variables: "", +Query: +{ + user(id: "59a20cc84bf691038d8fcceb") { + username + bio + role + } +} + +2017-08-27 02:05:28 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:05:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:05:28 -------------------------------------------------------------------------------- +2017-08-27 02:05:28 Request: +User: "tobkle", role: "admin", id: "59a20cc84bf691038d8fccea", +Operation: "", variables: "", +Query: +{ + user(id: "59a20cc84bf691038d8fccea") { + username + role + } +} + +2017-08-27 02:05:28 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:05:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:05:28 -------------------------------------------------------------------------------- +2017-08-27 02:05:28 Request: +User: "tobkle", role: "admin", id: "59a20cc84bf691038d8fccea", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a20cc84bf691038d8fcceb", input: {email: "undefined", password: "undefined", username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-08-27 02:05:28 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:05:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:05:28 -------------------------------------------------------------------------------- +2017-08-27 02:05:28 Request: +User: "tobkle", role: "admin", id: "59a20cc84bf691038d8fccea", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a20cc84bf691038d8fccea", input: {email: "undefined", password: "undefined", username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 02:05:28 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:05:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:05:28 -------------------------------------------------------------------------------- +2017-08-27 02:05:28 Request: +User: "tobkle", role: "admin", id: "59a20cc84bf691038d8fccea", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a20cc84bf691038d8fcceb", input: {email: "undefined", password: "undefined", username: "zoltan", bio: "now an admin", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 02:05:28 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:05:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:05:28 -------------------------------------------------------------------------------- +2017-08-27 02:05:28 Request: +User: "tobkle", role: "admin", id: "59a20cc84bf691038d8fccea", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a20cc84bf691038d8fccea", input: {email: "undefined", password: "undefined", username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-08-27 02:05:28 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:05:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:05:28 -------------------------------------------------------------------------------- +2017-08-27 02:05:28 Request: +User: "tobkle", role: "admin", id: "59a20cc84bf691038d8fccea", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a20cc84bf691038d8fccea", input: {email: "undefined", password: "undefined", username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 02:05:28 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:05:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:05:28 -------------------------------------------------------------------------------- +2017-08-27 02:05:28 Request: +User: "zol", role: "editor", id: "59a20cc84bf691038d8fcceb", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a20cc84bf691038d8fccea", input: {email: "undefined", password: "undefined", username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 02:05:28 Authorize readOne 'user findOneById' with user 'zol' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a20cc84bf691038d8fcceb" + } + ] +} +2017-08-27 02:05:28 Authorize readOne 'tweet findOneById' with user 'zol' and role 'editor' is authorized +2017-08-27 02:05:29 -------------------------------------------------------------------------------- +2017-08-27 02:05:29 Request: +User: "tobkle", role: "admin", id: "59a20cc84bf691038d8fccea", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59a20cc84bf691038d8fcceb") +} + +2017-08-27 02:05:29 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:05:29 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:05:29 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:05:29 removed user 59a20cc84bf691038d8fcceb. +2017-08-27 02:05:29 -------------------------------------------------------------------------------- +2017-08-27 02:05:29 Request: +User: "tobkle", role: "admin", id: "59a20cc84bf691038d8fccea", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59a20cc84bf691038d8fccea", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-27 02:05:29 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:05:29 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:05:29 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:05:29 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-27 02:05:29 inserted tweet 59a20cc94bf691038d8fccec. +2017-08-27 02:05:29 -------------------------------------------------------------------------------- +2017-08-27 02:05:29 Request: +User: "tobkle", role: "admin", id: "59a20cc84bf691038d8fccea", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-27 02:05:29 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:05:29 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:05:29 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:05:29 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-27 02:05:29 -------------------------------------------------------------------------------- +2017-08-27 02:05:29 inserted tweet 59a20cc94bf691038d8fcced. +2017-08-27 02:05:29 Request: +User: "tobkle", role: "admin", id: "59a20cc84bf691038d8fccea", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a20cc94bf691038d8fccec") { + author { + id + } + body + } +} + +2017-08-27 02:05:29 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:05:29 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:05:29 -------------------------------------------------------------------------------- +2017-08-27 02:05:29 Request: +User: "tobkle", role: "admin", id: "59a20cc84bf691038d8fccea", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-27 02:05:29 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:05:29 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:05:29 -------------------------------------------------------------------------------- +2017-08-27 02:05:29 Request: +User: "tobkle", role: "admin", id: "59a20cc84bf691038d8fccea", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59a20cc94bf691038d8fccec", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-27 02:05:29 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:05:29 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:05:29 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:05:29 updated tweet 59a20cc94bf691038d8fccec. +2017-08-27 02:05:29 -------------------------------------------------------------------------------- +2017-08-27 02:05:29 Request: +User: "tobkle", role: "admin", id: "59a20cc84bf691038d8fccea", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59a20cc94bf691038d8fcced", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-27 02:05:29 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:05:29 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:05:29 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:05:29 updated tweet 59a20cc94bf691038d8fcced. +2017-08-27 02:05:29 -------------------------------------------------------------------------------- +2017-08-27 02:05:29 Request: +User: "tobkle", role: "admin", id: "59a20cc84bf691038d8fccea", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a20cc94bf691038d8fccec") { + body + } +} + +2017-08-27 02:05:29 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:05:29 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:05:29 -------------------------------------------------------------------------------- +2017-08-27 02:05:29 Request: +User: "tobkle", role: "admin", id: "59a20cc84bf691038d8fccea", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59a20cc94bf691038d8fccec") +} + +2017-08-27 02:05:29 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:05:29 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:05:29 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:05:29 removed tweet 59a20cc94bf691038d8fccec. +2017-08-27 02:05:29 -------------------------------------------------------------------------------- +2017-08-27 02:05:29 Request: +User: "tobkle", role: "admin", id: "59a20cc84bf691038d8fccea", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59a20cc94bf691038d8fcced") +} + +2017-08-27 02:05:29 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:05:29 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:05:29 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:05:29 removed tweet 59a20cc94bf691038d8fcced. +2017-08-27 02:05:29 -------------------------------------------------------------------------------- +2017-08-27 02:05:29 Request: +User: "tobkle", role: "admin", id: "59a20cc84bf691038d8fccea", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a20cc94bf691038d8fccec") { + body + } +} + +2017-08-27 02:05:29 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:05:29 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:05:29 -------------------------------------------------------------------------------- +2017-08-27 02:05:29 Request: +User: "tobkle", role: "admin", id: "59a20cc84bf691038d8fccea", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59a20cc84bf691038d8fccea") +} + +2017-08-27 02:05:29 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:05:29 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:05:29 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:05:29 removed user 59a20cc84bf691038d8fccea. +2017-08-27 02:05:29 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:05:29 -------------------------------------------------------------------------------- +2017-08-27 02:05:29 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59a20cc84bf691038d8fccea") { + username + bio + role + } +} + +2017-08-27 02:05:29 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:05:29 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:06:43 Logger started +2017-08-27 02:06:56 -------------------------------------------------------------------------------- +2017-08-27 02:06:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-08-27 02:06:56 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:06:56 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:07:17 -------------------------------------------------------------------------------- +2017-08-27 02:07:17 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "admin"}) { + id + role + } +} + +2017-08-27 02:07:17 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:07:17 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:07:17 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:07:17 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-27 02:07:17 inserted user 59a20d35dce0b1045f71660e. +2017-08-27 02:07:17 -------------------------------------------------------------------------------- +2017-08-27 02:07:17 Request: +User: "tobkle", role: "admin", id: "59a20d35dce0b1045f71660e", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {email: "zol@gmail.com", password: "password", username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-08-27 02:07:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:07:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:07:17 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:07:17 inserted user 59a20d35dce0b1045f71660f. +2017-08-27 02:07:17 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-27 02:07:17 -------------------------------------------------------------------------------- +2017-08-27 02:07:17 Request: +User: "tobkle", role: "admin", id: "59a20d35dce0b1045f71660e", +Operation: "", variables: "", +Query: +{ + user(id: "59a20d35dce0b1045f71660f") { + username + bio + role + } +} + +2017-08-27 02:07:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:07:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:07:17 -------------------------------------------------------------------------------- +2017-08-27 02:07:17 Request: +User: "tobkle", role: "admin", id: "59a20d35dce0b1045f71660e", +Operation: "", variables: "", +Query: +{ + user(id: "59a20d35dce0b1045f71660e") { + username + role + } +} + +2017-08-27 02:07:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:07:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:07:17 -------------------------------------------------------------------------------- +2017-08-27 02:07:17 Request: +User: "tobkle", role: "admin", id: "59a20d35dce0b1045f71660e", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a20d35dce0b1045f71660f", input: {email: "undefined", password: "undefined", username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-08-27 02:07:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:07:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:07:17 -------------------------------------------------------------------------------- +2017-08-27 02:07:17 Request: +User: "tobkle", role: "admin", id: "59a20d35dce0b1045f71660e", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a20d35dce0b1045f71660e", input: {email: "undefined", password: "undefined", username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 02:07:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:07:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:07:17 -------------------------------------------------------------------------------- +2017-08-27 02:07:17 Request: +User: "tobkle", role: "admin", id: "59a20d35dce0b1045f71660e", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a20d35dce0b1045f71660f", input: {email: "undefined", password: "undefined", username: "zoltan", bio: "now an admin", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 02:07:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:07:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:07:17 -------------------------------------------------------------------------------- +2017-08-27 02:07:17 Request: +User: "tobkle", role: "admin", id: "59a20d35dce0b1045f71660e", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a20d35dce0b1045f71660e", input: {email: "undefined", password: "undefined", username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-08-27 02:07:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:07:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:07:17 -------------------------------------------------------------------------------- +2017-08-27 02:07:17 Request: +User: "tobkle", role: "admin", id: "59a20d35dce0b1045f71660e", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a20d35dce0b1045f71660e", input: {email: "undefined", password: "undefined", username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 02:07:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:07:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:07:17 -------------------------------------------------------------------------------- +2017-08-27 02:07:17 Request: +User: "zol", role: "editor", id: "59a20d35dce0b1045f71660f", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a20d35dce0b1045f71660e", input: {email: "undefined", password: "undefined", username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 02:07:17 Authorize readOne 'user findOneById' with user 'zol' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a20d35dce0b1045f71660f" + } + ] +} +2017-08-27 02:07:17 Authorize readOne 'tweet findOneById' with user 'zol' and role 'editor' is authorized +2017-08-27 02:07:17 -------------------------------------------------------------------------------- +2017-08-27 02:07:17 Request: +User: "tobkle", role: "admin", id: "59a20d35dce0b1045f71660e", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59a20d35dce0b1045f71660f") +} + +2017-08-27 02:07:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:07:17 removed user 59a20d35dce0b1045f71660f. +2017-08-27 02:07:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:07:17 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:07:17 -------------------------------------------------------------------------------- +2017-08-27 02:07:17 Request: +User: "tobkle", role: "admin", id: "59a20d35dce0b1045f71660e", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59a20d35dce0b1045f71660e", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-27 02:07:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:07:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:07:17 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:07:17 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-27 02:07:17 inserted tweet 59a20d35dce0b1045f716610. +2017-08-27 02:07:17 -------------------------------------------------------------------------------- +2017-08-27 02:07:17 Request: +User: "tobkle", role: "admin", id: "59a20d35dce0b1045f71660e", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-27 02:07:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:07:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:07:17 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:07:17 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-27 02:07:17 -------------------------------------------------------------------------------- +2017-08-27 02:07:17 inserted tweet 59a20d35dce0b1045f716611. +2017-08-27 02:07:17 Request: +User: "tobkle", role: "admin", id: "59a20d35dce0b1045f71660e", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a20d35dce0b1045f716610") { + author { + id + } + body + } +} + +2017-08-27 02:07:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:07:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:07:17 -------------------------------------------------------------------------------- +2017-08-27 02:07:17 Request: +User: "tobkle", role: "admin", id: "59a20d35dce0b1045f71660e", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-27 02:07:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:07:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:07:17 -------------------------------------------------------------------------------- +2017-08-27 02:07:17 Request: +User: "tobkle", role: "admin", id: "59a20d35dce0b1045f71660e", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59a20d35dce0b1045f716610", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-27 02:07:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:07:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:07:17 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:07:17 updated tweet 59a20d35dce0b1045f716610. +2017-08-27 02:07:17 -------------------------------------------------------------------------------- +2017-08-27 02:07:17 Request: +User: "tobkle", role: "admin", id: "59a20d35dce0b1045f71660e", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59a20d35dce0b1045f716611", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-27 02:07:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:07:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:07:17 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:07:17 updated tweet 59a20d35dce0b1045f716611. +2017-08-27 02:07:17 -------------------------------------------------------------------------------- +2017-08-27 02:07:17 Request: +User: "tobkle", role: "admin", id: "59a20d35dce0b1045f71660e", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a20d35dce0b1045f716610") { + body + } +} + +2017-08-27 02:07:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:07:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:07:17 -------------------------------------------------------------------------------- +2017-08-27 02:07:17 Request: +User: "tobkle", role: "admin", id: "59a20d35dce0b1045f71660e", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59a20d35dce0b1045f716610") +} + +2017-08-27 02:07:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:07:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:07:17 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:07:17 removed tweet 59a20d35dce0b1045f716610. +2017-08-27 02:07:17 -------------------------------------------------------------------------------- +2017-08-27 02:07:17 Request: +User: "tobkle", role: "admin", id: "59a20d35dce0b1045f71660e", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59a20d35dce0b1045f716611") +} + +2017-08-27 02:07:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:07:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:07:17 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:07:17 removed tweet 59a20d35dce0b1045f716611. +2017-08-27 02:07:17 -------------------------------------------------------------------------------- +2017-08-27 02:07:17 Request: +User: "tobkle", role: "admin", id: "59a20d35dce0b1045f71660e", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a20d35dce0b1045f716610") { + body + } +} + +2017-08-27 02:07:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:07:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:07:17 -------------------------------------------------------------------------------- +2017-08-27 02:07:17 Request: +User: "tobkle", role: "admin", id: "59a20d35dce0b1045f71660e", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59a20d35dce0b1045f71660e") +} + +2017-08-27 02:07:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:07:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:07:17 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:07:17 removed user 59a20d35dce0b1045f71660e. +2017-08-27 02:07:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:07:17 -------------------------------------------------------------------------------- +2017-08-27 02:07:17 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59a20d35dce0b1045f71660e") { + username + bio + role + } +} + +2017-08-27 02:07:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:07:17 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:17:56 -------------------------------------------------------------------------------- +2017-08-27 02:17:56 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-08-27 02:17:56 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:17:56 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:18:17 -------------------------------------------------------------------------------- +2017-08-27 02:18:17 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "admin"}) { + id + role + } +} + +2017-08-27 02:18:17 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:18:17 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:18:17 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:18:17 inserted user 59a20fc9dce0b1045f716612. +2017-08-27 02:18:17 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-27 02:18:17 -------------------------------------------------------------------------------- +2017-08-27 02:18:17 Request: +User: "tobkle", role: "admin", id: "59a20fc9dce0b1045f716612", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {email: "zol@gmail.com", password: "password", username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-08-27 02:18:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:18:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:18:17 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:18:17 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-27 02:18:17 inserted user 59a20fc9dce0b1045f716613. +2017-08-27 02:18:17 -------------------------------------------------------------------------------- +2017-08-27 02:18:17 Request: +User: "tobkle", role: "admin", id: "59a20fc9dce0b1045f716612", +Operation: "", variables: "", +Query: +{ + user(id: "59a20fc9dce0b1045f716613") { + username + bio + role + } +} + +2017-08-27 02:18:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:18:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:18:17 -------------------------------------------------------------------------------- +2017-08-27 02:18:17 Request: +User: "tobkle", role: "admin", id: "59a20fc9dce0b1045f716612", +Operation: "", variables: "", +Query: +{ + user(id: "59a20fc9dce0b1045f716612") { + username + role + } +} + +2017-08-27 02:18:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:18:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:18:17 -------------------------------------------------------------------------------- +2017-08-27 02:18:17 Request: +User: "tobkle", role: "admin", id: "59a20fc9dce0b1045f716612", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a20fc9dce0b1045f716613", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-08-27 02:18:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:18:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:18:17 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:18:17 updated user 59a20fc9dce0b1045f716613. +2017-08-27 02:18:17 -------------------------------------------------------------------------------- +2017-08-27 02:18:17 Request: +User: "tobkle", role: "admin", id: "59a20fc9dce0b1045f716612", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a20fc9dce0b1045f716612", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 02:18:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:18:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:18:17 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:18:17 updated user 59a20fc9dce0b1045f716612. +2017-08-27 02:18:17 -------------------------------------------------------------------------------- +2017-08-27 02:18:17 Request: +User: "tobkle", role: "admin", id: "59a20fc9dce0b1045f716612", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a20fc9dce0b1045f716613", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 02:18:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:18:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:18:17 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:18:17 updated user 59a20fc9dce0b1045f716613. +2017-08-27 02:18:17 -------------------------------------------------------------------------------- +2017-08-27 02:18:17 Request: +User: "tobkle", role: "admin", id: "59a20fc9dce0b1045f716612", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a20fc9dce0b1045f716612", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-08-27 02:18:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:18:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:18:17 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:18:17 updated user 59a20fc9dce0b1045f716612. +2017-08-27 02:18:17 -------------------------------------------------------------------------------- +2017-08-27 02:18:17 Request: +User: "tobkle", role: "editor", id: "59a20fc9dce0b1045f716612", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a20fc9dce0b1045f716612", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 02:18:17 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a20fc9dce0b1045f716612" + } + ] +} +2017-08-27 02:18:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-27 02:18:17 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a20fc9dce0b1045f716612" + } + ] +} +2017-08-27 02:18:17 updated user 59a20fc9dce0b1045f716612. +2017-08-27 02:18:17 -------------------------------------------------------------------------------- +2017-08-27 02:18:17 Request: +User: "zoltan", role: "admin", id: "59a20fc9dce0b1045f716613", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a20fc9dce0b1045f716612", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 02:18:17 Authorize readOne 'user findOneById' with user 'zoltan' and role 'admin' is authorized +2017-08-27 02:18:17 Authorize readOne 'tweet findOneById' with user 'zoltan' and role 'admin' is authorized +2017-08-27 02:18:17 Authorize update 'updateUser' with user 'zoltan' and role 'admin' is authorized +2017-08-27 02:18:17 updated user 59a20fc9dce0b1045f716612. +2017-08-27 02:18:17 -------------------------------------------------------------------------------- +2017-08-27 02:18:17 Request: +User: "tobkle", role: "admin", id: "59a20fc9dce0b1045f716612", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59a20fc9dce0b1045f716613") +} + +2017-08-27 02:18:17 removed user 59a20fc9dce0b1045f716613. +2017-08-27 02:18:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:18:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:18:17 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:18:17 -------------------------------------------------------------------------------- +2017-08-27 02:18:17 Request: +User: "tobkle", role: "admin", id: "59a20fc9dce0b1045f716612", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59a20fc9dce0b1045f716612", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-27 02:18:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:18:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:18:17 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:18:17 inserted tweet 59a20fc9dce0b1045f716614. +2017-08-27 02:18:17 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-27 02:18:17 -------------------------------------------------------------------------------- +2017-08-27 02:18:17 Request: +User: "tobkle", role: "admin", id: "59a20fc9dce0b1045f716612", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-27 02:18:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:18:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:18:17 -------------------------------------------------------------------------------- +2017-08-27 02:18:17 Request: +User: "tobkle", role: "admin", id: "59a20fc9dce0b1045f716612", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a20fc9dce0b1045f716614") { + author { + id + } + body + } +} + +2017-08-27 02:18:17 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:18:17 inserted tweet 59a20fc9dce0b1045f716615. +2017-08-27 02:18:17 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-27 02:18:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:18:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:18:17 -------------------------------------------------------------------------------- +2017-08-27 02:18:17 Request: +User: "tobkle", role: "admin", id: "59a20fc9dce0b1045f716612", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-27 02:18:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:18:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:18:17 -------------------------------------------------------------------------------- +2017-08-27 02:18:17 Request: +User: "tobkle", role: "admin", id: "59a20fc9dce0b1045f716612", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59a20fc9dce0b1045f716614", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-27 02:18:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:18:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:18:17 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:18:17 updated tweet 59a20fc9dce0b1045f716614. +2017-08-27 02:18:17 -------------------------------------------------------------------------------- +2017-08-27 02:18:17 Request: +User: "tobkle", role: "admin", id: "59a20fc9dce0b1045f716612", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59a20fc9dce0b1045f716615", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-27 02:18:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:18:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:18:17 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:18:17 updated tweet 59a20fc9dce0b1045f716615. +2017-08-27 02:18:17 -------------------------------------------------------------------------------- +2017-08-27 02:18:17 Request: +User: "tobkle", role: "admin", id: "59a20fc9dce0b1045f716612", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a20fc9dce0b1045f716614") { + body + } +} + +2017-08-27 02:18:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:18:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:18:17 -------------------------------------------------------------------------------- +2017-08-27 02:18:17 Request: +User: "tobkle", role: "admin", id: "59a20fc9dce0b1045f716612", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59a20fc9dce0b1045f716614") +} + +2017-08-27 02:18:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:18:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:18:17 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:18:17 removed tweet 59a20fc9dce0b1045f716614. +2017-08-27 02:18:17 -------------------------------------------------------------------------------- +2017-08-27 02:18:17 Request: +User: "tobkle", role: "admin", id: "59a20fc9dce0b1045f716612", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59a20fc9dce0b1045f716615") +} + +2017-08-27 02:18:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:18:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:18:17 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:18:17 removed tweet 59a20fc9dce0b1045f716615. +2017-08-27 02:18:17 -------------------------------------------------------------------------------- +2017-08-27 02:18:17 Request: +User: "tobkle", role: "admin", id: "59a20fc9dce0b1045f716612", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a20fc9dce0b1045f716614") { + body + } +} + +2017-08-27 02:18:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:18:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:18:17 -------------------------------------------------------------------------------- +2017-08-27 02:18:17 Request: +User: "tobkle", role: "admin", id: "59a20fc9dce0b1045f716612", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59a20fc9dce0b1045f716612") +} + +2017-08-27 02:18:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:18:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:18:17 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:18:17 removed user 59a20fc9dce0b1045f716612. +2017-08-27 02:18:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:18:17 -------------------------------------------------------------------------------- +2017-08-27 02:18:17 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59a20fc9dce0b1045f716612") { + username + bio + role + } +} + +2017-08-27 02:18:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:18:17 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:19:15 -------------------------------------------------------------------------------- +2017-08-27 02:19:15 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-08-27 02:19:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:19:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:19:36 -------------------------------------------------------------------------------- +2017-08-27 02:19:36 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "admin"}) { + id + role + } +} + +2017-08-27 02:19:36 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:19:36 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:19:36 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:19:36 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-27 02:19:36 inserted user 59a21018dce0b1045f716616. +2017-08-27 02:19:36 -------------------------------------------------------------------------------- +2017-08-27 02:19:36 Request: +User: "tobkle", role: "admin", id: "59a21018dce0b1045f716616", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {email: "zol@gmail.com", password: "password", username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-08-27 02:19:36 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:19:36 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:19:36 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:19:36 inserted user 59a21018dce0b1045f716617. +2017-08-27 02:19:36 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-27 02:19:36 -------------------------------------------------------------------------------- +2017-08-27 02:19:36 Request: +User: "tobkle", role: "admin", id: "59a21018dce0b1045f716616", +Operation: "", variables: "", +Query: +{ + user(id: "59a21018dce0b1045f716617") { + username + bio + role + } +} + +2017-08-27 02:19:36 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:19:36 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:19:36 -------------------------------------------------------------------------------- +2017-08-27 02:19:36 Request: +User: "tobkle", role: "admin", id: "59a21018dce0b1045f716616", +Operation: "", variables: "", +Query: +{ + user(id: "59a21018dce0b1045f716616") { + username + role + } +} + +2017-08-27 02:19:36 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:19:36 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:19:36 -------------------------------------------------------------------------------- +2017-08-27 02:19:36 Request: +User: "tobkle", role: "admin", id: "59a21018dce0b1045f716616", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a21018dce0b1045f716617", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-08-27 02:19:36 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:19:36 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:19:36 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:19:36 updated user 59a21018dce0b1045f716617. +2017-08-27 02:19:36 -------------------------------------------------------------------------------- +2017-08-27 02:19:36 Request: +User: "tobkle", role: "admin", id: "59a21018dce0b1045f716616", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a21018dce0b1045f716616", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 02:19:36 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:19:36 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:19:36 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:19:36 updated user 59a21018dce0b1045f716616. +2017-08-27 02:19:36 -------------------------------------------------------------------------------- +2017-08-27 02:19:36 Request: +User: "tobkle", role: "admin", id: "59a21018dce0b1045f716616", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a21018dce0b1045f716617", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 02:19:36 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:19:36 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:19:36 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:19:36 updated user 59a21018dce0b1045f716617. +2017-08-27 02:19:36 -------------------------------------------------------------------------------- +2017-08-27 02:19:36 Request: +User: "tobkle", role: "admin", id: "59a21018dce0b1045f716616", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a21018dce0b1045f716616", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-08-27 02:19:36 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:19:36 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:19:36 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:19:36 updated user 59a21018dce0b1045f716616. +2017-08-27 02:19:36 -------------------------------------------------------------------------------- +2017-08-27 02:19:36 Request: +User: "tobkle", role: "editor", id: "59a21018dce0b1045f716616", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a21018dce0b1045f716616", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 02:19:36 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21018dce0b1045f716616" + } + ] +} +2017-08-27 02:19:36 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-27 02:19:36 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21018dce0b1045f716616" + } + ] +} +2017-08-27 02:19:36 updated user 59a21018dce0b1045f716616. +2017-08-27 02:19:36 -------------------------------------------------------------------------------- +2017-08-27 02:19:36 Request: +User: "zoltan", role: "admin", id: "59a21018dce0b1045f716617", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a21018dce0b1045f716616", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 02:19:36 Authorize readOne 'user findOneById' with user 'zoltan' and role 'admin' is authorized +2017-08-27 02:19:36 Authorize readOne 'tweet findOneById' with user 'zoltan' and role 'admin' is authorized +2017-08-27 02:19:36 Authorize update 'updateUser' with user 'zoltan' and role 'admin' is authorized +2017-08-27 02:19:36 updated user 59a21018dce0b1045f716616. +2017-08-27 02:19:36 -------------------------------------------------------------------------------- +2017-08-27 02:19:36 Request: +User: "tobkle", role: "admin", id: "59a21018dce0b1045f716616", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59a21018dce0b1045f716617") +} + +2017-08-27 02:19:36 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:19:36 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:19:36 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:19:36 removed user 59a21018dce0b1045f716617. +2017-08-27 02:19:36 -------------------------------------------------------------------------------- +2017-08-27 02:19:36 Request: +User: "tobkle", role: "admin", id: "59a21018dce0b1045f716616", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59a21018dce0b1045f716616", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-27 02:19:36 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:19:36 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:19:36 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:19:36 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-27 02:19:36 inserted tweet 59a21018dce0b1045f716618. +2017-08-27 02:19:36 -------------------------------------------------------------------------------- +2017-08-27 02:19:36 Request: +User: "tobkle", role: "admin", id: "59a21018dce0b1045f716616", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-27 02:19:36 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:19:36 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:19:36 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:19:36 -------------------------------------------------------------------------------- +2017-08-27 02:19:36 Request: +User: "tobkle", role: "admin", id: "59a21018dce0b1045f716616", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a21018dce0b1045f716618") { + author { + id + } + body + } +} + +2017-08-27 02:19:36 inserted tweet 59a21018dce0b1045f716619. +2017-08-27 02:19:36 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-27 02:19:36 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:19:36 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:19:36 -------------------------------------------------------------------------------- +2017-08-27 02:19:36 Request: +User: "tobkle", role: "admin", id: "59a21018dce0b1045f716616", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-27 02:19:36 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:19:36 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:19:36 -------------------------------------------------------------------------------- +2017-08-27 02:19:36 Request: +User: "tobkle", role: "admin", id: "59a21018dce0b1045f716616", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59a21018dce0b1045f716618", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-27 02:19:36 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:19:36 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:19:36 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:19:36 updated tweet 59a21018dce0b1045f716618. +2017-08-27 02:19:36 -------------------------------------------------------------------------------- +2017-08-27 02:19:36 Request: +User: "tobkle", role: "admin", id: "59a21018dce0b1045f716616", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59a21018dce0b1045f716619", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-27 02:19:36 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:19:36 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:19:36 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:19:36 updated tweet 59a21018dce0b1045f716619. +2017-08-27 02:19:36 -------------------------------------------------------------------------------- +2017-08-27 02:19:36 Request: +User: "tobkle", role: "admin", id: "59a21018dce0b1045f716616", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a21018dce0b1045f716618") { + body + } +} + +2017-08-27 02:19:36 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:19:36 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:19:36 -------------------------------------------------------------------------------- +2017-08-27 02:19:36 Request: +User: "tobkle", role: "admin", id: "59a21018dce0b1045f716616", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59a21018dce0b1045f716618") +} + +2017-08-27 02:19:36 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:19:36 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:19:36 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:19:36 removed tweet 59a21018dce0b1045f716618. +2017-08-27 02:19:36 -------------------------------------------------------------------------------- +2017-08-27 02:19:36 Request: +User: "tobkle", role: "admin", id: "59a21018dce0b1045f716616", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59a21018dce0b1045f716619") +} + +2017-08-27 02:19:36 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:19:36 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:19:36 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:19:36 removed tweet 59a21018dce0b1045f716619. +2017-08-27 02:19:36 -------------------------------------------------------------------------------- +2017-08-27 02:19:36 Request: +User: "tobkle", role: "admin", id: "59a21018dce0b1045f716616", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a21018dce0b1045f716618") { + body + } +} + +2017-08-27 02:19:36 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:19:36 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:19:36 -------------------------------------------------------------------------------- +2017-08-27 02:19:36 Request: +User: "tobkle", role: "admin", id: "59a21018dce0b1045f716616", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59a21018dce0b1045f716616") +} + +2017-08-27 02:19:36 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:19:36 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:19:36 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:19:36 removed user 59a21018dce0b1045f716616. +2017-08-27 02:19:36 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:19:36 -------------------------------------------------------------------------------- +2017-08-27 02:19:36 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59a21018dce0b1045f716616") { + username + bio + role + } +} + +2017-08-27 02:19:36 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:19:36 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:23:03 -------------------------------------------------------------------------------- +2017-08-27 02:23:03 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-08-27 02:23:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 -------------------------------------------------------------------------------- +2017-08-27 02:23:24 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 -------------------------------------------------------------------------------- +2017-08-27 02:23:24 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + role + username + } +} + +2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 -------------------------------------------------------------------------------- +2017-08-27 02:23:24 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + role + username + } +} + +2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 -------------------------------------------------------------------------------- +2017-08-27 02:23:24 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca2") { + role + username + } +} + +2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 -------------------------------------------------------------------------------- +2017-08-27 02:23:24 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + id + username + bio + } +} + +2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 -------------------------------------------------------------------------------- +2017-08-27 02:23:24 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users { + username + createdAt + } +} + +2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 -------------------------------------------------------------------------------- +2017-08-27 02:23:24 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(limit: 1) { + username + createdAt + } +} + +2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 -------------------------------------------------------------------------------- +2017-08-27 02:23:24 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993) { + username + createdAt + } +} + +2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 -------------------------------------------------------------------------------- +2017-08-27 02:23:24 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } +} + +2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 -------------------------------------------------------------------------------- +2017-08-27 02:23:24 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers { + username + createdAt + } + } +} + +2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 -------------------------------------------------------------------------------- +2017-08-27 02:23:24 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(limit: 1) { + username + createdAt + } + } +} + +2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 -------------------------------------------------------------------------------- +2017-08-27 02:23:24 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 -------------------------------------------------------------------------------- +2017-08-27 02:23:24 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 -------------------------------------------------------------------------------- +2017-08-27 02:23:24 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following { + username + createdAt + } + } +} + +2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 -------------------------------------------------------------------------------- +2017-08-27 02:23:24 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(limit: 1) { + username + createdAt + } + } +} + +2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 -------------------------------------------------------------------------------- +2017-08-27 02:23:24 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 -------------------------------------------------------------------------------- +2017-08-27 02:23:24 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 -------------------------------------------------------------------------------- +2017-08-27 02:23:24 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets { + id + createdAt + } + } +} + +2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 -------------------------------------------------------------------------------- +2017-08-27 02:23:24 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(limit: 1) { + id + createdAt + } + } +} + +2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 -------------------------------------------------------------------------------- +2017-08-27 02:23:24 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } + } +} + +2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 -------------------------------------------------------------------------------- +2017-08-27 02:23:24 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } + } +} + +2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 -------------------------------------------------------------------------------- +2017-08-27 02:23:24 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked { + id + createdAt + } + } +} + +2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 -------------------------------------------------------------------------------- +2017-08-27 02:23:24 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(limit: 1) { + id + createdAt + } + } +} + +2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 -------------------------------------------------------------------------------- +2017-08-27 02:23:24 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334) { + id + createdAt + } + } +} + +2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 -------------------------------------------------------------------------------- +2017-08-27 02:23:24 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334, limit: 1) { + id + createdAt + } + } +} + +2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 -------------------------------------------------------------------------------- +2017-08-27 02:23:24 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + id + body + } +} + +2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 -------------------------------------------------------------------------------- +2017-08-27 02:23:24 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets { + id + createdAt + } +} + +2017-08-27 02:23:24 -------------------------------------------------------------------------------- +2017-08-27 02:23:24 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + author { + username + } + } +} + +2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 -------------------------------------------------------------------------------- +2017-08-27 02:23:24 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(limit: 1) { + id + createdAt + } +} + +2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 -------------------------------------------------------------------------------- +2017-08-27 02:23:24 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } +} + +2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 -------------------------------------------------------------------------------- +2017-08-27 02:23:24 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } +} + +2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 -------------------------------------------------------------------------------- +2017-08-27 02:23:24 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers { + username + createdAt + } + } +} + +2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 -------------------------------------------------------------------------------- +2017-08-27 02:23:24 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(limit: 1) { + username + createdAt + } + } +} + +2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 -------------------------------------------------------------------------------- +2017-08-27 02:23:24 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993) { + username + createdAt + } + } +} + +2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 -------------------------------------------------------------------------------- +2017-08-27 02:23:24 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } + } +} + +2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 -------------------------------------------------------------------------------- +2017-08-27 02:23:24 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "admin"}) { + id + role + } +} + +2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-27 02:23:24 inserted user 59a210fcdce0b1045f71661a. +2017-08-27 02:23:24 -------------------------------------------------------------------------------- +2017-08-27 02:23:24 Request: +User: "tobkle", role: "admin", id: "59a210fcdce0b1045f71661a", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {email: "zol@gmail.com", password: "password", username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:23:25 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:23:25 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-27 02:23:25 inserted user 59a210fddce0b1045f71661b. +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 Request: +User: "tobkle", role: "admin", id: "59a210fcdce0b1045f71661a", +Operation: "", variables: "", +Query: +{ + user(id: "59a210fddce0b1045f71661b") { + username + bio + role + } +} + +2017-08-27 02:23:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 Request: +User: "tobkle", role: "admin", id: "59a210fcdce0b1045f71661a", +Operation: "", variables: "", +Query: +{ + user(id: "59a210fcdce0b1045f71661a") { + username + role + } +} + +2017-08-27 02:23:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 Request: +User: "tobkle", role: "admin", id: "59a210fcdce0b1045f71661a", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a210fddce0b1045f71661b", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-08-27 02:23:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:23:25 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:23:25 updated user 59a210fddce0b1045f71661b. +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 Request: +User: "tobkle", role: "admin", id: "59a210fcdce0b1045f71661a", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a210fcdce0b1045f71661a", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 02:23:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:23:25 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:23:25 updated user 59a210fcdce0b1045f71661a. +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 Request: +User: "tobkle", role: "admin", id: "59a210fcdce0b1045f71661a", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a210fddce0b1045f71661b", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 02:23:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:23:25 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:23:25 updated user 59a210fddce0b1045f71661b. +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 Request: +User: "tobkle", role: "admin", id: "59a210fcdce0b1045f71661a", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a210fcdce0b1045f71661a", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-08-27 02:23:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:23:25 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:23:25 updated user 59a210fcdce0b1045f71661a. +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 Request: +User: "tobkle", role: "editor", id: "59a210fcdce0b1045f71661a", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a210fcdce0b1045f71661a", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 02:23:25 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a210fcdce0b1045f71661a" + } + ] +} +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-27 02:23:25 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a210fcdce0b1045f71661a" + } + ] +} +2017-08-27 02:23:25 updated user 59a210fcdce0b1045f71661a. +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 Request: +User: "zoltan", role: "admin", id: "59a210fddce0b1045f71661b", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a210fcdce0b1045f71661a", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 02:23:25 Authorize readOne 'user findOneById' with user 'zoltan' and role 'admin' is authorized +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user 'zoltan' and role 'admin' is authorized +2017-08-27 02:23:25 Authorize update 'updateUser' with user 'zoltan' and role 'admin' is authorized +2017-08-27 02:23:25 updated user 59a210fcdce0b1045f71661a. +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 Request: +User: "tobkle", role: "admin", id: "59a210fcdce0b1045f71661a", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59a210fddce0b1045f71661b") +} + +2017-08-27 02:23:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:23:25 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:23:25 removed user 59a210fddce0b1045f71661b. +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 Request: +User: "tobkle", role: "admin", id: "59a210fcdce0b1045f71661a", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59a210fcdce0b1045f71661a", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-27 02:23:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:23:25 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:23:25 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-27 02:23:25 inserted tweet 59a210fddce0b1045f71661c. +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 Request: +User: "tobkle", role: "admin", id: "59a210fcdce0b1045f71661a", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-27 02:23:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 Request: +User: "tobkle", role: "admin", id: "59a210fcdce0b1045f71661a", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a210fddce0b1045f71661c") { + author { + id + } + body + } +} + +2017-08-27 02:23:25 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:23:25 inserted tweet 59a210fddce0b1045f71661d. +2017-08-27 02:23:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:23:25 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 Request: +User: "tobkle", role: "admin", id: "59a210fcdce0b1045f71661a", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-27 02:23:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 Request: +User: "tobkle", role: "admin", id: "59a210fcdce0b1045f71661a", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59a210fddce0b1045f71661c", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-27 02:23:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:23:25 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:23:25 updated tweet 59a210fddce0b1045f71661c. +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 Request: +User: "tobkle", role: "admin", id: "59a210fcdce0b1045f71661a", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59a210fddce0b1045f71661d", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-27 02:23:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:23:25 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:23:25 updated tweet 59a210fddce0b1045f71661d. +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 Request: +User: "tobkle", role: "admin", id: "59a210fcdce0b1045f71661a", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a210fddce0b1045f71661c") { + body + } +} + +2017-08-27 02:23:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 Request: +User: "tobkle", role: "admin", id: "59a210fcdce0b1045f71661a", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59a210fddce0b1045f71661c") +} + +2017-08-27 02:23:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:23:25 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:23:25 removed tweet 59a210fddce0b1045f71661c. +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 Request: +User: "tobkle", role: "admin", id: "59a210fcdce0b1045f71661a", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59a210fddce0b1045f71661d") +} + +2017-08-27 02:23:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:23:25 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:23:25 removed tweet 59a210fddce0b1045f71661d. +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 Request: +User: "tobkle", role: "admin", id: "59a210fcdce0b1045f71661a", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a210fddce0b1045f71661c") { + body + } +} + +2017-08-27 02:23:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 Request: +User: "tobkle", role: "admin", id: "59a210fcdce0b1045f71661a", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59a210fcdce0b1045f71661a") +} + +2017-08-27 02:23:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:23:25 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:23:25 removed user 59a210fcdce0b1045f71661a. +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59a210fcdce0b1045f71661a") { + username + bio + role + } +} + +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "admin"}) { + id + } +} + +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:23:25 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:23:25 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:23:25 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:23:25 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:23:25 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:23:25 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:23:25 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "admin"}) { + id + role + } +} + +2017-08-27 02:23:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:25 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:25 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-27 02:23:25 inserted user 59a210fddce0b1045f71661e. +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {email: "zol@gmail.com", password: "password", username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:23:25 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "undefined") { + username + } +} + +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "undefined") { + username + role + } +} + +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:23:25 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:23:25 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "undefined", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:23:25 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "undefined") { + author { + id + } + body + } +} + +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "undefined", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:23:25 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "undefined") { + body + } +} + +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "undefined") +} + +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:23:25 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "undefined") { + body + } +} + +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "undefined") +} + +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "undefined") { + username + bio + role + } +} + +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "admin"}) { + id + role + } +} + +2017-08-27 02:23:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:25 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:23:25 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-27 02:23:25 inserted user 59a210fddce0b1045f71661f. +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 -------------------------------------------------------------------------------- +2017-08-27 02:23:25 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {email: "zol@gmail.com", password: "password", username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:23:26 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:26 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:26 -------------------------------------------------------------------------------- +2017-08-27 02:23:26 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:26 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:26 -------------------------------------------------------------------------------- +2017-08-27 02:23:26 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "undefined") { + username + role + } +} + +2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:26 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:26 -------------------------------------------------------------------------------- +2017-08-27 02:23:26 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:26 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:26 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:23:26 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:26 -------------------------------------------------------------------------------- +2017-08-27 02:23:26 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "undefined", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:26 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:26 -------------------------------------------------------------------------------- +2017-08-27 02:23:26 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "undefined", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:26 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:26 -------------------------------------------------------------------------------- +2017-08-27 02:23:26 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:26 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:26 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:23:26 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:26 -------------------------------------------------------------------------------- +2017-08-27 02:23:26 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "undefined", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:26 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:26 -------------------------------------------------------------------------------- +2017-08-27 02:23:26 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:26 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:26 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:23:26 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:26 -------------------------------------------------------------------------------- +2017-08-27 02:23:26 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "undefined") { + author { + id + } + body + } +} + +2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:26 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:26 -------------------------------------------------------------------------------- +2017-08-27 02:23:26 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:26 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:26 -------------------------------------------------------------------------------- +2017-08-27 02:23:26 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "undefined", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:26 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:26 -------------------------------------------------------------------------------- +2017-08-27 02:23:26 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:26 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:26 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:23:26 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:26 -------------------------------------------------------------------------------- +2017-08-27 02:23:26 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "undefined") { + body + } +} + +2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:26 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:26 -------------------------------------------------------------------------------- +2017-08-27 02:23:26 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "undefined") +} + +2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:26 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:26 -------------------------------------------------------------------------------- +2017-08-27 02:23:26 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:26 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:26 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:23:26 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:26 -------------------------------------------------------------------------------- +2017-08-27 02:23:26 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "undefined") { + body + } +} + +2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:26 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:26 -------------------------------------------------------------------------------- +2017-08-27 02:23:26 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "undefined") +} + +2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:26 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:26 -------------------------------------------------------------------------------- +2017-08-27 02:23:26 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "undefined") { + username + bio + role + } +} + +2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:23:26 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:25:30 -------------------------------------------------------------------------------- +2017-08-27 02:25:30 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-08-27 02:25:30 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:25:30 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:25:51 -------------------------------------------------------------------------------- +2017-08-27 02:25:51 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "admin"}) { + id + role + } +} + +2017-08-27 02:25:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:25:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:25:51 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:25:51 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-27 02:25:51 inserted user 59a2118fdce0b1045f716620. +2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:25:51 -------------------------------------------------------------------------------- +2017-08-27 02:25:51 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {email: "zol@gmail.com", password: "password", username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:25:51 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:25:51 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-27 02:25:51 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:25:51 -------------------------------------------------------------------------------- +2017-08-27 02:25:51 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:25:51 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:25:51 -------------------------------------------------------------------------------- +2017-08-27 02:25:51 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "undefined") { + username + } +} + +2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:25:51 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:25:51 -------------------------------------------------------------------------------- +2017-08-27 02:25:51 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "undefined") { + username + role + } +} + +2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:25:51 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:25:51 -------------------------------------------------------------------------------- +2017-08-27 02:25:51 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. +2017-08-27 02:25:51 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:25:51 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:25:51 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. +2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:25:51 -------------------------------------------------------------------------------- +2017-08-27 02:25:51 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:25:51 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:25:51 -------------------------------------------------------------------------------- +2017-08-27 02:25:51 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:25:51 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:25:51 -------------------------------------------------------------------------------- +2017-08-27 02:25:51 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-27 02:25:51 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:25:51 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:25:51 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:25:51 -------------------------------------------------------------------------------- +2017-08-27 02:25:51 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "undefined", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:25:51 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:25:51 -------------------------------------------------------------------------------- +2017-08-27 02:25:51 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-27 02:25:51 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:25:51 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:25:51 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:25:51 -------------------------------------------------------------------------------- +2017-08-27 02:25:51 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "undefined") { + author { + id + } + body + } +} + +2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:25:51 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:25:51 -------------------------------------------------------------------------------- +2017-08-27 02:25:51 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:25:51 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:25:51 -------------------------------------------------------------------------------- +2017-08-27 02:25:51 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "undefined", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:25:51 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:25:51 -------------------------------------------------------------------------------- +2017-08-27 02:25:51 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-27 02:25:51 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:25:51 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:25:51 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:25:51 -------------------------------------------------------------------------------- +2017-08-27 02:25:51 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "undefined") { + body + } +} + +2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:25:51 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:25:51 -------------------------------------------------------------------------------- +2017-08-27 02:25:51 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "undefined") +} + +2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:25:51 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:25:51 -------------------------------------------------------------------------------- +2017-08-27 02:25:51 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-27 02:25:51 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:25:51 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:25:51 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:25:51 -------------------------------------------------------------------------------- +2017-08-27 02:25:51 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "undefined") { + body + } +} + +2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:25:51 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:25:51 -------------------------------------------------------------------------------- +2017-08-27 02:25:51 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "undefined") +} + +2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:25:51 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:25:51 -------------------------------------------------------------------------------- +2017-08-27 02:25:51 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "undefined") { + username + bio + role + } +} + +2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:25:51 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:27:18 -------------------------------------------------------------------------------- +2017-08-27 02:27:18 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-08-27 02:27:18 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:27:18 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:27:39 -------------------------------------------------------------------------------- +2017-08-27 02:27:39 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "user"}) { + id + role + } +} + +2017-08-27 02:27:39 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:27:39 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:27:39 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:27:39 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-27 02:27:39 inserted user 59a211fbdce0b1045f716621. +2017-08-27 02:27:39 -------------------------------------------------------------------------------- +2017-08-27 02:27:39 Request: +User: "tobkle", role: "user", id: "59a211fbdce0b1045f716621", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {email: "zol@gmail.com", password: "password", username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-08-27 02:27:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a211fbdce0b1045f716621" + } + ] +} +2017-08-27 02:27:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 02:27:39 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. +2017-08-27 02:27:39 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. +2017-08-27 02:27:39 -------------------------------------------------------------------------------- +2017-08-27 02:27:39 Request: +User: "tobkle", role: "user", id: "59a211fbdce0b1045f716621", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-27 02:27:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a211fbdce0b1045f716621" + } + ] +} +2017-08-27 02:27:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 02:27:39 -------------------------------------------------------------------------------- +2017-08-27 02:27:39 Request: +User: "tobkle", role: "user", id: "59a211fbdce0b1045f716621", +Operation: "", variables: "", +Query: +{ + user(id: "59a211fbdce0b1045f716621") { + username + } +} + +2017-08-27 02:27:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a211fbdce0b1045f716621" + } + ] +} +2017-08-27 02:27:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 02:27:39 -------------------------------------------------------------------------------- +2017-08-27 02:27:39 Request: +User: "tobkle", role: "user", id: "59a211fbdce0b1045f716621", +Operation: "", variables: "", +Query: +{ + user(id: "59a211fbdce0b1045f716621") { + username + role + } +} + +2017-08-27 02:27:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a211fbdce0b1045f716621" + } + ] +} +2017-08-27 02:27:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 02:27:39 -------------------------------------------------------------------------------- +2017-08-27 02:27:39 Request: +User: "tobkle", role: "user", id: "59a211fbdce0b1045f716621", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 02:27:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a211fbdce0b1045f716621" + } + ] +} +2017-08-27 02:27:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 02:27:39 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a211fbdce0b1045f716621" + } + ] +} +2017-08-27 02:27:39 ERROR update user not possible for 583291a1638566b3c5a92ca1. +2017-08-27 02:27:39 -------------------------------------------------------------------------------- +2017-08-27 02:27:39 Request: +User: "tobkle", role: "user", id: "59a211fbdce0b1045f716621", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a211fbdce0b1045f716621", input: {username: "tobkle", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-08-27 02:27:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 02:27:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a211fbdce0b1045f716621" + } + ] +} +2017-08-27 02:27:39 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a211fbdce0b1045f716621" + } + ] +} +2017-08-27 02:27:39 updated user 59a211fbdce0b1045f716621. +2017-08-27 02:27:39 -------------------------------------------------------------------------------- +2017-08-27 02:27:39 Request: +User: "tobkle", role: "user", id: "59a211fbdce0b1045f716621", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a211fbdce0b1045f716621", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 02:27:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a211fbdce0b1045f716621" + } + ] +} +2017-08-27 02:27:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 02:27:39 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a211fbdce0b1045f716621" + } + ] +} +2017-08-27 02:27:39 updated user 59a211fbdce0b1045f716621. +2017-08-27 02:27:39 -------------------------------------------------------------------------------- +2017-08-27 02:27:39 Request: +User: "tobkle", role: "user", id: "59a211fbdce0b1045f716621", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-27 02:27:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a211fbdce0b1045f716621" + } + ] +} +2017-08-27 02:27:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 02:27:39 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a211fbdce0b1045f716621" + } + ] +} +2017-08-27 02:27:39 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-08-27 02:27:39 -------------------------------------------------------------------------------- +2017-08-27 02:27:39 Request: +User: "tobkle", role: "user", id: "59a211fbdce0b1045f716621", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59a211fbdce0b1045f716621", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-27 02:27:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a211fbdce0b1045f716621" + } + ] +} +2017-08-27 02:27:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 02:27:39 Authorize create 'createTweet' with user 'tobkle' and role: 'user' is authorized by docRole. +2017-08-27 02:27:39 inserted tweet 59a211fbdce0b1045f716622. +2017-08-27 02:27:39 -------------------------------------------------------------------------------- +2017-08-27 02:27:39 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. +2017-08-27 02:27:39 Request: +User: "tobkle", role: "user", id: "59a211fbdce0b1045f716621", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-27 02:27:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a211fbdce0b1045f716621" + } + ] +} +2017-08-27 02:27:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 02:27:39 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. +2017-08-27 02:27:39 -------------------------------------------------------------------------------- +2017-08-27 02:27:39 Request: +User: "tobkle", role: "user", id: "59a211fbdce0b1045f716621", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a211fbdce0b1045f716622") { + author { + id + } + body + } +} + +2017-08-27 02:27:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a211fbdce0b1045f716621" + } + ] +} +2017-08-27 02:27:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 02:27:39 -------------------------------------------------------------------------------- +2017-08-27 02:27:39 Request: +User: "tobkle", role: "user", id: "59a211fbdce0b1045f716621", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-27 02:27:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a211fbdce0b1045f716621" + } + ] +} +2017-08-27 02:27:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 02:27:39 -------------------------------------------------------------------------------- +2017-08-27 02:27:39 Request: +User: "tobkle", role: "user", id: "59a211fbdce0b1045f716621", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59a211fbdce0b1045f716622", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-27 02:27:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a211fbdce0b1045f716621" + } + ] +} +2017-08-27 02:27:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 02:27:39 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59a211fbdce0b1045f716621" + }, + { + "coauthorsIds": "59a211fbdce0b1045f716621" + } + ] +} +2017-08-27 02:27:39 updated tweet 59a211fbdce0b1045f716622. +2017-08-27 02:27:39 -------------------------------------------------------------------------------- +2017-08-27 02:27:39 Request: +User: "tobkle", role: "user", id: "59a211fbdce0b1045f716621", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-27 02:27:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a211fbdce0b1045f716621" + } + ] +} +2017-08-27 02:27:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 02:27:39 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59a211fbdce0b1045f716621" + }, + { + "coauthorsIds": "59a211fbdce0b1045f716621" + } + ] +} +2017-08-27 02:27:39 ERROR update tweet not possible for 583676d3618530145474e352. +2017-08-27 02:27:39 -------------------------------------------------------------------------------- +2017-08-27 02:27:39 Request: +User: "tobkle", role: "user", id: "59a211fbdce0b1045f716621", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a211fbdce0b1045f716622") { + body + } +} + +2017-08-27 02:27:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a211fbdce0b1045f716621" + } + ] +} +2017-08-27 02:27:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 02:27:39 -------------------------------------------------------------------------------- +2017-08-27 02:27:39 Request: +User: "tobkle", role: "user", id: "59a211fbdce0b1045f716621", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59a211fbdce0b1045f716622") +} + +2017-08-27 02:27:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a211fbdce0b1045f716621" + } + ] +} +2017-08-27 02:27:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 02:27:39 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59a211fbdce0b1045f716621" + } + ] +} +2017-08-27 02:27:39 removed tweet 59a211fbdce0b1045f716622. +2017-08-27 02:27:39 -------------------------------------------------------------------------------- +2017-08-27 02:27:39 Request: +User: "tobkle", role: "user", id: "59a211fbdce0b1045f716621", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-27 02:27:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a211fbdce0b1045f716621" + } + ] +} +2017-08-27 02:27:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 02:27:39 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59a211fbdce0b1045f716621" + } + ] +} +2017-08-27 02:27:39 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-08-27 02:27:39 -------------------------------------------------------------------------------- +2017-08-27 02:27:39 Request: +User: "tobkle", role: "user", id: "59a211fbdce0b1045f716621", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a211fbdce0b1045f716622") { + body + } +} + +2017-08-27 02:27:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a211fbdce0b1045f716621" + } + ] +} +2017-08-27 02:27:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 02:27:39 -------------------------------------------------------------------------------- +2017-08-27 02:27:39 Request: +User: "tobkle", role: "user", id: "59a211fbdce0b1045f716621", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59a211fbdce0b1045f716621") +} + +2017-08-27 02:27:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a211fbdce0b1045f716621" + } + ] +} +2017-08-27 02:27:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 02:27:39 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a211fbdce0b1045f716621" + } + ] +} +2017-08-27 02:27:39 removed user 59a211fbdce0b1045f716621. +2017-08-27 02:27:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:27:39 -------------------------------------------------------------------------------- +2017-08-27 02:27:39 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59a211fbdce0b1045f716621") { + username + bio + role + } +} + +2017-08-27 02:27:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:27:39 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:28:13 -------------------------------------------------------------------------------- +2017-08-27 02:28:13 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-08-27 02:28:13 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:13 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 -------------------------------------------------------------------------------- +2017-08-27 02:28:34 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 -------------------------------------------------------------------------------- +2017-08-27 02:28:34 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + role + username + } +} + +2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 -------------------------------------------------------------------------------- +2017-08-27 02:28:34 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + role + username + } +} + +2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 -------------------------------------------------------------------------------- +2017-08-27 02:28:34 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca2") { + role + username + } +} + +2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 -------------------------------------------------------------------------------- +2017-08-27 02:28:34 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + id + username + bio + } +} + +2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 -------------------------------------------------------------------------------- +2017-08-27 02:28:34 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users { + username + createdAt + } +} + +2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 -------------------------------------------------------------------------------- +2017-08-27 02:28:34 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(limit: 1) { + username + createdAt + } +} + +2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 -------------------------------------------------------------------------------- +2017-08-27 02:28:34 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993) { + username + createdAt + } +} + +2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 -------------------------------------------------------------------------------- +2017-08-27 02:28:34 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } +} + +2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 -------------------------------------------------------------------------------- +2017-08-27 02:28:34 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers { + username + createdAt + } + } +} + +2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 -------------------------------------------------------------------------------- +2017-08-27 02:28:34 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(limit: 1) { + username + createdAt + } + } +} + +2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 -------------------------------------------------------------------------------- +2017-08-27 02:28:34 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 -------------------------------------------------------------------------------- +2017-08-27 02:28:34 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 -------------------------------------------------------------------------------- +2017-08-27 02:28:34 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following { + username + createdAt + } + } +} + +2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 -------------------------------------------------------------------------------- +2017-08-27 02:28:34 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(limit: 1) { + username + createdAt + } + } +} + +2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 -------------------------------------------------------------------------------- +2017-08-27 02:28:34 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 -------------------------------------------------------------------------------- +2017-08-27 02:28:34 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 -------------------------------------------------------------------------------- +2017-08-27 02:28:34 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets { + id + createdAt + } + } +} + +2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 -------------------------------------------------------------------------------- +2017-08-27 02:28:34 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(limit: 1) { + id + createdAt + } + } +} + +2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 -------------------------------------------------------------------------------- +2017-08-27 02:28:34 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } + } +} + +2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 -------------------------------------------------------------------------------- +2017-08-27 02:28:34 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } + } +} + +2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 -------------------------------------------------------------------------------- +2017-08-27 02:28:34 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked { + id + createdAt + } + } +} + +2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 -------------------------------------------------------------------------------- +2017-08-27 02:28:34 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(limit: 1) { + id + createdAt + } + } +} + +2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 -------------------------------------------------------------------------------- +2017-08-27 02:28:34 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334) { + id + createdAt + } + } +} + +2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 -------------------------------------------------------------------------------- +2017-08-27 02:28:34 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334, limit: 1) { + id + createdAt + } + } +} + +2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 -------------------------------------------------------------------------------- +2017-08-27 02:28:34 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + id + body + } +} + +2017-08-27 02:28:34 -------------------------------------------------------------------------------- +2017-08-27 02:28:34 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + author { + username + } + } +} + +2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 -------------------------------------------------------------------------------- +2017-08-27 02:28:34 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets { + id + createdAt + } +} + +2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 -------------------------------------------------------------------------------- +2017-08-27 02:28:34 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(limit: 1) { + id + createdAt + } +} + +2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 -------------------------------------------------------------------------------- +2017-08-27 02:28:34 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } +} + +2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 -------------------------------------------------------------------------------- +2017-08-27 02:28:34 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } +} + +2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 -------------------------------------------------------------------------------- +2017-08-27 02:28:34 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers { + username + createdAt + } + } +} + +2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 -------------------------------------------------------------------------------- +2017-08-27 02:28:34 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(limit: 1) { + username + createdAt + } + } +} + +2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 -------------------------------------------------------------------------------- +2017-08-27 02:28:34 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993) { + username + createdAt + } + } +} + +2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 -------------------------------------------------------------------------------- +2017-08-27 02:28:34 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } + } +} + +2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 -------------------------------------------------------------------------------- +2017-08-27 02:28:34 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "admin"}) { + id + role + } +} + +2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:35 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:35 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-27 02:28:35 inserted user 59a21233dce0b1045f716623. +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 Request: +User: "tobkle", role: "admin", id: "59a21233dce0b1045f716623", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {email: "zol@gmail.com", password: "password", username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:28:35 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:28:35 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-27 02:28:35 inserted user 59a21233dce0b1045f716624. +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 Request: +User: "tobkle", role: "admin", id: "59a21233dce0b1045f716623", +Operation: "", variables: "", +Query: +{ + user(id: "59a21233dce0b1045f716624") { + username + bio + role + } +} + +2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 Request: +User: "tobkle", role: "admin", id: "59a21233dce0b1045f716623", +Operation: "", variables: "", +Query: +{ + user(id: "59a21233dce0b1045f716623") { + username + role + } +} + +2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 Request: +User: "tobkle", role: "admin", id: "59a21233dce0b1045f716623", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a21233dce0b1045f716624", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:28:35 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:28:35 updated user 59a21233dce0b1045f716624. +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 Request: +User: "tobkle", role: "admin", id: "59a21233dce0b1045f716623", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a21233dce0b1045f716623", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:28:35 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:28:35 updated user 59a21233dce0b1045f716623. +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 Request: +User: "tobkle", role: "admin", id: "59a21233dce0b1045f716623", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a21233dce0b1045f716624", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:28:35 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:28:35 updated user 59a21233dce0b1045f716624. +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 Request: +User: "tobkle", role: "admin", id: "59a21233dce0b1045f716623", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a21233dce0b1045f716623", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:28:35 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:28:35 updated user 59a21233dce0b1045f716623. +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 Request: +User: "tobkle", role: "editor", id: "59a21233dce0b1045f716623", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a21233dce0b1045f716623", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21233dce0b1045f716623" + } + ] +} +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-27 02:28:35 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21233dce0b1045f716623" + } + ] +} +2017-08-27 02:28:35 updated user 59a21233dce0b1045f716623. +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 Request: +User: "zoltan", role: "admin", id: "59a21233dce0b1045f716624", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a21233dce0b1045f716623", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'zoltan' and role 'admin' is authorized +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'zoltan' and role 'admin' is authorized +2017-08-27 02:28:35 Authorize update 'updateUser' with user 'zoltan' and role 'admin' is authorized +2017-08-27 02:28:35 updated user 59a21233dce0b1045f716623. +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 Request: +User: "tobkle", role: "admin", id: "59a21233dce0b1045f716623", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59a21233dce0b1045f716624") +} + +2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:28:35 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:28:35 removed user 59a21233dce0b1045f716624. +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 Request: +User: "tobkle", role: "admin", id: "59a21233dce0b1045f716623", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59a21233dce0b1045f716623", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:28:35 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:28:35 inserted tweet 59a21233dce0b1045f716625. +2017-08-27 02:28:35 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 Request: +User: "tobkle", role: "admin", id: "59a21233dce0b1045f716623", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 Request: +User: "tobkle", role: "admin", id: "59a21233dce0b1045f716623", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a21233dce0b1045f716625") { + author { + id + } + body + } +} + +2017-08-27 02:28:35 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:28:35 inserted tweet 59a21233dce0b1045f716626. +2017-08-27 02:28:35 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 Request: +User: "tobkle", role: "admin", id: "59a21233dce0b1045f716623", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 Request: +User: "tobkle", role: "admin", id: "59a21233dce0b1045f716623", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59a21233dce0b1045f716625", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:28:35 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:28:35 updated tweet 59a21233dce0b1045f716625. +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 Request: +User: "tobkle", role: "admin", id: "59a21233dce0b1045f716623", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59a21233dce0b1045f716626", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:28:35 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:28:35 updated tweet 59a21233dce0b1045f716626. +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 Request: +User: "tobkle", role: "admin", id: "59a21233dce0b1045f716623", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a21233dce0b1045f716625") { + body + } +} + +2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 Request: +User: "tobkle", role: "admin", id: "59a21233dce0b1045f716623", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59a21233dce0b1045f716625") +} + +2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:28:35 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:28:35 removed tweet 59a21233dce0b1045f716625. +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 Request: +User: "tobkle", role: "admin", id: "59a21233dce0b1045f716623", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59a21233dce0b1045f716626") +} + +2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:28:35 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:28:35 removed tweet 59a21233dce0b1045f716626. +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 Request: +User: "tobkle", role: "admin", id: "59a21233dce0b1045f716623", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a21233dce0b1045f716625") { + body + } +} + +2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 Request: +User: "tobkle", role: "admin", id: "59a21233dce0b1045f716623", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59a21233dce0b1045f716623") +} + +2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:28:35 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-27 02:28:35 removed user 59a21233dce0b1045f716623. +2017-08-27 02:28:35 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59a21233dce0b1045f716623") { + username + bio + role + } +} + +2017-08-27 02:28:35 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:28:35 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "admin"}) { + id + } +} + +2017-08-27 02:28:35 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:28:35 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-27 02:28:35 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-27 02:28:35 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-27 02:28:35 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:28:35 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. +2017-08-27 02:28:35 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 02:28:35 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:28:35 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. +2017-08-27 02:28:35 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-27 02:28:35 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-27 02:28:35 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:28:35 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-27 02:28:35 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-27 02:28:35 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:28:35 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-27 02:28:35 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-27 02:28:35 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:28:35 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-27 02:28:35 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-27 02:28:35 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:28:35 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-27 02:28:35 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-27 02:28:35 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:28:35 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-27 02:28:35 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-27 02:28:35 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-27 02:28:35 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:28:35 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-27 02:28:35 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-27 02:28:35 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-27 02:28:35 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:28:35 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "user"}) { + id + role + } +} + +2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:35 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:35 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-27 02:28:35 inserted user 59a21233dce0b1045f716627. +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 Request: +User: "tobkle", role: "user", id: "59a21233dce0b1045f716627", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {email: "zol@gmail.com", password: "password", username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21233dce0b1045f716627" + } + ] +} +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 02:28:35 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. +2017-08-27 02:28:35 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 Request: +User: "tobkle", role: "user", id: "59a21233dce0b1045f716627", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21233dce0b1045f716627" + } + ] +} +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 Request: +User: "tobkle", role: "user", id: "59a21233dce0b1045f716627", +Operation: "", variables: "", +Query: +{ + user(id: "59a21233dce0b1045f716627") { + username + } +} + +2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21233dce0b1045f716627" + } + ] +} +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 Request: +User: "tobkle", role: "user", id: "59a21233dce0b1045f716627", +Operation: "", variables: "", +Query: +{ + user(id: "59a21233dce0b1045f716627") { + username + role + } +} + +2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21233dce0b1045f716627" + } + ] +} +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 Request: +User: "tobkle", role: "user", id: "59a21233dce0b1045f716627", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21233dce0b1045f716627" + } + ] +} +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 02:28:35 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21233dce0b1045f716627" + } + ] +} +2017-08-27 02:28:35 ERROR update user not possible for 583291a1638566b3c5a92ca1. +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 Request: +User: "tobkle", role: "user", id: "59a21233dce0b1045f716627", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a21233dce0b1045f716627", input: {username: "tobkle", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21233dce0b1045f716627" + } + ] +} +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 02:28:35 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21233dce0b1045f716627" + } + ] +} +2017-08-27 02:28:35 updated user 59a21233dce0b1045f716627. +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 Request: +User: "tobkle", role: "user", id: "59a21233dce0b1045f716627", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a21233dce0b1045f716627", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21233dce0b1045f716627" + } + ] +} +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 02:28:35 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21233dce0b1045f716627" + } + ] +} +2017-08-27 02:28:35 updated user 59a21233dce0b1045f716627. +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 Request: +User: "tobkle", role: "user", id: "59a21233dce0b1045f716627", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21233dce0b1045f716627" + } + ] +} +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 02:28:35 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21233dce0b1045f716627" + } + ] +} +2017-08-27 02:28:35 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 Request: +User: "tobkle", role: "user", id: "59a21233dce0b1045f716627", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59a21233dce0b1045f716627", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21233dce0b1045f716627" + } + ] +} +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 02:28:35 inserted tweet 59a21233dce0b1045f716628. +2017-08-27 02:28:35 Authorize create 'createTweet' with user 'tobkle' and role: 'user' is authorized by docRole. +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. +2017-08-27 02:28:35 Request: +User: "tobkle", role: "user", id: "59a21233dce0b1045f716627", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21233dce0b1045f716627" + } + ] +} +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 02:28:35 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 Request: +User: "tobkle", role: "user", id: "59a21233dce0b1045f716627", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a21233dce0b1045f716628") { + author { + id + } + body + } +} + +2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21233dce0b1045f716627" + } + ] +} +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 Request: +User: "tobkle", role: "user", id: "59a21233dce0b1045f716627", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21233dce0b1045f716627" + } + ] +} +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 Request: +User: "tobkle", role: "user", id: "59a21233dce0b1045f716627", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59a21233dce0b1045f716628", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21233dce0b1045f716627" + } + ] +} +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 02:28:35 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59a21233dce0b1045f716627" + }, + { + "coauthorsIds": "59a21233dce0b1045f716627" + } + ] +} +2017-08-27 02:28:35 updated tweet 59a21233dce0b1045f716628. +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 Request: +User: "tobkle", role: "user", id: "59a21233dce0b1045f716627", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21233dce0b1045f716627" + } + ] +} +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 02:28:35 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59a21233dce0b1045f716627" + }, + { + "coauthorsIds": "59a21233dce0b1045f716627" + } + ] +} +2017-08-27 02:28:35 ERROR update tweet not possible for 583676d3618530145474e352. +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 Request: +User: "tobkle", role: "user", id: "59a21233dce0b1045f716627", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a21233dce0b1045f716628") { + body + } +} + +2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21233dce0b1045f716627" + } + ] +} +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 Request: +User: "tobkle", role: "user", id: "59a21233dce0b1045f716627", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59a21233dce0b1045f716628") +} + +2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21233dce0b1045f716627" + } + ] +} +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 02:28:35 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59a21233dce0b1045f716627" + } + ] +} +2017-08-27 02:28:35 removed tweet 59a21233dce0b1045f716628. +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 Request: +User: "tobkle", role: "user", id: "59a21233dce0b1045f716627", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21233dce0b1045f716627" + } + ] +} +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 02:28:35 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59a21233dce0b1045f716627" + } + ] +} +2017-08-27 02:28:35 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 Request: +User: "tobkle", role: "user", id: "59a21233dce0b1045f716627", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a21233dce0b1045f716628") { + body + } +} + +2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21233dce0b1045f716627" + } + ] +} +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 Request: +User: "tobkle", role: "user", id: "59a21233dce0b1045f716627", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59a21233dce0b1045f716627") +} + +2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21233dce0b1045f716627" + } + ] +} +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 02:28:35 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21233dce0b1045f716627" + } + ] +} +2017-08-27 02:28:35 removed user 59a21233dce0b1045f716627. +2017-08-27 02:28:35 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59a21233dce0b1045f716627") { + username + bio + role + } +} + +2017-08-27 02:28:35 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 02:28:35 -------------------------------------------------------------------------------- +2017-08-27 02:28:35 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "editor"}) { + id + role + } +} + +2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:36 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-27 02:28:36 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-27 02:28:36 inserted user 59a21234dce0b1045f716629. +2017-08-27 02:28:36 -------------------------------------------------------------------------------- +2017-08-27 02:28:36 Request: +User: "tobkle", role: "editor", id: "59a21234dce0b1045f716629", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {email: "zol@gmail.com", password: "password", username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-08-27 02:28:36 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21234dce0b1045f716629" + } + ] +} +2017-08-27 02:28:36 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-27 02:28:36 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. +2017-08-27 02:28:36 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. +2017-08-27 02:28:36 -------------------------------------------------------------------------------- +2017-08-27 02:28:36 Request: +User: "tobkle", role: "editor", id: "59a21234dce0b1045f716629", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-27 02:28:36 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21234dce0b1045f716629" + } + ] +} +2017-08-27 02:28:36 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-27 02:28:36 -------------------------------------------------------------------------------- +2017-08-27 02:28:36 Request: +User: "tobkle", role: "editor", id: "59a21234dce0b1045f716629", +Operation: "", variables: "", +Query: +{ + user(id: "59a21234dce0b1045f716629") { + username + role + } +} + +2017-08-27 02:28:36 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21234dce0b1045f716629" + } + ] +} +2017-08-27 02:28:36 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-27 02:28:36 -------------------------------------------------------------------------------- +2017-08-27 02:28:36 Request: +User: "tobkle", role: "editor", id: "59a21234dce0b1045f716629", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 02:28:36 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21234dce0b1045f716629" + } + ] +} +2017-08-27 02:28:36 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-27 02:28:36 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21234dce0b1045f716629" + } + ] +} +2017-08-27 02:28:36 ERROR update user not possible for 583291a1638566b3c5a92ca1. +2017-08-27 02:28:36 -------------------------------------------------------------------------------- +2017-08-27 02:28:36 Request: +User: "tobkle", role: "editor", id: "59a21234dce0b1045f716629", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a21234dce0b1045f716629", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-08-27 02:28:36 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21234dce0b1045f716629" + } + ] +} +2017-08-27 02:28:36 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-27 02:28:36 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21234dce0b1045f716629" + } + ] +} +2017-08-27 02:28:36 updated user 59a21234dce0b1045f716629. +2017-08-27 02:28:36 -------------------------------------------------------------------------------- +2017-08-27 02:28:36 Request: +User: "tmeasday", role: "editor", id: "59a21234dce0b1045f716629", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a21234dce0b1045f716629", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 02:28:36 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21234dce0b1045f716629" + } + ] +} +2017-08-27 02:28:36 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-27 02:28:36 Authorize update 'updateUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21234dce0b1045f716629" + } + ] +} +2017-08-27 02:28:36 updated user 59a21234dce0b1045f716629. +2017-08-27 02:28:36 -------------------------------------------------------------------------------- +2017-08-27 02:28:36 Request: +User: "tmeasday", role: "editor", id: "59a21234dce0b1045f716629", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-27 02:28:36 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21234dce0b1045f716629" + } + ] +} +2017-08-27 02:28:36 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-27 02:28:36 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21234dce0b1045f716629" + } + ] +} +2017-08-27 02:28:36 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-08-27 02:28:36 -------------------------------------------------------------------------------- +2017-08-27 02:28:36 Request: +User: "tmeasday", role: "editor", id: "59a21234dce0b1045f716629", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59a21234dce0b1045f716629", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-27 02:28:36 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21234dce0b1045f716629" + } + ] +} +2017-08-27 02:28:36 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-27 02:28:36 inserted tweet 59a21234dce0b1045f71662a. +2017-08-27 02:28:36 Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is authorized by docRole. +2017-08-27 02:28:36 -------------------------------------------------------------------------------- +2017-08-27 02:28:36 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. +2017-08-27 02:28:36 Request: +User: "tmeasday", role: "editor", id: "59a21234dce0b1045f716629", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-27 02:28:36 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21234dce0b1045f716629" + } + ] +} +2017-08-27 02:28:36 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-27 02:28:36 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. +2017-08-27 02:28:36 -------------------------------------------------------------------------------- +2017-08-27 02:28:36 Request: +User: "tmeasday", role: "editor", id: "59a21234dce0b1045f716629", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a21234dce0b1045f71662a") { + author { + id + } + body + } +} + +2017-08-27 02:28:36 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21234dce0b1045f716629" + } + ] +} +2017-08-27 02:28:36 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-27 02:28:36 -------------------------------------------------------------------------------- +2017-08-27 02:28:36 Request: +User: "tmeasday", role: "editor", id: "59a21234dce0b1045f716629", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-27 02:28:36 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21234dce0b1045f716629" + } + ] +} +2017-08-27 02:28:36 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-27 02:28:36 -------------------------------------------------------------------------------- +2017-08-27 02:28:36 Request: +User: "tmeasday", role: "editor", id: "59a21234dce0b1045f716629", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59a21234dce0b1045f71662a", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-27 02:28:36 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21234dce0b1045f716629" + } + ] +} +2017-08-27 02:28:36 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-27 02:28:36 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59a21234dce0b1045f716629" + }, + { + "coauthorsIds": "59a21234dce0b1045f716629" + } + ] +} +2017-08-27 02:28:36 updated tweet 59a21234dce0b1045f71662a. +2017-08-27 02:28:36 -------------------------------------------------------------------------------- +2017-08-27 02:28:36 Request: +User: "tmeasday", role: "editor", id: "59a21234dce0b1045f716629", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-27 02:28:36 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21234dce0b1045f716629" + } + ] +} +2017-08-27 02:28:36 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-27 02:28:36 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59a21234dce0b1045f716629" + }, + { + "coauthorsIds": "59a21234dce0b1045f716629" + } + ] +} +2017-08-27 02:28:36 ERROR update tweet not possible for 583676d3618530145474e352. +2017-08-27 02:28:36 -------------------------------------------------------------------------------- +2017-08-27 02:28:36 Request: +User: "tmeasday", role: "editor", id: "59a21234dce0b1045f716629", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a21234dce0b1045f71662a") { + body + } +} + +2017-08-27 02:28:36 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21234dce0b1045f716629" + } + ] +} +2017-08-27 02:28:36 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-27 02:28:36 -------------------------------------------------------------------------------- +2017-08-27 02:28:36 Request: +User: "tmeasday", role: "editor", id: "59a21234dce0b1045f716629", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59a21234dce0b1045f71662a") +} + +2017-08-27 02:28:36 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21234dce0b1045f716629" + } + ] +} +2017-08-27 02:28:36 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-27 02:28:36 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59a21234dce0b1045f716629" + } + ] +} +2017-08-27 02:28:36 removed tweet 59a21234dce0b1045f71662a. +2017-08-27 02:28:36 -------------------------------------------------------------------------------- +2017-08-27 02:28:36 Request: +User: "tmeasday", role: "editor", id: "59a21234dce0b1045f716629", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-27 02:28:36 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21234dce0b1045f716629" + } + ] +} +2017-08-27 02:28:36 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-27 02:28:36 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59a21234dce0b1045f716629" + } + ] +} +2017-08-27 02:28:36 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-08-27 02:28:36 -------------------------------------------------------------------------------- +2017-08-27 02:28:36 Request: +User: "tmeasday", role: "editor", id: "59a21234dce0b1045f716629", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a21234dce0b1045f71662a") { + body + } +} + +2017-08-27 02:28:36 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21234dce0b1045f716629" + } + ] +} +2017-08-27 02:28:36 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-27 02:28:36 -------------------------------------------------------------------------------- +2017-08-27 02:28:36 Request: +User: "tmeasday", role: "editor", id: "59a21234dce0b1045f716629", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59a21234dce0b1045f716629") +} + +2017-08-27 02:28:36 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21234dce0b1045f716629" + } + ] +} +2017-08-27 02:28:36 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-27 02:28:36 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21234dce0b1045f716629" + } + ] +} +2017-08-27 02:28:36 removed user 59a21234dce0b1045f716629. +2017-08-27 02:28:36 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:28:36 -------------------------------------------------------------------------------- +2017-08-27 02:28:36 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59a21234dce0b1045f716629") { + username + bio + role + } +} + +2017-08-27 02:28:36 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 02:28:36 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 03:17:24 -------------------------------------------------------------------------------- +2017-08-27 03:17:24 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-08-27 03:17:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 -------------------------------------------------------------------------------- +2017-08-27 03:17:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 -------------------------------------------------------------------------------- +2017-08-27 03:17:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + role + username + } +} + +2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 -------------------------------------------------------------------------------- +2017-08-27 03:17:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + role + username + } +} + +2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 -------------------------------------------------------------------------------- +2017-08-27 03:17:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca2") { + role + username + } +} + +2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 -------------------------------------------------------------------------------- +2017-08-27 03:17:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + id + username + bio + } +} + +2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 -------------------------------------------------------------------------------- +2017-08-27 03:17:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users { + username + createdAt + } +} + +2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 -------------------------------------------------------------------------------- +2017-08-27 03:17:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(limit: 1) { + username + createdAt + } +} + +2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 -------------------------------------------------------------------------------- +2017-08-27 03:17:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993) { + username + createdAt + } +} + +2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 -------------------------------------------------------------------------------- +2017-08-27 03:17:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } +} + +2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 -------------------------------------------------------------------------------- +2017-08-27 03:17:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers { + username + createdAt + } + } +} + +2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 -------------------------------------------------------------------------------- +2017-08-27 03:17:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(limit: 1) { + username + createdAt + } + } +} + +2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 -------------------------------------------------------------------------------- +2017-08-27 03:17:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 -------------------------------------------------------------------------------- +2017-08-27 03:17:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 -------------------------------------------------------------------------------- +2017-08-27 03:17:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following { + username + createdAt + } + } +} + +2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 -------------------------------------------------------------------------------- +2017-08-27 03:17:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(limit: 1) { + username + createdAt + } + } +} + +2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 -------------------------------------------------------------------------------- +2017-08-27 03:17:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 -------------------------------------------------------------------------------- +2017-08-27 03:17:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 -------------------------------------------------------------------------------- +2017-08-27 03:17:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets { + id + createdAt + } + } +} + +2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 -------------------------------------------------------------------------------- +2017-08-27 03:17:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(limit: 1) { + id + createdAt + } + } +} + +2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 -------------------------------------------------------------------------------- +2017-08-27 03:17:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } + } +} + +2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 -------------------------------------------------------------------------------- +2017-08-27 03:17:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } + } +} + +2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 -------------------------------------------------------------------------------- +2017-08-27 03:17:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked { + id + createdAt + } + } +} + +2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 -------------------------------------------------------------------------------- +2017-08-27 03:17:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(limit: 1) { + id + createdAt + } + } +} + +2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 -------------------------------------------------------------------------------- +2017-08-27 03:17:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334) { + id + createdAt + } + } +} + +2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 -------------------------------------------------------------------------------- +2017-08-27 03:17:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334, limit: 1) { + id + createdAt + } + } +} + +2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 -------------------------------------------------------------------------------- +2017-08-27 03:17:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + id + body + } +} + +2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 -------------------------------------------------------------------------------- +2017-08-27 03:17:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + author { + username + } + } +} + +2017-08-27 03:17:45 -------------------------------------------------------------------------------- +2017-08-27 03:17:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets { + id + createdAt + } +} + +2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:46 -------------------------------------------------------------------------------- +2017-08-27 03:17:46 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(limit: 1) { + id + createdAt + } +} + +2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:46 -------------------------------------------------------------------------------- +2017-08-27 03:17:46 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } +} + +2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:46 -------------------------------------------------------------------------------- +2017-08-27 03:17:46 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } +} + +2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:46 -------------------------------------------------------------------------------- +2017-08-27 03:17:46 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers { + username + createdAt + } + } +} + +2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:46 -------------------------------------------------------------------------------- +2017-08-27 03:17:46 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(limit: 1) { + username + createdAt + } + } +} + +2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:46 -------------------------------------------------------------------------------- +2017-08-27 03:17:46 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993) { + username + createdAt + } + } +} + +2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:46 -------------------------------------------------------------------------------- +2017-08-27 03:17:46 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } + } +} + +2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:46 -------------------------------------------------------------------------------- +2017-08-27 03:17:46 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "admin"}) { + id + role + } +} + +2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-27 03:17:46 inserted user 59a21dbadce0b1045f71662b. +2017-08-27 03:17:46 -------------------------------------------------------------------------------- +2017-08-27 03:17:46 Request: +User: "tobkle", role: "admin", id: "59a21dbadce0b1045f71662b", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {email: "zol@gmail.com", password: "password", username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-27 03:17:46 inserted user 59a21dbadce0b1045f71662c. +2017-08-27 03:17:46 -------------------------------------------------------------------------------- +2017-08-27 03:17:46 Request: +User: "tobkle", role: "admin", id: "59a21dbadce0b1045f71662b", +Operation: "", variables: "", +Query: +{ + user(id: "59a21dbadce0b1045f71662c") { + username + bio + role + } +} + +2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:17:46 -------------------------------------------------------------------------------- +2017-08-27 03:17:46 Request: +User: "tobkle", role: "admin", id: "59a21dbadce0b1045f71662b", +Operation: "", variables: "", +Query: +{ + user(id: "59a21dbadce0b1045f71662b") { + username + role + } +} + +2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:17:46 -------------------------------------------------------------------------------- +2017-08-27 03:17:46 Request: +User: "tobkle", role: "admin", id: "59a21dbadce0b1045f71662b", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a21dbadce0b1045f71662c", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:17:46 updated user 59a21dbadce0b1045f71662c. +2017-08-27 03:17:46 -------------------------------------------------------------------------------- +2017-08-27 03:17:46 Request: +User: "tobkle", role: "admin", id: "59a21dbadce0b1045f71662b", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a21dbadce0b1045f71662b", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:17:46 updated user 59a21dbadce0b1045f71662b. +2017-08-27 03:17:46 -------------------------------------------------------------------------------- +2017-08-27 03:17:46 Request: +User: "tobkle", role: "admin", id: "59a21dbadce0b1045f71662b", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a21dbadce0b1045f71662c", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:17:46 updated user 59a21dbadce0b1045f71662c. +2017-08-27 03:17:46 -------------------------------------------------------------------------------- +2017-08-27 03:17:46 Request: +User: "tobkle", role: "admin", id: "59a21dbadce0b1045f71662b", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a21dbadce0b1045f71662b", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:17:46 updated user 59a21dbadce0b1045f71662b. +2017-08-27 03:17:46 -------------------------------------------------------------------------------- +2017-08-27 03:17:46 Request: +User: "tobkle", role: "editor", id: "59a21dbadce0b1045f71662b", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a21dbadce0b1045f71662b", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21dbadce0b1045f71662b" + } + ] +} +2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-27 03:17:46 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21dbadce0b1045f71662b" + } + ] +} +2017-08-27 03:17:46 updated user 59a21dbadce0b1045f71662b. +2017-08-27 03:17:46 -------------------------------------------------------------------------------- +2017-08-27 03:17:46 Request: +User: "zoltan", role: "admin", id: "59a21dbadce0b1045f71662c", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a21dbadce0b1045f71662b", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'zoltan' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'zoltan' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize update 'updateUser' with user 'zoltan' and role 'admin' is authorized +2017-08-27 03:17:46 updated user 59a21dbadce0b1045f71662b. +2017-08-27 03:17:46 -------------------------------------------------------------------------------- +2017-08-27 03:17:46 Request: +User: "tobkle", role: "admin", id: "59a21dbadce0b1045f71662b", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59a21dbadce0b1045f71662c") +} + +2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:17:46 removed user 59a21dbadce0b1045f71662c. +2017-08-27 03:17:46 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:17:46 -------------------------------------------------------------------------------- +2017-08-27 03:17:46 Request: +User: "tobkle", role: "admin", id: "59a21dbadce0b1045f71662b", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59a21dbadce0b1045f71662b", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-27 03:17:46 inserted tweet 59a21dbadce0b1045f71662d. +2017-08-27 03:17:46 -------------------------------------------------------------------------------- +2017-08-27 03:17:46 Request: +User: "tobkle", role: "admin", id: "59a21dbadce0b1045f71662b", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:17:46 -------------------------------------------------------------------------------- +2017-08-27 03:17:46 Request: +User: "tobkle", role: "admin", id: "59a21dbadce0b1045f71662b", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a21dbadce0b1045f71662d") { + author { + id + } + body + } +} + +2017-08-27 03:17:46 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:17:46 inserted tweet 59a21dbadce0b1045f71662e. +2017-08-27 03:17:46 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:17:46 -------------------------------------------------------------------------------- +2017-08-27 03:17:46 Request: +User: "tobkle", role: "admin", id: "59a21dbadce0b1045f71662b", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:17:46 -------------------------------------------------------------------------------- +2017-08-27 03:17:46 Request: +User: "tobkle", role: "admin", id: "59a21dbadce0b1045f71662b", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59a21dbadce0b1045f71662d", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:17:46 updated tweet 59a21dbadce0b1045f71662d. +2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:17:46 -------------------------------------------------------------------------------- +2017-08-27 03:17:46 Request: +User: "tobkle", role: "admin", id: "59a21dbadce0b1045f71662b", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59a21dbadce0b1045f71662e", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:17:46 updated tweet 59a21dbadce0b1045f71662e. +2017-08-27 03:17:46 -------------------------------------------------------------------------------- +2017-08-27 03:17:46 Request: +User: "tobkle", role: "admin", id: "59a21dbadce0b1045f71662b", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a21dbadce0b1045f71662d") { + body + } +} + +2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:17:46 -------------------------------------------------------------------------------- +2017-08-27 03:17:46 Request: +User: "tobkle", role: "admin", id: "59a21dbadce0b1045f71662b", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59a21dbadce0b1045f71662d") +} + +2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:17:46 removed tweet 59a21dbadce0b1045f71662d. +2017-08-27 03:17:46 -------------------------------------------------------------------------------- +2017-08-27 03:17:46 Request: +User: "tobkle", role: "admin", id: "59a21dbadce0b1045f71662b", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59a21dbadce0b1045f71662e") +} + +2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:17:46 removed tweet 59a21dbadce0b1045f71662e. +2017-08-27 03:17:46 -------------------------------------------------------------------------------- +2017-08-27 03:17:46 Request: +User: "tobkle", role: "admin", id: "59a21dbadce0b1045f71662b", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a21dbadce0b1045f71662d") { + body + } +} + +2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:17:46 -------------------------------------------------------------------------------- +2017-08-27 03:17:46 Request: +User: "tobkle", role: "admin", id: "59a21dbadce0b1045f71662b", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59a21dbadce0b1045f71662b") +} + +2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:17:46 removed user 59a21dbadce0b1045f71662b. +2017-08-27 03:17:46 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:17:46 -------------------------------------------------------------------------------- +2017-08-27 03:17:46 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59a21dbadce0b1045f71662b") { + username + bio + role + } +} + +2017-08-27 03:17:46 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 03:17:46 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:17:46 -------------------------------------------------------------------------------- +2017-08-27 03:17:46 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "admin"}) { + id + } +} + +2017-08-27 03:17:46 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 03:17:46 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-27 03:17:46 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-27 03:17:46 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:17:46 -------------------------------------------------------------------------------- +2017-08-27 03:17:46 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-27 03:17:46 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 03:17:46 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:17:46 -------------------------------------------------------------------------------- +2017-08-27 03:17:46 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. +2017-08-27 03:17:46 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 03:17:46 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 03:17:46 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. +2017-08-27 03:17:46 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:17:46 -------------------------------------------------------------------------------- +2017-08-27 03:17:46 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-27 03:17:46 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-27 03:17:46 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 03:17:46 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-27 03:17:46 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:17:46 -------------------------------------------------------------------------------- +2017-08-27 03:17:46 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-27 03:17:46 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 03:17:46 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:17:46 -------------------------------------------------------------------------------- +2017-08-27 03:17:46 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-27 03:17:46 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-27 03:17:46 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 03:17:46 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-27 03:17:46 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:17:46 -------------------------------------------------------------------------------- +2017-08-27 03:17:46 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-27 03:17:46 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 03:17:46 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:17:46 -------------------------------------------------------------------------------- +2017-08-27 03:17:46 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-27 03:17:46 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-27 03:17:46 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 03:17:46 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-27 03:17:46 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:17:46 -------------------------------------------------------------------------------- +2017-08-27 03:17:46 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-27 03:17:46 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-27 03:17:46 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 03:17:46 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-27 03:17:46 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:17:46 -------------------------------------------------------------------------------- +2017-08-27 03:17:46 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-27 03:17:46 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-27 03:17:46 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 03:17:46 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-27 03:17:46 -------------------------------------------------------------------------------- +2017-08-27 03:17:46 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "user"}) { + id + role + } +} + +2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:46 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-27 03:17:46 inserted user 59a21dbadce0b1045f71662f. +2017-08-27 03:17:46 -------------------------------------------------------------------------------- +2017-08-27 03:17:46 Request: +User: "tobkle", role: "user", id: "59a21dbadce0b1045f71662f", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {email: "zol@gmail.com", password: "password", username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21dbadce0b1045f71662f" + } + ] +} +2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 03:17:46 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. +2017-08-27 03:17:46 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. +2017-08-27 03:17:46 -------------------------------------------------------------------------------- +2017-08-27 03:17:46 Request: +User: "tobkle", role: "user", id: "59a21dbadce0b1045f71662f", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21dbadce0b1045f71662f" + } + ] +} +2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 03:17:46 -------------------------------------------------------------------------------- +2017-08-27 03:17:46 Request: +User: "tobkle", role: "user", id: "59a21dbadce0b1045f71662f", +Operation: "", variables: "", +Query: +{ + user(id: "59a21dbadce0b1045f71662f") { + username + } +} + +2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21dbadce0b1045f71662f" + } + ] +} +2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 03:17:46 -------------------------------------------------------------------------------- +2017-08-27 03:17:46 Request: +User: "tobkle", role: "user", id: "59a21dbadce0b1045f71662f", +Operation: "", variables: "", +Query: +{ + user(id: "59a21dbadce0b1045f71662f") { + username + role + } +} + +2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21dbadce0b1045f71662f" + } + ] +} +2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 03:17:46 -------------------------------------------------------------------------------- +2017-08-27 03:17:46 Request: +User: "tobkle", role: "user", id: "59a21dbadce0b1045f71662f", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21dbadce0b1045f71662f" + } + ] +} +2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 03:17:46 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21dbadce0b1045f71662f" + } + ] +} +2017-08-27 03:17:46 ERROR update user not possible for 583291a1638566b3c5a92ca1. +2017-08-27 03:17:46 -------------------------------------------------------------------------------- +2017-08-27 03:17:46 Request: +User: "tobkle", role: "user", id: "59a21dbadce0b1045f71662f", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a21dbadce0b1045f71662f", input: {username: "tobkle", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21dbadce0b1045f71662f" + } + ] +} +2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 03:17:46 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21dbadce0b1045f71662f" + } + ] +} +2017-08-27 03:17:46 updated user 59a21dbadce0b1045f71662f. +2017-08-27 03:17:46 -------------------------------------------------------------------------------- +2017-08-27 03:17:46 Request: +User: "tobkle", role: "user", id: "59a21dbadce0b1045f71662f", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a21dbadce0b1045f71662f", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21dbadce0b1045f71662f" + } + ] +} +2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 03:17:46 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21dbadce0b1045f71662f" + } + ] +} +2017-08-27 03:17:46 updated user 59a21dbadce0b1045f71662f. +2017-08-27 03:17:46 -------------------------------------------------------------------------------- +2017-08-27 03:17:46 Request: +User: "tobkle", role: "user", id: "59a21dbadce0b1045f71662f", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21dbadce0b1045f71662f" + } + ] +} +2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 03:17:46 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21dbadce0b1045f71662f" + } + ] +} +2017-08-27 03:17:46 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-08-27 03:17:46 -------------------------------------------------------------------------------- +2017-08-27 03:17:46 Request: +User: "tobkle", role: "user", id: "59a21dbadce0b1045f71662f", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59a21dbadce0b1045f71662f", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21dbadce0b1045f71662f" + } + ] +} +2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 03:17:46 Authorize create 'createTweet' with user 'tobkle' and role: 'user' is authorized by docRole. +2017-08-27 03:17:46 inserted tweet 59a21dbadce0b1045f716630. +2017-08-27 03:17:46 -------------------------------------------------------------------------------- +2017-08-27 03:17:46 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. +2017-08-27 03:17:46 Request: +User: "tobkle", role: "user", id: "59a21dbadce0b1045f71662f", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21dbadce0b1045f71662f" + } + ] +} +2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 03:17:46 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. +2017-08-27 03:17:47 -------------------------------------------------------------------------------- +2017-08-27 03:17:47 Request: +User: "tobkle", role: "user", id: "59a21dbadce0b1045f71662f", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a21dbadce0b1045f716630") { + author { + id + } + body + } +} + +2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21dbadce0b1045f71662f" + } + ] +} +2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 03:17:47 -------------------------------------------------------------------------------- +2017-08-27 03:17:47 Request: +User: "tobkle", role: "user", id: "59a21dbadce0b1045f71662f", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21dbadce0b1045f71662f" + } + ] +} +2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 03:17:47 -------------------------------------------------------------------------------- +2017-08-27 03:17:47 Request: +User: "tobkle", role: "user", id: "59a21dbadce0b1045f71662f", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59a21dbadce0b1045f716630", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21dbadce0b1045f71662f" + } + ] +} +2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 03:17:47 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59a21dbadce0b1045f71662f" + }, + { + "coauthorsIds": "59a21dbadce0b1045f71662f" + } + ] +} +2017-08-27 03:17:47 updated tweet 59a21dbadce0b1045f716630. +2017-08-27 03:17:47 -------------------------------------------------------------------------------- +2017-08-27 03:17:47 Request: +User: "tobkle", role: "user", id: "59a21dbadce0b1045f71662f", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21dbadce0b1045f71662f" + } + ] +} +2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 03:17:47 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59a21dbadce0b1045f71662f" + }, + { + "coauthorsIds": "59a21dbadce0b1045f71662f" + } + ] +} +2017-08-27 03:17:47 ERROR update tweet not possible for 583676d3618530145474e352. +2017-08-27 03:17:47 -------------------------------------------------------------------------------- +2017-08-27 03:17:47 Request: +User: "tobkle", role: "user", id: "59a21dbadce0b1045f71662f", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a21dbadce0b1045f716630") { + body + } +} + +2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21dbadce0b1045f71662f" + } + ] +} +2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 03:17:47 -------------------------------------------------------------------------------- +2017-08-27 03:17:47 Request: +User: "tobkle", role: "user", id: "59a21dbadce0b1045f71662f", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59a21dbadce0b1045f716630") +} + +2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21dbadce0b1045f71662f" + } + ] +} +2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 03:17:47 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59a21dbadce0b1045f71662f" + } + ] +} +2017-08-27 03:17:47 removed tweet 59a21dbadce0b1045f716630. +2017-08-27 03:17:47 -------------------------------------------------------------------------------- +2017-08-27 03:17:47 Request: +User: "tobkle", role: "user", id: "59a21dbadce0b1045f71662f", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21dbadce0b1045f71662f" + } + ] +} +2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 03:17:47 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59a21dbadce0b1045f71662f" + } + ] +} +2017-08-27 03:17:47 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-08-27 03:17:47 -------------------------------------------------------------------------------- +2017-08-27 03:17:47 Request: +User: "tobkle", role: "user", id: "59a21dbadce0b1045f71662f", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a21dbadce0b1045f716630") { + body + } +} + +2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21dbadce0b1045f71662f" + } + ] +} +2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 03:17:47 -------------------------------------------------------------------------------- +2017-08-27 03:17:47 Request: +User: "tobkle", role: "user", id: "59a21dbadce0b1045f71662f", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59a21dbadce0b1045f71662f") +} + +2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21dbadce0b1045f71662f" + } + ] +} +2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 03:17:47 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21dbadce0b1045f71662f" + } + ] +} +2017-08-27 03:17:47 removed user 59a21dbadce0b1045f71662f. +2017-08-27 03:17:47 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:17:47 -------------------------------------------------------------------------------- +2017-08-27 03:17:47 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59a21dbadce0b1045f71662f") { + username + bio + role + } +} + +2017-08-27 03:17:47 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 03:17:47 -------------------------------------------------------------------------------- +2017-08-27 03:17:47 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "editor"}) { + id + role + } +} + +2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:47 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:17:47 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-27 03:17:47 inserted user 59a21dbbdce0b1045f716631. +2017-08-27 03:17:47 -------------------------------------------------------------------------------- +2017-08-27 03:17:47 Request: +User: "tobkle", role: "editor", id: "59a21dbbdce0b1045f716631", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {email: "zol@gmail.com", password: "password", username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21dbbdce0b1045f716631" + } + ] +} +2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-27 03:17:47 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. +2017-08-27 03:17:47 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. +2017-08-27 03:17:47 -------------------------------------------------------------------------------- +2017-08-27 03:17:47 Request: +User: "tobkle", role: "editor", id: "59a21dbbdce0b1045f716631", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21dbbdce0b1045f716631" + } + ] +} +2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-27 03:17:47 -------------------------------------------------------------------------------- +2017-08-27 03:17:47 Request: +User: "tobkle", role: "editor", id: "59a21dbbdce0b1045f716631", +Operation: "", variables: "", +Query: +{ + user(id: "59a21dbbdce0b1045f716631") { + username + role + } +} + +2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21dbbdce0b1045f716631" + } + ] +} +2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-27 03:17:47 -------------------------------------------------------------------------------- +2017-08-27 03:17:47 Request: +User: "tobkle", role: "editor", id: "59a21dbbdce0b1045f716631", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21dbbdce0b1045f716631" + } + ] +} +2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-27 03:17:47 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21dbbdce0b1045f716631" + } + ] +} +2017-08-27 03:17:47 ERROR update user not possible for 583291a1638566b3c5a92ca1. +2017-08-27 03:17:47 -------------------------------------------------------------------------------- +2017-08-27 03:17:47 updated user 59a21dbbdce0b1045f716631. +2017-08-27 03:17:47 Request: +User: "tobkle", role: "editor", id: "59a21dbbdce0b1045f716631", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a21dbbdce0b1045f716631", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21dbbdce0b1045f716631" + } + ] +} +2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-27 03:17:47 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21dbbdce0b1045f716631" + } + ] +} +2017-08-27 03:17:47 -------------------------------------------------------------------------------- +2017-08-27 03:17:47 Request: +User: "tmeasday", role: "editor", id: "59a21dbbdce0b1045f716631", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a21dbbdce0b1045f716631", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21dbbdce0b1045f716631" + } + ] +} +2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-27 03:17:47 Authorize update 'updateUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21dbbdce0b1045f716631" + } + ] +} +2017-08-27 03:17:47 updated user 59a21dbbdce0b1045f716631. +2017-08-27 03:17:47 -------------------------------------------------------------------------------- +2017-08-27 03:17:47 Request: +User: "tmeasday", role: "editor", id: "59a21dbbdce0b1045f716631", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21dbbdce0b1045f716631" + } + ] +} +2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-27 03:17:47 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21dbbdce0b1045f716631" + } + ] +} +2017-08-27 03:17:47 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-08-27 03:17:47 -------------------------------------------------------------------------------- +2017-08-27 03:17:47 Request: +User: "tmeasday", role: "editor", id: "59a21dbbdce0b1045f716631", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59a21dbbdce0b1045f716631", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21dbbdce0b1045f716631" + } + ] +} +2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-27 03:17:47 Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is authorized by docRole. +2017-08-27 03:17:47 inserted tweet 59a21dbbdce0b1045f716632. +2017-08-27 03:17:47 -------------------------------------------------------------------------------- +2017-08-27 03:17:47 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. +2017-08-27 03:17:47 Request: +User: "tmeasday", role: "editor", id: "59a21dbbdce0b1045f716631", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21dbbdce0b1045f716631" + } + ] +} +2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-27 03:17:47 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. +2017-08-27 03:17:47 -------------------------------------------------------------------------------- +2017-08-27 03:17:47 Request: +User: "tmeasday", role: "editor", id: "59a21dbbdce0b1045f716631", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a21dbbdce0b1045f716632") { + author { + id + } + body + } +} + +2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21dbbdce0b1045f716631" + } + ] +} +2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-27 03:17:47 -------------------------------------------------------------------------------- +2017-08-27 03:17:47 Request: +User: "tmeasday", role: "editor", id: "59a21dbbdce0b1045f716631", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21dbbdce0b1045f716631" + } + ] +} +2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-27 03:17:47 -------------------------------------------------------------------------------- +2017-08-27 03:17:47 Request: +User: "tmeasday", role: "editor", id: "59a21dbbdce0b1045f716631", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59a21dbbdce0b1045f716632", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21dbbdce0b1045f716631" + } + ] +} +2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-27 03:17:47 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59a21dbbdce0b1045f716631" + }, + { + "coauthorsIds": "59a21dbbdce0b1045f716631" + } + ] +} +2017-08-27 03:17:47 updated tweet 59a21dbbdce0b1045f716632. +2017-08-27 03:17:47 -------------------------------------------------------------------------------- +2017-08-27 03:17:47 Request: +User: "tmeasday", role: "editor", id: "59a21dbbdce0b1045f716631", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21dbbdce0b1045f716631" + } + ] +} +2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-27 03:17:47 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59a21dbbdce0b1045f716631" + }, + { + "coauthorsIds": "59a21dbbdce0b1045f716631" + } + ] +} +2017-08-27 03:17:47 ERROR update tweet not possible for 583676d3618530145474e352. +2017-08-27 03:17:47 -------------------------------------------------------------------------------- +2017-08-27 03:17:47 Request: +User: "tmeasday", role: "editor", id: "59a21dbbdce0b1045f716631", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a21dbbdce0b1045f716632") { + body + } +} + +2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21dbbdce0b1045f716631" + } + ] +} +2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-27 03:17:47 -------------------------------------------------------------------------------- +2017-08-27 03:17:47 Request: +User: "tmeasday", role: "editor", id: "59a21dbbdce0b1045f716631", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59a21dbbdce0b1045f716632") +} + +2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21dbbdce0b1045f716631" + } + ] +} +2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-27 03:17:47 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59a21dbbdce0b1045f716631" + } + ] +} +2017-08-27 03:17:47 removed tweet 59a21dbbdce0b1045f716632. +2017-08-27 03:17:47 -------------------------------------------------------------------------------- +2017-08-27 03:17:47 Request: +User: "tmeasday", role: "editor", id: "59a21dbbdce0b1045f716631", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21dbbdce0b1045f716631" + } + ] +} +2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-27 03:17:47 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59a21dbbdce0b1045f716631" + } + ] +} +2017-08-27 03:17:47 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-08-27 03:17:47 -------------------------------------------------------------------------------- +2017-08-27 03:17:47 Request: +User: "tmeasday", role: "editor", id: "59a21dbbdce0b1045f716631", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a21dbbdce0b1045f716632") { + body + } +} + +2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21dbbdce0b1045f716631" + } + ] +} +2017-08-27 03:17:47 -------------------------------------------------------------------------------- +2017-08-27 03:17:47 Request: +User: "tmeasday", role: "editor", id: "59a21dbbdce0b1045f716631", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59a21dbbdce0b1045f716631") +} + +2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21dbbdce0b1045f716631" + } + ] +} +2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-27 03:17:47 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21dbbdce0b1045f716631" + } + ] +} +2017-08-27 03:17:47 removed user 59a21dbbdce0b1045f716631. +2017-08-27 03:17:47 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:17:47 -------------------------------------------------------------------------------- +2017-08-27 03:17:47 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59a21dbbdce0b1045f716631") { + username + bio + role + } +} + +2017-08-27 03:17:47 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 03:18:25 -------------------------------------------------------------------------------- +2017-08-27 03:18:25 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-08-27 03:18:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:33 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:18:33 -------------------------------------------------------------------------------- +2017-08-27 03:18:33 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +query IntrospectionQuery { + __schema { + queryType { + name + } + mutationType { + name + } + subscriptionType { + name + } + types { + ...FullType + } + directives { + name + description + locations + args { + ...InputValue + } + } + } +} + +fragment FullType on __Type { + kind + name + description + fields(includeDeprecated: true) { + name + description + args { + ...InputValue + } + type { + ...TypeRef + } + isDeprecated + deprecationReason + } + inputFields { + ...InputValue + } + interfaces { + ...TypeRef + } + enumValues(includeDeprecated: true) { + name + description + isDeprecated + deprecationReason + } + possibleTypes { + ...TypeRef + } +} + +fragment InputValue on __InputValue { + name + description + type { + ...TypeRef + } + defaultValue +} + +fragment TypeRef on __Type { + kind + name + ofType { + kind + name + ofType { + kind + name + ofType { + kind + name + ofType { + kind + name + ofType { + kind + name + ofType { + kind + name + ofType { + kind + name + } + } + } + } + } + } + } +} + +2017-08-27 03:18:33 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:18:33 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 03:18:36 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:18:36 -------------------------------------------------------------------------------- +2017-08-27 03:18:36 ERROR Authorize readMany 'users' with user '' and role: 'null' is not authorized. +2017-08-27 03:18:36 Request: +User: "", role: "", id: "", +Operation: "", variables: "{}", +Query: +{ + users { + id + } +} + +2017-08-27 03:18:36 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:18:36 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 03:18:36 ERROR Authorize readMany 'users' with user '' and role: 'null' is not authorized. +2017-08-27 03:18:43 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:18:43 -------------------------------------------------------------------------------- +2017-08-27 03:18:43 Request: +User: "", role: "", id: "", +Operation: "", variables: "{}", +Query: +{ + tweets { + id + } +} + +2017-08-27 03:18:43 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:18:43 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 03:18:43 Authorize readMany 'tweets' with user '' and role '' is authorized +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + role + username + } +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + role + username + } +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca2") { + role + username + } +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + id + username + bio + } +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users { + username + createdAt + } +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(limit: 1) { + username + createdAt + } +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993) { + username + createdAt + } +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers { + username + createdAt + } + } +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(limit: 1) { + username + createdAt + } + } +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following { + username + createdAt + } + } +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(limit: 1) { + username + createdAt + } + } +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets { + id + createdAt + } + } +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(limit: 1) { + id + createdAt + } + } +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } + } +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } + } +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked { + id + createdAt + } + } +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(limit: 1) { + id + createdAt + } + } +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334) { + id + createdAt + } + } +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334, limit: 1) { + id + createdAt + } + } +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + id + body + } +} + +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + author { + username + } + } +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets { + id + createdAt + } +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(limit: 1) { + id + createdAt + } +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers { + username + createdAt + } + } +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(limit: 1) { + username + createdAt + } + } +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993) { + username + createdAt + } + } +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } + } +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "admin"}) { + id + role + } +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-27 03:18:48 inserted user 59a21df8dce0b1045f716633. +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "tobkle", role: "admin", id: "59a21df8dce0b1045f716633", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {email: "zol@gmail.com", password: "password", username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-27 03:18:48 inserted user 59a21df8dce0b1045f716634. +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "tobkle", role: "admin", id: "59a21df8dce0b1045f716633", +Operation: "", variables: "", +Query: +{ + user(id: "59a21df8dce0b1045f716634") { + username + bio + role + } +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "tobkle", role: "admin", id: "59a21df8dce0b1045f716633", +Operation: "", variables: "", +Query: +{ + user(id: "59a21df8dce0b1045f716633") { + username + role + } +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "tobkle", role: "admin", id: "59a21df8dce0b1045f716633", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a21df8dce0b1045f716634", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:18:48 updated user 59a21df8dce0b1045f716634. +2017-08-27 03:18:48 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "tobkle", role: "admin", id: "59a21df8dce0b1045f716633", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a21df8dce0b1045f716633", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:18:48 updated user 59a21df8dce0b1045f716633. +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "tobkle", role: "admin", id: "59a21df8dce0b1045f716633", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a21df8dce0b1045f716634", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:18:48 updated user 59a21df8dce0b1045f716634. +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "tobkle", role: "admin", id: "59a21df8dce0b1045f716633", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a21df8dce0b1045f716633", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:18:48 updated user 59a21df8dce0b1045f716633. +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "tobkle", role: "editor", id: "59a21df8dce0b1045f716633", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a21df8dce0b1045f716633", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21df8dce0b1045f716633" + } + ] +} +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-27 03:18:48 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21df8dce0b1045f716633" + } + ] +} +2017-08-27 03:18:48 updated user 59a21df8dce0b1045f716633. +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "zoltan", role: "admin", id: "59a21df8dce0b1045f716634", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a21df8dce0b1045f716633", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'zoltan' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'zoltan' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize update 'updateUser' with user 'zoltan' and role 'admin' is authorized +2017-08-27 03:18:48 updated user 59a21df8dce0b1045f716633. +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "tobkle", role: "admin", id: "59a21df8dce0b1045f716633", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59a21df8dce0b1045f716634") +} + +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:18:48 removed user 59a21df8dce0b1045f716634. +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "tobkle", role: "admin", id: "59a21df8dce0b1045f716633", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59a21df8dce0b1045f716633", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-27 03:18:48 inserted tweet 59a21df8dce0b1045f716635. +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "tobkle", role: "admin", id: "59a21df8dce0b1045f716633", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "tobkle", role: "admin", id: "59a21df8dce0b1045f716633", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a21df8dce0b1045f716635") { + author { + id + } + body + } +} + +2017-08-27 03:18:48 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:18:48 inserted tweet 59a21df8dce0b1045f716636. +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "tobkle", role: "admin", id: "59a21df8dce0b1045f716633", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "tobkle", role: "admin", id: "59a21df8dce0b1045f716633", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59a21df8dce0b1045f716635", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:18:48 updated tweet 59a21df8dce0b1045f716635. +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "tobkle", role: "admin", id: "59a21df8dce0b1045f716633", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59a21df8dce0b1045f716636", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:18:48 updated tweet 59a21df8dce0b1045f716636. +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "tobkle", role: "admin", id: "59a21df8dce0b1045f716633", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a21df8dce0b1045f716635") { + body + } +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "tobkle", role: "admin", id: "59a21df8dce0b1045f716633", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59a21df8dce0b1045f716635") +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:18:48 removed tweet 59a21df8dce0b1045f716635. +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "tobkle", role: "admin", id: "59a21df8dce0b1045f716633", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59a21df8dce0b1045f716636") +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:18:48 removed tweet 59a21df8dce0b1045f716636. +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "tobkle", role: "admin", id: "59a21df8dce0b1045f716633", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a21df8dce0b1045f716635") { + body + } +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "tobkle", role: "admin", id: "59a21df8dce0b1045f716633", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59a21df8dce0b1045f716633") +} + +2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:18:48 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-27 03:18:48 removed user 59a21df8dce0b1045f716633. +2017-08-27 03:18:48 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59a21df8dce0b1045f716633") { + username + bio + role + } +} + +2017-08-27 03:18:48 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 03:18:48 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:18:48 -------------------------------------------------------------------------------- +2017-08-27 03:18:48 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "admin"}) { + id + } +} + +2017-08-27 03:18:48 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 03:18:49 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-27 03:18:49 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-27 03:18:49 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:18:49 -------------------------------------------------------------------------------- +2017-08-27 03:18:49 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-27 03:18:49 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 03:18:49 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:18:49 -------------------------------------------------------------------------------- +2017-08-27 03:18:49 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. +2017-08-27 03:18:49 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 03:18:49 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 03:18:49 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. +2017-08-27 03:18:49 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:18:49 -------------------------------------------------------------------------------- +2017-08-27 03:18:49 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-27 03:18:49 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-27 03:18:49 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 03:18:49 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-27 03:18:49 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:18:49 -------------------------------------------------------------------------------- +2017-08-27 03:18:49 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-27 03:18:49 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 03:18:49 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:18:49 -------------------------------------------------------------------------------- +2017-08-27 03:18:49 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-27 03:18:49 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-27 03:18:49 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 03:18:49 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-27 03:18:49 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:18:49 -------------------------------------------------------------------------------- +2017-08-27 03:18:49 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-27 03:18:49 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 03:18:49 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:18:49 -------------------------------------------------------------------------------- +2017-08-27 03:18:49 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-27 03:18:49 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-27 03:18:49 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 03:18:49 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-27 03:18:49 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:18:49 -------------------------------------------------------------------------------- +2017-08-27 03:18:49 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-27 03:18:49 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-27 03:18:49 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 03:18:49 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-27 03:18:49 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:18:49 -------------------------------------------------------------------------------- +2017-08-27 03:18:49 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-27 03:18:49 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-27 03:18:49 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 03:18:49 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-27 03:18:49 -------------------------------------------------------------------------------- +2017-08-27 03:18:49 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "user"}) { + id + role + } +} + +2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:49 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:49 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-27 03:18:49 inserted user 59a21df9dce0b1045f716637. +2017-08-27 03:18:49 -------------------------------------------------------------------------------- +2017-08-27 03:18:49 Request: +User: "tobkle", role: "user", id: "59a21df9dce0b1045f716637", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {email: "zol@gmail.com", password: "password", username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21df9dce0b1045f716637" + } + ] +} +2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 03:18:49 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. +2017-08-27 03:18:49 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. +2017-08-27 03:18:49 -------------------------------------------------------------------------------- +2017-08-27 03:18:49 Request: +User: "tobkle", role: "user", id: "59a21df9dce0b1045f716637", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21df9dce0b1045f716637" + } + ] +} +2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 03:18:49 -------------------------------------------------------------------------------- +2017-08-27 03:18:49 Request: +User: "tobkle", role: "user", id: "59a21df9dce0b1045f716637", +Operation: "", variables: "", +Query: +{ + user(id: "59a21df9dce0b1045f716637") { + username + } +} + +2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21df9dce0b1045f716637" + } + ] +} +2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 03:18:49 -------------------------------------------------------------------------------- +2017-08-27 03:18:49 Request: +User: "tobkle", role: "user", id: "59a21df9dce0b1045f716637", +Operation: "", variables: "", +Query: +{ + user(id: "59a21df9dce0b1045f716637") { + username + role + } +} + +2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21df9dce0b1045f716637" + } + ] +} +2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 03:18:49 -------------------------------------------------------------------------------- +2017-08-27 03:18:49 Request: +User: "tobkle", role: "user", id: "59a21df9dce0b1045f716637", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21df9dce0b1045f716637" + } + ] +} +2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 03:18:49 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21df9dce0b1045f716637" + } + ] +} +2017-08-27 03:18:49 ERROR update user not possible for 583291a1638566b3c5a92ca1. +2017-08-27 03:18:49 -------------------------------------------------------------------------------- +2017-08-27 03:18:49 Request: +User: "tobkle", role: "user", id: "59a21df9dce0b1045f716637", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a21df9dce0b1045f716637", input: {username: "tobkle", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21df9dce0b1045f716637" + } + ] +} +2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 03:18:49 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21df9dce0b1045f716637" + } + ] +} +2017-08-27 03:18:49 updated user 59a21df9dce0b1045f716637. +2017-08-27 03:18:49 -------------------------------------------------------------------------------- +2017-08-27 03:18:49 Request: +User: "tobkle", role: "user", id: "59a21df9dce0b1045f716637", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a21df9dce0b1045f716637", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21df9dce0b1045f716637" + } + ] +} +2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 03:18:49 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21df9dce0b1045f716637" + } + ] +} +2017-08-27 03:18:49 updated user 59a21df9dce0b1045f716637. +2017-08-27 03:18:49 -------------------------------------------------------------------------------- +2017-08-27 03:18:49 Request: +User: "tobkle", role: "user", id: "59a21df9dce0b1045f716637", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21df9dce0b1045f716637" + } + ] +} +2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 03:18:49 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21df9dce0b1045f716637" + } + ] +} +2017-08-27 03:18:49 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-08-27 03:18:49 -------------------------------------------------------------------------------- +2017-08-27 03:18:49 Request: +User: "tobkle", role: "user", id: "59a21df9dce0b1045f716637", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59a21df9dce0b1045f716637", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21df9dce0b1045f716637" + } + ] +} +2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 03:18:49 Authorize create 'createTweet' with user 'tobkle' and role: 'user' is authorized by docRole. +2017-08-27 03:18:49 inserted tweet 59a21df9dce0b1045f716638. +2017-08-27 03:18:49 -------------------------------------------------------------------------------- +2017-08-27 03:18:49 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. +2017-08-27 03:18:49 Request: +User: "tobkle", role: "user", id: "59a21df9dce0b1045f716637", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21df9dce0b1045f716637" + } + ] +} +2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 03:18:49 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. +2017-08-27 03:18:49 -------------------------------------------------------------------------------- +2017-08-27 03:18:49 Request: +User: "tobkle", role: "user", id: "59a21df9dce0b1045f716637", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a21df9dce0b1045f716638") { + author { + id + } + body + } +} + +2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21df9dce0b1045f716637" + } + ] +} +2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 03:18:49 -------------------------------------------------------------------------------- +2017-08-27 03:18:49 Request: +User: "tobkle", role: "user", id: "59a21df9dce0b1045f716637", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21df9dce0b1045f716637" + } + ] +} +2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 03:18:49 -------------------------------------------------------------------------------- +2017-08-27 03:18:49 Request: +User: "tobkle", role: "user", id: "59a21df9dce0b1045f716637", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59a21df9dce0b1045f716638", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21df9dce0b1045f716637" + } + ] +} +2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 03:18:49 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59a21df9dce0b1045f716637" + }, + { + "coauthorsIds": "59a21df9dce0b1045f716637" + } + ] +} +2017-08-27 03:18:49 updated tweet 59a21df9dce0b1045f716638. +2017-08-27 03:18:49 -------------------------------------------------------------------------------- +2017-08-27 03:18:49 Request: +User: "tobkle", role: "user", id: "59a21df9dce0b1045f716637", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21df9dce0b1045f716637" + } + ] +} +2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 03:18:49 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59a21df9dce0b1045f716637" + }, + { + "coauthorsIds": "59a21df9dce0b1045f716637" + } + ] +} +2017-08-27 03:18:49 ERROR update tweet not possible for 583676d3618530145474e352. +2017-08-27 03:18:49 -------------------------------------------------------------------------------- +2017-08-27 03:18:49 Request: +User: "tobkle", role: "user", id: "59a21df9dce0b1045f716637", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a21df9dce0b1045f716638") { + body + } +} + +2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21df9dce0b1045f716637" + } + ] +} +2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 03:18:49 -------------------------------------------------------------------------------- +2017-08-27 03:18:49 Request: +User: "tobkle", role: "user", id: "59a21df9dce0b1045f716637", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59a21df9dce0b1045f716638") +} + +2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21df9dce0b1045f716637" + } + ] +} +2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 03:18:49 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59a21df9dce0b1045f716637" + } + ] +} +2017-08-27 03:18:49 removed tweet 59a21df9dce0b1045f716638. +2017-08-27 03:18:49 -------------------------------------------------------------------------------- +2017-08-27 03:18:49 Request: +User: "tobkle", role: "user", id: "59a21df9dce0b1045f716637", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21df9dce0b1045f716637" + } + ] +} +2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 03:18:49 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59a21df9dce0b1045f716637" + } + ] +} +2017-08-27 03:18:49 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-08-27 03:18:49 -------------------------------------------------------------------------------- +2017-08-27 03:18:49 Request: +User: "tobkle", role: "user", id: "59a21df9dce0b1045f716637", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a21df9dce0b1045f716638") { + body + } +} + +2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21df9dce0b1045f716637" + } + ] +} +2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 03:18:49 -------------------------------------------------------------------------------- +2017-08-27 03:18:49 Request: +User: "tobkle", role: "user", id: "59a21df9dce0b1045f716637", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59a21df9dce0b1045f716637") +} + +2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21df9dce0b1045f716637" + } + ] +} +2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-27 03:18:49 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59a21df9dce0b1045f716637" + } + ] +} +2017-08-27 03:18:49 removed user 59a21df9dce0b1045f716637. +2017-08-27 03:18:49 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:18:49 -------------------------------------------------------------------------------- +2017-08-27 03:18:49 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59a21df9dce0b1045f716637") { + username + bio + role + } +} + +2017-08-27 03:18:49 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-27 03:18:49 -------------------------------------------------------------------------------- +2017-08-27 03:18:49 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "editor"}) { + id + role + } +} + +2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:49 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-27 03:18:49 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-27 03:18:49 inserted user 59a21df9dce0b1045f716639. +2017-08-27 03:18:49 -------------------------------------------------------------------------------- +2017-08-27 03:18:49 Request: +User: "tobkle", role: "editor", id: "59a21df9dce0b1045f716639", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {email: "zol@gmail.com", password: "password", username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21df9dce0b1045f716639" + } + ] +} +2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-27 03:18:49 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. +2017-08-27 03:18:49 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. +2017-08-27 03:18:49 -------------------------------------------------------------------------------- +2017-08-27 03:18:49 Request: +User: "tobkle", role: "editor", id: "59a21df9dce0b1045f716639", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21df9dce0b1045f716639" + } + ] +} +2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-27 03:18:49 -------------------------------------------------------------------------------- +2017-08-27 03:18:49 Request: +User: "tobkle", role: "editor", id: "59a21df9dce0b1045f716639", +Operation: "", variables: "", +Query: +{ + user(id: "59a21df9dce0b1045f716639") { + username + role + } +} + +2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21df9dce0b1045f716639" + } + ] +} +2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-27 03:18:49 -------------------------------------------------------------------------------- +2017-08-27 03:18:49 Request: +User: "tobkle", role: "editor", id: "59a21df9dce0b1045f716639", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21df9dce0b1045f716639" + } + ] +} +2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-27 03:18:49 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21df9dce0b1045f716639" + } + ] +} +2017-08-27 03:18:49 ERROR update user not possible for 583291a1638566b3c5a92ca1. +2017-08-27 03:18:49 -------------------------------------------------------------------------------- +2017-08-27 03:18:49 Request: +User: "tobkle", role: "editor", id: "59a21df9dce0b1045f716639", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a21df9dce0b1045f716639", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21df9dce0b1045f716639" + } + ] +} +2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-27 03:18:49 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21df9dce0b1045f716639" + } + ] +} +2017-08-27 03:18:49 updated user 59a21df9dce0b1045f716639. +2017-08-27 03:18:49 -------------------------------------------------------------------------------- +2017-08-27 03:18:49 Request: +User: "tmeasday", role: "editor", id: "59a21df9dce0b1045f716639", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a21df9dce0b1045f716639", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21df9dce0b1045f716639" + } + ] +} +2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-27 03:18:49 Authorize update 'updateUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21df9dce0b1045f716639" + } + ] +} +2017-08-27 03:18:49 updated user 59a21df9dce0b1045f716639. +2017-08-27 03:18:49 -------------------------------------------------------------------------------- +2017-08-27 03:18:49 Request: +User: "tmeasday", role: "editor", id: "59a21df9dce0b1045f716639", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21df9dce0b1045f716639" + } + ] +} +2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-27 03:18:49 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21df9dce0b1045f716639" + } + ] +} +2017-08-27 03:18:49 ERROR remove user not possible for 583291a1638566b3c5a92ca1. +2017-08-27 03:18:49 -------------------------------------------------------------------------------- +2017-08-27 03:18:49 Request: +User: "tmeasday", role: "editor", id: "59a21df9dce0b1045f716639", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59a21df9dce0b1045f716639", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21df9dce0b1045f716639" + } + ] +} +2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-27 03:18:49 Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is authorized by docRole. +2017-08-27 03:18:49 inserted tweet 59a21df9dce0b1045f71663a. +2017-08-27 03:18:49 -------------------------------------------------------------------------------- +2017-08-27 03:18:49 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. +2017-08-27 03:18:49 Request: +User: "tmeasday", role: "editor", id: "59a21df9dce0b1045f716639", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21df9dce0b1045f716639" + } + ] +} +2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-27 03:18:49 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. +2017-08-27 03:18:49 -------------------------------------------------------------------------------- +2017-08-27 03:18:49 Request: +User: "tmeasday", role: "editor", id: "59a21df9dce0b1045f716639", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a21df9dce0b1045f71663a") { + author { + id + } + body + } +} + +2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21df9dce0b1045f716639" + } + ] +} +2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-27 03:18:49 -------------------------------------------------------------------------------- +2017-08-27 03:18:49 Request: +User: "tmeasday", role: "editor", id: "59a21df9dce0b1045f716639", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21df9dce0b1045f716639" + } + ] +} +2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-27 03:18:49 -------------------------------------------------------------------------------- +2017-08-27 03:18:49 Request: +User: "tmeasday", role: "editor", id: "59a21df9dce0b1045f716639", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59a21df9dce0b1045f71663a", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21df9dce0b1045f716639" + } + ] +} +2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-27 03:18:49 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59a21df9dce0b1045f716639" + }, + { + "coauthorsIds": "59a21df9dce0b1045f716639" + } + ] +} +2017-08-27 03:18:49 updated tweet 59a21df9dce0b1045f71663a. +2017-08-27 03:18:49 -------------------------------------------------------------------------------- +2017-08-27 03:18:49 Request: +User: "tmeasday", role: "editor", id: "59a21df9dce0b1045f716639", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21df9dce0b1045f716639" + } + ] +} +2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-27 03:18:49 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59a21df9dce0b1045f716639" + }, + { + "coauthorsIds": "59a21df9dce0b1045f716639" + } + ] +} +2017-08-27 03:18:49 ERROR update tweet not possible for 583676d3618530145474e352. +2017-08-27 03:18:49 -------------------------------------------------------------------------------- +2017-08-27 03:18:49 Request: +User: "tmeasday", role: "editor", id: "59a21df9dce0b1045f716639", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a21df9dce0b1045f71663a") { + body + } +} + +2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21df9dce0b1045f716639" + } + ] +} +2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-27 03:18:49 -------------------------------------------------------------------------------- +2017-08-27 03:18:49 Request: +User: "tmeasday", role: "editor", id: "59a21df9dce0b1045f716639", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59a21df9dce0b1045f71663a") +} + +2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21df9dce0b1045f716639" + } + ] +} +2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-27 03:18:49 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59a21df9dce0b1045f716639" + } + ] +} +2017-08-27 03:18:49 removed tweet 59a21df9dce0b1045f71663a. +2017-08-27 03:18:49 -------------------------------------------------------------------------------- +2017-08-27 03:18:49 Request: +User: "tmeasday", role: "editor", id: "59a21df9dce0b1045f716639", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21df9dce0b1045f716639" + } + ] +} +2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-27 03:18:49 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59a21df9dce0b1045f716639" + } + ] +} +2017-08-27 03:18:49 ERROR remove tweet not possible for 583676d3618530145474e352. +2017-08-27 03:18:49 -------------------------------------------------------------------------------- +2017-08-27 03:18:49 Request: +User: "tmeasday", role: "editor", id: "59a21df9dce0b1045f716639", +Operation: "", variables: "", +Query: +{ + tweet(id: "59a21df9dce0b1045f71663a") { + body + } +} + +2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21df9dce0b1045f716639" + } + ] +} +2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-27 03:18:49 -------------------------------------------------------------------------------- +2017-08-27 03:18:49 Request: +User: "tmeasday", role: "editor", id: "59a21df9dce0b1045f716639", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59a21df9dce0b1045f716639") +} + +2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21df9dce0b1045f716639" + } + ] +} +2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-27 03:18:49 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59a21df9dce0b1045f716639" + } + ] +} +2017-08-27 03:18:49 removed user 59a21df9dce0b1045f716639. +2017-08-27 03:18:49 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:18:49 -------------------------------------------------------------------------------- +2017-08-27 03:18:49 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59a21df9dce0b1045f716639") { + username + bio + role + } +} + +2017-08-27 03:18:49 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized diff --git a/test/output-app/model/User.js b/test/output-app/model/User.js index b472e1a..fc07005 100644 --- a/test/output-app/model/User.js +++ b/test/output-app/model/User.js @@ -1,5 +1,7 @@ import DataLoader from 'dataloader'; import { findByIds, queryForRoles, getLogFilename, logger, authlog, checkAuthDoc, protectFields } from 'create-graphql-server-authorization'; +import bcrypt from 'bcrypt'; +const SALT_ROUNDS = 10; const log = logger(getLogFilename()); export default class User { @@ -65,7 +67,11 @@ export default class User { async insert(doc, me, resolver) { try { - let docToInsert = Object.assign({}, doc, { + // We don't want to store passwords plaintext! + const { password, ...rest } = doc; + const hash = await bcrypt.hash(password, SALT_ROUNDS); + let docToInsert = Object.assign({}, rest, { + hash, createdAt: Date.now(), updatedAt: Date.now(), createdById: (me && me._id) ? me._id : 'unknown', diff --git a/test/output-app/package.json b/test/output-app/package.json index 8e13d69..bb31633 100644 --- a/test/output-app/package.json +++ b/test/output-app/package.json @@ -39,7 +39,7 @@ "bcrypt": "^1.0.2", "body-parser": "1.15.2", "cors": "^2.8.1", - "create-graphql-server-authorization": "^0.0.33", + "create-graphql-server-authorization": "^0.0.35", "dataloader": "^1.2.0", "denodeify": "^1.2.1", "dotenv": "2.0.0", diff --git a/test/output-app/schema/Tweet.graphql b/test/output-app/schema/Tweet.graphql index 62a7b47..2257803 100644 --- a/test/output-app/schema/Tweet.graphql +++ b/test/output-app/schema/Tweet.graphql @@ -4,10 +4,10 @@ type Tweet @authorize(admin: ["create", "read", "update", "delete"], author: ["c coauthors(lastCreatedAt: Float, limit: Int): [User] body: String likers(lastCreatedAt: Float, limit: Int): [User] - createdAt: Float! - updatedAt: Float! createdBy: User updatedBy: User + createdAt: Float! + updatedAt: Float! } extend type Query { diff --git a/test/output-app/schema/User.graphql b/test/output-app/schema/User.graphql index 819db64..0b74c22 100644 --- a/test/output-app/schema/User.graphql +++ b/test/output-app/schema/User.graphql @@ -1,17 +1,18 @@ type User @authorize(admin: ["create", "read", "update", "delete"], this: ["create", "read", "update", "delete"]) { id: ObjID! role: String - username: String! + email: String! + username: String bio: String notify: Boolean tweets(minLikes: Int, lastCreatedAt: Float, limit: Int): [Tweet] liked(lastCreatedAt: Float, limit: Int): [Tweet] following(lastCreatedAt: Float, limit: Int): [User] followers(lastCreatedAt: Float, limit: Int): [User] - createdAt: Float! - updatedAt: Float! createdBy: User updatedBy: User + createdAt: Float! + updatedAt: Float! } extend type Query { @@ -21,18 +22,21 @@ extend type Query { input CreateUserInput { role: String - username: String! + email: String! + username: String bio: String notify: Boolean tweetsIds: [ObjID] likedIds: [ObjID] followingIds: [ObjID] followersIds: [ObjID] + password: String! } input UpdateUserInput { role: String - username: String! + email: String + username: String bio: String notify: Boolean tweetsIds: [ObjID] diff --git a/test/output-app/yarn.lock b/test/output-app/yarn.lock index 8e5b238..e8ad9ae 100644 --- a/test/output-app/yarn.lock +++ b/test/output-app/yarn.lock @@ -1224,9 +1224,9 @@ crc@3.4.0: version "3.4.0" resolved "https://registry.yarnpkg.com/crc/-/crc-3.4.0.tgz#4258e351613a74ef1153dfcb05e820c3e9715d7f" -create-graphql-server-authorization@^0.0.33: - version "0.0.33" - resolved "https://registry.yarnpkg.com/create-graphql-server-authorization/-/create-graphql-server-authorization-0.0.33.tgz#17c36eb43533a81a03617cb1055a29a588a60d10" +create-graphql-server-authorization@^0.0.35: + version "0.0.35" + resolved "https://registry.yarnpkg.com/create-graphql-server-authorization/-/create-graphql-server-authorization-0.0.35.tgz#86f102e339bef86a009879c51c25dfcb91175778" dependencies: global "^4.3.2" iterall "^1.1.0" diff --git a/yarn.lock b/yarn.lock index b1167c7..9ea84a4 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1091,9 +1091,9 @@ cpr@^2.0.0: mkdirp "~0.5.1" rimraf "^2.5.4" -create-graphql-server-authorization@^0.0.33: - version "0.0.33" - resolved "https://registry.yarnpkg.com/create-graphql-server-authorization/-/create-graphql-server-authorization-0.0.33.tgz#17c36eb43533a81a03617cb1055a29a588a60d10" +create-graphql-server-authorization@^0.0.35: + version "0.0.35" + resolved "https://registry.yarnpkg.com/create-graphql-server-authorization/-/create-graphql-server-authorization-0.0.35.tgz#86f102e339bef86a009879c51c25dfcb91175778" dependencies: global "^4.3.2" iterall "^1.1.0" From 4323c5d737c99d234bec7750fa125a657bf9d426 Mon Sep 17 00:00:00 2001 From: tobkle Date: Fri, 1 Sep 2017 00:48:02 +0200 Subject: [PATCH 66/69] generator implanted --- bin/gentest.js | 44 + bin/test-model-generator.js | 19 - generate/constants.js | 92 + generate/getCode.js | 164 + generate/getContext.js | 186 + generate/getName.js | 30 + generate/getPartials.js | 82 + generate/index.js | 25 +- generate/model/index.js | 51 +- generate/schema/index.js | 23 +- .../common/defaultPaginatedField.template | 9 + .../common/defaultSingularField.template | 8 + .../model/default/authorize_default.template | 139 + .../templates/model/default/default.template | 5 + .../model/default/default_default.template | 88 + .../model/user/authorize_user.template | 161 + .../model/user/default_user.template | 94 + generate/templates/model/user/user.template | 5 + .../common/defaultPaginatedField.template | 4 + .../common/defaultSingularField.template | 4 + .../resolver/default/auth_default.template | 52 + .../resolver/default/default.template | 5 + .../resolver/default/default_default.template | 44 + generate/util/generatePerField.js | 1 + generate/util/prep.js | 14 + package.json | 7 +- skel/package.json | 2 +- test/output-app/index.js | 2 +- test/output-app/log/all-logs-readable.log | 46105 ++-------------- test/output-app/model/Tweet.js | 165 +- test/output-app/model/User.js | 186 +- test/output-app/package.json | 2 +- test/output-app/server/index.js | 2 +- test/output-app/yarn.lock | 165 +- yarn.lock | 155 +- 35 files changed, 5598 insertions(+), 42542 deletions(-) create mode 100755 bin/gentest.js delete mode 100644 bin/test-model-generator.js create mode 100644 generate/constants.js create mode 100644 generate/getCode.js create mode 100644 generate/getContext.js create mode 100644 generate/getName.js create mode 100644 generate/getPartials.js create mode 100644 generate/templates/model/common/defaultPaginatedField.template create mode 100644 generate/templates/model/common/defaultSingularField.template create mode 100644 generate/templates/model/default/authorize_default.template create mode 100644 generate/templates/model/default/default.template create mode 100644 generate/templates/model/default/default_default.template create mode 100644 generate/templates/model/user/authorize_user.template create mode 100644 generate/templates/model/user/default_user.template create mode 100644 generate/templates/model/user/user.template create mode 100644 generate/templates/resolver/common/defaultPaginatedField.template create mode 100644 generate/templates/resolver/common/defaultSingularField.template create mode 100644 generate/templates/resolver/default/auth_default.template create mode 100644 generate/templates/resolver/default/default.template create mode 100644 generate/templates/resolver/default/default_default.template create mode 100644 generate/util/prep.js diff --git a/bin/gentest.js b/bin/gentest.js new file mode 100755 index 0000000..73f934e --- /dev/null +++ b/bin/gentest.js @@ -0,0 +1,44 @@ +#!/usr/bin/env babel-node --inspect +/* eslint-disable no-console */ + +var exec = require('child_process').exec; +import fs from 'fs'; +import path from 'path'; +import os from 'os'; +import minimist from 'minimist'; +import { parse, print } from 'graphql'; +import readInput from '../generate/read'; +import { getCode } from '../generate/getCode'; +import generateSchema from '../generate/schema'; +import { generateResolver, generateModel } from '../generate'; + +const argv = minimist(process.argv.slice(2)); +const commands = argv._; +const file = commands[0] || path.join('test', 'input', 'User.graphql'); + +const inputSchema = readInput(file); +const outputSchema = generateSchema(inputSchema); +const outputSchemaStr = print(outputSchema); +const modelCode = generateModel(inputSchema); +const resolverCode = generateResolver(inputSchema); + +console.log('\n\INPUT:\n\n', file); +console.log('\n\nSCHEMA:\n\n', outputSchemaStr); +console.log('\n\MODEL:\n\n', modelCode); +console.log('\n\RESOLVER:\n\n', resolverCode, '\n\n'); + +writeFile(file, print(inputSchema), '.input'); +writeFile(file, outputSchemaStr, '.graphql'); +writeFile(file, modelCode, '.model.js'); +writeFile(file, resolverCode, '.resolver.js'); + +process.exit(0); + +function writeFile(file, data, type) { + const tmpdir = os.tmpdir(); + const filename = path.basename(file, '.graphql'); + const newPath = path.join(tmpdir, filename + type); + console.log('writing to and open in sublime editor...', newPath); + fs.writeFileSync(newPath, data, 'utf8'); + exec(`subl ${newPath}`); +} \ No newline at end of file diff --git a/bin/test-model-generator.js b/bin/test-model-generator.js deleted file mode 100644 index 16d7ae1..0000000 --- a/bin/test-model-generator.js +++ /dev/null @@ -1,19 +0,0 @@ -import { describe, it } from 'mocha'; -import chai, { expect } from 'chai'; -import chaiDiff from 'chai-diff'; -import fs from 'fs'; -import { print } from 'graphql'; - -import readInput from '../generate/read'; -import generateSchema from '../generate/schema'; -import generateResolvers from '../generate/resolvers'; -import generateModel from '../generate/model'; - -const input = readInput(`${__dirname}/../test/input/User.graphql`); -// const input = readInput(`${__dirname}/../test/input/Tweet.graphql`); -const schema = generateSchema(input); -const resolverOutput = generateResolvers(input, schema); -const modelOutput = generateModel(input, schema); - -console.log(print(schema)); -// console.log(modelOutput); \ No newline at end of file diff --git a/generate/constants.js b/generate/constants.js new file mode 100644 index 0000000..5925f2b --- /dev/null +++ b/generate/constants.js @@ -0,0 +1,92 @@ +// @flow +/* eslint-disable max-len */ +/* eslint-disable flowtype/no-weak-types */ + +// kinds from graphql language +export { + NAME, + ARGUMENT, + NAMED_TYPE, + LIST_TYPE, + NON_NULL_TYPE, + FIELD_DEFINITION, + DIRECTIVE, + LIST, + STRING +} from 'graphql/language/kinds'; + +// files encoding +export const ENCODING = 'utf8'; + +// templates naming +export const TEMPLATE_EXTENSION = '.template'; +export const TEMPLATES_DIR = 'templates'; +export const TEMPLATES_MODEL_DIR = 'model'; +export const TEMPLATES_RESOLVER_DIR = 'resolver'; +export const TEMPLATES_AUTH_DIR = 'auth'; +export const TEMPLATES_COMMON_DIR = 'common'; +export const TEMPLATES_DEFAULT_DIR = 'default'; +export const TEMPLATES_DEFAULT_TEMPLATE = 'default'; + +export const SINGULAR = 'singular'; +export const PAGINATED = 'paginated'; + +// test directories +export const SRC_DIR = 'src'; +export const TEST_DIR = '__tests__'; +export const TEST_GQL_DATA = 'data'; +export const TEST_CODE = 'code'; +export const TEST_MODEL = 'model'; +export const TEST_RESOLVER = 'resolver'; +export const TEST_GQL_EXTENSION = '.graphql'; +export const TEST_EXPECTED_CODE = 'expected'; +export const TEST_GENERATED_CODE = 'generated'; +export const TEST_MODEL_EXTENSION = '.js'; +export const TEST_MODEL_EXTENSION2 = 'model'; +export const TEST_RESOLVER_EXTENSION = '.js'; +export const TEST_RESOLVER_EXTENSION2 = 'resolver'; + +// name of the @authorize directive, which triggers authorization logic +export const AUTHORIZE_DIRECTIVE = 'authorize'; + +// authorization modes +export const CREATE = 'create'; +export const READ = 'read'; // 'read' means both, 'readOne' and 'readMany' +export const READ_ONE = 'readOne'; +export const READ_MANY = 'readMany'; +export const UPDATE = 'update'; +export const DELETE = 'delete'; + +// valid input modes from @authorize directive +export const MODES = [CREATE, READ, READ_ONE, READ_MANY, UPDATE, DELETE]; + +// valid output mode for code generator +export const CODE_MODES = [CREATE, READ_ONE, READ_MANY, UPDATE, DELETE]; + +// for the role definitions +export const AUTH_ROLE = 'authRole'; +export const USER_ROLE = 'userRole'; +export const DOC_ROLE = 'docRole'; +export const FOR = 'for'; +export const USER_MODEL = 'user'; +export const STRING_LITERAL = 'String'; +export const STRING_LIST = '[String]'; +export const USER_LITERAL = 'User'; +export const USER_LIST = '[User]'; +export const ROLE_FIELD_DEFAULT = 'role'; + +// handling of id +export const ID_FIELD = '_id'; +export const ID_SINGULAR = 'Id'; +export const ID_PLURAL = 'Ids'; + +// special roles +export const THIS = 'this'; +export const WORLD = 'world'; +export const NO_ROLE = ''; +export const NO_USER = ''; + +// loglevel, maximum logfile size, maximum number of logfiles +export const LOG_LEVEL = 'debug'; +export const LOG_MAX_FILES = 5; +export const LOG_MAX_SIZE = 5; diff --git a/generate/getCode.js b/generate/getCode.js new file mode 100644 index 0000000..6e62d70 --- /dev/null +++ b/generate/getCode.js @@ -0,0 +1,164 @@ +// @flow +import Handlebars from 'handlebars'; +import { getContext } from './getContext'; +import { getPartials } from './getPartials'; +import { getName } from './getName'; +import { + ENCODING, + USER_LITERAL, + TEMPLATE_EXTENSION, + TEMPLATES_DIR, + TEMPLATES_MODEL_DIR, + TEMPLATES_COMMON_DIR, + TEMPLATES_DEFAULT_DIR, + TEMPLATES_AUTH_DIR, + TEMPLATES_DEFAULT_TEMPLATE +} from './constants'; + +/** + * get generated code from template partials + * @public + * @param {Object} config - configuration object + * @property {object} inputSchema - schema of the type + * @property {string} userType - the user type + * @property {string} defaultTemplate - name of the start template + * @property {array} basePath - path to the base templates directory + * @property {string} baseExtension - file extension '.template' + * @property {string} baseEncoding - base file encoding 'utf8' + * @property {string} baseCommonDir - commonly used template partials + * @property {string} baseDefaultDir - default directory for templates + * @property {function} baseGetNameFunc - calculate the name of a partial + * @property {array} authPath - path to the authorization templates directory + * @property {string} authExtension - auth file encoding 'utf8' + * @property {string} authEncoding - auth file encoding + * @property {string} authCommonDir - commonly used auth template partials + * @property {string} authDefaultDir - default directory for auth templates + * @property {function} authGetNameFunc - calculate tne name of a partial + * @return {string} code - generated code for a model + */ + +export function getCode({ + userType = USER_LITERAL, + inputSchema = {}, + defaultTemplate = TEMPLATES_DEFAULT_TEMPLATE, + basePath = [TEMPLATES_DIR, TEMPLATES_MODEL_DIR, TEMPLATES_DEFAULT_DIR], + baseExtension = TEMPLATE_EXTENSION, + baseEncoding = ENCODING, + baseCommonDir = TEMPLATES_COMMON_DIR, + baseDefaultDir = TEMPLATES_DEFAULT_DIR, + baseGetNameFunc = getName, + authPath = [TEMPLATES_DIR, TEMPLATES_MODEL_DIR, TEMPLATES_AUTH_DIR], + authExtension = TEMPLATE_EXTENSION, + authEncoding = ENCODING, + authCommonDir = TEMPLATES_COMMON_DIR, + authDefaultDir = TEMPLATES_DEFAULT_DIR, + authGetNameFunc = getName +}) { + // partials dictionary for template resolution + const partials = {}; + + function compile(templates) { + templates.forEach(partial => { + partials[partial.name] = Handlebars.compile(partial.source); + Handlebars.registerPartial(partial.name, partials[partial.name]); + }); + } + + Handlebars.registerHelper('foreach', function(arr, options) { + if (options.inverse && !arr.length) { + return options.inverse(this); + } + return arr + .map(function(item, index) { + item.$index = index; + item.$first = index === 0; + item.$last = index === arr.length - 1; + item.$notFirst = index !== 0; + item.$notLast = index !== arr.length - 1; + return options.fn(item); + }) + .join(''); + }); + + // getting data context + const context = getContext(inputSchema, userType); + const typeName = context.typeName; + + // getting common partial templates + const baseCommonPartials = getPartials({ + basePath, + directoryPath: [baseCommonDir], + extension: baseExtension, + encoding: baseEncoding, + getNameFunc: baseGetNameFunc + }); + + // getting type specific partial templates + let baseTypePartials = getPartials({ + basePath, + directoryPath: [typeName], + extension: baseExtension, + encoding: baseEncoding, + getNameFunc: baseGetNameFunc + }); + + // set the start template + let startTemplate = typeName; + + // fallback to default partial templates + if (baseTypePartials.length === 0) { + baseTypePartials = getPartials({ + basePath, + directoryPath: [baseDefaultDir], + extension: baseExtension, + encoding: baseEncoding, + getNameFunc: baseGetNameFunc + }); + // reset start template to the default template, as type template not exists + startTemplate = defaultTemplate; + } + + // getting auth common partial templates + const authCommonPartials = getPartials({ + basePath: authPath, + directoryPath: [authCommonDir], + extension: authExtension, + encoding: authEncoding, + getNameFunc: authGetNameFunc + }); + + // getting auth type specific partial templates + let authTypePartials = getPartials({ + basePath: authPath, + directoryPath: [typeName], + extension: authExtension, + encoding: authEncoding, + getNameFunc: authGetNameFunc + }); + + // fallback to auth default partial templates + if (authTypePartials.length === 0) { + authTypePartials = getPartials({ + basePath: authPath, + directoryPath: [authDefaultDir], + extension: authExtension, + encoding: authEncoding, + getNameFunc: authGetNameFunc + }); + } + + // compile all base partials + compile(baseCommonPartials); + compile(baseTypePartials); + + // compile all auth partials + compile(authCommonPartials); + compile(authTypePartials); + + // run start template with data context + const code = partials[startTemplate](context); + + // return the final model code + return code; + } + \ No newline at end of file diff --git a/generate/getContext.js b/generate/getContext.js new file mode 100644 index 0000000..cda4bc2 --- /dev/null +++ b/generate/getContext.js @@ -0,0 +1,186 @@ +// @flow +/* eslint-disable max-len */ + +import { getRoles, isAuthorizeDirectiveDefined } from 'create-graphql-server-authorization'; +import { lcFirst, ucFirst } from './util/capitalization'; +import generatePerField from './util/generatePerField'; +import { prep } from './util/prep'; + +import { + CREATE, + USER_LITERAL, + ROLE_FIELD_DEFAULT, + SINGULAR, + PAGINATED + } from './constants'; + +/** + * get context for later template compilation + * reads schema and determines data context for code replacements + * @public + * @param {Object} inputSchema - schema of the type + * @param {string} User - name of the user model for User model context + * @return {Object} templateContext - data context for template compilation + * @property {boolean} authorize - if authorization logic is there + * @property {boolean} isUserType- if it is the User type + * @property {string} typeName - name of the type with starting lower case + * @property {string} TypeName - name of the type with starting upper case + * @property {string} User - name of the user model + * @property {Object} userRoles - authorizations matrix for userRole + * @property {Object} docRoles - authorization matrix for docRole + * @property {string} firstUserRole - the role for protectFields + * @property {string} roleField - field name where the userRole is stored + * @property {array} singularFields - fields array + * @property {array} paginatedFields - fields array + */ + +export function getContext(inputSchema = {}, User = USER_LITERAL) { + // for field generation + // prepare template context for later compilation + const authorize = isAuthorizeDirectiveDefined(inputSchema); + + // read TypeName out of inputSchema + const TypeName = inputSchema.definitions[0].name.value; + const typeName = lcFirst(TypeName); + const isUserType = TypeName === User; + const { userRoles, docRoles, roleFieldName } = getRoles( + authorize, + inputSchema + ); + + // get generated fields + const { singularFields, paginatedFields } = getFields(inputSchema); + + // protectFields only on the user type + // roleField shouldn't be empty out, otherwise syntax errors occurs + // it checks, if the field is really there + // take the first userRole into the protectFields as a suggestion + // to the programmer, assuming this is the most important role, + // with higher authorization (see in README.md) + + const firstUserRole = userRoles[CREATE][0] ? userRoles[CREATE][0] : ``; + const roleField = roleFieldName + ? `${roleFieldName}` + : `${ROLE_FIELD_DEFAULT}`; + + Object.keys(userRoles).forEach(mode => { + userRoles[mode] = prep(userRoles[mode]); + }); + + Object.keys(userRoles).forEach(mode => { + docRoles[mode] = prep(docRoles[mode]); + }); + + return { + authorize, + isUserType, + typeName, + TypeName, + User, + userRoles, + docRoles, + firstUserRole, + roleField, + singularFields, + paginatedFields + }; +} + +/** + * get fields contexts for singular and paginated associations + * @param {Object} inputSchema - schema of the type + * @return {Object} fields - fields for associations + * @property singularFields - fields for singular associations + * @property paginatedFields - fields for paginated associations + */ + +function getFields(inputSchema) { + // field generator logic + const type = inputSchema.definitions[0]; + const singularFields = []; + const paginatedFields = []; + + const generators = { + belongsTo(replacements) { + const field = getFieldContext(SINGULAR, replacements); + singularFields.push(field); + return field; + }, + belongsToMany(replacements) { + const { typeName, fieldName } = replacements; + const field = getFieldContext(PAGINATED, { + ...replacements, + query: `_id: { $in: ${typeName}.${fieldName}Ids || [] }` + }); + paginatedFields.push(field); + return field; + }, + hasMany(replacements, { as }) { + const { typeName } = replacements; + const field = getFieldContext(PAGINATED, { + ...replacements, + query: `${as || typeName}Id: ${typeName}._id` + }); + paginatedFields.push(field); + return field; + }, + hasAndBelongsToMany(replacements, { as }) { + const { typeName } = replacements; + const field = getFieldContext(PAGINATED, { + ...replacements, + query: `${as || typeName}Ids: ${typeName}._id` + }); + paginatedFields.push(field); + return field; + } + }; + + generatePerField(type, generators); + + return { singularFields, paginatedFields }; +} + +/** + * gets context of one field + * @param {string} fieldtype - SINGULAR or PAGINATED + * @param {object} context - context for the template partial + * @property {string} typeName - name of the type + * @property {string} fieldName - name of the field + * @property {string} argsStr - arguments of the field + * @property {string} ReturnTypeName - type to reference + * @property {string} query - query for the data access + * @return {Object} field - field for an association + * @property {string} fieldType - SINGULAR or PAGINATED + * @property {string} fieldName - name of the field + * @property {string} typeName - name of the type with first lower character + * @property {string} TypeName - name of the type with first upper character + * @property {string} ReturnTypeName - name of the type to associate + * @property {string} argsString - argument string for parameters + * @property {string} argsFields - fields to pass on to the association + * @property {string} query - which fields to query during association + */ + +function getFieldContext( + fieldType, + { typeName, fieldName, argsStr, ReturnTypeName, query } +) { + let argFields = (' ' + argsStr).slice(1); + const argsWithDefaultsStr = argsStr + .replace('lastCreatedAt', 'lastCreatedAt = 0') + .replace('limit', 'limit = 10'); + if (fieldType === PAGINATED && argFields !== '') { + argFields = argFields.replace('{ ', '{ baseQuery, '); + } + const field = { + fieldType: fieldType || '', + fieldName: fieldName || '', + typeName: typeName || '', + TypeName: ucFirst(typeName) || '', + ReturnTypeName: ReturnTypeName || '', + argsString: argsWithDefaultsStr || '', + argsFields: argFields || '', + query: query || '' + }; + return field; +} + diff --git a/generate/getName.js b/generate/getName.js new file mode 100644 index 0000000..8129423 --- /dev/null +++ b/generate/getName.js @@ -0,0 +1,30 @@ +// @flow + +import path from 'path'; + +/** + * get the name of the partial template according to default naming convention + * defines the name of the partial template in its directory structure + * prepare name prefix: take just partial name on root template directory + * on deeper directory structures, prefix directory name to partial name + * @private + * @param {array} directoryPath - partials directory name parts + * @param {string} filename - file name of the partial template + * @param {string} extension - file extension + * @return {string} name - name of the partial + * + * @example + * name = hello {base}/hello.template + * name = auth_hello {base}/auth/hello.template + * name = auth_special_hello {base}/auth/special/hello.template + */ + +export function getName(directoryPath, filename, extension) { + const dirClone = [...directoryPath]; + let prefix = ''; + if (dirClone.length > 1) { + dirClone.shift(); + prefix = dirClone.reduce((str, dir) => str.concat(dir, '_'), ''); + } + return prefix.concat(path.basename(filename, extension)); +} diff --git a/generate/getPartials.js b/generate/getPartials.js new file mode 100644 index 0000000..50017e8 --- /dev/null +++ b/generate/getPartials.js @@ -0,0 +1,82 @@ +// @flow + +import fs from 'fs'; +import path from 'path'; +import { TEMPLATE_EXTENSION, ENCODING } from './constants'; +import { getName } from './getName'; + +/** + * reads all available partials of a template directory + * @public + * @param {Object} configPartial - configuration object + * @property {array} basePath - base directory to start reading + * @property {array} directoryPath - partials directory name parts + * @property {array} extension - extension name for template files '.template' + * @property {array} encoding - encoding of template files 'utf8' + * @property {Function} getNameFunc - optional, + * otherwise getDefaultName function is used + * @return {array} partials - repository with all partials + * + * @example + * partials = [ + * { + * "name": "hello", + * "path": "templates/default/hello.template", + * "source": "console.log('Hello World')" + * } + * ] + */ + +export function getPartials({ + basePath = [], + directoryPath = [], + extension = TEMPLATE_EXTENSION, + encoding = ENCODING, + getNameFunc = getName +}) { + const partialsDirectory = path.join(...basePath, ...directoryPath); + let partials = []; + + if ( + !fs.existsSync(partialsDirectory) || + !fs.statSync(partialsDirectory).isDirectory() + ) { + return partials; + } + + function filter_and_recursion_processing(file) { + const filePath = path.join(...basePath, ...directoryPath, file); + if (path.extname(file) === extension) { + // partial file is found, do processing with it later + return file; + } else if (fs.statSync(filePath).isDirectory()) { + // directory found, do recursion and get processed results back + partials = partials.concat( + getPartials({ + basePath, + directoryPath: [...directoryPath, file], + extension, + encoding, + getNameFunc + }) + ); + } + return false; + } + + function partial_processing(file) { + const partial = {}; + partial.name = getNameFunc(directoryPath, file, extension); + partial.path = path.join(...basePath, ...directoryPath, file); + partial.source = fs.readFileSync(partial.path, encoding); + partials.push(partial); + } + + fs + .readdirSync(partialsDirectory) + .filter(filter_and_recursion_processing) + .sort() + .forEach(partial_processing); + + return partials; +} diff --git a/generate/index.js b/generate/index.js index 0574627..73f3b1b 100644 --- a/generate/index.js +++ b/generate/index.js @@ -2,21 +2,18 @@ // but we are generating code. import { parse, print } from 'graphql'; - import generateSchema from './schema'; -import generateResolvers from './resolvers'; -import generateModel from './model'; +import { getCode } from './getCode'; + import { lcFirst } from './util/capitalization'; export default function generate(inputSchemaStr) { const inputSchema = parse(inputSchemaStr); - const type = inputSchema.definitions[0]; const TypeName = type.name.value; - const outputSchema = generateSchema(inputSchema); const outputSchemaStr = print(outputSchema); - const resolversStr = generateResolvers(inputSchema); + const resolversStr = generateResolver(inputSchema); const modelStr = generateModel(inputSchema); return { @@ -27,3 +24,19 @@ export default function generate(inputSchemaStr) { modelStr, }; } + +export function generateModel(inputSchema) { + return getCode({ + inputSchema, + basePath: ['generate', 'templates', 'model'], + authPath: ['node_modules', 'create-graphql-server-authorization', 'templates', 'model', 'auth'] + }); +} + +export function generateResolver(inputSchema) { + return getCode({ + inputSchema, + basePath: ['generate', 'templates', 'resolver'], + authPath: ['node_modules', 'create-graphql-server-authorization', 'templates','resolver', 'auth'] + }); +} diff --git a/generate/model/index.js b/generate/model/index.js index 3a56a71..4eb7359 100644 --- a/generate/model/index.js +++ b/generate/model/index.js @@ -75,40 +75,33 @@ const generators = { function getClassMethods(program){ let classMethodsAst; - if (program && program.body.length > 0){ - program.body.forEach(Node => { - if (Node.type && - Node.type === 'ExportDefaultDeclaration' && - Node.declaration && - Node.declaration.type && - Node.declaration.type === 'ClassDeclaration' && - Node.declaration.body && - Node.declaration.body.type && - Node.declaration.body.type === 'ClassBody' && - Node.declaration.body.body){ - classMethodsAst = Node.declaration.body.body; - } - }); - } + + program.body.forEach(Node => { + + if (Node.type === 'ExportDefaultDeclaration' && + Node.declaration.type === 'ClassDeclaration' && + Node.declaration.body.type === 'ClassBody'){ + classMethodsAst = Node.declaration.body.body; + } + + }); + return classMethodsAst; } function getResolverClassMethod(program){ let classMethodsAst; - if (program && program.body.length > 0){ - program.body.forEach(Node => { - if (Node.type && - Node.type === 'ClassDeclaration' && - Node.body && - Node.body.type && - Node.body.type === 'ClassBody' && - Node.body.body && - Node.body.body.length > 0 && - Node.body.body[0].type === 'ClassMethod'){ - classMethodsAst = Node.body.body[0]; - } - }); - } + + program.body.forEach(Node => { + + if (Node.type === 'ClassDeclaration' && + Node.body.type === 'ClassBody' && + Node.body.body[0].type === 'ClassMethod'){ + classMethodsAst = Node.body.body[0]; + } + + }); + return classMethodsAst; } diff --git a/generate/schema/index.js b/generate/schema/index.js index c2913db..6252207 100644 --- a/generate/schema/index.js +++ b/generate/schema/index.js @@ -20,26 +20,17 @@ import { adjustSchemaForAuthorization } from 'create-graphql-server-authorizatio /* eslint-disable no-param-reassign */ function getType(field){ - if (field && - field.type && - field.type.kind && - (field.type.kind === 'Name' || - field.type.kind === 'NamedType') && - field.type.name && - field.type.name.value) + + if (field.type.kind === 'Name' || + field.type.kind === 'NamedType') return field.type.name.value; - else if (field && - field.type && - field.type.kind && - field.type.kind === 'NonNullType' && - field.type.type && - field.type.type.kind && + + else if (field.type.kind === 'NonNullType' && (field.type.type.kind === 'Name' || - field.type.type.kind === 'NamedType') && - field.type.type.name && - field.type.type.name.value + field.type.type.kind === 'NamedType') ) return field.type.type.name.value; + return ''; } diff --git a/generate/templates/model/common/defaultPaginatedField.template b/generate/templates/model/common/defaultPaginatedField.template new file mode 100644 index 0000000..d7727e1 --- /dev/null +++ b/generate/templates/model/common/defaultPaginatedField.template @@ -0,0 +1,9 @@ + + {{fieldName}}({{typeName}}, {{{argsString}}}, me, resolver) { + const baseQuery = { {{query}} }; + return this.context.{{ReturnTypeName}}.find( + {{argsFields}}, + me, + resolver + ); + } diff --git a/generate/templates/model/common/defaultSingularField.template b/generate/templates/model/common/defaultSingularField.template new file mode 100644 index 0000000..1393488 --- /dev/null +++ b/generate/templates/model/common/defaultSingularField.template @@ -0,0 +1,8 @@ + + {{fieldName}}({{typeName}}, me, resolver) { + return this.context.{{ReturnTypeName}}.findOneById( + {{typeName}}.{{fieldName}}Id, + me, + resolver + ); + } diff --git a/generate/templates/model/default/authorize_default.template b/generate/templates/model/default/authorize_default.template new file mode 100644 index 0000000..c86f711 --- /dev/null +++ b/generate/templates/model/default/authorize_default.template @@ -0,0 +1,139 @@ +/* eslint-disable prettier */ +import { + queryForRoles, + onAuthRegisterLoader, + authlog, + checkAuthDoc +} from 'create-graphql-server-authorization'; + +export default class {{TypeName}} { + constructor(context) { + this.context = context; + this.collection = context.db.collection('{{typeName}}'); + this.pubsub = context.pubsub; + this.log = context.log; + const { me, {{User}} } = context; + queryForRoles( + me, + {{{userRoles.readOne}}}, + {{{docRoles.readOne}}}, + { {{User}} }, + onAuthRegisterLoader('{{typeName}} findOneById', 'readOne', me, this) + ); + } + + async findOneById(id, me, resolver) { + const log = authlog(resolver, 'readOne', me); + if (!this.authorizedLoader) { + log.error('not authorized'); + return null; + } + return await this.authorizedLoader.load(id); + } + + find({ lastCreatedAt = 0, limit = 10, baseQuery = {} }, me, resolver) { + const authQuery = queryForRoles( + me, + {{{userRoles.readMany}}}, + {{{docRoles.readMany}}}, + { {{User}}: this.context.{{User}} }, + authlog(resolver, 'readMany', me) + ); + const finalQuery = { + ...baseQuery, + ...authQuery, + createdAt: { $gt: lastCreatedAt } + }; + return this.collection + .find(finalQuery) + .sort({ createdAt: 1 }) + .limit(limit) + .toArray(); + } +{{#each singularFields}} +{{> defaultSingularField }} +{{/each}} +{{#each paginatedFields}} +{{> defaultPaginatedField }} +{{/each}} + + createdBy({{typeName}}, me, resolver) { + return this.context.{{User}}.findOneById({{typeName}}.createdById, me, resolver); + } + + updatedBy({{typeName}}, me, resolver) { + return this.context.{{User}}.findOneById({{typeName}}.updatedById, me, resolver); + } + + async insert(doc, me, resolver) { + const docToInsert = Object.assign({}, doc, { + createdAt: Date.now(), + updatedAt: Date.now(), + createdById: (me && me._id) ? me._id : 'unknown', + updatedById: (me && me._id) ? me._id : 'unknown', + }); + checkAuthDoc( + docToInsert, + me, + {{{userRoles.create}}}, + {{{docRoles.create}}}, + { {{User}}: this.context.{{User}} }, + authlog(resolver, 'create', me) + ); + const id = (await this.collection.insertOne(docToInsert)).insertedId; + if (!id) { + throw new Error(`insert {{typeName}} not possible.`); + } + this.log.debug(`inserted {{typeName}} ${id}.`); + const insertedDoc = this.findOneById(id, me, 'pubsub {{typeName}}Inserted'); + this.pubsub.publish('{{typeName}}Inserted', insertedDoc); + return insertedDoc; + } + + async updateById(id, doc, me, resolver) { + const docToUpdate = { + $set: Object.assign({}, doc, { + updatedAt: Date.now(), + updatedById: me && me._id ? me._id : 'unknown' + }) + }; + const baseQuery = { _id: id }; + const authQuery = queryForRoles( + me, + {{{userRoles.update}}}, + {{{docRoles.update}}}, + { {{User}}: this.context.{{User}} }, + authlog(resolver, 'update', me) + ); + const finalQuery = { ...baseQuery, ...authQuery }; + const result = await this.collection.updateOne(finalQuery, docToUpdate); + if (result.result.ok !== 1 || result.result.n !== 1) { + throw new Error(`update {{typeName}} not possible for ${id}.`); + } + this.log.debug(`updated {{typeName}} ${id}.`); + this.authorizedLoader.clear(id); + const updatedDoc = this.findOneById(id, me, 'pubsub {{typeName}}Updated'); + this.pubsub.publish('{{typeName}}Updated', updatedDoc); + return updatedDoc; + } + + async removeById(id, me, resolver) { + const baseQuery = { _id: id }; + const authQuery = queryForRoles( + me, + {{{userRoles.delete}}}, + {{{docRoles.delete}}}, + { {{User}}: this.context.{{User}} }, + authlog(resolver, 'delete', me) + ); + const finalQuery = { ...baseQuery, ...authQuery }; + const result = await this.collection.remove(finalQuery); + if (result.result.ok !== 1 || result.result.n !== 1) { + throw new Error(`remove {{typeName}} not possible for ${id}.`); + } + this.log.debug(`removed {{typeName}} ${id}.`); + this.authorizedLoader.clear(id); + this.pubsub.publish('{{typeName}}Removed', id); + return result; + } +} diff --git a/generate/templates/model/default/default.template b/generate/templates/model/default/default.template new file mode 100644 index 0000000..15fb27d --- /dev/null +++ b/generate/templates/model/default/default.template @@ -0,0 +1,5 @@ +{{#if authorize }} +{{> authorize_default }} +{{else }} +{{> default_default }} +{{/if }} \ No newline at end of file diff --git a/generate/templates/model/default/default_default.template b/generate/templates/model/default/default_default.template new file mode 100644 index 0000000..682dbe6 --- /dev/null +++ b/generate/templates/model/default/default_default.template @@ -0,0 +1,88 @@ +/* eslint-disable prettier */ +import DataLoader from 'dataloader'; +import { + findByIds, + getLogFilename, + logger +} from 'create-graphql-server-authorization'; +const log = logger(getLogFilename()); + +export default class {{TypeName}} { + constructor(context) { + this.context = context; + this.collection = context.db.collection('{{typeName}}'); + this.pubsub = context.pubsub; + this.authorizedLoader = new DataLoader(ids => + findByIds(this.collection, ids) + ); + } + + async findOneById(id) { + if (!this.authorizedLoader) { + return null; + } + return await this.authorizedLoader.load(id); + } + + find({ lastCreatedAt = 0, limit = 10, baseQuery = {} }) { + const finalQuery = { ...baseQuery, createdAt: { $gt: lastCreatedAt } }; + return this.collection + .find(finalQuery) + .sort({ createdAt: 1 }) + .limit(limit) + .toArray(); + } +{{#each singularFields }} +{{> defaultSingularField }} +{{/each}} +{{#each paginatedFields }} +{{> defaultPaginatedField }} +{{/each}} + + async insert(doc) { + const docToInsert = Object.assign({}, doc, { + createdAt: Date.now(), + updatedAt: Date.now() + }); + const id = (await this.collection.insertOne(docToInsert)).insertedId; + if (!id) { + throw new Error(`insert {{typeName}} not possible.`); + } + log.debug(`inserted {{typeName}} ${id}.`); + const insertedDoc = this.findOneById(id); + this.pubsub.publish('{{typeName}}Inserted', insertedDoc); + return insertedDoc; + } + + async updateById(id, doc) { + const docToUpdate = { + $set: Object.assign({}, doc, { + updatedAt: Date.now() + }) + }; + const baseQuery = { _id: id }; + const finalQuery = { ...baseQuery }; + const result = await this.collection.updateOne(finalQuery, docToUpdate); + if (result.result.ok !== 1 || result.result.n !== 1) { + throw new Error(`update {{typeName}} not possible for ${id}.`); + } + log.debug(`updated {{typeName}} ${id}.`); + this.authorizedLoader.clear(id); + const updatedDoc = this.findOneById(id); + this.pubsub.publish('{{typeName}}Updated', updatedDoc); + return updatedDoc; + } + + async removeById(id) { + const baseQuery = { _id: id }; + const finalQuery = { ...baseQuery }; + const result = await this.collection.remove(finalQuery); + if (result.result.ok !== 1 || result.result.n !== 1) { + throw new Error(`remove {{typeName}} not possible for ${id}.`); + } + log.debug(`removed {{typeName}} ${id}.`); + this.authorizedLoader.clear(id); + this.pubsub.publish('{{typeName}}Removed', id); + return result; + } +} diff --git a/generate/templates/model/user/authorize_user.template b/generate/templates/model/user/authorize_user.template new file mode 100644 index 0000000..1c7d1ed --- /dev/null +++ b/generate/templates/model/user/authorize_user.template @@ -0,0 +1,161 @@ +/* eslint-disable prettier */ +import { + queryForRoles, + onAuthRegisterLoader, + authlog, + checkAuthDoc, + protectFields +} from 'create-graphql-server-authorization'; +import bcrypt from 'bcrypt'; +const SALT_ROUNDS = 10; + +export default class {{TypeName}} { + constructor(context) { + this.context = context; + this.collection = context.db.collection('{{typeName}}'); + this.pubsub = context.pubsub; + this.log = context.log; + this.authRole = {{User}}.authRole; + const { me } = context; + queryForRoles( + me, + {{{userRoles.readOne}}}, + {{{docRoles.readOne}}}, + { {{User}} }, + onAuthRegisterLoader('{{typeName}} findOneById', 'readOne', me, this) + ); + } + + static authRole({{typeName}}) { + return {{typeName}} && {{typeName}}.{{roleField}} ? {{typeName}}.{{roleField}} : null; + } + + async findOneById(id, me, resolver) { + const log = authlog(resolver, 'readOne', me); + if (!this.authorizedLoader) { + log.error('not authorized'); + return null; + } + return await this.authorizedLoader.load(id); + } + + find({ lastCreatedAt = 0, limit = 10, baseQuery = {} }, me, resolver) { + const authQuery = queryForRoles( + me, + {{{userRoles.readMany}}}, + {{{docRoles.readMany}}}, + { {{User}}: this.context.{{User}} }, + authlog(resolver, 'readMany', me) + ); + const finalQuery = { + ...baseQuery, + ...authQuery, + createdAt: { $gt: lastCreatedAt } + }; + return this.collection + .find(finalQuery) + .sort({ createdAt: 1 }) + .limit(limit) + .toArray(); + } +{{#each singularFields}} +{{> defaultSingularField }} +{{/each}} +{{#each paginatedFields}} +{{> defaultPaginatedField }} +{{/each}} + + createdBy({{typeName}}, me, resolver) { + return this.context.{{User}}.findOneById({{typeName}}.createdById, me, resolver); + } + + updatedBy({{typeName}}, me, resolver) { + return this.context.{{User}}.findOneById({{typeName}}.updatedById, me, resolver); + } + + async insert(doc, me, resolver) { + // We don't want to store passwords in plaintext + const { password, ...rest } = doc; + const hash = await bcrypt.hash(password, SALT_ROUNDS); + let docToInsert = Object.assign({}, rest, { + hash, + createdAt: Date.now(), + updatedAt: Date.now(), + createdById: me && me._id ? me._id : 'unknown', + updatedById: me && me._id ? me._id : 'unknown' + }); + checkAuthDoc( + docToInsert, + me, + {{{userRoles.create}}}, + {{{docRoles.create}}}, + { {{User}}: this.context.{{User}} }, + authlog(resolver, 'create', me) + ); + docToInsert = protectFields(me, [{{#if firstUserRole}}'{{firstUserRole}}'{{/if}}], [{{#if roleField}}'{{roleField}}'{{/if}}], docToInsert, { + {{User}}: this.context.{{User}} + }); + const id = (await this.collection.insertOne(docToInsert)).insertedId; + if (!id) { + throw new Error(`insert {{typeName}} not possible.`); + } + this.log.debug(`inserted {{typeName}} ${id}.`); + const insertedDoc = this.findOneById(id, me, 'pubsub {{typeName}}Inserted'); + this.pubsub.publish('{{typeName}}Inserted', insertedDoc); + return insertedDoc; + } + + async updateById(id, doc, me, resolver) { + const docToUpdate = { + $set: Object.assign({}, doc, { + updatedAt: Date.now(), + updatedById: me && me._id ? me._id : 'unknown' + }) + }; + const baseQuery = { _id: id }; + const authQuery = queryForRoles( + me, + {{{userRoles.update}}}, + {{{docRoles.update}}}, + { {{User}}: this.context.{{User}} }, + authlog(resolver, 'update', me) + ); + docToUpdate.$set = protectFields( + me, + [{{#if firstUserRole}}'{{firstUserRole}}'{{/if}}], + [{{#if roleField}}'{{roleField}}'{{/if}}], + docToUpdate.$set, + { {{User}}: this.context.{{User}} } + ); + const finalQuery = { ...baseQuery, ...authQuery }; + const result = await this.collection.updateOne(finalQuery, docToUpdate); + if (result.result.ok !== 1 || result.result.n !== 1) { + throw new Error(`update {{typeName}} not possible for ${id}.`); + } + this.log.debug(`updated {{typeName}} ${id}.`); + this.authorizedLoader.clear(id); + const updatedDoc = this.findOneById(id, me, 'pubsub {{typeName}}Updated'); + this.pubsub.publish('{{typeName}}Updated', updatedDoc); + return updatedDoc; + } + + async removeById(id, me, resolver) { + const baseQuery = { _id: id }; + const authQuery = queryForRoles( + me, + {{{userRoles.delete}}}, + {{{docRoles.delete}}}, + { {{User}}: this.context.{{User}} }, + authlog(resolver, 'delete', me) + ); + const finalQuery = { ...baseQuery, ...authQuery }; + const result = await this.collection.remove(finalQuery); + if (result.result.ok !== 1 || result.result.n !== 1) { + throw new Error(`remove {{typeName}} not possible for ${id}.`); + } + this.log.debug(`removed {{typeName}} ${id}.`); + this.authorizedLoader.clear(id); + this.pubsub.publish('{{typeName}}Removed', id); + return result; + } +} diff --git a/generate/templates/model/user/default_user.template b/generate/templates/model/user/default_user.template new file mode 100644 index 0000000..9fdb89c --- /dev/null +++ b/generate/templates/model/user/default_user.template @@ -0,0 +1,94 @@ +/* eslint-disable prettier */ +import DataLoader from 'dataloader'; +import { + findByIds, + getLogFilename, + logger +} from 'create-graphql-server-authorization'; +import bcrypt from 'bcrypt'; +const SALT_ROUNDS = 10; +const log = logger(getLogFilename()); + +export default class {{TypeName}} { + constructor(context) { + this.context = context; + this.collection = context.db.collection('{{typeName}}'); + this.pubsub = context.pubsub; + this.authorizedLoader = new DataLoader(ids => + findByIds(this.collection, ids) + ); + } + + async findOneById(id) { + if (!this.authorizedLoader) { + return null; + } + return await this.authorizedLoader.load(id); + } + + find({ lastCreatedAt = 0, limit = 10, baseQuery = {} }{{#if authorize}}, me, resolver{{/if}}) { + const finalQuery = { ...baseQuery, createdAt: { $gt: lastCreatedAt } }; + return this.collection + .find(finalQuery) + .sort({ createdAt: 1 }) + .limit(limit) + .toArray(); + } +{{#each singularFields}} +{{> defaultSingularField }} +{{/each}} +{{#each paginatedFields}} +{{> defaultPaginatedField }} +{{/each}} + + async insert(doc) { + // We don't want to store passwords in plaintext + const { password, ...rest } = doc; + const hash = await bcrypt.hash(password, SALT_ROUNDS); + const docToInsert = Object.assign({}, rest, { + hash, + createdAt: Date.now(), + updatedAt: Date.now() + }); + const id = (await this.collection.insertOne(docToInsert)).insertedId; + if (!id) { + throw new Error(`insert {{typeName}} not possible.`); + } + log.debug(`inserted {{typeName}} ${id}.`); + const insertedDoc = this.findOneById(id); + this.pubsub.publish('{{typeName}}Inserted', insertedDoc); + return insertedDoc; + } + + async updateById(id, doc) { + const docToUpdate = { + $set: Object.assign({}, doc, { + updatedAt: Date.now() + }) + }; + const baseQuery = { _id: id }; + const finalQuery = { ...baseQuery }; + const result = await this.collection.updateOne(finalQuery, docToUpdate); + if (result.result.ok !== 1 || result.result.n !== 1) { + throw new Error(`update {{typeName}} not possible for ${id}.`); + } + log.debug(`updated {{typeName}} ${id}.`); + this.authorizedLoader.clear(id); + const updatedDoc = this.findOneById(id); + this.pubsub.publish('{{typeName}}Updated', updatedDoc); + return updatedDoc; + } + + async removeById(id) { + const baseQuery = { _id: id }; + const finalQuery = { ...baseQuery }; + const result = await this.collection.remove(finalQuery); + if (result.result.ok !== 1 || result.result.n !== 1) { + throw new Error(`remove {{typeName}} not possible for ${id}.`); + } + log.debug(`removed {{typeName}} ${id}.`); + this.authorizedLoader.clear(id); + this.pubsub.publish('{{typeName}}Removed', id); + return result; + } +} diff --git a/generate/templates/model/user/user.template b/generate/templates/model/user/user.template new file mode 100644 index 0000000..c5ab4a9 --- /dev/null +++ b/generate/templates/model/user/user.template @@ -0,0 +1,5 @@ +{{#if authorize }} +{{> authorize_user }} +{{else }} +{{> default_user }} +{{/if }} \ No newline at end of file diff --git a/generate/templates/resolver/common/defaultPaginatedField.template b/generate/templates/resolver/common/defaultPaginatedField.template new file mode 100644 index 0000000..2c02c6a --- /dev/null +++ b/generate/templates/resolver/common/defaultPaginatedField.template @@ -0,0 +1,4 @@ + + {{fieldName}}({{typeName}}, args, { {{TypeName}}, me }) { + return {{TypeName}}.{{fieldName}}({{typeName}}, args, me, '{{typeName}} {{fieldName}}'); + }, diff --git a/generate/templates/resolver/common/defaultSingularField.template b/generate/templates/resolver/common/defaultSingularField.template new file mode 100644 index 0000000..d7b3173 --- /dev/null +++ b/generate/templates/resolver/common/defaultSingularField.template @@ -0,0 +1,4 @@ + + {{fieldName}}({{typeName}}, args, { {{TypeName}}, me }) { + return {{TypeName}}.{{fieldName}}({{typeName}}, me, '{{typeName}} {{fieldName}}'); + }, diff --git a/generate/templates/resolver/default/auth_default.template b/generate/templates/resolver/default/auth_default.template new file mode 100644 index 0000000..67cf99e --- /dev/null +++ b/generate/templates/resolver/default/auth_default.template @@ -0,0 +1,52 @@ +/* eslint-disable prettier */ +/* eslint comma-dangle: [2, "only-multiline"] */ +const resolvers = { + {{TypeName}}: { + id({{typeName}}) { + return {{typeName}}._id; + }, +{{#each singularFields}} +{{> defaultSingularField }} +{{/each}} +{{#each paginatedFields}} +{{> defaultPaginatedField }} +{{/each}} + + createdBy({{typeName}}, args, { {{TypeName}}, me }) { + return {{TypeName}}.createdBy({{typeName}}, me, '{{typeName}} createdBy'); + }, + + updatedBy({{typeName}}, args, { {{TypeName}}, me }) { + return {{TypeName}}.updatedBy({{typeName}}, me, '{{typeName}} updatedBy'); + } + }, + Query: { + {{typeName}}s(root, { lastCreatedAt, limit }, { {{TypeName}}, me }) { + return {{TypeName}}.find({ lastCreatedAt, limit }, me, '{{typeName}}s'); + }, + + {{typeName}}(root, { id }, { {{TypeName}}, me }) { + return {{TypeName}}.findOneById(id, me, '{{typeName}}'); + } + }, + Mutation: { + async create{{TypeName}}(root, { input }, { {{TypeName}}, me }) { + return await {{TypeName}}.insert(input, me, 'create{{TypeName}}'); + }, + + async update{{TypeName}}(root, { id, input }, { {{TypeName}}, me }) { + return await {{TypeName}}.updateById(id, input, me, 'update{{TypeName}}'); + }, + + async remove{{TypeName}}(root, { id }, { {{TypeName}}, me }) { + return await {{TypeName}}.removeById(id, me, 'remove{{TypeName}}'); + } + }, + Subscription: { + {{typeName}}Created: {{typeName}} => {{typeName}}, + {{typeName}}Updated: {{typeName}} => {{typeName}}, + {{typeName}}Removed: id => id + } +}; + +export default resolvers; diff --git a/generate/templates/resolver/default/default.template b/generate/templates/resolver/default/default.template new file mode 100644 index 0000000..0322f2f --- /dev/null +++ b/generate/templates/resolver/default/default.template @@ -0,0 +1,5 @@ +{{#if authorize }} +{{> auth_default }} +{{else }} +{{> default_default }} +{{/if }} \ No newline at end of file diff --git a/generate/templates/resolver/default/default_default.template b/generate/templates/resolver/default/default_default.template new file mode 100644 index 0000000..8e7cb64 --- /dev/null +++ b/generate/templates/resolver/default/default_default.template @@ -0,0 +1,44 @@ +/* eslint-disable prettier */ +/* eslint comma-dangle: [2, "only-multiline"] */ +const resolvers = { + {{TypeName}}: { + id({{typeName}}) { + return {{typeName}}._id; + }, +{{#each singularFields}} +{{> defaultSingularField }} +{{/each}} +{{#each paginatedFields}} +{{> defaultPaginatedField }} +{{/each}} + }, + Query: { + {{typeName}}s(root, { lastCreatedAt, limit }, { {{TypeName}}, me }) { + return {{TypeName}}.find({ lastCreatedAt, limit }, me, '{{typeName}}s'); + }, + + {{typeName}}(root, { id }, { {{TypeName}}, me }) { + return {{TypeName}}.findOneById(id, me, '{{typeName}}'); + } + }, + Mutation: { + async create{{TypeName}}(root, { input }, { {{TypeName}}, me }) { + return await {{TypeName}}.insert(input, me, 'create{{TypeName}}'); + }, + + async update{{TypeName}}(root, { id, input }, { {{TypeName}}, me }) { + return await {{TypeName}}.updateById(id, input, me, 'update{{TypeName}}'); + }, + + async remove{{TypeName}}(root, { id }, { {{TypeName}}, me }) { + return await {{TypeName}}.removeById(id, me, 'remove{{TypeName}}'); + } + }, + Subscription: { + {{typeName}}Created: {{typeName}} => {{typeName}}, + {{typeName}}Updated: {{typeName}} => {{typeName}}, + {{typeName}}Removed: id => id + } +}; + +export default resolvers; diff --git a/generate/util/generatePerField.js b/generate/util/generatePerField.js index 7819919..dcfd9aa 100644 --- a/generate/util/generatePerField.js +++ b/generate/util/generatePerField.js @@ -6,6 +6,7 @@ import { isScalarField, applyCustomDirectives, } from './graphql'; + import { lcFirst } from './capitalization'; export default function generatePerField(type, generators) { diff --git a/generate/util/prep.js b/generate/util/prep.js new file mode 100644 index 0000000..93d126a --- /dev/null +++ b/generate/util/prep.js @@ -0,0 +1,14 @@ +// @flow + +/** + * prepare roles for code generator + * convert array to String value + * replace " by ' + * @private + * @param {array} role - name of role + * @return {string} roleString - role string + */ + +export function prep(role) { + return JSON.stringify(role).replace(/"/g, "'").replace(/,/g, ', '); +} diff --git a/package.json b/package.json index 5293d88..7f6d5c1 100644 --- a/package.json +++ b/package.json @@ -20,7 +20,8 @@ "test-add-update-remove": "./test/test-add-update-remove.sh", "clean": "rm -rf dist/*", "build": "npm run clean && babel bin --out-dir dist/bin && babel generate -D --out-dir dist/generate && cp -r skel dist", - "prepublish": "npm run build" + "prepublish": "npm run build", + "gentest": "babel-node --inspect bin/gentest.js -- " }, "config": { "logfile": "log/all-logs-readable.log", @@ -53,11 +54,13 @@ "babylon": "^6.14.1", "chalk": "^1.1.3", "cpr": "^2.0.0", - "create-graphql-server-authorization": "^0.0.35", + "create-graphql-server-authorization": "^0.0.40", + "dataloader": "^1.3.0", "denodeify": "^1.2.1", "escape-string-regexp": "^1.0.5", "global": "^4.3.2", "graphql": "0.7.2", + "handlebars": "^4.0.10", "lodash": "^4.17.4", "lodash.clonedeep": "^4.5.0", "lodash.includes": "^4.3.0", diff --git a/skel/package.json b/skel/package.json index a7f1f12..0041ee1 100644 --- a/skel/package.json +++ b/skel/package.json @@ -39,7 +39,7 @@ "bcrypt": "^1.0.2", "body-parser": "1.15.2", "cors": "^2.8.1", - "create-graphql-server-authorization": "^0.0.35", + "create-graphql-server-authorization": "^0.0.40", "dataloader": "^1.2.0", "denodeify": "^1.2.1", "dotenv": "2.0.0", diff --git a/test/output-app/index.js b/test/output-app/index.js index 0035126..449bd70 100644 --- a/test/output-app/index.js +++ b/test/output-app/index.js @@ -102,7 +102,7 @@ if (!MONGO_URL) { nodemon({ script: path.join('server', 'index.js'), ext: 'js graphql', - exec: 'babel-node', + exec: 'babel-node --inspect', }).on('restart', () => console.log('Restarting server due to file change\n')); diff --git a/test/output-app/log/all-logs-readable.log b/test/output-app/log/all-logs-readable.log index f52f07c..33facda 100644 --- a/test/output-app/log/all-logs-readable.log +++ b/test/output-app/log/all-logs-readable.log @@ -1,7 +1,6 @@ -2017-08-18 18:23:51 Logger started -2017-08-18 18:24:30 -------------------------------------------------------------------------------- -2017-08-18 18:24:30 Request: -User: "", role: "", id: "", +2017-08-31 14:20:28 -------------------------------------------------------------------------------- +2017-08-31 14:20:28 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: { @@ -12,11 +11,12 @@ Query: } } -2017-08-18 18:24:30 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:24:30 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:24:30 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 18:25:15 -------------------------------------------------------------------------------- -2017-08-18 18:25:15 Request: +2017-08-31 14:20:28 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:28 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:28 registered authorizedLoader successfully +2017-08-31 14:20:28 registered authorizedLoader successfully +2017-08-31 14:20:51 -------------------------------------------------------------------------------- +2017-08-31 14:20:51 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -28,10 +28,12 @@ Query: } } -2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 -------------------------------------------------------------------------------- -2017-08-18 18:25:15 Request: +2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 -------------------------------------------------------------------------------- +2017-08-31 14:20:51 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -42,10 +44,12 @@ Query: } } -2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 -------------------------------------------------------------------------------- -2017-08-18 18:25:15 Request: +2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 -------------------------------------------------------------------------------- +2017-08-31 14:20:51 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -56,10 +60,12 @@ Query: } } -2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 -------------------------------------------------------------------------------- -2017-08-18 18:25:15 Request: +2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 -------------------------------------------------------------------------------- +2017-08-31 14:20:51 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -70,10 +76,12 @@ Query: } } -2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 -------------------------------------------------------------------------------- -2017-08-18 18:25:15 Request: +2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 -------------------------------------------------------------------------------- +2017-08-31 14:20:51 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -85,10 +93,12 @@ Query: } } -2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 -------------------------------------------------------------------------------- -2017-08-18 18:25:15 Request: +2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 -------------------------------------------------------------------------------- +2017-08-31 14:20:51 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -99,11 +109,13 @@ Query: } } -2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 -------------------------------------------------------------------------------- -2017-08-18 18:25:15 Request: +2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 -------------------------------------------------------------------------------- +2017-08-31 14:20:51 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -114,11 +126,13 @@ Query: } } -2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 -------------------------------------------------------------------------------- -2017-08-18 18:25:15 Request: +2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 -------------------------------------------------------------------------------- +2017-08-31 14:20:51 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -129,11 +143,13 @@ Query: } } -2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 -------------------------------------------------------------------------------- -2017-08-18 18:25:15 Request: +2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 -------------------------------------------------------------------------------- +2017-08-31 14:20:51 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -144,11 +160,13 @@ Query: } } -2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 -------------------------------------------------------------------------------- -2017-08-18 18:25:15 Request: +2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 -------------------------------------------------------------------------------- +2017-08-31 14:20:51 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -161,11 +179,13 @@ Query: } } -2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 -------------------------------------------------------------------------------- -2017-08-18 18:25:15 Request: +2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 -------------------------------------------------------------------------------- +2017-08-31 14:20:51 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -178,11 +198,13 @@ Query: } } -2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 -------------------------------------------------------------------------------- -2017-08-18 18:25:15 Request: +2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 -------------------------------------------------------------------------------- +2017-08-31 14:20:51 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -195,11 +217,13 @@ Query: } } -2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 -------------------------------------------------------------------------------- -2017-08-18 18:25:15 Request: +2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 -------------------------------------------------------------------------------- +2017-08-31 14:20:51 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -212,11 +236,13 @@ Query: } } -2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 -------------------------------------------------------------------------------- -2017-08-18 18:25:15 Request: +2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 -------------------------------------------------------------------------------- +2017-08-31 14:20:51 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -229,11 +255,13 @@ Query: } } -2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 -------------------------------------------------------------------------------- -2017-08-18 18:25:15 Request: +2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 -------------------------------------------------------------------------------- +2017-08-31 14:20:51 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -246,11 +274,13 @@ Query: } } -2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 -------------------------------------------------------------------------------- -2017-08-18 18:25:15 Request: +2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 -------------------------------------------------------------------------------- +2017-08-31 14:20:51 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -263,11 +293,13 @@ Query: } } -2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 -------------------------------------------------------------------------------- -2017-08-18 18:25:15 Request: +2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 -------------------------------------------------------------------------------- +2017-08-31 14:20:51 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -280,11 +312,13 @@ Query: } } -2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 -------------------------------------------------------------------------------- -2017-08-18 18:25:15 Request: +2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 -------------------------------------------------------------------------------- +2017-08-31 14:20:51 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -297,11 +331,13 @@ Query: } } -2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 -------------------------------------------------------------------------------- -2017-08-18 18:25:15 Request: +2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 -------------------------------------------------------------------------------- +2017-08-31 14:20:51 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -314,11 +350,13 @@ Query: } } -2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 -------------------------------------------------------------------------------- -2017-08-18 18:25:15 Request: +2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 -------------------------------------------------------------------------------- +2017-08-31 14:20:51 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -331,11 +369,13 @@ Query: } } -2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 -------------------------------------------------------------------------------- -2017-08-18 18:25:15 Request: +2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 -------------------------------------------------------------------------------- +2017-08-31 14:20:51 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -348,11 +388,13 @@ Query: } } -2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 -------------------------------------------------------------------------------- -2017-08-18 18:25:15 Request: +2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 -------------------------------------------------------------------------------- +2017-08-31 14:20:51 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -365,11 +407,13 @@ Query: } } -2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 -------------------------------------------------------------------------------- -2017-08-18 18:25:15 Request: +2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 -------------------------------------------------------------------------------- +2017-08-31 14:20:51 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -382,11 +426,13 @@ Query: } } -2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 -------------------------------------------------------------------------------- -2017-08-18 18:25:15 Request: +2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 -------------------------------------------------------------------------------- +2017-08-31 14:20:51 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -399,11 +445,13 @@ Query: } } -2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 -------------------------------------------------------------------------------- -2017-08-18 18:25:15 Request: +2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 -------------------------------------------------------------------------------- +2017-08-31 14:20:51 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -416,11 +464,13 @@ Query: } } -2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 -------------------------------------------------------------------------------- -2017-08-18 18:25:15 Request: +2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 -------------------------------------------------------------------------------- +2017-08-31 14:20:51 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -431,40 +481,46 @@ Query: } } -2017-08-18 18:25:15 -------------------------------------------------------------------------------- -2017-08-18 18:25:15 Request: +2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 -------------------------------------------------------------------------------- +2017-08-31 14:20:51 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: { - tweet(id: "583676d3618530145474e351") { - author { - username - } + tweets { + id + createdAt } } -2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 -------------------------------------------------------------------------------- -2017-08-18 18:25:15 Request: +2017-08-31 14:20:51 -------------------------------------------------------------------------------- +2017-08-31 14:20:51 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: { - tweets { - id - createdAt + tweet(id: "583676d3618530145474e351") { + author { + username + } } } -2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 -------------------------------------------------------------------------------- -2017-08-18 18:25:15 Request: +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 -------------------------------------------------------------------------------- +2017-08-31 14:20:51 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -475,11 +531,13 @@ Query: } } -2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 -------------------------------------------------------------------------------- -2017-08-18 18:25:15 Request: +2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 -------------------------------------------------------------------------------- +2017-08-31 14:20:51 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -490,11 +548,13 @@ Query: } } -2017-08-18 18:25:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:16 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: +2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 -------------------------------------------------------------------------------- +2017-08-31 14:20:51 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -505,11 +565,13 @@ Query: } } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:16 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: +2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 -------------------------------------------------------------------------------- +2017-08-31 14:20:51 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -522,11 +584,13 @@ Query: } } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:16 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: +2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 -------------------------------------------------------------------------------- +2017-08-31 14:20:51 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -539,11 +603,13 @@ Query: } } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:16 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: +2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 -------------------------------------------------------------------------------- +2017-08-31 14:20:51 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -556,11 +622,13 @@ Query: } } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:16 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: +2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 -------------------------------------------------------------------------------- +2017-08-31 14:20:51 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -573,237 +641,200 @@ Query: } } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:16 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: +2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 -------------------------------------------------------------------------------- +2017-08-31 14:20:51 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { + createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "admin"}) { id role } } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:16 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:16 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-18 18:25:16 inserted user 599714ecbea537ee0bde4ffe. -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: -User: "tobkle", role: "admin", id: "599714ecbea537ee0bde4ffe", +2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:51 registered authorizedLoader successfully +2017-08-31 14:20:52 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:52 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + createUser(input: {email: "zol@gmail.com", password: "password", username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { id } } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:25:16 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:25:16 inserted user 599714ecbea537ee0bde4fff. -2017-08-18 18:25:16 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: -User: "tobkle", role: "admin", id: "599714ecbea537ee0bde4ffe", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: { - user(id: "599714ecbea537ee0bde4fff") { + user(id: "undefined") { username bio role } } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: -User: "tobkle", role: "admin", id: "599714ecbea537ee0bde4ffe", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: { - user(id: "599714ecbea537ee0bde4ffe") { + user(id: "undefined") { username role } } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: -User: "tobkle", role: "admin", id: "599714ecbea537ee0bde4ffe", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { - updateUser(id: "599714ecbea537ee0bde4fff", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + updateUser(id: "undefined", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { username bio role } } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:25:16 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:25:16 updated user 599714ecbea537ee0bde4fff. -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: -User: "tobkle", role: "admin", id: "599714ecbea537ee0bde4ffe", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { - updateUser(id: "599714ecbea537ee0bde4ffe", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { username bio role } } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:25:16 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:25:16 updated user 599714ecbea537ee0bde4ffe. -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: -User: "tobkle", role: "admin", id: "599714ecbea537ee0bde4ffe", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { - updateUser(id: "599714ecbea537ee0bde4fff", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + updateUser(id: "undefined", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { username bio role } } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:25:16 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:25:16 updated user 599714ecbea537ee0bde4fff. -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: -User: "tobkle", role: "admin", id: "599714ecbea537ee0bde4ffe", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { - updateUser(id: "599714ecbea537ee0bde4ffe", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { username bio role } } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:25:16 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:25:16 updated user 599714ecbea537ee0bde4ffe. -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: -User: "tobkle", role: "editor", id: "599714ecbea537ee0bde4ffe", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { - updateUser(id: "599714ecbea537ee0bde4ffe", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { username bio role } } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599714ecbea537ee0bde4ffe" - } - ] -} -2017-08-18 18:25:16 updated user 599714ecbea537ee0bde4ffe. -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-18 18:25:16 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599714ecbea537ee0bde4ffe" - } - ] -} -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: -User: "zoltan", role: "admin", id: "599714ecbea537ee0bde4fff", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { - updateUser(id: "599714ecbea537ee0bde4ffe", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { username bio role } } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'zoltan' and role 'admin' is authorized -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'zoltan' and role 'admin' is authorized -2017-08-18 18:25:16 Authorize update 'updateUser' with user 'zoltan' and role 'admin' is authorized -2017-08-18 18:25:16 updated user 599714ecbea537ee0bde4ffe. -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: -User: "tobkle", role: "admin", id: "599714ecbea537ee0bde4ffe", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { - removeUser(id: "599714ecbea537ee0bde4fff") + removeUser(id: "undefined") } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:25:16 removed user 599714ecbea537ee0bde4fff. -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:25:16 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: -User: "tobkle", role: "admin", id: "599714ecbea537ee0bde4ffe", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { - createTweet(input: {authorId: "599714ecbea537ee0bde4ffe", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + createTweet(input: {authorId: "undefined", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { id } } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:25:16 { - "authorId": "599714ecbea537ee0bde4ffe", - "body": "This is a test tweet of user tobkle", - "coauthorsIds": [], - "createdAt": 1503073516162, - "updatedAt": 1503073516162, - "createdById": "599714ecbea537ee0bde4ffe", - "updatedById": "599714ecbea537ee0bde4ffe" -} -2017-08-18 18:25:16 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:25:16 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-18 18:25:16 inserted tweet 599714ecbea537ee0bde5000. -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 { - "authorId": "583291a1638566b3c5a92ca1", - "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", - "coauthorsIds": [], - "createdAt": 1503073516181, - "updatedAt": 1503073516181, - "createdById": "599714ecbea537ee0bde4ffe", - "updatedById": "599714ecbea537ee0bde4ffe" -} -2017-08-18 18:25:16 Request: -User: "tobkle", role: "admin", id: "599714ecbea537ee0bde4ffe", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { @@ -812,13 +843,16 @@ mutation { } } -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: -User: "tobkle", role: "admin", id: "599714ecbea537ee0bde4ffe", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: { - tweet(id: "599714ecbea537ee0bde5000") { + tweet(id: "undefined") { author { id } @@ -826,16 +860,13 @@ Query: } } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:25:16 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:25:16 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-18 18:25:16 inserted tweet 599714ecbea537ee0bde5001. -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: -User: "tobkle", role: "admin", id: "599714ecbea537ee0bde4ffe", +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: { @@ -847,140 +878,135 @@ Query: } } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: -User: "tobkle", role: "admin", id: "599714ecbea537ee0bde4ffe", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 ERROR Authorize readOne 'tweet author' with user '' undefined +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { - updateTweet(id: "599714ecbea537ee0bde5000", input: {body: "This is a modified test tweet"}) { + updateTweet(id: "undefined", input: {body: "This is a modified test tweet"}) { body } } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:25:16 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:25:16 updated tweet 599714ecbea537ee0bde5000. -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: -User: "tobkle", role: "admin", id: "599714ecbea537ee0bde4ffe", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { - updateTweet(id: "599714ecbea537ee0bde5001", input: {body: "This is a modified test tweet"}) { + updateTweet(id: "undefined", input: {body: "This is a modified test tweet"}) { body } } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:25:16 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:25:16 updated tweet 599714ecbea537ee0bde5001. -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: -User: "tobkle", role: "admin", id: "599714ecbea537ee0bde4ffe", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: { - tweet(id: "599714ecbea537ee0bde5000") { + tweet(id: "undefined") { body } } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: -User: "tobkle", role: "admin", id: "599714ecbea537ee0bde4ffe", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { - removeTweet(id: "599714ecbea537ee0bde5000") + removeTweet(id: "undefined") } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:25:16 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:25:16 removed tweet 599714ecbea537ee0bde5000. -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: -User: "tobkle", role: "admin", id: "599714ecbea537ee0bde4ffe", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { - removeTweet(id: "599714ecbea537ee0bde5001") + removeTweet(id: "undefined") } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:25:16 removed tweet 599714ecbea537ee0bde5001. -2017-08-18 18:25:16 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: -User: "tobkle", role: "admin", id: "599714ecbea537ee0bde4ffe", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: { - tweet(id: "599714ecbea537ee0bde5000") { + tweet(id: "undefined") { body } } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: -User: "tobkle", role: "admin", id: "599714ecbea537ee0bde4ffe", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { - removeUser(id: "599714ecbea537ee0bde4ffe") + removeUser(id: "undefined") } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:25:16 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:25:16 removed user 599714ecbea537ee0bde4ffe. -2017-08-18 18:25:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 ERROR Cannot read property 'load' of undefined -2017-08-18 18:25:16 Request: +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: { - user(id: "599714ecbea537ee0bde4ffe") { + user(id: "undefined") { username bio role } } -2017-08-18 18:25:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 18:25:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-18 18:25:16 Request: +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "admin"}) { id } } -2017-08-18 18:25:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 18:25:16 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-18 18:25:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 ERROR Cannot read property 'load' of undefined -2017-08-18 18:25:16 Request: +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -992,12 +1018,12 @@ Query: } } -2017-08-18 18:25:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 18:25:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. -2017-08-18 18:25:16 Request: +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 ERROR Authorize readOne 'user' with user '' undefined +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -1009,13 +1035,12 @@ mutation { } } -2017-08-18 18:25:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 18:25:16 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. -2017-08-18 18:25:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-18 18:25:16 Request: +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -1023,12 +1048,12 @@ mutation { removeUser(id: "583291a1638566b3c5a92ca1") } -2017-08-18 18:25:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 18:25:16 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-18 18:25:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -1038,20 +1063,11 @@ mutation { } } -2017-08-18 18:25:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 18:25:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 { - "authorId": "583291a1638566b3c5a92ca1", - "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", - "coauthorsIds": [], - "createdAt": 1503073516330, - "updatedAt": 1503073516330, - "createdById": "unknown", - "updatedById": "unknown" -} -2017-08-18 18:25:16 Request: +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -1061,13 +1077,12 @@ mutation { } } -2017-08-18 18:25:16 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-18 18:25:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 18:25:16 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-18 18:25:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -1080,13 +1095,12 @@ Query: } } -2017-08-18 18:25:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 18:25:16 ERROR Cannot read property 'load' of undefined -2017-08-18 18:25:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-18 18:25:16 Request: +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 ERROR Authorize readOne 'tweet author' with user '' undefined +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -1096,13 +1110,12 @@ mutation { } } -2017-08-18 18:25:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 18:25:16 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-18 18:25:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-18 18:25:16 Request: +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -1112,13 +1125,12 @@ mutation { } } -2017-08-18 18:25:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 18:25:16 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-18 18:25:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-18 18:25:16 Request: +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -1126,51 +1138,46 @@ mutation { removeTweet(id: "583676d3618530145474e352") } -2017-08-18 18:25:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 18:25:16 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { + createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "user"}) { id role } } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:16 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:16 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-18 18:25:16 inserted user 599714ecbea537ee0bde5002. -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. -2017-08-18 18:25:16 Request: -User: "tobkle", role: "user", id: "599714ecbea537ee0bde5002", +2017-08-31 14:20:52 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:52 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { + createUser(input: {email: "zol@gmail.com", password: "password", username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { id } } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599714ecbea537ee0bde5002" - } - ] -} -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:25:16 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: -User: "tobkle", role: "user", id: "599714ecbea537ee0bde5002", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: { @@ -1181,59 +1188,42 @@ Query: } } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599714ecbea537ee0bde5002" - } - ] -} -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: -User: "tobkle", role: "user", id: "599714ecbea537ee0bde5002", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 ERROR Authorize readOne 'user' with user '' undefined +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: { - user(id: "599714ecbea537ee0bde5002") { + user(id: "undefined") { username } } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599714ecbea537ee0bde5002" - } - ] -} -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: -User: "tobkle", role: "user", id: "599714ecbea537ee0bde5002", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: { - user(id: "599714ecbea537ee0bde5002") { + user(id: "undefined") { username role } } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599714ecbea537ee0bde5002" - } - ] -} -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: -User: "tobkle", role: "user", id: "599714ecbea537ee0bde5002", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { @@ -1244,155 +1234,71 @@ mutation { } } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599714ecbea537ee0bde5002" - } - ] -} -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:25:16 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599714ecbea537ee0bde5002" - } - ] -} -2017-08-18 18:25:16 ERROR update user not possible for 583291a1638566b3c5a92ca1. -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: -User: "tobkle", role: "user", id: "599714ecbea537ee0bde5002", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { - updateUser(id: "599714ecbea537ee0bde5002", input: {username: "tobkle", bio: "Maker of things, I guess"}) { + updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess"}) { username bio } } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599714ecbea537ee0bde5002" - } - ] -} -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:25:16 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599714ecbea537ee0bde5002" - } - ] -} -2017-08-18 18:25:16 updated user 599714ecbea537ee0bde5002. -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: -User: "tobkle", role: "user", id: "599714ecbea537ee0bde5002", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { - updateUser(id: "599714ecbea537ee0bde5002", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { username bio role } } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599714ecbea537ee0bde5002" - } - ] -} -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:25:16 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599714ecbea537ee0bde5002" - } - ] -} -2017-08-18 18:25:16 updated user 599714ecbea537ee0bde5002. -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: -User: "tobkle", role: "user", id: "599714ecbea537ee0bde5002", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { removeUser(id: "583291a1638566b3c5a92ca1") } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599714ecbea537ee0bde5002" - } - ] -} -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:25:16 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599714ecbea537ee0bde5002" - } - ] -} -2017-08-18 18:25:16 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 { - "authorId": "599714ecbea537ee0bde5002", - "body": "This is a test tweet of user tobkle", - "coauthorsIds": [], - "createdAt": 1503073516446, - "updatedAt": 1503073516446, - "createdById": "599714ecbea537ee0bde5002", - "updatedById": "599714ecbea537ee0bde5002" -} -2017-08-18 18:25:16 Request: -User: "tobkle", role: "user", id: "599714ecbea537ee0bde5002", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { - createTweet(input: {authorId: "599714ecbea537ee0bde5002", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + createTweet(input: {authorId: "undefined", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { id } } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599714ecbea537ee0bde5002" - } - ] -} -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:25:16 Authorize create 'createTweet' with user 'tobkle' and role: 'user' is authorized by docRole. -2017-08-18 18:25:16 inserted tweet 599714ecbea537ee0bde5003. -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 { - "authorId": "583291a1638566b3c5a92ca1", - "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", - "coauthorsIds": [], - "createdAt": 1503073516456, - "updatedAt": 1503073516456, - "createdById": "599714ecbea537ee0bde5002", - "updatedById": "599714ecbea537ee0bde5002" -} -2017-08-18 18:25:16 Request: -User: "tobkle", role: "user", id: "599714ecbea537ee0bde5002", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { @@ -1401,24 +1307,17 @@ mutation { } } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599714ecbea537ee0bde5002" - } - ] -} -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:25:16 Authorize create 'createTweet' with user 'tobkle' and role: 'user' is authorized by docRole. -2017-08-18 18:25:16 inserted tweet 599714ecbea537ee0bde5004. -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: -User: "tobkle", role: "user", id: "599714ecbea537ee0bde5002", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: { - tweet(id: "599714ecbea537ee0bde5003") { + tweet(id: "undefined") { author { id } @@ -1426,18 +1325,12 @@ Query: } } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599714ecbea537ee0bde5002" - } - ] -} -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: -User: "tobkle", role: "user", id: "599714ecbea537ee0bde5002", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: { @@ -1449,50 +1342,27 @@ Query: } } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599714ecbea537ee0bde5002" - } - ] -} -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: -User: "tobkle", role: "user", id: "599714ecbea537ee0bde5002", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 ERROR Authorize readOne 'tweet author' with user '' undefined +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { - updateTweet(id: "599714ecbea537ee0bde5003", input: {body: "This is a modified test tweet"}) { + updateTweet(id: "undefined", input: {body: "This is a modified test tweet"}) { body } } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599714ecbea537ee0bde5002" - } - ] -} -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:25:16 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "599714ecbea537ee0bde5002" - }, - { - "coauthorsIds": "599714ecbea537ee0bde5002" - } - ] -} -2017-08-18 18:25:16 updated tweet 599714ecbea537ee0bde5003. -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: -User: "tobkle", role: "user", id: "599714ecbea537ee0bde5002", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { @@ -1501,207 +1371,127 @@ mutation { } } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599714ecbea537ee0bde5002" - } - ] -} -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:25:16 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "599714ecbea537ee0bde5002" - }, - { - "coauthorsIds": "599714ecbea537ee0bde5002" - } - ] -} -2017-08-18 18:25:16 ERROR update tweet not possible for 583676d3618530145474e352. -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: -User: "tobkle", role: "user", id: "599714ecbea537ee0bde5002", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: { - tweet(id: "599714ecbea537ee0bde5003") { + tweet(id: "undefined") { body } } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599714ecbea537ee0bde5002" - } - ] -} -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: -User: "tobkle", role: "user", id: "599714ecbea537ee0bde5002", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { - removeTweet(id: "599714ecbea537ee0bde5003") + removeTweet(id: "undefined") } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599714ecbea537ee0bde5002" - } - ] -} -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:25:16 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "599714ecbea537ee0bde5002" - } - ] -} -2017-08-18 18:25:16 removed tweet 599714ecbea537ee0bde5003. -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: -User: "tobkle", role: "user", id: "599714ecbea537ee0bde5002", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { removeTweet(id: "583676d3618530145474e352") } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599714ecbea537ee0bde5002" - } - ] -} -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:25:16 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "599714ecbea537ee0bde5002" - } - ] -} -2017-08-18 18:25:16 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: -User: "tobkle", role: "user", id: "599714ecbea537ee0bde5002", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: { - tweet(id: "599714ecbea537ee0bde5003") { + tweet(id: "undefined") { body } } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599714ecbea537ee0bde5002" - } - ] -} -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: -User: "tobkle", role: "user", id: "599714ecbea537ee0bde5002", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { - removeUser(id: "599714ecbea537ee0bde5002") + removeUser(id: "undefined") } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599714ecbea537ee0bde5002" - } - ] -} -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:25:16 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599714ecbea537ee0bde5002" - } - ] -} -2017-08-18 18:25:16 removed user 599714ecbea537ee0bde5002. -2017-08-18 18:25:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 ERROR Cannot read property 'load' of undefined -2017-08-18 18:25:16 Request: +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: { - user(id: "599714ecbea537ee0bde5002") { + user(id: "undefined") { username bio role } } -2017-08-18 18:25:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { + createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "editor"}) { id role } } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:16 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:25:16 inserted user 599714ecbea537ee0bde5005. -2017-08-18 18:25:16 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. -2017-08-18 18:25:16 Request: -User: "tobkle", role: "editor", id: "599714ecbea537ee0bde5005", +2017-08-31 14:20:52 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:20:52 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + createUser(input: {email: "zol@gmail.com", password: "password", username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { id } } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599714ecbea537ee0bde5005" - } - ] -} -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-18 18:25:16 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: -User: "tobkle", role: "editor", id: "599714ecbea537ee0bde5005", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: { @@ -1712,39 +1502,28 @@ Query: } } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599714ecbea537ee0bde5005" - } - ] -} -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: -User: "tobkle", role: "editor", id: "599714ecbea537ee0bde5005", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 ERROR Authorize readOne 'user' with user '' undefined +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: { - user(id: "599714ecbea537ee0bde5005") { + user(id: "undefined") { username role } } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599714ecbea537ee0bde5005" - } - ] -} -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: -User: "tobkle", role: "editor", id: "599714ecbea537ee0bde5005", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { @@ -1755,155 +1534,71 @@ mutation { } } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599714ecbea537ee0bde5005" - } - ] -} -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-18 18:25:16 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599714ecbea537ee0bde5005" - } - ] -} -2017-08-18 18:25:16 ERROR update user not possible for 583291a1638566b3c5a92ca1. -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: -User: "tobkle", role: "editor", id: "599714ecbea537ee0bde5005", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { - updateUser(id: "599714ecbea537ee0bde5005", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { + updateUser(id: "undefined", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { username bio } } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599714ecbea537ee0bde5005" - } - ] -} -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-18 18:25:16 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599714ecbea537ee0bde5005" - } - ] -} -2017-08-18 18:25:16 updated user 599714ecbea537ee0bde5005. -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: -User: "tmeasday", role: "editor", id: "599714ecbea537ee0bde5005", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { - updateUser(id: "599714ecbea537ee0bde5005", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { + updateUser(id: "undefined", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { username bio role } } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599714ecbea537ee0bde5005" - } - ] -} -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-18 18:25:16 Authorize update 'updateUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599714ecbea537ee0bde5005" - } - ] -} -2017-08-18 18:25:16 updated user 599714ecbea537ee0bde5005. -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: -User: "tmeasday", role: "editor", id: "599714ecbea537ee0bde5005", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { removeUser(id: "583291a1638566b3c5a92ca1") } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599714ecbea537ee0bde5005" - } - ] -} -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-18 18:25:16 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599714ecbea537ee0bde5005" - } - ] -} -2017-08-18 18:25:16 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 { - "authorId": "599714ecbea537ee0bde5005", - "body": "This is a test tweet of user tobkle", - "coauthorsIds": [], - "createdAt": 1503073516595, - "updatedAt": 1503073516595, - "createdById": "599714ecbea537ee0bde5005", - "updatedById": "599714ecbea537ee0bde5005" -} -2017-08-18 18:25:16 Request: -User: "tmeasday", role: "editor", id: "599714ecbea537ee0bde5005", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { - createTweet(input: {authorId: "599714ecbea537ee0bde5005", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + createTweet(input: {authorId: "undefined", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { id } } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599714ecbea537ee0bde5005" - } - ] -} -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-18 18:25:16 Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is authorized by docRole. -2017-08-18 18:25:16 inserted tweet 599714ecbea537ee0bde5006. -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 { - "authorId": "583291a1638566b3c5a92ca1", - "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", - "coauthorsIds": [], - "createdAt": 1503073516603, - "updatedAt": 1503073516603, - "createdById": "599714ecbea537ee0bde5005", - "updatedById": "599714ecbea537ee0bde5005" -} -2017-08-18 18:25:16 Request: -User: "tmeasday", role: "editor", id: "599714ecbea537ee0bde5005", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { @@ -1912,24 +1607,17 @@ mutation { } } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599714ecbea537ee0bde5005" - } - ] -} -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-18 18:25:16 Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is authorized by docRole. -2017-08-18 18:25:16 inserted tweet 599714ecbea537ee0bde5007. -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: -User: "tmeasday", role: "editor", id: "599714ecbea537ee0bde5005", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: { - tweet(id: "599714ecbea537ee0bde5006") { + tweet(id: "undefined") { author { id } @@ -1937,18 +1625,12 @@ Query: } } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599714ecbea537ee0bde5005" - } - ] -} -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: -User: "tmeasday", role: "editor", id: "599714ecbea537ee0bde5005", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: { @@ -1960,50 +1642,27 @@ Query: } } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599714ecbea537ee0bde5005" - } - ] -} -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: -User: "tmeasday", role: "editor", id: "599714ecbea537ee0bde5005", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 ERROR Authorize readOne 'tweet author' with user '' undefined +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { - updateTweet(id: "599714ecbea537ee0bde5006", input: {body: "This is a modified test tweet"}) { + updateTweet(id: "undefined", input: {body: "This is a modified test tweet"}) { body } } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599714ecbea537ee0bde5005" - } - ] -} -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-18 18:25:16 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "599714ecbea537ee0bde5005" - }, - { - "coauthorsIds": "599714ecbea537ee0bde5005" - } - ] -} -2017-08-18 18:25:16 updated tweet 599714ecbea537ee0bde5006. -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: -User: "tmeasday", role: "editor", id: "599714ecbea537ee0bde5005", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { @@ -2012,169 +1671,93 @@ mutation { } } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599714ecbea537ee0bde5005" - } - ] -} -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-18 18:25:16 ERROR update tweet not possible for 583676d3618530145474e352. -2017-08-18 18:25:16 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "599714ecbea537ee0bde5005" - }, - { - "coauthorsIds": "599714ecbea537ee0bde5005" - } - ] -} -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: -User: "tmeasday", role: "editor", id: "599714ecbea537ee0bde5005", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: { - tweet(id: "599714ecbea537ee0bde5006") { + tweet(id: "undefined") { body } } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599714ecbea537ee0bde5005" - } - ] -} -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: -User: "tmeasday", role: "editor", id: "599714ecbea537ee0bde5005", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { - removeTweet(id: "599714ecbea537ee0bde5006") + removeTweet(id: "undefined") } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599714ecbea537ee0bde5005" - } - ] -} -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-18 18:25:16 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "599714ecbea537ee0bde5005" - } - ] -} -2017-08-18 18:25:16 removed tweet 599714ecbea537ee0bde5006. -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: -User: "tmeasday", role: "editor", id: "599714ecbea537ee0bde5005", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { removeTweet(id: "583676d3618530145474e352") } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599714ecbea537ee0bde5005" - } - ] -} -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-18 18:25:16 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "599714ecbea537ee0bde5005" - } - ] -} -2017-08-18 18:25:16 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: -User: "tmeasday", role: "editor", id: "599714ecbea537ee0bde5005", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: { - tweet(id: "599714ecbea537ee0bde5006") { + tweet(id: "undefined") { body } } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599714ecbea537ee0bde5005" - } - ] -} -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 Request: -User: "tmeasday", role: "editor", id: "599714ecbea537ee0bde5005", +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { - removeUser(id: "599714ecbea537ee0bde5005") + removeUser(id: "undefined") } -2017-08-18 18:25:16 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599714ecbea537ee0bde5005" - } - ] -} -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-18 18:25:16 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599714ecbea537ee0bde5005" - } - ] -} -2017-08-18 18:25:16 removed user 599714ecbea537ee0bde5005. -2017-08-18 18:25:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:25:16 -------------------------------------------------------------------------------- -2017-08-18 18:25:16 ERROR Cannot read property 'load' of undefined -2017-08-18 18:25:16 Request: +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:20:52 -------------------------------------------------------------------------------- +2017-08-31 14:20:52 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: { - user(id: "599714ecbea537ee0bde5005") { + user(id: "undefined") { username bio role } } -2017-08-18 18:25:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:25:16 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 18:30:21 Logger started -2017-08-18 18:30:49 Logger started -2017-08-18 18:32:20 -------------------------------------------------------------------------------- -2017-08-18 18:32:20 Request: +2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:20:52 registered authorizedLoader successfully +2017-08-31 14:37:07 -------------------------------------------------------------------------------- +2017-08-31 14:37:07 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -2186,1045 +1769,938 @@ Query: } } -2017-08-18 18:32:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:32:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:04 -------------------------------------------------------------------------------- -2017-08-18 18:33:04 Request: +2017-08-31 14:37:07 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:37:07 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:37:07 registered authorizedLoader successfully +2017-08-31 14:37:07 registered authorizedLoader successfully +2017-08-31 14:37:29 -------------------------------------------------------------------------------- +2017-08-31 14:37:29 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: -{ - __schema { - queryType { - name - } +mutation { + createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "admin"}) { + id + role } } -2017-08-18 18:33:04 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:04 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:04 -------------------------------------------------------------------------------- -2017-08-18 18:33:04 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +2017-08-31 14:37:29 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:37:29 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:37:29 registered authorizedLoader successfully +2017-08-31 14:37:29 registered authorizedLoader successfully +2017-08-31 14:37:29 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:37:29 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-31 14:37:29 -------------------------------------------------------------------------------- +2017-08-31 14:37:29 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - role - username +mutation { + createUser(input: {email: "zol@gmail.com", password: "password", username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id } } -2017-08-18 18:33:04 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:04 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:04 -------------------------------------------------------------------------------- -2017-08-18 18:33:04 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +2017-08-31 14:37:29 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:37:29 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:37:29 registered authorizedLoader successfully +2017-08-31 14:37:29 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-31 14:37:29 -------------------------------------------------------------------------------- +2017-08-31 14:37:29 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: { - user(id: "583291a1638566b3c5a92ca0") { - role + user(id: "undefined") { username + bio + role } } -2017-08-18 18:33:04 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:04 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:04 -------------------------------------------------------------------------------- -2017-08-18 18:33:04 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +2017-08-31 14:37:29 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:37:29 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:37:29 registered authorizedLoader successfully +2017-08-31 14:37:29 -------------------------------------------------------------------------------- +2017-08-31 14:37:29 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: { - user(id: "583291a1638566b3c5a92ca2") { - role + user(id: "undefined") { username + role } } -2017-08-18 18:33:04 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:04 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:04 -------------------------------------------------------------------------------- -2017-08-18 18:33:04 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +2017-08-31 14:37:29 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:37:29 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:37:29 registered authorizedLoader successfully +2017-08-31 14:37:29 -------------------------------------------------------------------------------- +2017-08-31 14:37:29 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - id +mutation { + updateUser(id: "undefined", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { username bio + role } } -2017-08-18 18:33:04 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:04 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:04 -------------------------------------------------------------------------------- -2017-08-18 18:33:04 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +2017-08-31 14:37:29 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:37:29 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:37:29 registered authorizedLoader successfully +2017-08-31 14:37:29 -------------------------------------------------------------------------------- +2017-08-31 14:37:29 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: -{ - users { +mutation { + updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { username - createdAt + bio + role } } -2017-08-18 18:33:04 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:04 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:04 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:04 -------------------------------------------------------------------------------- -2017-08-18 18:33:04 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +2017-08-31 14:37:29 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:37:29 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:37:29 registered authorizedLoader successfully +2017-08-31 14:37:29 -------------------------------------------------------------------------------- +2017-08-31 14:37:29 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: -{ - users(limit: 1) { +mutation { + updateUser(id: "undefined", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { username - createdAt + bio + role } } -2017-08-18 18:33:04 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:04 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:04 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:04 -------------------------------------------------------------------------------- -2017-08-18 18:33:04 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +2017-08-31 14:37:29 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:37:29 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:37:29 registered authorizedLoader successfully +2017-08-31 14:37:29 -------------------------------------------------------------------------------- +2017-08-31 14:37:29 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: -{ - users(lastCreatedAt: 1479776904993) { +mutation { + updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { username - createdAt + bio + role } } -2017-08-18 18:33:04 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:04 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:04 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:04 -------------------------------------------------------------------------------- -2017-08-18 18:33:04 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +2017-08-31 14:37:29 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:37:29 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:37:29 registered authorizedLoader successfully +2017-08-31 14:37:29 -------------------------------------------------------------------------------- +2017-08-31 14:37:29 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: -{ - users(lastCreatedAt: 1479776904993, limit: 1) { +mutation { + updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { username - createdAt + bio + role } } -2017-08-18 18:33:04 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:04 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:04 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:04 -------------------------------------------------------------------------------- -2017-08-18 18:33:04 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +2017-08-31 14:37:29 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:37:29 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:37:29 registered authorizedLoader successfully +2017-08-31 14:37:29 -------------------------------------------------------------------------------- +2017-08-31 14:37:29 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers { - username - createdAt - } +mutation { + updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role } } -2017-08-18 18:33:04 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:04 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:04 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:04 -------------------------------------------------------------------------------- -2017-08-18 18:33:04 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +2017-08-31 14:37:29 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:37:29 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:37:29 registered authorizedLoader successfully +2017-08-31 14:37:29 -------------------------------------------------------------------------------- +2017-08-31 14:37:29 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(limit: 1) { - username - createdAt - } - } +mutation { + removeUser(id: "undefined") } -2017-08-18 18:33:04 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:04 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:04 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +2017-08-31 14:37:29 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:37:29 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:37:29 registered authorizedLoader successfully +2017-08-31 14:37:29 -------------------------------------------------------------------------------- +2017-08-31 14:37:29 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993) { - username - createdAt - } +mutation { + createTweet(input: {authorId: "undefined", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id } } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +2017-08-31 14:37:29 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:37:29 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:37:29 registered authorizedLoader successfully +2017-08-31 14:37:29 -------------------------------------------------------------------------------- +2017-08-31 14:37:29 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id } } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +2017-08-31 14:37:29 -------------------------------------------------------------------------------- +2017-08-31 14:37:29 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: { - user(id: "583291a1638566b3c5a92ca0") { - following { - username - createdAt + tweet(id: "undefined") { + author { + id } + body } } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +2017-08-31 14:37:29 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:37:29 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:37:29 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-31 14:37:29 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:37:29 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:37:29 registered authorizedLoader successfully +2017-08-31 14:37:29 registered authorizedLoader successfully +2017-08-31 14:37:29 -------------------------------------------------------------------------------- +2017-08-31 14:37:29 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: { - user(id: "583291a1638566b3c5a92ca0") { - following(limit: 1) { - username - createdAt + tweet(id: "583676d3618530145474e352") { + author { + id } + body } } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +2017-08-31 14:37:29 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:37:29 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:37:29 registered authorizedLoader successfully +2017-08-31 14:37:29 ERROR Authorize readOne 'tweet author' with user '' undefined +2017-08-31 14:37:29 -------------------------------------------------------------------------------- +2017-08-31 14:37:29 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993) { - username - createdAt - } +mutation { + updateTweet(id: "undefined", input: {body: "This is a modified test tweet"}) { + body } } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +2017-08-31 14:37:29 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:37:29 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:37:29 registered authorizedLoader successfully +2017-08-31 14:37:29 -------------------------------------------------------------------------------- +2017-08-31 14:37:29 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } +mutation { + updateTweet(id: "undefined", input: {body: "This is a modified test tweet"}) { + body } } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +2017-08-31 14:37:29 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:37:29 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:37:29 registered authorizedLoader successfully +2017-08-31 14:37:29 -------------------------------------------------------------------------------- +2017-08-31 14:37:29 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: { - user(id: "583291a1638566b3c5a92ca0") { - tweets { - id - createdAt - } + tweet(id: "undefined") { + body } } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +2017-08-31 14:37:29 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:37:29 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:37:29 registered authorizedLoader successfully +2017-08-31 14:37:29 -------------------------------------------------------------------------------- +2017-08-31 14:37:29 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(limit: 1) { - id - createdAt - } - } +mutation { + removeTweet(id: "undefined") } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +2017-08-31 14:37:29 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:37:29 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:37:29 registered authorizedLoader successfully +2017-08-31 14:37:29 -------------------------------------------------------------------------------- +2017-08-31 14:37:29 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } - } +mutation { + removeTweet(id: "undefined") } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +2017-08-31 14:37:29 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:37:29 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:37:29 registered authorizedLoader successfully +2017-08-31 14:37:29 -------------------------------------------------------------------------------- +2017-08-31 14:37:29 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: { - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } + tweet(id: "undefined") { + body } } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +2017-08-31 14:37:29 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:37:29 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:37:29 registered authorizedLoader successfully +2017-08-31 14:37:29 -------------------------------------------------------------------------------- +2017-08-31 14:37:29 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked { - id - createdAt - } - } +mutation { + removeUser(id: "undefined") } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +2017-08-31 14:37:29 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:37:29 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:37:29 registered authorizedLoader successfully +2017-08-31 14:37:29 -------------------------------------------------------------------------------- +2017-08-31 14:37:29 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: { - user(id: "583291a1638566b3c5a92ca0") { - liked(limit: 1) { - id - createdAt - } + user(id: "undefined") { + username + bio + role } } -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: +2017-08-31 14:37:29 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:37:29 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:37:29 registered authorizedLoader successfully +2017-08-31 14:39:59 Logger started +2017-08-31 14:40:50 Logger started +2017-08-31 14:41:05 -------------------------------------------------------------------------------- +2017-08-31 14:41:05 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: { - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334) { - id - createdAt + __schema { + queryType { + name } } } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: +2017-08-31 14:41:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:41:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:41:05 registered authorizedLoader successfully +2017-08-31 14:41:05 registered authorizedLoader successfully +2017-08-31 14:41:27 -------------------------------------------------------------------------------- +2017-08-31 14:41:27 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334, limit: 1) { - id - createdAt - } +mutation { + createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "admin"}) { + id + role } } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +2017-08-31 14:41:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:41:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:41:27 registered authorizedLoader successfully +2017-08-31 14:41:27 registered authorizedLoader successfully +2017-08-31 14:41:28 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:41:28 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-31 14:41:28 -------------------------------------------------------------------------------- +2017-08-31 14:41:28 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: -{ - tweet(id: "583676d3618530145474e351") { +mutation { + createUser(input: {email: "zol@gmail.com", password: "password", username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { id - body } } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +2017-08-31 14:41:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:41:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:41:28 registered authorizedLoader successfully +2017-08-31 14:41:28 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-31 14:41:28 -------------------------------------------------------------------------------- +2017-08-31 14:41:28 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: { - tweet(id: "583676d3618530145474e351") { - author { - username - } + user(id: "undefined") { + username + bio + role } } -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +2017-08-31 14:41:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:41:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:41:28 registered authorizedLoader successfully +2017-08-31 14:41:28 -------------------------------------------------------------------------------- +2017-08-31 14:41:28 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: { - tweets { - id - createdAt + user(id: "undefined") { + username + role } } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +2017-08-31 14:41:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:41:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:41:28 registered authorizedLoader successfully +2017-08-31 14:41:28 -------------------------------------------------------------------------------- +2017-08-31 14:41:28 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: -{ - tweets(limit: 1) { - id - createdAt +mutation { + updateUser(id: "undefined", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role } } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +2017-08-31 14:41:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:41:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:41:28 registered authorizedLoader successfully +2017-08-31 14:41:28 -------------------------------------------------------------------------------- +2017-08-31 14:41:28 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: -{ - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } -} - -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } -} - -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers { - username - createdAt - } +mutation { + updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role } } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +2017-08-31 14:41:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:41:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:41:28 registered authorizedLoader successfully +2017-08-31 14:41:28 -------------------------------------------------------------------------------- +2017-08-31 14:41:28 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(limit: 1) { - username - createdAt - } +mutation { + updateUser(id: "undefined", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + username + bio + role } } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +2017-08-31 14:41:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:41:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:41:28 registered authorizedLoader successfully +2017-08-31 14:41:28 -------------------------------------------------------------------------------- +2017-08-31 14:41:28 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993) { - username - createdAt - } +mutation { + updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role } } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +2017-08-31 14:41:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:41:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:41:28 registered authorizedLoader successfully +2017-08-31 14:41:28 -------------------------------------------------------------------------------- +2017-08-31 14:41:28 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } +mutation { + updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role } } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +2017-08-31 14:41:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:41:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:41:28 registered authorizedLoader successfully +2017-08-31 14:41:28 -------------------------------------------------------------------------------- +2017-08-31 14:41:28 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { - id + updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio role } } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-18 18:33:05 inserted user 599716c1646636eeda59e8e7. -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "tobkle", role: "admin", id: "599716c1646636eeda59e8e7", +2017-08-31 14:41:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:41:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:41:28 registered authorizedLoader successfully +2017-08-31 14:41:28 -------------------------------------------------------------------------------- +2017-08-31 14:41:28 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } + removeUser(id: "undefined") } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:33:05 inserted user 599716c1646636eeda59e8e8. -2017-08-18 18:33:05 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "tobkle", role: "admin", id: "599716c1646636eeda59e8e7", +2017-08-31 14:41:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:41:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:41:28 registered authorizedLoader successfully +2017-08-31 14:41:28 -------------------------------------------------------------------------------- +2017-08-31 14:41:28 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: -{ - user(id: "599716c1646636eeda59e8e8") { - username - bio - role +mutation { + createTweet(input: {authorId: "undefined", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id } } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "tobkle", role: "admin", id: "599716c1646636eeda59e8e7", +2017-08-31 14:41:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:41:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:41:28 registered authorizedLoader successfully +2017-08-31 14:41:28 -------------------------------------------------------------------------------- +2017-08-31 14:41:28 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: { - user(id: "599716c1646636eeda59e8e7") { - username - role + tweet(id: "undefined") { + author { + id + } + body } } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "tobkle", role: "admin", id: "599716c1646636eeda59e8e7", +2017-08-31 14:41:28 -------------------------------------------------------------------------------- +2017-08-31 14:41:28 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { - updateUser(id: "599716c1646636eeda59e8e8", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id } } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:33:05 updated user 599716c1646636eeda59e8e8. -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "tobkle", role: "admin", id: "599716c1646636eeda59e8e7", +2017-08-31 14:41:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:41:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:41:28 -------------------------------------------------------------------------------- +2017-08-31 14:41:28 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: -mutation { - updateUser(id: "599716c1646636eeda59e8e7", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body } } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:33:05 updated user 599716c1646636eeda59e8e7. -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "tobkle", role: "admin", id: "599716c1646636eeda59e8e7", +2017-08-31 14:41:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:41:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:41:28 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-31 14:41:28 registered authorizedLoader successfully +2017-08-31 14:41:28 registered authorizedLoader successfully +2017-08-31 14:41:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:41:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:41:28 registered authorizedLoader successfully +2017-08-31 14:41:28 ERROR Authorize readOne 'tweet author' with user '' undefined +2017-08-31 14:41:28 -------------------------------------------------------------------------------- +2017-08-31 14:41:28 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { - updateUser(id: "599716c1646636eeda59e8e8", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { - username - bio - role + updateTweet(id: "undefined", input: {body: "This is a modified test tweet"}) { + body } } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:33:05 updated user 599716c1646636eeda59e8e8. -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "tobkle", role: "admin", id: "599716c1646636eeda59e8e7", +2017-08-31 14:41:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:41:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:41:28 registered authorizedLoader successfully +2017-08-31 14:41:28 -------------------------------------------------------------------------------- +2017-08-31 14:41:28 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { - updateUser(id: "599716c1646636eeda59e8e7", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role + updateTweet(id: "undefined", input: {body: "This is a modified test tweet"}) { + body } } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:33:05 updated user 599716c1646636eeda59e8e7. -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "tobkle", role: "editor", id: "599716c1646636eeda59e8e7", +2017-08-31 14:41:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:41:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:41:28 registered authorizedLoader successfully +2017-08-31 14:41:28 -------------------------------------------------------------------------------- +2017-08-31 14:41:28 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: -mutation { - updateUser(id: "599716c1646636eeda59e8e7", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role +{ + tweet(id: "undefined") { + body } } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599716c1646636eeda59e8e7" - } - ] -} -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-18 18:33:05 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599716c1646636eeda59e8e7" - } - ] -} -2017-08-18 18:33:05 updated user 599716c1646636eeda59e8e7. -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "zoltan", role: "admin", id: "599716c1646636eeda59e8e8", +2017-08-31 14:41:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:41:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:41:28 registered authorizedLoader successfully +2017-08-31 14:41:28 -------------------------------------------------------------------------------- +2017-08-31 14:41:28 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { - updateUser(id: "599716c1646636eeda59e8e7", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } + removeTweet(id: "undefined") } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'zoltan' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'zoltan' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize update 'updateUser' with user 'zoltan' and role 'admin' is authorized -2017-08-18 18:33:05 updated user 599716c1646636eeda59e8e7. -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "tobkle", role: "admin", id: "599716c1646636eeda59e8e7", +2017-08-31 14:41:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:41:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:41:28 registered authorizedLoader successfully +2017-08-31 14:41:28 -------------------------------------------------------------------------------- +2017-08-31 14:41:28 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { - removeUser(id: "599716c1646636eeda59e8e8") + removeTweet(id: "undefined") } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:33:05 removed user 599716c1646636eeda59e8e8. -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "tobkle", role: "admin", id: "599716c1646636eeda59e8e7", +2017-08-31 14:41:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:41:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:41:28 registered authorizedLoader successfully +2017-08-31 14:41:28 -------------------------------------------------------------------------------- +2017-08-31 14:41:28 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: -mutation { - createTweet(input: {authorId: "599716c1646636eeda59e8e7", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id +{ + tweet(id: "undefined") { + body } } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:33:05 { - "authorId": "599716c1646636eeda59e8e7", - "body": "This is a test tweet of user tobkle", - "coauthorsIds": [], - "createdAt": 1503073985322, - "updatedAt": 1503073985322, - "createdById": "599716c1646636eeda59e8e7", - "updatedById": "599716c1646636eeda59e8e7" -} -2017-08-18 18:33:05 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:33:05 inserted tweet 599716c1646636eeda59e8e9. -2017-08-18 18:33:05 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 { - "authorId": "583291a1638566b3c5a92ca1", - "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", - "coauthorsIds": [], - "createdAt": 1503073985331, - "updatedAt": 1503073985331, - "createdById": "599716c1646636eeda59e8e7", - "updatedById": "599716c1646636eeda59e8e7" -} -2017-08-18 18:33:05 Request: -User: "tobkle", role: "admin", id: "599716c1646636eeda59e8e7", +2017-08-31 14:41:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:41:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:41:28 registered authorizedLoader successfully +2017-08-31 14:41:28 -------------------------------------------------------------------------------- +2017-08-31 14:41:28 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } + removeUser(id: "undefined") } -2017-08-18 18:33:05 inserted tweet 599716c1646636eeda59e8ea. -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "tobkle", role: "admin", id: "599716c1646636eeda59e8e7", +2017-08-31 14:41:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:41:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:41:28 registered authorizedLoader successfully +2017-08-31 14:41:28 -------------------------------------------------------------------------------- +2017-08-31 14:41:28 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: { - tweet(id: "599716c1646636eeda59e8e9") { - author { - id - } - body + user(id: "undefined") { + username + bio + role } } -2017-08-18 18:33:05 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "tobkle", role: "admin", id: "599716c1646636eeda59e8e7", +2017-08-31 14:41:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:41:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:41:28 registered authorizedLoader successfully +2017-08-31 14:42:45 -------------------------------------------------------------------------------- +2017-08-31 14:42:45 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: { - tweet(id: "583676d3618530145474e352") { - author { - id + __schema { + queryType { + name } - body } } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "tobkle", role: "admin", id: "599716c1646636eeda59e8e7", +2017-08-31 14:42:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:42:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:42:45 registered authorizedLoader successfully +2017-08-31 14:42:45 registered authorizedLoader successfully +2017-08-31 14:43:07 -------------------------------------------------------------------------------- +2017-08-31 14:43:07 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: mutation { - updateTweet(id: "599716c1646636eeda59e8e9", input: {body: "This is a modified test tweet"}) { - body + createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "admin"}) { + id + role } } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:33:05 updated tweet 599716c1646636eeda59e8e9. -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "tobkle", role: "admin", id: "599716c1646636eeda59e8e7", +2017-08-31 14:43:07 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:43:07 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:43:07 registered authorizedLoader successfully +2017-08-31 14:43:07 registered authorizedLoader successfully +2017-08-31 14:43:07 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:43:07 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-31 14:43:07 -------------------------------------------------------------------------------- +2017-08-31 14:43:07 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { - updateTweet(id: "599716c1646636eeda59e8ea", input: {body: "This is a modified test tweet"}) { - body + createUser(input: {email: "zol@gmail.com", password: "password", username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id } } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:33:05 updated tweet 599716c1646636eeda59e8ea. -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "tobkle", role: "admin", id: "599716c1646636eeda59e8e7", +2017-08-31 14:43:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:43:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:43:07 registered authorizedLoader successfully +2017-08-31 14:43:07 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-31 14:43:07 -------------------------------------------------------------------------------- +2017-08-31 14:43:07 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: { - tweet(id: "599716c1646636eeda59e8e9") { - body + user(id: "undefined") { + username + bio + role } } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "tobkle", role: "admin", id: "599716c1646636eeda59e8e7", +2017-08-31 14:43:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:43:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:43:07 registered authorizedLoader successfully +2017-08-31 14:43:07 -------------------------------------------------------------------------------- +2017-08-31 14:43:07 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: -mutation { - removeTweet(id: "599716c1646636eeda59e8e9") +{ + user(id: "undefined") { + username + role + } } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:33:05 removed tweet 599716c1646636eeda59e8e9. -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "tobkle", role: "admin", id: "599716c1646636eeda59e8e7", +2017-08-31 14:43:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:43:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:43:07 registered authorizedLoader successfully +2017-08-31 14:43:07 -------------------------------------------------------------------------------- +2017-08-31 14:43:07 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { - removeTweet(id: "599716c1646636eeda59e8ea") -} - -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:33:05 removed tweet 599716c1646636eeda59e8ea. -2017-08-18 18:33:05 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "tobkle", role: "admin", id: "599716c1646636eeda59e8e7", -Operation: "", variables: "", -Query: -{ - tweet(id: "599716c1646636eeda59e8e9") { - body + updateUser(id: "undefined", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role } } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "tobkle", role: "admin", id: "599716c1646636eeda59e8e7", +2017-08-31 14:43:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:43:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:43:07 registered authorizedLoader successfully +2017-08-31 14:43:07 -------------------------------------------------------------------------------- +2017-08-31 14:43:07 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { - removeUser(id: "599716c1646636eeda59e8e7") + updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:33:05 removed user 599716c1646636eeda59e8e7. -2017-08-18 18:33:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 ERROR Cannot read property 'load' of undefined -2017-08-18 18:33:05 Request: +2017-08-31 14:43:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:43:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:43:07 registered authorizedLoader successfully +2017-08-31 14:43:07 -------------------------------------------------------------------------------- +2017-08-31 14:43:07 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: -{ - user(id: "599716c1646636eeda59e8e7") { +mutation { + updateUser(id: "undefined", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { username bio role } } -2017-08-18 18:33:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 18:33:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-18 18:33:05 Request: +2017-08-31 14:43:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:43:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:43:07 registered authorizedLoader successfully +2017-08-31 14:43:07 -------------------------------------------------------------------------------- +2017-08-31 14:43:07 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id + updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role } } -2017-08-18 18:33:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 18:33:05 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-18 18:33:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 ERROR Cannot read property 'load' of undefined -2017-08-18 18:33:05 Request: +2017-08-31 14:43:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:43:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:43:07 registered authorizedLoader successfully +2017-08-31 14:43:07 -------------------------------------------------------------------------------- +2017-08-31 14:43:07 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: -{ - user(id: "583291a1638566b3c5a92ca1") { +mutation { + updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { username bio role } } -2017-08-18 18:33:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 18:33:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. -2017-08-18 18:33:05 Request: +2017-08-31 14:43:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:43:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:43:07 registered authorizedLoader successfully +2017-08-31 14:43:07 -------------------------------------------------------------------------------- +2017-08-31 14:43:07 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { username bio role } } -2017-08-18 18:33:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 18:33:05 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. -2017-08-18 18:33:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-18 18:33:05 Request: +2017-08-31 14:43:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:43:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:43:07 registered authorizedLoader successfully +2017-08-31 14:43:07 -------------------------------------------------------------------------------- +2017-08-31 14:43:07 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { - removeUser(id: "583291a1638566b3c5a92ca1") + removeUser(id: "undefined") } -2017-08-18 18:33:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 18:33:05 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-18 18:33:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: +2017-08-31 14:43:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:43:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:43:07 registered authorizedLoader successfully +2017-08-31 14:43:07 -------------------------------------------------------------------------------- +2017-08-31 14:43:07 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { - createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + createTweet(input: {authorId: "undefined", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { id } } -2017-08-18 18:33:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 18:33:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 { - "authorId": "583291a1638566b3c5a92ca1", - "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", - "coauthorsIds": [], - "createdAt": 1503073985476, - "updatedAt": 1503073985476, - "createdById": "unknown", - "updatedById": "unknown" +2017-08-31 14:43:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:43:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:43:07 registered authorizedLoader successfully +2017-08-31 14:43:07 -------------------------------------------------------------------------------- +2017-08-31 14:43:07 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "undefined") { + author { + id + } + body + } } -2017-08-18 18:33:05 Request: + +2017-08-31 14:43:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:43:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:43:07 -------------------------------------------------------------------------------- +2017-08-31 14:43:07 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -3234,13 +2710,13 @@ mutation { } } -2017-08-18 18:33:05 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-18 18:33:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 18:33:05 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-18 18:33:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: +2017-08-31 14:43:07 registered authorizedLoader successfully +2017-08-31 14:43:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:43:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:43:07 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-31 14:43:07 -------------------------------------------------------------------------------- +2017-08-31 14:43:07 registered authorizedLoader successfully +2017-08-31 14:43:07 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -3253,38721 +2729,459 @@ Query: } } -2017-08-18 18:33:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 18:33:05 ERROR Cannot read property 'load' of undefined -2017-08-18 18:33:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-18 18:33:05 Request: +2017-08-31 14:43:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:43:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:43:07 registered authorizedLoader successfully +2017-08-31 14:43:07 ERROR Authorize readOne 'tweet author' with user '' undefined +2017-08-31 14:43:07 -------------------------------------------------------------------------------- +2017-08-31 14:43:07 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + updateTweet(id: "undefined", input: {body: "This is a modified test tweet"}) { body } } -2017-08-18 18:33:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 18:33:05 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-18 18:33:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-18 18:33:05 Request: +2017-08-31 14:43:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:43:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:43:07 registered authorizedLoader successfully +2017-08-31 14:43:07 -------------------------------------------------------------------------------- +2017-08-31 14:43:07 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + updateTweet(id: "undefined", input: {body: "This is a modified test tweet"}) { body } } -2017-08-18 18:33:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 18:33:05 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-18 18:33:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-18 18:33:05 Request: +2017-08-31 14:43:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:43:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:43:07 registered authorizedLoader successfully +2017-08-31 14:43:07 -------------------------------------------------------------------------------- +2017-08-31 14:43:07 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: -mutation { - removeTweet(id: "583676d3618530145474e352") +{ + tweet(id: "undefined") { + body + } } -2017-08-18 18:33:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 18:33:05 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +2017-08-31 14:43:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:43:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:43:07 registered authorizedLoader successfully +2017-08-31 14:43:07 -------------------------------------------------------------------------------- +2017-08-31 14:43:07 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { - id - role - } + removeTweet(id: "undefined") } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 inserted user 599716c1646636eeda59e8eb. -2017-08-18 18:33:05 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. -2017-08-18 18:33:05 Request: -User: "tobkle", role: "user", id: "599716c1646636eeda59e8eb", +2017-08-31 14:43:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:43:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:43:07 registered authorizedLoader successfully +2017-08-31 14:43:07 -------------------------------------------------------------------------------- +2017-08-31 14:43:07 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } + removeTweet(id: "undefined") } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599716c1646636eeda59e8eb" - } - ] -} -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:33:05 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "tobkle", role: "user", id: "599716c1646636eeda59e8eb", +2017-08-31 14:43:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:43:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:43:07 registered authorizedLoader successfully +2017-08-31 14:43:07 -------------------------------------------------------------------------------- +2017-08-31 14:43:07 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: { - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role + tweet(id: "undefined") { + body } } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599716c1646636eeda59e8eb" - } - ] -} -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "tobkle", role: "user", id: "599716c1646636eeda59e8eb", +2017-08-31 14:43:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:43:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:43:07 registered authorizedLoader successfully +2017-08-31 14:43:07 -------------------------------------------------------------------------------- +2017-08-31 14:43:07 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: -{ - user(id: "599716c1646636eeda59e8eb") { - username - } +mutation { + removeUser(id: "undefined") } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599716c1646636eeda59e8eb" - } - ] -} -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "tobkle", role: "user", id: "599716c1646636eeda59e8eb", +2017-08-31 14:43:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:43:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:43:07 registered authorizedLoader successfully +2017-08-31 14:43:07 -------------------------------------------------------------------------------- +2017-08-31 14:43:07 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: { - user(id: "599716c1646636eeda59e8eb") { + user(id: "undefined") { username + bio role } } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599716c1646636eeda59e8eb" - } - ] -} -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "tobkle", role: "user", id: "599716c1646636eeda59e8eb", +2017-08-31 14:43:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:43:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:43:07 registered authorizedLoader successfully +2017-08-31 14:46:39 -------------------------------------------------------------------------------- +2017-08-31 14:46:39 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599716c1646636eeda59e8eb" +query IntrospectionQuery { + __schema { + queryType { + name } - ] -} -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:33:05 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599716c1646636eeda59e8eb" + mutationType { + name } - ] -} -2017-08-18 18:33:05 ERROR update user not possible for 583291a1638566b3c5a92ca1. -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "tobkle", role: "user", id: "599716c1646636eeda59e8eb", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "599716c1646636eeda59e8eb", input: {username: "tobkle", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599716c1646636eeda59e8eb" + subscriptionType { + name } - ] -} -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:33:05 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599716c1646636eeda59e8eb" + types { + ...FullType + } + directives { + name + description + locations + args { + ...InputValue + } } - ] -} -2017-08-18 18:33:05 updated user 599716c1646636eeda59e8eb. -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "tobkle", role: "user", id: "599716c1646636eeda59e8eb", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "599716c1646636eeda59e8eb", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role } } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599716c1646636eeda59e8eb" +fragment FullType on __Type { + kind + name + description + fields(includeDeprecated: true) { + name + description + args { + ...InputValue } - ] -} -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:33:05 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599716c1646636eeda59e8eb" + type { + ...TypeRef } - ] -} -2017-08-18 18:33:05 updated user 599716c1646636eeda59e8eb. -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "tobkle", role: "user", id: "599716c1646636eeda59e8eb", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") + isDeprecated + deprecationReason + } + inputFields { + ...InputValue + } + interfaces { + ...TypeRef + } + enumValues(includeDeprecated: true) { + name + description + isDeprecated + deprecationReason + } + possibleTypes { + ...TypeRef + } } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599716c1646636eeda59e8eb" - } - ] -} -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:33:05 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599716c1646636eeda59e8eb" - } - ] -} -2017-08-18 18:33:05 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 { - "authorId": "599716c1646636eeda59e8eb", - "body": "This is a test tweet of user tobkle", - "coauthorsIds": [], - "createdAt": 1503073985579, - "updatedAt": 1503073985579, - "createdById": "599716c1646636eeda59e8eb", - "updatedById": "599716c1646636eeda59e8eb" -} -2017-08-18 18:33:05 Request: -User: "tobkle", role: "user", id: "599716c1646636eeda59e8eb", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "599716c1646636eeda59e8eb", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id +fragment InputValue on __InputValue { + name + description + type { + ...TypeRef } + defaultValue } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599716c1646636eeda59e8eb" +fragment TypeRef on __Type { + kind + name + ofType { + kind + name + ofType { + kind + name + ofType { + kind + name + ofType { + kind + name + ofType { + kind + name + ofType { + kind + name + ofType { + kind + name + } + } + } + } + } } - ] -} -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:33:05 Authorize create 'createTweet' with user 'tobkle' and role: 'user' is authorized by docRole. -2017-08-18 18:33:05 inserted tweet 599716c1646636eeda59e8ec. -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 { - "authorId": "583291a1638566b3c5a92ca1", - "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", - "coauthorsIds": [], - "createdAt": 1503073985587, - "updatedAt": 1503073985587, - "createdById": "599716c1646636eeda59e8eb", - "updatedById": "599716c1646636eeda59e8eb" -} -2017-08-18 18:33:05 Request: -User: "tobkle", role: "user", id: "599716c1646636eeda59e8eb", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id } } -2017-08-18 18:33:05 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599716c1646636eeda59e8eb" - } - ] -} -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:33:05 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "tobkle", role: "user", id: "599716c1646636eeda59e8eb", -Operation: "", variables: "", +2017-08-31 14:46:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:46:39 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:46:39 registered authorizedLoader successfully +2017-08-31 14:46:41 -------------------------------------------------------------------------------- +2017-08-31 14:46:41 Request: +User: "", role: "", id: "", +Operation: "", variables: "{}", Query: { - tweet(id: "599716c1646636eeda59e8ec") { - author { - id - } - body + tweets { + id } } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599716c1646636eeda59e8eb" - } - ] -} -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "tobkle", role: "user", id: "599716c1646636eeda59e8eb", +2017-08-31 14:46:41 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:46:41 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:46:41 Authorize readMany 'tweets' with user '' and role '' is authorized +2017-08-31 14:46:41 registered authorizedLoader successfully +2017-08-31 14:49:30 -------------------------------------------------------------------------------- +2017-08-31 14:49:30 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: { - tweet(id: "583676d3618530145474e352") { - author { - id + __schema { + queryType { + name } - body } } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599716c1646636eeda59e8eb" - } - ] -} -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "tobkle", role: "user", id: "599716c1646636eeda59e8eb", +2017-08-31 14:49:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:49:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:49:20 registered authorizedLoader successfully +2017-08-31 14:49:20 registered authorizedLoader successfully +2017-08-31 14:49:42 -------------------------------------------------------------------------------- +2017-08-31 14:49:42 Request: +User: "", role: "", id: "", Operation: "", variables: "", Query: -mutation { - updateTweet(id: "599716c1646636eeda59e8ec", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599716c1646636eeda59e8eb" - } - ] -} -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:33:05 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "599716c1646636eeda59e8eb" - }, - { - "coauthorsIds": "599716c1646636eeda59e8eb" - } - ] -} -2017-08-18 18:33:05 updated tweet 599716c1646636eeda59e8ec. -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "tobkle", role: "user", id: "599716c1646636eeda59e8eb", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599716c1646636eeda59e8eb" - } - ] -} -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:33:05 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "599716c1646636eeda59e8eb" - }, - { - "coauthorsIds": "599716c1646636eeda59e8eb" - } - ] -} -2017-08-18 18:33:05 ERROR update tweet not possible for 583676d3618530145474e352. -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "tobkle", role: "user", id: "599716c1646636eeda59e8eb", -Operation: "", variables: "", -Query: -{ - tweet(id: "599716c1646636eeda59e8ec") { - body - } -} - -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599716c1646636eeda59e8eb" +query IntrospectionQuery { + __schema { + queryType { + name } - ] -} -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "tobkle", role: "user", id: "599716c1646636eeda59e8eb", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "599716c1646636eeda59e8ec") -} - -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599716c1646636eeda59e8eb" + mutationType { + name } - ] -} -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:33:05 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "599716c1646636eeda59e8eb" + subscriptionType { + name } - ] -} -2017-08-18 18:33:05 removed tweet 599716c1646636eeda59e8ec. -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "tobkle", role: "user", id: "599716c1646636eeda59e8eb", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599716c1646636eeda59e8eb" + types { + ...FullType } - ] -} -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:33:05 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "599716c1646636eeda59e8eb" + directives { + name + description + locations + args { + ...InputValue + } } - ] -} -2017-08-18 18:33:05 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "tobkle", role: "user", id: "599716c1646636eeda59e8eb", -Operation: "", variables: "", -Query: -{ - tweet(id: "599716c1646636eeda59e8ec") { - body } } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599716c1646636eeda59e8eb" - } - ] -} -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "tobkle", role: "user", id: "599716c1646636eeda59e8eb", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "599716c1646636eeda59e8eb") -} - -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599716c1646636eeda59e8eb" +fragment FullType on __Type { + kind + name + description + fields(includeDeprecated: true) { + name + description + args { + ...InputValue } - ] -} -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:33:05 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599716c1646636eeda59e8eb" + type { + ...TypeRef } - ] -} -2017-08-18 18:33:05 removed user 599716c1646636eeda59e8eb. -2017-08-18 18:33:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 ERROR Cannot read property 'load' of undefined -2017-08-18 18:33:05 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "599716c1646636eeda59e8eb") { - username - bio - role + isDeprecated + deprecationReason } -} - -2017-08-18 18:33:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { - id - role + inputFields { + ...InputValue + } + interfaces { + ...TypeRef + } + enumValues(includeDeprecated: true) { + name + description + isDeprecated + deprecationReason + } + possibleTypes { + ...TypeRef } } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:33:05 inserted user 599716c1646636eeda59e8ed. -2017-08-18 18:33:05 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. -2017-08-18 18:33:05 Request: -User: "tobkle", role: "editor", id: "599716c1646636eeda59e8ed", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id +fragment InputValue on __InputValue { + name + description + type { + ...TypeRef } + defaultValue } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599716c1646636eeda59e8ed" +fragment TypeRef on __Type { + kind + name + ofType { + kind + name + ofType { + kind + name + ofType { + kind + name + ofType { + kind + name + ofType { + kind + name + ofType { + kind + name + ofType { + kind + name + } + } + } + } + } } - ] -} -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-18 18:33:05 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "tobkle", role: "editor", id: "599716c1646636eeda59e8ed", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role } } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599716c1646636eeda59e8ed" - } - ] -} -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "tobkle", role: "editor", id: "599716c1646636eeda59e8ed", +2017-08-31 14:49:42 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:49:42 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:49:42 registered authorizedLoader successfully +2017-08-31 14:49:57 -------------------------------------------------------------------------------- +2017-08-31 14:49:57 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: { - user(id: "599716c1646636eeda59e8ed") { - username - role + __schema { + queryType { + name + } } } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599716c1646636eeda59e8ed" - } - ] -} -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "tobkle", role: "editor", id: "599716c1646636eeda59e8ed", +2017-08-31 14:49:57 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:49:57 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:49:57 registered authorizedLoader successfully +2017-08-31 14:49:57 registered authorizedLoader successfully +2017-08-31 14:50:21 -------------------------------------------------------------------------------- +2017-08-31 14:50:21 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio + createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "admin"}) { + id role } } -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599716c1646636eeda59e8ed" - } - ] -} -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-18 18:33:05 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599716c1646636eeda59e8ed" - } - ] -} -2017-08-18 18:33:05 ERROR update user not possible for 583291a1638566b3c5a92ca1. -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "tobkle", role: "editor", id: "599716c1646636eeda59e8ed", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "599716c1646636eeda59e8ed", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599716c1646636eeda59e8ed" - } - ] -} -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-18 18:33:05 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599716c1646636eeda59e8ed" - } - ] -} -2017-08-18 18:33:05 updated user 599716c1646636eeda59e8ed. -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "tmeasday", role: "editor", id: "599716c1646636eeda59e8ed", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "599716c1646636eeda59e8ed", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599716c1646636eeda59e8ed" - } - ] -} -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-18 18:33:05 Authorize update 'updateUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599716c1646636eeda59e8ed" - } - ] -} -2017-08-18 18:33:05 updated user 599716c1646636eeda59e8ed. -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "tmeasday", role: "editor", id: "599716c1646636eeda59e8ed", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599716c1646636eeda59e8ed" - } - ] -} -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-18 18:33:05 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599716c1646636eeda59e8ed" - } - ] -} -2017-08-18 18:33:05 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 { - "authorId": "599716c1646636eeda59e8ed", - "body": "This is a test tweet of user tobkle", - "coauthorsIds": [], - "createdAt": 1503073985727, - "updatedAt": 1503073985727, - "createdById": "599716c1646636eeda59e8ed", - "updatedById": "599716c1646636eeda59e8ed" -} -2017-08-18 18:33:05 Request: -User: "tmeasday", role: "editor", id: "599716c1646636eeda59e8ed", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "599716c1646636eeda59e8ed", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599716c1646636eeda59e8ed" - } - ] -} -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-18 18:33:05 Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is authorized by docRole. -2017-08-18 18:33:05 inserted tweet 599716c1646636eeda59e8ee. -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 { - "authorId": "583291a1638566b3c5a92ca1", - "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", - "coauthorsIds": [], - "createdAt": 1503073985733, - "updatedAt": 1503073985733, - "createdById": "599716c1646636eeda59e8ed", - "updatedById": "599716c1646636eeda59e8ed" -} -2017-08-18 18:33:05 Request: -User: "tmeasday", role: "editor", id: "599716c1646636eeda59e8ed", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-18 18:33:05 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599716c1646636eeda59e8ed" - } - ] -} -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-18 18:33:05 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "tmeasday", role: "editor", id: "599716c1646636eeda59e8ed", -Operation: "", variables: "", -Query: -{ - tweet(id: "599716c1646636eeda59e8ee") { - author { - id - } - body - } -} - -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599716c1646636eeda59e8ed" - } - ] -} -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "tmeasday", role: "editor", id: "599716c1646636eeda59e8ed", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599716c1646636eeda59e8ed" - } - ] -} -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "tmeasday", role: "editor", id: "599716c1646636eeda59e8ed", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "599716c1646636eeda59e8ee", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599716c1646636eeda59e8ed" - } - ] -} -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-18 18:33:05 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "599716c1646636eeda59e8ed" - }, - { - "coauthorsIds": "599716c1646636eeda59e8ed" - } - ] -} -2017-08-18 18:33:05 updated tweet 599716c1646636eeda59e8ee. -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "tmeasday", role: "editor", id: "599716c1646636eeda59e8ed", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599716c1646636eeda59e8ed" - } - ] -} -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-18 18:33:05 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "599716c1646636eeda59e8ed" - }, - { - "coauthorsIds": "599716c1646636eeda59e8ed" - } - ] -} -2017-08-18 18:33:05 ERROR update tweet not possible for 583676d3618530145474e352. -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "tmeasday", role: "editor", id: "599716c1646636eeda59e8ed", -Operation: "", variables: "", -Query: -{ - tweet(id: "599716c1646636eeda59e8ee") { - body - } -} - -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599716c1646636eeda59e8ed" - } - ] -} -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "tmeasday", role: "editor", id: "599716c1646636eeda59e8ed", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "599716c1646636eeda59e8ee") -} - -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599716c1646636eeda59e8ed" - } - ] -} -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-18 18:33:05 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "599716c1646636eeda59e8ed" - } - ] -} -2017-08-18 18:33:05 removed tweet 599716c1646636eeda59e8ee. -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "tmeasday", role: "editor", id: "599716c1646636eeda59e8ed", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599716c1646636eeda59e8ed" - } - ] -} -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-18 18:33:05 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "599716c1646636eeda59e8ed" - } - ] -} -2017-08-18 18:33:05 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "tmeasday", role: "editor", id: "599716c1646636eeda59e8ed", -Operation: "", variables: "", -Query: -{ - tweet(id: "599716c1646636eeda59e8ee") { - body - } -} - -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599716c1646636eeda59e8ed" - } - ] -} -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 Request: -User: "tmeasday", role: "editor", id: "599716c1646636eeda59e8ed", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "599716c1646636eeda59e8ed") -} - -2017-08-18 18:33:05 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599716c1646636eeda59e8ed" - } - ] -} -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-18 18:33:05 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599716c1646636eeda59e8ed" - } - ] -} -2017-08-18 18:33:05 removed user 599716c1646636eeda59e8ed. -2017-08-18 18:33:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:33:05 -------------------------------------------------------------------------------- -2017-08-18 18:33:05 ERROR Cannot read property 'load' of undefined -2017-08-18 18:33:05 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "599716c1646636eeda59e8ed") { - username - bio - role - } -} - -2017-08-18 18:33:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:33:05 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 18:36:19 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:36:19 -------------------------------------------------------------------------------- -2017-08-18 18:36:19 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -query IntrospectionQuery { - __schema { - queryType { - name - } - mutationType { - name - } - subscriptionType { - name - } - types { - ...FullType - } - directives { - name - description - locations - args { - ...InputValue - } - } - } -} - -fragment FullType on __Type { - kind - name - description - fields(includeDeprecated: true) { - name - description - args { - ...InputValue - } - type { - ...TypeRef - } - isDeprecated - deprecationReason - } - inputFields { - ...InputValue - } - interfaces { - ...TypeRef - } - enumValues(includeDeprecated: true) { - name - description - isDeprecated - deprecationReason - } - possibleTypes { - ...TypeRef - } -} - -fragment InputValue on __InputValue { - name - description - type { - ...TypeRef - } - defaultValue -} - -fragment TypeRef on __Type { - kind - name - ofType { - kind - name - ofType { - kind - name - ofType { - kind - name - } - } - } -} - -2017-08-18 18:36:19 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:36:19 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 18:36:21 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:36:21 -------------------------------------------------------------------------------- -2017-08-18 18:36:21 Request: -User: "", role: "", id: "", -Operation: "", variables: ""{}"", -Query: -{ - tweets { - id - } -} - -2017-08-18 18:36:21 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:36:21 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 18:36:21 Authorize readMany 'tweets' with user '' and role '' is authorized -2017-08-18 18:36:33 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:36:33 -------------------------------------------------------------------------------- -2017-08-18 18:36:33 ERROR Authorize readMany 'users' with user '' and role: 'null' is not authorized. -2017-08-18 18:36:33 Request: -User: "", role: "", id: "", -Operation: "", variables: ""{}"", -Query: -{ - users { - id - } -} - -2017-08-18 18:36:33 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:36:33 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 18:36:33 ERROR Authorize readMany 'users' with user '' and role: 'null' is not authorized. -2017-08-18 18:54:05 ERROR uncaughtException: /Users/Toby/MICRO/create-graphql-server-3/test/output-app/model/Tweet.js: Unexpected token (10:0) - {"date":"Fri Aug 18 2017 18:54:05 GMT+0200 (CEST)","process":{"pid":62101,"uid":501,"gid":20,"cwd":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app","execPath":"/usr/local/bin/node","version":"v7.0.0","argv":["node","/Users/Toby/MICRO/create-graphql-server-3/test/output-app/server/index.js"],"memoryUsage":{"rss":145674240,"heapTotal":122109952,"heapUsed":87926304}},"os":{"loadavg":[2.373046875,2.17529296875,2.123046875],"uptime":697072},"trace":[{"column":null,"file":null,"function":null,"line":null,"method":null,"native":false},{"column":13,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$5.raise","line":4246,"method":"raise","native":false},{"column":8,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp.unexpected","line":1627,"method":"unexpected","native":false},{"column":12,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$3.parseExprAtom","line":3586,"method":"parseExprAtom","native":false},{"column":19,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$3.parseExprSubscripts","line":3331,"method":"parseExprSubscripts","native":false},{"column":19,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$3.parseMaybeUnary","line":3311,"method":"parseMaybeUnary","native":false},{"column":19,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$3.parseExprOps","line":3241,"method":"parseExprOps","native":false},{"column":19,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$3.parseMaybeConditional","line":3218,"method":"parseMaybeConditional","native":false},{"column":19,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$3.parseMaybeAssign","line":3181,"method":"parseMaybeAssign","native":false},{"column":19,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$3.parseExpression","line":3143,"method":"parseExpression","native":false},{"column":19,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$1.parseStatement","line":1774,"method":"parseStatement","native":false}],"stack":["SyntaxError: /Users/Toby/MICRO/create-graphql-server-3/test/output-app/model/Tweet.js: Unexpected token (10:0)","\u001b[0m \u001b[90m 8 | \u001b[39m \u001b[36mthis\u001b[39m\u001b[33m.\u001b[39mcollection \u001b[33m=\u001b[39m context\u001b[33m.\u001b[39mdb\u001b[33m.\u001b[39mcollection(\u001b[32m'tweet'\u001b[39m)\u001b[33m;\u001b[39m"," \u001b[90m 9 | \u001b[39m \u001b[36mthis\u001b[39m\u001b[33m.\u001b[39mpubsub \u001b[33m=\u001b[39m context\u001b[33m.\u001b[39mpubsub\u001b[33m;\u001b[39m","\u001b[31m\u001b[1m>\u001b[22m\u001b[39m\u001b[90m 10 | \u001b[39m\u001b[33m<<\u001b[39m\u001b[33m<<\u001b[39m\u001b[33m<<\u001b[39m\u001b[33m<\u001b[39m \u001b[33mHEAD\u001b[39m"," \u001b[90m | \u001b[39m\u001b[31m\u001b[1m^\u001b[22m\u001b[39m"," \u001b[90m 11 | \u001b[39m \u001b[36mconst\u001b[39m that \u001b[33m=\u001b[39m \u001b[36mthis\u001b[39m\u001b[33m;\u001b[39m"," \u001b[90m 12 | \u001b[39m \u001b[36mtry\u001b[39m {"," \u001b[90m 13 | \u001b[39m \u001b[36mconst\u001b[39m { me\u001b[33m,\u001b[39m \u001b[33mUser\u001b[39m } \u001b[33m=\u001b[39m context\u001b[33m;\u001b[39m\u001b[0m"," at Parser.pp$5.raise (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:4246:13)"," at Parser.pp.unexpected (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:1627:8)"," at Parser.pp$3.parseExprAtom (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:3586:12)"," at Parser.pp$3.parseExprSubscripts (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:3331:19)"," at Parser.pp$3.parseMaybeUnary (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:3311:19)"," at Parser.pp$3.parseExprOps (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:3241:19)"," at Parser.pp$3.parseMaybeConditional (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:3218:19)"," at Parser.pp$3.parseMaybeAssign (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:3181:19)"," at Parser.pp$3.parseExpression (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:3143:19)"," at Parser.pp$1.parseStatement (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:1774:19)"]} -2017-08-18 18:54:05 ERROR uncaughtException: /Users/Toby/MICRO/create-graphql-server-3/test/output-app/model/Tweet.js: Unexpected token (10:0) - {"date":"Fri Aug 18 2017 18:54:05 GMT+0200 (CEST)","process":{"pid":62101,"uid":501,"gid":20,"cwd":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app","execPath":"/usr/local/bin/node","version":"v7.0.0","argv":["node","/Users/Toby/MICRO/create-graphql-server-3/test/output-app/server/index.js"],"memoryUsage":{"rss":146370560,"heapTotal":122109952,"heapUsed":88317208}},"os":{"loadavg":[2.373046875,2.17529296875,2.123046875],"uptime":697072},"trace":[{"column":null,"file":null,"function":null,"line":null,"method":null,"native":false},{"column":13,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$5.raise","line":4246,"method":"raise","native":false},{"column":8,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp.unexpected","line":1627,"method":"unexpected","native":false},{"column":12,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$3.parseExprAtom","line":3586,"method":"parseExprAtom","native":false},{"column":19,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$3.parseExprSubscripts","line":3331,"method":"parseExprSubscripts","native":false},{"column":19,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$3.parseMaybeUnary","line":3311,"method":"parseMaybeUnary","native":false},{"column":19,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$3.parseExprOps","line":3241,"method":"parseExprOps","native":false},{"column":19,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$3.parseMaybeConditional","line":3218,"method":"parseMaybeConditional","native":false},{"column":19,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$3.parseMaybeAssign","line":3181,"method":"parseMaybeAssign","native":false},{"column":19,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$3.parseExpression","line":3143,"method":"parseExpression","native":false},{"column":19,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$1.parseStatement","line":1774,"method":"parseStatement","native":false}],"stack":["SyntaxError: /Users/Toby/MICRO/create-graphql-server-3/test/output-app/model/Tweet.js: Unexpected token (10:0)","\u001b[0m \u001b[90m 8 | \u001b[39m \u001b[36mthis\u001b[39m\u001b[33m.\u001b[39mcollection \u001b[33m=\u001b[39m context\u001b[33m.\u001b[39mdb\u001b[33m.\u001b[39mcollection(\u001b[32m'tweet'\u001b[39m)\u001b[33m;\u001b[39m"," \u001b[90m 9 | \u001b[39m \u001b[36mthis\u001b[39m\u001b[33m.\u001b[39mpubsub \u001b[33m=\u001b[39m context\u001b[33m.\u001b[39mpubsub\u001b[33m;\u001b[39m","\u001b[31m\u001b[1m>\u001b[22m\u001b[39m\u001b[90m 10 | \u001b[39m\u001b[33m<<\u001b[39m\u001b[33m<<\u001b[39m\u001b[33m<<\u001b[39m\u001b[33m<\u001b[39m \u001b[33mHEAD\u001b[39m"," \u001b[90m | \u001b[39m\u001b[31m\u001b[1m^\u001b[22m\u001b[39m"," \u001b[90m 11 | \u001b[39m \u001b[36mconst\u001b[39m that \u001b[33m=\u001b[39m \u001b[36mthis\u001b[39m\u001b[33m;\u001b[39m"," \u001b[90m 12 | \u001b[39m \u001b[36mtry\u001b[39m {"," \u001b[90m 13 | \u001b[39m \u001b[36mconst\u001b[39m { me\u001b[33m,\u001b[39m \u001b[33mUser\u001b[39m } \u001b[33m=\u001b[39m context\u001b[33m;\u001b[39m\u001b[0m"," at Parser.pp$5.raise (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:4246:13)"," at Parser.pp.unexpected (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:1627:8)"," at Parser.pp$3.parseExprAtom (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:3586:12)"," at Parser.pp$3.parseExprSubscripts (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:3331:19)"," at Parser.pp$3.parseMaybeUnary (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:3311:19)"," at Parser.pp$3.parseExprOps (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:3241:19)"," at Parser.pp$3.parseMaybeConditional (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:3218:19)"," at Parser.pp$3.parseMaybeAssign (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:3181:19)"," at Parser.pp$3.parseExpression (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:3143:19)"," at Parser.pp$1.parseStatement (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:1774:19)"]} -2017-08-18 18:54:05 ERROR uncaughtException: /Users/Toby/MICRO/create-graphql-server-3/test/output-app/model/Tweet.js: Unexpected token (10:0) - {"date":"Fri Aug 18 2017 18:54:05 GMT+0200 (CEST)","process":{"pid":62101,"uid":501,"gid":20,"cwd":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app","execPath":"/usr/local/bin/node","version":"v7.0.0","argv":["node","/Users/Toby/MICRO/create-graphql-server-3/test/output-app/server/index.js"],"memoryUsage":{"rss":146391040,"heapTotal":122109952,"heapUsed":88480976}},"os":{"loadavg":[2.373046875,2.17529296875,2.123046875],"uptime":697072},"trace":[{"column":null,"file":null,"function":null,"line":null,"method":null,"native":false},{"column":13,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$5.raise","line":4246,"method":"raise","native":false},{"column":8,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp.unexpected","line":1627,"method":"unexpected","native":false},{"column":12,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$3.parseExprAtom","line":3586,"method":"parseExprAtom","native":false},{"column":19,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$3.parseExprSubscripts","line":3331,"method":"parseExprSubscripts","native":false},{"column":19,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$3.parseMaybeUnary","line":3311,"method":"parseMaybeUnary","native":false},{"column":19,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$3.parseExprOps","line":3241,"method":"parseExprOps","native":false},{"column":19,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$3.parseMaybeConditional","line":3218,"method":"parseMaybeConditional","native":false},{"column":19,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$3.parseMaybeAssign","line":3181,"method":"parseMaybeAssign","native":false},{"column":19,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$3.parseExpression","line":3143,"method":"parseExpression","native":false},{"column":19,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$1.parseStatement","line":1774,"method":"parseStatement","native":false}],"stack":["SyntaxError: /Users/Toby/MICRO/create-graphql-server-3/test/output-app/model/Tweet.js: Unexpected token (10:0)","\u001b[0m \u001b[90m 8 | \u001b[39m \u001b[36mthis\u001b[39m\u001b[33m.\u001b[39mcollection \u001b[33m=\u001b[39m context\u001b[33m.\u001b[39mdb\u001b[33m.\u001b[39mcollection(\u001b[32m'tweet'\u001b[39m)\u001b[33m;\u001b[39m"," \u001b[90m 9 | \u001b[39m \u001b[36mthis\u001b[39m\u001b[33m.\u001b[39mpubsub \u001b[33m=\u001b[39m context\u001b[33m.\u001b[39mpubsub\u001b[33m;\u001b[39m","\u001b[31m\u001b[1m>\u001b[22m\u001b[39m\u001b[90m 10 | \u001b[39m\u001b[33m<<\u001b[39m\u001b[33m<<\u001b[39m\u001b[33m<<\u001b[39m\u001b[33m<\u001b[39m \u001b[33mHEAD\u001b[39m"," \u001b[90m | \u001b[39m\u001b[31m\u001b[1m^\u001b[22m\u001b[39m"," \u001b[90m 11 | \u001b[39m \u001b[36mconst\u001b[39m that \u001b[33m=\u001b[39m \u001b[36mthis\u001b[39m\u001b[33m;\u001b[39m"," \u001b[90m 12 | \u001b[39m \u001b[36mtry\u001b[39m {"," \u001b[90m 13 | \u001b[39m \u001b[36mconst\u001b[39m { me\u001b[33m,\u001b[39m \u001b[33mUser\u001b[39m } \u001b[33m=\u001b[39m context\u001b[33m;\u001b[39m\u001b[0m"," at Parser.pp$5.raise (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:4246:13)"," at Parser.pp.unexpected (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:1627:8)"," at Parser.pp$3.parseExprAtom (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:3586:12)"," at Parser.pp$3.parseExprSubscripts (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:3331:19)"," at Parser.pp$3.parseMaybeUnary (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:3311:19)"," at Parser.pp$3.parseExprOps (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:3241:19)"," at Parser.pp$3.parseMaybeConditional (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:3218:19)"," at Parser.pp$3.parseMaybeAssign (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:3181:19)"," at Parser.pp$3.parseExpression (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:3143:19)"," at Parser.pp$1.parseStatement (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:1774:19)"]} -2017-08-18 18:55:04 ERROR uncaughtException: /Users/Toby/MICRO/create-graphql-server-3/test/output-app/model/Tweet.js: Unexpected token (10:0) - {"date":"Fri Aug 18 2017 18:55:04 GMT+0200 (CEST)","process":{"pid":62151,"uid":501,"gid":20,"cwd":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app","execPath":"/usr/local/bin/node","version":"v7.0.0","argv":["node","/Users/Toby/MICRO/create-graphql-server-3/test/output-app/server/index.js"],"memoryUsage":{"rss":146399232,"heapTotal":122109952,"heapUsed":87873368}},"os":{"loadavg":[2.630859375,2.3134765625,2.17822265625],"uptime":697131},"trace":[{"column":null,"file":null,"function":null,"line":null,"method":null,"native":false},{"column":13,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$5.raise","line":4246,"method":"raise","native":false},{"column":8,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp.unexpected","line":1627,"method":"unexpected","native":false},{"column":12,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$3.parseExprAtom","line":3586,"method":"parseExprAtom","native":false},{"column":19,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$3.parseExprSubscripts","line":3331,"method":"parseExprSubscripts","native":false},{"column":19,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$3.parseMaybeUnary","line":3311,"method":"parseMaybeUnary","native":false},{"column":19,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$3.parseExprOps","line":3241,"method":"parseExprOps","native":false},{"column":19,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$3.parseMaybeConditional","line":3218,"method":"parseMaybeConditional","native":false},{"column":19,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$3.parseMaybeAssign","line":3181,"method":"parseMaybeAssign","native":false},{"column":19,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$3.parseExpression","line":3143,"method":"parseExpression","native":false},{"column":19,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$1.parseStatement","line":1774,"method":"parseStatement","native":false}],"stack":["SyntaxError: /Users/Toby/MICRO/create-graphql-server-3/test/output-app/model/Tweet.js: Unexpected token (10:0)","\u001b[0m \u001b[90m 8 | \u001b[39m \u001b[36mthis\u001b[39m\u001b[33m.\u001b[39mcollection \u001b[33m=\u001b[39m context\u001b[33m.\u001b[39mdb\u001b[33m.\u001b[39mcollection(\u001b[32m'tweet'\u001b[39m)\u001b[33m;\u001b[39m"," \u001b[90m 9 | \u001b[39m \u001b[36mthis\u001b[39m\u001b[33m.\u001b[39mpubsub \u001b[33m=\u001b[39m context\u001b[33m.\u001b[39mpubsub\u001b[33m;\u001b[39m","\u001b[31m\u001b[1m>\u001b[22m\u001b[39m\u001b[90m 10 | \u001b[39m\u001b[33m<<\u001b[39m\u001b[33m<<\u001b[39m\u001b[33m<<\u001b[39m\u001b[33m<\u001b[39m \u001b[33mHEAD\u001b[39m"," \u001b[90m | \u001b[39m\u001b[31m\u001b[1m^\u001b[22m\u001b[39m"," \u001b[90m 11 | \u001b[39m \u001b[36mconst\u001b[39m that \u001b[33m=\u001b[39m \u001b[36mthis\u001b[39m\u001b[33m;\u001b[39m"," \u001b[90m 12 | \u001b[39m \u001b[36mtry\u001b[39m {"," \u001b[90m 13 | \u001b[39m \u001b[36mconst\u001b[39m { me\u001b[33m,\u001b[39m \u001b[33mUser\u001b[39m } \u001b[33m=\u001b[39m context\u001b[33m;\u001b[39m\u001b[0m"," at Parser.pp$5.raise (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:4246:13)"," at Parser.pp.unexpected (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:1627:8)"," at Parser.pp$3.parseExprAtom (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:3586:12)"," at Parser.pp$3.parseExprSubscripts (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:3331:19)"," at Parser.pp$3.parseMaybeUnary (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:3311:19)"," at Parser.pp$3.parseExprOps (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:3241:19)"," at Parser.pp$3.parseMaybeConditional (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:3218:19)"," at Parser.pp$3.parseMaybeAssign (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:3181:19)"," at Parser.pp$3.parseExpression (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:3143:19)"," at Parser.pp$1.parseStatement (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:1774:19)"]} -2017-08-18 18:55:04 ERROR uncaughtException: /Users/Toby/MICRO/create-graphql-server-3/test/output-app/model/Tweet.js: Unexpected token (10:0) - {"date":"Fri Aug 18 2017 18:55:04 GMT+0200 (CEST)","process":{"pid":62151,"uid":501,"gid":20,"cwd":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app","execPath":"/usr/local/bin/node","version":"v7.0.0","argv":["node","/Users/Toby/MICRO/create-graphql-server-3/test/output-app/server/index.js"],"memoryUsage":{"rss":147054592,"heapTotal":122109952,"heapUsed":88264288}},"os":{"loadavg":[2.630859375,2.3134765625,2.17822265625],"uptime":697131},"trace":[{"column":null,"file":null,"function":null,"line":null,"method":null,"native":false},{"column":13,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$5.raise","line":4246,"method":"raise","native":false},{"column":8,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp.unexpected","line":1627,"method":"unexpected","native":false},{"column":12,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$3.parseExprAtom","line":3586,"method":"parseExprAtom","native":false},{"column":19,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$3.parseExprSubscripts","line":3331,"method":"parseExprSubscripts","native":false},{"column":19,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$3.parseMaybeUnary","line":3311,"method":"parseMaybeUnary","native":false},{"column":19,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$3.parseExprOps","line":3241,"method":"parseExprOps","native":false},{"column":19,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$3.parseMaybeConditional","line":3218,"method":"parseMaybeConditional","native":false},{"column":19,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$3.parseMaybeAssign","line":3181,"method":"parseMaybeAssign","native":false},{"column":19,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$3.parseExpression","line":3143,"method":"parseExpression","native":false},{"column":19,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$1.parseStatement","line":1774,"method":"parseStatement","native":false}],"stack":["SyntaxError: /Users/Toby/MICRO/create-graphql-server-3/test/output-app/model/Tweet.js: Unexpected token (10:0)","\u001b[0m \u001b[90m 8 | \u001b[39m \u001b[36mthis\u001b[39m\u001b[33m.\u001b[39mcollection \u001b[33m=\u001b[39m context\u001b[33m.\u001b[39mdb\u001b[33m.\u001b[39mcollection(\u001b[32m'tweet'\u001b[39m)\u001b[33m;\u001b[39m"," \u001b[90m 9 | \u001b[39m \u001b[36mthis\u001b[39m\u001b[33m.\u001b[39mpubsub \u001b[33m=\u001b[39m context\u001b[33m.\u001b[39mpubsub\u001b[33m;\u001b[39m","\u001b[31m\u001b[1m>\u001b[22m\u001b[39m\u001b[90m 10 | \u001b[39m\u001b[33m<<\u001b[39m\u001b[33m<<\u001b[39m\u001b[33m<<\u001b[39m\u001b[33m<\u001b[39m \u001b[33mHEAD\u001b[39m"," \u001b[90m | \u001b[39m\u001b[31m\u001b[1m^\u001b[22m\u001b[39m"," \u001b[90m 11 | \u001b[39m \u001b[36mconst\u001b[39m that \u001b[33m=\u001b[39m \u001b[36mthis\u001b[39m\u001b[33m;\u001b[39m"," \u001b[90m 12 | \u001b[39m \u001b[36mtry\u001b[39m {"," \u001b[90m 13 | \u001b[39m \u001b[36mconst\u001b[39m { me\u001b[33m,\u001b[39m \u001b[33mUser\u001b[39m } \u001b[33m=\u001b[39m context\u001b[33m;\u001b[39m\u001b[0m"," at Parser.pp$5.raise (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:4246:13)"," at Parser.pp.unexpected (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:1627:8)"," at Parser.pp$3.parseExprAtom (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:3586:12)"," at Parser.pp$3.parseExprSubscripts (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:3331:19)"," at Parser.pp$3.parseMaybeUnary (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:3311:19)"," at Parser.pp$3.parseExprOps (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:3241:19)"," at Parser.pp$3.parseMaybeConditional (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:3218:19)"," at Parser.pp$3.parseMaybeAssign (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:3181:19)"," at Parser.pp$3.parseExpression (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:3143:19)"," at Parser.pp$1.parseStatement (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:1774:19)"]} -2017-08-18 18:55:04 ERROR uncaughtException: /Users/Toby/MICRO/create-graphql-server-3/test/output-app/model/Tweet.js: Unexpected token (10:0) - {"date":"Fri Aug 18 2017 18:55:04 GMT+0200 (CEST)","process":{"pid":62151,"uid":501,"gid":20,"cwd":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app","execPath":"/usr/local/bin/node","version":"v7.0.0","argv":["node","/Users/Toby/MICRO/create-graphql-server-3/test/output-app/server/index.js"],"memoryUsage":{"rss":147070976,"heapTotal":122109952,"heapUsed":88428064}},"os":{"loadavg":[2.630859375,2.3134765625,2.17822265625],"uptime":697131},"trace":[{"column":null,"file":null,"function":null,"line":null,"method":null,"native":false},{"column":13,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$5.raise","line":4246,"method":"raise","native":false},{"column":8,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp.unexpected","line":1627,"method":"unexpected","native":false},{"column":12,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$3.parseExprAtom","line":3586,"method":"parseExprAtom","native":false},{"column":19,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$3.parseExprSubscripts","line":3331,"method":"parseExprSubscripts","native":false},{"column":19,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$3.parseMaybeUnary","line":3311,"method":"parseMaybeUnary","native":false},{"column":19,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$3.parseExprOps","line":3241,"method":"parseExprOps","native":false},{"column":19,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$3.parseMaybeConditional","line":3218,"method":"parseMaybeConditional","native":false},{"column":19,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$3.parseMaybeAssign","line":3181,"method":"parseMaybeAssign","native":false},{"column":19,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$3.parseExpression","line":3143,"method":"parseExpression","native":false},{"column":19,"file":"/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js","function":"Parser.pp$1.parseStatement","line":1774,"method":"parseStatement","native":false}],"stack":["SyntaxError: /Users/Toby/MICRO/create-graphql-server-3/test/output-app/model/Tweet.js: Unexpected token (10:0)","\u001b[0m \u001b[90m 8 | \u001b[39m \u001b[36mthis\u001b[39m\u001b[33m.\u001b[39mcollection \u001b[33m=\u001b[39m context\u001b[33m.\u001b[39mdb\u001b[33m.\u001b[39mcollection(\u001b[32m'tweet'\u001b[39m)\u001b[33m;\u001b[39m"," \u001b[90m 9 | \u001b[39m \u001b[36mthis\u001b[39m\u001b[33m.\u001b[39mpubsub \u001b[33m=\u001b[39m context\u001b[33m.\u001b[39mpubsub\u001b[33m;\u001b[39m","\u001b[31m\u001b[1m>\u001b[22m\u001b[39m\u001b[90m 10 | \u001b[39m\u001b[33m<<\u001b[39m\u001b[33m<<\u001b[39m\u001b[33m<<\u001b[39m\u001b[33m<\u001b[39m \u001b[33mHEAD\u001b[39m"," \u001b[90m | \u001b[39m\u001b[31m\u001b[1m^\u001b[22m\u001b[39m"," \u001b[90m 11 | \u001b[39m \u001b[36mconst\u001b[39m that \u001b[33m=\u001b[39m \u001b[36mthis\u001b[39m\u001b[33m;\u001b[39m"," \u001b[90m 12 | \u001b[39m \u001b[36mtry\u001b[39m {"," \u001b[90m 13 | \u001b[39m \u001b[36mconst\u001b[39m { me\u001b[33m,\u001b[39m \u001b[33mUser\u001b[39m } \u001b[33m=\u001b[39m context\u001b[33m;\u001b[39m\u001b[0m"," at Parser.pp$5.raise (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:4246:13)"," at Parser.pp.unexpected (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:1627:8)"," at Parser.pp$3.parseExprAtom (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:3586:12)"," at Parser.pp$3.parseExprSubscripts (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:3331:19)"," at Parser.pp$3.parseMaybeUnary (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:3311:19)"," at Parser.pp$3.parseExprOps (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:3241:19)"," at Parser.pp$3.parseMaybeConditional (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:3218:19)"," at Parser.pp$3.parseMaybeAssign (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:3181:19)"," at Parser.pp$3.parseExpression (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:3143:19)"," at Parser.pp$1.parseStatement (/Users/Toby/MICRO/create-graphql-server-3/test/output-app/node_modules/babylon/lib/index.js:1774:19)"]} -2017-08-18 18:55:23 Logger started -2017-08-18 18:58:33 -------------------------------------------------------------------------------- -2017-08-18 18:58:33 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -query IntrospectionQuery { - __schema { - queryType { - name - } - mutationType { - name - } - subscriptionType { - name - } - types { - ...FullType - } - directives { - name - description - locations - args { - ...InputValue - } - } - } -} - -fragment FullType on __Type { - kind - name - description - fields(includeDeprecated: true) { - name - description - args { - ...InputValue - } - type { - ...TypeRef - } - isDeprecated - deprecationReason - } - inputFields { - ...InputValue - } - interfaces { - ...TypeRef - } - enumValues(includeDeprecated: true) { - name - description - isDeprecated - deprecationReason - } - possibleTypes { - ...TypeRef - } -} - -fragment InputValue on __InputValue { - name - description - type { - ...TypeRef - } - defaultValue -} - -fragment TypeRef on __Type { - kind - name - ofType { - kind - name - ofType { - kind - name - ofType { - kind - name - } - } - } -} - -2017-08-18 18:58:33 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:58:33 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:58:33 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 18:58:34 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:58:34 -------------------------------------------------------------------------------- -2017-08-18 18:58:34 ERROR Authorize readMany 'users' with user '' and role: 'null' is not authorized. -2017-08-18 18:58:34 Request: -User: "", role: "", id: "", -Operation: "", variables: ""{}"", -Query: -{ - users { - id - } -} - -2017-08-18 18:58:34 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:58:34 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 18:58:34 ERROR Authorize readMany 'users' with user '' and role: 'null' is not authorized. -2017-08-18 18:58:35 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:58:35 -------------------------------------------------------------------------------- -2017-08-18 18:58:35 ERROR Authorize readMany 'users' with user '' and role: 'null' is not authorized. -2017-08-18 18:58:35 Request: -User: "", role: "", id: "", -Operation: "", variables: ""{}"", -Query: -{ - users { - id - } -} - -2017-08-18 18:58:35 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:58:35 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 18:58:35 ERROR Authorize readMany 'users' with user '' and role: 'null' is not authorized. -2017-08-18 18:58:36 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:58:36 -------------------------------------------------------------------------------- -2017-08-18 18:58:36 ERROR Authorize readMany 'users' with user '' and role: 'null' is not authorized. -2017-08-18 18:58:36 Request: -User: "", role: "", id: "", -Operation: "", variables: ""{}"", -Query: -{ - users { - id - } -} - -2017-08-18 18:58:36 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:58:36 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 18:58:36 ERROR Authorize readMany 'users' with user '' and role: 'null' is not authorized. -2017-08-18 18:58:36 -------------------------------------------------------------------------------- -2017-08-18 18:58:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-18 18:58:36 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:58:36 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:58:42 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:58:42 -------------------------------------------------------------------------------- -2017-08-18 18:58:42 Request: -User: "", role: "", id: "", -Operation: "", variables: ""{}"", -Query: -{ - tweets { - id - } -} - -2017-08-18 18:58:42 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:58:42 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 18:58:42 Authorize readMany 'tweets' with user '' and role '' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - role - username - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - role - username - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca2") { - role - username - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - id - username - bio - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users { - username - createdAt - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(limit: 1) { - username - createdAt - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993) { - username - createdAt - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers { - username - createdAt - } - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(limit: 1) { - username - createdAt - } - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following { - username - createdAt - } - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(limit: 1) { - username - createdAt - } - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets { - id - createdAt - } - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(limit: 1) { - id - createdAt - } - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked { - id - createdAt - } - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(limit: 1) { - id - createdAt - } - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334) { - id - createdAt - } - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334, limit: 1) { - id - createdAt - } - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - id - body - } -} - -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - author { - username - } - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets { - id - createdAt - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(limit: 1) { - id - createdAt - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers { - username - createdAt - } - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(limit: 1) { - username - createdAt - } - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993) { - username - createdAt - } - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { - id - role - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 inserted user 59971cedf92483f2dd3d1276. -2017-08-18 18:59:25 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "tobkle", role: "admin", id: "59971cedf92483f2dd3d1276", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:59:25 inserted user 59971cedf92483f2dd3d1277. -2017-08-18 18:59:25 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "tobkle", role: "admin", id: "59971cedf92483f2dd3d1276", -Operation: "", variables: "", -Query: -{ - user(id: "59971cedf92483f2dd3d1277") { - username - bio - role - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "tobkle", role: "admin", id: "59971cedf92483f2dd3d1276", -Operation: "", variables: "", -Query: -{ - user(id: "59971cedf92483f2dd3d1276") { - username - role - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "tobkle", role: "admin", id: "59971cedf92483f2dd3d1276", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59971cedf92483f2dd3d1277", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:59:25 updated user 59971cedf92483f2dd3d1277. -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "tobkle", role: "admin", id: "59971cedf92483f2dd3d1276", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59971cedf92483f2dd3d1276", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:59:25 updated user 59971cedf92483f2dd3d1276. -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "tobkle", role: "admin", id: "59971cedf92483f2dd3d1276", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59971cedf92483f2dd3d1277", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { - username - bio - role - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:59:25 updated user 59971cedf92483f2dd3d1277. -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "tobkle", role: "admin", id: "59971cedf92483f2dd3d1276", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59971cedf92483f2dd3d1276", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:59:25 updated user 59971cedf92483f2dd3d1276. -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "tobkle", role: "editor", id: "59971cedf92483f2dd3d1276", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59971cedf92483f2dd3d1276", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-18 18:59:25 updated user 59971cedf92483f2dd3d1276. -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59971cedf92483f2dd3d1276" - } - ] -} -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-18 18:59:25 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59971cedf92483f2dd3d1276" - } - ] -} -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "zoltan", role: "admin", id: "59971cedf92483f2dd3d1277", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59971cedf92483f2dd3d1276", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'zoltan' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'zoltan' and role 'admin' is authorized -2017-08-18 18:59:25 updated user 59971cedf92483f2dd3d1276. -2017-08-18 18:59:25 Authorize update 'updateUser' with user 'zoltan' and role 'admin' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "tobkle", role: "admin", id: "59971cedf92483f2dd3d1276", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59971cedf92483f2dd3d1277") -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:59:25 removed user 59971cedf92483f2dd3d1277. -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "tobkle", role: "admin", id: "59971cedf92483f2dd3d1276", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59971cedf92483f2dd3d1276", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:59:25 { - "authorId": "59971cedf92483f2dd3d1276", - "body": "This is a test tweet of user tobkle", - "coauthorsIds": [], - "createdAt": 1503075565488, - "updatedAt": 1503075565488, - "createdById": "59971cedf92483f2dd3d1276", - "updatedById": "59971cedf92483f2dd3d1276" -} -2017-08-18 18:59:25 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:59:25 inserted tweet 59971cedf92483f2dd3d1278. -2017-08-18 18:59:25 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 { - "authorId": "583291a1638566b3c5a92ca1", - "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", - "coauthorsIds": [], - "createdAt": 1503075565497, - "updatedAt": 1503075565497, - "createdById": "59971cedf92483f2dd3d1276", - "updatedById": "59971cedf92483f2dd3d1276" -} -2017-08-18 18:59:25 Request: -User: "tobkle", role: "admin", id: "59971cedf92483f2dd3d1276", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "tobkle", role: "admin", id: "59971cedf92483f2dd3d1276", -Operation: "", variables: "", -Query: -{ - tweet(id: "59971cedf92483f2dd3d1278") { - author { - id - } - body - } -} - -2017-08-18 18:59:25 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:59:25 inserted tweet 59971cedf92483f2dd3d1279. -2017-08-18 18:59:25 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "tobkle", role: "admin", id: "59971cedf92483f2dd3d1276", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "tobkle", role: "admin", id: "59971cedf92483f2dd3d1276", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59971cedf92483f2dd3d1278", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:59:25 updated tweet 59971cedf92483f2dd3d1278. -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "tobkle", role: "admin", id: "59971cedf92483f2dd3d1276", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59971cedf92483f2dd3d1279", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:59:25 updated tweet 59971cedf92483f2dd3d1279. -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "tobkle", role: "admin", id: "59971cedf92483f2dd3d1276", -Operation: "", variables: "", -Query: -{ - tweet(id: "59971cedf92483f2dd3d1278") { - body - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "tobkle", role: "admin", id: "59971cedf92483f2dd3d1276", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59971cedf92483f2dd3d1278") -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:59:25 removed tweet 59971cedf92483f2dd3d1278. -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "tobkle", role: "admin", id: "59971cedf92483f2dd3d1276", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59971cedf92483f2dd3d1279") -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:59:25 removed tweet 59971cedf92483f2dd3d1279. -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "tobkle", role: "admin", id: "59971cedf92483f2dd3d1276", -Operation: "", variables: "", -Query: -{ - tweet(id: "59971cedf92483f2dd3d1278") { - body - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "tobkle", role: "admin", id: "59971cedf92483f2dd3d1276", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59971cedf92483f2dd3d1276") -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-18 18:59:25 removed user 59971cedf92483f2dd3d1276. -2017-08-18 18:59:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 ERROR Cannot read property 'load' of undefined -2017-08-18 18:59:25 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59971cedf92483f2dd3d1276") { - username - bio - role - } -} - -2017-08-18 18:59:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 18:59:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-18 18:59:25 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-08-18 18:59:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 18:59:25 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-18 18:59:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 ERROR Cannot read property 'load' of undefined -2017-08-18 18:59:25 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-18 18:59:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 18:59:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. -2017-08-18 18:59:25 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-18 18:59:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 18:59:25 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. -2017-08-18 18:59:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-18 18:59:25 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-18 18:59:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 18:59:25 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-18 18:59:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-18 18:59:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 18:59:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 { - "authorId": "583291a1638566b3c5a92ca1", - "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", - "coauthorsIds": [], - "createdAt": 1503075565642, - "updatedAt": 1503075565642, - "createdById": "unknown", - "updatedById": "unknown" -} -2017-08-18 18:59:25 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-18 18:59:25 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-18 18:59:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 18:59:25 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-18 18:59:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-18 18:59:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 18:59:25 ERROR Cannot read property 'load' of undefined -2017-08-18 18:59:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-18 18:59:25 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-18 18:59:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 18:59:25 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-18 18:59:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-18 18:59:25 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-18 18:59:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 18:59:25 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-18 18:59:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-18 18:59:25 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-18 18:59:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 18:59:25 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { - id - role - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 inserted user 59971cedf92483f2dd3d127a. -2017-08-18 18:59:25 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. -2017-08-18 18:59:25 Request: -User: "tobkle", role: "user", id: "59971cedf92483f2dd3d127a", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59971cedf92483f2dd3d127a" - } - ] -} -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:59:25 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "tobkle", role: "user", id: "59971cedf92483f2dd3d127a", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59971cedf92483f2dd3d127a" - } - ] -} -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "tobkle", role: "user", id: "59971cedf92483f2dd3d127a", -Operation: "", variables: "", -Query: -{ - user(id: "59971cedf92483f2dd3d127a") { - username - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59971cedf92483f2dd3d127a" - } - ] -} -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "tobkle", role: "user", id: "59971cedf92483f2dd3d127a", -Operation: "", variables: "", -Query: -{ - user(id: "59971cedf92483f2dd3d127a") { - username - role - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59971cedf92483f2dd3d127a" - } - ] -} -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "tobkle", role: "user", id: "59971cedf92483f2dd3d127a", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59971cedf92483f2dd3d127a" - } - ] -} -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:59:25 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59971cedf92483f2dd3d127a" - } - ] -} -2017-08-18 18:59:25 ERROR update user not possible for 583291a1638566b3c5a92ca1. -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "tobkle", role: "user", id: "59971cedf92483f2dd3d127a", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59971cedf92483f2dd3d127a", input: {username: "tobkle", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59971cedf92483f2dd3d127a" - } - ] -} -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:59:25 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59971cedf92483f2dd3d127a" - } - ] -} -2017-08-18 18:59:25 updated user 59971cedf92483f2dd3d127a. -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "tobkle", role: "user", id: "59971cedf92483f2dd3d127a", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59971cedf92483f2dd3d127a", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59971cedf92483f2dd3d127a" - } - ] -} -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:59:25 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59971cedf92483f2dd3d127a" - } - ] -} -2017-08-18 18:59:25 updated user 59971cedf92483f2dd3d127a. -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "tobkle", role: "user", id: "59971cedf92483f2dd3d127a", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59971cedf92483f2dd3d127a" - } - ] -} -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:59:25 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59971cedf92483f2dd3d127a" - } - ] -} -2017-08-18 18:59:25 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 { - "authorId": "59971cedf92483f2dd3d127a", - "body": "This is a test tweet of user tobkle", - "coauthorsIds": [], - "createdAt": 1503075565738, - "updatedAt": 1503075565738, - "createdById": "59971cedf92483f2dd3d127a", - "updatedById": "59971cedf92483f2dd3d127a" -} -2017-08-18 18:59:25 Request: -User: "tobkle", role: "user", id: "59971cedf92483f2dd3d127a", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59971cedf92483f2dd3d127a", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59971cedf92483f2dd3d127a" - } - ] -} -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:59:25 Authorize create 'createTweet' with user 'tobkle' and role: 'user' is authorized by docRole. -2017-08-18 18:59:25 inserted tweet 59971cedf92483f2dd3d127b. -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 { - "authorId": "583291a1638566b3c5a92ca1", - "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", - "coauthorsIds": [], - "createdAt": 1503075565747, - "updatedAt": 1503075565747, - "createdById": "59971cedf92483f2dd3d127a", - "updatedById": "59971cedf92483f2dd3d127a" -} -2017-08-18 18:59:25 Request: -User: "tobkle", role: "user", id: "59971cedf92483f2dd3d127a", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-18 18:59:25 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59971cedf92483f2dd3d127a" - } - ] -} -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:59:25 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "tobkle", role: "user", id: "59971cedf92483f2dd3d127a", -Operation: "", variables: "", -Query: -{ - tweet(id: "59971cedf92483f2dd3d127b") { - author { - id - } - body - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59971cedf92483f2dd3d127a" - } - ] -} -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "tobkle", role: "user", id: "59971cedf92483f2dd3d127a", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59971cedf92483f2dd3d127a" - } - ] -} -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "tobkle", role: "user", id: "59971cedf92483f2dd3d127a", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59971cedf92483f2dd3d127b", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59971cedf92483f2dd3d127a" - } - ] -} -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:59:25 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59971cedf92483f2dd3d127a" - }, - { - "coauthorsIds": "59971cedf92483f2dd3d127a" - } - ] -} -2017-08-18 18:59:25 updated tweet 59971cedf92483f2dd3d127b. -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "tobkle", role: "user", id: "59971cedf92483f2dd3d127a", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59971cedf92483f2dd3d127a" - } - ] -} -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:59:25 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59971cedf92483f2dd3d127a" - }, - { - "coauthorsIds": "59971cedf92483f2dd3d127a" - } - ] -} -2017-08-18 18:59:25 ERROR update tweet not possible for 583676d3618530145474e352. -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "tobkle", role: "user", id: "59971cedf92483f2dd3d127a", -Operation: "", variables: "", -Query: -{ - tweet(id: "59971cedf92483f2dd3d127b") { - body - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59971cedf92483f2dd3d127a" - } - ] -} -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "tobkle", role: "user", id: "59971cedf92483f2dd3d127a", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59971cedf92483f2dd3d127b") -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59971cedf92483f2dd3d127a" - } - ] -} -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:59:25 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59971cedf92483f2dd3d127a" - } - ] -} -2017-08-18 18:59:25 removed tweet 59971cedf92483f2dd3d127b. -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "tobkle", role: "user", id: "59971cedf92483f2dd3d127a", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59971cedf92483f2dd3d127a" - } - ] -} -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:59:25 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59971cedf92483f2dd3d127a" - } - ] -} -2017-08-18 18:59:25 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "tobkle", role: "user", id: "59971cedf92483f2dd3d127a", -Operation: "", variables: "", -Query: -{ - tweet(id: "59971cedf92483f2dd3d127b") { - body - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59971cedf92483f2dd3d127a" - } - ] -} -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "tobkle", role: "user", id: "59971cedf92483f2dd3d127a", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59971cedf92483f2dd3d127a") -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59971cedf92483f2dd3d127a" - } - ] -} -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 18:59:25 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59971cedf92483f2dd3d127a" - } - ] -} -2017-08-18 18:59:25 removed user 59971cedf92483f2dd3d127a. -2017-08-18 18:59:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 ERROR Cannot read property 'load' of undefined -2017-08-18 18:59:25 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59971cedf92483f2dd3d127a") { - username - bio - role - } -} - -2017-08-18 18:59:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { - id - role - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 18:59:25 inserted user 59971cedf92483f2dd3d127c. -2017-08-18 18:59:25 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. -2017-08-18 18:59:25 Request: -User: "tobkle", role: "editor", id: "59971cedf92483f2dd3d127c", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59971cedf92483f2dd3d127c" - } - ] -} -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-18 18:59:25 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "tobkle", role: "editor", id: "59971cedf92483f2dd3d127c", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59971cedf92483f2dd3d127c" - } - ] -} -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "tobkle", role: "editor", id: "59971cedf92483f2dd3d127c", -Operation: "", variables: "", -Query: -{ - user(id: "59971cedf92483f2dd3d127c") { - username - role - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59971cedf92483f2dd3d127c" - } - ] -} -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "tobkle", role: "editor", id: "59971cedf92483f2dd3d127c", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59971cedf92483f2dd3d127c" - } - ] -} -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-18 18:59:25 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59971cedf92483f2dd3d127c" - } - ] -} -2017-08-18 18:59:25 ERROR update user not possible for 583291a1638566b3c5a92ca1. -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "tobkle", role: "editor", id: "59971cedf92483f2dd3d127c", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59971cedf92483f2dd3d127c", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59971cedf92483f2dd3d127c" - } - ] -} -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-18 18:59:25 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59971cedf92483f2dd3d127c" - } - ] -} -2017-08-18 18:59:25 updated user 59971cedf92483f2dd3d127c. -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "tmeasday", role: "editor", id: "59971cedf92483f2dd3d127c", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59971cedf92483f2dd3d127c", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59971cedf92483f2dd3d127c" - } - ] -} -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-18 18:59:25 Authorize update 'updateUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59971cedf92483f2dd3d127c" - } - ] -} -2017-08-18 18:59:25 updated user 59971cedf92483f2dd3d127c. -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "tmeasday", role: "editor", id: "59971cedf92483f2dd3d127c", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59971cedf92483f2dd3d127c" - } - ] -} -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-18 18:59:25 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59971cedf92483f2dd3d127c" - } - ] -} -2017-08-18 18:59:25 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 { - "authorId": "59971cedf92483f2dd3d127c", - "body": "This is a test tweet of user tobkle", - "coauthorsIds": [], - "createdAt": 1503075565887, - "updatedAt": 1503075565887, - "createdById": "59971cedf92483f2dd3d127c", - "updatedById": "59971cedf92483f2dd3d127c" -} -2017-08-18 18:59:25 Request: -User: "tmeasday", role: "editor", id: "59971cedf92483f2dd3d127c", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59971cedf92483f2dd3d127c", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59971cedf92483f2dd3d127c" - } - ] -} -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-18 18:59:25 Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is authorized by docRole. -2017-08-18 18:59:25 inserted tweet 59971cedf92483f2dd3d127d. -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 { - "authorId": "583291a1638566b3c5a92ca1", - "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", - "coauthorsIds": [], - "createdAt": 1503075565895, - "updatedAt": 1503075565895, - "createdById": "59971cedf92483f2dd3d127c", - "updatedById": "59971cedf92483f2dd3d127c" -} -2017-08-18 18:59:25 Request: -User: "tmeasday", role: "editor", id: "59971cedf92483f2dd3d127c", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-18 18:59:25 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59971cedf92483f2dd3d127c" - } - ] -} -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-18 18:59:25 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "tmeasday", role: "editor", id: "59971cedf92483f2dd3d127c", -Operation: "", variables: "", -Query: -{ - tweet(id: "59971cedf92483f2dd3d127d") { - author { - id - } - body - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59971cedf92483f2dd3d127c" - } - ] -} -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "tmeasday", role: "editor", id: "59971cedf92483f2dd3d127c", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59971cedf92483f2dd3d127c" - } - ] -} -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "tmeasday", role: "editor", id: "59971cedf92483f2dd3d127c", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59971cedf92483f2dd3d127d", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59971cedf92483f2dd3d127c" - } - ] -} -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-18 18:59:25 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "59971cedf92483f2dd3d127c" - }, - { - "coauthorsIds": "59971cedf92483f2dd3d127c" - } - ] -} -2017-08-18 18:59:25 updated tweet 59971cedf92483f2dd3d127d. -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "tmeasday", role: "editor", id: "59971cedf92483f2dd3d127c", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59971cedf92483f2dd3d127c" - } - ] -} -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-18 18:59:25 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "59971cedf92483f2dd3d127c" - }, - { - "coauthorsIds": "59971cedf92483f2dd3d127c" - } - ] -} -2017-08-18 18:59:25 ERROR update tweet not possible for 583676d3618530145474e352. -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "tmeasday", role: "editor", id: "59971cedf92483f2dd3d127c", -Operation: "", variables: "", -Query: -{ - tweet(id: "59971cedf92483f2dd3d127d") { - body - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59971cedf92483f2dd3d127c" - } - ] -} -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "tmeasday", role: "editor", id: "59971cedf92483f2dd3d127c", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59971cedf92483f2dd3d127d") -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59971cedf92483f2dd3d127c" - } - ] -} -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-18 18:59:25 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "59971cedf92483f2dd3d127c" - } - ] -} -2017-08-18 18:59:25 removed tweet 59971cedf92483f2dd3d127d. -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "tmeasday", role: "editor", id: "59971cedf92483f2dd3d127c", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59971cedf92483f2dd3d127c" - } - ] -} -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-18 18:59:25 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "59971cedf92483f2dd3d127c" - } - ] -} -2017-08-18 18:59:25 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "tmeasday", role: "editor", id: "59971cedf92483f2dd3d127c", -Operation: "", variables: "", -Query: -{ - tweet(id: "59971cedf92483f2dd3d127d") { - body - } -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59971cedf92483f2dd3d127c" - } - ] -} -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 Request: -User: "tmeasday", role: "editor", id: "59971cedf92483f2dd3d127c", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59971cedf92483f2dd3d127c") -} - -2017-08-18 18:59:25 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59971cedf92483f2dd3d127c" - } - ] -} -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-18 18:59:25 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59971cedf92483f2dd3d127c" - } - ] -} -2017-08-18 18:59:25 removed user 59971cedf92483f2dd3d127c. -2017-08-18 18:59:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:59:25 -------------------------------------------------------------------------------- -2017-08-18 18:59:25 ERROR Cannot read property 'load' of undefined -2017-08-18 18:59:25 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59971cedf92483f2dd3d127c") { - username - bio - role - } -} - -2017-08-18 18:59:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 18:59:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 19:05:45 Logger started -2017-08-18 19:08:45 Logger started -2017-08-18 19:48:04 Logger started -2017-08-18 19:51:57 -------------------------------------------------------------------------------- -2017-08-18 19:51:57 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-18 19:51:57 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:51:57 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - role - username - } -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - role - username - } -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca2") { - role - username - } -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - id - username - bio - } -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users { - username - createdAt - } -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(limit: 1) { - username - createdAt - } -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993) { - username - createdAt - } -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers { - username - createdAt - } - } -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(limit: 1) { - username - createdAt - } - } -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following { - username - createdAt - } - } -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(limit: 1) { - username - createdAt - } - } -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets { - id - createdAt - } - } -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(limit: 1) { - id - createdAt - } - } -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } - } -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } - } -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked { - id - createdAt - } - } -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(limit: 1) { - id - createdAt - } - } -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334) { - id - createdAt - } - } -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334, limit: 1) { - id - createdAt - } - } -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - id - body - } -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - author { - username - } - } -} - -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets { - id - createdAt - } -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(limit: 1) { - id - createdAt - } -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers { - username - createdAt - } - } -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(limit: 1) { - username - createdAt - } - } -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993) { - username - createdAt - } - } -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } - } -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { - id - role - } -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-18 19:53:06 inserted user 599729828fc4b90bdbde99cc. -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "tobkle", role: "admin", id: "599729828fc4b90bdbde99cc", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized -2017-08-18 19:53:06 inserted user 599729828fc4b90bdbde99cd. -2017-08-18 19:53:06 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "tobkle", role: "admin", id: "599729828fc4b90bdbde99cc", -Operation: "", variables: "", -Query: -{ - user(id: "599729828fc4b90bdbde99cd") { - username - bio - role - } -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "tobkle", role: "admin", id: "599729828fc4b90bdbde99cc", -Operation: "", variables: "", -Query: -{ - user(id: "599729828fc4b90bdbde99cc") { - username - role - } -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "tobkle", role: "admin", id: "599729828fc4b90bdbde99cc", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "599729828fc4b90bdbde99cd", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-18 19:53:06 updated user 599729828fc4b90bdbde99cd. -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "tobkle", role: "admin", id: "599729828fc4b90bdbde99cc", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "599729828fc4b90bdbde99cc", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-18 19:53:06 updated user 599729828fc4b90bdbde99cc. -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "tobkle", role: "admin", id: "599729828fc4b90bdbde99cc", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "599729828fc4b90bdbde99cd", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { - username - bio - role - } -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-18 19:53:06 updated user 599729828fc4b90bdbde99cd. -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "tobkle", role: "admin", id: "599729828fc4b90bdbde99cc", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "599729828fc4b90bdbde99cc", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-18 19:53:06 updated user 599729828fc4b90bdbde99cc. -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "tobkle", role: "editor", id: "599729828fc4b90bdbde99cc", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "599729828fc4b90bdbde99cc", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599729828fc4b90bdbde99cc" - } - ] -} -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-18 19:53:06 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599729828fc4b90bdbde99cc" - } - ] -} -2017-08-18 19:53:06 updated user 599729828fc4b90bdbde99cc. -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "zoltan", role: "admin", id: "599729828fc4b90bdbde99cd", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "599729828fc4b90bdbde99cc", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'zoltan' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'zoltan' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize update 'updateUser' with user 'zoltan' and role 'admin' is authorized -2017-08-18 19:53:06 updated user 599729828fc4b90bdbde99cc. -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "tobkle", role: "admin", id: "599729828fc4b90bdbde99cc", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "599729828fc4b90bdbde99cd") -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-18 19:53:06 removed user 599729828fc4b90bdbde99cd. -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "tobkle", role: "admin", id: "599729828fc4b90bdbde99cc", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "599729828fc4b90bdbde99cc", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 19:53:06 { - "authorId": "599729828fc4b90bdbde99cc", - "body": "This is a test tweet of user tobkle", - "coauthorsIds": [], - "createdAt": 1503078786858, - "updatedAt": 1503078786858, - "createdById": "599729828fc4b90bdbde99cc", - "updatedById": "599729828fc4b90bdbde99cc" -} -2017-08-18 19:53:06 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-18 19:53:06 inserted tweet 599729828fc4b90bdbde99ce. -2017-08-18 19:53:06 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 { - "authorId": "583291a1638566b3c5a92ca1", - "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", - "coauthorsIds": [], - "createdAt": 1503078786869, - "updatedAt": 1503078786869, - "createdById": "599729828fc4b90bdbde99cc", - "updatedById": "599729828fc4b90bdbde99cc" -} -2017-08-18 19:53:06 Request: -User: "tobkle", role: "admin", id: "599729828fc4b90bdbde99cc", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-18 19:53:06 inserted tweet 599729828fc4b90bdbde99cf. -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "tobkle", role: "admin", id: "599729828fc4b90bdbde99cc", -Operation: "", variables: "", -Query: -{ - tweet(id: "599729828fc4b90bdbde99ce") { - author { - id - } - body - } -} - -2017-08-18 19:53:06 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "tobkle", role: "admin", id: "599729828fc4b90bdbde99cc", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "tobkle", role: "admin", id: "599729828fc4b90bdbde99cc", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "599729828fc4b90bdbde99ce", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-18 19:53:06 updated tweet 599729828fc4b90bdbde99ce. -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "tobkle", role: "admin", id: "599729828fc4b90bdbde99cc", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "599729828fc4b90bdbde99cf", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-18 19:53:06 updated tweet 599729828fc4b90bdbde99cf. -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "tobkle", role: "admin", id: "599729828fc4b90bdbde99cc", -Operation: "", variables: "", -Query: -{ - tweet(id: "599729828fc4b90bdbde99ce") { - body - } -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "tobkle", role: "admin", id: "599729828fc4b90bdbde99cc", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "599729828fc4b90bdbde99ce") -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-18 19:53:06 removed tweet 599729828fc4b90bdbde99ce. -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "tobkle", role: "admin", id: "599729828fc4b90bdbde99cc", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "599729828fc4b90bdbde99cf") -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-18 19:53:06 removed tweet 599729828fc4b90bdbde99cf. -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "tobkle", role: "admin", id: "599729828fc4b90bdbde99cc", -Operation: "", variables: "", -Query: -{ - tweet(id: "599729828fc4b90bdbde99ce") { - body - } -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "tobkle", role: "admin", id: "599729828fc4b90bdbde99cc", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "599729828fc4b90bdbde99cc") -} - -2017-08-18 19:53:06 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-18 19:53:06 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-18 19:53:06 removed user 599729828fc4b90bdbde99cc. -2017-08-18 19:53:06 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 ERROR Cannot read property 'load' of undefined -2017-08-18 19:53:06 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "599729828fc4b90bdbde99cc") { - username - bio - role - } -} - -2017-08-18 19:53:06 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 19:53:06 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-18 19:53:06 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-08-18 19:53:06 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 19:53:06 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-18 19:53:06 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 ERROR Cannot read property 'load' of undefined -2017-08-18 19:53:06 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-18 19:53:06 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 19:53:06 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. -2017-08-18 19:53:06 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-18 19:53:06 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 19:53:06 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. -2017-08-18 19:53:06 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-18 19:53:06 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-18 19:53:06 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 19:53:06 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-18 19:53:06 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 19:53:06 -------------------------------------------------------------------------------- -2017-08-18 19:53:06 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-18 19:53:06 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 19:53:06 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 19:53:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 19:53:07 -------------------------------------------------------------------------------- -2017-08-18 19:53:07 { - "authorId": "583291a1638566b3c5a92ca1", - "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", - "coauthorsIds": [], - "createdAt": 1503078787009, - "updatedAt": 1503078787009, - "createdById": "unknown", - "updatedById": "unknown" -} -2017-08-18 19:53:07 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-18 19:53:07 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-18 19:53:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 19:53:07 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-18 19:53:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 19:53:07 -------------------------------------------------------------------------------- -2017-08-18 19:53:07 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-18 19:53:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 19:53:07 ERROR Cannot read property 'load' of undefined -2017-08-18 19:53:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 19:53:07 -------------------------------------------------------------------------------- -2017-08-18 19:53:07 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-18 19:53:07 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-18 19:53:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 19:53:07 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-18 19:53:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 19:53:07 -------------------------------------------------------------------------------- -2017-08-18 19:53:07 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-18 19:53:07 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-18 19:53:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 19:53:07 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-18 19:53:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 19:53:07 -------------------------------------------------------------------------------- -2017-08-18 19:53:07 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-18 19:53:07 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-18 19:53:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 19:53:07 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-18 19:53:07 -------------------------------------------------------------------------------- -2017-08-18 19:53:07 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { - id - role - } -} - -2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:07 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:07 inserted user 599729838fc4b90bdbde99d0. -2017-08-18 19:53:07 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-18 19:53:07 -------------------------------------------------------------------------------- -2017-08-18 19:53:07 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. -2017-08-18 19:53:07 Request: -User: "tobkle", role: "user", id: "599729838fc4b90bdbde99d0", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599729838fc4b90bdbde99d0" - } - ] -} -2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 19:53:07 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. -2017-08-18 19:53:07 -------------------------------------------------------------------------------- -2017-08-18 19:53:07 Request: -User: "tobkle", role: "user", id: "599729838fc4b90bdbde99d0", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599729838fc4b90bdbde99d0" - } - ] -} -2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 19:53:07 -------------------------------------------------------------------------------- -2017-08-18 19:53:07 Request: -User: "tobkle", role: "user", id: "599729838fc4b90bdbde99d0", -Operation: "", variables: "", -Query: -{ - user(id: "599729838fc4b90bdbde99d0") { - username - } -} - -2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599729838fc4b90bdbde99d0" - } - ] -} -2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 19:53:07 -------------------------------------------------------------------------------- -2017-08-18 19:53:07 Request: -User: "tobkle", role: "user", id: "599729838fc4b90bdbde99d0", -Operation: "", variables: "", -Query: -{ - user(id: "599729838fc4b90bdbde99d0") { - username - role - } -} - -2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599729838fc4b90bdbde99d0" - } - ] -} -2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 19:53:07 -------------------------------------------------------------------------------- -2017-08-18 19:53:07 Request: -User: "tobkle", role: "user", id: "599729838fc4b90bdbde99d0", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599729838fc4b90bdbde99d0" - } - ] -} -2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 19:53:07 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599729838fc4b90bdbde99d0" - } - ] -} -2017-08-18 19:53:07 ERROR update user not possible for 583291a1638566b3c5a92ca1. -2017-08-18 19:53:07 -------------------------------------------------------------------------------- -2017-08-18 19:53:07 Request: -User: "tobkle", role: "user", id: "599729838fc4b90bdbde99d0", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "599729838fc4b90bdbde99d0", input: {username: "tobkle", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599729838fc4b90bdbde99d0" - } - ] -} -2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 19:53:07 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599729838fc4b90bdbde99d0" - } - ] -} -2017-08-18 19:53:07 updated user 599729838fc4b90bdbde99d0. -2017-08-18 19:53:07 -------------------------------------------------------------------------------- -2017-08-18 19:53:07 Request: -User: "tobkle", role: "user", id: "599729838fc4b90bdbde99d0", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "599729838fc4b90bdbde99d0", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599729838fc4b90bdbde99d0" - } - ] -} -2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 19:53:07 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599729838fc4b90bdbde99d0" - } - ] -} -2017-08-18 19:53:07 updated user 599729838fc4b90bdbde99d0. -2017-08-18 19:53:07 -------------------------------------------------------------------------------- -2017-08-18 19:53:07 Request: -User: "tobkle", role: "user", id: "599729838fc4b90bdbde99d0", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599729838fc4b90bdbde99d0" - } - ] -} -2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 19:53:07 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599729838fc4b90bdbde99d0" - } - ] -} -2017-08-18 19:53:07 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-08-18 19:53:07 -------------------------------------------------------------------------------- -2017-08-18 19:53:07 { - "authorId": "599729838fc4b90bdbde99d0", - "body": "This is a test tweet of user tobkle", - "coauthorsIds": [], - "createdAt": 1503078787106, - "updatedAt": 1503078787106, - "createdById": "599729838fc4b90bdbde99d0", - "updatedById": "599729838fc4b90bdbde99d0" -} -2017-08-18 19:53:07 Request: -User: "tobkle", role: "user", id: "599729838fc4b90bdbde99d0", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "599729838fc4b90bdbde99d0", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599729838fc4b90bdbde99d0" - } - ] -} -2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 19:53:07 Authorize create 'createTweet' with user 'tobkle' and role: 'user' is authorized by docRole. -2017-08-18 19:53:07 inserted tweet 599729838fc4b90bdbde99d1. -2017-08-18 19:53:07 -------------------------------------------------------------------------------- -2017-08-18 19:53:07 { - "authorId": "583291a1638566b3c5a92ca1", - "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", - "coauthorsIds": [], - "createdAt": 1503078787114, - "updatedAt": 1503078787114, - "createdById": "599729838fc4b90bdbde99d0", - "updatedById": "599729838fc4b90bdbde99d0" -} -2017-08-18 19:53:07 Request: -User: "tobkle", role: "user", id: "599729838fc4b90bdbde99d0", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-18 19:53:07 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. -2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599729838fc4b90bdbde99d0" - } - ] -} -2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 19:53:07 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. -2017-08-18 19:53:07 -------------------------------------------------------------------------------- -2017-08-18 19:53:07 Request: -User: "tobkle", role: "user", id: "599729838fc4b90bdbde99d0", -Operation: "", variables: "", -Query: -{ - tweet(id: "599729838fc4b90bdbde99d1") { - author { - id - } - body - } -} - -2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599729838fc4b90bdbde99d0" - } - ] -} -2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 19:53:07 -------------------------------------------------------------------------------- -2017-08-18 19:53:07 Request: -User: "tobkle", role: "user", id: "599729838fc4b90bdbde99d0", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599729838fc4b90bdbde99d0" - } - ] -} -2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 19:53:07 -------------------------------------------------------------------------------- -2017-08-18 19:53:07 Request: -User: "tobkle", role: "user", id: "599729838fc4b90bdbde99d0", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "599729838fc4b90bdbde99d1", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599729838fc4b90bdbde99d0" - } - ] -} -2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 19:53:07 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "599729838fc4b90bdbde99d0" - }, - { - "coauthorsIds": "599729838fc4b90bdbde99d0" - } - ] -} -2017-08-18 19:53:07 updated tweet 599729838fc4b90bdbde99d1. -2017-08-18 19:53:07 -------------------------------------------------------------------------------- -2017-08-18 19:53:07 Request: -User: "tobkle", role: "user", id: "599729838fc4b90bdbde99d0", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599729838fc4b90bdbde99d0" - } - ] -} -2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 19:53:07 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "599729838fc4b90bdbde99d0" - }, - { - "coauthorsIds": "599729838fc4b90bdbde99d0" - } - ] -} -2017-08-18 19:53:07 ERROR update tweet not possible for 583676d3618530145474e352. -2017-08-18 19:53:07 -------------------------------------------------------------------------------- -2017-08-18 19:53:07 Request: -User: "tobkle", role: "user", id: "599729838fc4b90bdbde99d0", -Operation: "", variables: "", -Query: -{ - tweet(id: "599729838fc4b90bdbde99d1") { - body - } -} - -2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599729838fc4b90bdbde99d0" - } - ] -} -2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 19:53:07 -------------------------------------------------------------------------------- -2017-08-18 19:53:07 Request: -User: "tobkle", role: "user", id: "599729838fc4b90bdbde99d0", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "599729838fc4b90bdbde99d1") -} - -2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599729838fc4b90bdbde99d0" - } - ] -} -2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 19:53:07 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "599729838fc4b90bdbde99d0" - } - ] -} -2017-08-18 19:53:07 removed tweet 599729838fc4b90bdbde99d1. -2017-08-18 19:53:07 -------------------------------------------------------------------------------- -2017-08-18 19:53:07 Request: -User: "tobkle", role: "user", id: "599729838fc4b90bdbde99d0", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599729838fc4b90bdbde99d0" - } - ] -} -2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 19:53:07 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "599729838fc4b90bdbde99d0" - } - ] -} -2017-08-18 19:53:07 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-08-18 19:53:07 -------------------------------------------------------------------------------- -2017-08-18 19:53:07 Request: -User: "tobkle", role: "user", id: "599729838fc4b90bdbde99d0", -Operation: "", variables: "", -Query: -{ - tweet(id: "599729838fc4b90bdbde99d1") { - body - } -} - -2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599729838fc4b90bdbde99d0" - } - ] -} -2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 19:53:07 -------------------------------------------------------------------------------- -2017-08-18 19:53:07 Request: -User: "tobkle", role: "user", id: "599729838fc4b90bdbde99d0", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "599729838fc4b90bdbde99d0") -} - -2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599729838fc4b90bdbde99d0" - } - ] -} -2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-18 19:53:07 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599729838fc4b90bdbde99d0" - } - ] -} -2017-08-18 19:53:07 removed user 599729838fc4b90bdbde99d0. -2017-08-18 19:53:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 19:53:07 -------------------------------------------------------------------------------- -2017-08-18 19:53:07 ERROR Cannot read property 'load' of undefined -2017-08-18 19:53:07 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "599729838fc4b90bdbde99d0") { - username - bio - role - } -} - -2017-08-18 19:53:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 19:53:07 -------------------------------------------------------------------------------- -2017-08-18 19:53:07 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { - id - role - } -} - -2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:07 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-18 19:53:07 inserted user 599729838fc4b90bdbde99d2. -2017-08-18 19:53:07 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-18 19:53:07 -------------------------------------------------------------------------------- -2017-08-18 19:53:07 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. -2017-08-18 19:53:07 Request: -User: "tobkle", role: "editor", id: "599729838fc4b90bdbde99d2", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599729838fc4b90bdbde99d2" - } - ] -} -2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-18 19:53:07 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. -2017-08-18 19:53:07 -------------------------------------------------------------------------------- -2017-08-18 19:53:07 Request: -User: "tobkle", role: "editor", id: "599729838fc4b90bdbde99d2", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599729838fc4b90bdbde99d2" - } - ] -} -2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-18 19:53:07 -------------------------------------------------------------------------------- -2017-08-18 19:53:07 Request: -User: "tobkle", role: "editor", id: "599729838fc4b90bdbde99d2", -Operation: "", variables: "", -Query: -{ - user(id: "599729838fc4b90bdbde99d2") { - username - role - } -} - -2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599729838fc4b90bdbde99d2" - } - ] -} -2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-18 19:53:07 -------------------------------------------------------------------------------- -2017-08-18 19:53:07 Request: -User: "tobkle", role: "editor", id: "599729838fc4b90bdbde99d2", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599729838fc4b90bdbde99d2" - } - ] -} -2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-18 19:53:07 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599729838fc4b90bdbde99d2" - } - ] -} -2017-08-18 19:53:07 ERROR update user not possible for 583291a1638566b3c5a92ca1. -2017-08-18 19:53:07 -------------------------------------------------------------------------------- -2017-08-18 19:53:07 Request: -User: "tobkle", role: "editor", id: "599729838fc4b90bdbde99d2", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "599729838fc4b90bdbde99d2", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599729838fc4b90bdbde99d2" - } - ] -} -2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-18 19:53:07 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599729838fc4b90bdbde99d2" - } - ] -} -2017-08-18 19:53:07 updated user 599729838fc4b90bdbde99d2. -2017-08-18 19:53:07 -------------------------------------------------------------------------------- -2017-08-18 19:53:07 Request: -User: "tmeasday", role: "editor", id: "599729838fc4b90bdbde99d2", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "599729838fc4b90bdbde99d2", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599729838fc4b90bdbde99d2" - } - ] -} -2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-18 19:53:07 Authorize update 'updateUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599729838fc4b90bdbde99d2" - } - ] -} -2017-08-18 19:53:07 updated user 599729838fc4b90bdbde99d2. -2017-08-18 19:53:07 -------------------------------------------------------------------------------- -2017-08-18 19:53:07 Request: -User: "tmeasday", role: "editor", id: "599729838fc4b90bdbde99d2", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599729838fc4b90bdbde99d2" - } - ] -} -2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-18 19:53:07 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599729838fc4b90bdbde99d2" - } - ] -} -2017-08-18 19:53:07 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-08-18 19:53:07 -------------------------------------------------------------------------------- -2017-08-18 19:53:07 { - "authorId": "599729838fc4b90bdbde99d2", - "body": "This is a test tweet of user tobkle", - "coauthorsIds": [], - "createdAt": 1503078787254, - "updatedAt": 1503078787254, - "createdById": "599729838fc4b90bdbde99d2", - "updatedById": "599729838fc4b90bdbde99d2" -} -2017-08-18 19:53:07 Request: -User: "tmeasday", role: "editor", id: "599729838fc4b90bdbde99d2", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "599729838fc4b90bdbde99d2", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599729838fc4b90bdbde99d2" - } - ] -} -2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-18 19:53:07 Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is authorized by docRole. -2017-08-18 19:53:07 inserted tweet 599729838fc4b90bdbde99d3. -2017-08-18 19:53:07 -------------------------------------------------------------------------------- -2017-08-18 19:53:07 { - "authorId": "583291a1638566b3c5a92ca1", - "body": "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:", - "coauthorsIds": [], - "createdAt": 1503078787261, - "updatedAt": 1503078787261, - "createdById": "599729838fc4b90bdbde99d2", - "updatedById": "599729838fc4b90bdbde99d2" -} -2017-08-18 19:53:07 Request: -User: "tmeasday", role: "editor", id: "599729838fc4b90bdbde99d2", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-18 19:53:07 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. -2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599729838fc4b90bdbde99d2" - } - ] -} -2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-18 19:53:07 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. -2017-08-18 19:53:07 -------------------------------------------------------------------------------- -2017-08-18 19:53:07 Request: -User: "tmeasday", role: "editor", id: "599729838fc4b90bdbde99d2", -Operation: "", variables: "", -Query: -{ - tweet(id: "599729838fc4b90bdbde99d3") { - author { - id - } - body - } -} - -2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599729838fc4b90bdbde99d2" - } - ] -} -2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-18 19:53:07 -------------------------------------------------------------------------------- -2017-08-18 19:53:07 Request: -User: "tmeasday", role: "editor", id: "599729838fc4b90bdbde99d2", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599729838fc4b90bdbde99d2" - } - ] -} -2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-18 19:53:07 -------------------------------------------------------------------------------- -2017-08-18 19:53:07 Request: -User: "tmeasday", role: "editor", id: "599729838fc4b90bdbde99d2", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "599729838fc4b90bdbde99d3", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599729838fc4b90bdbde99d2" - } - ] -} -2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-18 19:53:07 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "599729838fc4b90bdbde99d2" - }, - { - "coauthorsIds": "599729838fc4b90bdbde99d2" - } - ] -} -2017-08-18 19:53:07 updated tweet 599729838fc4b90bdbde99d3. -2017-08-18 19:53:07 -------------------------------------------------------------------------------- -2017-08-18 19:53:07 Request: -User: "tmeasday", role: "editor", id: "599729838fc4b90bdbde99d2", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599729838fc4b90bdbde99d2" - } - ] -} -2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-18 19:53:07 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "599729838fc4b90bdbde99d2" - }, - { - "coauthorsIds": "599729838fc4b90bdbde99d2" - } - ] -} -2017-08-18 19:53:07 ERROR update tweet not possible for 583676d3618530145474e352. -2017-08-18 19:53:07 -------------------------------------------------------------------------------- -2017-08-18 19:53:07 Request: -User: "tmeasday", role: "editor", id: "599729838fc4b90bdbde99d2", -Operation: "", variables: "", -Query: -{ - tweet(id: "599729838fc4b90bdbde99d3") { - body - } -} - -2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599729838fc4b90bdbde99d2" - } - ] -} -2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-18 19:53:07 -------------------------------------------------------------------------------- -2017-08-18 19:53:07 Request: -User: "tmeasday", role: "editor", id: "599729838fc4b90bdbde99d2", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "599729838fc4b90bdbde99d3") -} - -2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599729838fc4b90bdbde99d2" - } - ] -} -2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-18 19:53:07 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "599729838fc4b90bdbde99d2" - } - ] -} -2017-08-18 19:53:07 removed tweet 599729838fc4b90bdbde99d3. -2017-08-18 19:53:07 -------------------------------------------------------------------------------- -2017-08-18 19:53:07 Request: -User: "tmeasday", role: "editor", id: "599729838fc4b90bdbde99d2", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599729838fc4b90bdbde99d2" - } - ] -} -2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-18 19:53:07 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "599729838fc4b90bdbde99d2" - } - ] -} -2017-08-18 19:53:07 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-08-18 19:53:07 -------------------------------------------------------------------------------- -2017-08-18 19:53:07 Request: -User: "tmeasday", role: "editor", id: "599729838fc4b90bdbde99d2", -Operation: "", variables: "", -Query: -{ - tweet(id: "599729838fc4b90bdbde99d3") { - body - } -} - -2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599729838fc4b90bdbde99d2" - } - ] -} -2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-18 19:53:07 -------------------------------------------------------------------------------- -2017-08-18 19:53:07 Request: -User: "tmeasday", role: "editor", id: "599729838fc4b90bdbde99d2", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "599729838fc4b90bdbde99d2") -} - -2017-08-18 19:53:07 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599729838fc4b90bdbde99d2" - } - ] -} -2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-18 19:53:07 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599729838fc4b90bdbde99d2" - } - ] -} -2017-08-18 19:53:07 removed user 599729838fc4b90bdbde99d2. -2017-08-18 19:53:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 19:53:07 -------------------------------------------------------------------------------- -2017-08-18 19:53:07 ERROR Cannot read property 'load' of undefined -2017-08-18 19:53:07 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "599729838fc4b90bdbde99d2") { - username - bio - role - } -} - -2017-08-18 19:53:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 19:53:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-18 21:04:00 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 21:04:00 -------------------------------------------------------------------------------- -2017-08-18 21:04:00 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -query IntrospectionQuery { - __schema { - queryType { - name - } - mutationType { - name - } - subscriptionType { - name - } - types { - ...FullType - } - directives { - name - description - locations - args { - ...InputValue - } - } - } -} - -fragment FullType on __Type { - kind - name - description - fields(includeDeprecated: true) { - name - description - args { - ...InputValue - } - type { - ...TypeRef - } - isDeprecated - deprecationReason - } - inputFields { - ...InputValue - } - interfaces { - ...TypeRef - } - enumValues(includeDeprecated: true) { - name - description - isDeprecated - deprecationReason - } - possibleTypes { - ...TypeRef - } -} - -fragment InputValue on __InputValue { - name - description - type { - ...TypeRef - } - defaultValue -} - -fragment TypeRef on __Type { - kind - name - ofType { - kind - name - ofType { - kind - name - ofType { - kind - name - } - } - } -} - -2017-08-18 21:04:00 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-18 21:04:00 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 14:41:23 Logger started -2017-08-20 14:41:53 -------------------------------------------------------------------------------- -2017-08-20 14:41:53 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-20 14:41:53 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:41:53 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - role - username - } -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - role - username - } -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca2") { - role - username - } -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - id - username - bio - } -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users { - username - createdAt - } -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(limit: 1) { - username - createdAt - } -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993) { - username - createdAt - } -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers { - username - createdAt - } - } -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(limit: 1) { - username - createdAt - } - } -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following { - username - createdAt - } - } -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(limit: 1) { - username - createdAt - } - } -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets { - id - createdAt - } - } -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(limit: 1) { - id - createdAt - } - } -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } - } -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } - } -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked { - id - createdAt - } - } -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(limit: 1) { - id - createdAt - } - } -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334) { - id - createdAt - } - } -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334, limit: 1) { - id - createdAt - } - } -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - id - body - } -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - author { - username - } - } -} - -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets { - id - createdAt - } -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(limit: 1) { - id - createdAt - } -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers { - username - createdAt - } - } -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(limit: 1) { - username - createdAt - } - } -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993) { - username - createdAt - } - } -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } - } -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { - id - role - } -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-20 14:42:38 inserted user 599983be072db88747e2d1f8. -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "tobkle", role: "admin", id: "599983be072db88747e2d1f8", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-20 14:42:38 inserted user 599983be072db88747e2d1f9. -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "tobkle", role: "admin", id: "599983be072db88747e2d1f8", -Operation: "", variables: "", -Query: -{ - user(id: "599983be072db88747e2d1f9") { - username - bio - role - } -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "tobkle", role: "admin", id: "599983be072db88747e2d1f8", -Operation: "", variables: "", -Query: -{ - user(id: "599983be072db88747e2d1f8") { - username - role - } -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "tobkle", role: "admin", id: "599983be072db88747e2d1f8", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "599983be072db88747e2d1f9", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:42:38 updated user 599983be072db88747e2d1f9. -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "tobkle", role: "admin", id: "599983be072db88747e2d1f8", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "599983be072db88747e2d1f8", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:42:38 updated user 599983be072db88747e2d1f8. -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "tobkle", role: "admin", id: "599983be072db88747e2d1f8", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "599983be072db88747e2d1f9", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:42:38 updated user 599983be072db88747e2d1f9. -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "tobkle", role: "admin", id: "599983be072db88747e2d1f8", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "599983be072db88747e2d1f8", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:42:38 updated user 599983be072db88747e2d1f8. -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "tobkle", role: "editor", id: "599983be072db88747e2d1f8", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "599983be072db88747e2d1f8", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599983be072db88747e2d1f8" - } - ] -} -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-20 14:42:38 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599983be072db88747e2d1f8" - } - ] -} -2017-08-20 14:42:38 updated user 599983be072db88747e2d1f8. -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "zoltan", role: "admin", id: "599983be072db88747e2d1f9", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "599983be072db88747e2d1f8", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'zoltan' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'zoltan' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize update 'updateUser' with user 'zoltan' and role 'admin' is authorized -2017-08-20 14:42:38 updated user 599983be072db88747e2d1f8. -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "tobkle", role: "admin", id: "599983be072db88747e2d1f8", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "599983be072db88747e2d1f9") -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:42:38 removed user 599983be072db88747e2d1f9. -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "tobkle", role: "admin", id: "599983be072db88747e2d1f8", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "599983be072db88747e2d1f8", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-20 14:42:38 inserted tweet 599983be072db88747e2d1fa. -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "tobkle", role: "admin", id: "599983be072db88747e2d1f8", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-20 14:42:38 inserted tweet 599983be072db88747e2d1fb. -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "tobkle", role: "admin", id: "599983be072db88747e2d1f8", -Operation: "", variables: "", -Query: -{ - tweet(id: "599983be072db88747e2d1fa") { - author { - id - } - body - } -} - -2017-08-20 14:42:38 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "tobkle", role: "admin", id: "599983be072db88747e2d1f8", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "tobkle", role: "admin", id: "599983be072db88747e2d1f8", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "599983be072db88747e2d1fa", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:42:38 updated tweet 599983be072db88747e2d1fa. -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "tobkle", role: "admin", id: "599983be072db88747e2d1f8", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "599983be072db88747e2d1fb", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:42:38 updated tweet 599983be072db88747e2d1fb. -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "tobkle", role: "admin", id: "599983be072db88747e2d1f8", -Operation: "", variables: "", -Query: -{ - tweet(id: "599983be072db88747e2d1fa") { - body - } -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "tobkle", role: "admin", id: "599983be072db88747e2d1f8", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "599983be072db88747e2d1fa") -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:42:38 removed tweet 599983be072db88747e2d1fa. -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "tobkle", role: "admin", id: "599983be072db88747e2d1f8", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "599983be072db88747e2d1fb") -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:42:38 removed tweet 599983be072db88747e2d1fb. -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "tobkle", role: "admin", id: "599983be072db88747e2d1f8", -Operation: "", variables: "", -Query: -{ - tweet(id: "599983be072db88747e2d1fa") { - body - } -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 Request: -User: "tobkle", role: "admin", id: "599983be072db88747e2d1f8", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "599983be072db88747e2d1f8") -} - -2017-08-20 14:42:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:42:38 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:42:38 removed user 599983be072db88747e2d1f8. -2017-08-20 14:42:38 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 ERROR Cannot read property 'load' of undefined -2017-08-20 14:42:38 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "599983be072db88747e2d1f8") { - username - bio - role - } -} - -2017-08-20 14:42:38 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 14:42:38 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-20 14:42:38 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-08-20 14:42:38 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 14:42:38 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-20 14:42:38 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 ERROR Cannot read property 'load' of undefined -2017-08-20 14:42:38 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-20 14:42:38 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 14:42:38 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. -2017-08-20 14:42:38 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 14:42:38 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 14:42:38 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. -2017-08-20 14:42:38 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:42:38 -------------------------------------------------------------------------------- -2017-08-20 14:42:38 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-20 14:42:38 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-20 14:42:38 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:42:38 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 14:42:38 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-20 14:42:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:42:39 -------------------------------------------------------------------------------- -2017-08-20 14:42:39 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-20 14:42:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 14:42:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:42:39 -------------------------------------------------------------------------------- -2017-08-20 14:42:39 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-20 14:42:39 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-20 14:42:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 14:42:39 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-20 14:42:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:42:39 -------------------------------------------------------------------------------- -2017-08-20 14:42:39 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-20 14:42:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 14:42:39 ERROR Cannot read property 'load' of undefined -2017-08-20 14:42:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:42:39 -------------------------------------------------------------------------------- -2017-08-20 14:42:39 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-20 14:42:39 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 14:42:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 14:42:39 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-20 14:42:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:42:39 -------------------------------------------------------------------------------- -2017-08-20 14:42:39 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-20 14:42:39 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 14:42:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 14:42:39 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-20 14:42:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:42:39 -------------------------------------------------------------------------------- -2017-08-20 14:42:39 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-20 14:42:39 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-20 14:42:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 14:42:39 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-20 14:42:39 -------------------------------------------------------------------------------- -2017-08-20 14:42:39 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { - id - role - } -} - -2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:39 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:39 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-20 14:42:39 inserted user 599983bf072db88747e2d1fc. -2017-08-20 14:42:39 -------------------------------------------------------------------------------- -2017-08-20 14:42:39 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. -2017-08-20 14:42:39 Request: -User: "tobkle", role: "user", id: "599983bf072db88747e2d1fc", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599983bf072db88747e2d1fc" - } - ] -} -2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:42:39 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. -2017-08-20 14:42:39 -------------------------------------------------------------------------------- -2017-08-20 14:42:39 Request: -User: "tobkle", role: "user", id: "599983bf072db88747e2d1fc", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599983bf072db88747e2d1fc" - } - ] -} -2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:42:39 -------------------------------------------------------------------------------- -2017-08-20 14:42:39 Request: -User: "tobkle", role: "user", id: "599983bf072db88747e2d1fc", -Operation: "", variables: "", -Query: -{ - user(id: "599983bf072db88747e2d1fc") { - username - } -} - -2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599983bf072db88747e2d1fc" - } - ] -} -2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:42:39 -------------------------------------------------------------------------------- -2017-08-20 14:42:39 Request: -User: "tobkle", role: "user", id: "599983bf072db88747e2d1fc", -Operation: "", variables: "", -Query: -{ - user(id: "599983bf072db88747e2d1fc") { - username - role - } -} - -2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599983bf072db88747e2d1fc" - } - ] -} -2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:42:39 -------------------------------------------------------------------------------- -2017-08-20 14:42:39 Request: -User: "tobkle", role: "user", id: "599983bf072db88747e2d1fc", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599983bf072db88747e2d1fc" - } - ] -} -2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:42:39 ERROR update user not possible for 583291a1638566b3c5a92ca1. -2017-08-20 14:42:39 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599983bf072db88747e2d1fc" - } - ] -} -2017-08-20 14:42:39 -------------------------------------------------------------------------------- -2017-08-20 14:42:39 Request: -User: "tobkle", role: "user", id: "599983bf072db88747e2d1fc", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "599983bf072db88747e2d1fc", input: {username: "tobkle", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599983bf072db88747e2d1fc" - } - ] -} -2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:42:39 updated user 599983bf072db88747e2d1fc. -2017-08-20 14:42:39 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599983bf072db88747e2d1fc" - } - ] -} -2017-08-20 14:42:39 -------------------------------------------------------------------------------- -2017-08-20 14:42:39 Request: -User: "tobkle", role: "user", id: "599983bf072db88747e2d1fc", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "599983bf072db88747e2d1fc", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599983bf072db88747e2d1fc" - } - ] -} -2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:42:39 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599983bf072db88747e2d1fc" - } - ] -} -2017-08-20 14:42:39 updated user 599983bf072db88747e2d1fc. -2017-08-20 14:42:39 -------------------------------------------------------------------------------- -2017-08-20 14:42:39 Request: -User: "tobkle", role: "user", id: "599983bf072db88747e2d1fc", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599983bf072db88747e2d1fc" - } - ] -} -2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:42:39 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599983bf072db88747e2d1fc" - } - ] -} -2017-08-20 14:42:39 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-08-20 14:42:39 -------------------------------------------------------------------------------- -2017-08-20 14:42:39 Request: -User: "tobkle", role: "user", id: "599983bf072db88747e2d1fc", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "599983bf072db88747e2d1fc", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599983bf072db88747e2d1fc" - } - ] -} -2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:42:39 inserted tweet 599983bf072db88747e2d1fd. -2017-08-20 14:42:39 Authorize create 'createTweet' with user 'tobkle' and role: 'user' is authorized by docRole. -2017-08-20 14:42:39 -------------------------------------------------------------------------------- -2017-08-20 14:42:39 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. -2017-08-20 14:42:39 Request: -User: "tobkle", role: "user", id: "599983bf072db88747e2d1fc", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599983bf072db88747e2d1fc" - } - ] -} -2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:42:39 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. -2017-08-20 14:42:39 -------------------------------------------------------------------------------- -2017-08-20 14:42:39 Request: -User: "tobkle", role: "user", id: "599983bf072db88747e2d1fc", -Operation: "", variables: "", -Query: -{ - tweet(id: "599983bf072db88747e2d1fd") { - author { - id - } - body - } -} - -2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599983bf072db88747e2d1fc" - } - ] -} -2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:42:39 -------------------------------------------------------------------------------- -2017-08-20 14:42:39 Request: -User: "tobkle", role: "user", id: "599983bf072db88747e2d1fc", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599983bf072db88747e2d1fc" - } - ] -} -2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:42:39 -------------------------------------------------------------------------------- -2017-08-20 14:42:39 Request: -User: "tobkle", role: "user", id: "599983bf072db88747e2d1fc", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "599983bf072db88747e2d1fd", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599983bf072db88747e2d1fc" - } - ] -} -2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:42:39 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "599983bf072db88747e2d1fc" - }, - { - "coauthorsIds": "599983bf072db88747e2d1fc" - } - ] -} -2017-08-20 14:42:39 updated tweet 599983bf072db88747e2d1fd. -2017-08-20 14:42:39 -------------------------------------------------------------------------------- -2017-08-20 14:42:39 Request: -User: "tobkle", role: "user", id: "599983bf072db88747e2d1fc", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599983bf072db88747e2d1fc" - } - ] -} -2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:42:39 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "599983bf072db88747e2d1fc" - }, - { - "coauthorsIds": "599983bf072db88747e2d1fc" - } - ] -} -2017-08-20 14:42:39 ERROR update tweet not possible for 583676d3618530145474e352. -2017-08-20 14:42:39 -------------------------------------------------------------------------------- -2017-08-20 14:42:39 Request: -User: "tobkle", role: "user", id: "599983bf072db88747e2d1fc", -Operation: "", variables: "", -Query: -{ - tweet(id: "599983bf072db88747e2d1fd") { - body - } -} - -2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599983bf072db88747e2d1fc" - } - ] -} -2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:42:39 -------------------------------------------------------------------------------- -2017-08-20 14:42:39 Request: -User: "tobkle", role: "user", id: "599983bf072db88747e2d1fc", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "599983bf072db88747e2d1fd") -} - -2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599983bf072db88747e2d1fc" - } - ] -} -2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:42:39 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "599983bf072db88747e2d1fc" - } - ] -} -2017-08-20 14:42:39 removed tweet 599983bf072db88747e2d1fd. -2017-08-20 14:42:39 -------------------------------------------------------------------------------- -2017-08-20 14:42:39 Request: -User: "tobkle", role: "user", id: "599983bf072db88747e2d1fc", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599983bf072db88747e2d1fc" - } - ] -} -2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:42:39 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "599983bf072db88747e2d1fc" - } - ] -} -2017-08-20 14:42:39 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-08-20 14:42:39 -------------------------------------------------------------------------------- -2017-08-20 14:42:39 Request: -User: "tobkle", role: "user", id: "599983bf072db88747e2d1fc", -Operation: "", variables: "", -Query: -{ - tweet(id: "599983bf072db88747e2d1fd") { - body - } -} - -2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599983bf072db88747e2d1fc" - } - ] -} -2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:42:39 -------------------------------------------------------------------------------- -2017-08-20 14:42:39 Request: -User: "tobkle", role: "user", id: "599983bf072db88747e2d1fc", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "599983bf072db88747e2d1fc") -} - -2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599983bf072db88747e2d1fc" - } - ] -} -2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:42:39 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599983bf072db88747e2d1fc" - } - ] -} -2017-08-20 14:42:39 removed user 599983bf072db88747e2d1fc. -2017-08-20 14:42:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:42:39 -------------------------------------------------------------------------------- -2017-08-20 14:42:39 ERROR Cannot read property 'load' of undefined -2017-08-20 14:42:39 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "599983bf072db88747e2d1fc") { - username - bio - role - } -} - -2017-08-20 14:42:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 14:42:39 -------------------------------------------------------------------------------- -2017-08-20 14:42:39 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { - id - role - } -} - -2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:39 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:42:39 inserted user 599983bf072db88747e2d1fe. -2017-08-20 14:42:39 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-20 14:42:39 -------------------------------------------------------------------------------- -2017-08-20 14:42:39 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. -2017-08-20 14:42:39 Request: -User: "tobkle", role: "editor", id: "599983bf072db88747e2d1fe", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599983bf072db88747e2d1fe" - } - ] -} -2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-20 14:42:39 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. -2017-08-20 14:42:39 -------------------------------------------------------------------------------- -2017-08-20 14:42:39 Request: -User: "tobkle", role: "editor", id: "599983bf072db88747e2d1fe", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599983bf072db88747e2d1fe" - } - ] -} -2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-20 14:42:39 -------------------------------------------------------------------------------- -2017-08-20 14:42:39 Request: -User: "tobkle", role: "editor", id: "599983bf072db88747e2d1fe", -Operation: "", variables: "", -Query: -{ - user(id: "599983bf072db88747e2d1fe") { - username - role - } -} - -2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599983bf072db88747e2d1fe" - } - ] -} -2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-20 14:42:39 -------------------------------------------------------------------------------- -2017-08-20 14:42:39 Request: -User: "tobkle", role: "editor", id: "599983bf072db88747e2d1fe", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599983bf072db88747e2d1fe" - } - ] -} -2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-20 14:42:39 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599983bf072db88747e2d1fe" - } - ] -} -2017-08-20 14:42:39 ERROR update user not possible for 583291a1638566b3c5a92ca1. -2017-08-20 14:42:39 -------------------------------------------------------------------------------- -2017-08-20 14:42:39 Request: -User: "tobkle", role: "editor", id: "599983bf072db88747e2d1fe", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "599983bf072db88747e2d1fe", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599983bf072db88747e2d1fe" - } - ] -} -2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-20 14:42:39 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599983bf072db88747e2d1fe" - } - ] -} -2017-08-20 14:42:39 updated user 599983bf072db88747e2d1fe. -2017-08-20 14:42:39 -------------------------------------------------------------------------------- -2017-08-20 14:42:39 Request: -User: "tmeasday", role: "editor", id: "599983bf072db88747e2d1fe", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "599983bf072db88747e2d1fe", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599983bf072db88747e2d1fe" - } - ] -} -2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 14:42:39 Authorize update 'updateUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599983bf072db88747e2d1fe" - } - ] -} -2017-08-20 14:42:39 updated user 599983bf072db88747e2d1fe. -2017-08-20 14:42:39 -------------------------------------------------------------------------------- -2017-08-20 14:42:39 Request: -User: "tmeasday", role: "editor", id: "599983bf072db88747e2d1fe", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599983bf072db88747e2d1fe" - } - ] -} -2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 14:42:39 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599983bf072db88747e2d1fe" - } - ] -} -2017-08-20 14:42:39 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-08-20 14:42:39 -------------------------------------------------------------------------------- -2017-08-20 14:42:39 Request: -User: "tmeasday", role: "editor", id: "599983bf072db88747e2d1fe", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "599983bf072db88747e2d1fe", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599983bf072db88747e2d1fe" - } - ] -} -2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 14:42:39 Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is authorized by docRole. -2017-08-20 14:42:39 inserted tweet 599983bf072db88747e2d1ff. -2017-08-20 14:42:39 -------------------------------------------------------------------------------- -2017-08-20 14:42:39 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. -2017-08-20 14:42:39 Request: -User: "tmeasday", role: "editor", id: "599983bf072db88747e2d1fe", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599983bf072db88747e2d1fe" - } - ] -} -2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 14:42:39 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. -2017-08-20 14:42:39 -------------------------------------------------------------------------------- -2017-08-20 14:42:39 Request: -User: "tmeasday", role: "editor", id: "599983bf072db88747e2d1fe", -Operation: "", variables: "", -Query: -{ - tweet(id: "599983bf072db88747e2d1ff") { - author { - id - } - body - } -} - -2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599983bf072db88747e2d1fe" - } - ] -} -2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 14:42:39 -------------------------------------------------------------------------------- -2017-08-20 14:42:39 Request: -User: "tmeasday", role: "editor", id: "599983bf072db88747e2d1fe", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599983bf072db88747e2d1fe" - } - ] -} -2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 14:42:39 -------------------------------------------------------------------------------- -2017-08-20 14:42:39 Request: -User: "tmeasday", role: "editor", id: "599983bf072db88747e2d1fe", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "599983bf072db88747e2d1ff", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599983bf072db88747e2d1fe" - } - ] -} -2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 14:42:39 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "599983bf072db88747e2d1fe" - }, - { - "coauthorsIds": "599983bf072db88747e2d1fe" - } - ] -} -2017-08-20 14:42:39 updated tweet 599983bf072db88747e2d1ff. -2017-08-20 14:42:39 -------------------------------------------------------------------------------- -2017-08-20 14:42:39 Request: -User: "tmeasday", role: "editor", id: "599983bf072db88747e2d1fe", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599983bf072db88747e2d1fe" - } - ] -} -2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 14:42:39 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "599983bf072db88747e2d1fe" - }, - { - "coauthorsIds": "599983bf072db88747e2d1fe" - } - ] -} -2017-08-20 14:42:39 ERROR update tweet not possible for 583676d3618530145474e352. -2017-08-20 14:42:39 -------------------------------------------------------------------------------- -2017-08-20 14:42:39 Request: -User: "tmeasday", role: "editor", id: "599983bf072db88747e2d1fe", -Operation: "", variables: "", -Query: -{ - tweet(id: "599983bf072db88747e2d1ff") { - body - } -} - -2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599983bf072db88747e2d1fe" - } - ] -} -2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 14:42:39 -------------------------------------------------------------------------------- -2017-08-20 14:42:39 Request: -User: "tmeasday", role: "editor", id: "599983bf072db88747e2d1fe", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "599983bf072db88747e2d1ff") -} - -2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599983bf072db88747e2d1fe" - } - ] -} -2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 14:42:39 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "599983bf072db88747e2d1fe" - } - ] -} -2017-08-20 14:42:39 removed tweet 599983bf072db88747e2d1ff. -2017-08-20 14:42:39 -------------------------------------------------------------------------------- -2017-08-20 14:42:39 Request: -User: "tmeasday", role: "editor", id: "599983bf072db88747e2d1fe", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599983bf072db88747e2d1fe" - } - ] -} -2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 14:42:39 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "599983bf072db88747e2d1fe" - } - ] -} -2017-08-20 14:42:39 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-08-20 14:42:39 -------------------------------------------------------------------------------- -2017-08-20 14:42:39 Request: -User: "tmeasday", role: "editor", id: "599983bf072db88747e2d1fe", -Operation: "", variables: "", -Query: -{ - tweet(id: "599983bf072db88747e2d1ff") { - body - } -} - -2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599983bf072db88747e2d1fe" - } - ] -} -2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 14:42:39 -------------------------------------------------------------------------------- -2017-08-20 14:42:39 Request: -User: "tmeasday", role: "editor", id: "599983bf072db88747e2d1fe", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "599983bf072db88747e2d1fe") -} - -2017-08-20 14:42:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599983bf072db88747e2d1fe" - } - ] -} -2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 14:42:39 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599983bf072db88747e2d1fe" - } - ] -} -2017-08-20 14:42:39 removed user 599983bf072db88747e2d1fe. -2017-08-20 14:42:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:42:39 -------------------------------------------------------------------------------- -2017-08-20 14:42:39 ERROR Cannot read property 'load' of undefined -2017-08-20 14:42:39 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "599983bf072db88747e2d1fe") { - username - bio - role - } -} - -2017-08-20 14:42:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:42:39 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 14:51:57 Logger started -2017-08-20 14:52:37 -------------------------------------------------------------------------------- -2017-08-20 14:52:37 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-20 14:52:37 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:52:37 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - role - username - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - role - username - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca2") { - role - username - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - id - username - bio - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users { - username - createdAt - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(limit: 1) { - username - createdAt - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993) { - username - createdAt - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers { - username - createdAt - } - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(limit: 1) { - username - createdAt - } - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following { - username - createdAt - } - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(limit: 1) { - username - createdAt - } - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets { - id - createdAt - } - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(limit: 1) { - id - createdAt - } - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked { - id - createdAt - } - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(limit: 1) { - id - createdAt - } - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334) { - id - createdAt - } - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334, limit: 1) { - id - createdAt - } - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - id - body - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - author { - username - } - } -} - -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets { - id - createdAt - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(limit: 1) { - id - createdAt - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers { - username - createdAt - } - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(limit: 1) { - username - createdAt - } - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993) { - username - createdAt - } - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { - id - role - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-20 14:53:20 inserted user 59998640a6bf4f88157d4fd9. -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "tobkle", role: "admin", id: "59998640a6bf4f88157d4fd9", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:53:20 inserted user 59998640a6bf4f88157d4fda. -2017-08-20 14:53:20 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "tobkle", role: "admin", id: "59998640a6bf4f88157d4fd9", -Operation: "", variables: "", -Query: -{ - user(id: "59998640a6bf4f88157d4fda") { - username - bio - role - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "tobkle", role: "admin", id: "59998640a6bf4f88157d4fd9", -Operation: "", variables: "", -Query: -{ - user(id: "59998640a6bf4f88157d4fd9") { - username - role - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "tobkle", role: "admin", id: "59998640a6bf4f88157d4fd9", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59998640a6bf4f88157d4fda", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:53:20 updated user 59998640a6bf4f88157d4fda. -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "tobkle", role: "admin", id: "59998640a6bf4f88157d4fd9", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59998640a6bf4f88157d4fd9", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:53:20 updated user 59998640a6bf4f88157d4fd9. -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "tobkle", role: "admin", id: "59998640a6bf4f88157d4fd9", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59998640a6bf4f88157d4fda", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:53:20 updated user 59998640a6bf4f88157d4fda. -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "tobkle", role: "admin", id: "59998640a6bf4f88157d4fd9", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59998640a6bf4f88157d4fd9", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:53:20 updated user 59998640a6bf4f88157d4fd9. -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "tobkle", role: "editor", id: "59998640a6bf4f88157d4fd9", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59998640a6bf4f88157d4fd9", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998640a6bf4f88157d4fd9" - } - ] -} -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-20 14:53:20 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998640a6bf4f88157d4fd9" - } - ] -} -2017-08-20 14:53:20 updated user 59998640a6bf4f88157d4fd9. -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "zoltan", role: "admin", id: "59998640a6bf4f88157d4fda", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59998640a6bf4f88157d4fd9", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'zoltan' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'zoltan' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize update 'updateUser' with user 'zoltan' and role 'admin' is authorized -2017-08-20 14:53:20 updated user 59998640a6bf4f88157d4fd9. -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "tobkle", role: "admin", id: "59998640a6bf4f88157d4fd9", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59998640a6bf4f88157d4fda") -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:53:20 removed user 59998640a6bf4f88157d4fda. -2017-08-20 14:53:20 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "tobkle", role: "admin", id: "59998640a6bf4f88157d4fd9", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59998640a6bf4f88157d4fd9", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-20 14:53:20 inserted tweet 59998640a6bf4f88157d4fdb. -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "tobkle", role: "admin", id: "59998640a6bf4f88157d4fd9", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-20 14:53:20 inserted tweet 59998640a6bf4f88157d4fdc. -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "tobkle", role: "admin", id: "59998640a6bf4f88157d4fd9", -Operation: "", variables: "", -Query: -{ - tweet(id: "59998640a6bf4f88157d4fdb") { - author { - id - } - body - } -} - -2017-08-20 14:53:20 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "tobkle", role: "admin", id: "59998640a6bf4f88157d4fd9", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "tobkle", role: "admin", id: "59998640a6bf4f88157d4fd9", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59998640a6bf4f88157d4fdb", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:53:20 updated tweet 59998640a6bf4f88157d4fdb. -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "tobkle", role: "admin", id: "59998640a6bf4f88157d4fd9", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59998640a6bf4f88157d4fdc", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:53:20 updated tweet 59998640a6bf4f88157d4fdc. -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "tobkle", role: "admin", id: "59998640a6bf4f88157d4fd9", -Operation: "", variables: "", -Query: -{ - tweet(id: "59998640a6bf4f88157d4fdb") { - body - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "tobkle", role: "admin", id: "59998640a6bf4f88157d4fd9", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59998640a6bf4f88157d4fdb") -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:53:20 removed tweet 59998640a6bf4f88157d4fdb. -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "tobkle", role: "admin", id: "59998640a6bf4f88157d4fd9", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59998640a6bf4f88157d4fdc") -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:53:20 removed tweet 59998640a6bf4f88157d4fdc. -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "tobkle", role: "admin", id: "59998640a6bf4f88157d4fd9", -Operation: "", variables: "", -Query: -{ - tweet(id: "59998640a6bf4f88157d4fdb") { - body - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "tobkle", role: "admin", id: "59998640a6bf4f88157d4fd9", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59998640a6bf4f88157d4fd9") -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:53:20 removed user 59998640a6bf4f88157d4fd9. -2017-08-20 14:53:20 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:53:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59998640a6bf4f88157d4fd9") { - username - bio - role - } -} - -2017-08-20 14:53:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 14:53:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-20 14:53:20 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-08-20 14:53:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 14:53:20 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-20 14:53:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-20 14:53:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 14:53:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. -2017-08-20 14:53:20 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 14:53:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 14:53:20 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. -2017-08-20 14:53:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-20 14:53:20 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-20 14:53:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 14:53:20 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-20 14:53:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-20 14:53:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 14:53:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-20 14:53:20 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-20 14:53:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 14:53:20 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-20 14:53:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-20 14:53:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 14:53:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-20 14:53:20 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 14:53:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 14:53:20 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-20 14:53:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-20 14:53:20 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 14:53:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 14:53:20 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-20 14:53:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-20 14:53:20 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-20 14:53:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 14:53:20 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { - id - role - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:20 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-20 14:53:20 inserted user 59998640a6bf4f88157d4fdd. -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. -2017-08-20 14:53:20 Request: -User: "tobkle", role: "user", id: "59998640a6bf4f88157d4fdd", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998640a6bf4f88157d4fdd" - } - ] -} -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:53:20 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "tobkle", role: "user", id: "59998640a6bf4f88157d4fdd", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998640a6bf4f88157d4fdd" - } - ] -} -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "tobkle", role: "user", id: "59998640a6bf4f88157d4fdd", -Operation: "", variables: "", -Query: -{ - user(id: "59998640a6bf4f88157d4fdd") { - username - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998640a6bf4f88157d4fdd" - } - ] -} -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "tobkle", role: "user", id: "59998640a6bf4f88157d4fdd", -Operation: "", variables: "", -Query: -{ - user(id: "59998640a6bf4f88157d4fdd") { - username - role - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998640a6bf4f88157d4fdd" - } - ] -} -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "tobkle", role: "user", id: "59998640a6bf4f88157d4fdd", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998640a6bf4f88157d4fdd" - } - ] -} -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:53:20 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998640a6bf4f88157d4fdd" - } - ] -} -2017-08-20 14:53:20 ERROR update user not possible for 583291a1638566b3c5a92ca1. -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "tobkle", role: "user", id: "59998640a6bf4f88157d4fdd", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59998640a6bf4f88157d4fdd", input: {username: "tobkle", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998640a6bf4f88157d4fdd" - } - ] -} -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:53:20 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998640a6bf4f88157d4fdd" - } - ] -} -2017-08-20 14:53:20 updated user 59998640a6bf4f88157d4fdd. -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "tobkle", role: "user", id: "59998640a6bf4f88157d4fdd", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59998640a6bf4f88157d4fdd", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998640a6bf4f88157d4fdd" - } - ] -} -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:53:20 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998640a6bf4f88157d4fdd" - } - ] -} -2017-08-20 14:53:20 updated user 59998640a6bf4f88157d4fdd. -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "tobkle", role: "user", id: "59998640a6bf4f88157d4fdd", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998640a6bf4f88157d4fdd" - } - ] -} -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:53:20 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998640a6bf4f88157d4fdd" - } - ] -} -2017-08-20 14:53:20 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "tobkle", role: "user", id: "59998640a6bf4f88157d4fdd", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59998640a6bf4f88157d4fdd", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998640a6bf4f88157d4fdd" - } - ] -} -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:53:20 Authorize create 'createTweet' with user 'tobkle' and role: 'user' is authorized by docRole. -2017-08-20 14:53:20 inserted tweet 59998640a6bf4f88157d4fde. -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. -2017-08-20 14:53:20 Request: -User: "tobkle", role: "user", id: "59998640a6bf4f88157d4fdd", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998640a6bf4f88157d4fdd" - } - ] -} -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:53:20 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "tobkle", role: "user", id: "59998640a6bf4f88157d4fdd", -Operation: "", variables: "", -Query: -{ - tweet(id: "59998640a6bf4f88157d4fde") { - author { - id - } - body - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998640a6bf4f88157d4fdd" - } - ] -} -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "tobkle", role: "user", id: "59998640a6bf4f88157d4fdd", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998640a6bf4f88157d4fdd" - } - ] -} -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "tobkle", role: "user", id: "59998640a6bf4f88157d4fdd", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59998640a6bf4f88157d4fde", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998640a6bf4f88157d4fdd" - } - ] -} -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:53:20 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59998640a6bf4f88157d4fdd" - }, - { - "coauthorsIds": "59998640a6bf4f88157d4fdd" - } - ] -} -2017-08-20 14:53:20 updated tweet 59998640a6bf4f88157d4fde. -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "tobkle", role: "user", id: "59998640a6bf4f88157d4fdd", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998640a6bf4f88157d4fdd" - } - ] -} -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:53:20 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59998640a6bf4f88157d4fdd" - }, - { - "coauthorsIds": "59998640a6bf4f88157d4fdd" - } - ] -} -2017-08-20 14:53:20 ERROR update tweet not possible for 583676d3618530145474e352. -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "tobkle", role: "user", id: "59998640a6bf4f88157d4fdd", -Operation: "", variables: "", -Query: -{ - tweet(id: "59998640a6bf4f88157d4fde") { - body - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998640a6bf4f88157d4fdd" - } - ] -} -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "tobkle", role: "user", id: "59998640a6bf4f88157d4fdd", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59998640a6bf4f88157d4fde") -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998640a6bf4f88157d4fdd" - } - ] -} -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:53:20 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59998640a6bf4f88157d4fdd" - } - ] -} -2017-08-20 14:53:20 removed tweet 59998640a6bf4f88157d4fde. -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "tobkle", role: "user", id: "59998640a6bf4f88157d4fdd", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998640a6bf4f88157d4fdd" - } - ] -} -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:53:20 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59998640a6bf4f88157d4fdd" - } - ] -} -2017-08-20 14:53:20 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-08-20 14:53:20 -------------------------------------------------------------------------------- -2017-08-20 14:53:20 Request: -User: "tobkle", role: "user", id: "59998640a6bf4f88157d4fdd", -Operation: "", variables: "", -Query: -{ - tweet(id: "59998640a6bf4f88157d4fde") { - body - } -} - -2017-08-20 14:53:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998640a6bf4f88157d4fdd" - } - ] -} -2017-08-20 14:53:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:53:21 -------------------------------------------------------------------------------- -2017-08-20 14:53:21 Request: -User: "tobkle", role: "user", id: "59998640a6bf4f88157d4fdd", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59998640a6bf4f88157d4fdd") -} - -2017-08-20 14:53:21 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998640a6bf4f88157d4fdd" - } - ] -} -2017-08-20 14:53:21 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:53:21 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998640a6bf4f88157d4fdd" - } - ] -} -2017-08-20 14:53:21 removed user 59998640a6bf4f88157d4fdd. -2017-08-20 14:53:21 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:53:21 -------------------------------------------------------------------------------- -2017-08-20 14:53:21 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59998640a6bf4f88157d4fdd") { - username - bio - role - } -} - -2017-08-20 14:53:21 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:53:21 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 14:53:21 -------------------------------------------------------------------------------- -2017-08-20 14:53:21 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { - id - role - } -} - -2017-08-20 14:53:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:21 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:53:21 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-20 14:53:21 inserted user 59998641a6bf4f88157d4fdf. -2017-08-20 14:53:21 -------------------------------------------------------------------------------- -2017-08-20 14:53:21 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. -2017-08-20 14:53:21 Request: -User: "tobkle", role: "editor", id: "59998641a6bf4f88157d4fdf", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-20 14:53:21 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998641a6bf4f88157d4fdf" - } - ] -} -2017-08-20 14:53:21 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-20 14:53:21 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. -2017-08-20 14:53:21 -------------------------------------------------------------------------------- -2017-08-20 14:53:21 Request: -User: "tobkle", role: "editor", id: "59998641a6bf4f88157d4fdf", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-20 14:53:21 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998641a6bf4f88157d4fdf" - } - ] -} -2017-08-20 14:53:21 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-20 14:53:21 -------------------------------------------------------------------------------- -2017-08-20 14:53:21 Request: -User: "tobkle", role: "editor", id: "59998641a6bf4f88157d4fdf", -Operation: "", variables: "", -Query: -{ - user(id: "59998641a6bf4f88157d4fdf") { - username - role - } -} - -2017-08-20 14:53:21 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998641a6bf4f88157d4fdf" - } - ] -} -2017-08-20 14:53:21 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-20 14:53:21 -------------------------------------------------------------------------------- -2017-08-20 14:53:21 Request: -User: "tobkle", role: "editor", id: "59998641a6bf4f88157d4fdf", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 14:53:21 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998641a6bf4f88157d4fdf" - } - ] -} -2017-08-20 14:53:21 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-20 14:53:21 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998641a6bf4f88157d4fdf" - } - ] -} -2017-08-20 14:53:21 ERROR update user not possible for 583291a1638566b3c5a92ca1. -2017-08-20 14:53:21 -------------------------------------------------------------------------------- -2017-08-20 14:53:21 Request: -User: "tobkle", role: "editor", id: "59998641a6bf4f88157d4fdf", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59998641a6bf4f88157d4fdf", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-08-20 14:53:21 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998641a6bf4f88157d4fdf" - } - ] -} -2017-08-20 14:53:21 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-20 14:53:21 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998641a6bf4f88157d4fdf" - } - ] -} -2017-08-20 14:53:21 updated user 59998641a6bf4f88157d4fdf. -2017-08-20 14:53:21 -------------------------------------------------------------------------------- -2017-08-20 14:53:21 Request: -User: "tmeasday", role: "editor", id: "59998641a6bf4f88157d4fdf", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59998641a6bf4f88157d4fdf", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 14:53:21 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998641a6bf4f88157d4fdf" - } - ] -} -2017-08-20 14:53:21 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 14:53:21 Authorize update 'updateUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998641a6bf4f88157d4fdf" - } - ] -} -2017-08-20 14:53:21 updated user 59998641a6bf4f88157d4fdf. -2017-08-20 14:53:21 -------------------------------------------------------------------------------- -2017-08-20 14:53:21 Request: -User: "tmeasday", role: "editor", id: "59998641a6bf4f88157d4fdf", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-20 14:53:21 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998641a6bf4f88157d4fdf" - } - ] -} -2017-08-20 14:53:21 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 14:53:21 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998641a6bf4f88157d4fdf" - } - ] -} -2017-08-20 14:53:21 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-08-20 14:53:21 -------------------------------------------------------------------------------- -2017-08-20 14:53:21 Request: -User: "tmeasday", role: "editor", id: "59998641a6bf4f88157d4fdf", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59998641a6bf4f88157d4fdf", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-20 14:53:21 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998641a6bf4f88157d4fdf" - } - ] -} -2017-08-20 14:53:21 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 14:53:21 Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is authorized by docRole. -2017-08-20 14:53:21 inserted tweet 59998641a6bf4f88157d4fe0. -2017-08-20 14:53:21 -------------------------------------------------------------------------------- -2017-08-20 14:53:21 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. -2017-08-20 14:53:21 Request: -User: "tmeasday", role: "editor", id: "59998641a6bf4f88157d4fdf", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-20 14:53:21 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998641a6bf4f88157d4fdf" - } - ] -} -2017-08-20 14:53:21 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 14:53:21 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. -2017-08-20 14:53:21 -------------------------------------------------------------------------------- -2017-08-20 14:53:21 Request: -User: "tmeasday", role: "editor", id: "59998641a6bf4f88157d4fdf", -Operation: "", variables: "", -Query: -{ - tweet(id: "59998641a6bf4f88157d4fe0") { - author { - id - } - body - } -} - -2017-08-20 14:53:21 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998641a6bf4f88157d4fdf" - } - ] -} -2017-08-20 14:53:21 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 14:53:21 -------------------------------------------------------------------------------- -2017-08-20 14:53:21 Request: -User: "tmeasday", role: "editor", id: "59998641a6bf4f88157d4fdf", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-20 14:53:21 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998641a6bf4f88157d4fdf" - } - ] -} -2017-08-20 14:53:21 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 14:53:21 -------------------------------------------------------------------------------- -2017-08-20 14:53:21 Request: -User: "tmeasday", role: "editor", id: "59998641a6bf4f88157d4fdf", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59998641a6bf4f88157d4fe0", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 14:53:21 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998641a6bf4f88157d4fdf" - } - ] -} -2017-08-20 14:53:21 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 14:53:21 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "59998641a6bf4f88157d4fdf" - }, - { - "coauthorsIds": "59998641a6bf4f88157d4fdf" - } - ] -} -2017-08-20 14:53:21 updated tweet 59998641a6bf4f88157d4fe0. -2017-08-20 14:53:21 -------------------------------------------------------------------------------- -2017-08-20 14:53:21 Request: -User: "tmeasday", role: "editor", id: "59998641a6bf4f88157d4fdf", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 14:53:21 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998641a6bf4f88157d4fdf" - } - ] -} -2017-08-20 14:53:21 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 14:53:21 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "59998641a6bf4f88157d4fdf" - }, - { - "coauthorsIds": "59998641a6bf4f88157d4fdf" - } - ] -} -2017-08-20 14:53:21 ERROR update tweet not possible for 583676d3618530145474e352. -2017-08-20 14:53:21 -------------------------------------------------------------------------------- -2017-08-20 14:53:21 Request: -User: "tmeasday", role: "editor", id: "59998641a6bf4f88157d4fdf", -Operation: "", variables: "", -Query: -{ - tweet(id: "59998641a6bf4f88157d4fe0") { - body - } -} - -2017-08-20 14:53:21 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998641a6bf4f88157d4fdf" - } - ] -} -2017-08-20 14:53:21 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 14:53:21 -------------------------------------------------------------------------------- -2017-08-20 14:53:21 Request: -User: "tmeasday", role: "editor", id: "59998641a6bf4f88157d4fdf", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59998641a6bf4f88157d4fe0") -} - -2017-08-20 14:53:21 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998641a6bf4f88157d4fdf" - } - ] -} -2017-08-20 14:53:21 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 14:53:21 removed tweet 59998641a6bf4f88157d4fe0. -2017-08-20 14:53:21 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "59998641a6bf4f88157d4fdf" - } - ] -} -2017-08-20 14:53:21 -------------------------------------------------------------------------------- -2017-08-20 14:53:21 Request: -User: "tmeasday", role: "editor", id: "59998641a6bf4f88157d4fdf", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-20 14:53:21 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998641a6bf4f88157d4fdf" - } - ] -} -2017-08-20 14:53:21 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 14:53:21 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "59998641a6bf4f88157d4fdf" - } - ] -} -2017-08-20 14:53:21 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-08-20 14:53:21 -------------------------------------------------------------------------------- -2017-08-20 14:53:21 Request: -User: "tmeasday", role: "editor", id: "59998641a6bf4f88157d4fdf", -Operation: "", variables: "", -Query: -{ - tweet(id: "59998641a6bf4f88157d4fe0") { - body - } -} - -2017-08-20 14:53:21 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998641a6bf4f88157d4fdf" - } - ] -} -2017-08-20 14:53:21 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 14:53:21 -------------------------------------------------------------------------------- -2017-08-20 14:53:21 Request: -User: "tmeasday", role: "editor", id: "59998641a6bf4f88157d4fdf", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59998641a6bf4f88157d4fdf") -} - -2017-08-20 14:53:21 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998641a6bf4f88157d4fdf" - } - ] -} -2017-08-20 14:53:21 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 14:53:21 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998641a6bf4f88157d4fdf" - } - ] -} -2017-08-20 14:53:21 removed user 59998641a6bf4f88157d4fdf. -2017-08-20 14:53:21 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:53:21 -------------------------------------------------------------------------------- -2017-08-20 14:53:21 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59998641a6bf4f88157d4fdf") { - username - bio - role - } -} - -2017-08-20 14:53:21 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:53:21 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 14:57:17 Logger started -2017-08-20 14:57:44 -------------------------------------------------------------------------------- -2017-08-20 14:57:44 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-20 14:57:44 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:57:44 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 -------------------------------------------------------------------------------- -2017-08-20 14:58:27 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 -------------------------------------------------------------------------------- -2017-08-20 14:58:27 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - role - username - } -} - -2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 -------------------------------------------------------------------------------- -2017-08-20 14:58:27 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - role - username - } -} - -2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 -------------------------------------------------------------------------------- -2017-08-20 14:58:27 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca2") { - role - username - } -} - -2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 -------------------------------------------------------------------------------- -2017-08-20 14:58:27 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - id - username - bio - } -} - -2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 -------------------------------------------------------------------------------- -2017-08-20 14:58:27 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users { - username - createdAt - } -} - -2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 -------------------------------------------------------------------------------- -2017-08-20 14:58:27 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(limit: 1) { - username - createdAt - } -} - -2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 -------------------------------------------------------------------------------- -2017-08-20 14:58:27 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993) { - username - createdAt - } -} - -2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 -------------------------------------------------------------------------------- -2017-08-20 14:58:27 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } -} - -2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 -------------------------------------------------------------------------------- -2017-08-20 14:58:27 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers { - username - createdAt - } - } -} - -2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 -------------------------------------------------------------------------------- -2017-08-20 14:58:27 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(limit: 1) { - username - createdAt - } - } -} - -2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 -------------------------------------------------------------------------------- -2017-08-20 14:58:27 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 -------------------------------------------------------------------------------- -2017-08-20 14:58:27 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 -------------------------------------------------------------------------------- -2017-08-20 14:58:27 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following { - username - createdAt - } - } -} - -2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 -------------------------------------------------------------------------------- -2017-08-20 14:58:27 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(limit: 1) { - username - createdAt - } - } -} - -2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 -------------------------------------------------------------------------------- -2017-08-20 14:58:27 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 -------------------------------------------------------------------------------- -2017-08-20 14:58:27 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 -------------------------------------------------------------------------------- -2017-08-20 14:58:27 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets { - id - createdAt - } - } -} - -2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 -------------------------------------------------------------------------------- -2017-08-20 14:58:27 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(limit: 1) { - id - createdAt - } - } -} - -2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 -------------------------------------------------------------------------------- -2017-08-20 14:58:27 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } - } -} - -2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 -------------------------------------------------------------------------------- -2017-08-20 14:58:27 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } - } -} - -2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 -------------------------------------------------------------------------------- -2017-08-20 14:58:27 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked { - id - createdAt - } - } -} - -2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 -------------------------------------------------------------------------------- -2017-08-20 14:58:27 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(limit: 1) { - id - createdAt - } - } -} - -2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 -------------------------------------------------------------------------------- -2017-08-20 14:58:27 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334) { - id - createdAt - } - } -} - -2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 -------------------------------------------------------------------------------- -2017-08-20 14:58:27 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334, limit: 1) { - id - createdAt - } - } -} - -2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 -------------------------------------------------------------------------------- -2017-08-20 14:58:27 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - id - body - } -} - -2017-08-20 14:58:27 -------------------------------------------------------------------------------- -2017-08-20 14:58:27 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - author { - username - } - } -} - -2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 -------------------------------------------------------------------------------- -2017-08-20 14:58:27 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets { - id - createdAt - } -} - -2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 -------------------------------------------------------------------------------- -2017-08-20 14:58:27 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(limit: 1) { - id - createdAt - } -} - -2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 -------------------------------------------------------------------------------- -2017-08-20 14:58:27 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } -} - -2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 -------------------------------------------------------------------------------- -2017-08-20 14:58:27 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } -} - -2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 -------------------------------------------------------------------------------- -2017-08-20 14:58:27 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers { - username - createdAt - } - } -} - -2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 -------------------------------------------------------------------------------- -2017-08-20 14:58:27 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(limit: 1) { - username - createdAt - } - } -} - -2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 -------------------------------------------------------------------------------- -2017-08-20 14:58:27 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993) { - username - createdAt - } - } -} - -2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 -------------------------------------------------------------------------------- -2017-08-20 14:58:27 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } - } -} - -2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 -------------------------------------------------------------------------------- -2017-08-20 14:58:27 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { - id - role - } -} - -2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-20 14:58:27 inserted user 59998773ba01e788a797fbab. -2017-08-20 14:58:27 -------------------------------------------------------------------------------- -2017-08-20 14:58:27 Request: -User: "tobkle", role: "admin", id: "59998773ba01e788a797fbab", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-20 14:58:27 inserted user 59998773ba01e788a797fbac. -2017-08-20 14:58:27 -------------------------------------------------------------------------------- -2017-08-20 14:58:27 Request: -User: "tobkle", role: "admin", id: "59998773ba01e788a797fbab", -Operation: "", variables: "", -Query: -{ - user(id: "59998773ba01e788a797fbac") { - username - bio - role - } -} - -2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:58:27 -------------------------------------------------------------------------------- -2017-08-20 14:58:27 Request: -User: "tobkle", role: "admin", id: "59998773ba01e788a797fbab", -Operation: "", variables: "", -Query: -{ - user(id: "59998773ba01e788a797fbab") { - username - role - } -} - -2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:58:27 -------------------------------------------------------------------------------- -2017-08-20 14:58:27 Request: -User: "tobkle", role: "admin", id: "59998773ba01e788a797fbab", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59998773ba01e788a797fbac", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:58:27 updated user 59998773ba01e788a797fbac. -2017-08-20 14:58:27 -------------------------------------------------------------------------------- -2017-08-20 14:58:27 Request: -User: "tobkle", role: "admin", id: "59998773ba01e788a797fbab", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59998773ba01e788a797fbab", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:58:27 updated user 59998773ba01e788a797fbab. -2017-08-20 14:58:27 -------------------------------------------------------------------------------- -2017-08-20 14:58:27 Request: -User: "tobkle", role: "admin", id: "59998773ba01e788a797fbab", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59998773ba01e788a797fbac", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 14:58:27 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:58:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:58:28 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:58:28 updated user 59998773ba01e788a797fbac. -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "tobkle", role: "admin", id: "59998773ba01e788a797fbab", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59998773ba01e788a797fbab", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:58:28 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:58:28 updated user 59998773ba01e788a797fbab. -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "tobkle", role: "editor", id: "59998773ba01e788a797fbab", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59998773ba01e788a797fbab", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998773ba01e788a797fbab" - } - ] -} -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-20 14:58:28 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998773ba01e788a797fbab" - } - ] -} -2017-08-20 14:58:28 updated user 59998773ba01e788a797fbab. -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "zoltan", role: "admin", id: "59998773ba01e788a797fbac", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59998773ba01e788a797fbab", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'zoltan' and role 'admin' is authorized -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'zoltan' and role 'admin' is authorized -2017-08-20 14:58:28 Authorize update 'updateUser' with user 'zoltan' and role 'admin' is authorized -2017-08-20 14:58:28 updated user 59998773ba01e788a797fbab. -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "tobkle", role: "admin", id: "59998773ba01e788a797fbab", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59998773ba01e788a797fbac") -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:58:28 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:58:28 removed user 59998773ba01e788a797fbac. -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "tobkle", role: "admin", id: "59998773ba01e788a797fbab", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59998773ba01e788a797fbab", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:58:28 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:58:28 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-20 14:58:28 inserted tweet 59998774ba01e788a797fbad. -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "tobkle", role: "admin", id: "59998773ba01e788a797fbab", -Operation: "", variables: "", -Query: -{ - tweet(id: "59998774ba01e788a797fbad") { - author { - id - } - body - } -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "tobkle", role: "admin", id: "59998773ba01e788a797fbab", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:58:28 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:58:28 inserted tweet 59998774ba01e788a797fbae. -2017-08-20 14:58:28 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "tobkle", role: "admin", id: "59998773ba01e788a797fbab", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "tobkle", role: "admin", id: "59998773ba01e788a797fbab", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59998774ba01e788a797fbad", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:58:28 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:58:28 updated tweet 59998774ba01e788a797fbad. -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "tobkle", role: "admin", id: "59998773ba01e788a797fbab", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59998774ba01e788a797fbae", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:58:28 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:58:28 updated tweet 59998774ba01e788a797fbae. -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "tobkle", role: "admin", id: "59998773ba01e788a797fbab", -Operation: "", variables: "", -Query: -{ - tweet(id: "59998774ba01e788a797fbad") { - body - } -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "tobkle", role: "admin", id: "59998773ba01e788a797fbab", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59998774ba01e788a797fbad") -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:58:28 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:58:28 removed tweet 59998774ba01e788a797fbad. -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "tobkle", role: "admin", id: "59998773ba01e788a797fbab", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59998774ba01e788a797fbae") -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:58:28 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:58:28 removed tweet 59998774ba01e788a797fbae. -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "tobkle", role: "admin", id: "59998773ba01e788a797fbab", -Operation: "", variables: "", -Query: -{ - tweet(id: "59998774ba01e788a797fbad") { - body - } -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "tobkle", role: "admin", id: "59998773ba01e788a797fbab", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59998773ba01e788a797fbab") -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:58:28 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 14:58:28 removed user 59998773ba01e788a797fbab. -2017-08-20 14:58:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59998773ba01e788a797fbab") { - username - bio - role - } -} - -2017-08-20 14:58:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 14:58:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-20 14:58:28 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-08-20 14:58:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 14:58:28 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-20 14:58:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-20 14:58:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 14:58:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. -2017-08-20 14:58:28 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 14:58:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 14:58:28 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. -2017-08-20 14:58:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-20 14:58:28 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-20 14:58:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 14:58:28 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-20 14:58:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-20 14:58:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 14:58:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-20 14:58:28 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-20 14:58:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 14:58:28 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-20 14:58:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-20 14:58:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 14:58:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-20 14:58:28 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 14:58:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 14:58:28 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-20 14:58:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-20 14:58:28 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 14:58:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 14:58:28 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-20 14:58:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-20 14:58:28 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-20 14:58:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 14:58:28 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { - id - role - } -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:28 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:28 inserted user 59998774ba01e788a797fbaf. -2017-08-20 14:58:28 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. -2017-08-20 14:58:28 Request: -User: "tobkle", role: "user", id: "59998774ba01e788a797fbaf", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998774ba01e788a797fbaf" - } - ] -} -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:58:28 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "tobkle", role: "user", id: "59998774ba01e788a797fbaf", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998774ba01e788a797fbaf" - } - ] -} -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "tobkle", role: "user", id: "59998774ba01e788a797fbaf", -Operation: "", variables: "", -Query: -{ - user(id: "59998774ba01e788a797fbaf") { - username - } -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998774ba01e788a797fbaf" - } - ] -} -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "tobkle", role: "user", id: "59998774ba01e788a797fbaf", -Operation: "", variables: "", -Query: -{ - user(id: "59998774ba01e788a797fbaf") { - username - role - } -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998774ba01e788a797fbaf" - } - ] -} -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "tobkle", role: "user", id: "59998774ba01e788a797fbaf", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998774ba01e788a797fbaf" - } - ] -} -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:58:28 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998774ba01e788a797fbaf" - } - ] -} -2017-08-20 14:58:28 ERROR update user not possible for 583291a1638566b3c5a92ca1. -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "tobkle", role: "user", id: "59998774ba01e788a797fbaf", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59998774ba01e788a797fbaf", input: {username: "tobkle", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998774ba01e788a797fbaf" - } - ] -} -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:58:28 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998774ba01e788a797fbaf" - } - ] -} -2017-08-20 14:58:28 updated user 59998774ba01e788a797fbaf. -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "tobkle", role: "user", id: "59998774ba01e788a797fbaf", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59998774ba01e788a797fbaf", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998774ba01e788a797fbaf" - } - ] -} -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:58:28 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998774ba01e788a797fbaf" - } - ] -} -2017-08-20 14:58:28 updated user 59998774ba01e788a797fbaf. -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "tobkle", role: "user", id: "59998774ba01e788a797fbaf", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998774ba01e788a797fbaf" - } - ] -} -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:58:28 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998774ba01e788a797fbaf" - } - ] -} -2017-08-20 14:58:28 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "tobkle", role: "user", id: "59998774ba01e788a797fbaf", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59998774ba01e788a797fbaf", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998774ba01e788a797fbaf" - } - ] -} -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:58:28 inserted tweet 59998774ba01e788a797fbb0. -2017-08-20 14:58:28 Authorize create 'createTweet' with user 'tobkle' and role: 'user' is authorized by docRole. -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. -2017-08-20 14:58:28 Request: -User: "tobkle", role: "user", id: "59998774ba01e788a797fbaf", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998774ba01e788a797fbaf" - } - ] -} -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:58:28 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "tobkle", role: "user", id: "59998774ba01e788a797fbaf", -Operation: "", variables: "", -Query: -{ - tweet(id: "59998774ba01e788a797fbb0") { - author { - id - } - body - } -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998774ba01e788a797fbaf" - } - ] -} -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "tobkle", role: "user", id: "59998774ba01e788a797fbaf", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998774ba01e788a797fbaf" - } - ] -} -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "tobkle", role: "user", id: "59998774ba01e788a797fbaf", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59998774ba01e788a797fbb0", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998774ba01e788a797fbaf" - } - ] -} -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:58:28 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59998774ba01e788a797fbaf" - }, - { - "coauthorsIds": "59998774ba01e788a797fbaf" - } - ] -} -2017-08-20 14:58:28 updated tweet 59998774ba01e788a797fbb0. -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "tobkle", role: "user", id: "59998774ba01e788a797fbaf", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998774ba01e788a797fbaf" - } - ] -} -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:58:28 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59998774ba01e788a797fbaf" - }, - { - "coauthorsIds": "59998774ba01e788a797fbaf" - } - ] -} -2017-08-20 14:58:28 ERROR update tweet not possible for 583676d3618530145474e352. -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "tobkle", role: "user", id: "59998774ba01e788a797fbaf", -Operation: "", variables: "", -Query: -{ - tweet(id: "59998774ba01e788a797fbb0") { - body - } -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998774ba01e788a797fbaf" - } - ] -} -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "tobkle", role: "user", id: "59998774ba01e788a797fbaf", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59998774ba01e788a797fbb0") -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998774ba01e788a797fbaf" - } - ] -} -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:58:28 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59998774ba01e788a797fbaf" - } - ] -} -2017-08-20 14:58:28 removed tweet 59998774ba01e788a797fbb0. -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "tobkle", role: "user", id: "59998774ba01e788a797fbaf", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998774ba01e788a797fbaf" - } - ] -} -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:58:28 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59998774ba01e788a797fbaf" - } - ] -} -2017-08-20 14:58:28 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "tobkle", role: "user", id: "59998774ba01e788a797fbaf", -Operation: "", variables: "", -Query: -{ - tweet(id: "59998774ba01e788a797fbb0") { - body - } -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998774ba01e788a797fbaf" - } - ] -} -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "tobkle", role: "user", id: "59998774ba01e788a797fbaf", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59998774ba01e788a797fbaf") -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998774ba01e788a797fbaf" - } - ] -} -2017-08-20 14:58:28 removed user 59998774ba01e788a797fbaf. -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 14:58:28 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998774ba01e788a797fbaf" - } - ] -} -2017-08-20 14:58:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59998774ba01e788a797fbaf") { - username - bio - role - } -} - -2017-08-20 14:58:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { - id - role - } -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:28 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-20 14:58:28 inserted user 59998774ba01e788a797fbb1. -2017-08-20 14:58:28 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. -2017-08-20 14:58:28 Request: -User: "tobkle", role: "editor", id: "59998774ba01e788a797fbb1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998774ba01e788a797fbb1" - } - ] -} -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-20 14:58:28 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "tobkle", role: "editor", id: "59998774ba01e788a797fbb1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998774ba01e788a797fbb1" - } - ] -} -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "tobkle", role: "editor", id: "59998774ba01e788a797fbb1", -Operation: "", variables: "", -Query: -{ - user(id: "59998774ba01e788a797fbb1") { - username - role - } -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998774ba01e788a797fbb1" - } - ] -} -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "tobkle", role: "editor", id: "59998774ba01e788a797fbb1", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998774ba01e788a797fbb1" - } - ] -} -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-20 14:58:28 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998774ba01e788a797fbb1" - } - ] -} -2017-08-20 14:58:28 ERROR update user not possible for 583291a1638566b3c5a92ca1. -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "tobkle", role: "editor", id: "59998774ba01e788a797fbb1", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59998774ba01e788a797fbb1", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998774ba01e788a797fbb1" - } - ] -} -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-20 14:58:28 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998774ba01e788a797fbb1" - } - ] -} -2017-08-20 14:58:28 updated user 59998774ba01e788a797fbb1. -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "tmeasday", role: "editor", id: "59998774ba01e788a797fbb1", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59998774ba01e788a797fbb1", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998774ba01e788a797fbb1" - } - ] -} -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 14:58:28 Authorize update 'updateUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998774ba01e788a797fbb1" - } - ] -} -2017-08-20 14:58:28 updated user 59998774ba01e788a797fbb1. -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "tmeasday", role: "editor", id: "59998774ba01e788a797fbb1", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998774ba01e788a797fbb1" - } - ] -} -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 14:58:28 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998774ba01e788a797fbb1" - } - ] -} -2017-08-20 14:58:28 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "tmeasday", role: "editor", id: "59998774ba01e788a797fbb1", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59998774ba01e788a797fbb1", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998774ba01e788a797fbb1" - } - ] -} -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 14:58:28 Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is authorized by docRole. -2017-08-20 14:58:28 inserted tweet 59998774ba01e788a797fbb2. -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. -2017-08-20 14:58:28 Request: -User: "tmeasday", role: "editor", id: "59998774ba01e788a797fbb1", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998774ba01e788a797fbb1" - } - ] -} -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 14:58:28 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "tmeasday", role: "editor", id: "59998774ba01e788a797fbb1", -Operation: "", variables: "", -Query: -{ - tweet(id: "59998774ba01e788a797fbb2") { - author { - id - } - body - } -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998774ba01e788a797fbb1" - } - ] -} -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "tmeasday", role: "editor", id: "59998774ba01e788a797fbb1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998774ba01e788a797fbb1" - } - ] -} -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "tmeasday", role: "editor", id: "59998774ba01e788a797fbb1", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59998774ba01e788a797fbb2", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998774ba01e788a797fbb1" - } - ] -} -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 14:58:28 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "59998774ba01e788a797fbb1" - }, - { - "coauthorsIds": "59998774ba01e788a797fbb1" - } - ] -} -2017-08-20 14:58:28 updated tweet 59998774ba01e788a797fbb2. -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "tmeasday", role: "editor", id: "59998774ba01e788a797fbb1", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998774ba01e788a797fbb1" - } - ] -} -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 14:58:28 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "59998774ba01e788a797fbb1" - }, - { - "coauthorsIds": "59998774ba01e788a797fbb1" - } - ] -} -2017-08-20 14:58:28 ERROR update tweet not possible for 583676d3618530145474e352. -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "tmeasday", role: "editor", id: "59998774ba01e788a797fbb1", -Operation: "", variables: "", -Query: -{ - tweet(id: "59998774ba01e788a797fbb2") { - body - } -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998774ba01e788a797fbb1" - } - ] -} -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "tmeasday", role: "editor", id: "59998774ba01e788a797fbb1", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59998774ba01e788a797fbb2") -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998774ba01e788a797fbb1" - } - ] -} -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 14:58:28 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "59998774ba01e788a797fbb1" - } - ] -} -2017-08-20 14:58:28 removed tweet 59998774ba01e788a797fbb2. -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "tmeasday", role: "editor", id: "59998774ba01e788a797fbb1", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998774ba01e788a797fbb1" - } - ] -} -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 14:58:28 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "59998774ba01e788a797fbb1" - } - ] -} -2017-08-20 14:58:28 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "tmeasday", role: "editor", id: "59998774ba01e788a797fbb1", -Operation: "", variables: "", -Query: -{ - tweet(id: "59998774ba01e788a797fbb2") { - body - } -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998774ba01e788a797fbb1" - } - ] -} -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "tmeasday", role: "editor", id: "59998774ba01e788a797fbb1", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59998774ba01e788a797fbb1") -} - -2017-08-20 14:58:28 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998774ba01e788a797fbb1" - } - ] -} -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 14:58:28 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998774ba01e788a797fbb1" - } - ] -} -2017-08-20 14:58:28 removed user 59998774ba01e788a797fbb1. -2017-08-20 14:58:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:58:28 -------------------------------------------------------------------------------- -2017-08-20 14:58:28 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59998774ba01e788a797fbb1") { - username - bio - role - } -} - -2017-08-20 14:58:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 14:58:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 14:59:38 Logger started -2017-08-20 14:59:49 Logger started -2017-08-20 15:03:11 -------------------------------------------------------------------------------- -2017-08-20 15:03:11 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-20 15:03:11 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:11 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - role - username - } -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - role - username - } -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca2") { - role - username - } -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - id - username - bio - } -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users { - username - createdAt - } -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(limit: 1) { - username - createdAt - } -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993) { - username - createdAt - } -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers { - username - createdAt - } - } -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(limit: 1) { - username - createdAt - } - } -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following { - username - createdAt - } - } -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(limit: 1) { - username - createdAt - } - } -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets { - id - createdAt - } - } -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(limit: 1) { - id - createdAt - } - } -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } - } -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } - } -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked { - id - createdAt - } - } -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(limit: 1) { - id - createdAt - } - } -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334) { - id - createdAt - } - } -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334, limit: 1) { - id - createdAt - } - } -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - id - body - } -} - -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - author { - username - } - } -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets { - id - createdAt - } -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(limit: 1) { - id - createdAt - } -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers { - username - createdAt - } - } -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(limit: 1) { - username - createdAt - } - } -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993) { - username - createdAt - } - } -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } - } -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { - id - role - } -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-20 15:03:54 inserted user 599988bae793e5892ed59c1e. -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "tobkle", role: "admin", id: "599988bae793e5892ed59c1e", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:03:54 inserted user 599988bae793e5892ed59c1f. -2017-08-20 15:03:54 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "tobkle", role: "admin", id: "599988bae793e5892ed59c1e", -Operation: "", variables: "", -Query: -{ - user(id: "599988bae793e5892ed59c1f") { - username - bio - role - } -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "tobkle", role: "admin", id: "599988bae793e5892ed59c1e", -Operation: "", variables: "", -Query: -{ - user(id: "599988bae793e5892ed59c1e") { - username - role - } -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "tobkle", role: "admin", id: "599988bae793e5892ed59c1e", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "599988bae793e5892ed59c1f", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:03:54 updated user 599988bae793e5892ed59c1f. -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "tobkle", role: "admin", id: "599988bae793e5892ed59c1e", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "599988bae793e5892ed59c1e", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:03:54 updated user 599988bae793e5892ed59c1e. -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "tobkle", role: "admin", id: "599988bae793e5892ed59c1e", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "599988bae793e5892ed59c1f", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:03:54 updated user 599988bae793e5892ed59c1f. -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "tobkle", role: "admin", id: "599988bae793e5892ed59c1e", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "599988bae793e5892ed59c1e", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:03:54 updated user 599988bae793e5892ed59c1e. -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "tobkle", role: "editor", id: "599988bae793e5892ed59c1e", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "599988bae793e5892ed59c1e", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599988bae793e5892ed59c1e" - } - ] -} -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-20 15:03:54 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599988bae793e5892ed59c1e" - } - ] -} -2017-08-20 15:03:54 updated user 599988bae793e5892ed59c1e. -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "zoltan", role: "admin", id: "599988bae793e5892ed59c1f", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "599988bae793e5892ed59c1e", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'zoltan' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'zoltan' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize update 'updateUser' with user 'zoltan' and role 'admin' is authorized -2017-08-20 15:03:54 updated user 599988bae793e5892ed59c1e. -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "tobkle", role: "admin", id: "599988bae793e5892ed59c1e", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "599988bae793e5892ed59c1f") -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:03:54 removed user 599988bae793e5892ed59c1f. -2017-08-20 15:03:54 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "tobkle", role: "admin", id: "599988bae793e5892ed59c1e", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "599988bae793e5892ed59c1e", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-20 15:03:54 inserted tweet 599988bae793e5892ed59c20. -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "tobkle", role: "admin", id: "599988bae793e5892ed59c1e", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "tobkle", role: "admin", id: "599988bae793e5892ed59c1e", -Operation: "", variables: "", -Query: -{ - tweet(id: "599988bae793e5892ed59c20") { - author { - id - } - body - } -} - -2017-08-20 15:03:54 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:03:54 inserted tweet 599988bae793e5892ed59c21. -2017-08-20 15:03:54 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "tobkle", role: "admin", id: "599988bae793e5892ed59c1e", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "tobkle", role: "admin", id: "599988bae793e5892ed59c1e", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "599988bae793e5892ed59c20", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:03:54 updated tweet 599988bae793e5892ed59c20. -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "tobkle", role: "admin", id: "599988bae793e5892ed59c1e", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "599988bae793e5892ed59c21", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:03:54 updated tweet 599988bae793e5892ed59c21. -2017-08-20 15:03:54 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "tobkle", role: "admin", id: "599988bae793e5892ed59c1e", -Operation: "", variables: "", -Query: -{ - tweet(id: "599988bae793e5892ed59c20") { - body - } -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "tobkle", role: "admin", id: "599988bae793e5892ed59c1e", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "599988bae793e5892ed59c20") -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:03:54 removed tweet 599988bae793e5892ed59c20. -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "tobkle", role: "admin", id: "599988bae793e5892ed59c1e", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "599988bae793e5892ed59c21") -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:03:54 removed tweet 599988bae793e5892ed59c21. -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "tobkle", role: "admin", id: "599988bae793e5892ed59c1e", -Operation: "", variables: "", -Query: -{ - tweet(id: "599988bae793e5892ed59c20") { - body - } -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "tobkle", role: "admin", id: "599988bae793e5892ed59c1e", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "599988bae793e5892ed59c1e") -} - -2017-08-20 15:03:54 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:03:54 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:03:54 removed user 599988bae793e5892ed59c1e. -2017-08-20 15:03:54 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "599988bae793e5892ed59c1e") { - username - bio - role - } -} - -2017-08-20 15:03:54 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 15:03:54 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-20 15:03:54 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-08-20 15:03:54 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 15:03:54 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-20 15:03:54 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-20 15:03:54 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 15:03:54 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. -2017-08-20 15:03:54 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 15:03:54 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 15:03:54 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. -2017-08-20 15:03:54 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-20 15:03:54 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-20 15:03:54 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 15:03:54 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-20 15:03:54 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:03:54 -------------------------------------------------------------------------------- -2017-08-20 15:03:54 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-20 15:03:54 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:03:54 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 15:03:55 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:03:55 -------------------------------------------------------------------------------- -2017-08-20 15:03:55 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-20 15:03:55 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-20 15:03:55 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 15:03:55 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-20 15:03:55 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:03:55 -------------------------------------------------------------------------------- -2017-08-20 15:03:55 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-20 15:03:55 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 15:03:55 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:03:55 -------------------------------------------------------------------------------- -2017-08-20 15:03:55 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-20 15:03:55 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 15:03:55 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 15:03:55 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-20 15:03:55 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:03:55 -------------------------------------------------------------------------------- -2017-08-20 15:03:55 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-20 15:03:55 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 15:03:55 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 15:03:55 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-20 15:03:55 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:03:55 -------------------------------------------------------------------------------- -2017-08-20 15:03:55 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-20 15:03:55 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-20 15:03:55 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 15:03:55 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-20 15:03:55 -------------------------------------------------------------------------------- -2017-08-20 15:03:55 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { - id - role - } -} - -2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:55 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:55 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-20 15:03:55 inserted user 599988bbe793e5892ed59c22. -2017-08-20 15:03:55 -------------------------------------------------------------------------------- -2017-08-20 15:03:55 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. -2017-08-20 15:03:55 Request: -User: "tobkle", role: "user", id: "599988bbe793e5892ed59c22", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599988bbe793e5892ed59c22" - } - ] -} -2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:03:55 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. -2017-08-20 15:03:55 -------------------------------------------------------------------------------- -2017-08-20 15:03:55 Request: -User: "tobkle", role: "user", id: "599988bbe793e5892ed59c22", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599988bbe793e5892ed59c22" - } - ] -} -2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:03:55 -------------------------------------------------------------------------------- -2017-08-20 15:03:55 Request: -User: "tobkle", role: "user", id: "599988bbe793e5892ed59c22", -Operation: "", variables: "", -Query: -{ - user(id: "599988bbe793e5892ed59c22") { - username - } -} - -2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599988bbe793e5892ed59c22" - } - ] -} -2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:03:55 -------------------------------------------------------------------------------- -2017-08-20 15:03:55 Request: -User: "tobkle", role: "user", id: "599988bbe793e5892ed59c22", -Operation: "", variables: "", -Query: -{ - user(id: "599988bbe793e5892ed59c22") { - username - role - } -} - -2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599988bbe793e5892ed59c22" - } - ] -} -2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:03:55 -------------------------------------------------------------------------------- -2017-08-20 15:03:55 Request: -User: "tobkle", role: "user", id: "599988bbe793e5892ed59c22", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599988bbe793e5892ed59c22" - } - ] -} -2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:03:55 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599988bbe793e5892ed59c22" - } - ] -} -2017-08-20 15:03:55 ERROR update user not possible for 583291a1638566b3c5a92ca1. -2017-08-20 15:03:55 -------------------------------------------------------------------------------- -2017-08-20 15:03:55 Request: -User: "tobkle", role: "user", id: "599988bbe793e5892ed59c22", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "599988bbe793e5892ed59c22", input: {username: "tobkle", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599988bbe793e5892ed59c22" - } - ] -} -2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:03:55 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599988bbe793e5892ed59c22" - } - ] -} -2017-08-20 15:03:55 updated user 599988bbe793e5892ed59c22. -2017-08-20 15:03:55 -------------------------------------------------------------------------------- -2017-08-20 15:03:55 Request: -User: "tobkle", role: "user", id: "599988bbe793e5892ed59c22", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "599988bbe793e5892ed59c22", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599988bbe793e5892ed59c22" - } - ] -} -2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:03:55 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599988bbe793e5892ed59c22" - } - ] -} -2017-08-20 15:03:55 updated user 599988bbe793e5892ed59c22. -2017-08-20 15:03:55 -------------------------------------------------------------------------------- -2017-08-20 15:03:55 Request: -User: "tobkle", role: "user", id: "599988bbe793e5892ed59c22", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599988bbe793e5892ed59c22" - } - ] -} -2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:03:55 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599988bbe793e5892ed59c22" - } - ] -} -2017-08-20 15:03:55 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-08-20 15:03:55 -------------------------------------------------------------------------------- -2017-08-20 15:03:55 Request: -User: "tobkle", role: "user", id: "599988bbe793e5892ed59c22", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "599988bbe793e5892ed59c22", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599988bbe793e5892ed59c22" - } - ] -} -2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:03:55 Authorize create 'createTweet' with user 'tobkle' and role: 'user' is authorized by docRole. -2017-08-20 15:03:55 inserted tweet 599988bbe793e5892ed59c23. -2017-08-20 15:03:55 -------------------------------------------------------------------------------- -2017-08-20 15:03:55 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. -2017-08-20 15:03:55 Request: -User: "tobkle", role: "user", id: "599988bbe793e5892ed59c22", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599988bbe793e5892ed59c22" - } - ] -} -2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:03:55 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. -2017-08-20 15:03:55 -------------------------------------------------------------------------------- -2017-08-20 15:03:55 Request: -User: "tobkle", role: "user", id: "599988bbe793e5892ed59c22", -Operation: "", variables: "", -Query: -{ - tweet(id: "599988bbe793e5892ed59c23") { - author { - id - } - body - } -} - -2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599988bbe793e5892ed59c22" - } - ] -} -2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:03:55 -------------------------------------------------------------------------------- -2017-08-20 15:03:55 Request: -User: "tobkle", role: "user", id: "599988bbe793e5892ed59c22", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599988bbe793e5892ed59c22" - } - ] -} -2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:03:55 -------------------------------------------------------------------------------- -2017-08-20 15:03:55 Request: -User: "tobkle", role: "user", id: "599988bbe793e5892ed59c22", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "599988bbe793e5892ed59c23", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599988bbe793e5892ed59c22" - } - ] -} -2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:03:55 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "599988bbe793e5892ed59c22" - }, - { - "coauthorsIds": "599988bbe793e5892ed59c22" - } - ] -} -2017-08-20 15:03:55 updated tweet 599988bbe793e5892ed59c23. -2017-08-20 15:03:55 -------------------------------------------------------------------------------- -2017-08-20 15:03:55 Request: -User: "tobkle", role: "user", id: "599988bbe793e5892ed59c22", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599988bbe793e5892ed59c22" - } - ] -} -2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:03:55 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "599988bbe793e5892ed59c22" - }, - { - "coauthorsIds": "599988bbe793e5892ed59c22" - } - ] -} -2017-08-20 15:03:55 ERROR update tweet not possible for 583676d3618530145474e352. -2017-08-20 15:03:55 -------------------------------------------------------------------------------- -2017-08-20 15:03:55 Request: -User: "tobkle", role: "user", id: "599988bbe793e5892ed59c22", -Operation: "", variables: "", -Query: -{ - tweet(id: "599988bbe793e5892ed59c23") { - body - } -} - -2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599988bbe793e5892ed59c22" - } - ] -} -2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:03:55 -------------------------------------------------------------------------------- -2017-08-20 15:03:55 Request: -User: "tobkle", role: "user", id: "599988bbe793e5892ed59c22", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "599988bbe793e5892ed59c23") -} - -2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599988bbe793e5892ed59c22" - } - ] -} -2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:03:55 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "599988bbe793e5892ed59c22" - } - ] -} -2017-08-20 15:03:55 removed tweet 599988bbe793e5892ed59c23. -2017-08-20 15:03:55 -------------------------------------------------------------------------------- -2017-08-20 15:03:55 Request: -User: "tobkle", role: "user", id: "599988bbe793e5892ed59c22", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599988bbe793e5892ed59c22" - } - ] -} -2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:03:55 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "599988bbe793e5892ed59c22" - } - ] -} -2017-08-20 15:03:55 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-08-20 15:03:55 -------------------------------------------------------------------------------- -2017-08-20 15:03:55 Request: -User: "tobkle", role: "user", id: "599988bbe793e5892ed59c22", -Operation: "", variables: "", -Query: -{ - tweet(id: "599988bbe793e5892ed59c23") { - body - } -} - -2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599988bbe793e5892ed59c22" - } - ] -} -2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:03:55 -------------------------------------------------------------------------------- -2017-08-20 15:03:55 Request: -User: "tobkle", role: "user", id: "599988bbe793e5892ed59c22", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "599988bbe793e5892ed59c22") -} - -2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599988bbe793e5892ed59c22" - } - ] -} -2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:03:55 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599988bbe793e5892ed59c22" - } - ] -} -2017-08-20 15:03:55 removed user 599988bbe793e5892ed59c22. -2017-08-20 15:03:55 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:03:55 -------------------------------------------------------------------------------- -2017-08-20 15:03:55 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "599988bbe793e5892ed59c22") { - username - bio - role - } -} - -2017-08-20 15:03:55 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 15:03:55 -------------------------------------------------------------------------------- -2017-08-20 15:03:55 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { - id - role - } -} - -2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:55 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:03:55 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-20 15:03:55 inserted user 599988bbe793e5892ed59c24. -2017-08-20 15:03:55 -------------------------------------------------------------------------------- -2017-08-20 15:03:55 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. -2017-08-20 15:03:55 Request: -User: "tobkle", role: "editor", id: "599988bbe793e5892ed59c24", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599988bbe793e5892ed59c24" - } - ] -} -2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-20 15:03:55 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. -2017-08-20 15:03:55 -------------------------------------------------------------------------------- -2017-08-20 15:03:55 Request: -User: "tobkle", role: "editor", id: "599988bbe793e5892ed59c24", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599988bbe793e5892ed59c24" - } - ] -} -2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-20 15:03:55 -------------------------------------------------------------------------------- -2017-08-20 15:03:55 Request: -User: "tobkle", role: "editor", id: "599988bbe793e5892ed59c24", -Operation: "", variables: "", -Query: -{ - user(id: "599988bbe793e5892ed59c24") { - username - role - } -} - -2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599988bbe793e5892ed59c24" - } - ] -} -2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-20 15:03:55 -------------------------------------------------------------------------------- -2017-08-20 15:03:55 Request: -User: "tobkle", role: "editor", id: "599988bbe793e5892ed59c24", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599988bbe793e5892ed59c24" - } - ] -} -2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-20 15:03:55 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599988bbe793e5892ed59c24" - } - ] -} -2017-08-20 15:03:55 ERROR update user not possible for 583291a1638566b3c5a92ca1. -2017-08-20 15:03:55 -------------------------------------------------------------------------------- -2017-08-20 15:03:55 Request: -User: "tobkle", role: "editor", id: "599988bbe793e5892ed59c24", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "599988bbe793e5892ed59c24", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599988bbe793e5892ed59c24" - } - ] -} -2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-20 15:03:55 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599988bbe793e5892ed59c24" - } - ] -} -2017-08-20 15:03:55 updated user 599988bbe793e5892ed59c24. -2017-08-20 15:03:55 -------------------------------------------------------------------------------- -2017-08-20 15:03:55 Request: -User: "tmeasday", role: "editor", id: "599988bbe793e5892ed59c24", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "599988bbe793e5892ed59c24", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599988bbe793e5892ed59c24" - } - ] -} -2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 15:03:55 Authorize update 'updateUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599988bbe793e5892ed59c24" - } - ] -} -2017-08-20 15:03:55 updated user 599988bbe793e5892ed59c24. -2017-08-20 15:03:55 -------------------------------------------------------------------------------- -2017-08-20 15:03:55 Request: -User: "tmeasday", role: "editor", id: "599988bbe793e5892ed59c24", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599988bbe793e5892ed59c24" - } - ] -} -2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 15:03:55 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599988bbe793e5892ed59c24" - } - ] -} -2017-08-20 15:03:55 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-08-20 15:03:55 -------------------------------------------------------------------------------- -2017-08-20 15:03:55 Request: -User: "tmeasday", role: "editor", id: "599988bbe793e5892ed59c24", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "599988bbe793e5892ed59c24", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599988bbe793e5892ed59c24" - } - ] -} -2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 15:03:55 Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is authorized by docRole. -2017-08-20 15:03:55 inserted tweet 599988bbe793e5892ed59c25. -2017-08-20 15:03:55 -------------------------------------------------------------------------------- -2017-08-20 15:03:55 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. -2017-08-20 15:03:55 Request: -User: "tmeasday", role: "editor", id: "599988bbe793e5892ed59c24", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599988bbe793e5892ed59c24" - } - ] -} -2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 15:03:55 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. -2017-08-20 15:03:55 -------------------------------------------------------------------------------- -2017-08-20 15:03:55 Request: -User: "tmeasday", role: "editor", id: "599988bbe793e5892ed59c24", -Operation: "", variables: "", -Query: -{ - tweet(id: "599988bbe793e5892ed59c25") { - author { - id - } - body - } -} - -2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599988bbe793e5892ed59c24" - } - ] -} -2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 15:03:55 -------------------------------------------------------------------------------- -2017-08-20 15:03:55 Request: -User: "tmeasday", role: "editor", id: "599988bbe793e5892ed59c24", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599988bbe793e5892ed59c24" - } - ] -} -2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 15:03:55 -------------------------------------------------------------------------------- -2017-08-20 15:03:55 Request: -User: "tmeasday", role: "editor", id: "599988bbe793e5892ed59c24", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "599988bbe793e5892ed59c25", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599988bbe793e5892ed59c24" - } - ] -} -2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 15:03:55 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "599988bbe793e5892ed59c24" - }, - { - "coauthorsIds": "599988bbe793e5892ed59c24" - } - ] -} -2017-08-20 15:03:55 updated tweet 599988bbe793e5892ed59c25. -2017-08-20 15:03:55 -------------------------------------------------------------------------------- -2017-08-20 15:03:55 Request: -User: "tmeasday", role: "editor", id: "599988bbe793e5892ed59c24", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599988bbe793e5892ed59c24" - } - ] -} -2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 15:03:55 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "599988bbe793e5892ed59c24" - }, - { - "coauthorsIds": "599988bbe793e5892ed59c24" - } - ] -} -2017-08-20 15:03:55 ERROR update tweet not possible for 583676d3618530145474e352. -2017-08-20 15:03:55 -------------------------------------------------------------------------------- -2017-08-20 15:03:55 Request: -User: "tmeasday", role: "editor", id: "599988bbe793e5892ed59c24", -Operation: "", variables: "", -Query: -{ - tweet(id: "599988bbe793e5892ed59c25") { - body - } -} - -2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599988bbe793e5892ed59c24" - } - ] -} -2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 15:03:55 -------------------------------------------------------------------------------- -2017-08-20 15:03:55 Request: -User: "tmeasday", role: "editor", id: "599988bbe793e5892ed59c24", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "599988bbe793e5892ed59c25") -} - -2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599988bbe793e5892ed59c24" - } - ] -} -2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 15:03:55 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "599988bbe793e5892ed59c24" - } - ] -} -2017-08-20 15:03:55 removed tweet 599988bbe793e5892ed59c25. -2017-08-20 15:03:55 -------------------------------------------------------------------------------- -2017-08-20 15:03:55 Request: -User: "tmeasday", role: "editor", id: "599988bbe793e5892ed59c24", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599988bbe793e5892ed59c24" - } - ] -} -2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 15:03:55 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "599988bbe793e5892ed59c24" - } - ] -} -2017-08-20 15:03:55 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-08-20 15:03:55 -------------------------------------------------------------------------------- -2017-08-20 15:03:55 Request: -User: "tmeasday", role: "editor", id: "599988bbe793e5892ed59c24", -Operation: "", variables: "", -Query: -{ - tweet(id: "599988bbe793e5892ed59c25") { - body - } -} - -2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599988bbe793e5892ed59c24" - } - ] -} -2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 15:03:55 -------------------------------------------------------------------------------- -2017-08-20 15:03:55 Request: -User: "tmeasday", role: "editor", id: "599988bbe793e5892ed59c24", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "599988bbe793e5892ed59c24") -} - -2017-08-20 15:03:55 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599988bbe793e5892ed59c24" - } - ] -} -2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 15:03:55 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599988bbe793e5892ed59c24" - } - ] -} -2017-08-20 15:03:55 removed user 599988bbe793e5892ed59c24. -2017-08-20 15:03:55 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:03:55 -------------------------------------------------------------------------------- -2017-08-20 15:03:55 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "599988bbe793e5892ed59c24") { - username - bio - role - } -} - -2017-08-20 15:03:55 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:03:55 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 15:07:56 Logger started -2017-08-20 15:08:24 -------------------------------------------------------------------------------- -2017-08-20 15:08:24 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-20 15:08:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:08:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 -------------------------------------------------------------------------------- -2017-08-20 15:09:08 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 -------------------------------------------------------------------------------- -2017-08-20 15:09:08 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - role - username - } -} - -2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 -------------------------------------------------------------------------------- -2017-08-20 15:09:08 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - role - username - } -} - -2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 -------------------------------------------------------------------------------- -2017-08-20 15:09:08 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca2") { - role - username - } -} - -2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 -------------------------------------------------------------------------------- -2017-08-20 15:09:08 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - id - username - bio - } -} - -2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 -------------------------------------------------------------------------------- -2017-08-20 15:09:08 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users { - username - createdAt - } -} - -2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 -------------------------------------------------------------------------------- -2017-08-20 15:09:08 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(limit: 1) { - username - createdAt - } -} - -2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 -------------------------------------------------------------------------------- -2017-08-20 15:09:08 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993) { - username - createdAt - } -} - -2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 -------------------------------------------------------------------------------- -2017-08-20 15:09:08 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } -} - -2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 -------------------------------------------------------------------------------- -2017-08-20 15:09:08 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers { - username - createdAt - } - } -} - -2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 -------------------------------------------------------------------------------- -2017-08-20 15:09:08 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(limit: 1) { - username - createdAt - } - } -} - -2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 -------------------------------------------------------------------------------- -2017-08-20 15:09:08 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 -------------------------------------------------------------------------------- -2017-08-20 15:09:08 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 -------------------------------------------------------------------------------- -2017-08-20 15:09:08 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following { - username - createdAt - } - } -} - -2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 -------------------------------------------------------------------------------- -2017-08-20 15:09:08 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(limit: 1) { - username - createdAt - } - } -} - -2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 -------------------------------------------------------------------------------- -2017-08-20 15:09:08 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 -------------------------------------------------------------------------------- -2017-08-20 15:09:08 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 -------------------------------------------------------------------------------- -2017-08-20 15:09:08 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets { - id - createdAt - } - } -} - -2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 -------------------------------------------------------------------------------- -2017-08-20 15:09:08 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(limit: 1) { - id - createdAt - } - } -} - -2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 -------------------------------------------------------------------------------- -2017-08-20 15:09:08 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } - } -} - -2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 -------------------------------------------------------------------------------- -2017-08-20 15:09:08 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } - } -} - -2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 -------------------------------------------------------------------------------- -2017-08-20 15:09:08 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked { - id - createdAt - } - } -} - -2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 -------------------------------------------------------------------------------- -2017-08-20 15:09:08 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(limit: 1) { - id - createdAt - } - } -} - -2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 -------------------------------------------------------------------------------- -2017-08-20 15:09:08 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334) { - id - createdAt - } - } -} - -2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 -------------------------------------------------------------------------------- -2017-08-20 15:09:08 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334, limit: 1) { - id - createdAt - } - } -} - -2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 -------------------------------------------------------------------------------- -2017-08-20 15:09:08 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - id - body - } -} - -2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 -------------------------------------------------------------------------------- -2017-08-20 15:09:08 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - author { - username - } - } -} - -2017-08-20 15:09:08 -------------------------------------------------------------------------------- -2017-08-20 15:09:08 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets { - id - createdAt - } -} - -2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 -------------------------------------------------------------------------------- -2017-08-20 15:09:08 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(limit: 1) { - id - createdAt - } -} - -2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 -------------------------------------------------------------------------------- -2017-08-20 15:09:08 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } -} - -2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 -------------------------------------------------------------------------------- -2017-08-20 15:09:08 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } -} - -2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 -------------------------------------------------------------------------------- -2017-08-20 15:09:08 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers { - username - createdAt - } - } -} - -2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 -------------------------------------------------------------------------------- -2017-08-20 15:09:08 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(limit: 1) { - username - createdAt - } - } -} - -2017-08-20 15:09:08 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:08 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993) { - username - createdAt - } - } -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:09 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } - } -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:09 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { - id - role - } -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:09 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:09 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-20 15:09:09 inserted user 599989f5b11e6e8a458161bb. -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "tobkle", role: "admin", id: "599989f5b11e6e8a458161bb", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:09:09 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:09:09 inserted user 599989f5b11e6e8a458161bc. -2017-08-20 15:09:09 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "tobkle", role: "admin", id: "599989f5b11e6e8a458161bb", -Operation: "", variables: "", -Query: -{ - user(id: "599989f5b11e6e8a458161bc") { - username - bio - role - } -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "tobkle", role: "admin", id: "599989f5b11e6e8a458161bb", -Operation: "", variables: "", -Query: -{ - user(id: "599989f5b11e6e8a458161bb") { - username - role - } -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "tobkle", role: "admin", id: "599989f5b11e6e8a458161bb", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "599989f5b11e6e8a458161bc", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:09:09 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:09:09 updated user 599989f5b11e6e8a458161bc. -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "tobkle", role: "admin", id: "599989f5b11e6e8a458161bb", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "599989f5b11e6e8a458161bb", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:09:09 updated user 599989f5b11e6e8a458161bb. -2017-08-20 15:09:09 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "tobkle", role: "admin", id: "599989f5b11e6e8a458161bb", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "599989f5b11e6e8a458161bc", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:09:09 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:09:09 updated user 599989f5b11e6e8a458161bc. -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "tobkle", role: "admin", id: "599989f5b11e6e8a458161bb", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "599989f5b11e6e8a458161bb", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:09:09 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:09:09 updated user 599989f5b11e6e8a458161bb. -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "tobkle", role: "editor", id: "599989f5b11e6e8a458161bb", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "599989f5b11e6e8a458161bb", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599989f5b11e6e8a458161bb" - } - ] -} -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-20 15:09:09 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599989f5b11e6e8a458161bb" - } - ] -} -2017-08-20 15:09:09 updated user 599989f5b11e6e8a458161bb. -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "zoltan", role: "admin", id: "599989f5b11e6e8a458161bc", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "599989f5b11e6e8a458161bb", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'zoltan' and role 'admin' is authorized -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'zoltan' and role 'admin' is authorized -2017-08-20 15:09:09 Authorize update 'updateUser' with user 'zoltan' and role 'admin' is authorized -2017-08-20 15:09:09 updated user 599989f5b11e6e8a458161bb. -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "tobkle", role: "admin", id: "599989f5b11e6e8a458161bb", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "599989f5b11e6e8a458161bc") -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:09:09 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:09:09 removed user 599989f5b11e6e8a458161bc. -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "tobkle", role: "admin", id: "599989f5b11e6e8a458161bb", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "599989f5b11e6e8a458161bb", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:09:09 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:09:09 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-20 15:09:09 inserted tweet 599989f5b11e6e8a458161bd. -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "tobkle", role: "admin", id: "599989f5b11e6e8a458161bb", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-20 15:09:09 inserted tweet 599989f5b11e6e8a458161be. -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:09:09 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "tobkle", role: "admin", id: "599989f5b11e6e8a458161bb", -Operation: "", variables: "", -Query: -{ - tweet(id: "599989f5b11e6e8a458161bd") { - author { - id - } - body - } -} - -2017-08-20 15:09:09 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "tobkle", role: "admin", id: "599989f5b11e6e8a458161bb", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "tobkle", role: "admin", id: "599989f5b11e6e8a458161bb", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "599989f5b11e6e8a458161bd", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:09:09 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:09:09 updated tweet 599989f5b11e6e8a458161bd. -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "tobkle", role: "admin", id: "599989f5b11e6e8a458161bb", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "599989f5b11e6e8a458161be", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:09:09 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:09:09 updated tweet 599989f5b11e6e8a458161be. -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "tobkle", role: "admin", id: "599989f5b11e6e8a458161bb", -Operation: "", variables: "", -Query: -{ - tweet(id: "599989f5b11e6e8a458161bd") { - body - } -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "tobkle", role: "admin", id: "599989f5b11e6e8a458161bb", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "599989f5b11e6e8a458161bd") -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:09:09 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:09:09 removed tweet 599989f5b11e6e8a458161bd. -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "tobkle", role: "admin", id: "599989f5b11e6e8a458161bb", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "599989f5b11e6e8a458161be") -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:09:09 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:09:09 removed tweet 599989f5b11e6e8a458161be. -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "tobkle", role: "admin", id: "599989f5b11e6e8a458161bb", -Operation: "", variables: "", -Query: -{ - tweet(id: "599989f5b11e6e8a458161bd") { - body - } -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "tobkle", role: "admin", id: "599989f5b11e6e8a458161bb", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "599989f5b11e6e8a458161bb") -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:09:09 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:09:09 removed user 599989f5b11e6e8a458161bb. -2017-08-20 15:09:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "599989f5b11e6e8a458161bb") { - username - bio - role - } -} - -2017-08-20 15:09:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 15:09:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-20 15:09:09 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-08-20 15:09:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 15:09:09 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-20 15:09:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-20 15:09:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 15:09:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. -2017-08-20 15:09:09 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 15:09:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 15:09:09 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. -2017-08-20 15:09:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-20 15:09:09 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-20 15:09:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 15:09:09 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-20 15:09:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-20 15:09:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 15:09:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-20 15:09:09 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-20 15:09:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 15:09:09 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-20 15:09:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-20 15:09:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 15:09:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-20 15:09:09 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 15:09:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 15:09:09 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-20 15:09:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-20 15:09:09 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 15:09:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 15:09:09 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-20 15:09:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-20 15:09:09 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-20 15:09:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 15:09:09 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { - id - role - } -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:09 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:09 inserted user 599989f5b11e6e8a458161bf. -2017-08-20 15:09:09 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. -2017-08-20 15:09:09 Request: -User: "tobkle", role: "user", id: "599989f5b11e6e8a458161bf", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599989f5b11e6e8a458161bf" - } - ] -} -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:09:09 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "tobkle", role: "user", id: "599989f5b11e6e8a458161bf", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599989f5b11e6e8a458161bf" - } - ] -} -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "tobkle", role: "user", id: "599989f5b11e6e8a458161bf", -Operation: "", variables: "", -Query: -{ - user(id: "599989f5b11e6e8a458161bf") { - username - } -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599989f5b11e6e8a458161bf" - } - ] -} -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "tobkle", role: "user", id: "599989f5b11e6e8a458161bf", -Operation: "", variables: "", -Query: -{ - user(id: "599989f5b11e6e8a458161bf") { - username - role - } -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599989f5b11e6e8a458161bf" - } - ] -} -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "tobkle", role: "user", id: "599989f5b11e6e8a458161bf", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599989f5b11e6e8a458161bf" - } - ] -} -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:09:09 ERROR update user not possible for 583291a1638566b3c5a92ca1. -2017-08-20 15:09:09 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599989f5b11e6e8a458161bf" - } - ] -} -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "tobkle", role: "user", id: "599989f5b11e6e8a458161bf", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "599989f5b11e6e8a458161bf", input: {username: "tobkle", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599989f5b11e6e8a458161bf" - } - ] -} -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:09:09 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599989f5b11e6e8a458161bf" - } - ] -} -2017-08-20 15:09:09 updated user 599989f5b11e6e8a458161bf. -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "tobkle", role: "user", id: "599989f5b11e6e8a458161bf", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "599989f5b11e6e8a458161bf", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599989f5b11e6e8a458161bf" - } - ] -} -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:09:09 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599989f5b11e6e8a458161bf" - } - ] -} -2017-08-20 15:09:09 updated user 599989f5b11e6e8a458161bf. -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "tobkle", role: "user", id: "599989f5b11e6e8a458161bf", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599989f5b11e6e8a458161bf" - } - ] -} -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:09:09 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599989f5b11e6e8a458161bf" - } - ] -} -2017-08-20 15:09:09 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "tobkle", role: "user", id: "599989f5b11e6e8a458161bf", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "599989f5b11e6e8a458161bf", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599989f5b11e6e8a458161bf" - } - ] -} -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:09:09 Authorize create 'createTweet' with user 'tobkle' and role: 'user' is authorized by docRole. -2017-08-20 15:09:09 inserted tweet 599989f5b11e6e8a458161c0. -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. -2017-08-20 15:09:09 Request: -User: "tobkle", role: "user", id: "599989f5b11e6e8a458161bf", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599989f5b11e6e8a458161bf" - } - ] -} -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:09:09 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "tobkle", role: "user", id: "599989f5b11e6e8a458161bf", -Operation: "", variables: "", -Query: -{ - tweet(id: "599989f5b11e6e8a458161c0") { - author { - id - } - body - } -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599989f5b11e6e8a458161bf" - } - ] -} -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "tobkle", role: "user", id: "599989f5b11e6e8a458161bf", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599989f5b11e6e8a458161bf" - } - ] -} -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "tobkle", role: "user", id: "599989f5b11e6e8a458161bf", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "599989f5b11e6e8a458161c0", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599989f5b11e6e8a458161bf" - } - ] -} -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:09:09 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "599989f5b11e6e8a458161bf" - }, - { - "coauthorsIds": "599989f5b11e6e8a458161bf" - } - ] -} -2017-08-20 15:09:09 updated tweet 599989f5b11e6e8a458161c0. -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "tobkle", role: "user", id: "599989f5b11e6e8a458161bf", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599989f5b11e6e8a458161bf" - } - ] -} -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:09:09 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "599989f5b11e6e8a458161bf" - }, - { - "coauthorsIds": "599989f5b11e6e8a458161bf" - } - ] -} -2017-08-20 15:09:09 ERROR update tweet not possible for 583676d3618530145474e352. -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "tobkle", role: "user", id: "599989f5b11e6e8a458161bf", -Operation: "", variables: "", -Query: -{ - tweet(id: "599989f5b11e6e8a458161c0") { - body - } -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599989f5b11e6e8a458161bf" - } - ] -} -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "tobkle", role: "user", id: "599989f5b11e6e8a458161bf", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "599989f5b11e6e8a458161c0") -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599989f5b11e6e8a458161bf" - } - ] -} -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:09:09 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "599989f5b11e6e8a458161bf" - } - ] -} -2017-08-20 15:09:09 removed tweet 599989f5b11e6e8a458161c0. -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "tobkle", role: "user", id: "599989f5b11e6e8a458161bf", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599989f5b11e6e8a458161bf" - } - ] -} -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:09:09 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "599989f5b11e6e8a458161bf" - } - ] -} -2017-08-20 15:09:09 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "tobkle", role: "user", id: "599989f5b11e6e8a458161bf", -Operation: "", variables: "", -Query: -{ - tweet(id: "599989f5b11e6e8a458161c0") { - body - } -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599989f5b11e6e8a458161bf" - } - ] -} -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "tobkle", role: "user", id: "599989f5b11e6e8a458161bf", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "599989f5b11e6e8a458161bf") -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599989f5b11e6e8a458161bf" - } - ] -} -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:09:09 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "599989f5b11e6e8a458161bf" - } - ] -} -2017-08-20 15:09:09 removed user 599989f5b11e6e8a458161bf. -2017-08-20 15:09:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "599989f5b11e6e8a458161bf") { - username - bio - role - } -} - -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 15:09:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { - id - role - } -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:09 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:09:09 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-20 15:09:09 inserted user 599989f5b11e6e8a458161c1. -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. -2017-08-20 15:09:09 Request: -User: "tobkle", role: "editor", id: "599989f5b11e6e8a458161c1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599989f5b11e6e8a458161c1" - } - ] -} -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-20 15:09:09 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "tobkle", role: "editor", id: "599989f5b11e6e8a458161c1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599989f5b11e6e8a458161c1" - } - ] -} -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "tobkle", role: "editor", id: "599989f5b11e6e8a458161c1", -Operation: "", variables: "", -Query: -{ - user(id: "599989f5b11e6e8a458161c1") { - username - role - } -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599989f5b11e6e8a458161c1" - } - ] -} -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "tobkle", role: "editor", id: "599989f5b11e6e8a458161c1", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599989f5b11e6e8a458161c1" - } - ] -} -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-20 15:09:09 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599989f5b11e6e8a458161c1" - } - ] -} -2017-08-20 15:09:09 ERROR update user not possible for 583291a1638566b3c5a92ca1. -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "tobkle", role: "editor", id: "599989f5b11e6e8a458161c1", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "599989f5b11e6e8a458161c1", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599989f5b11e6e8a458161c1" - } - ] -} -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-20 15:09:09 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599989f5b11e6e8a458161c1" - } - ] -} -2017-08-20 15:09:09 updated user 599989f5b11e6e8a458161c1. -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "tmeasday", role: "editor", id: "599989f5b11e6e8a458161c1", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "599989f5b11e6e8a458161c1", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599989f5b11e6e8a458161c1" - } - ] -} -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 15:09:09 Authorize update 'updateUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599989f5b11e6e8a458161c1" - } - ] -} -2017-08-20 15:09:09 updated user 599989f5b11e6e8a458161c1. -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "tmeasday", role: "editor", id: "599989f5b11e6e8a458161c1", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599989f5b11e6e8a458161c1" - } - ] -} -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 15:09:09 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599989f5b11e6e8a458161c1" - } - ] -} -2017-08-20 15:09:09 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "tmeasday", role: "editor", id: "599989f5b11e6e8a458161c1", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "599989f5b11e6e8a458161c1", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599989f5b11e6e8a458161c1" - } - ] -} -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 15:09:09 Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is authorized by docRole. -2017-08-20 15:09:09 inserted tweet 599989f5b11e6e8a458161c2. -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. -2017-08-20 15:09:09 Request: -User: "tmeasday", role: "editor", id: "599989f5b11e6e8a458161c1", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599989f5b11e6e8a458161c1" - } - ] -} -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 15:09:09 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "tmeasday", role: "editor", id: "599989f5b11e6e8a458161c1", -Operation: "", variables: "", -Query: -{ - tweet(id: "599989f5b11e6e8a458161c2") { - author { - id - } - body - } -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599989f5b11e6e8a458161c1" - } - ] -} -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "tmeasday", role: "editor", id: "599989f5b11e6e8a458161c1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599989f5b11e6e8a458161c1" - } - ] -} -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "tmeasday", role: "editor", id: "599989f5b11e6e8a458161c1", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "599989f5b11e6e8a458161c2", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599989f5b11e6e8a458161c1" - } - ] -} -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 15:09:09 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "599989f5b11e6e8a458161c1" - }, - { - "coauthorsIds": "599989f5b11e6e8a458161c1" - } - ] -} -2017-08-20 15:09:09 updated tweet 599989f5b11e6e8a458161c2. -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "tmeasday", role: "editor", id: "599989f5b11e6e8a458161c1", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599989f5b11e6e8a458161c1" - } - ] -} -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 15:09:09 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "599989f5b11e6e8a458161c1" - }, - { - "coauthorsIds": "599989f5b11e6e8a458161c1" - } - ] -} -2017-08-20 15:09:09 ERROR update tweet not possible for 583676d3618530145474e352. -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "tmeasday", role: "editor", id: "599989f5b11e6e8a458161c1", -Operation: "", variables: "", -Query: -{ - tweet(id: "599989f5b11e6e8a458161c2") { - body - } -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599989f5b11e6e8a458161c1" - } - ] -} -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "tmeasday", role: "editor", id: "599989f5b11e6e8a458161c1", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "599989f5b11e6e8a458161c2") -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599989f5b11e6e8a458161c1" - } - ] -} -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 15:09:09 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "599989f5b11e6e8a458161c1" - } - ] -} -2017-08-20 15:09:09 removed tweet 599989f5b11e6e8a458161c2. -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "tmeasday", role: "editor", id: "599989f5b11e6e8a458161c1", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599989f5b11e6e8a458161c1" - } - ] -} -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 15:09:09 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-08-20 15:09:09 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "599989f5b11e6e8a458161c1" - } - ] -} -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "tmeasday", role: "editor", id: "599989f5b11e6e8a458161c1", -Operation: "", variables: "", -Query: -{ - tweet(id: "599989f5b11e6e8a458161c2") { - body - } -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599989f5b11e6e8a458161c1" - } - ] -} -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "tmeasday", role: "editor", id: "599989f5b11e6e8a458161c1", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "599989f5b11e6e8a458161c1") -} - -2017-08-20 15:09:09 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599989f5b11e6e8a458161c1" - } - ] -} -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 15:09:09 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "599989f5b11e6e8a458161c1" - } - ] -} -2017-08-20 15:09:09 removed user 599989f5b11e6e8a458161c1. -2017-08-20 15:09:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:09:09 -------------------------------------------------------------------------------- -2017-08-20 15:09:09 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "599989f5b11e6e8a458161c1") { - username - bio - role - } -} - -2017-08-20 15:09:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:09:09 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 15:12:40 Logger started -2017-08-20 15:13:32 -------------------------------------------------------------------------------- -2017-08-20 15:13:32 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-20 15:13:32 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:13:32 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 -------------------------------------------------------------------------------- -2017-08-20 15:14:16 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 -------------------------------------------------------------------------------- -2017-08-20 15:14:16 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - role - username - } -} - -2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 -------------------------------------------------------------------------------- -2017-08-20 15:14:16 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - role - username - } -} - -2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 -------------------------------------------------------------------------------- -2017-08-20 15:14:16 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca2") { - role - username - } -} - -2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 -------------------------------------------------------------------------------- -2017-08-20 15:14:16 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - id - username - bio - } -} - -2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 -------------------------------------------------------------------------------- -2017-08-20 15:14:16 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users { - username - createdAt - } -} - -2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 -------------------------------------------------------------------------------- -2017-08-20 15:14:16 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(limit: 1) { - username - createdAt - } -} - -2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 -------------------------------------------------------------------------------- -2017-08-20 15:14:16 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993) { - username - createdAt - } -} - -2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 -------------------------------------------------------------------------------- -2017-08-20 15:14:16 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } -} - -2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 -------------------------------------------------------------------------------- -2017-08-20 15:14:16 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers { - username - createdAt - } - } -} - -2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 -------------------------------------------------------------------------------- -2017-08-20 15:14:16 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(limit: 1) { - username - createdAt - } - } -} - -2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 -------------------------------------------------------------------------------- -2017-08-20 15:14:16 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 -------------------------------------------------------------------------------- -2017-08-20 15:14:16 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 -------------------------------------------------------------------------------- -2017-08-20 15:14:16 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following { - username - createdAt - } - } -} - -2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 -------------------------------------------------------------------------------- -2017-08-20 15:14:16 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(limit: 1) { - username - createdAt - } - } -} - -2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 -------------------------------------------------------------------------------- -2017-08-20 15:14:16 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 -------------------------------------------------------------------------------- -2017-08-20 15:14:16 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 -------------------------------------------------------------------------------- -2017-08-20 15:14:16 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets { - id - createdAt - } - } -} - -2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 -------------------------------------------------------------------------------- -2017-08-20 15:14:16 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(limit: 1) { - id - createdAt - } - } -} - -2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 -------------------------------------------------------------------------------- -2017-08-20 15:14:16 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } - } -} - -2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 -------------------------------------------------------------------------------- -2017-08-20 15:14:16 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } - } -} - -2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 -------------------------------------------------------------------------------- -2017-08-20 15:14:16 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked { - id - createdAt - } - } -} - -2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 -------------------------------------------------------------------------------- -2017-08-20 15:14:16 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(limit: 1) { - id - createdAt - } - } -} - -2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 -------------------------------------------------------------------------------- -2017-08-20 15:14:16 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334) { - id - createdAt - } - } -} - -2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 -------------------------------------------------------------------------------- -2017-08-20 15:14:16 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334, limit: 1) { - id - createdAt - } - } -} - -2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 -------------------------------------------------------------------------------- -2017-08-20 15:14:16 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - id - body - } -} - -2017-08-20 15:14:16 -------------------------------------------------------------------------------- -2017-08-20 15:14:16 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - author { - username - } - } -} - -2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 -------------------------------------------------------------------------------- -2017-08-20 15:14:16 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets { - id - createdAt - } -} - -2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 -------------------------------------------------------------------------------- -2017-08-20 15:14:16 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(limit: 1) { - id - createdAt - } -} - -2017-08-20 15:14:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers { - username - createdAt - } - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(limit: 1) { - username - createdAt - } - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993) { - username - createdAt - } - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { - id - role - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-20 15:14:17 inserted user 59998b29fa5e208b07f4c385. -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "tobkle", role: "admin", id: "59998b29fa5e208b07f4c385", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-20 15:14:17 inserted user 59998b29fa5e208b07f4c386. -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "tobkle", role: "admin", id: "59998b29fa5e208b07f4c385", -Operation: "", variables: "", -Query: -{ - user(id: "59998b29fa5e208b07f4c386") { - username - bio - role - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "tobkle", role: "admin", id: "59998b29fa5e208b07f4c385", -Operation: "", variables: "", -Query: -{ - user(id: "59998b29fa5e208b07f4c385") { - username - role - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "tobkle", role: "admin", id: "59998b29fa5e208b07f4c385", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59998b29fa5e208b07f4c386", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:14:17 updated user 59998b29fa5e208b07f4c386. -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "tobkle", role: "admin", id: "59998b29fa5e208b07f4c385", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59998b29fa5e208b07f4c385", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:14:17 updated user 59998b29fa5e208b07f4c385. -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "tobkle", role: "admin", id: "59998b29fa5e208b07f4c385", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59998b29fa5e208b07f4c386", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:14:17 updated user 59998b29fa5e208b07f4c386. -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "tobkle", role: "admin", id: "59998b29fa5e208b07f4c385", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59998b29fa5e208b07f4c385", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:14:17 updated user 59998b29fa5e208b07f4c385. -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "tobkle", role: "editor", id: "59998b29fa5e208b07f4c385", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59998b29fa5e208b07f4c385", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998b29fa5e208b07f4c385" - } - ] -} -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-20 15:14:17 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998b29fa5e208b07f4c385" - } - ] -} -2017-08-20 15:14:17 updated user 59998b29fa5e208b07f4c385. -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "zoltan", role: "admin", id: "59998b29fa5e208b07f4c386", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59998b29fa5e208b07f4c385", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'zoltan' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'zoltan' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize update 'updateUser' with user 'zoltan' and role 'admin' is authorized -2017-08-20 15:14:17 updated user 59998b29fa5e208b07f4c385. -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "tobkle", role: "admin", id: "59998b29fa5e208b07f4c385", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59998b29fa5e208b07f4c386") -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:14:17 removed user 59998b29fa5e208b07f4c386. -2017-08-20 15:14:17 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "tobkle", role: "admin", id: "59998b29fa5e208b07f4c385", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59998b29fa5e208b07f4c385", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-20 15:14:17 inserted tweet 59998b29fa5e208b07f4c387. -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "tobkle", role: "admin", id: "59998b29fa5e208b07f4c385", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "tobkle", role: "admin", id: "59998b29fa5e208b07f4c385", -Operation: "", variables: "", -Query: -{ - tweet(id: "59998b29fa5e208b07f4c387") { - author { - id - } - body - } -} - -2017-08-20 15:14:17 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:14:17 inserted tweet 59998b29fa5e208b07f4c388. -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "tobkle", role: "admin", id: "59998b29fa5e208b07f4c385", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "tobkle", role: "admin", id: "59998b29fa5e208b07f4c385", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59998b29fa5e208b07f4c387", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:14:17 updated tweet 59998b29fa5e208b07f4c387. -2017-08-20 15:14:17 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "tobkle", role: "admin", id: "59998b29fa5e208b07f4c385", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59998b29fa5e208b07f4c388", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:14:17 updated tweet 59998b29fa5e208b07f4c388. -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "tobkle", role: "admin", id: "59998b29fa5e208b07f4c385", -Operation: "", variables: "", -Query: -{ - tweet(id: "59998b29fa5e208b07f4c387") { - body - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "tobkle", role: "admin", id: "59998b29fa5e208b07f4c385", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59998b29fa5e208b07f4c387") -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:14:17 removed tweet 59998b29fa5e208b07f4c387. -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "tobkle", role: "admin", id: "59998b29fa5e208b07f4c385", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59998b29fa5e208b07f4c388") -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:14:17 removed tweet 59998b29fa5e208b07f4c388. -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "tobkle", role: "admin", id: "59998b29fa5e208b07f4c385", -Operation: "", variables: "", -Query: -{ - tweet(id: "59998b29fa5e208b07f4c387") { - body - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "tobkle", role: "admin", id: "59998b29fa5e208b07f4c385", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59998b29fa5e208b07f4c385") -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:14:17 removed user 59998b29fa5e208b07f4c385. -2017-08-20 15:14:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59998b29fa5e208b07f4c385") { - username - bio - role - } -} - -2017-08-20 15:14:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 15:14:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-20 15:14:17 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-08-20 15:14:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 15:14:17 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-20 15:14:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-20 15:14:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 15:14:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. -2017-08-20 15:14:17 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 15:14:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 15:14:17 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. -2017-08-20 15:14:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-20 15:14:17 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-20 15:14:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 15:14:17 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-20 15:14:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-20 15:14:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 15:14:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-20 15:14:17 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 15:14:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:14:17 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-20 15:14:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-20 15:14:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 15:14:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-20 15:14:17 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 15:14:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 15:14:17 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-20 15:14:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-20 15:14:17 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 15:14:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 15:14:17 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-20 15:14:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-20 15:14:17 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-20 15:14:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 15:14:17 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { - id - role - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-20 15:14:17 inserted user 59998b29fa5e208b07f4c389. -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. -2017-08-20 15:14:17 Request: -User: "tobkle", role: "user", id: "59998b29fa5e208b07f4c389", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998b29fa5e208b07f4c389" - } - ] -} -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:14:17 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "tobkle", role: "user", id: "59998b29fa5e208b07f4c389", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998b29fa5e208b07f4c389" - } - ] -} -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "tobkle", role: "user", id: "59998b29fa5e208b07f4c389", -Operation: "", variables: "", -Query: -{ - user(id: "59998b29fa5e208b07f4c389") { - username - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998b29fa5e208b07f4c389" - } - ] -} -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "tobkle", role: "user", id: "59998b29fa5e208b07f4c389", -Operation: "", variables: "", -Query: -{ - user(id: "59998b29fa5e208b07f4c389") { - username - role - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998b29fa5e208b07f4c389" - } - ] -} -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "tobkle", role: "user", id: "59998b29fa5e208b07f4c389", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998b29fa5e208b07f4c389" - } - ] -} -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:14:17 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998b29fa5e208b07f4c389" - } - ] -} -2017-08-20 15:14:17 ERROR update user not possible for 583291a1638566b3c5a92ca1. -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "tobkle", role: "user", id: "59998b29fa5e208b07f4c389", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59998b29fa5e208b07f4c389", input: {username: "tobkle", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998b29fa5e208b07f4c389" - } - ] -} -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:14:17 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998b29fa5e208b07f4c389" - } - ] -} -2017-08-20 15:14:17 updated user 59998b29fa5e208b07f4c389. -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "tobkle", role: "user", id: "59998b29fa5e208b07f4c389", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59998b29fa5e208b07f4c389", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998b29fa5e208b07f4c389" - } - ] -} -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:14:17 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998b29fa5e208b07f4c389" - } - ] -} -2017-08-20 15:14:17 updated user 59998b29fa5e208b07f4c389. -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "tobkle", role: "user", id: "59998b29fa5e208b07f4c389", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998b29fa5e208b07f4c389" - } - ] -} -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:14:17 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998b29fa5e208b07f4c389" - } - ] -} -2017-08-20 15:14:17 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "tobkle", role: "user", id: "59998b29fa5e208b07f4c389", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59998b29fa5e208b07f4c389", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998b29fa5e208b07f4c389" - } - ] -} -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:14:17 Authorize create 'createTweet' with user 'tobkle' and role: 'user' is authorized by docRole. -2017-08-20 15:14:17 inserted tweet 59998b29fa5e208b07f4c38a. -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. -2017-08-20 15:14:17 Request: -User: "tobkle", role: "user", id: "59998b29fa5e208b07f4c389", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998b29fa5e208b07f4c389" - } - ] -} -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:14:17 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "tobkle", role: "user", id: "59998b29fa5e208b07f4c389", -Operation: "", variables: "", -Query: -{ - tweet(id: "59998b29fa5e208b07f4c38a") { - author { - id - } - body - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998b29fa5e208b07f4c389" - } - ] -} -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "tobkle", role: "user", id: "59998b29fa5e208b07f4c389", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998b29fa5e208b07f4c389" - } - ] -} -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "tobkle", role: "user", id: "59998b29fa5e208b07f4c389", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59998b29fa5e208b07f4c38a", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998b29fa5e208b07f4c389" - } - ] -} -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:14:17 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59998b29fa5e208b07f4c389" - }, - { - "coauthorsIds": "59998b29fa5e208b07f4c389" - } - ] -} -2017-08-20 15:14:17 updated tweet 59998b29fa5e208b07f4c38a. -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "tobkle", role: "user", id: "59998b29fa5e208b07f4c389", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998b29fa5e208b07f4c389" - } - ] -} -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:14:17 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59998b29fa5e208b07f4c389" - }, - { - "coauthorsIds": "59998b29fa5e208b07f4c389" - } - ] -} -2017-08-20 15:14:17 ERROR update tweet not possible for 583676d3618530145474e352. -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "tobkle", role: "user", id: "59998b29fa5e208b07f4c389", -Operation: "", variables: "", -Query: -{ - tweet(id: "59998b29fa5e208b07f4c38a") { - body - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998b29fa5e208b07f4c389" - } - ] -} -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "tobkle", role: "user", id: "59998b29fa5e208b07f4c389", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59998b29fa5e208b07f4c38a") -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998b29fa5e208b07f4c389" - } - ] -} -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:14:17 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59998b29fa5e208b07f4c389" - } - ] -} -2017-08-20 15:14:17 removed tweet 59998b29fa5e208b07f4c38a. -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "tobkle", role: "user", id: "59998b29fa5e208b07f4c389", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998b29fa5e208b07f4c389" - } - ] -} -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:14:17 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59998b29fa5e208b07f4c389" - } - ] -} -2017-08-20 15:14:17 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "tobkle", role: "user", id: "59998b29fa5e208b07f4c389", -Operation: "", variables: "", -Query: -{ - tweet(id: "59998b29fa5e208b07f4c38a") { - body - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998b29fa5e208b07f4c389" - } - ] -} -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "tobkle", role: "user", id: "59998b29fa5e208b07f4c389", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59998b29fa5e208b07f4c389") -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998b29fa5e208b07f4c389" - } - ] -} -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:14:17 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998b29fa5e208b07f4c389" - } - ] -} -2017-08-20 15:14:17 removed user 59998b29fa5e208b07f4c389. -2017-08-20 15:14:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59998b29fa5e208b07f4c389") { - username - bio - role - } -} - -2017-08-20 15:14:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { - id - role - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:17 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:14:17 inserted user 59998b29fa5e208b07f4c38b. -2017-08-20 15:14:17 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. -2017-08-20 15:14:17 Request: -User: "tobkle", role: "editor", id: "59998b29fa5e208b07f4c38b", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998b29fa5e208b07f4c38b" - } - ] -} -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-20 15:14:17 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "tobkle", role: "editor", id: "59998b29fa5e208b07f4c38b", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998b29fa5e208b07f4c38b" - } - ] -} -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "tobkle", role: "editor", id: "59998b29fa5e208b07f4c38b", -Operation: "", variables: "", -Query: -{ - user(id: "59998b29fa5e208b07f4c38b") { - username - role - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998b29fa5e208b07f4c38b" - } - ] -} -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "tobkle", role: "editor", id: "59998b29fa5e208b07f4c38b", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998b29fa5e208b07f4c38b" - } - ] -} -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-20 15:14:17 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998b29fa5e208b07f4c38b" - } - ] -} -2017-08-20 15:14:17 ERROR update user not possible for 583291a1638566b3c5a92ca1. -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "tobkle", role: "editor", id: "59998b29fa5e208b07f4c38b", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59998b29fa5e208b07f4c38b", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998b29fa5e208b07f4c38b" - } - ] -} -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-20 15:14:17 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998b29fa5e208b07f4c38b" - } - ] -} -2017-08-20 15:14:17 updated user 59998b29fa5e208b07f4c38b. -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "tmeasday", role: "editor", id: "59998b29fa5e208b07f4c38b", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59998b29fa5e208b07f4c38b", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998b29fa5e208b07f4c38b" - } - ] -} -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 15:14:17 Authorize update 'updateUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998b29fa5e208b07f4c38b" - } - ] -} -2017-08-20 15:14:17 updated user 59998b29fa5e208b07f4c38b. -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "tmeasday", role: "editor", id: "59998b29fa5e208b07f4c38b", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998b29fa5e208b07f4c38b" - } - ] -} -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 15:14:17 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998b29fa5e208b07f4c38b" - } - ] -} -2017-08-20 15:14:17 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "tmeasday", role: "editor", id: "59998b29fa5e208b07f4c38b", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59998b29fa5e208b07f4c38b", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998b29fa5e208b07f4c38b" - } - ] -} -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 15:14:17 Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is authorized by docRole. -2017-08-20 15:14:17 inserted tweet 59998b29fa5e208b07f4c38c. -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. -2017-08-20 15:14:17 Request: -User: "tmeasday", role: "editor", id: "59998b29fa5e208b07f4c38b", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998b29fa5e208b07f4c38b" - } - ] -} -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 15:14:17 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "tmeasday", role: "editor", id: "59998b29fa5e208b07f4c38b", -Operation: "", variables: "", -Query: -{ - tweet(id: "59998b29fa5e208b07f4c38c") { - author { - id - } - body - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998b29fa5e208b07f4c38b" - } - ] -} -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "tmeasday", role: "editor", id: "59998b29fa5e208b07f4c38b", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998b29fa5e208b07f4c38b" - } - ] -} -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "tmeasday", role: "editor", id: "59998b29fa5e208b07f4c38b", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59998b29fa5e208b07f4c38c", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998b29fa5e208b07f4c38b" - } - ] -} -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 15:14:17 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "59998b29fa5e208b07f4c38b" - }, - { - "coauthorsIds": "59998b29fa5e208b07f4c38b" - } - ] -} -2017-08-20 15:14:17 updated tweet 59998b29fa5e208b07f4c38c. -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "tmeasday", role: "editor", id: "59998b29fa5e208b07f4c38b", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998b29fa5e208b07f4c38b" - } - ] -} -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 15:14:17 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "59998b29fa5e208b07f4c38b" - }, - { - "coauthorsIds": "59998b29fa5e208b07f4c38b" - } - ] -} -2017-08-20 15:14:17 ERROR update tweet not possible for 583676d3618530145474e352. -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "tmeasday", role: "editor", id: "59998b29fa5e208b07f4c38b", -Operation: "", variables: "", -Query: -{ - tweet(id: "59998b29fa5e208b07f4c38c") { - body - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998b29fa5e208b07f4c38b" - } - ] -} -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "tmeasday", role: "editor", id: "59998b29fa5e208b07f4c38b", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59998b29fa5e208b07f4c38c") -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998b29fa5e208b07f4c38b" - } - ] -} -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 15:14:17 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "59998b29fa5e208b07f4c38b" - } - ] -} -2017-08-20 15:14:17 removed tweet 59998b29fa5e208b07f4c38c. -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "tmeasday", role: "editor", id: "59998b29fa5e208b07f4c38b", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998b29fa5e208b07f4c38b" - } - ] -} -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 15:14:17 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-08-20 15:14:17 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "59998b29fa5e208b07f4c38b" - } - ] -} -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "tmeasday", role: "editor", id: "59998b29fa5e208b07f4c38b", -Operation: "", variables: "", -Query: -{ - tweet(id: "59998b29fa5e208b07f4c38c") { - body - } -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998b29fa5e208b07f4c38b" - } - ] -} -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "tmeasday", role: "editor", id: "59998b29fa5e208b07f4c38b", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59998b29fa5e208b07f4c38b") -} - -2017-08-20 15:14:17 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998b29fa5e208b07f4c38b" - } - ] -} -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 15:14:17 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998b29fa5e208b07f4c38b" - } - ] -} -2017-08-20 15:14:17 removed user 59998b29fa5e208b07f4c38b. -2017-08-20 15:14:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:14:17 -------------------------------------------------------------------------------- -2017-08-20 15:14:17 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59998b29fa5e208b07f4c38b") { - username - bio - role - } -} - -2017-08-20 15:14:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:14:17 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 15:15:29 Logger started -2017-08-20 15:16:18 Logger started -2017-08-20 15:16:38 -------------------------------------------------------------------------------- -2017-08-20 15:16:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-20 15:16:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:16:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 -------------------------------------------------------------------------------- -2017-08-20 15:17:21 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-20 15:17:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 -------------------------------------------------------------------------------- -2017-08-20 15:17:21 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - role - username - } -} - -2017-08-20 15:17:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 -------------------------------------------------------------------------------- -2017-08-20 15:17:21 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - role - username - } -} - -2017-08-20 15:17:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 -------------------------------------------------------------------------------- -2017-08-20 15:17:21 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca2") { - role - username - } -} - -2017-08-20 15:17:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 -------------------------------------------------------------------------------- -2017-08-20 15:17:21 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - id - username - bio - } -} - -2017-08-20 15:17:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 -------------------------------------------------------------------------------- -2017-08-20 15:17:21 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users { - username - createdAt - } -} - -2017-08-20 15:17:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 -------------------------------------------------------------------------------- -2017-08-20 15:17:21 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(limit: 1) { - username - createdAt - } -} - -2017-08-20 15:17:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 -------------------------------------------------------------------------------- -2017-08-20 15:17:21 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993) { - username - createdAt - } -} - -2017-08-20 15:17:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 -------------------------------------------------------------------------------- -2017-08-20 15:17:21 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } -} - -2017-08-20 15:17:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 -------------------------------------------------------------------------------- -2017-08-20 15:17:21 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers { - username - createdAt - } - } -} - -2017-08-20 15:17:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 -------------------------------------------------------------------------------- -2017-08-20 15:17:21 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(limit: 1) { - username - createdAt - } - } -} - -2017-08-20 15:17:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 -------------------------------------------------------------------------------- -2017-08-20 15:17:21 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-08-20 15:17:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 -------------------------------------------------------------------------------- -2017-08-20 15:17:21 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-08-20 15:17:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 -------------------------------------------------------------------------------- -2017-08-20 15:17:21 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following { - username - createdAt - } - } -} - -2017-08-20 15:17:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 -------------------------------------------------------------------------------- -2017-08-20 15:17:21 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(limit: 1) { - username - createdAt - } - } -} - -2017-08-20 15:17:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 -------------------------------------------------------------------------------- -2017-08-20 15:17:21 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-08-20 15:17:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 -------------------------------------------------------------------------------- -2017-08-20 15:17:21 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-08-20 15:17:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 -------------------------------------------------------------------------------- -2017-08-20 15:17:21 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets { - id - createdAt - } - } -} - -2017-08-20 15:17:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 -------------------------------------------------------------------------------- -2017-08-20 15:17:21 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(limit: 1) { - id - createdAt - } - } -} - -2017-08-20 15:17:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 -------------------------------------------------------------------------------- -2017-08-20 15:17:21 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } - } -} - -2017-08-20 15:17:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 -------------------------------------------------------------------------------- -2017-08-20 15:17:21 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } - } -} - -2017-08-20 15:17:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 -------------------------------------------------------------------------------- -2017-08-20 15:17:21 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked { - id - createdAt - } - } -} - -2017-08-20 15:17:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:21 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(limit: 1) { - id - createdAt - } - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334) { - id - createdAt - } - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334, limit: 1) { - id - createdAt - } - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - id - body - } -} - -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - author { - username - } - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets { - id - createdAt - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(limit: 1) { - id - createdAt - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers { - username - createdAt - } - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(limit: 1) { - username - createdAt - } - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993) { - username - createdAt - } - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { - id - role - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-20 15:17:22 inserted user 59998be255629a8bad7ec6e2. -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "tobkle", role: "admin", id: "59998be255629a8bad7ec6e2", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-20 15:17:22 inserted user 59998be255629a8bad7ec6e3. -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "tobkle", role: "admin", id: "59998be255629a8bad7ec6e2", -Operation: "", variables: "", -Query: -{ - user(id: "59998be255629a8bad7ec6e3") { - username - bio - role - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "tobkle", role: "admin", id: "59998be255629a8bad7ec6e2", -Operation: "", variables: "", -Query: -{ - user(id: "59998be255629a8bad7ec6e2") { - username - role - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "tobkle", role: "admin", id: "59998be255629a8bad7ec6e2", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59998be255629a8bad7ec6e3", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:17:22 updated user 59998be255629a8bad7ec6e3. -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "tobkle", role: "admin", id: "59998be255629a8bad7ec6e2", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59998be255629a8bad7ec6e2", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:17:22 updated user 59998be255629a8bad7ec6e2. -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "tobkle", role: "admin", id: "59998be255629a8bad7ec6e2", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59998be255629a8bad7ec6e3", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:17:22 updated user 59998be255629a8bad7ec6e3. -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "tobkle", role: "admin", id: "59998be255629a8bad7ec6e2", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59998be255629a8bad7ec6e2", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:17:22 updated user 59998be255629a8bad7ec6e2. -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "tobkle", role: "editor", id: "59998be255629a8bad7ec6e2", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59998be255629a8bad7ec6e2", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998be255629a8bad7ec6e2" - } - ] -} -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-20 15:17:22 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998be255629a8bad7ec6e2" - } - ] -} -2017-08-20 15:17:22 updated user 59998be255629a8bad7ec6e2. -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "zoltan", role: "admin", id: "59998be255629a8bad7ec6e3", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59998be255629a8bad7ec6e2", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'zoltan' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'zoltan' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize update 'updateUser' with user 'zoltan' and role 'admin' is authorized -2017-08-20 15:17:22 updated user 59998be255629a8bad7ec6e2. -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "tobkle", role: "admin", id: "59998be255629a8bad7ec6e2", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59998be255629a8bad7ec6e3") -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:17:22 removed user 59998be255629a8bad7ec6e3. -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "tobkle", role: "admin", id: "59998be255629a8bad7ec6e2", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59998be255629a8bad7ec6e2", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-20 15:17:22 inserted tweet 59998be255629a8bad7ec6e4. -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "tobkle", role: "admin", id: "59998be255629a8bad7ec6e2", -Operation: "", variables: "", -Query: -{ - tweet(id: "59998be255629a8bad7ec6e4") { - author { - id - } - body - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "tobkle", role: "admin", id: "59998be255629a8bad7ec6e2", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:17:22 inserted tweet 59998be255629a8bad7ec6e5. -2017-08-20 15:17:22 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "tobkle", role: "admin", id: "59998be255629a8bad7ec6e2", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "tobkle", role: "admin", id: "59998be255629a8bad7ec6e2", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59998be255629a8bad7ec6e4", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:17:22 updated tweet 59998be255629a8bad7ec6e4. -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "tobkle", role: "admin", id: "59998be255629a8bad7ec6e2", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59998be255629a8bad7ec6e5", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:17:22 updated tweet 59998be255629a8bad7ec6e5. -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "tobkle", role: "admin", id: "59998be255629a8bad7ec6e2", -Operation: "", variables: "", -Query: -{ - tweet(id: "59998be255629a8bad7ec6e4") { - body - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "tobkle", role: "admin", id: "59998be255629a8bad7ec6e2", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59998be255629a8bad7ec6e4") -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:17:22 removed tweet 59998be255629a8bad7ec6e4. -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "tobkle", role: "admin", id: "59998be255629a8bad7ec6e2", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59998be255629a8bad7ec6e5") -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:17:22 removed tweet 59998be255629a8bad7ec6e5. -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "tobkle", role: "admin", id: "59998be255629a8bad7ec6e2", -Operation: "", variables: "", -Query: -{ - tweet(id: "59998be255629a8bad7ec6e4") { - body - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "tobkle", role: "admin", id: "59998be255629a8bad7ec6e2", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59998be255629a8bad7ec6e2") -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 15:17:22 removed user 59998be255629a8bad7ec6e2. -2017-08-20 15:17:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59998be255629a8bad7ec6e2") { - username - bio - role - } -} - -2017-08-20 15:17:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 15:17:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-20 15:17:22 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-08-20 15:17:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 15:17:22 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-20 15:17:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-20 15:17:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 15:17:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. -2017-08-20 15:17:22 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 15:17:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 15:17:22 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. -2017-08-20 15:17:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-20 15:17:22 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-20 15:17:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 15:17:22 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-20 15:17:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-20 15:17:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 15:17:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-20 15:17:22 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-20 15:17:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 15:17:22 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-20 15:17:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-20 15:17:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 15:17:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-20 15:17:22 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 15:17:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 15:17:22 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-20 15:17:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-20 15:17:22 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 15:17:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 15:17:22 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-20 15:17:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-20 15:17:22 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-20 15:17:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 15:17:22 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { - id - role - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:22 inserted user 59998be255629a8bad7ec6e6. -2017-08-20 15:17:22 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. -2017-08-20 15:17:22 Request: -User: "tobkle", role: "user", id: "59998be255629a8bad7ec6e6", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998be255629a8bad7ec6e6" - } - ] -} -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:17:22 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "tobkle", role: "user", id: "59998be255629a8bad7ec6e6", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998be255629a8bad7ec6e6" - } - ] -} -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "tobkle", role: "user", id: "59998be255629a8bad7ec6e6", -Operation: "", variables: "", -Query: -{ - user(id: "59998be255629a8bad7ec6e6") { - username - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998be255629a8bad7ec6e6" - } - ] -} -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "tobkle", role: "user", id: "59998be255629a8bad7ec6e6", -Operation: "", variables: "", -Query: -{ - user(id: "59998be255629a8bad7ec6e6") { - username - role - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998be255629a8bad7ec6e6" - } - ] -} -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "tobkle", role: "user", id: "59998be255629a8bad7ec6e6", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998be255629a8bad7ec6e6" - } - ] -} -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:17:22 ERROR update user not possible for 583291a1638566b3c5a92ca1. -2017-08-20 15:17:22 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998be255629a8bad7ec6e6" - } - ] -} -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "tobkle", role: "user", id: "59998be255629a8bad7ec6e6", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59998be255629a8bad7ec6e6", input: {username: "tobkle", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998be255629a8bad7ec6e6" - } - ] -} -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:17:22 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998be255629a8bad7ec6e6" - } - ] -} -2017-08-20 15:17:22 updated user 59998be255629a8bad7ec6e6. -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "tobkle", role: "user", id: "59998be255629a8bad7ec6e6", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59998be255629a8bad7ec6e6", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998be255629a8bad7ec6e6" - } - ] -} -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:17:22 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998be255629a8bad7ec6e6" - } - ] -} -2017-08-20 15:17:22 updated user 59998be255629a8bad7ec6e6. -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "tobkle", role: "user", id: "59998be255629a8bad7ec6e6", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998be255629a8bad7ec6e6" - } - ] -} -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:17:22 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998be255629a8bad7ec6e6" - } - ] -} -2017-08-20 15:17:22 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "tobkle", role: "user", id: "59998be255629a8bad7ec6e6", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59998be255629a8bad7ec6e6", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998be255629a8bad7ec6e6" - } - ] -} -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:17:22 Authorize create 'createTweet' with user 'tobkle' and role: 'user' is authorized by docRole. -2017-08-20 15:17:22 inserted tweet 59998be255629a8bad7ec6e7. -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. -2017-08-20 15:17:22 Request: -User: "tobkle", role: "user", id: "59998be255629a8bad7ec6e6", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998be255629a8bad7ec6e6" - } - ] -} -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:17:22 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "tobkle", role: "user", id: "59998be255629a8bad7ec6e6", -Operation: "", variables: "", -Query: -{ - tweet(id: "59998be255629a8bad7ec6e7") { - author { - id - } - body - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998be255629a8bad7ec6e6" - } - ] -} -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "tobkle", role: "user", id: "59998be255629a8bad7ec6e6", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998be255629a8bad7ec6e6" - } - ] -} -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "tobkle", role: "user", id: "59998be255629a8bad7ec6e6", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59998be255629a8bad7ec6e7", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998be255629a8bad7ec6e6" - } - ] -} -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:17:22 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59998be255629a8bad7ec6e6" - }, - { - "coauthorsIds": "59998be255629a8bad7ec6e6" - } - ] -} -2017-08-20 15:17:22 updated tweet 59998be255629a8bad7ec6e7. -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "tobkle", role: "user", id: "59998be255629a8bad7ec6e6", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998be255629a8bad7ec6e6" - } - ] -} -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:17:22 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59998be255629a8bad7ec6e6" - }, - { - "coauthorsIds": "59998be255629a8bad7ec6e6" - } - ] -} -2017-08-20 15:17:22 ERROR update tweet not possible for 583676d3618530145474e352. -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "tobkle", role: "user", id: "59998be255629a8bad7ec6e6", -Operation: "", variables: "", -Query: -{ - tweet(id: "59998be255629a8bad7ec6e7") { - body - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998be255629a8bad7ec6e6" - } - ] -} -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "tobkle", role: "user", id: "59998be255629a8bad7ec6e6", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59998be255629a8bad7ec6e7") -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998be255629a8bad7ec6e6" - } - ] -} -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:17:22 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59998be255629a8bad7ec6e6" - } - ] -} -2017-08-20 15:17:22 removed tweet 59998be255629a8bad7ec6e7. -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "tobkle", role: "user", id: "59998be255629a8bad7ec6e6", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998be255629a8bad7ec6e6" - } - ] -} -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:17:22 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59998be255629a8bad7ec6e6" - } - ] -} -2017-08-20 15:17:22 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "tobkle", role: "user", id: "59998be255629a8bad7ec6e6", -Operation: "", variables: "", -Query: -{ - tweet(id: "59998be255629a8bad7ec6e7") { - body - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998be255629a8bad7ec6e6" - } - ] -} -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "tobkle", role: "user", id: "59998be255629a8bad7ec6e6", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59998be255629a8bad7ec6e6") -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998be255629a8bad7ec6e6" - } - ] -} -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 15:17:22 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59998be255629a8bad7ec6e6" - } - ] -} -2017-08-20 15:17:22 removed user 59998be255629a8bad7ec6e6. -2017-08-20 15:17:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59998be255629a8bad7ec6e6") { - username - bio - role - } -} - -2017-08-20 15:17:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { - id - role - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:22 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-20 15:17:22 inserted user 59998be255629a8bad7ec6e8. -2017-08-20 15:17:22 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. -2017-08-20 15:17:22 Request: -User: "tobkle", role: "editor", id: "59998be255629a8bad7ec6e8", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998be255629a8bad7ec6e8" - } - ] -} -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-20 15:17:22 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "tobkle", role: "editor", id: "59998be255629a8bad7ec6e8", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998be255629a8bad7ec6e8" - } - ] -} -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "tobkle", role: "editor", id: "59998be255629a8bad7ec6e8", -Operation: "", variables: "", -Query: -{ - user(id: "59998be255629a8bad7ec6e8") { - username - role - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998be255629a8bad7ec6e8" - } - ] -} -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "tobkle", role: "editor", id: "59998be255629a8bad7ec6e8", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998be255629a8bad7ec6e8" - } - ] -} -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-20 15:17:22 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998be255629a8bad7ec6e8" - } - ] -} -2017-08-20 15:17:22 ERROR update user not possible for 583291a1638566b3c5a92ca1. -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "tobkle", role: "editor", id: "59998be255629a8bad7ec6e8", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59998be255629a8bad7ec6e8", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998be255629a8bad7ec6e8" - } - ] -} -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-20 15:17:22 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998be255629a8bad7ec6e8" - } - ] -} -2017-08-20 15:17:22 updated user 59998be255629a8bad7ec6e8. -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "tmeasday", role: "editor", id: "59998be255629a8bad7ec6e8", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59998be255629a8bad7ec6e8", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998be255629a8bad7ec6e8" - } - ] -} -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 15:17:22 Authorize update 'updateUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998be255629a8bad7ec6e8" - } - ] -} -2017-08-20 15:17:22 updated user 59998be255629a8bad7ec6e8. -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "tmeasday", role: "editor", id: "59998be255629a8bad7ec6e8", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998be255629a8bad7ec6e8" - } - ] -} -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 15:17:22 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998be255629a8bad7ec6e8" - } - ] -} -2017-08-20 15:17:22 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "tmeasday", role: "editor", id: "59998be255629a8bad7ec6e8", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59998be255629a8bad7ec6e8", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998be255629a8bad7ec6e8" - } - ] -} -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 15:17:22 inserted tweet 59998be255629a8bad7ec6e9. -2017-08-20 15:17:22 Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is authorized by docRole. -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. -2017-08-20 15:17:22 Request: -User: "tmeasday", role: "editor", id: "59998be255629a8bad7ec6e8", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998be255629a8bad7ec6e8" - } - ] -} -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 15:17:22 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "tmeasday", role: "editor", id: "59998be255629a8bad7ec6e8", -Operation: "", variables: "", -Query: -{ - tweet(id: "59998be255629a8bad7ec6e9") { - author { - id - } - body - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998be255629a8bad7ec6e8" - } - ] -} -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "tmeasday", role: "editor", id: "59998be255629a8bad7ec6e8", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998be255629a8bad7ec6e8" - } - ] -} -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "tmeasday", role: "editor", id: "59998be255629a8bad7ec6e8", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59998be255629a8bad7ec6e9", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998be255629a8bad7ec6e8" - } - ] -} -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 15:17:22 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "59998be255629a8bad7ec6e8" - }, - { - "coauthorsIds": "59998be255629a8bad7ec6e8" - } - ] -} -2017-08-20 15:17:22 updated tweet 59998be255629a8bad7ec6e9. -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "tmeasday", role: "editor", id: "59998be255629a8bad7ec6e8", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998be255629a8bad7ec6e8" - } - ] -} -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 15:17:22 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "59998be255629a8bad7ec6e8" - }, - { - "coauthorsIds": "59998be255629a8bad7ec6e8" - } - ] -} -2017-08-20 15:17:22 ERROR update tweet not possible for 583676d3618530145474e352. -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "tmeasday", role: "editor", id: "59998be255629a8bad7ec6e8", -Operation: "", variables: "", -Query: -{ - tweet(id: "59998be255629a8bad7ec6e9") { - body - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998be255629a8bad7ec6e8" - } - ] -} -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "tmeasday", role: "editor", id: "59998be255629a8bad7ec6e8", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59998be255629a8bad7ec6e9") -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998be255629a8bad7ec6e8" - } - ] -} -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 15:17:22 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "59998be255629a8bad7ec6e8" - } - ] -} -2017-08-20 15:17:22 removed tweet 59998be255629a8bad7ec6e9. -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "tmeasday", role: "editor", id: "59998be255629a8bad7ec6e8", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998be255629a8bad7ec6e8" - } - ] -} -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 15:17:22 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "59998be255629a8bad7ec6e8" - } - ] -} -2017-08-20 15:17:22 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "tmeasday", role: "editor", id: "59998be255629a8bad7ec6e8", -Operation: "", variables: "", -Query: -{ - tweet(id: "59998be255629a8bad7ec6e9") { - body - } -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998be255629a8bad7ec6e8" - } - ] -} -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "tmeasday", role: "editor", id: "59998be255629a8bad7ec6e8", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59998be255629a8bad7ec6e8") -} - -2017-08-20 15:17:22 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998be255629a8bad7ec6e8" - } - ] -} -2017-08-20 15:17:22 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59998be255629a8bad7ec6e8" - } - ] -} -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 15:17:22 removed user 59998be255629a8bad7ec6e8. -2017-08-20 15:17:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:17:22 -------------------------------------------------------------------------------- -2017-08-20 15:17:22 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59998be255629a8bad7ec6e8") { - username - bio - role - } -} - -2017-08-20 15:17:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 15:17:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 16:12:23 Logger started -2017-08-20 16:15:01 Logger started -2017-08-20 16:18:43 Logger started -2017-08-20 16:19:35 -------------------------------------------------------------------------------- -2017-08-20 16:19:35 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-20 16:19:35 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:19:35 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - role - username - } -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - role - username - } -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca2") { - role - username - } -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - id - username - bio - } -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users { - username - createdAt - } -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(limit: 1) { - username - createdAt - } -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993) { - username - createdAt - } -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers { - username - createdAt - } - } -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(limit: 1) { - username - createdAt - } - } -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following { - username - createdAt - } - } -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(limit: 1) { - username - createdAt - } - } -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets { - id - createdAt - } - } -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(limit: 1) { - id - createdAt - } - } -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } - } -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } - } -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked { - id - createdAt - } - } -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(limit: 1) { - id - createdAt - } - } -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334) { - id - createdAt - } - } -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334, limit: 1) { - id - createdAt - } - } -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - id - body - } -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - author { - username - } - } -} - -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets { - id - createdAt - } -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(limit: 1) { - id - createdAt - } -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers { - username - createdAt - } - } -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(limit: 1) { - username - createdAt - } - } -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993) { - username - createdAt - } - } -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } - } -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { - id - role - } -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-20 16:20:19 inserted user 59999aa37218399058b5442d. -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "tobkle", role: "admin", id: "59999aa37218399058b5442d", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 16:20:19 inserted user 59999aa37218399058b5442e. -2017-08-20 16:20:19 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "tobkle", role: "admin", id: "59999aa37218399058b5442d", -Operation: "", variables: "", -Query: -{ - user(id: "59999aa37218399058b5442e") { - username - bio - role - } -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "tobkle", role: "admin", id: "59999aa37218399058b5442d", -Operation: "", variables: "", -Query: -{ - user(id: "59999aa37218399058b5442d") { - username - role - } -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "tobkle", role: "admin", id: "59999aa37218399058b5442d", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59999aa37218399058b5442e", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 16:20:19 updated user 59999aa37218399058b5442e. -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "tobkle", role: "admin", id: "59999aa37218399058b5442d", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59999aa37218399058b5442d", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 16:20:19 updated user 59999aa37218399058b5442d. -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "tobkle", role: "admin", id: "59999aa37218399058b5442d", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59999aa37218399058b5442e", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 16:20:19 updated user 59999aa37218399058b5442e. -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "tobkle", role: "admin", id: "59999aa37218399058b5442d", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59999aa37218399058b5442d", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 16:20:19 updated user 59999aa37218399058b5442d. -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "tobkle", role: "editor", id: "59999aa37218399058b5442d", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59999aa37218399058b5442d", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59999aa37218399058b5442d" - } - ] -} -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-20 16:20:19 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59999aa37218399058b5442d" - } - ] -} -2017-08-20 16:20:19 updated user 59999aa37218399058b5442d. -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "zoltan", role: "admin", id: "59999aa37218399058b5442e", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59999aa37218399058b5442d", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'zoltan' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'zoltan' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize update 'updateUser' with user 'zoltan' and role 'admin' is authorized -2017-08-20 16:20:19 updated user 59999aa37218399058b5442d. -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "tobkle", role: "admin", id: "59999aa37218399058b5442d", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59999aa37218399058b5442e") -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 16:20:19 removed user 59999aa37218399058b5442e. -2017-08-20 16:20:19 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "tobkle", role: "admin", id: "59999aa37218399058b5442d", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59999aa37218399058b5442d", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-20 16:20:19 inserted tweet 59999aa37218399058b5442f. -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "tobkle", role: "admin", id: "59999aa37218399058b5442d", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-20 16:20:19 inserted tweet 59999aa37218399058b54430. -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "tobkle", role: "admin", id: "59999aa37218399058b5442d", -Operation: "", variables: "", -Query: -{ - tweet(id: "59999aa37218399058b5442f") { - author { - id - } - body - } -} - -2017-08-20 16:20:19 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "tobkle", role: "admin", id: "59999aa37218399058b5442d", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "tobkle", role: "admin", id: "59999aa37218399058b5442d", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59999aa37218399058b5442f", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-20 16:20:19 updated tweet 59999aa37218399058b5442f. -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "tobkle", role: "admin", id: "59999aa37218399058b5442d", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59999aa37218399058b54430", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-20 16:20:19 updated tweet 59999aa37218399058b54430. -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "tobkle", role: "admin", id: "59999aa37218399058b5442d", -Operation: "", variables: "", -Query: -{ - tweet(id: "59999aa37218399058b5442f") { - body - } -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "tobkle", role: "admin", id: "59999aa37218399058b5442d", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59999aa37218399058b5442f") -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-20 16:20:19 removed tweet 59999aa37218399058b5442f. -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "tobkle", role: "admin", id: "59999aa37218399058b5442d", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59999aa37218399058b54430") -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-20 16:20:19 removed tweet 59999aa37218399058b54430. -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "tobkle", role: "admin", id: "59999aa37218399058b5442d", -Operation: "", variables: "", -Query: -{ - tweet(id: "59999aa37218399058b5442f") { - body - } -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:19 Request: -User: "tobkle", role: "admin", id: "59999aa37218399058b5442d", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59999aa37218399058b5442d") -} - -2017-08-20 16:20:19 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-20 16:20:19 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-20 16:20:19 removed user 59999aa37218399058b5442d. -2017-08-20 16:20:19 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 16:20:19 -------------------------------------------------------------------------------- -2017-08-20 16:20:20 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59999aa37218399058b5442d") { - username - bio - role - } -} - -2017-08-20 16:20:19 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 16:20:19 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 16:20:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 16:20:20 -------------------------------------------------------------------------------- -2017-08-20 16:20:20 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-20 16:20:20 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-08-20 16:20:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 16:20:20 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-20 16:20:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 16:20:20 -------------------------------------------------------------------------------- -2017-08-20 16:20:20 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-20 16:20:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 16:20:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 16:20:20 -------------------------------------------------------------------------------- -2017-08-20 16:20:20 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. -2017-08-20 16:20:20 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 16:20:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 16:20:20 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. -2017-08-20 16:20:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 16:20:20 -------------------------------------------------------------------------------- -2017-08-20 16:20:20 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-20 16:20:20 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-20 16:20:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 16:20:20 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-20 16:20:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 16:20:20 -------------------------------------------------------------------------------- -2017-08-20 16:20:20 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-20 16:20:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 16:20:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 16:20:20 -------------------------------------------------------------------------------- -2017-08-20 16:20:20 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-20 16:20:20 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-20 16:20:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 16:20:20 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-20 16:20:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 16:20:20 -------------------------------------------------------------------------------- -2017-08-20 16:20:20 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-20 16:20:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 16:20:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 16:20:20 -------------------------------------------------------------------------------- -2017-08-20 16:20:20 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-20 16:20:20 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 16:20:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 16:20:20 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-20 16:20:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 16:20:20 -------------------------------------------------------------------------------- -2017-08-20 16:20:20 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-20 16:20:20 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 16:20:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 16:20:20 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-20 16:20:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 16:20:20 -------------------------------------------------------------------------------- -2017-08-20 16:20:20 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-20 16:20:20 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-20 16:20:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 16:20:20 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-20 16:20:20 -------------------------------------------------------------------------------- -2017-08-20 16:20:20 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { - id - role - } -} - -2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:20 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:20 inserted user 59999aa47218399058b54431. -2017-08-20 16:20:20 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-20 16:20:20 -------------------------------------------------------------------------------- -2017-08-20 16:20:20 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. -2017-08-20 16:20:20 Request: -User: "tobkle", role: "user", id: "59999aa47218399058b54431", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59999aa47218399058b54431" - } - ] -} -2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 16:20:20 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. -2017-08-20 16:20:20 -------------------------------------------------------------------------------- -2017-08-20 16:20:20 Request: -User: "tobkle", role: "user", id: "59999aa47218399058b54431", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59999aa47218399058b54431" - } - ] -} -2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 16:20:20 -------------------------------------------------------------------------------- -2017-08-20 16:20:20 Request: -User: "tobkle", role: "user", id: "59999aa47218399058b54431", -Operation: "", variables: "", -Query: -{ - user(id: "59999aa47218399058b54431") { - username - } -} - -2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59999aa47218399058b54431" - } - ] -} -2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 16:20:20 -------------------------------------------------------------------------------- -2017-08-20 16:20:20 Request: -User: "tobkle", role: "user", id: "59999aa47218399058b54431", -Operation: "", variables: "", -Query: -{ - user(id: "59999aa47218399058b54431") { - username - role - } -} - -2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59999aa47218399058b54431" - } - ] -} -2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 16:20:20 -------------------------------------------------------------------------------- -2017-08-20 16:20:20 Request: -User: "tobkle", role: "user", id: "59999aa47218399058b54431", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59999aa47218399058b54431" - } - ] -} -2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 16:20:20 ERROR update user not possible for 583291a1638566b3c5a92ca1. -2017-08-20 16:20:20 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59999aa47218399058b54431" - } - ] -} -2017-08-20 16:20:20 -------------------------------------------------------------------------------- -2017-08-20 16:20:20 Request: -User: "tobkle", role: "user", id: "59999aa47218399058b54431", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59999aa47218399058b54431", input: {username: "tobkle", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59999aa47218399058b54431" - } - ] -} -2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 16:20:20 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59999aa47218399058b54431" - } - ] -} -2017-08-20 16:20:20 updated user 59999aa47218399058b54431. -2017-08-20 16:20:20 -------------------------------------------------------------------------------- -2017-08-20 16:20:20 Request: -User: "tobkle", role: "user", id: "59999aa47218399058b54431", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59999aa47218399058b54431", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59999aa47218399058b54431" - } - ] -} -2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 16:20:20 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59999aa47218399058b54431" - } - ] -} -2017-08-20 16:20:20 updated user 59999aa47218399058b54431. -2017-08-20 16:20:20 -------------------------------------------------------------------------------- -2017-08-20 16:20:20 Request: -User: "tobkle", role: "user", id: "59999aa47218399058b54431", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59999aa47218399058b54431" - } - ] -} -2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 16:20:20 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59999aa47218399058b54431" - } - ] -} -2017-08-20 16:20:20 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-08-20 16:20:20 -------------------------------------------------------------------------------- -2017-08-20 16:20:20 Request: -User: "tobkle", role: "user", id: "59999aa47218399058b54431", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59999aa47218399058b54431", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59999aa47218399058b54431" - } - ] -} -2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 16:20:20 Authorize create 'createTweet' with user 'tobkle' and role: 'user' is authorized by docRole. -2017-08-20 16:20:20 inserted tweet 59999aa47218399058b54432. -2017-08-20 16:20:20 -------------------------------------------------------------------------------- -2017-08-20 16:20:20 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. -2017-08-20 16:20:20 Request: -User: "tobkle", role: "user", id: "59999aa47218399058b54431", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59999aa47218399058b54431" - } - ] -} -2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 16:20:20 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. -2017-08-20 16:20:20 -------------------------------------------------------------------------------- -2017-08-20 16:20:20 Request: -User: "tobkle", role: "user", id: "59999aa47218399058b54431", -Operation: "", variables: "", -Query: -{ - tweet(id: "59999aa47218399058b54432") { - author { - id - } - body - } -} - -2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59999aa47218399058b54431" - } - ] -} -2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 16:20:20 -------------------------------------------------------------------------------- -2017-08-20 16:20:20 Request: -User: "tobkle", role: "user", id: "59999aa47218399058b54431", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59999aa47218399058b54431" - } - ] -} -2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 16:20:20 -------------------------------------------------------------------------------- -2017-08-20 16:20:20 Request: -User: "tobkle", role: "user", id: "59999aa47218399058b54431", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59999aa47218399058b54432", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59999aa47218399058b54431" - } - ] -} -2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 16:20:20 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59999aa47218399058b54431" - }, - { - "coauthorsIds": "59999aa47218399058b54431" - } - ] -} -2017-08-20 16:20:20 updated tweet 59999aa47218399058b54432. -2017-08-20 16:20:20 -------------------------------------------------------------------------------- -2017-08-20 16:20:20 Request: -User: "tobkle", role: "user", id: "59999aa47218399058b54431", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59999aa47218399058b54431" - } - ] -} -2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 16:20:20 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59999aa47218399058b54431" - }, - { - "coauthorsIds": "59999aa47218399058b54431" - } - ] -} -2017-08-20 16:20:20 ERROR update tweet not possible for 583676d3618530145474e352. -2017-08-20 16:20:20 -------------------------------------------------------------------------------- -2017-08-20 16:20:20 Request: -User: "tobkle", role: "user", id: "59999aa47218399058b54431", -Operation: "", variables: "", -Query: -{ - tweet(id: "59999aa47218399058b54432") { - body - } -} - -2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59999aa47218399058b54431" - } - ] -} -2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 16:20:20 -------------------------------------------------------------------------------- -2017-08-20 16:20:20 Request: -User: "tobkle", role: "user", id: "59999aa47218399058b54431", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59999aa47218399058b54432") -} - -2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59999aa47218399058b54431" - } - ] -} -2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 16:20:20 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59999aa47218399058b54431" - } - ] -} -2017-08-20 16:20:20 removed tweet 59999aa47218399058b54432. -2017-08-20 16:20:20 -------------------------------------------------------------------------------- -2017-08-20 16:20:20 Request: -User: "tobkle", role: "user", id: "59999aa47218399058b54431", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59999aa47218399058b54431" - } - ] -} -2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 16:20:20 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59999aa47218399058b54431" - } - ] -} -2017-08-20 16:20:20 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-08-20 16:20:20 -------------------------------------------------------------------------------- -2017-08-20 16:20:20 Request: -User: "tobkle", role: "user", id: "59999aa47218399058b54431", -Operation: "", variables: "", -Query: -{ - tweet(id: "59999aa47218399058b54432") { - body - } -} - -2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59999aa47218399058b54431" - } - ] -} -2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 16:20:20 -------------------------------------------------------------------------------- -2017-08-20 16:20:20 Request: -User: "tobkle", role: "user", id: "59999aa47218399058b54431", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59999aa47218399058b54431") -} - -2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59999aa47218399058b54431" - } - ] -} -2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-20 16:20:20 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59999aa47218399058b54431" - } - ] -} -2017-08-20 16:20:20 removed user 59999aa47218399058b54431. -2017-08-20 16:20:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 16:20:20 -------------------------------------------------------------------------------- -2017-08-20 16:20:20 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59999aa47218399058b54431") { - username - bio - role - } -} - -2017-08-20 16:20:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 16:20:20 -------------------------------------------------------------------------------- -2017-08-20 16:20:20 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { - id - role - } -} - -2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:20 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-20 16:20:20 inserted user 59999aa47218399058b54433. -2017-08-20 16:20:20 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-20 16:20:20 -------------------------------------------------------------------------------- -2017-08-20 16:20:20 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. -2017-08-20 16:20:20 Request: -User: "tobkle", role: "editor", id: "59999aa47218399058b54433", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59999aa47218399058b54433" - } - ] -} -2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-20 16:20:20 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. -2017-08-20 16:20:20 -------------------------------------------------------------------------------- -2017-08-20 16:20:20 Request: -User: "tobkle", role: "editor", id: "59999aa47218399058b54433", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59999aa47218399058b54433" - } - ] -} -2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-20 16:20:20 -------------------------------------------------------------------------------- -2017-08-20 16:20:20 Request: -User: "tobkle", role: "editor", id: "59999aa47218399058b54433", -Operation: "", variables: "", -Query: -{ - user(id: "59999aa47218399058b54433") { - username - role - } -} - -2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59999aa47218399058b54433" - } - ] -} -2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-20 16:20:20 -------------------------------------------------------------------------------- -2017-08-20 16:20:20 Request: -User: "tobkle", role: "editor", id: "59999aa47218399058b54433", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59999aa47218399058b54433" - } - ] -} -2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-20 16:20:20 ERROR update user not possible for 583291a1638566b3c5a92ca1. -2017-08-20 16:20:20 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59999aa47218399058b54433" - } - ] -} -2017-08-20 16:20:20 -------------------------------------------------------------------------------- -2017-08-20 16:20:20 Request: -User: "tobkle", role: "editor", id: "59999aa47218399058b54433", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59999aa47218399058b54433", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59999aa47218399058b54433" - } - ] -} -2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-20 16:20:20 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59999aa47218399058b54433" - } - ] -} -2017-08-20 16:20:20 updated user 59999aa47218399058b54433. -2017-08-20 16:20:20 -------------------------------------------------------------------------------- -2017-08-20 16:20:20 Request: -User: "tmeasday", role: "editor", id: "59999aa47218399058b54433", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59999aa47218399058b54433", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59999aa47218399058b54433" - } - ] -} -2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 16:20:20 Authorize update 'updateUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59999aa47218399058b54433" - } - ] -} -2017-08-20 16:20:20 updated user 59999aa47218399058b54433. -2017-08-20 16:20:20 -------------------------------------------------------------------------------- -2017-08-20 16:20:20 Request: -User: "tmeasday", role: "editor", id: "59999aa47218399058b54433", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59999aa47218399058b54433" - } - ] -} -2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 16:20:20 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59999aa47218399058b54433" - } - ] -} -2017-08-20 16:20:20 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-08-20 16:20:20 -------------------------------------------------------------------------------- -2017-08-20 16:20:20 Request: -User: "tmeasday", role: "editor", id: "59999aa47218399058b54433", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59999aa47218399058b54433", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59999aa47218399058b54433" - } - ] -} -2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 16:20:20 Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is authorized by docRole. -2017-08-20 16:20:20 inserted tweet 59999aa47218399058b54434. -2017-08-20 16:20:20 -------------------------------------------------------------------------------- -2017-08-20 16:20:20 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. -2017-08-20 16:20:20 Request: -User: "tmeasday", role: "editor", id: "59999aa47218399058b54433", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59999aa47218399058b54433" - } - ] -} -2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 16:20:20 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. -2017-08-20 16:20:20 -------------------------------------------------------------------------------- -2017-08-20 16:20:20 Request: -User: "tmeasday", role: "editor", id: "59999aa47218399058b54433", -Operation: "", variables: "", -Query: -{ - tweet(id: "59999aa47218399058b54434") { - author { - id - } - body - } -} - -2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59999aa47218399058b54433" - } - ] -} -2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 16:20:20 -------------------------------------------------------------------------------- -2017-08-20 16:20:20 Request: -User: "tmeasday", role: "editor", id: "59999aa47218399058b54433", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59999aa47218399058b54433" - } - ] -} -2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 16:20:20 -------------------------------------------------------------------------------- -2017-08-20 16:20:20 Request: -User: "tmeasday", role: "editor", id: "59999aa47218399058b54433", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59999aa47218399058b54434", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59999aa47218399058b54433" - } - ] -} -2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 16:20:20 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "59999aa47218399058b54433" - }, - { - "coauthorsIds": "59999aa47218399058b54433" - } - ] -} -2017-08-20 16:20:20 updated tweet 59999aa47218399058b54434. -2017-08-20 16:20:20 -------------------------------------------------------------------------------- -2017-08-20 16:20:20 Request: -User: "tmeasday", role: "editor", id: "59999aa47218399058b54433", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59999aa47218399058b54433" - } - ] -} -2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 16:20:20 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "59999aa47218399058b54433" - }, - { - "coauthorsIds": "59999aa47218399058b54433" - } - ] -} -2017-08-20 16:20:20 ERROR update tweet not possible for 583676d3618530145474e352. -2017-08-20 16:20:20 -------------------------------------------------------------------------------- -2017-08-20 16:20:20 Request: -User: "tmeasday", role: "editor", id: "59999aa47218399058b54433", -Operation: "", variables: "", -Query: -{ - tweet(id: "59999aa47218399058b54434") { - body - } -} - -2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59999aa47218399058b54433" - } - ] -} -2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 16:20:20 -------------------------------------------------------------------------------- -2017-08-20 16:20:20 Request: -User: "tmeasday", role: "editor", id: "59999aa47218399058b54433", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59999aa47218399058b54434") -} - -2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59999aa47218399058b54433" - } - ] -} -2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 16:20:20 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "59999aa47218399058b54433" - } - ] -} -2017-08-20 16:20:20 removed tweet 59999aa47218399058b54434. -2017-08-20 16:20:20 -------------------------------------------------------------------------------- -2017-08-20 16:20:20 Request: -User: "tmeasday", role: "editor", id: "59999aa47218399058b54433", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59999aa47218399058b54433" - } - ] -} -2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 16:20:20 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "59999aa47218399058b54433" - } - ] -} -2017-08-20 16:20:20 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-08-20 16:20:20 -------------------------------------------------------------------------------- -2017-08-20 16:20:20 Request: -User: "tmeasday", role: "editor", id: "59999aa47218399058b54433", -Operation: "", variables: "", -Query: -{ - tweet(id: "59999aa47218399058b54434") { - body - } -} - -2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59999aa47218399058b54433" - } - ] -} -2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 16:20:20 -------------------------------------------------------------------------------- -2017-08-20 16:20:20 Request: -User: "tmeasday", role: "editor", id: "59999aa47218399058b54433", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59999aa47218399058b54433") -} - -2017-08-20 16:20:20 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59999aa47218399058b54433" - } - ] -} -2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-20 16:20:20 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59999aa47218399058b54433" - } - ] -} -2017-08-20 16:20:20 removed user 59999aa47218399058b54433. -2017-08-20 16:20:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 16:20:20 -------------------------------------------------------------------------------- -2017-08-20 16:20:20 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59999aa47218399058b54433") { - username - bio - role - } -} - -2017-08-20 16:20:20 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-20 16:20:20 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-20 16:22:28 Logger started -2017-08-20 16:23:16 Logger started -2017-08-20 16:23:27 Logger started -2017-08-25 19:39:58 Logger started -2017-08-25 19:40:49 -------------------------------------------------------------------------------- -2017-08-25 19:40:49 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-25 19:40:49 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:40:49 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:14 -------------------------------------------------------------------------------- -2017-08-25 19:41:14 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-25 19:41:14 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:14 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:14 -------------------------------------------------------------------------------- -2017-08-25 19:41:14 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - role - username - } -} - -2017-08-25 19:41:14 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:14 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:14 -------------------------------------------------------------------------------- -2017-08-25 19:41:14 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - role - username - } -} - -2017-08-25 19:41:14 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:14 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:14 -------------------------------------------------------------------------------- -2017-08-25 19:41:14 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca2") { - role - username - } -} - -2017-08-25 19:41:14 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:14 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:14 -------------------------------------------------------------------------------- -2017-08-25 19:41:14 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - id - username - bio - } -} - -2017-08-25 19:41:14 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:14 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:14 -------------------------------------------------------------------------------- -2017-08-25 19:41:14 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users { - username - createdAt - } -} - -2017-08-25 19:41:14 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:14 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:14 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:14 -------------------------------------------------------------------------------- -2017-08-25 19:41:14 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(limit: 1) { - username - createdAt - } -} - -2017-08-25 19:41:14 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:14 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:14 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:14 -------------------------------------------------------------------------------- -2017-08-25 19:41:14 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993) { - username - createdAt - } -} - -2017-08-25 19:41:14 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:14 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:14 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:14 -------------------------------------------------------------------------------- -2017-08-25 19:41:14 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } -} - -2017-08-25 19:41:14 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:14 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:14 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:14 -------------------------------------------------------------------------------- -2017-08-25 19:41:14 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers { - username - createdAt - } - } -} - -2017-08-25 19:41:14 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:14 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:14 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:14 -------------------------------------------------------------------------------- -2017-08-25 19:41:14 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(limit: 1) { - username - createdAt - } - } -} - -2017-08-25 19:41:14 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:14 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:14 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:14 -------------------------------------------------------------------------------- -2017-08-25 19:41:14 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-08-25 19:41:14 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:14 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:14 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-08-25 19:41:14 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:14 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following { - username - createdAt - } - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(limit: 1) { - username - createdAt - } - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets { - id - createdAt - } - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(limit: 1) { - id - createdAt - } - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked { - id - createdAt - } - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(limit: 1) { - id - createdAt - } - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334) { - id - createdAt - } - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334, limit: 1) { - id - createdAt - } - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - id - body - } -} - -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - author { - username - } - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets { - id - createdAt - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(limit: 1) { - id - createdAt - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers { - username - createdAt - } - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(limit: 1) { - username - createdAt - } - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993) { - username - createdAt - } - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { - id - role - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-25 19:41:15 inserted user 59a0613b1b8ffd322f99773f. -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "tobkle", role: "admin", id: "59a0613b1b8ffd322f99773f", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized -2017-08-25 19:41:15 inserted user 59a0613b1b8ffd322f997740. -2017-08-25 19:41:15 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "tobkle", role: "admin", id: "59a0613b1b8ffd322f99773f", -Operation: "", variables: "", -Query: -{ - user(id: "59a0613b1b8ffd322f997740") { - username - bio - role - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "tobkle", role: "admin", id: "59a0613b1b8ffd322f99773f", -Operation: "", variables: "", -Query: -{ - user(id: "59a0613b1b8ffd322f99773f") { - username - role - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "tobkle", role: "admin", id: "59a0613b1b8ffd322f99773f", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a0613b1b8ffd322f997740", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-25 19:41:15 updated user 59a0613b1b8ffd322f997740. -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "tobkle", role: "admin", id: "59a0613b1b8ffd322f99773f", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a0613b1b8ffd322f99773f", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-25 19:41:15 updated user 59a0613b1b8ffd322f99773f. -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "tobkle", role: "admin", id: "59a0613b1b8ffd322f99773f", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a0613b1b8ffd322f997740", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { - username - bio - role - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-25 19:41:15 updated user 59a0613b1b8ffd322f997740. -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "tobkle", role: "admin", id: "59a0613b1b8ffd322f99773f", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a0613b1b8ffd322f99773f", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-25 19:41:15 updated user 59a0613b1b8ffd322f99773f. -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "tobkle", role: "editor", id: "59a0613b1b8ffd322f99773f", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a0613b1b8ffd322f99773f", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a0613b1b8ffd322f99773f" - } - ] -} -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-25 19:41:15 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a0613b1b8ffd322f99773f" - } - ] -} -2017-08-25 19:41:15 updated user 59a0613b1b8ffd322f99773f. -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "zoltan", role: "admin", id: "59a0613b1b8ffd322f997740", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a0613b1b8ffd322f99773f", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'zoltan' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'zoltan' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize update 'updateUser' with user 'zoltan' and role 'admin' is authorized -2017-08-25 19:41:15 updated user 59a0613b1b8ffd322f99773f. -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "tobkle", role: "admin", id: "59a0613b1b8ffd322f99773f", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59a0613b1b8ffd322f997740") -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-25 19:41:15 removed user 59a0613b1b8ffd322f997740. -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "tobkle", role: "admin", id: "59a0613b1b8ffd322f99773f", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59a0613b1b8ffd322f99773f", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-25 19:41:15 inserted tweet 59a0613b1b8ffd322f997741. -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "tobkle", role: "admin", id: "59a0613b1b8ffd322f99773f", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "tobkle", role: "admin", id: "59a0613b1b8ffd322f99773f", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a0613b1b8ffd322f997741") { - author { - id - } - body - } -} - -2017-08-25 19:41:15 inserted tweet 59a0613b1b8ffd322f997742. -2017-08-25 19:41:15 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "tobkle", role: "admin", id: "59a0613b1b8ffd322f99773f", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "tobkle", role: "admin", id: "59a0613b1b8ffd322f99773f", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59a0613b1b8ffd322f997741", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-25 19:41:15 updated tweet 59a0613b1b8ffd322f997741. -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "tobkle", role: "admin", id: "59a0613b1b8ffd322f99773f", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59a0613b1b8ffd322f997742", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-25 19:41:15 updated tweet 59a0613b1b8ffd322f997742. -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "tobkle", role: "admin", id: "59a0613b1b8ffd322f99773f", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a0613b1b8ffd322f997741") { - body - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "tobkle", role: "admin", id: "59a0613b1b8ffd322f99773f", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59a0613b1b8ffd322f997741") -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-25 19:41:15 removed tweet 59a0613b1b8ffd322f997741. -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "tobkle", role: "admin", id: "59a0613b1b8ffd322f99773f", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59a0613b1b8ffd322f997742") -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-25 19:41:15 removed tweet 59a0613b1b8ffd322f997742. -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "tobkle", role: "admin", id: "59a0613b1b8ffd322f99773f", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a0613b1b8ffd322f997741") { - body - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "tobkle", role: "admin", id: "59a0613b1b8ffd322f99773f", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59a0613b1b8ffd322f99773f") -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-25 19:41:15 removed user 59a0613b1b8ffd322f99773f. -2017-08-25 19:41:15 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59a0613b1b8ffd322f99773f") { - username - bio - role - } -} - -2017-08-25 19:41:15 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-25 19:41:15 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-25 19:41:15 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-08-25 19:41:15 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-25 19:41:15 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-25 19:41:15 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-25 19:41:15 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-25 19:41:15 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. -2017-08-25 19:41:15 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-25 19:41:15 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-25 19:41:15 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. -2017-08-25 19:41:15 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-25 19:41:15 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-25 19:41:15 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-25 19:41:15 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-25 19:41:15 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-25 19:41:15 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-25 19:41:15 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-25 19:41:15 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-25 19:41:15 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-25 19:41:15 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-25 19:41:15 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-25 19:41:15 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-25 19:41:15 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-25 19:41:15 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-25 19:41:15 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-25 19:41:15 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-25 19:41:15 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-25 19:41:15 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-25 19:41:15 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-25 19:41:15 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-25 19:41:15 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-25 19:41:15 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-25 19:41:15 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-25 19:41:15 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { - id - role - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 inserted user 59a0613b1b8ffd322f997743. -2017-08-25 19:41:15 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. -2017-08-25 19:41:15 Request: -User: "tobkle", role: "user", id: "59a0613b1b8ffd322f997743", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a0613b1b8ffd322f997743" - } - ] -} -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-25 19:41:15 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "tobkle", role: "user", id: "59a0613b1b8ffd322f997743", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a0613b1b8ffd322f997743" - } - ] -} -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "tobkle", role: "user", id: "59a0613b1b8ffd322f997743", -Operation: "", variables: "", -Query: -{ - user(id: "59a0613b1b8ffd322f997743") { - username - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a0613b1b8ffd322f997743" - } - ] -} -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "tobkle", role: "user", id: "59a0613b1b8ffd322f997743", -Operation: "", variables: "", -Query: -{ - user(id: "59a0613b1b8ffd322f997743") { - username - role - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a0613b1b8ffd322f997743" - } - ] -} -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "tobkle", role: "user", id: "59a0613b1b8ffd322f997743", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a0613b1b8ffd322f997743" - } - ] -} -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-25 19:41:15 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a0613b1b8ffd322f997743" - } - ] -} -2017-08-25 19:41:15 ERROR update user not possible for 583291a1638566b3c5a92ca1. -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "tobkle", role: "user", id: "59a0613b1b8ffd322f997743", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a0613b1b8ffd322f997743", input: {username: "tobkle", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a0613b1b8ffd322f997743" - } - ] -} -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-25 19:41:15 updated user 59a0613b1b8ffd322f997743. -2017-08-25 19:41:15 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a0613b1b8ffd322f997743" - } - ] -} -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "tobkle", role: "user", id: "59a0613b1b8ffd322f997743", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a0613b1b8ffd322f997743", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a0613b1b8ffd322f997743" - } - ] -} -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-25 19:41:15 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a0613b1b8ffd322f997743" - } - ] -} -2017-08-25 19:41:15 updated user 59a0613b1b8ffd322f997743. -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "tobkle", role: "user", id: "59a0613b1b8ffd322f997743", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a0613b1b8ffd322f997743" - } - ] -} -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-25 19:41:15 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a0613b1b8ffd322f997743" - } - ] -} -2017-08-25 19:41:15 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "tobkle", role: "user", id: "59a0613b1b8ffd322f997743", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59a0613b1b8ffd322f997743", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a0613b1b8ffd322f997743" - } - ] -} -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-25 19:41:15 Authorize create 'createTweet' with user 'tobkle' and role: 'user' is authorized by docRole. -2017-08-25 19:41:15 inserted tweet 59a0613b1b8ffd322f997744. -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. -2017-08-25 19:41:15 Request: -User: "tobkle", role: "user", id: "59a0613b1b8ffd322f997743", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a0613b1b8ffd322f997743" - } - ] -} -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-25 19:41:15 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "tobkle", role: "user", id: "59a0613b1b8ffd322f997743", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a0613b1b8ffd322f997744") { - author { - id - } - body - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a0613b1b8ffd322f997743" - } - ] -} -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "tobkle", role: "user", id: "59a0613b1b8ffd322f997743", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a0613b1b8ffd322f997743" - } - ] -} -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "tobkle", role: "user", id: "59a0613b1b8ffd322f997743", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59a0613b1b8ffd322f997744", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a0613b1b8ffd322f997743" - } - ] -} -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-25 19:41:15 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59a0613b1b8ffd322f997743" - }, - { - "coauthorsIds": "59a0613b1b8ffd322f997743" - } - ] -} -2017-08-25 19:41:15 updated tweet 59a0613b1b8ffd322f997744. -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "tobkle", role: "user", id: "59a0613b1b8ffd322f997743", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a0613b1b8ffd322f997743" - } - ] -} -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-25 19:41:15 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59a0613b1b8ffd322f997743" - }, - { - "coauthorsIds": "59a0613b1b8ffd322f997743" - } - ] -} -2017-08-25 19:41:15 ERROR update tweet not possible for 583676d3618530145474e352. -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "tobkle", role: "user", id: "59a0613b1b8ffd322f997743", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a0613b1b8ffd322f997744") { - body - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a0613b1b8ffd322f997743" - } - ] -} -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "tobkle", role: "user", id: "59a0613b1b8ffd322f997743", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59a0613b1b8ffd322f997744") -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a0613b1b8ffd322f997743" - } - ] -} -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-25 19:41:15 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59a0613b1b8ffd322f997743" - } - ] -} -2017-08-25 19:41:15 removed tweet 59a0613b1b8ffd322f997744. -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "tobkle", role: "user", id: "59a0613b1b8ffd322f997743", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a0613b1b8ffd322f997743" - } - ] -} -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-25 19:41:15 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59a0613b1b8ffd322f997743" - } - ] -} -2017-08-25 19:41:15 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "tobkle", role: "user", id: "59a0613b1b8ffd322f997743", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a0613b1b8ffd322f997744") { - body - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a0613b1b8ffd322f997743" - } - ] -} -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "tobkle", role: "user", id: "59a0613b1b8ffd322f997743", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59a0613b1b8ffd322f997743") -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a0613b1b8ffd322f997743" - } - ] -} -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-25 19:41:15 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a0613b1b8ffd322f997743" - } - ] -} -2017-08-25 19:41:15 removed user 59a0613b1b8ffd322f997743. -2017-08-25 19:41:15 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59a0613b1b8ffd322f997743") { - username - bio - role - } -} - -2017-08-25 19:41:15 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { - id - role - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-25 19:41:15 inserted user 59a0613b1b8ffd322f997745. -2017-08-25 19:41:15 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. -2017-08-25 19:41:15 Request: -User: "tobkle", role: "editor", id: "59a0613b1b8ffd322f997745", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a0613b1b8ffd322f997745" - } - ] -} -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-25 19:41:15 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "tobkle", role: "editor", id: "59a0613b1b8ffd322f997745", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a0613b1b8ffd322f997745" - } - ] -} -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "tobkle", role: "editor", id: "59a0613b1b8ffd322f997745", -Operation: "", variables: "", -Query: -{ - user(id: "59a0613b1b8ffd322f997745") { - username - role - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a0613b1b8ffd322f997745" - } - ] -} -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-25 19:41:15 -------------------------------------------------------------------------------- -2017-08-25 19:41:15 Request: -User: "tobkle", role: "editor", id: "59a0613b1b8ffd322f997745", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-25 19:41:15 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a0613b1b8ffd322f997745" - } - ] -} -2017-08-25 19:41:15 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-25 19:41:15 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a0613b1b8ffd322f997745" - } - ] -} -2017-08-25 19:41:15 ERROR update user not possible for 583291a1638566b3c5a92ca1. -2017-08-25 19:41:16 -------------------------------------------------------------------------------- -2017-08-25 19:41:16 Request: -User: "tobkle", role: "editor", id: "59a0613b1b8ffd322f997745", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a0613b1b8ffd322f997745", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-08-25 19:41:16 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a0613b1b8ffd322f997745" - } - ] -} -2017-08-25 19:41:16 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-25 19:41:16 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a0613b1b8ffd322f997745" - } - ] -} -2017-08-25 19:41:16 updated user 59a0613b1b8ffd322f997745. -2017-08-25 19:41:16 -------------------------------------------------------------------------------- -2017-08-25 19:41:16 Request: -User: "tmeasday", role: "editor", id: "59a0613b1b8ffd322f997745", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a0613b1b8ffd322f997745", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-25 19:41:16 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a0613b1b8ffd322f997745" - } - ] -} -2017-08-25 19:41:16 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-25 19:41:16 Authorize update 'updateUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a0613b1b8ffd322f997745" - } - ] -} -2017-08-25 19:41:16 updated user 59a0613b1b8ffd322f997745. -2017-08-25 19:41:16 -------------------------------------------------------------------------------- -2017-08-25 19:41:16 Request: -User: "tmeasday", role: "editor", id: "59a0613b1b8ffd322f997745", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-25 19:41:16 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a0613b1b8ffd322f997745" - } - ] -} -2017-08-25 19:41:16 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-25 19:41:16 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a0613b1b8ffd322f997745" - } - ] -} -2017-08-25 19:41:16 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-08-25 19:41:16 -------------------------------------------------------------------------------- -2017-08-25 19:41:16 Request: -User: "tmeasday", role: "editor", id: "59a0613b1b8ffd322f997745", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59a0613b1b8ffd322f997745", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-25 19:41:16 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a0613b1b8ffd322f997745" - } - ] -} -2017-08-25 19:41:16 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-25 19:41:16 Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is authorized by docRole. -2017-08-25 19:41:16 inserted tweet 59a0613c1b8ffd322f997746. -2017-08-25 19:41:16 -------------------------------------------------------------------------------- -2017-08-25 19:41:16 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. -2017-08-25 19:41:16 Request: -User: "tmeasday", role: "editor", id: "59a0613b1b8ffd322f997745", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-25 19:41:16 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a0613b1b8ffd322f997745" - } - ] -} -2017-08-25 19:41:16 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-25 19:41:16 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. -2017-08-25 19:41:16 -------------------------------------------------------------------------------- -2017-08-25 19:41:16 Request: -User: "tmeasday", role: "editor", id: "59a0613b1b8ffd322f997745", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a0613c1b8ffd322f997746") { - author { - id - } - body - } -} - -2017-08-25 19:41:16 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a0613b1b8ffd322f997745" - } - ] -} -2017-08-25 19:41:16 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-25 19:41:16 -------------------------------------------------------------------------------- -2017-08-25 19:41:16 Request: -User: "tmeasday", role: "editor", id: "59a0613b1b8ffd322f997745", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-25 19:41:16 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a0613b1b8ffd322f997745" - } - ] -} -2017-08-25 19:41:16 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-25 19:41:16 -------------------------------------------------------------------------------- -2017-08-25 19:41:16 Request: -User: "tmeasday", role: "editor", id: "59a0613b1b8ffd322f997745", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59a0613c1b8ffd322f997746", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-25 19:41:16 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a0613b1b8ffd322f997745" - } - ] -} -2017-08-25 19:41:16 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-25 19:41:16 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "59a0613b1b8ffd322f997745" - }, - { - "coauthorsIds": "59a0613b1b8ffd322f997745" - } - ] -} -2017-08-25 19:41:16 updated tweet 59a0613c1b8ffd322f997746. -2017-08-25 19:41:16 -------------------------------------------------------------------------------- -2017-08-25 19:41:16 Request: -User: "tmeasday", role: "editor", id: "59a0613b1b8ffd322f997745", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-25 19:41:16 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a0613b1b8ffd322f997745" - } - ] -} -2017-08-25 19:41:16 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "59a0613b1b8ffd322f997745" - }, - { - "coauthorsIds": "59a0613b1b8ffd322f997745" - } - ] -} -2017-08-25 19:41:16 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-25 19:41:16 ERROR update tweet not possible for 583676d3618530145474e352. -2017-08-25 19:41:16 -------------------------------------------------------------------------------- -2017-08-25 19:41:16 Request: -User: "tmeasday", role: "editor", id: "59a0613b1b8ffd322f997745", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a0613c1b8ffd322f997746") { - body - } -} - -2017-08-25 19:41:16 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a0613b1b8ffd322f997745" - } - ] -} -2017-08-25 19:41:16 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-25 19:41:16 -------------------------------------------------------------------------------- -2017-08-25 19:41:16 Request: -User: "tmeasday", role: "editor", id: "59a0613b1b8ffd322f997745", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59a0613c1b8ffd322f997746") -} - -2017-08-25 19:41:16 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a0613b1b8ffd322f997745" - } - ] -} -2017-08-25 19:41:16 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-25 19:41:16 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "59a0613b1b8ffd322f997745" - } - ] -} -2017-08-25 19:41:16 removed tweet 59a0613c1b8ffd322f997746. -2017-08-25 19:41:16 -------------------------------------------------------------------------------- -2017-08-25 19:41:16 Request: -User: "tmeasday", role: "editor", id: "59a0613b1b8ffd322f997745", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-25 19:41:16 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a0613b1b8ffd322f997745" - } - ] -} -2017-08-25 19:41:16 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-25 19:41:16 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "59a0613b1b8ffd322f997745" - } - ] -} -2017-08-25 19:41:16 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-08-25 19:41:16 -------------------------------------------------------------------------------- -2017-08-25 19:41:16 Request: -User: "tmeasday", role: "editor", id: "59a0613b1b8ffd322f997745", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a0613c1b8ffd322f997746") { - body - } -} - -2017-08-25 19:41:16 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a0613b1b8ffd322f997745" - } - ] -} -2017-08-25 19:41:16 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-25 19:41:16 -------------------------------------------------------------------------------- -2017-08-25 19:41:16 Request: -User: "tmeasday", role: "editor", id: "59a0613b1b8ffd322f997745", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59a0613b1b8ffd322f997745") -} - -2017-08-25 19:41:16 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a0613b1b8ffd322f997745" - } - ] -} -2017-08-25 19:41:16 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-25 19:41:16 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a0613b1b8ffd322f997745" - } - ] -} -2017-08-25 19:41:16 removed user 59a0613b1b8ffd322f997745. -2017-08-25 19:41:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-25 19:41:16 -------------------------------------------------------------------------------- -2017-08-25 19:41:16 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59a0613b1b8ffd322f997745") { - username - bio - role - } -} - -2017-08-25 19:41:16 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-25 19:41:16 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-26 10:51:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 10:51:05 -------------------------------------------------------------------------------- -2017-08-26 10:51:05 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -query IntrospectionQuery { - __schema { - queryType { - name - } - mutationType { - name - } - subscriptionType { - name - } - types { - ...FullType - } - directives { - name - description - locations - args { - ...InputValue - } - } - } -} - -fragment FullType on __Type { - kind - name - description - fields(includeDeprecated: true) { - name - description - args { - ...InputValue - } - type { - ...TypeRef - } - isDeprecated - deprecationReason - } - inputFields { - ...InputValue - } - interfaces { - ...TypeRef - } - enumValues(includeDeprecated: true) { - name - description - isDeprecated - deprecationReason - } - possibleTypes { - ...TypeRef - } -} - -fragment InputValue on __InputValue { - name - description - type { - ...TypeRef - } - defaultValue -} - -fragment TypeRef on __Type { - kind - name - ofType { - kind - name - ofType { - kind - name - ofType { - kind - name - ofType { - kind - name - ofType { - kind - name - ofType { - kind - name - ofType { - kind - name - } - } - } - } - } - } - } -} - -2017-08-26 10:51:05 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 10:51:05 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-26 10:51:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 10:51:09 -------------------------------------------------------------------------------- -2017-08-26 10:51:09 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -query IntrospectionQuery { - __schema { - queryType { - name - } - mutationType { - name - } - subscriptionType { - name - } - types { - ...FullType - } - directives { - name - description - locations - args { - ...InputValue - } - } - } -} - -fragment FullType on __Type { - kind - name - description - fields(includeDeprecated: true) { - name - description - args { - ...InputValue - } - type { - ...TypeRef - } - isDeprecated - deprecationReason - } - inputFields { - ...InputValue - } - interfaces { - ...TypeRef - } - enumValues(includeDeprecated: true) { - name - description - isDeprecated - deprecationReason - } - possibleTypes { - ...TypeRef - } -} - -fragment InputValue on __InputValue { - name - description - type { - ...TypeRef - } - defaultValue -} - -fragment TypeRef on __Type { - kind - name - ofType { - kind - name - ofType { - kind - name - ofType { - kind - name - ofType { - kind - name - ofType { - kind - name - ofType { - kind - name - ofType { - kind - name - } - } - } - } - } - } - } -} - -2017-08-26 10:51:09 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 10:51:09 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-26 10:51:12 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 10:51:12 -------------------------------------------------------------------------------- -2017-08-26 10:51:12 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 10:51:12 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-26 10:51:36 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 10:51:36 -------------------------------------------------------------------------------- -2017-08-26 10:51:36 Request: -User: "", role: "", id: "", -Operation: "", variables: "{}", -Query: -{ - tweets { - id - body - } -} - -2017-08-26 10:51:36 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 10:51:36 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-26 10:51:36 Authorize readMany 'tweets' with user '' and role '' is authorized -2017-08-26 10:56:01 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 10:56:01 -------------------------------------------------------------------------------- -2017-08-26 10:56:01 ERROR Authorize readMany 'users' with user '' and role: 'null' is not authorized. -2017-08-26 10:56:01 Request: -User: "", role: "", id: "", -Operation: "", variables: "{}", -Query: -{ - users { - id - } -} - -2017-08-26 10:56:01 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 10:56:01 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-26 10:56:01 ERROR Authorize readMany 'users' with user '' and role: 'null' is not authorized. -2017-08-26 13:56:20 Logger started -2017-08-26 13:59:02 -------------------------------------------------------------------------------- -2017-08-26 13:59:02 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-26 13:59:02 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:02 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 -------------------------------------------------------------------------------- -2017-08-26 13:59:26 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 -------------------------------------------------------------------------------- -2017-08-26 13:59:26 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - role - username - } -} - -2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 -------------------------------------------------------------------------------- -2017-08-26 13:59:26 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - role - username - } -} - -2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 -------------------------------------------------------------------------------- -2017-08-26 13:59:26 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca2") { - role - username - } -} - -2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 -------------------------------------------------------------------------------- -2017-08-26 13:59:26 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - id - username - bio - } -} - -2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 -------------------------------------------------------------------------------- -2017-08-26 13:59:26 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users { - username - createdAt - } -} - -2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 -------------------------------------------------------------------------------- -2017-08-26 13:59:26 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(limit: 1) { - username - createdAt - } -} - -2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 -------------------------------------------------------------------------------- -2017-08-26 13:59:26 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993) { - username - createdAt - } -} - -2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 -------------------------------------------------------------------------------- -2017-08-26 13:59:26 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } -} - -2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 -------------------------------------------------------------------------------- -2017-08-26 13:59:26 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers { - username - createdAt - } - } -} - -2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 -------------------------------------------------------------------------------- -2017-08-26 13:59:26 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(limit: 1) { - username - createdAt - } - } -} - -2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 -------------------------------------------------------------------------------- -2017-08-26 13:59:26 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 -------------------------------------------------------------------------------- -2017-08-26 13:59:26 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 -------------------------------------------------------------------------------- -2017-08-26 13:59:26 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following { - username - createdAt - } - } -} - -2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 -------------------------------------------------------------------------------- -2017-08-26 13:59:26 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(limit: 1) { - username - createdAt - } - } -} - -2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 -------------------------------------------------------------------------------- -2017-08-26 13:59:26 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 -------------------------------------------------------------------------------- -2017-08-26 13:59:26 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 -------------------------------------------------------------------------------- -2017-08-26 13:59:26 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets { - id - createdAt - } - } -} - -2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 -------------------------------------------------------------------------------- -2017-08-26 13:59:26 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(limit: 1) { - id - createdAt - } - } -} - -2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 -------------------------------------------------------------------------------- -2017-08-26 13:59:26 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } - } -} - -2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 -------------------------------------------------------------------------------- -2017-08-26 13:59:26 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } - } -} - -2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 -------------------------------------------------------------------------------- -2017-08-26 13:59:26 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked { - id - createdAt - } - } -} - -2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 -------------------------------------------------------------------------------- -2017-08-26 13:59:26 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(limit: 1) { - id - createdAt - } - } -} - -2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 -------------------------------------------------------------------------------- -2017-08-26 13:59:26 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334) { - id - createdAt - } - } -} - -2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 -------------------------------------------------------------------------------- -2017-08-26 13:59:26 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334, limit: 1) { - id - createdAt - } - } -} - -2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 -------------------------------------------------------------------------------- -2017-08-26 13:59:26 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - id - body - } -} - -2017-08-26 13:59:26 -------------------------------------------------------------------------------- -2017-08-26 13:59:26 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - author { - username - } - } -} - -2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 -------------------------------------------------------------------------------- -2017-08-26 13:59:26 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets { - id - createdAt - } -} - -2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 -------------------------------------------------------------------------------- -2017-08-26 13:59:26 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(limit: 1) { - id - createdAt - } -} - -2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 -------------------------------------------------------------------------------- -2017-08-26 13:59:26 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } -} - -2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 -------------------------------------------------------------------------------- -2017-08-26 13:59:26 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } -} - -2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 -------------------------------------------------------------------------------- -2017-08-26 13:59:26 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers { - username - createdAt - } - } -} - -2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 -------------------------------------------------------------------------------- -2017-08-26 13:59:26 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(limit: 1) { - username - createdAt - } - } -} - -2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 -------------------------------------------------------------------------------- -2017-08-26 13:59:26 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993) { - username - createdAt - } - } -} - -2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 -------------------------------------------------------------------------------- -2017-08-26 13:59:26 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } - } -} - -2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 -------------------------------------------------------------------------------- -2017-08-26 13:59:26 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { - id - role - } -} - -2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-26 13:59:26 inserted user 59a1629e423109630b4dfcec. -2017-08-26 13:59:26 -------------------------------------------------------------------------------- -2017-08-26 13:59:26 Request: -User: "tobkle", role: "admin", id: "59a1629e423109630b4dfcec", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized -2017-08-26 13:59:26 inserted user 59a1629e423109630b4dfced. -2017-08-26 13:59:26 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-26 13:59:26 -------------------------------------------------------------------------------- -2017-08-26 13:59:26 Request: -User: "tobkle", role: "admin", id: "59a1629e423109630b4dfcec", -Operation: "", variables: "", -Query: -{ - user(id: "59a1629e423109630b4dfced") { - username - bio - role - } -} - -2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 13:59:26 -------------------------------------------------------------------------------- -2017-08-26 13:59:26 Request: -User: "tobkle", role: "admin", id: "59a1629e423109630b4dfcec", -Operation: "", variables: "", -Query: -{ - user(id: "59a1629e423109630b4dfcec") { - username - role - } -} - -2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 13:59:26 -------------------------------------------------------------------------------- -2017-08-26 13:59:26 Request: -User: "tobkle", role: "admin", id: "59a1629e423109630b4dfcec", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a1629e423109630b4dfced", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-26 13:59:26 updated user 59a1629e423109630b4dfced. -2017-08-26 13:59:26 -------------------------------------------------------------------------------- -2017-08-26 13:59:26 Request: -User: "tobkle", role: "admin", id: "59a1629e423109630b4dfcec", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a1629e423109630b4dfcec", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-26 13:59:26 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 13:59:26 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-26 13:59:26 updated user 59a1629e423109630b4dfcec. -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "tobkle", role: "admin", id: "59a1629e423109630b4dfcec", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a1629e423109630b4dfced", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { - username - bio - role - } -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 13:59:27 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-26 13:59:27 updated user 59a1629e423109630b4dfced. -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "tobkle", role: "admin", id: "59a1629e423109630b4dfcec", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a1629e423109630b4dfcec", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 13:59:27 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-26 13:59:27 updated user 59a1629e423109630b4dfcec. -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "tobkle", role: "editor", id: "59a1629e423109630b4dfcec", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a1629e423109630b4dfcec", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1629e423109630b4dfcec" - } - ] -} -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-26 13:59:27 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1629e423109630b4dfcec" - } - ] -} -2017-08-26 13:59:27 updated user 59a1629e423109630b4dfcec. -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "zoltan", role: "admin", id: "59a1629e423109630b4dfced", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a1629e423109630b4dfcec", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'zoltan' and role 'admin' is authorized -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'zoltan' and role 'admin' is authorized -2017-08-26 13:59:27 Authorize update 'updateUser' with user 'zoltan' and role 'admin' is authorized -2017-08-26 13:59:27 updated user 59a1629e423109630b4dfcec. -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "tobkle", role: "admin", id: "59a1629e423109630b4dfcec", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59a1629e423109630b4dfced") -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 13:59:27 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-26 13:59:27 removed user 59a1629e423109630b4dfced. -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "tobkle", role: "admin", id: "59a1629e423109630b4dfcec", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59a1629e423109630b4dfcec", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 13:59:27 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-26 13:59:27 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-26 13:59:27 inserted tweet 59a1629f423109630b4dfcee. -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "tobkle", role: "admin", id: "59a1629e423109630b4dfcec", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "tobkle", role: "admin", id: "59a1629e423109630b4dfcec", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a1629f423109630b4dfcee") { - author { - id - } - body - } -} - -2017-08-26 13:59:27 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-26 13:59:27 inserted tweet 59a1629f423109630b4dfcef. -2017-08-26 13:59:27 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "tobkle", role: "admin", id: "59a1629e423109630b4dfcec", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "tobkle", role: "admin", id: "59a1629e423109630b4dfcec", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59a1629f423109630b4dfcee", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 13:59:27 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-26 13:59:27 updated tweet 59a1629f423109630b4dfcee. -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "tobkle", role: "admin", id: "59a1629e423109630b4dfcec", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59a1629f423109630b4dfcef", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 13:59:27 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-26 13:59:27 updated tweet 59a1629f423109630b4dfcef. -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "tobkle", role: "admin", id: "59a1629e423109630b4dfcec", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a1629f423109630b4dfcee") { - body - } -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "tobkle", role: "admin", id: "59a1629e423109630b4dfcec", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59a1629f423109630b4dfcee") -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 13:59:27 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-26 13:59:27 removed tweet 59a1629f423109630b4dfcee. -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "tobkle", role: "admin", id: "59a1629e423109630b4dfcec", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59a1629f423109630b4dfcef") -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 13:59:27 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-26 13:59:27 removed tweet 59a1629f423109630b4dfcef. -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "tobkle", role: "admin", id: "59a1629e423109630b4dfcec", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a1629f423109630b4dfcee") { - body - } -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "tobkle", role: "admin", id: "59a1629e423109630b4dfcec", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59a1629e423109630b4dfcec") -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 13:59:27 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-26 13:59:27 removed user 59a1629e423109630b4dfcec. -2017-08-26 13:59:27 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59a1629e423109630b4dfcec") { - username - bio - role - } -} - -2017-08-26 13:59:27 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-26 13:59:27 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-26 13:59:27 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-08-26 13:59:27 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-26 13:59:27 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-26 13:59:27 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-26 13:59:27 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-26 13:59:27 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. -2017-08-26 13:59:27 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-26 13:59:27 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-26 13:59:27 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. -2017-08-26 13:59:27 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-26 13:59:27 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-26 13:59:27 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-26 13:59:27 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-26 13:59:27 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-26 13:59:27 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-26 13:59:27 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-26 13:59:27 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-26 13:59:27 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-26 13:59:27 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-26 13:59:27 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-26 13:59:27 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-26 13:59:27 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-26 13:59:27 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-26 13:59:27 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-26 13:59:27 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-26 13:59:27 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-26 13:59:27 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-26 13:59:27 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-26 13:59:27 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-26 13:59:27 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-26 13:59:27 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-26 13:59:27 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-26 13:59:27 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { - id - role - } -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:27 inserted user 59a1629f423109630b4dfcf0. -2017-08-26 13:59:27 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:27 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. -2017-08-26 13:59:27 Request: -User: "tobkle", role: "user", id: "59a1629f423109630b4dfcf0", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1629f423109630b4dfcf0" - } - ] -} -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 13:59:27 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "tobkle", role: "user", id: "59a1629f423109630b4dfcf0", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1629f423109630b4dfcf0" - } - ] -} -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "tobkle", role: "user", id: "59a1629f423109630b4dfcf0", -Operation: "", variables: "", -Query: -{ - user(id: "59a1629f423109630b4dfcf0") { - username - } -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1629f423109630b4dfcf0" - } - ] -} -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "tobkle", role: "user", id: "59a1629f423109630b4dfcf0", -Operation: "", variables: "", -Query: -{ - user(id: "59a1629f423109630b4dfcf0") { - username - role - } -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1629f423109630b4dfcf0" - } - ] -} -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "tobkle", role: "user", id: "59a1629f423109630b4dfcf0", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1629f423109630b4dfcf0" - } - ] -} -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 13:59:27 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1629f423109630b4dfcf0" - } - ] -} -2017-08-26 13:59:27 ERROR update user not possible for 583291a1638566b3c5a92ca1. -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "tobkle", role: "user", id: "59a1629f423109630b4dfcf0", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a1629f423109630b4dfcf0", input: {username: "tobkle", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1629f423109630b4dfcf0" - } - ] -} -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 13:59:27 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1629f423109630b4dfcf0" - } - ] -} -2017-08-26 13:59:27 updated user 59a1629f423109630b4dfcf0. -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "tobkle", role: "user", id: "59a1629f423109630b4dfcf0", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a1629f423109630b4dfcf0", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1629f423109630b4dfcf0" - } - ] -} -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 13:59:27 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1629f423109630b4dfcf0" - } - ] -} -2017-08-26 13:59:27 updated user 59a1629f423109630b4dfcf0. -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "tobkle", role: "user", id: "59a1629f423109630b4dfcf0", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1629f423109630b4dfcf0" - } - ] -} -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 13:59:27 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1629f423109630b4dfcf0" - } - ] -} -2017-08-26 13:59:27 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "tobkle", role: "user", id: "59a1629f423109630b4dfcf0", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59a1629f423109630b4dfcf0", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1629f423109630b4dfcf0" - } - ] -} -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 13:59:27 Authorize create 'createTweet' with user 'tobkle' and role: 'user' is authorized by docRole. -2017-08-26 13:59:27 inserted tweet 59a1629f423109630b4dfcf1. -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. -2017-08-26 13:59:27 Request: -User: "tobkle", role: "user", id: "59a1629f423109630b4dfcf0", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1629f423109630b4dfcf0" - } - ] -} -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 13:59:27 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "tobkle", role: "user", id: "59a1629f423109630b4dfcf0", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a1629f423109630b4dfcf1") { - author { - id - } - body - } -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1629f423109630b4dfcf0" - } - ] -} -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "tobkle", role: "user", id: "59a1629f423109630b4dfcf0", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1629f423109630b4dfcf0" - } - ] -} -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "tobkle", role: "user", id: "59a1629f423109630b4dfcf0", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59a1629f423109630b4dfcf1", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1629f423109630b4dfcf0" - } - ] -} -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 13:59:27 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59a1629f423109630b4dfcf0" - }, - { - "coauthorsIds": "59a1629f423109630b4dfcf0" - } - ] -} -2017-08-26 13:59:27 updated tweet 59a1629f423109630b4dfcf1. -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "tobkle", role: "user", id: "59a1629f423109630b4dfcf0", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1629f423109630b4dfcf0" - } - ] -} -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 13:59:27 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59a1629f423109630b4dfcf0" - }, - { - "coauthorsIds": "59a1629f423109630b4dfcf0" - } - ] -} -2017-08-26 13:59:27 ERROR update tweet not possible for 583676d3618530145474e352. -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "tobkle", role: "user", id: "59a1629f423109630b4dfcf0", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a1629f423109630b4dfcf1") { - body - } -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1629f423109630b4dfcf0" - } - ] -} -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "tobkle", role: "user", id: "59a1629f423109630b4dfcf0", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59a1629f423109630b4dfcf1") -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1629f423109630b4dfcf0" - } - ] -} -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 13:59:27 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59a1629f423109630b4dfcf0" - } - ] -} -2017-08-26 13:59:27 removed tweet 59a1629f423109630b4dfcf1. -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "tobkle", role: "user", id: "59a1629f423109630b4dfcf0", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1629f423109630b4dfcf0" - } - ] -} -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 13:59:27 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59a1629f423109630b4dfcf0" - } - ] -} -2017-08-26 13:59:27 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "tobkle", role: "user", id: "59a1629f423109630b4dfcf0", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a1629f423109630b4dfcf1") { - body - } -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1629f423109630b4dfcf0" - } - ] -} -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "tobkle", role: "user", id: "59a1629f423109630b4dfcf0", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59a1629f423109630b4dfcf0") -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1629f423109630b4dfcf0" - } - ] -} -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 13:59:27 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1629f423109630b4dfcf0" - } - ] -} -2017-08-26 13:59:27 removed user 59a1629f423109630b4dfcf0. -2017-08-26 13:59:27 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59a1629f423109630b4dfcf0") { - username - bio - role - } -} - -2017-08-26 13:59:27 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { - id - role - } -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:27 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-26 13:59:27 inserted user 59a1629f423109630b4dfcf2. -2017-08-26 13:59:27 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. -2017-08-26 13:59:27 Request: -User: "tobkle", role: "editor", id: "59a1629f423109630b4dfcf2", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1629f423109630b4dfcf2" - } - ] -} -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-26 13:59:27 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "tobkle", role: "editor", id: "59a1629f423109630b4dfcf2", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1629f423109630b4dfcf2" - } - ] -} -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "tobkle", role: "editor", id: "59a1629f423109630b4dfcf2", -Operation: "", variables: "", -Query: -{ - user(id: "59a1629f423109630b4dfcf2") { - username - role - } -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1629f423109630b4dfcf2" - } - ] -} -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "tobkle", role: "editor", id: "59a1629f423109630b4dfcf2", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1629f423109630b4dfcf2" - } - ] -} -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-26 13:59:27 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1629f423109630b4dfcf2" - } - ] -} -2017-08-26 13:59:27 ERROR update user not possible for 583291a1638566b3c5a92ca1. -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "tobkle", role: "editor", id: "59a1629f423109630b4dfcf2", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a1629f423109630b4dfcf2", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1629f423109630b4dfcf2" - } - ] -} -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-26 13:59:27 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1629f423109630b4dfcf2" - } - ] -} -2017-08-26 13:59:27 updated user 59a1629f423109630b4dfcf2. -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "tmeasday", role: "editor", id: "59a1629f423109630b4dfcf2", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a1629f423109630b4dfcf2", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1629f423109630b4dfcf2" - } - ] -} -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-26 13:59:27 Authorize update 'updateUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1629f423109630b4dfcf2" - } - ] -} -2017-08-26 13:59:27 updated user 59a1629f423109630b4dfcf2. -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "tmeasday", role: "editor", id: "59a1629f423109630b4dfcf2", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1629f423109630b4dfcf2" - } - ] -} -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-26 13:59:27 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1629f423109630b4dfcf2" - } - ] -} -2017-08-26 13:59:27 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "tmeasday", role: "editor", id: "59a1629f423109630b4dfcf2", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59a1629f423109630b4dfcf2", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1629f423109630b4dfcf2" - } - ] -} -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-26 13:59:27 Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is authorized by docRole. -2017-08-26 13:59:27 inserted tweet 59a1629f423109630b4dfcf3. -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. -2017-08-26 13:59:27 Request: -User: "tmeasday", role: "editor", id: "59a1629f423109630b4dfcf2", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1629f423109630b4dfcf2" - } - ] -} -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-26 13:59:27 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "tmeasday", role: "editor", id: "59a1629f423109630b4dfcf2", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a1629f423109630b4dfcf3") { - author { - id - } - body - } -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1629f423109630b4dfcf2" - } - ] -} -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "tmeasday", role: "editor", id: "59a1629f423109630b4dfcf2", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1629f423109630b4dfcf2" - } - ] -} -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "tmeasday", role: "editor", id: "59a1629f423109630b4dfcf2", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59a1629f423109630b4dfcf3", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1629f423109630b4dfcf2" - } - ] -} -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-26 13:59:27 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "59a1629f423109630b4dfcf2" - }, - { - "coauthorsIds": "59a1629f423109630b4dfcf2" - } - ] -} -2017-08-26 13:59:27 updated tweet 59a1629f423109630b4dfcf3. -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "tmeasday", role: "editor", id: "59a1629f423109630b4dfcf2", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1629f423109630b4dfcf2" - } - ] -} -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-26 13:59:27 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "59a1629f423109630b4dfcf2" - }, - { - "coauthorsIds": "59a1629f423109630b4dfcf2" - } - ] -} -2017-08-26 13:59:27 ERROR update tweet not possible for 583676d3618530145474e352. -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "tmeasday", role: "editor", id: "59a1629f423109630b4dfcf2", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a1629f423109630b4dfcf3") { - body - } -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1629f423109630b4dfcf2" - } - ] -} -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "tmeasday", role: "editor", id: "59a1629f423109630b4dfcf2", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59a1629f423109630b4dfcf3") -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1629f423109630b4dfcf2" - } - ] -} -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-26 13:59:27 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "59a1629f423109630b4dfcf2" - } - ] -} -2017-08-26 13:59:27 removed tweet 59a1629f423109630b4dfcf3. -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "tmeasday", role: "editor", id: "59a1629f423109630b4dfcf2", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1629f423109630b4dfcf2" - } - ] -} -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-26 13:59:27 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-08-26 13:59:27 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "59a1629f423109630b4dfcf2" - } - ] -} -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "tmeasday", role: "editor", id: "59a1629f423109630b4dfcf2", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a1629f423109630b4dfcf3") { - body - } -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1629f423109630b4dfcf2" - } - ] -} -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "tmeasday", role: "editor", id: "59a1629f423109630b4dfcf2", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59a1629f423109630b4dfcf2") -} - -2017-08-26 13:59:27 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1629f423109630b4dfcf2" - } - ] -} -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-26 13:59:27 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1629f423109630b4dfcf2" - } - ] -} -2017-08-26 13:59:27 removed user 59a1629f423109630b4dfcf2. -2017-08-26 13:59:27 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 13:59:27 -------------------------------------------------------------------------------- -2017-08-26 13:59:27 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59a1629f423109630b4dfcf2") { - username - bio - role - } -} - -2017-08-26 13:59:27 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 13:59:27 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-26 19:23:51 Logger started -2017-08-26 19:25:14 -------------------------------------------------------------------------------- -2017-08-26 19:25:14 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-26 19:25:14 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:14 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 -------------------------------------------------------------------------------- -2017-08-26 19:25:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 -------------------------------------------------------------------------------- -2017-08-26 19:25:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - role - username - } -} - -2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 -------------------------------------------------------------------------------- -2017-08-26 19:25:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - role - username - } -} - -2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 -------------------------------------------------------------------------------- -2017-08-26 19:25:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca2") { - role - username - } -} - -2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 -------------------------------------------------------------------------------- -2017-08-26 19:25:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - id - username - bio - } -} - -2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 -------------------------------------------------------------------------------- -2017-08-26 19:25:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users { - username - createdAt - } -} - -2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 -------------------------------------------------------------------------------- -2017-08-26 19:25:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(limit: 1) { - username - createdAt - } -} - -2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 -------------------------------------------------------------------------------- -2017-08-26 19:25:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993) { - username - createdAt - } -} - -2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 -------------------------------------------------------------------------------- -2017-08-26 19:25:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } -} - -2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 -------------------------------------------------------------------------------- -2017-08-26 19:25:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers { - username - createdAt - } - } -} - -2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 -------------------------------------------------------------------------------- -2017-08-26 19:25:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(limit: 1) { - username - createdAt - } - } -} - -2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 -------------------------------------------------------------------------------- -2017-08-26 19:25:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 -------------------------------------------------------------------------------- -2017-08-26 19:25:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 -------------------------------------------------------------------------------- -2017-08-26 19:25:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following { - username - createdAt - } - } -} - -2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 -------------------------------------------------------------------------------- -2017-08-26 19:25:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(limit: 1) { - username - createdAt - } - } -} - -2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 -------------------------------------------------------------------------------- -2017-08-26 19:25:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 -------------------------------------------------------------------------------- -2017-08-26 19:25:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 -------------------------------------------------------------------------------- -2017-08-26 19:25:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets { - id - createdAt - } - } -} - -2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 -------------------------------------------------------------------------------- -2017-08-26 19:25:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(limit: 1) { - id - createdAt - } - } -} - -2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 -------------------------------------------------------------------------------- -2017-08-26 19:25:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } - } -} - -2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 -------------------------------------------------------------------------------- -2017-08-26 19:25:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } - } -} - -2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 -------------------------------------------------------------------------------- -2017-08-26 19:25:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked { - id - createdAt - } - } -} - -2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 -------------------------------------------------------------------------------- -2017-08-26 19:25:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(limit: 1) { - id - createdAt - } - } -} - -2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 -------------------------------------------------------------------------------- -2017-08-26 19:25:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334) { - id - createdAt - } - } -} - -2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 -------------------------------------------------------------------------------- -2017-08-26 19:25:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334, limit: 1) { - id - createdAt - } - } -} - -2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 -------------------------------------------------------------------------------- -2017-08-26 19:25:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - id - body - } -} - -2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 -------------------------------------------------------------------------------- -2017-08-26 19:25:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - author { - username - } - } -} - -2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 -------------------------------------------------------------------------------- -2017-08-26 19:25:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets { - id - createdAt - } -} - -2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 -------------------------------------------------------------------------------- -2017-08-26 19:25:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(limit: 1) { - id - createdAt - } -} - -2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 -------------------------------------------------------------------------------- -2017-08-26 19:25:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } -} - -2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 -------------------------------------------------------------------------------- -2017-08-26 19:25:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } -} - -2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 -------------------------------------------------------------------------------- -2017-08-26 19:25:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers { - username - createdAt - } - } -} - -2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 -------------------------------------------------------------------------------- -2017-08-26 19:25:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(limit: 1) { - username - createdAt - } - } -} - -2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 -------------------------------------------------------------------------------- -2017-08-26 19:25:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993) { - username - createdAt - } - } -} - -2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 -------------------------------------------------------------------------------- -2017-08-26 19:25:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } - } -} - -2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 -------------------------------------------------------------------------------- -2017-08-26 19:25:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { - id - role - } -} - -2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-26 19:25:38 inserted user 59a1af121bc7a4ac0e0e0e4f. -2017-08-26 19:25:38 -------------------------------------------------------------------------------- -2017-08-26 19:25:38 Request: -User: "tobkle", role: "admin", id: "59a1af121bc7a4ac0e0e0e4f", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-26 19:25:38 inserted user 59a1af121bc7a4ac0e0e0e50. -2017-08-26 19:25:38 -------------------------------------------------------------------------------- -2017-08-26 19:25:38 Request: -User: "tobkle", role: "admin", id: "59a1af121bc7a4ac0e0e0e4f", -Operation: "", variables: "", -Query: -{ - user(id: "59a1af121bc7a4ac0e0e0e50") { - username - bio - role - } -} - -2017-08-26 19:25:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 19:25:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "tobkle", role: "admin", id: "59a1af121bc7a4ac0e0e0e4f", -Operation: "", variables: "", -Query: -{ - user(id: "59a1af121bc7a4ac0e0e0e4f") { - username - role - } -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "tobkle", role: "admin", id: "59a1af121bc7a4ac0e0e0e4f", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a1af121bc7a4ac0e0e0e50", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 19:25:39 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-26 19:25:39 updated user 59a1af121bc7a4ac0e0e0e50. -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "tobkle", role: "admin", id: "59a1af121bc7a4ac0e0e0e4f", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a1af121bc7a4ac0e0e0e4f", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 19:25:39 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-26 19:25:39 updated user 59a1af121bc7a4ac0e0e0e4f. -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "tobkle", role: "admin", id: "59a1af121bc7a4ac0e0e0e4f", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a1af121bc7a4ac0e0e0e50", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { - username - bio - role - } -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 19:25:39 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-26 19:25:39 updated user 59a1af121bc7a4ac0e0e0e50. -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "tobkle", role: "admin", id: "59a1af121bc7a4ac0e0e0e4f", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a1af121bc7a4ac0e0e0e4f", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 19:25:39 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-26 19:25:39 updated user 59a1af121bc7a4ac0e0e0e4f. -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "tobkle", role: "editor", id: "59a1af121bc7a4ac0e0e0e4f", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a1af121bc7a4ac0e0e0e4f", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1af121bc7a4ac0e0e0e4f" - } - ] -} -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-26 19:25:39 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1af121bc7a4ac0e0e0e4f" - } - ] -} -2017-08-26 19:25:39 updated user 59a1af121bc7a4ac0e0e0e4f. -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "zoltan", role: "admin", id: "59a1af121bc7a4ac0e0e0e50", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a1af121bc7a4ac0e0e0e4f", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'zoltan' and role 'admin' is authorized -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'zoltan' and role 'admin' is authorized -2017-08-26 19:25:39 Authorize update 'updateUser' with user 'zoltan' and role 'admin' is authorized -2017-08-26 19:25:39 updated user 59a1af121bc7a4ac0e0e0e4f. -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "tobkle", role: "admin", id: "59a1af121bc7a4ac0e0e0e4f", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59a1af121bc7a4ac0e0e0e50") -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 19:25:39 removed user 59a1af121bc7a4ac0e0e0e50. -2017-08-26 19:25:39 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "tobkle", role: "admin", id: "59a1af121bc7a4ac0e0e0e4f", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59a1af121bc7a4ac0e0e0e4f", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 19:25:39 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-26 19:25:39 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-26 19:25:39 inserted tweet 59a1af131bc7a4ac0e0e0e51. -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "tobkle", role: "admin", id: "59a1af121bc7a4ac0e0e0e4f", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "tobkle", role: "admin", id: "59a1af121bc7a4ac0e0e0e4f", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a1af131bc7a4ac0e0e0e51") { - author { - id - } - body - } -} - -2017-08-26 19:25:39 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-26 19:25:39 inserted tweet 59a1af131bc7a4ac0e0e0e52. -2017-08-26 19:25:39 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "tobkle", role: "admin", id: "59a1af121bc7a4ac0e0e0e4f", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "tobkle", role: "admin", id: "59a1af121bc7a4ac0e0e0e4f", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59a1af131bc7a4ac0e0e0e51", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 19:25:39 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-26 19:25:39 updated tweet 59a1af131bc7a4ac0e0e0e51. -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "tobkle", role: "admin", id: "59a1af121bc7a4ac0e0e0e4f", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59a1af131bc7a4ac0e0e0e52", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 19:25:39 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-26 19:25:39 updated tweet 59a1af131bc7a4ac0e0e0e52. -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "tobkle", role: "admin", id: "59a1af121bc7a4ac0e0e0e4f", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a1af131bc7a4ac0e0e0e51") { - body - } -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "tobkle", role: "admin", id: "59a1af121bc7a4ac0e0e0e4f", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59a1af131bc7a4ac0e0e0e51") -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 19:25:39 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-26 19:25:39 removed tweet 59a1af131bc7a4ac0e0e0e51. -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "tobkle", role: "admin", id: "59a1af121bc7a4ac0e0e0e4f", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59a1af131bc7a4ac0e0e0e52") -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 19:25:39 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-26 19:25:39 removed tweet 59a1af131bc7a4ac0e0e0e52. -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "tobkle", role: "admin", id: "59a1af121bc7a4ac0e0e0e4f", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a1af131bc7a4ac0e0e0e51") { - body - } -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "tobkle", role: "admin", id: "59a1af121bc7a4ac0e0e0e4f", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59a1af121bc7a4ac0e0e0e4f") -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 19:25:39 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-26 19:25:39 removed user 59a1af121bc7a4ac0e0e0e4f. -2017-08-26 19:25:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59a1af121bc7a4ac0e0e0e4f") { - username - bio - role - } -} - -2017-08-26 19:25:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-26 19:25:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-26 19:25:39 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-08-26 19:25:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-26 19:25:39 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-26 19:25:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-26 19:25:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-26 19:25:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. -2017-08-26 19:25:39 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-26 19:25:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-26 19:25:39 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. -2017-08-26 19:25:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-26 19:25:39 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-26 19:25:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-26 19:25:39 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-26 19:25:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-26 19:25:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-26 19:25:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-26 19:25:39 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-26 19:25:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-26 19:25:39 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-26 19:25:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-26 19:25:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-26 19:25:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-26 19:25:39 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-26 19:25:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-26 19:25:39 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-26 19:25:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-26 19:25:39 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-26 19:25:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-26 19:25:39 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-26 19:25:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-26 19:25:39 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-26 19:25:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-26 19:25:39 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { - id - role - } -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:39 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:39 inserted user 59a1af131bc7a4ac0e0e0e53. -2017-08-26 19:25:39 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. -2017-08-26 19:25:39 Request: -User: "tobkle", role: "user", id: "59a1af131bc7a4ac0e0e0e53", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1af131bc7a4ac0e0e0e53" - } - ] -} -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 19:25:39 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "tobkle", role: "user", id: "59a1af131bc7a4ac0e0e0e53", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1af131bc7a4ac0e0e0e53" - } - ] -} -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "tobkle", role: "user", id: "59a1af131bc7a4ac0e0e0e53", -Operation: "", variables: "", -Query: -{ - user(id: "59a1af131bc7a4ac0e0e0e53") { - username - } -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1af131bc7a4ac0e0e0e53" - } - ] -} -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "tobkle", role: "user", id: "59a1af131bc7a4ac0e0e0e53", -Operation: "", variables: "", -Query: -{ - user(id: "59a1af131bc7a4ac0e0e0e53") { - username - role - } -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1af131bc7a4ac0e0e0e53" - } - ] -} -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "tobkle", role: "user", id: "59a1af131bc7a4ac0e0e0e53", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1af131bc7a4ac0e0e0e53" - } - ] -} -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 19:25:39 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1af131bc7a4ac0e0e0e53" - } - ] -} -2017-08-26 19:25:39 ERROR update user not possible for 583291a1638566b3c5a92ca1. -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "tobkle", role: "user", id: "59a1af131bc7a4ac0e0e0e53", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a1af131bc7a4ac0e0e0e53", input: {username: "tobkle", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1af131bc7a4ac0e0e0e53" - } - ] -} -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 19:25:39 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1af131bc7a4ac0e0e0e53" - } - ] -} -2017-08-26 19:25:39 updated user 59a1af131bc7a4ac0e0e0e53. -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "tobkle", role: "user", id: "59a1af131bc7a4ac0e0e0e53", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a1af131bc7a4ac0e0e0e53", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1af131bc7a4ac0e0e0e53" - } - ] -} -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 19:25:39 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1af131bc7a4ac0e0e0e53" - } - ] -} -2017-08-26 19:25:39 updated user 59a1af131bc7a4ac0e0e0e53. -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "tobkle", role: "user", id: "59a1af131bc7a4ac0e0e0e53", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1af131bc7a4ac0e0e0e53" - } - ] -} -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 19:25:39 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1af131bc7a4ac0e0e0e53" - } - ] -} -2017-08-26 19:25:39 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "tobkle", role: "user", id: "59a1af131bc7a4ac0e0e0e53", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59a1af131bc7a4ac0e0e0e53", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1af131bc7a4ac0e0e0e53" - } - ] -} -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 19:25:39 Authorize create 'createTweet' with user 'tobkle' and role: 'user' is authorized by docRole. -2017-08-26 19:25:39 inserted tweet 59a1af131bc7a4ac0e0e0e54. -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. -2017-08-26 19:25:39 Request: -User: "tobkle", role: "user", id: "59a1af131bc7a4ac0e0e0e53", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1af131bc7a4ac0e0e0e53" - } - ] -} -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 19:25:39 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "tobkle", role: "user", id: "59a1af131bc7a4ac0e0e0e53", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a1af131bc7a4ac0e0e0e54") { - author { - id - } - body - } -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1af131bc7a4ac0e0e0e53" - } - ] -} -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "tobkle", role: "user", id: "59a1af131bc7a4ac0e0e0e53", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1af131bc7a4ac0e0e0e53" - } - ] -} -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "tobkle", role: "user", id: "59a1af131bc7a4ac0e0e0e53", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59a1af131bc7a4ac0e0e0e54", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1af131bc7a4ac0e0e0e53" - } - ] -} -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 19:25:39 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59a1af131bc7a4ac0e0e0e53" - }, - { - "coauthorsIds": "59a1af131bc7a4ac0e0e0e53" - } - ] -} -2017-08-26 19:25:39 updated tweet 59a1af131bc7a4ac0e0e0e54. -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "tobkle", role: "user", id: "59a1af131bc7a4ac0e0e0e53", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-26 19:25:39 ERROR update tweet not possible for 583676d3618530145474e352. -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1af131bc7a4ac0e0e0e53" - } - ] -} -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 19:25:39 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59a1af131bc7a4ac0e0e0e53" - }, - { - "coauthorsIds": "59a1af131bc7a4ac0e0e0e53" - } - ] -} -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "tobkle", role: "user", id: "59a1af131bc7a4ac0e0e0e53", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a1af131bc7a4ac0e0e0e54") { - body - } -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1af131bc7a4ac0e0e0e53" - } - ] -} -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "tobkle", role: "user", id: "59a1af131bc7a4ac0e0e0e53", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59a1af131bc7a4ac0e0e0e54") -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1af131bc7a4ac0e0e0e53" - } - ] -} -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 19:25:39 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59a1af131bc7a4ac0e0e0e53" - } - ] -} -2017-08-26 19:25:39 removed tweet 59a1af131bc7a4ac0e0e0e54. -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "tobkle", role: "user", id: "59a1af131bc7a4ac0e0e0e53", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1af131bc7a4ac0e0e0e53" - } - ] -} -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 19:25:39 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59a1af131bc7a4ac0e0e0e53" - } - ] -} -2017-08-26 19:25:39 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "tobkle", role: "user", id: "59a1af131bc7a4ac0e0e0e53", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a1af131bc7a4ac0e0e0e54") { - body - } -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1af131bc7a4ac0e0e0e53" - } - ] -} -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "tobkle", role: "user", id: "59a1af131bc7a4ac0e0e0e53", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59a1af131bc7a4ac0e0e0e53") -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1af131bc7a4ac0e0e0e53" - } - ] -} -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 19:25:39 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1af131bc7a4ac0e0e0e53" - } - ] -} -2017-08-26 19:25:39 removed user 59a1af131bc7a4ac0e0e0e53. -2017-08-26 19:25:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59a1af131bc7a4ac0e0e0e53") { - username - bio - role - } -} - -2017-08-26 19:25:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { - id - role - } -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:39 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-26 19:25:39 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-26 19:25:39 inserted user 59a1af131bc7a4ac0e0e0e55. -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. -2017-08-26 19:25:39 Request: -User: "tobkle", role: "editor", id: "59a1af131bc7a4ac0e0e0e55", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1af131bc7a4ac0e0e0e55" - } - ] -} -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-26 19:25:39 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "tobkle", role: "editor", id: "59a1af131bc7a4ac0e0e0e55", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1af131bc7a4ac0e0e0e55" - } - ] -} -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "tobkle", role: "editor", id: "59a1af131bc7a4ac0e0e0e55", -Operation: "", variables: "", -Query: -{ - user(id: "59a1af131bc7a4ac0e0e0e55") { - username - role - } -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1af131bc7a4ac0e0e0e55" - } - ] -} -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "tobkle", role: "editor", id: "59a1af131bc7a4ac0e0e0e55", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1af131bc7a4ac0e0e0e55" - } - ] -} -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-26 19:25:39 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1af131bc7a4ac0e0e0e55" - } - ] -} -2017-08-26 19:25:39 ERROR update user not possible for 583291a1638566b3c5a92ca1. -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "tobkle", role: "editor", id: "59a1af131bc7a4ac0e0e0e55", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a1af131bc7a4ac0e0e0e55", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1af131bc7a4ac0e0e0e55" - } - ] -} -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-26 19:25:39 updated user 59a1af131bc7a4ac0e0e0e55. -2017-08-26 19:25:39 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1af131bc7a4ac0e0e0e55" - } - ] -} -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "tmeasday", role: "editor", id: "59a1af131bc7a4ac0e0e0e55", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a1af131bc7a4ac0e0e0e55", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1af131bc7a4ac0e0e0e55" - } - ] -} -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-26 19:25:39 Authorize update 'updateUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1af131bc7a4ac0e0e0e55" - } - ] -} -2017-08-26 19:25:39 updated user 59a1af131bc7a4ac0e0e0e55. -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "tmeasday", role: "editor", id: "59a1af131bc7a4ac0e0e0e55", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1af131bc7a4ac0e0e0e55" - } - ] -} -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-26 19:25:39 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1af131bc7a4ac0e0e0e55" - } - ] -} -2017-08-26 19:25:39 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "tmeasday", role: "editor", id: "59a1af131bc7a4ac0e0e0e55", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59a1af131bc7a4ac0e0e0e55", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1af131bc7a4ac0e0e0e55" - } - ] -} -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-26 19:25:39 Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is authorized by docRole. -2017-08-26 19:25:39 inserted tweet 59a1af131bc7a4ac0e0e0e56. -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. -2017-08-26 19:25:39 Request: -User: "tmeasday", role: "editor", id: "59a1af131bc7a4ac0e0e0e55", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1af131bc7a4ac0e0e0e55" - } - ] -} -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-26 19:25:39 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "tmeasday", role: "editor", id: "59a1af131bc7a4ac0e0e0e55", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a1af131bc7a4ac0e0e0e56") { - author { - id - } - body - } -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1af131bc7a4ac0e0e0e55" - } - ] -} -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "tmeasday", role: "editor", id: "59a1af131bc7a4ac0e0e0e55", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1af131bc7a4ac0e0e0e55" - } - ] -} -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "tmeasday", role: "editor", id: "59a1af131bc7a4ac0e0e0e55", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59a1af131bc7a4ac0e0e0e56", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1af131bc7a4ac0e0e0e55" - } - ] -} -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-26 19:25:39 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "59a1af131bc7a4ac0e0e0e55" - }, - { - "coauthorsIds": "59a1af131bc7a4ac0e0e0e55" - } - ] -} -2017-08-26 19:25:39 updated tweet 59a1af131bc7a4ac0e0e0e56. -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "tmeasday", role: "editor", id: "59a1af131bc7a4ac0e0e0e55", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1af131bc7a4ac0e0e0e55" - } - ] -} -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-26 19:25:39 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "59a1af131bc7a4ac0e0e0e55" - }, - { - "coauthorsIds": "59a1af131bc7a4ac0e0e0e55" - } - ] -} -2017-08-26 19:25:39 ERROR update tweet not possible for 583676d3618530145474e352. -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "tmeasday", role: "editor", id: "59a1af131bc7a4ac0e0e0e55", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a1af131bc7a4ac0e0e0e56") { - body - } -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1af131bc7a4ac0e0e0e55" - } - ] -} -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "tmeasday", role: "editor", id: "59a1af131bc7a4ac0e0e0e55", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59a1af131bc7a4ac0e0e0e56") -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1af131bc7a4ac0e0e0e55" - } - ] -} -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-26 19:25:39 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "59a1af131bc7a4ac0e0e0e55" - } - ] -} -2017-08-26 19:25:39 removed tweet 59a1af131bc7a4ac0e0e0e56. -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "tmeasday", role: "editor", id: "59a1af131bc7a4ac0e0e0e55", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1af131bc7a4ac0e0e0e55" - } - ] -} -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-26 19:25:39 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "59a1af131bc7a4ac0e0e0e55" - } - ] -} -2017-08-26 19:25:39 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "tmeasday", role: "editor", id: "59a1af131bc7a4ac0e0e0e55", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a1af131bc7a4ac0e0e0e56") { - body - } -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1af131bc7a4ac0e0e0e55" - } - ] -} -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "tmeasday", role: "editor", id: "59a1af131bc7a4ac0e0e0e55", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59a1af131bc7a4ac0e0e0e55") -} - -2017-08-26 19:25:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1af131bc7a4ac0e0e0e55" - } - ] -} -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-26 19:25:39 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1af131bc7a4ac0e0e0e55" - } - ] -} -2017-08-26 19:25:39 removed user 59a1af131bc7a4ac0e0e0e55. -2017-08-26 19:25:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 19:25:39 -------------------------------------------------------------------------------- -2017-08-26 19:25:39 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59a1af131bc7a4ac0e0e0e55") { - username - bio - role - } -} - -2017-08-26 19:25:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 19:25:39 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-26 22:06:57 Logger started -2017-08-26 22:07:58 -------------------------------------------------------------------------------- -2017-08-26 22:07:58 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-26 22:07:58 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:07:58 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - role - username - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - role - username - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca2") { - role - username - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - id - username - bio - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users { - username - createdAt - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(limit: 1) { - username - createdAt - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993) { - username - createdAt - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers { - username - createdAt - } - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(limit: 1) { - username - createdAt - } - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following { - username - createdAt - } - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(limit: 1) { - username - createdAt - } - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets { - id - createdAt - } - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(limit: 1) { - id - createdAt - } - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked { - id - createdAt - } - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(limit: 1) { - id - createdAt - } - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334) { - id - createdAt - } - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334, limit: 1) { - id - createdAt - } - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - id - body - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets { - id - createdAt - } -} - -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - author { - username - } - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(limit: 1) { - id - createdAt - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers { - username - createdAt - } - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(limit: 1) { - username - createdAt - } - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993) { - username - createdAt - } - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { - id - role - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-26 22:08:22 inserted user 59a1d536e5c828d8c857b586. -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "tobkle", role: "admin", id: "59a1d536e5c828d8c857b586", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-26 22:08:22 inserted user 59a1d536e5c828d8c857b587. -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "tobkle", role: "admin", id: "59a1d536e5c828d8c857b586", -Operation: "", variables: "", -Query: -{ - user(id: "59a1d536e5c828d8c857b587") { - username - bio - role - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "tobkle", role: "admin", id: "59a1d536e5c828d8c857b586", -Operation: "", variables: "", -Query: -{ - user(id: "59a1d536e5c828d8c857b586") { - username - role - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "tobkle", role: "admin", id: "59a1d536e5c828d8c857b586", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a1d536e5c828d8c857b587", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-26 22:08:22 updated user 59a1d536e5c828d8c857b587. -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "tobkle", role: "admin", id: "59a1d536e5c828d8c857b586", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a1d536e5c828d8c857b586", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-26 22:08:22 updated user 59a1d536e5c828d8c857b586. -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "tobkle", role: "admin", id: "59a1d536e5c828d8c857b586", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a1d536e5c828d8c857b587", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { - username - bio - role - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-26 22:08:22 updated user 59a1d536e5c828d8c857b587. -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "tobkle", role: "admin", id: "59a1d536e5c828d8c857b586", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a1d536e5c828d8c857b586", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-26 22:08:22 updated user 59a1d536e5c828d8c857b586. -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "tobkle", role: "editor", id: "59a1d536e5c828d8c857b586", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a1d536e5c828d8c857b586", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1d536e5c828d8c857b586" - } - ] -} -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-26 22:08:22 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1d536e5c828d8c857b586" - } - ] -} -2017-08-26 22:08:22 updated user 59a1d536e5c828d8c857b586. -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "zoltan", role: "admin", id: "59a1d536e5c828d8c857b587", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a1d536e5c828d8c857b586", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'zoltan' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'zoltan' and role 'admin' is authorized -2017-08-26 22:08:22 updated user 59a1d536e5c828d8c857b586. -2017-08-26 22:08:22 Authorize update 'updateUser' with user 'zoltan' and role 'admin' is authorized -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "tobkle", role: "admin", id: "59a1d536e5c828d8c857b586", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59a1d536e5c828d8c857b587") -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 22:08:22 removed user 59a1d536e5c828d8c857b587. -2017-08-26 22:08:22 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "tobkle", role: "admin", id: "59a1d536e5c828d8c857b586", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59a1d536e5c828d8c857b586", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-26 22:08:22 inserted tweet 59a1d536e5c828d8c857b588. -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "tobkle", role: "admin", id: "59a1d536e5c828d8c857b586", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "tobkle", role: "admin", id: "59a1d536e5c828d8c857b586", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a1d536e5c828d8c857b588") { - author { - id - } - body - } -} - -2017-08-26 22:08:22 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-26 22:08:22 inserted tweet 59a1d536e5c828d8c857b589. -2017-08-26 22:08:22 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "tobkle", role: "admin", id: "59a1d536e5c828d8c857b586", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "tobkle", role: "admin", id: "59a1d536e5c828d8c857b586", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59a1d536e5c828d8c857b588", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-26 22:08:22 updated tweet 59a1d536e5c828d8c857b588. -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "tobkle", role: "admin", id: "59a1d536e5c828d8c857b586", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59a1d536e5c828d8c857b589", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-26 22:08:22 updated tweet 59a1d536e5c828d8c857b589. -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "tobkle", role: "admin", id: "59a1d536e5c828d8c857b586", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a1d536e5c828d8c857b588") { - body - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "tobkle", role: "admin", id: "59a1d536e5c828d8c857b586", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59a1d536e5c828d8c857b588") -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-26 22:08:22 removed tweet 59a1d536e5c828d8c857b588. -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "tobkle", role: "admin", id: "59a1d536e5c828d8c857b586", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59a1d536e5c828d8c857b589") -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-26 22:08:22 removed tweet 59a1d536e5c828d8c857b589. -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "tobkle", role: "admin", id: "59a1d536e5c828d8c857b586", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a1d536e5c828d8c857b588") { - body - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "tobkle", role: "admin", id: "59a1d536e5c828d8c857b586", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59a1d536e5c828d8c857b586") -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-26 22:08:22 removed user 59a1d536e5c828d8c857b586. -2017-08-26 22:08:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59a1d536e5c828d8c857b586") { - username - bio - role - } -} - -2017-08-26 22:08:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-26 22:08:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-26 22:08:22 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-08-26 22:08:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-26 22:08:22 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-26 22:08:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-26 22:08:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-26 22:08:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. -2017-08-26 22:08:22 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-26 22:08:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-26 22:08:22 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. -2017-08-26 22:08:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-26 22:08:22 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-26 22:08:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-26 22:08:22 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-26 22:08:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-26 22:08:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-26 22:08:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-26 22:08:22 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-26 22:08:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-26 22:08:22 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-26 22:08:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-26 22:08:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-26 22:08:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-26 22:08:22 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-26 22:08:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-26 22:08:22 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-26 22:08:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-26 22:08:22 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-26 22:08:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-26 22:08:22 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-26 22:08:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-26 22:08:22 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-26 22:08:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-26 22:08:22 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { - id - role - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:22 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-26 22:08:22 inserted user 59a1d536e5c828d8c857b58a. -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. -2017-08-26 22:08:22 Request: -User: "tobkle", role: "user", id: "59a1d536e5c828d8c857b58a", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1d536e5c828d8c857b58a" - } - ] -} -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 22:08:22 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "tobkle", role: "user", id: "59a1d536e5c828d8c857b58a", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1d536e5c828d8c857b58a" - } - ] -} -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "tobkle", role: "user", id: "59a1d536e5c828d8c857b58a", -Operation: "", variables: "", -Query: -{ - user(id: "59a1d536e5c828d8c857b58a") { - username - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1d536e5c828d8c857b58a" - } - ] -} -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "tobkle", role: "user", id: "59a1d536e5c828d8c857b58a", -Operation: "", variables: "", -Query: -{ - user(id: "59a1d536e5c828d8c857b58a") { - username - role - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1d536e5c828d8c857b58a" - } - ] -} -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "tobkle", role: "user", id: "59a1d536e5c828d8c857b58a", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1d536e5c828d8c857b58a" - } - ] -} -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 22:08:22 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1d536e5c828d8c857b58a" - } - ] -} -2017-08-26 22:08:22 ERROR update user not possible for 583291a1638566b3c5a92ca1. -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "tobkle", role: "user", id: "59a1d536e5c828d8c857b58a", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a1d536e5c828d8c857b58a", input: {username: "tobkle", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1d536e5c828d8c857b58a" - } - ] -} -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 22:08:22 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1d536e5c828d8c857b58a" - } - ] -} -2017-08-26 22:08:22 updated user 59a1d536e5c828d8c857b58a. -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "tobkle", role: "user", id: "59a1d536e5c828d8c857b58a", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a1d536e5c828d8c857b58a", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1d536e5c828d8c857b58a" - } - ] -} -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 22:08:22 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1d536e5c828d8c857b58a" - } - ] -} -2017-08-26 22:08:22 updated user 59a1d536e5c828d8c857b58a. -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "tobkle", role: "user", id: "59a1d536e5c828d8c857b58a", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1d536e5c828d8c857b58a" - } - ] -} -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 22:08:22 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1d536e5c828d8c857b58a" - } - ] -} -2017-08-26 22:08:22 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "tobkle", role: "user", id: "59a1d536e5c828d8c857b58a", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59a1d536e5c828d8c857b58a", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1d536e5c828d8c857b58a" - } - ] -} -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 22:08:22 Authorize create 'createTweet' with user 'tobkle' and role: 'user' is authorized by docRole. -2017-08-26 22:08:22 inserted tweet 59a1d536e5c828d8c857b58b. -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. -2017-08-26 22:08:22 Request: -User: "tobkle", role: "user", id: "59a1d536e5c828d8c857b58a", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1d536e5c828d8c857b58a" - } - ] -} -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 22:08:22 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "tobkle", role: "user", id: "59a1d536e5c828d8c857b58a", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a1d536e5c828d8c857b58b") { - author { - id - } - body - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1d536e5c828d8c857b58a" - } - ] -} -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "tobkle", role: "user", id: "59a1d536e5c828d8c857b58a", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1d536e5c828d8c857b58a" - } - ] -} -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "tobkle", role: "user", id: "59a1d536e5c828d8c857b58a", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59a1d536e5c828d8c857b58b", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1d536e5c828d8c857b58a" - } - ] -} -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 22:08:22 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59a1d536e5c828d8c857b58a" - }, - { - "coauthorsIds": "59a1d536e5c828d8c857b58a" - } - ] -} -2017-08-26 22:08:22 updated tweet 59a1d536e5c828d8c857b58b. -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "tobkle", role: "user", id: "59a1d536e5c828d8c857b58a", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1d536e5c828d8c857b58a" - } - ] -} -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 22:08:22 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59a1d536e5c828d8c857b58a" - }, - { - "coauthorsIds": "59a1d536e5c828d8c857b58a" - } - ] -} -2017-08-26 22:08:22 ERROR update tweet not possible for 583676d3618530145474e352. -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "tobkle", role: "user", id: "59a1d536e5c828d8c857b58a", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a1d536e5c828d8c857b58b") { - body - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1d536e5c828d8c857b58a" - } - ] -} -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "tobkle", role: "user", id: "59a1d536e5c828d8c857b58a", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59a1d536e5c828d8c857b58b") -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1d536e5c828d8c857b58a" - } - ] -} -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 22:08:22 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59a1d536e5c828d8c857b58a" - } - ] -} -2017-08-26 22:08:22 removed tweet 59a1d536e5c828d8c857b58b. -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "tobkle", role: "user", id: "59a1d536e5c828d8c857b58a", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1d536e5c828d8c857b58a" - } - ] -} -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 22:08:22 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59a1d536e5c828d8c857b58a" - } - ] -} -2017-08-26 22:08:22 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-08-26 22:08:22 -------------------------------------------------------------------------------- -2017-08-26 22:08:22 Request: -User: "tobkle", role: "user", id: "59a1d536e5c828d8c857b58a", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a1d536e5c828d8c857b58b") { - body - } -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1d536e5c828d8c857b58a" - } - ] -} -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 22:08:23 -------------------------------------------------------------------------------- -2017-08-26 22:08:23 Request: -User: "tobkle", role: "user", id: "59a1d536e5c828d8c857b58a", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59a1d536e5c828d8c857b58a") -} - -2017-08-26 22:08:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1d536e5c828d8c857b58a" - } - ] -} -2017-08-26 22:08:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-26 22:08:23 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a1d536e5c828d8c857b58a" - } - ] -} -2017-08-26 22:08:23 removed user 59a1d536e5c828d8c857b58a. -2017-08-26 22:08:23 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 22:08:23 -------------------------------------------------------------------------------- -2017-08-26 22:08:23 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59a1d536e5c828d8c857b58a") { - username - bio - role - } -} - -2017-08-26 22:08:23 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 22:08:23 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-26 22:08:23 -------------------------------------------------------------------------------- -2017-08-26 22:08:23 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { - id - role - } -} - -2017-08-26 22:08:23 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:23 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:23 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-26 22:08:23 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-26 22:08:23 inserted user 59a1d537e5c828d8c857b58c. -2017-08-26 22:08:23 -------------------------------------------------------------------------------- -2017-08-26 22:08:23 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. -2017-08-26 22:08:23 Request: -User: "tobkle", role: "editor", id: "59a1d537e5c828d8c857b58c", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-26 22:08:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1d537e5c828d8c857b58c" - } - ] -} -2017-08-26 22:08:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-26 22:08:23 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. -2017-08-26 22:08:23 -------------------------------------------------------------------------------- -2017-08-26 22:08:23 Request: -User: "tobkle", role: "editor", id: "59a1d537e5c828d8c857b58c", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-26 22:08:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1d537e5c828d8c857b58c" - } - ] -} -2017-08-26 22:08:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-26 22:08:23 -------------------------------------------------------------------------------- -2017-08-26 22:08:23 Request: -User: "tobkle", role: "editor", id: "59a1d537e5c828d8c857b58c", -Operation: "", variables: "", -Query: -{ - user(id: "59a1d537e5c828d8c857b58c") { - username - role - } -} - -2017-08-26 22:08:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1d537e5c828d8c857b58c" - } - ] -} -2017-08-26 22:08:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-26 22:08:23 -------------------------------------------------------------------------------- -2017-08-26 22:08:23 Request: -User: "tobkle", role: "editor", id: "59a1d537e5c828d8c857b58c", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-26 22:08:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1d537e5c828d8c857b58c" - } - ] -} -2017-08-26 22:08:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-26 22:08:23 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1d537e5c828d8c857b58c" - } - ] -} -2017-08-26 22:08:23 ERROR update user not possible for 583291a1638566b3c5a92ca1. -2017-08-26 22:08:23 -------------------------------------------------------------------------------- -2017-08-26 22:08:23 Request: -User: "tobkle", role: "editor", id: "59a1d537e5c828d8c857b58c", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a1d537e5c828d8c857b58c", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-08-26 22:08:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1d537e5c828d8c857b58c" - } - ] -} -2017-08-26 22:08:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-26 22:08:23 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1d537e5c828d8c857b58c" - } - ] -} -2017-08-26 22:08:23 updated user 59a1d537e5c828d8c857b58c. -2017-08-26 22:08:23 -------------------------------------------------------------------------------- -2017-08-26 22:08:23 Request: -User: "tmeasday", role: "editor", id: "59a1d537e5c828d8c857b58c", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a1d537e5c828d8c857b58c", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-26 22:08:23 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1d537e5c828d8c857b58c" - } - ] -} -2017-08-26 22:08:23 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-26 22:08:23 Authorize update 'updateUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1d537e5c828d8c857b58c" - } - ] -} -2017-08-26 22:08:23 updated user 59a1d537e5c828d8c857b58c. -2017-08-26 22:08:23 -------------------------------------------------------------------------------- -2017-08-26 22:08:23 Request: -User: "tmeasday", role: "editor", id: "59a1d537e5c828d8c857b58c", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-26 22:08:23 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1d537e5c828d8c857b58c" - } - ] -} -2017-08-26 22:08:23 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-26 22:08:23 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-08-26 22:08:23 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1d537e5c828d8c857b58c" - } - ] -} -2017-08-26 22:08:23 -------------------------------------------------------------------------------- -2017-08-26 22:08:23 Request: -User: "tmeasday", role: "editor", id: "59a1d537e5c828d8c857b58c", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59a1d537e5c828d8c857b58c", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-26 22:08:23 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1d537e5c828d8c857b58c" - } - ] -} -2017-08-26 22:08:23 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-26 22:08:23 inserted tweet 59a1d537e5c828d8c857b58d. -2017-08-26 22:08:23 Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is authorized by docRole. -2017-08-26 22:08:23 -------------------------------------------------------------------------------- -2017-08-26 22:08:23 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. -2017-08-26 22:08:23 Request: -User: "tmeasday", role: "editor", id: "59a1d537e5c828d8c857b58c", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-26 22:08:23 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1d537e5c828d8c857b58c" - } - ] -} -2017-08-26 22:08:23 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-26 22:08:23 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. -2017-08-26 22:08:23 -------------------------------------------------------------------------------- -2017-08-26 22:08:23 Request: -User: "tmeasday", role: "editor", id: "59a1d537e5c828d8c857b58c", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a1d537e5c828d8c857b58d") { - author { - id - } - body - } -} - -2017-08-26 22:08:23 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1d537e5c828d8c857b58c" - } - ] -} -2017-08-26 22:08:23 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-26 22:08:23 -------------------------------------------------------------------------------- -2017-08-26 22:08:23 Request: -User: "tmeasday", role: "editor", id: "59a1d537e5c828d8c857b58c", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-26 22:08:23 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1d537e5c828d8c857b58c" - } - ] -} -2017-08-26 22:08:23 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-26 22:08:23 -------------------------------------------------------------------------------- -2017-08-26 22:08:23 Request: -User: "tmeasday", role: "editor", id: "59a1d537e5c828d8c857b58c", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59a1d537e5c828d8c857b58d", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-26 22:08:23 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1d537e5c828d8c857b58c" - } - ] -} -2017-08-26 22:08:23 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-26 22:08:23 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "59a1d537e5c828d8c857b58c" - }, - { - "coauthorsIds": "59a1d537e5c828d8c857b58c" - } - ] -} -2017-08-26 22:08:23 updated tweet 59a1d537e5c828d8c857b58d. -2017-08-26 22:08:23 -------------------------------------------------------------------------------- -2017-08-26 22:08:23 Request: -User: "tmeasday", role: "editor", id: "59a1d537e5c828d8c857b58c", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-26 22:08:23 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1d537e5c828d8c857b58c" - } - ] -} -2017-08-26 22:08:23 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-26 22:08:23 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "59a1d537e5c828d8c857b58c" - }, - { - "coauthorsIds": "59a1d537e5c828d8c857b58c" - } - ] -} -2017-08-26 22:08:23 ERROR update tweet not possible for 583676d3618530145474e352. -2017-08-26 22:08:23 -------------------------------------------------------------------------------- -2017-08-26 22:08:23 Request: -User: "tmeasday", role: "editor", id: "59a1d537e5c828d8c857b58c", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a1d537e5c828d8c857b58d") { - body - } -} - -2017-08-26 22:08:23 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1d537e5c828d8c857b58c" - } - ] -} -2017-08-26 22:08:23 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-26 22:08:23 -------------------------------------------------------------------------------- -2017-08-26 22:08:23 Request: -User: "tmeasday", role: "editor", id: "59a1d537e5c828d8c857b58c", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59a1d537e5c828d8c857b58d") -} - -2017-08-26 22:08:23 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1d537e5c828d8c857b58c" - } - ] -} -2017-08-26 22:08:23 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-26 22:08:23 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "59a1d537e5c828d8c857b58c" - } - ] -} -2017-08-26 22:08:23 removed tweet 59a1d537e5c828d8c857b58d. -2017-08-26 22:08:23 -------------------------------------------------------------------------------- -2017-08-26 22:08:23 Request: -User: "tmeasday", role: "editor", id: "59a1d537e5c828d8c857b58c", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-26 22:08:23 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1d537e5c828d8c857b58c" - } - ] -} -2017-08-26 22:08:23 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-26 22:08:23 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "59a1d537e5c828d8c857b58c" - } - ] -} -2017-08-26 22:08:23 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-08-26 22:08:23 -------------------------------------------------------------------------------- -2017-08-26 22:08:23 Request: -User: "tmeasday", role: "editor", id: "59a1d537e5c828d8c857b58c", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a1d537e5c828d8c857b58d") { - body - } -} - -2017-08-26 22:08:23 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1d537e5c828d8c857b58c" - } - ] -} -2017-08-26 22:08:23 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-26 22:08:23 -------------------------------------------------------------------------------- -2017-08-26 22:08:23 Request: -User: "tmeasday", role: "editor", id: "59a1d537e5c828d8c857b58c", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59a1d537e5c828d8c857b58c") -} - -2017-08-26 22:08:23 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1d537e5c828d8c857b58c" - } - ] -} -2017-08-26 22:08:23 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-26 22:08:23 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a1d537e5c828d8c857b58c" - } - ] -} -2017-08-26 22:08:23 removed user 59a1d537e5c828d8c857b58c. -2017-08-26 22:08:23 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 22:08:23 -------------------------------------------------------------------------------- -2017-08-26 22:08:23 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59a1d537e5c828d8c857b58c") { - username - bio - role - } -} - -2017-08-26 22:08:23 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-26 22:08:23 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-26 22:26:03 Logger started -2017-08-26 22:27:06 Logger started -2017-08-26 22:36:38 Logger started -2017-08-26 22:38:14 Logger started -2017-08-26 22:47:37 Logger started -2017-08-26 22:48:05 Logger started -2017-08-26 22:48:28 Logger started -2017-08-26 22:48:46 Logger started -2017-08-26 22:48:54 Logger started -2017-08-26 22:58:41 Logger started -2017-08-27 01:25:19 Logger started -2017-08-27 01:27:29 Logger started -2017-08-27 01:41:46 Logger started -2017-08-27 01:54:39 -------------------------------------------------------------------------------- -2017-08-27 01:54:39 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-27 01:54:39 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:54:39 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - role - username - } -} - -2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - role - username - } -} - -2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca2") { - role - username - } -} - -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - id - username - bio - } -} - -2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users { - username - createdAt - } -} - -2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(limit: 1) { - username - createdAt - } -} - -2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993) { - username - createdAt - } -} - -2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } -} - -2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers { - username - createdAt - } - } -} - -2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(limit: 1) { - username - createdAt - } - } -} - -2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following { - username - createdAt - } - } -} - -2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(limit: 1) { - username - createdAt - } - } -} - -2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets { - id - createdAt - } - } -} - -2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(limit: 1) { - id - createdAt - } - } -} - -2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } - } -} - -2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } - } -} - -2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked { - id - createdAt - } - } -} - -2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(limit: 1) { - id - createdAt - } - } -} - -2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334) { - id - createdAt - } - } -} - -2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334, limit: 1) { - id - createdAt - } - } -} - -2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - id - body - } -} - -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - author { - username - } - } -} - -2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets { - id - createdAt - } -} - -2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(limit: 1) { - id - createdAt - } -} - -2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } -} - -2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } -} - -2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers { - username - createdAt - } - } -} - -2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(limit: 1) { - username - createdAt - } - } -} - -2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993) { - username - createdAt - } - } -} - -2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } - } -} - -2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "admin"}) { - id - role - } -} - -2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "undefined") { - username - bio - role - } -} - -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "undefined") { - username - role - } -} - -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "undefined", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "undefined", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { - username - bio - role - } -} - -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "undefined") -} - -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "undefined", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "undefined") { - author { - id - } - body - } -} - -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:03 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "undefined", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "undefined", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "undefined") { - body - } -} - -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "undefined") -} - -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "undefined") -} - -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "undefined") { - body - } -} - -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "undefined") -} - -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "undefined") { - username - bio - role - } -} - -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:03 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:03 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:03 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:03 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:03 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "user"}) { - id - role - } -} - -2017-08-27 01:55:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "user"}) { - id - } -} - -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "undefined") { - username - } -} - -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "undefined") { - username - role - } -} - -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 -------------------------------------------------------------------------------- -2017-08-27 01:55:03 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-08-27 01:55:03 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:03 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 -------------------------------------------------------------------------------- -2017-08-27 01:55:04 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 -------------------------------------------------------------------------------- -2017-08-27 01:55:04 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 -------------------------------------------------------------------------------- -2017-08-27 01:55:04 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "undefined", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 -------------------------------------------------------------------------------- -2017-08-27 01:55:04 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:04 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 -------------------------------------------------------------------------------- -2017-08-27 01:55:04 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "undefined") { - author { - id - } - body - } -} - -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 -------------------------------------------------------------------------------- -2017-08-27 01:55:04 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 -------------------------------------------------------------------------------- -2017-08-27 01:55:04 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "undefined", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 -------------------------------------------------------------------------------- -2017-08-27 01:55:04 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:04 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 -------------------------------------------------------------------------------- -2017-08-27 01:55:04 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "undefined") { - body - } -} - -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 -------------------------------------------------------------------------------- -2017-08-27 01:55:04 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "undefined") -} - -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 -------------------------------------------------------------------------------- -2017-08-27 01:55:04 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:04 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 -------------------------------------------------------------------------------- -2017-08-27 01:55:04 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "undefined") { - body - } -} - -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 -------------------------------------------------------------------------------- -2017-08-27 01:55:04 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "undefined") -} - -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 -------------------------------------------------------------------------------- -2017-08-27 01:55:04 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "undefined") { - username - bio - role - } -} - -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:04 -------------------------------------------------------------------------------- -2017-08-27 01:55:04 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "tobkle", bio: "someone", role: "editor"}) { - id - role - } -} - -2017-08-27 01:55:04 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 -------------------------------------------------------------------------------- -2017-08-27 01:55:04 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 -------------------------------------------------------------------------------- -2017-08-27 01:55:04 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 -------------------------------------------------------------------------------- -2017-08-27 01:55:04 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "undefined") { - username - role - } -} - -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 -------------------------------------------------------------------------------- -2017-08-27 01:55:04 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 -------------------------------------------------------------------------------- -2017-08-27 01:55:04 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "undefined", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 -------------------------------------------------------------------------------- -2017-08-27 01:55:04 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "undefined", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 -------------------------------------------------------------------------------- -2017-08-27 01:55:04 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:04 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 -------------------------------------------------------------------------------- -2017-08-27 01:55:04 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "undefined", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 -------------------------------------------------------------------------------- -2017-08-27 01:55:04 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:04 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 -------------------------------------------------------------------------------- -2017-08-27 01:55:04 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "undefined") { - author { - id - } - body - } -} - -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 -------------------------------------------------------------------------------- -2017-08-27 01:55:04 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 -------------------------------------------------------------------------------- -2017-08-27 01:55:04 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "undefined", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 -------------------------------------------------------------------------------- -2017-08-27 01:55:04 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:04 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 -------------------------------------------------------------------------------- -2017-08-27 01:55:04 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "undefined") { - body - } -} - -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 -------------------------------------------------------------------------------- -2017-08-27 01:55:04 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "undefined") -} - -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 -------------------------------------------------------------------------------- -2017-08-27 01:55:04 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:04 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 -------------------------------------------------------------------------------- -2017-08-27 01:55:04 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "undefined") { - body - } -} - -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 -------------------------------------------------------------------------------- -2017-08-27 01:55:04 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "undefined") -} - -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 -------------------------------------------------------------------------------- -2017-08-27 01:55:04 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "undefined") { - username - bio - role - } -} - -2017-08-27 01:55:04 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 01:55:04 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 01:58:33 Logger started -2017-08-27 02:05:06 -------------------------------------------------------------------------------- -2017-08-27 02:05:06 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-27 02:05:06 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:05:06 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:05:28 -------------------------------------------------------------------------------- -2017-08-27 02:05:28 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "admin"}) { - id - role - } -} - -2017-08-27 02:05:28 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:05:28 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:05:28 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:05:28 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-27 02:05:28 inserted user 59a20cc84bf691038d8fccea. -2017-08-27 02:05:28 -------------------------------------------------------------------------------- -2017-08-27 02:05:28 Request: -User: "tobkle", role: "admin", id: "59a20cc84bf691038d8fccea", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "zol@gmail.com", password: "password", username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-27 02:05:28 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:05:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:05:28 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:05:28 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-27 02:05:28 inserted user 59a20cc84bf691038d8fcceb. -2017-08-27 02:05:28 -------------------------------------------------------------------------------- -2017-08-27 02:05:28 Request: -User: "tobkle", role: "admin", id: "59a20cc84bf691038d8fccea", -Operation: "", variables: "", -Query: -{ - user(id: "59a20cc84bf691038d8fcceb") { - username - bio - role - } -} - -2017-08-27 02:05:28 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:05:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:05:28 -------------------------------------------------------------------------------- -2017-08-27 02:05:28 Request: -User: "tobkle", role: "admin", id: "59a20cc84bf691038d8fccea", -Operation: "", variables: "", -Query: -{ - user(id: "59a20cc84bf691038d8fccea") { - username - role - } -} - -2017-08-27 02:05:28 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:05:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:05:28 -------------------------------------------------------------------------------- -2017-08-27 02:05:28 Request: -User: "tobkle", role: "admin", id: "59a20cc84bf691038d8fccea", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a20cc84bf691038d8fcceb", input: {email: "undefined", password: "undefined", username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-27 02:05:28 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:05:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:05:28 -------------------------------------------------------------------------------- -2017-08-27 02:05:28 Request: -User: "tobkle", role: "admin", id: "59a20cc84bf691038d8fccea", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a20cc84bf691038d8fccea", input: {email: "undefined", password: "undefined", username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-27 02:05:28 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:05:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:05:28 -------------------------------------------------------------------------------- -2017-08-27 02:05:28 Request: -User: "tobkle", role: "admin", id: "59a20cc84bf691038d8fccea", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a20cc84bf691038d8fcceb", input: {email: "undefined", password: "undefined", username: "zoltan", bio: "now an admin", role: "admin"}) { - username - bio - role - } -} - -2017-08-27 02:05:28 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:05:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:05:28 -------------------------------------------------------------------------------- -2017-08-27 02:05:28 Request: -User: "tobkle", role: "admin", id: "59a20cc84bf691038d8fccea", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a20cc84bf691038d8fccea", input: {email: "undefined", password: "undefined", username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-27 02:05:28 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:05:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:05:28 -------------------------------------------------------------------------------- -2017-08-27 02:05:28 Request: -User: "tobkle", role: "admin", id: "59a20cc84bf691038d8fccea", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a20cc84bf691038d8fccea", input: {email: "undefined", password: "undefined", username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-27 02:05:28 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:05:28 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:05:28 -------------------------------------------------------------------------------- -2017-08-27 02:05:28 Request: -User: "zol", role: "editor", id: "59a20cc84bf691038d8fcceb", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a20cc84bf691038d8fccea", input: {email: "undefined", password: "undefined", username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-27 02:05:28 Authorize readOne 'user findOneById' with user 'zol' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a20cc84bf691038d8fcceb" - } - ] -} -2017-08-27 02:05:28 Authorize readOne 'tweet findOneById' with user 'zol' and role 'editor' is authorized -2017-08-27 02:05:29 -------------------------------------------------------------------------------- -2017-08-27 02:05:29 Request: -User: "tobkle", role: "admin", id: "59a20cc84bf691038d8fccea", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59a20cc84bf691038d8fcceb") -} - -2017-08-27 02:05:29 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:05:29 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:05:29 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:05:29 removed user 59a20cc84bf691038d8fcceb. -2017-08-27 02:05:29 -------------------------------------------------------------------------------- -2017-08-27 02:05:29 Request: -User: "tobkle", role: "admin", id: "59a20cc84bf691038d8fccea", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59a20cc84bf691038d8fccea", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-27 02:05:29 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:05:29 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:05:29 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:05:29 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-27 02:05:29 inserted tweet 59a20cc94bf691038d8fccec. -2017-08-27 02:05:29 -------------------------------------------------------------------------------- -2017-08-27 02:05:29 Request: -User: "tobkle", role: "admin", id: "59a20cc84bf691038d8fccea", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-27 02:05:29 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:05:29 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:05:29 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:05:29 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-27 02:05:29 -------------------------------------------------------------------------------- -2017-08-27 02:05:29 inserted tweet 59a20cc94bf691038d8fcced. -2017-08-27 02:05:29 Request: -User: "tobkle", role: "admin", id: "59a20cc84bf691038d8fccea", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a20cc94bf691038d8fccec") { - author { - id - } - body - } -} - -2017-08-27 02:05:29 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:05:29 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:05:29 -------------------------------------------------------------------------------- -2017-08-27 02:05:29 Request: -User: "tobkle", role: "admin", id: "59a20cc84bf691038d8fccea", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-27 02:05:29 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:05:29 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:05:29 -------------------------------------------------------------------------------- -2017-08-27 02:05:29 Request: -User: "tobkle", role: "admin", id: "59a20cc84bf691038d8fccea", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59a20cc94bf691038d8fccec", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-27 02:05:29 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:05:29 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:05:29 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:05:29 updated tweet 59a20cc94bf691038d8fccec. -2017-08-27 02:05:29 -------------------------------------------------------------------------------- -2017-08-27 02:05:29 Request: -User: "tobkle", role: "admin", id: "59a20cc84bf691038d8fccea", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59a20cc94bf691038d8fcced", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-27 02:05:29 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:05:29 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:05:29 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:05:29 updated tweet 59a20cc94bf691038d8fcced. -2017-08-27 02:05:29 -------------------------------------------------------------------------------- -2017-08-27 02:05:29 Request: -User: "tobkle", role: "admin", id: "59a20cc84bf691038d8fccea", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a20cc94bf691038d8fccec") { - body - } -} - -2017-08-27 02:05:29 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:05:29 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:05:29 -------------------------------------------------------------------------------- -2017-08-27 02:05:29 Request: -User: "tobkle", role: "admin", id: "59a20cc84bf691038d8fccea", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59a20cc94bf691038d8fccec") -} - -2017-08-27 02:05:29 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:05:29 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:05:29 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:05:29 removed tweet 59a20cc94bf691038d8fccec. -2017-08-27 02:05:29 -------------------------------------------------------------------------------- -2017-08-27 02:05:29 Request: -User: "tobkle", role: "admin", id: "59a20cc84bf691038d8fccea", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59a20cc94bf691038d8fcced") -} - -2017-08-27 02:05:29 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:05:29 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:05:29 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:05:29 removed tweet 59a20cc94bf691038d8fcced. -2017-08-27 02:05:29 -------------------------------------------------------------------------------- -2017-08-27 02:05:29 Request: -User: "tobkle", role: "admin", id: "59a20cc84bf691038d8fccea", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a20cc94bf691038d8fccec") { - body - } -} - -2017-08-27 02:05:29 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:05:29 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:05:29 -------------------------------------------------------------------------------- -2017-08-27 02:05:29 Request: -User: "tobkle", role: "admin", id: "59a20cc84bf691038d8fccea", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59a20cc84bf691038d8fccea") -} - -2017-08-27 02:05:29 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:05:29 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:05:29 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:05:29 removed user 59a20cc84bf691038d8fccea. -2017-08-27 02:05:29 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:05:29 -------------------------------------------------------------------------------- -2017-08-27 02:05:29 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59a20cc84bf691038d8fccea") { - username - bio - role - } -} - -2017-08-27 02:05:29 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:05:29 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:06:43 Logger started -2017-08-27 02:06:56 -------------------------------------------------------------------------------- -2017-08-27 02:06:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-27 02:06:56 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:06:56 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:07:17 -------------------------------------------------------------------------------- -2017-08-27 02:07:17 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "admin"}) { - id - role - } -} - -2017-08-27 02:07:17 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:07:17 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:07:17 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:07:17 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-27 02:07:17 inserted user 59a20d35dce0b1045f71660e. -2017-08-27 02:07:17 -------------------------------------------------------------------------------- -2017-08-27 02:07:17 Request: -User: "tobkle", role: "admin", id: "59a20d35dce0b1045f71660e", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "zol@gmail.com", password: "password", username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-27 02:07:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:07:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:07:17 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:07:17 inserted user 59a20d35dce0b1045f71660f. -2017-08-27 02:07:17 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-27 02:07:17 -------------------------------------------------------------------------------- -2017-08-27 02:07:17 Request: -User: "tobkle", role: "admin", id: "59a20d35dce0b1045f71660e", -Operation: "", variables: "", -Query: -{ - user(id: "59a20d35dce0b1045f71660f") { - username - bio - role - } -} - -2017-08-27 02:07:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:07:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:07:17 -------------------------------------------------------------------------------- -2017-08-27 02:07:17 Request: -User: "tobkle", role: "admin", id: "59a20d35dce0b1045f71660e", -Operation: "", variables: "", -Query: -{ - user(id: "59a20d35dce0b1045f71660e") { - username - role - } -} - -2017-08-27 02:07:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:07:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:07:17 -------------------------------------------------------------------------------- -2017-08-27 02:07:17 Request: -User: "tobkle", role: "admin", id: "59a20d35dce0b1045f71660e", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a20d35dce0b1045f71660f", input: {email: "undefined", password: "undefined", username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-27 02:07:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:07:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:07:17 -------------------------------------------------------------------------------- -2017-08-27 02:07:17 Request: -User: "tobkle", role: "admin", id: "59a20d35dce0b1045f71660e", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a20d35dce0b1045f71660e", input: {email: "undefined", password: "undefined", username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-27 02:07:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:07:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:07:17 -------------------------------------------------------------------------------- -2017-08-27 02:07:17 Request: -User: "tobkle", role: "admin", id: "59a20d35dce0b1045f71660e", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a20d35dce0b1045f71660f", input: {email: "undefined", password: "undefined", username: "zoltan", bio: "now an admin", role: "admin"}) { - username - bio - role - } -} - -2017-08-27 02:07:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:07:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:07:17 -------------------------------------------------------------------------------- -2017-08-27 02:07:17 Request: -User: "tobkle", role: "admin", id: "59a20d35dce0b1045f71660e", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a20d35dce0b1045f71660e", input: {email: "undefined", password: "undefined", username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-27 02:07:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:07:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:07:17 -------------------------------------------------------------------------------- -2017-08-27 02:07:17 Request: -User: "tobkle", role: "admin", id: "59a20d35dce0b1045f71660e", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a20d35dce0b1045f71660e", input: {email: "undefined", password: "undefined", username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-27 02:07:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:07:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:07:17 -------------------------------------------------------------------------------- -2017-08-27 02:07:17 Request: -User: "zol", role: "editor", id: "59a20d35dce0b1045f71660f", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a20d35dce0b1045f71660e", input: {email: "undefined", password: "undefined", username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-27 02:07:17 Authorize readOne 'user findOneById' with user 'zol' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a20d35dce0b1045f71660f" - } - ] -} -2017-08-27 02:07:17 Authorize readOne 'tweet findOneById' with user 'zol' and role 'editor' is authorized -2017-08-27 02:07:17 -------------------------------------------------------------------------------- -2017-08-27 02:07:17 Request: -User: "tobkle", role: "admin", id: "59a20d35dce0b1045f71660e", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59a20d35dce0b1045f71660f") -} - -2017-08-27 02:07:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:07:17 removed user 59a20d35dce0b1045f71660f. -2017-08-27 02:07:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:07:17 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:07:17 -------------------------------------------------------------------------------- -2017-08-27 02:07:17 Request: -User: "tobkle", role: "admin", id: "59a20d35dce0b1045f71660e", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59a20d35dce0b1045f71660e", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-27 02:07:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:07:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:07:17 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:07:17 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-27 02:07:17 inserted tweet 59a20d35dce0b1045f716610. -2017-08-27 02:07:17 -------------------------------------------------------------------------------- -2017-08-27 02:07:17 Request: -User: "tobkle", role: "admin", id: "59a20d35dce0b1045f71660e", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-27 02:07:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:07:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:07:17 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:07:17 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-27 02:07:17 -------------------------------------------------------------------------------- -2017-08-27 02:07:17 inserted tweet 59a20d35dce0b1045f716611. -2017-08-27 02:07:17 Request: -User: "tobkle", role: "admin", id: "59a20d35dce0b1045f71660e", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a20d35dce0b1045f716610") { - author { - id - } - body - } -} - -2017-08-27 02:07:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:07:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:07:17 -------------------------------------------------------------------------------- -2017-08-27 02:07:17 Request: -User: "tobkle", role: "admin", id: "59a20d35dce0b1045f71660e", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-27 02:07:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:07:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:07:17 -------------------------------------------------------------------------------- -2017-08-27 02:07:17 Request: -User: "tobkle", role: "admin", id: "59a20d35dce0b1045f71660e", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59a20d35dce0b1045f716610", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-27 02:07:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:07:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:07:17 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:07:17 updated tweet 59a20d35dce0b1045f716610. -2017-08-27 02:07:17 -------------------------------------------------------------------------------- -2017-08-27 02:07:17 Request: -User: "tobkle", role: "admin", id: "59a20d35dce0b1045f71660e", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59a20d35dce0b1045f716611", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-27 02:07:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:07:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:07:17 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:07:17 updated tweet 59a20d35dce0b1045f716611. -2017-08-27 02:07:17 -------------------------------------------------------------------------------- -2017-08-27 02:07:17 Request: -User: "tobkle", role: "admin", id: "59a20d35dce0b1045f71660e", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a20d35dce0b1045f716610") { - body - } -} - -2017-08-27 02:07:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:07:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:07:17 -------------------------------------------------------------------------------- -2017-08-27 02:07:17 Request: -User: "tobkle", role: "admin", id: "59a20d35dce0b1045f71660e", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59a20d35dce0b1045f716610") -} - -2017-08-27 02:07:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:07:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:07:17 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:07:17 removed tweet 59a20d35dce0b1045f716610. -2017-08-27 02:07:17 -------------------------------------------------------------------------------- -2017-08-27 02:07:17 Request: -User: "tobkle", role: "admin", id: "59a20d35dce0b1045f71660e", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59a20d35dce0b1045f716611") -} - -2017-08-27 02:07:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:07:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:07:17 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:07:17 removed tweet 59a20d35dce0b1045f716611. -2017-08-27 02:07:17 -------------------------------------------------------------------------------- -2017-08-27 02:07:17 Request: -User: "tobkle", role: "admin", id: "59a20d35dce0b1045f71660e", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a20d35dce0b1045f716610") { - body - } -} - -2017-08-27 02:07:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:07:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:07:17 -------------------------------------------------------------------------------- -2017-08-27 02:07:17 Request: -User: "tobkle", role: "admin", id: "59a20d35dce0b1045f71660e", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59a20d35dce0b1045f71660e") -} - -2017-08-27 02:07:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:07:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:07:17 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:07:17 removed user 59a20d35dce0b1045f71660e. -2017-08-27 02:07:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:07:17 -------------------------------------------------------------------------------- -2017-08-27 02:07:17 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59a20d35dce0b1045f71660e") { - username - bio - role - } -} - -2017-08-27 02:07:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:07:17 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:17:56 -------------------------------------------------------------------------------- -2017-08-27 02:17:56 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-27 02:17:56 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:17:56 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:18:17 -------------------------------------------------------------------------------- -2017-08-27 02:18:17 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "admin"}) { - id - role - } -} - -2017-08-27 02:18:17 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:18:17 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:18:17 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:18:17 inserted user 59a20fc9dce0b1045f716612. -2017-08-27 02:18:17 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-27 02:18:17 -------------------------------------------------------------------------------- -2017-08-27 02:18:17 Request: -User: "tobkle", role: "admin", id: "59a20fc9dce0b1045f716612", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "zol@gmail.com", password: "password", username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-27 02:18:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:18:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:18:17 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:18:17 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-27 02:18:17 inserted user 59a20fc9dce0b1045f716613. -2017-08-27 02:18:17 -------------------------------------------------------------------------------- -2017-08-27 02:18:17 Request: -User: "tobkle", role: "admin", id: "59a20fc9dce0b1045f716612", -Operation: "", variables: "", -Query: -{ - user(id: "59a20fc9dce0b1045f716613") { - username - bio - role - } -} - -2017-08-27 02:18:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:18:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:18:17 -------------------------------------------------------------------------------- -2017-08-27 02:18:17 Request: -User: "tobkle", role: "admin", id: "59a20fc9dce0b1045f716612", -Operation: "", variables: "", -Query: -{ - user(id: "59a20fc9dce0b1045f716612") { - username - role - } -} - -2017-08-27 02:18:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:18:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:18:17 -------------------------------------------------------------------------------- -2017-08-27 02:18:17 Request: -User: "tobkle", role: "admin", id: "59a20fc9dce0b1045f716612", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a20fc9dce0b1045f716613", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-27 02:18:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:18:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:18:17 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:18:17 updated user 59a20fc9dce0b1045f716613. -2017-08-27 02:18:17 -------------------------------------------------------------------------------- -2017-08-27 02:18:17 Request: -User: "tobkle", role: "admin", id: "59a20fc9dce0b1045f716612", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a20fc9dce0b1045f716612", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-27 02:18:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:18:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:18:17 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:18:17 updated user 59a20fc9dce0b1045f716612. -2017-08-27 02:18:17 -------------------------------------------------------------------------------- -2017-08-27 02:18:17 Request: -User: "tobkle", role: "admin", id: "59a20fc9dce0b1045f716612", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a20fc9dce0b1045f716613", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { - username - bio - role - } -} - -2017-08-27 02:18:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:18:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:18:17 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:18:17 updated user 59a20fc9dce0b1045f716613. -2017-08-27 02:18:17 -------------------------------------------------------------------------------- -2017-08-27 02:18:17 Request: -User: "tobkle", role: "admin", id: "59a20fc9dce0b1045f716612", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a20fc9dce0b1045f716612", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-27 02:18:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:18:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:18:17 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:18:17 updated user 59a20fc9dce0b1045f716612. -2017-08-27 02:18:17 -------------------------------------------------------------------------------- -2017-08-27 02:18:17 Request: -User: "tobkle", role: "editor", id: "59a20fc9dce0b1045f716612", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a20fc9dce0b1045f716612", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-27 02:18:17 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a20fc9dce0b1045f716612" - } - ] -} -2017-08-27 02:18:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-27 02:18:17 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a20fc9dce0b1045f716612" - } - ] -} -2017-08-27 02:18:17 updated user 59a20fc9dce0b1045f716612. -2017-08-27 02:18:17 -------------------------------------------------------------------------------- -2017-08-27 02:18:17 Request: -User: "zoltan", role: "admin", id: "59a20fc9dce0b1045f716613", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a20fc9dce0b1045f716612", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-27 02:18:17 Authorize readOne 'user findOneById' with user 'zoltan' and role 'admin' is authorized -2017-08-27 02:18:17 Authorize readOne 'tweet findOneById' with user 'zoltan' and role 'admin' is authorized -2017-08-27 02:18:17 Authorize update 'updateUser' with user 'zoltan' and role 'admin' is authorized -2017-08-27 02:18:17 updated user 59a20fc9dce0b1045f716612. -2017-08-27 02:18:17 -------------------------------------------------------------------------------- -2017-08-27 02:18:17 Request: -User: "tobkle", role: "admin", id: "59a20fc9dce0b1045f716612", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59a20fc9dce0b1045f716613") -} - -2017-08-27 02:18:17 removed user 59a20fc9dce0b1045f716613. -2017-08-27 02:18:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:18:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:18:17 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:18:17 -------------------------------------------------------------------------------- -2017-08-27 02:18:17 Request: -User: "tobkle", role: "admin", id: "59a20fc9dce0b1045f716612", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59a20fc9dce0b1045f716612", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-27 02:18:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:18:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:18:17 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:18:17 inserted tweet 59a20fc9dce0b1045f716614. -2017-08-27 02:18:17 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-27 02:18:17 -------------------------------------------------------------------------------- -2017-08-27 02:18:17 Request: -User: "tobkle", role: "admin", id: "59a20fc9dce0b1045f716612", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-27 02:18:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:18:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:18:17 -------------------------------------------------------------------------------- -2017-08-27 02:18:17 Request: -User: "tobkle", role: "admin", id: "59a20fc9dce0b1045f716612", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a20fc9dce0b1045f716614") { - author { - id - } - body - } -} - -2017-08-27 02:18:17 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:18:17 inserted tweet 59a20fc9dce0b1045f716615. -2017-08-27 02:18:17 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-27 02:18:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:18:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:18:17 -------------------------------------------------------------------------------- -2017-08-27 02:18:17 Request: -User: "tobkle", role: "admin", id: "59a20fc9dce0b1045f716612", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-27 02:18:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:18:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:18:17 -------------------------------------------------------------------------------- -2017-08-27 02:18:17 Request: -User: "tobkle", role: "admin", id: "59a20fc9dce0b1045f716612", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59a20fc9dce0b1045f716614", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-27 02:18:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:18:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:18:17 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:18:17 updated tweet 59a20fc9dce0b1045f716614. -2017-08-27 02:18:17 -------------------------------------------------------------------------------- -2017-08-27 02:18:17 Request: -User: "tobkle", role: "admin", id: "59a20fc9dce0b1045f716612", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59a20fc9dce0b1045f716615", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-27 02:18:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:18:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:18:17 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:18:17 updated tweet 59a20fc9dce0b1045f716615. -2017-08-27 02:18:17 -------------------------------------------------------------------------------- -2017-08-27 02:18:17 Request: -User: "tobkle", role: "admin", id: "59a20fc9dce0b1045f716612", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a20fc9dce0b1045f716614") { - body - } -} - -2017-08-27 02:18:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:18:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:18:17 -------------------------------------------------------------------------------- -2017-08-27 02:18:17 Request: -User: "tobkle", role: "admin", id: "59a20fc9dce0b1045f716612", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59a20fc9dce0b1045f716614") -} - -2017-08-27 02:18:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:18:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:18:17 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:18:17 removed tweet 59a20fc9dce0b1045f716614. -2017-08-27 02:18:17 -------------------------------------------------------------------------------- -2017-08-27 02:18:17 Request: -User: "tobkle", role: "admin", id: "59a20fc9dce0b1045f716612", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59a20fc9dce0b1045f716615") -} - -2017-08-27 02:18:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:18:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:18:17 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:18:17 removed tweet 59a20fc9dce0b1045f716615. -2017-08-27 02:18:17 -------------------------------------------------------------------------------- -2017-08-27 02:18:17 Request: -User: "tobkle", role: "admin", id: "59a20fc9dce0b1045f716612", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a20fc9dce0b1045f716614") { - body - } -} - -2017-08-27 02:18:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:18:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:18:17 -------------------------------------------------------------------------------- -2017-08-27 02:18:17 Request: -User: "tobkle", role: "admin", id: "59a20fc9dce0b1045f716612", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59a20fc9dce0b1045f716612") -} - -2017-08-27 02:18:17 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:18:17 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:18:17 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:18:17 removed user 59a20fc9dce0b1045f716612. -2017-08-27 02:18:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:18:17 -------------------------------------------------------------------------------- -2017-08-27 02:18:17 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59a20fc9dce0b1045f716612") { - username - bio - role - } -} - -2017-08-27 02:18:17 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:18:17 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:19:15 -------------------------------------------------------------------------------- -2017-08-27 02:19:15 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-27 02:19:15 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:19:15 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:19:36 -------------------------------------------------------------------------------- -2017-08-27 02:19:36 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "admin"}) { - id - role - } -} - -2017-08-27 02:19:36 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:19:36 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:19:36 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:19:36 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-27 02:19:36 inserted user 59a21018dce0b1045f716616. -2017-08-27 02:19:36 -------------------------------------------------------------------------------- -2017-08-27 02:19:36 Request: -User: "tobkle", role: "admin", id: "59a21018dce0b1045f716616", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "zol@gmail.com", password: "password", username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-27 02:19:36 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:19:36 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:19:36 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:19:36 inserted user 59a21018dce0b1045f716617. -2017-08-27 02:19:36 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-27 02:19:36 -------------------------------------------------------------------------------- -2017-08-27 02:19:36 Request: -User: "tobkle", role: "admin", id: "59a21018dce0b1045f716616", -Operation: "", variables: "", -Query: -{ - user(id: "59a21018dce0b1045f716617") { - username - bio - role - } -} - -2017-08-27 02:19:36 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:19:36 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:19:36 -------------------------------------------------------------------------------- -2017-08-27 02:19:36 Request: -User: "tobkle", role: "admin", id: "59a21018dce0b1045f716616", -Operation: "", variables: "", -Query: -{ - user(id: "59a21018dce0b1045f716616") { - username - role - } -} - -2017-08-27 02:19:36 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:19:36 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:19:36 -------------------------------------------------------------------------------- -2017-08-27 02:19:36 Request: -User: "tobkle", role: "admin", id: "59a21018dce0b1045f716616", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a21018dce0b1045f716617", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-27 02:19:36 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:19:36 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:19:36 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:19:36 updated user 59a21018dce0b1045f716617. -2017-08-27 02:19:36 -------------------------------------------------------------------------------- -2017-08-27 02:19:36 Request: -User: "tobkle", role: "admin", id: "59a21018dce0b1045f716616", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a21018dce0b1045f716616", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-27 02:19:36 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:19:36 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:19:36 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:19:36 updated user 59a21018dce0b1045f716616. -2017-08-27 02:19:36 -------------------------------------------------------------------------------- -2017-08-27 02:19:36 Request: -User: "tobkle", role: "admin", id: "59a21018dce0b1045f716616", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a21018dce0b1045f716617", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { - username - bio - role - } -} - -2017-08-27 02:19:36 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:19:36 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:19:36 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:19:36 updated user 59a21018dce0b1045f716617. -2017-08-27 02:19:36 -------------------------------------------------------------------------------- -2017-08-27 02:19:36 Request: -User: "tobkle", role: "admin", id: "59a21018dce0b1045f716616", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a21018dce0b1045f716616", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-27 02:19:36 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:19:36 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:19:36 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:19:36 updated user 59a21018dce0b1045f716616. -2017-08-27 02:19:36 -------------------------------------------------------------------------------- -2017-08-27 02:19:36 Request: -User: "tobkle", role: "editor", id: "59a21018dce0b1045f716616", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a21018dce0b1045f716616", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-27 02:19:36 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a21018dce0b1045f716616" - } - ] -} -2017-08-27 02:19:36 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-27 02:19:36 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a21018dce0b1045f716616" - } - ] -} -2017-08-27 02:19:36 updated user 59a21018dce0b1045f716616. -2017-08-27 02:19:36 -------------------------------------------------------------------------------- -2017-08-27 02:19:36 Request: -User: "zoltan", role: "admin", id: "59a21018dce0b1045f716617", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a21018dce0b1045f716616", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-27 02:19:36 Authorize readOne 'user findOneById' with user 'zoltan' and role 'admin' is authorized -2017-08-27 02:19:36 Authorize readOne 'tweet findOneById' with user 'zoltan' and role 'admin' is authorized -2017-08-27 02:19:36 Authorize update 'updateUser' with user 'zoltan' and role 'admin' is authorized -2017-08-27 02:19:36 updated user 59a21018dce0b1045f716616. -2017-08-27 02:19:36 -------------------------------------------------------------------------------- -2017-08-27 02:19:36 Request: -User: "tobkle", role: "admin", id: "59a21018dce0b1045f716616", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59a21018dce0b1045f716617") -} - -2017-08-27 02:19:36 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:19:36 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:19:36 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:19:36 removed user 59a21018dce0b1045f716617. -2017-08-27 02:19:36 -------------------------------------------------------------------------------- -2017-08-27 02:19:36 Request: -User: "tobkle", role: "admin", id: "59a21018dce0b1045f716616", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59a21018dce0b1045f716616", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-27 02:19:36 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:19:36 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:19:36 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:19:36 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-27 02:19:36 inserted tweet 59a21018dce0b1045f716618. -2017-08-27 02:19:36 -------------------------------------------------------------------------------- -2017-08-27 02:19:36 Request: -User: "tobkle", role: "admin", id: "59a21018dce0b1045f716616", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-27 02:19:36 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:19:36 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:19:36 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:19:36 -------------------------------------------------------------------------------- -2017-08-27 02:19:36 Request: -User: "tobkle", role: "admin", id: "59a21018dce0b1045f716616", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a21018dce0b1045f716618") { - author { - id - } - body - } -} - -2017-08-27 02:19:36 inserted tweet 59a21018dce0b1045f716619. -2017-08-27 02:19:36 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-27 02:19:36 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:19:36 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:19:36 -------------------------------------------------------------------------------- -2017-08-27 02:19:36 Request: -User: "tobkle", role: "admin", id: "59a21018dce0b1045f716616", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-27 02:19:36 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:19:36 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:19:36 -------------------------------------------------------------------------------- -2017-08-27 02:19:36 Request: -User: "tobkle", role: "admin", id: "59a21018dce0b1045f716616", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59a21018dce0b1045f716618", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-27 02:19:36 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:19:36 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:19:36 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:19:36 updated tweet 59a21018dce0b1045f716618. -2017-08-27 02:19:36 -------------------------------------------------------------------------------- -2017-08-27 02:19:36 Request: -User: "tobkle", role: "admin", id: "59a21018dce0b1045f716616", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59a21018dce0b1045f716619", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-27 02:19:36 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:19:36 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:19:36 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:19:36 updated tweet 59a21018dce0b1045f716619. -2017-08-27 02:19:36 -------------------------------------------------------------------------------- -2017-08-27 02:19:36 Request: -User: "tobkle", role: "admin", id: "59a21018dce0b1045f716616", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a21018dce0b1045f716618") { - body - } -} - -2017-08-27 02:19:36 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:19:36 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:19:36 -------------------------------------------------------------------------------- -2017-08-27 02:19:36 Request: -User: "tobkle", role: "admin", id: "59a21018dce0b1045f716616", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59a21018dce0b1045f716618") -} - -2017-08-27 02:19:36 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:19:36 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:19:36 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:19:36 removed tweet 59a21018dce0b1045f716618. -2017-08-27 02:19:36 -------------------------------------------------------------------------------- -2017-08-27 02:19:36 Request: -User: "tobkle", role: "admin", id: "59a21018dce0b1045f716616", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59a21018dce0b1045f716619") -} - -2017-08-27 02:19:36 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:19:36 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:19:36 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:19:36 removed tweet 59a21018dce0b1045f716619. -2017-08-27 02:19:36 -------------------------------------------------------------------------------- -2017-08-27 02:19:36 Request: -User: "tobkle", role: "admin", id: "59a21018dce0b1045f716616", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a21018dce0b1045f716618") { - body - } -} - -2017-08-27 02:19:36 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:19:36 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:19:36 -------------------------------------------------------------------------------- -2017-08-27 02:19:36 Request: -User: "tobkle", role: "admin", id: "59a21018dce0b1045f716616", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59a21018dce0b1045f716616") -} - -2017-08-27 02:19:36 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:19:36 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:19:36 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:19:36 removed user 59a21018dce0b1045f716616. -2017-08-27 02:19:36 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:19:36 -------------------------------------------------------------------------------- -2017-08-27 02:19:36 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59a21018dce0b1045f716616") { - username - bio - role - } -} - -2017-08-27 02:19:36 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:19:36 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:23:03 -------------------------------------------------------------------------------- -2017-08-27 02:23:03 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-27 02:23:03 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:03 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 -------------------------------------------------------------------------------- -2017-08-27 02:23:24 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 -------------------------------------------------------------------------------- -2017-08-27 02:23:24 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - role - username - } -} - -2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 -------------------------------------------------------------------------------- -2017-08-27 02:23:24 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - role - username - } -} - -2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 -------------------------------------------------------------------------------- -2017-08-27 02:23:24 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca2") { - role - username - } -} - -2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 -------------------------------------------------------------------------------- -2017-08-27 02:23:24 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - id - username - bio - } -} - -2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 -------------------------------------------------------------------------------- -2017-08-27 02:23:24 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users { - username - createdAt - } -} - -2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 -------------------------------------------------------------------------------- -2017-08-27 02:23:24 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(limit: 1) { - username - createdAt - } -} - -2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 -------------------------------------------------------------------------------- -2017-08-27 02:23:24 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993) { - username - createdAt - } -} - -2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 -------------------------------------------------------------------------------- -2017-08-27 02:23:24 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } -} - -2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 -------------------------------------------------------------------------------- -2017-08-27 02:23:24 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers { - username - createdAt - } - } -} - -2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 -------------------------------------------------------------------------------- -2017-08-27 02:23:24 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(limit: 1) { - username - createdAt - } - } -} - -2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 -------------------------------------------------------------------------------- -2017-08-27 02:23:24 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 -------------------------------------------------------------------------------- -2017-08-27 02:23:24 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 -------------------------------------------------------------------------------- -2017-08-27 02:23:24 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following { - username - createdAt - } - } -} - -2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 -------------------------------------------------------------------------------- -2017-08-27 02:23:24 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(limit: 1) { - username - createdAt - } - } -} - -2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 -------------------------------------------------------------------------------- -2017-08-27 02:23:24 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 -------------------------------------------------------------------------------- -2017-08-27 02:23:24 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 -------------------------------------------------------------------------------- -2017-08-27 02:23:24 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets { - id - createdAt - } - } -} - -2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 -------------------------------------------------------------------------------- -2017-08-27 02:23:24 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(limit: 1) { - id - createdAt - } - } -} - -2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 -------------------------------------------------------------------------------- -2017-08-27 02:23:24 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } - } -} - -2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 -------------------------------------------------------------------------------- -2017-08-27 02:23:24 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } - } -} - -2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 -------------------------------------------------------------------------------- -2017-08-27 02:23:24 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked { - id - createdAt - } - } -} - -2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 -------------------------------------------------------------------------------- -2017-08-27 02:23:24 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(limit: 1) { - id - createdAt - } - } -} - -2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 -------------------------------------------------------------------------------- -2017-08-27 02:23:24 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334) { - id - createdAt - } - } -} - -2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 -------------------------------------------------------------------------------- -2017-08-27 02:23:24 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334, limit: 1) { - id - createdAt - } - } -} - -2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 -------------------------------------------------------------------------------- -2017-08-27 02:23:24 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - id - body - } -} - -2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 -------------------------------------------------------------------------------- -2017-08-27 02:23:24 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets { - id - createdAt - } -} - -2017-08-27 02:23:24 -------------------------------------------------------------------------------- -2017-08-27 02:23:24 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - author { - username - } - } -} - -2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 -------------------------------------------------------------------------------- -2017-08-27 02:23:24 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(limit: 1) { - id - createdAt - } -} - -2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 -------------------------------------------------------------------------------- -2017-08-27 02:23:24 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } -} - -2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 -------------------------------------------------------------------------------- -2017-08-27 02:23:24 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } -} - -2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 -------------------------------------------------------------------------------- -2017-08-27 02:23:24 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers { - username - createdAt - } - } -} - -2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 -------------------------------------------------------------------------------- -2017-08-27 02:23:24 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(limit: 1) { - username - createdAt - } - } -} - -2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 -------------------------------------------------------------------------------- -2017-08-27 02:23:24 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993) { - username - createdAt - } - } -} - -2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 -------------------------------------------------------------------------------- -2017-08-27 02:23:24 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } - } -} - -2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 -------------------------------------------------------------------------------- -2017-08-27 02:23:24 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "admin"}) { - id - role - } -} - -2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-27 02:23:24 inserted user 59a210fcdce0b1045f71661a. -2017-08-27 02:23:24 -------------------------------------------------------------------------------- -2017-08-27 02:23:24 Request: -User: "tobkle", role: "admin", id: "59a210fcdce0b1045f71661a", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "zol@gmail.com", password: "password", username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-27 02:23:24 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:23:24 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:23:25 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:23:25 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-27 02:23:25 inserted user 59a210fddce0b1045f71661b. -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 Request: -User: "tobkle", role: "admin", id: "59a210fcdce0b1045f71661a", -Operation: "", variables: "", -Query: -{ - user(id: "59a210fddce0b1045f71661b") { - username - bio - role - } -} - -2017-08-27 02:23:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 Request: -User: "tobkle", role: "admin", id: "59a210fcdce0b1045f71661a", -Operation: "", variables: "", -Query: -{ - user(id: "59a210fcdce0b1045f71661a") { - username - role - } -} - -2017-08-27 02:23:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 Request: -User: "tobkle", role: "admin", id: "59a210fcdce0b1045f71661a", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a210fddce0b1045f71661b", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-27 02:23:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:23:25 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:23:25 updated user 59a210fddce0b1045f71661b. -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 Request: -User: "tobkle", role: "admin", id: "59a210fcdce0b1045f71661a", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a210fcdce0b1045f71661a", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-27 02:23:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:23:25 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:23:25 updated user 59a210fcdce0b1045f71661a. -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 Request: -User: "tobkle", role: "admin", id: "59a210fcdce0b1045f71661a", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a210fddce0b1045f71661b", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { - username - bio - role - } -} - -2017-08-27 02:23:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:23:25 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:23:25 updated user 59a210fddce0b1045f71661b. -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 Request: -User: "tobkle", role: "admin", id: "59a210fcdce0b1045f71661a", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a210fcdce0b1045f71661a", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-27 02:23:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:23:25 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:23:25 updated user 59a210fcdce0b1045f71661a. -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 Request: -User: "tobkle", role: "editor", id: "59a210fcdce0b1045f71661a", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a210fcdce0b1045f71661a", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-27 02:23:25 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a210fcdce0b1045f71661a" - } - ] -} -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-27 02:23:25 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a210fcdce0b1045f71661a" - } - ] -} -2017-08-27 02:23:25 updated user 59a210fcdce0b1045f71661a. -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 Request: -User: "zoltan", role: "admin", id: "59a210fddce0b1045f71661b", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a210fcdce0b1045f71661a", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-27 02:23:25 Authorize readOne 'user findOneById' with user 'zoltan' and role 'admin' is authorized -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user 'zoltan' and role 'admin' is authorized -2017-08-27 02:23:25 Authorize update 'updateUser' with user 'zoltan' and role 'admin' is authorized -2017-08-27 02:23:25 updated user 59a210fcdce0b1045f71661a. -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 Request: -User: "tobkle", role: "admin", id: "59a210fcdce0b1045f71661a", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59a210fddce0b1045f71661b") -} - -2017-08-27 02:23:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:23:25 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:23:25 removed user 59a210fddce0b1045f71661b. -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 Request: -User: "tobkle", role: "admin", id: "59a210fcdce0b1045f71661a", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59a210fcdce0b1045f71661a", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-27 02:23:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:23:25 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:23:25 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-27 02:23:25 inserted tweet 59a210fddce0b1045f71661c. -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 Request: -User: "tobkle", role: "admin", id: "59a210fcdce0b1045f71661a", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-27 02:23:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 Request: -User: "tobkle", role: "admin", id: "59a210fcdce0b1045f71661a", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a210fddce0b1045f71661c") { - author { - id - } - body - } -} - -2017-08-27 02:23:25 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:23:25 inserted tweet 59a210fddce0b1045f71661d. -2017-08-27 02:23:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:23:25 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 Request: -User: "tobkle", role: "admin", id: "59a210fcdce0b1045f71661a", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-27 02:23:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 Request: -User: "tobkle", role: "admin", id: "59a210fcdce0b1045f71661a", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59a210fddce0b1045f71661c", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-27 02:23:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:23:25 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:23:25 updated tweet 59a210fddce0b1045f71661c. -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 Request: -User: "tobkle", role: "admin", id: "59a210fcdce0b1045f71661a", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59a210fddce0b1045f71661d", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-27 02:23:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:23:25 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:23:25 updated tweet 59a210fddce0b1045f71661d. -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 Request: -User: "tobkle", role: "admin", id: "59a210fcdce0b1045f71661a", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a210fddce0b1045f71661c") { - body - } -} - -2017-08-27 02:23:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 Request: -User: "tobkle", role: "admin", id: "59a210fcdce0b1045f71661a", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59a210fddce0b1045f71661c") -} - -2017-08-27 02:23:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:23:25 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:23:25 removed tweet 59a210fddce0b1045f71661c. -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 Request: -User: "tobkle", role: "admin", id: "59a210fcdce0b1045f71661a", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59a210fddce0b1045f71661d") -} - -2017-08-27 02:23:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:23:25 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:23:25 removed tweet 59a210fddce0b1045f71661d. -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 Request: -User: "tobkle", role: "admin", id: "59a210fcdce0b1045f71661a", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a210fddce0b1045f71661c") { - body - } -} - -2017-08-27 02:23:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 Request: -User: "tobkle", role: "admin", id: "59a210fcdce0b1045f71661a", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59a210fcdce0b1045f71661a") -} - -2017-08-27 02:23:25 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:23:25 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:23:25 removed user 59a210fcdce0b1045f71661a. -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59a210fcdce0b1045f71661a") { - username - bio - role - } -} - -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "admin"}) { - id - } -} - -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:23:25 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:23:25 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:23:25 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:23:25 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:23:25 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:23:25 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:23:25 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "admin"}) { - id - role - } -} - -2017-08-27 02:23:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:25 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:25 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-27 02:23:25 inserted user 59a210fddce0b1045f71661e. -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "zol@gmail.com", password: "password", username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:23:25 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "undefined") { - username - } -} - -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "undefined") { - username - role - } -} - -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:23:25 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:23:25 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "undefined", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:23:25 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "undefined") { - author { - id - } - body - } -} - -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "undefined", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:23:25 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "undefined") { - body - } -} - -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "undefined") -} - -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:23:25 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "undefined") { - body - } -} - -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "undefined") -} - -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "undefined") { - username - bio - role - } -} - -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "admin"}) { - id - role - } -} - -2017-08-27 02:23:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:25 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:23:25 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-27 02:23:25 inserted user 59a210fddce0b1045f71661f. -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 -------------------------------------------------------------------------------- -2017-08-27 02:23:25 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "zol@gmail.com", password: "password", username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-27 02:23:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:23:26 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:26 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:26 -------------------------------------------------------------------------------- -2017-08-27 02:23:26 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:26 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:26 -------------------------------------------------------------------------------- -2017-08-27 02:23:26 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "undefined") { - username - role - } -} - -2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:26 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:26 -------------------------------------------------------------------------------- -2017-08-27 02:23:26 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:26 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:26 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:23:26 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:26 -------------------------------------------------------------------------------- -2017-08-27 02:23:26 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "undefined", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:26 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:26 -------------------------------------------------------------------------------- -2017-08-27 02:23:26 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "undefined", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:26 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:26 -------------------------------------------------------------------------------- -2017-08-27 02:23:26 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:26 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:26 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:23:26 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:26 -------------------------------------------------------------------------------- -2017-08-27 02:23:26 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "undefined", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:26 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:26 -------------------------------------------------------------------------------- -2017-08-27 02:23:26 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:26 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:26 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:23:26 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:26 -------------------------------------------------------------------------------- -2017-08-27 02:23:26 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "undefined") { - author { - id - } - body - } -} - -2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:26 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:26 -------------------------------------------------------------------------------- -2017-08-27 02:23:26 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:26 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:26 -------------------------------------------------------------------------------- -2017-08-27 02:23:26 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "undefined", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:26 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:26 -------------------------------------------------------------------------------- -2017-08-27 02:23:26 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:26 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:26 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:23:26 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:26 -------------------------------------------------------------------------------- -2017-08-27 02:23:26 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "undefined") { - body - } -} - -2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:26 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:26 -------------------------------------------------------------------------------- -2017-08-27 02:23:26 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "undefined") -} - -2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:26 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:26 -------------------------------------------------------------------------------- -2017-08-27 02:23:26 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:26 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:26 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:23:26 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:26 -------------------------------------------------------------------------------- -2017-08-27 02:23:26 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "undefined") { - body - } -} - -2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:26 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:26 -------------------------------------------------------------------------------- -2017-08-27 02:23:26 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "undefined") -} - -2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:26 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:26 -------------------------------------------------------------------------------- -2017-08-27 02:23:26 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "undefined") { - username - bio - role - } -} - -2017-08-27 02:23:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:23:26 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:25:30 -------------------------------------------------------------------------------- -2017-08-27 02:25:30 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-27 02:25:30 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:25:30 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:25:51 -------------------------------------------------------------------------------- -2017-08-27 02:25:51 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "admin"}) { - id - role - } -} - -2017-08-27 02:25:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:25:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:25:51 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:25:51 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-27 02:25:51 inserted user 59a2118fdce0b1045f716620. -2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:25:51 -------------------------------------------------------------------------------- -2017-08-27 02:25:51 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "zol@gmail.com", password: "password", username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:25:51 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:25:51 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-27 02:25:51 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:25:51 -------------------------------------------------------------------------------- -2017-08-27 02:25:51 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:25:51 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:25:51 -------------------------------------------------------------------------------- -2017-08-27 02:25:51 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "undefined") { - username - } -} - -2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:25:51 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:25:51 -------------------------------------------------------------------------------- -2017-08-27 02:25:51 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "undefined") { - username - role - } -} - -2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:25:51 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:25:51 -------------------------------------------------------------------------------- -2017-08-27 02:25:51 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. -2017-08-27 02:25:51 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:25:51 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:25:51 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. -2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:25:51 -------------------------------------------------------------------------------- -2017-08-27 02:25:51 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:25:51 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:25:51 -------------------------------------------------------------------------------- -2017-08-27 02:25:51 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:25:51 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:25:51 -------------------------------------------------------------------------------- -2017-08-27 02:25:51 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-27 02:25:51 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:25:51 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:25:51 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:25:51 -------------------------------------------------------------------------------- -2017-08-27 02:25:51 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "undefined", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:25:51 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:25:51 -------------------------------------------------------------------------------- -2017-08-27 02:25:51 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-27 02:25:51 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:25:51 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:25:51 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:25:51 -------------------------------------------------------------------------------- -2017-08-27 02:25:51 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "undefined") { - author { - id - } - body - } -} - -2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:25:51 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:25:51 -------------------------------------------------------------------------------- -2017-08-27 02:25:51 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:25:51 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:25:51 -------------------------------------------------------------------------------- -2017-08-27 02:25:51 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "undefined", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:25:51 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:25:51 -------------------------------------------------------------------------------- -2017-08-27 02:25:51 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-27 02:25:51 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:25:51 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:25:51 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:25:51 -------------------------------------------------------------------------------- -2017-08-27 02:25:51 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "undefined") { - body - } -} - -2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:25:51 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:25:51 -------------------------------------------------------------------------------- -2017-08-27 02:25:51 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "undefined") -} - -2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:25:51 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:25:51 -------------------------------------------------------------------------------- -2017-08-27 02:25:51 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-27 02:25:51 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:25:51 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:25:51 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:25:51 -------------------------------------------------------------------------------- -2017-08-27 02:25:51 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "undefined") { - body - } -} - -2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:25:51 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:25:51 -------------------------------------------------------------------------------- -2017-08-27 02:25:51 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "undefined") -} - -2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:25:51 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:25:51 -------------------------------------------------------------------------------- -2017-08-27 02:25:51 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "undefined") { - username - bio - role - } -} - -2017-08-27 02:25:51 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:25:51 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:27:18 -------------------------------------------------------------------------------- -2017-08-27 02:27:18 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-27 02:27:18 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:27:18 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:27:39 -------------------------------------------------------------------------------- -2017-08-27 02:27:39 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "user"}) { - id - role - } -} - -2017-08-27 02:27:39 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:27:39 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:27:39 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:27:39 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-27 02:27:39 inserted user 59a211fbdce0b1045f716621. -2017-08-27 02:27:39 -------------------------------------------------------------------------------- -2017-08-27 02:27:39 Request: -User: "tobkle", role: "user", id: "59a211fbdce0b1045f716621", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "zol@gmail.com", password: "password", username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-27 02:27:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a211fbdce0b1045f716621" - } - ] -} -2017-08-27 02:27:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 02:27:39 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. -2017-08-27 02:27:39 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. -2017-08-27 02:27:39 -------------------------------------------------------------------------------- -2017-08-27 02:27:39 Request: -User: "tobkle", role: "user", id: "59a211fbdce0b1045f716621", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-27 02:27:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a211fbdce0b1045f716621" - } - ] -} -2017-08-27 02:27:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 02:27:39 -------------------------------------------------------------------------------- -2017-08-27 02:27:39 Request: -User: "tobkle", role: "user", id: "59a211fbdce0b1045f716621", -Operation: "", variables: "", -Query: -{ - user(id: "59a211fbdce0b1045f716621") { - username - } -} - -2017-08-27 02:27:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a211fbdce0b1045f716621" - } - ] -} -2017-08-27 02:27:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 02:27:39 -------------------------------------------------------------------------------- -2017-08-27 02:27:39 Request: -User: "tobkle", role: "user", id: "59a211fbdce0b1045f716621", -Operation: "", variables: "", -Query: -{ - user(id: "59a211fbdce0b1045f716621") { - username - role - } -} - -2017-08-27 02:27:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a211fbdce0b1045f716621" - } - ] -} -2017-08-27 02:27:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 02:27:39 -------------------------------------------------------------------------------- -2017-08-27 02:27:39 Request: -User: "tobkle", role: "user", id: "59a211fbdce0b1045f716621", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-27 02:27:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a211fbdce0b1045f716621" - } - ] -} -2017-08-27 02:27:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 02:27:39 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a211fbdce0b1045f716621" - } - ] -} -2017-08-27 02:27:39 ERROR update user not possible for 583291a1638566b3c5a92ca1. -2017-08-27 02:27:39 -------------------------------------------------------------------------------- -2017-08-27 02:27:39 Request: -User: "tobkle", role: "user", id: "59a211fbdce0b1045f716621", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a211fbdce0b1045f716621", input: {username: "tobkle", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-08-27 02:27:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 02:27:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a211fbdce0b1045f716621" - } - ] -} -2017-08-27 02:27:39 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a211fbdce0b1045f716621" - } - ] -} -2017-08-27 02:27:39 updated user 59a211fbdce0b1045f716621. -2017-08-27 02:27:39 -------------------------------------------------------------------------------- -2017-08-27 02:27:39 Request: -User: "tobkle", role: "user", id: "59a211fbdce0b1045f716621", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a211fbdce0b1045f716621", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-27 02:27:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a211fbdce0b1045f716621" - } - ] -} -2017-08-27 02:27:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 02:27:39 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a211fbdce0b1045f716621" - } - ] -} -2017-08-27 02:27:39 updated user 59a211fbdce0b1045f716621. -2017-08-27 02:27:39 -------------------------------------------------------------------------------- -2017-08-27 02:27:39 Request: -User: "tobkle", role: "user", id: "59a211fbdce0b1045f716621", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-27 02:27:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a211fbdce0b1045f716621" - } - ] -} -2017-08-27 02:27:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 02:27:39 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a211fbdce0b1045f716621" - } - ] -} -2017-08-27 02:27:39 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-08-27 02:27:39 -------------------------------------------------------------------------------- -2017-08-27 02:27:39 Request: -User: "tobkle", role: "user", id: "59a211fbdce0b1045f716621", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59a211fbdce0b1045f716621", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-27 02:27:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a211fbdce0b1045f716621" - } - ] -} -2017-08-27 02:27:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 02:27:39 Authorize create 'createTweet' with user 'tobkle' and role: 'user' is authorized by docRole. -2017-08-27 02:27:39 inserted tweet 59a211fbdce0b1045f716622. -2017-08-27 02:27:39 -------------------------------------------------------------------------------- -2017-08-27 02:27:39 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. -2017-08-27 02:27:39 Request: -User: "tobkle", role: "user", id: "59a211fbdce0b1045f716621", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-27 02:27:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a211fbdce0b1045f716621" - } - ] -} -2017-08-27 02:27:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 02:27:39 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. -2017-08-27 02:27:39 -------------------------------------------------------------------------------- -2017-08-27 02:27:39 Request: -User: "tobkle", role: "user", id: "59a211fbdce0b1045f716621", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a211fbdce0b1045f716622") { - author { - id - } - body - } -} - -2017-08-27 02:27:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a211fbdce0b1045f716621" - } - ] -} -2017-08-27 02:27:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 02:27:39 -------------------------------------------------------------------------------- -2017-08-27 02:27:39 Request: -User: "tobkle", role: "user", id: "59a211fbdce0b1045f716621", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-27 02:27:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a211fbdce0b1045f716621" - } - ] -} -2017-08-27 02:27:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 02:27:39 -------------------------------------------------------------------------------- -2017-08-27 02:27:39 Request: -User: "tobkle", role: "user", id: "59a211fbdce0b1045f716621", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59a211fbdce0b1045f716622", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-27 02:27:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a211fbdce0b1045f716621" - } - ] -} -2017-08-27 02:27:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 02:27:39 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59a211fbdce0b1045f716621" - }, - { - "coauthorsIds": "59a211fbdce0b1045f716621" - } - ] -} -2017-08-27 02:27:39 updated tweet 59a211fbdce0b1045f716622. -2017-08-27 02:27:39 -------------------------------------------------------------------------------- -2017-08-27 02:27:39 Request: -User: "tobkle", role: "user", id: "59a211fbdce0b1045f716621", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-27 02:27:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a211fbdce0b1045f716621" - } - ] -} -2017-08-27 02:27:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 02:27:39 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59a211fbdce0b1045f716621" - }, - { - "coauthorsIds": "59a211fbdce0b1045f716621" - } - ] -} -2017-08-27 02:27:39 ERROR update tweet not possible for 583676d3618530145474e352. -2017-08-27 02:27:39 -------------------------------------------------------------------------------- -2017-08-27 02:27:39 Request: -User: "tobkle", role: "user", id: "59a211fbdce0b1045f716621", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a211fbdce0b1045f716622") { - body - } -} - -2017-08-27 02:27:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a211fbdce0b1045f716621" - } - ] -} -2017-08-27 02:27:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 02:27:39 -------------------------------------------------------------------------------- -2017-08-27 02:27:39 Request: -User: "tobkle", role: "user", id: "59a211fbdce0b1045f716621", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59a211fbdce0b1045f716622") -} - -2017-08-27 02:27:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a211fbdce0b1045f716621" - } - ] -} -2017-08-27 02:27:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 02:27:39 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59a211fbdce0b1045f716621" - } - ] -} -2017-08-27 02:27:39 removed tweet 59a211fbdce0b1045f716622. -2017-08-27 02:27:39 -------------------------------------------------------------------------------- -2017-08-27 02:27:39 Request: -User: "tobkle", role: "user", id: "59a211fbdce0b1045f716621", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-27 02:27:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a211fbdce0b1045f716621" - } - ] -} -2017-08-27 02:27:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 02:27:39 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59a211fbdce0b1045f716621" - } - ] -} -2017-08-27 02:27:39 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-08-27 02:27:39 -------------------------------------------------------------------------------- -2017-08-27 02:27:39 Request: -User: "tobkle", role: "user", id: "59a211fbdce0b1045f716621", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a211fbdce0b1045f716622") { - body - } -} - -2017-08-27 02:27:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a211fbdce0b1045f716621" - } - ] -} -2017-08-27 02:27:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 02:27:39 -------------------------------------------------------------------------------- -2017-08-27 02:27:39 Request: -User: "tobkle", role: "user", id: "59a211fbdce0b1045f716621", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59a211fbdce0b1045f716621") -} - -2017-08-27 02:27:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a211fbdce0b1045f716621" - } - ] -} -2017-08-27 02:27:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 02:27:39 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a211fbdce0b1045f716621" - } - ] -} -2017-08-27 02:27:39 removed user 59a211fbdce0b1045f716621. -2017-08-27 02:27:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:27:39 -------------------------------------------------------------------------------- -2017-08-27 02:27:39 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59a211fbdce0b1045f716621") { - username - bio - role - } -} - -2017-08-27 02:27:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:27:39 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:28:13 -------------------------------------------------------------------------------- -2017-08-27 02:28:13 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-27 02:28:13 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:13 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 -------------------------------------------------------------------------------- -2017-08-27 02:28:34 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 -------------------------------------------------------------------------------- -2017-08-27 02:28:34 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - role - username - } -} - -2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 -------------------------------------------------------------------------------- -2017-08-27 02:28:34 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - role - username - } -} - -2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 -------------------------------------------------------------------------------- -2017-08-27 02:28:34 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca2") { - role - username - } -} - -2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 -------------------------------------------------------------------------------- -2017-08-27 02:28:34 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - id - username - bio - } -} - -2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 -------------------------------------------------------------------------------- -2017-08-27 02:28:34 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users { - username - createdAt - } -} - -2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 -------------------------------------------------------------------------------- -2017-08-27 02:28:34 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(limit: 1) { - username - createdAt - } -} - -2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 -------------------------------------------------------------------------------- -2017-08-27 02:28:34 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993) { - username - createdAt - } -} - -2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 -------------------------------------------------------------------------------- -2017-08-27 02:28:34 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } -} - -2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 -------------------------------------------------------------------------------- -2017-08-27 02:28:34 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers { - username - createdAt - } - } -} - -2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 -------------------------------------------------------------------------------- -2017-08-27 02:28:34 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(limit: 1) { - username - createdAt - } - } -} - -2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 -------------------------------------------------------------------------------- -2017-08-27 02:28:34 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 -------------------------------------------------------------------------------- -2017-08-27 02:28:34 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 -------------------------------------------------------------------------------- -2017-08-27 02:28:34 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following { - username - createdAt - } - } -} - -2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 -------------------------------------------------------------------------------- -2017-08-27 02:28:34 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(limit: 1) { - username - createdAt - } - } -} - -2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 -------------------------------------------------------------------------------- -2017-08-27 02:28:34 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 -------------------------------------------------------------------------------- -2017-08-27 02:28:34 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 -------------------------------------------------------------------------------- -2017-08-27 02:28:34 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets { - id - createdAt - } - } -} - -2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 -------------------------------------------------------------------------------- -2017-08-27 02:28:34 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(limit: 1) { - id - createdAt - } - } -} - -2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 -------------------------------------------------------------------------------- -2017-08-27 02:28:34 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } - } -} - -2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 -------------------------------------------------------------------------------- -2017-08-27 02:28:34 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } - } -} - -2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 -------------------------------------------------------------------------------- -2017-08-27 02:28:34 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked { - id - createdAt - } - } -} - -2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 -------------------------------------------------------------------------------- -2017-08-27 02:28:34 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(limit: 1) { - id - createdAt - } - } -} - -2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 -------------------------------------------------------------------------------- -2017-08-27 02:28:34 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334) { - id - createdAt - } - } -} - -2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 -------------------------------------------------------------------------------- -2017-08-27 02:28:34 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334, limit: 1) { - id - createdAt - } - } -} - -2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 -------------------------------------------------------------------------------- -2017-08-27 02:28:34 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - id - body - } -} - -2017-08-27 02:28:34 -------------------------------------------------------------------------------- -2017-08-27 02:28:34 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - author { - username - } - } -} - -2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 -------------------------------------------------------------------------------- -2017-08-27 02:28:34 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets { - id - createdAt - } -} - -2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 -------------------------------------------------------------------------------- -2017-08-27 02:28:34 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(limit: 1) { - id - createdAt - } -} - -2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 -------------------------------------------------------------------------------- -2017-08-27 02:28:34 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } -} - -2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 -------------------------------------------------------------------------------- -2017-08-27 02:28:34 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } -} - -2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 -------------------------------------------------------------------------------- -2017-08-27 02:28:34 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers { - username - createdAt - } - } -} - -2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 -------------------------------------------------------------------------------- -2017-08-27 02:28:34 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(limit: 1) { - username - createdAt - } - } -} - -2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 -------------------------------------------------------------------------------- -2017-08-27 02:28:34 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993) { - username - createdAt - } - } -} - -2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 -------------------------------------------------------------------------------- -2017-08-27 02:28:34 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } - } -} - -2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 -------------------------------------------------------------------------------- -2017-08-27 02:28:34 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "admin"}) { - id - role - } -} - -2017-08-27 02:28:34 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:34 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:35 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:35 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-27 02:28:35 inserted user 59a21233dce0b1045f716623. -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 Request: -User: "tobkle", role: "admin", id: "59a21233dce0b1045f716623", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "zol@gmail.com", password: "password", username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:28:35 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:28:35 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-27 02:28:35 inserted user 59a21233dce0b1045f716624. -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 Request: -User: "tobkle", role: "admin", id: "59a21233dce0b1045f716623", -Operation: "", variables: "", -Query: -{ - user(id: "59a21233dce0b1045f716624") { - username - bio - role - } -} - -2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 Request: -User: "tobkle", role: "admin", id: "59a21233dce0b1045f716623", -Operation: "", variables: "", -Query: -{ - user(id: "59a21233dce0b1045f716623") { - username - role - } -} - -2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 Request: -User: "tobkle", role: "admin", id: "59a21233dce0b1045f716623", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a21233dce0b1045f716624", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:28:35 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:28:35 updated user 59a21233dce0b1045f716624. -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 Request: -User: "tobkle", role: "admin", id: "59a21233dce0b1045f716623", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a21233dce0b1045f716623", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:28:35 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:28:35 updated user 59a21233dce0b1045f716623. -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 Request: -User: "tobkle", role: "admin", id: "59a21233dce0b1045f716623", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a21233dce0b1045f716624", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { - username - bio - role - } -} - -2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:28:35 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:28:35 updated user 59a21233dce0b1045f716624. -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 Request: -User: "tobkle", role: "admin", id: "59a21233dce0b1045f716623", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a21233dce0b1045f716623", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:28:35 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:28:35 updated user 59a21233dce0b1045f716623. -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 Request: -User: "tobkle", role: "editor", id: "59a21233dce0b1045f716623", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a21233dce0b1045f716623", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a21233dce0b1045f716623" - } - ] -} -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-27 02:28:35 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a21233dce0b1045f716623" - } - ] -} -2017-08-27 02:28:35 updated user 59a21233dce0b1045f716623. -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 Request: -User: "zoltan", role: "admin", id: "59a21233dce0b1045f716624", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a21233dce0b1045f716623", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'zoltan' and role 'admin' is authorized -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'zoltan' and role 'admin' is authorized -2017-08-27 02:28:35 Authorize update 'updateUser' with user 'zoltan' and role 'admin' is authorized -2017-08-27 02:28:35 updated user 59a21233dce0b1045f716623. -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 Request: -User: "tobkle", role: "admin", id: "59a21233dce0b1045f716623", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59a21233dce0b1045f716624") -} - -2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:28:35 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:28:35 removed user 59a21233dce0b1045f716624. -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 Request: -User: "tobkle", role: "admin", id: "59a21233dce0b1045f716623", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59a21233dce0b1045f716623", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:28:35 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:28:35 inserted tweet 59a21233dce0b1045f716625. -2017-08-27 02:28:35 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 Request: -User: "tobkle", role: "admin", id: "59a21233dce0b1045f716623", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 Request: -User: "tobkle", role: "admin", id: "59a21233dce0b1045f716623", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a21233dce0b1045f716625") { - author { - id - } - body - } -} - -2017-08-27 02:28:35 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:28:35 inserted tweet 59a21233dce0b1045f716626. -2017-08-27 02:28:35 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 Request: -User: "tobkle", role: "admin", id: "59a21233dce0b1045f716623", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 Request: -User: "tobkle", role: "admin", id: "59a21233dce0b1045f716623", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59a21233dce0b1045f716625", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:28:35 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:28:35 updated tweet 59a21233dce0b1045f716625. -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 Request: -User: "tobkle", role: "admin", id: "59a21233dce0b1045f716623", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59a21233dce0b1045f716626", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:28:35 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:28:35 updated tweet 59a21233dce0b1045f716626. -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 Request: -User: "tobkle", role: "admin", id: "59a21233dce0b1045f716623", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a21233dce0b1045f716625") { - body - } -} - -2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 Request: -User: "tobkle", role: "admin", id: "59a21233dce0b1045f716623", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59a21233dce0b1045f716625") -} - -2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:28:35 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:28:35 removed tweet 59a21233dce0b1045f716625. -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 Request: -User: "tobkle", role: "admin", id: "59a21233dce0b1045f716623", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59a21233dce0b1045f716626") -} - -2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:28:35 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:28:35 removed tweet 59a21233dce0b1045f716626. -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 Request: -User: "tobkle", role: "admin", id: "59a21233dce0b1045f716623", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a21233dce0b1045f716625") { - body - } -} - -2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 Request: -User: "tobkle", role: "admin", id: "59a21233dce0b1045f716623", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59a21233dce0b1045f716623") -} - -2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:28:35 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-27 02:28:35 removed user 59a21233dce0b1045f716623. -2017-08-27 02:28:35 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59a21233dce0b1045f716623") { - username - bio - role - } -} - -2017-08-27 02:28:35 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:28:35 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "admin"}) { - id - } -} - -2017-08-27 02:28:35 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:28:35 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-27 02:28:35 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-27 02:28:35 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-27 02:28:35 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:28:35 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. -2017-08-27 02:28:35 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-27 02:28:35 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:28:35 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. -2017-08-27 02:28:35 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-27 02:28:35 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-27 02:28:35 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:28:35 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-27 02:28:35 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-27 02:28:35 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:28:35 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-27 02:28:35 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-27 02:28:35 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:28:35 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-27 02:28:35 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-27 02:28:35 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:28:35 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-27 02:28:35 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-27 02:28:35 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:28:35 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-27 02:28:35 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-27 02:28:35 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-27 02:28:35 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:28:35 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-27 02:28:35 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-27 02:28:35 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-27 02:28:35 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:28:35 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "user"}) { - id - role - } -} - -2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:35 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:35 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-27 02:28:35 inserted user 59a21233dce0b1045f716627. -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 Request: -User: "tobkle", role: "user", id: "59a21233dce0b1045f716627", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "zol@gmail.com", password: "password", username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a21233dce0b1045f716627" - } - ] -} -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 02:28:35 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. -2017-08-27 02:28:35 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 Request: -User: "tobkle", role: "user", id: "59a21233dce0b1045f716627", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a21233dce0b1045f716627" - } - ] -} -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 Request: -User: "tobkle", role: "user", id: "59a21233dce0b1045f716627", -Operation: "", variables: "", -Query: -{ - user(id: "59a21233dce0b1045f716627") { - username - } -} - -2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a21233dce0b1045f716627" - } - ] -} -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 Request: -User: "tobkle", role: "user", id: "59a21233dce0b1045f716627", -Operation: "", variables: "", -Query: -{ - user(id: "59a21233dce0b1045f716627") { - username - role - } -} - -2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a21233dce0b1045f716627" - } - ] -} -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 Request: -User: "tobkle", role: "user", id: "59a21233dce0b1045f716627", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a21233dce0b1045f716627" - } - ] -} -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 02:28:35 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a21233dce0b1045f716627" - } - ] -} -2017-08-27 02:28:35 ERROR update user not possible for 583291a1638566b3c5a92ca1. -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 Request: -User: "tobkle", role: "user", id: "59a21233dce0b1045f716627", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a21233dce0b1045f716627", input: {username: "tobkle", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a21233dce0b1045f716627" - } - ] -} -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 02:28:35 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a21233dce0b1045f716627" - } - ] -} -2017-08-27 02:28:35 updated user 59a21233dce0b1045f716627. -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 Request: -User: "tobkle", role: "user", id: "59a21233dce0b1045f716627", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a21233dce0b1045f716627", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a21233dce0b1045f716627" - } - ] -} -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 02:28:35 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a21233dce0b1045f716627" - } - ] -} -2017-08-27 02:28:35 updated user 59a21233dce0b1045f716627. -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 Request: -User: "tobkle", role: "user", id: "59a21233dce0b1045f716627", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a21233dce0b1045f716627" - } - ] -} -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 02:28:35 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a21233dce0b1045f716627" - } - ] -} -2017-08-27 02:28:35 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 Request: -User: "tobkle", role: "user", id: "59a21233dce0b1045f716627", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59a21233dce0b1045f716627", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a21233dce0b1045f716627" - } - ] -} -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 02:28:35 inserted tweet 59a21233dce0b1045f716628. -2017-08-27 02:28:35 Authorize create 'createTweet' with user 'tobkle' and role: 'user' is authorized by docRole. -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. -2017-08-27 02:28:35 Request: -User: "tobkle", role: "user", id: "59a21233dce0b1045f716627", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a21233dce0b1045f716627" - } - ] -} -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 02:28:35 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 Request: -User: "tobkle", role: "user", id: "59a21233dce0b1045f716627", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a21233dce0b1045f716628") { - author { - id - } - body - } -} - -2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a21233dce0b1045f716627" - } - ] -} -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 Request: -User: "tobkle", role: "user", id: "59a21233dce0b1045f716627", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a21233dce0b1045f716627" - } - ] -} -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 Request: -User: "tobkle", role: "user", id: "59a21233dce0b1045f716627", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59a21233dce0b1045f716628", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a21233dce0b1045f716627" - } - ] -} -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 02:28:35 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59a21233dce0b1045f716627" - }, - { - "coauthorsIds": "59a21233dce0b1045f716627" - } - ] -} -2017-08-27 02:28:35 updated tweet 59a21233dce0b1045f716628. -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 Request: -User: "tobkle", role: "user", id: "59a21233dce0b1045f716627", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a21233dce0b1045f716627" - } - ] -} -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 02:28:35 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59a21233dce0b1045f716627" - }, - { - "coauthorsIds": "59a21233dce0b1045f716627" - } - ] -} -2017-08-27 02:28:35 ERROR update tweet not possible for 583676d3618530145474e352. -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 Request: -User: "tobkle", role: "user", id: "59a21233dce0b1045f716627", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a21233dce0b1045f716628") { - body - } -} - -2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a21233dce0b1045f716627" - } - ] -} -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 Request: -User: "tobkle", role: "user", id: "59a21233dce0b1045f716627", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59a21233dce0b1045f716628") -} - -2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a21233dce0b1045f716627" - } - ] -} -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 02:28:35 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59a21233dce0b1045f716627" - } - ] -} -2017-08-27 02:28:35 removed tweet 59a21233dce0b1045f716628. -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 Request: -User: "tobkle", role: "user", id: "59a21233dce0b1045f716627", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a21233dce0b1045f716627" - } - ] -} -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 02:28:35 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59a21233dce0b1045f716627" - } - ] -} -2017-08-27 02:28:35 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 Request: -User: "tobkle", role: "user", id: "59a21233dce0b1045f716627", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a21233dce0b1045f716628") { - body - } -} - -2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a21233dce0b1045f716627" - } - ] -} -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 Request: -User: "tobkle", role: "user", id: "59a21233dce0b1045f716627", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59a21233dce0b1045f716627") -} - -2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a21233dce0b1045f716627" - } - ] -} -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 02:28:35 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a21233dce0b1045f716627" +2017-08-31 14:50:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:50:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:50:21 registered authorizedLoader successfully +2017-08-31 14:50:21 registered authorizedLoader successfully +2017-08-31 14:50:34 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:51:15 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-31 14:56:09 -------------------------------------------------------------------------------- +2017-08-31 14:56:09 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name } - ] + } } -2017-08-27 02:28:35 removed user 59a21233dce0b1045f716627. -2017-08-27 02:28:35 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 Request: -User: "", role: "", id: "", + +2017-08-31 14:56:09 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:56:09 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:56:09 registered authorizedLoader successfully +2017-08-31 14:56:09 registered authorizedLoader successfully +2017-08-31 14:56:39 Logger started +2017-08-31 14:57:06 Logger started +2017-08-31 14:57:24 -------------------------------------------------------------------------------- +2017-08-31 14:57:24 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: { - user(id: "59a21233dce0b1045f716627") { - username - bio - role + __schema { + queryType { + name + } } } -2017-08-27 02:28:35 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 02:28:35 -------------------------------------------------------------------------------- -2017-08-27 02:28:35 Request: +2017-08-31 14:57:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:57:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:57:24 registered authorizedLoader successfully +2017-08-31 14:57:24 registered authorizedLoader successfully +2017-08-31 14:57:47 -------------------------------------------------------------------------------- +2017-08-31 14:57:47 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: mutation { - createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "editor"}) { + createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "admin"}) { id role } } -2017-08-27 02:28:35 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:35 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:36 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-27 02:28:36 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-27 02:28:36 inserted user 59a21234dce0b1045f716629. -2017-08-27 02:28:36 -------------------------------------------------------------------------------- -2017-08-27 02:28:36 Request: -User: "tobkle", role: "editor", id: "59a21234dce0b1045f716629", +2017-08-31 14:57:47 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:57:47 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:57:47 registered authorizedLoader successfully +2017-08-31 14:57:47 registered authorizedLoader successfully +2017-08-31 14:57:47 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:57:47 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-31 14:57:47 inserted user 59a807cb8d536067b36d5cc1. +2017-08-31 14:57:47 -------------------------------------------------------------------------------- +2017-08-31 14:57:47 Request: +User: "tobkle", role: "admin", id: "59a807cb8d536067b36d5cc1", Operation: "", variables: "", Query: mutation { @@ -41976,205 +3190,210 @@ mutation { } } -2017-08-27 02:28:36 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a21234dce0b1045f716629" - } - ] -} -2017-08-27 02:28:36 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-27 02:28:36 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. -2017-08-27 02:28:36 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. -2017-08-27 02:28:36 -------------------------------------------------------------------------------- -2017-08-27 02:28:36 Request: -User: "tobkle", role: "editor", id: "59a21234dce0b1045f716629", +2017-08-31 14:57:47 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:57:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:57:47 registered authorizedLoader successfully +2017-08-31 14:57:47 registered authorizedLoader successfully +2017-08-31 14:57:47 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:57:47 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-31 14:57:47 inserted user 59a807cb8d536067b36d5cc2. +2017-08-31 14:57:47 -------------------------------------------------------------------------------- +2017-08-31 14:57:47 Request: +User: "tobkle", role: "admin", id: "59a807cb8d536067b36d5cc1", Operation: "", variables: "", Query: { - user(id: "583291a1638566b3c5a92ca1") { + user(id: "59a807cb8d536067b36d5cc2") { username bio role } } -2017-08-27 02:28:36 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a21234dce0b1045f716629" - } - ] -} -2017-08-27 02:28:36 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-27 02:28:36 -------------------------------------------------------------------------------- -2017-08-27 02:28:36 Request: -User: "tobkle", role: "editor", id: "59a21234dce0b1045f716629", +2017-08-31 14:57:47 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:57:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:57:47 registered authorizedLoader successfully +2017-08-31 14:57:47 registered authorizedLoader successfully +2017-08-31 14:57:47 -------------------------------------------------------------------------------- +2017-08-31 14:57:47 Request: +User: "tobkle", role: "admin", id: "59a807cb8d536067b36d5cc1", Operation: "", variables: "", Query: { - user(id: "59a21234dce0b1045f716629") { + user(id: "59a807cb8d536067b36d5cc1") { username role } } -2017-08-27 02:28:36 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a21234dce0b1045f716629" - } - ] -} -2017-08-27 02:28:36 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-27 02:28:36 -------------------------------------------------------------------------------- -2017-08-27 02:28:36 Request: -User: "tobkle", role: "editor", id: "59a21234dce0b1045f716629", +2017-08-31 14:57:47 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:57:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:57:47 registered authorizedLoader successfully +2017-08-31 14:57:47 registered authorizedLoader successfully +2017-08-31 14:57:47 -------------------------------------------------------------------------------- +2017-08-31 14:57:47 Request: +User: "tobkle", role: "admin", id: "59a807cb8d536067b36d5cc1", Operation: "", variables: "", Query: mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + updateUser(id: "59a807cb8d536067b36d5cc2", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { username bio role } } -2017-08-27 02:28:36 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a21234dce0b1045f716629" - } - ] -} -2017-08-27 02:28:36 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-27 02:28:36 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a21234dce0b1045f716629" - } - ] -} -2017-08-27 02:28:36 ERROR update user not possible for 583291a1638566b3c5a92ca1. -2017-08-27 02:28:36 -------------------------------------------------------------------------------- -2017-08-27 02:28:36 Request: -User: "tobkle", role: "editor", id: "59a21234dce0b1045f716629", +2017-08-31 14:57:47 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:57:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:57:47 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:57:47 registered authorizedLoader successfully +2017-08-31 14:57:47 registered authorizedLoader successfully +2017-08-31 14:57:47 updated user 59a807cb8d536067b36d5cc2. +2017-08-31 14:57:47 -------------------------------------------------------------------------------- +2017-08-31 14:57:47 Request: +User: "tobkle", role: "admin", id: "59a807cb8d536067b36d5cc1", Operation: "", variables: "", Query: mutation { - updateUser(id: "59a21234dce0b1045f716629", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { + updateUser(id: "59a807cb8d536067b36d5cc1", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { username bio + role } } -2017-08-27 02:28:36 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a21234dce0b1045f716629" - } - ] +2017-08-31 14:57:47 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:57:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:57:47 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:57:47 registered authorizedLoader successfully +2017-08-31 14:57:47 registered authorizedLoader successfully +2017-08-31 14:57:47 updated user 59a807cb8d536067b36d5cc1. +2017-08-31 14:57:47 -------------------------------------------------------------------------------- +2017-08-31 14:57:47 Request: +User: "tobkle", role: "admin", id: "59a807cb8d536067b36d5cc1", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a807cb8d536067b36d5cc2", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + username + bio + role + } } -2017-08-27 02:28:36 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-27 02:28:36 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a21234dce0b1045f716629" - } - ] + +2017-08-31 14:57:47 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:57:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:57:47 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:57:47 updated user 59a807cb8d536067b36d5cc2. +2017-08-31 14:57:47 registered authorizedLoader successfully +2017-08-31 14:57:47 registered authorizedLoader successfully +2017-08-31 14:57:47 -------------------------------------------------------------------------------- +2017-08-31 14:57:47 Request: +User: "tobkle", role: "admin", id: "59a807cb8d536067b36d5cc1", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59a807cb8d536067b36d5cc1", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } } -2017-08-27 02:28:36 updated user 59a21234dce0b1045f716629. -2017-08-27 02:28:36 -------------------------------------------------------------------------------- -2017-08-27 02:28:36 Request: -User: "tmeasday", role: "editor", id: "59a21234dce0b1045f716629", + +2017-08-31 14:57:47 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:57:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:57:47 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:57:47 updated user 59a807cb8d536067b36d5cc1. +2017-08-31 14:57:47 registered authorizedLoader successfully +2017-08-31 14:57:47 registered authorizedLoader successfully +2017-08-31 14:57:47 -------------------------------------------------------------------------------- +2017-08-31 14:57:47 Request: +User: "tobkle", role: "editor", id: "59a807cb8d536067b36d5cc1", Operation: "", variables: "", Query: mutation { - updateUser(id: "59a21234dce0b1045f716629", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { + updateUser(id: "59a807cb8d536067b36d5cc1", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { username bio role } } -2017-08-27 02:28:36 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with +2017-08-31 14:57:47 registered authorizedLoader successfully +2017-08-31 14:57:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-31 14:57:47 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with authQuery: { "$or": [ { - "_id": "59a21234dce0b1045f716629" + "_id": "59a807cb8d536067b36d5cc1" } ] } -2017-08-27 02:28:36 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-27 02:28:36 Authorize update 'updateUser' with user 'tmeasday' and role: 'editor' with +2017-08-31 14:57:47 updated user 59a807cb8d536067b36d5cc1. +2017-08-31 14:57:47 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with authQuery: { "$or": [ { - "_id": "59a21234dce0b1045f716629" + "_id": "59a807cb8d536067b36d5cc1" } ] } -2017-08-27 02:28:36 updated user 59a21234dce0b1045f716629. -2017-08-27 02:28:36 -------------------------------------------------------------------------------- -2017-08-27 02:28:36 Request: -User: "tmeasday", role: "editor", id: "59a21234dce0b1045f716629", +2017-08-31 14:57:47 registered authorizedLoader successfully +2017-08-31 14:57:47 -------------------------------------------------------------------------------- +2017-08-31 14:57:47 Request: +User: "zoltan", role: "admin", id: "59a807cb8d536067b36d5cc2", Operation: "", variables: "", Query: mutation { - removeUser(id: "583291a1638566b3c5a92ca1") + updateUser(id: "59a807cb8d536067b36d5cc1", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } } -2017-08-27 02:28:36 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a21234dce0b1045f716629" - } - ] -} -2017-08-27 02:28:36 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-27 02:28:36 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a21234dce0b1045f716629" - } - ] +2017-08-31 14:57:47 Authorize readOne 'user findOneById' with user 'zoltan' and role 'admin' is authorized +2017-08-31 14:57:47 Authorize readOne 'tweet findOneById' with user 'zoltan' and role 'admin' is authorized +2017-08-31 14:57:47 updated user 59a807cb8d536067b36d5cc1. +2017-08-31 14:57:47 Authorize update 'updateUser' with user 'zoltan' and role 'admin' is authorized +2017-08-31 14:57:47 registered authorizedLoader successfully +2017-08-31 14:57:47 registered authorizedLoader successfully +2017-08-31 14:57:47 -------------------------------------------------------------------------------- +2017-08-31 14:57:47 Request: +User: "tobkle", role: "admin", id: "59a807cb8d536067b36d5cc1", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59a807cb8d536067b36d5cc2") } -2017-08-27 02:28:36 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-08-27 02:28:36 -------------------------------------------------------------------------------- -2017-08-27 02:28:36 Request: -User: "tmeasday", role: "editor", id: "59a21234dce0b1045f716629", + +2017-08-31 14:57:47 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:57:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:57:47 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:57:47 registered authorizedLoader successfully +2017-08-31 14:57:47 registered authorizedLoader successfully +2017-08-31 14:57:47 removed user 59a807cb8d536067b36d5cc2. +2017-08-31 14:57:47 -------------------------------------------------------------------------------- +2017-08-31 14:57:47 Request: +User: "tobkle", role: "admin", id: "59a807cb8d536067b36d5cc1", Operation: "", variables: "", Query: mutation { - createTweet(input: {authorId: "59a21234dce0b1045f716629", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + createTweet(input: {authorId: "59a807cb8d536067b36d5cc1", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { id } } -2017-08-27 02:28:36 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a21234dce0b1045f716629" - } - ] -} -2017-08-27 02:28:36 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-27 02:28:36 inserted tweet 59a21234dce0b1045f71662a. -2017-08-27 02:28:36 Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is authorized by docRole. -2017-08-27 02:28:36 -------------------------------------------------------------------------------- -2017-08-27 02:28:36 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. -2017-08-27 02:28:36 Request: -User: "tmeasday", role: "editor", id: "59a21234dce0b1045f716629", +2017-08-31 14:57:47 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:57:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:57:47 inserted tweet 59a807cb8d536067b36d5cc3. +2017-08-31 14:57:47 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:57:47 registered authorizedLoader successfully +2017-08-31 14:57:47 registered authorizedLoader successfully +2017-08-31 14:57:47 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-31 14:57:47 -------------------------------------------------------------------------------- +2017-08-31 14:57:47 Request: +User: "tobkle", role: "admin", id: "59a807cb8d536067b36d5cc1", Operation: "", variables: "", Query: mutation { @@ -42183,23 +3402,20 @@ mutation { } } -2017-08-27 02:28:36 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a21234dce0b1045f716629" - } - ] -} -2017-08-27 02:28:36 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-27 02:28:36 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. -2017-08-27 02:28:36 -------------------------------------------------------------------------------- -2017-08-27 02:28:36 Request: -User: "tmeasday", role: "editor", id: "59a21234dce0b1045f716629", +2017-08-31 14:57:47 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:57:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:57:47 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:57:47 registered authorizedLoader successfully +2017-08-31 14:57:47 registered authorizedLoader successfully +2017-08-31 14:57:47 inserted tweet 59a807cb8d536067b36d5cc4. +2017-08-31 14:57:47 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-31 14:57:47 -------------------------------------------------------------------------------- +2017-08-31 14:57:47 Request: +User: "tobkle", role: "admin", id: "59a807cb8d536067b36d5cc1", Operation: "", variables: "", Query: { - tweet(id: "59a21234dce0b1045f71662a") { + tweet(id: "59a807cb8d536067b36d5cc3") { author { id } @@ -42207,18 +3423,13 @@ Query: } } -2017-08-27 02:28:36 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a21234dce0b1045f716629" - } - ] -} -2017-08-27 02:28:36 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-27 02:28:36 -------------------------------------------------------------------------------- -2017-08-27 02:28:36 Request: -User: "tmeasday", role: "editor", id: "59a21234dce0b1045f716629", +2017-08-31 14:57:47 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:57:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:57:47 registered authorizedLoader successfully +2017-08-31 14:57:47 registered authorizedLoader successfully +2017-08-31 14:57:47 -------------------------------------------------------------------------------- +2017-08-31 14:57:47 Request: +User: "tobkle", role: "admin", id: "59a807cb8d536067b36d5cc1", Operation: "", variables: "", Query: { @@ -42230,218 +3441,138 @@ Query: } } -2017-08-27 02:28:36 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a21234dce0b1045f716629" - } - ] -} -2017-08-27 02:28:36 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-27 02:28:36 -------------------------------------------------------------------------------- -2017-08-27 02:28:36 Request: -User: "tmeasday", role: "editor", id: "59a21234dce0b1045f716629", +2017-08-31 14:57:47 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:57:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:57:47 registered authorizedLoader successfully +2017-08-31 14:57:47 registered authorizedLoader successfully +2017-08-31 14:57:47 -------------------------------------------------------------------------------- +2017-08-31 14:57:47 Request: +User: "tobkle", role: "admin", id: "59a807cb8d536067b36d5cc1", Operation: "", variables: "", Query: mutation { - updateTweet(id: "59a21234dce0b1045f71662a", input: {body: "This is a modified test tweet"}) { + updateTweet(id: "59a807cb8d536067b36d5cc3", input: {body: "This is a modified test tweet"}) { body } } -2017-08-27 02:28:36 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a21234dce0b1045f716629" - } - ] -} -2017-08-27 02:28:36 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-27 02:28:36 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "59a21234dce0b1045f716629" - }, - { - "coauthorsIds": "59a21234dce0b1045f716629" - } - ] -} -2017-08-27 02:28:36 updated tweet 59a21234dce0b1045f71662a. -2017-08-27 02:28:36 -------------------------------------------------------------------------------- -2017-08-27 02:28:36 Request: -User: "tmeasday", role: "editor", id: "59a21234dce0b1045f716629", +2017-08-31 14:57:47 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:57:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:57:47 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:57:47 updated tweet 59a807cb8d536067b36d5cc3. +2017-08-31 14:57:47 registered authorizedLoader successfully +2017-08-31 14:57:47 registered authorizedLoader successfully +2017-08-31 14:57:47 -------------------------------------------------------------------------------- +2017-08-31 14:57:47 Request: +User: "tobkle", role: "admin", id: "59a807cb8d536067b36d5cc1", Operation: "", variables: "", Query: mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + updateTweet(id: "59a807cb8d536067b36d5cc4", input: {body: "This is a modified test tweet"}) { body } } -2017-08-27 02:28:36 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a21234dce0b1045f716629" - } - ] -} -2017-08-27 02:28:36 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-27 02:28:36 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "59a21234dce0b1045f716629" - }, - { - "coauthorsIds": "59a21234dce0b1045f716629" - } - ] -} -2017-08-27 02:28:36 ERROR update tweet not possible for 583676d3618530145474e352. -2017-08-27 02:28:36 -------------------------------------------------------------------------------- -2017-08-27 02:28:36 Request: -User: "tmeasday", role: "editor", id: "59a21234dce0b1045f716629", +2017-08-31 14:57:47 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:57:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:57:47 updated tweet 59a807cb8d536067b36d5cc4. +2017-08-31 14:57:47 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:57:47 registered authorizedLoader successfully +2017-08-31 14:57:47 registered authorizedLoader successfully +2017-08-31 14:57:47 -------------------------------------------------------------------------------- +2017-08-31 14:57:47 Request: +User: "tobkle", role: "admin", id: "59a807cb8d536067b36d5cc1", Operation: "", variables: "", Query: { - tweet(id: "59a21234dce0b1045f71662a") { + tweet(id: "59a807cb8d536067b36d5cc3") { body } } -2017-08-27 02:28:36 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a21234dce0b1045f716629" - } - ] -} -2017-08-27 02:28:36 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-27 02:28:36 -------------------------------------------------------------------------------- -2017-08-27 02:28:36 Request: -User: "tmeasday", role: "editor", id: "59a21234dce0b1045f716629", +2017-08-31 14:57:47 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:57:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:57:47 registered authorizedLoader successfully +2017-08-31 14:57:47 registered authorizedLoader successfully +2017-08-31 14:57:47 -------------------------------------------------------------------------------- +2017-08-31 14:57:47 Request: +User: "tobkle", role: "admin", id: "59a807cb8d536067b36d5cc1", Operation: "", variables: "", Query: mutation { - removeTweet(id: "59a21234dce0b1045f71662a") + removeTweet(id: "59a807cb8d536067b36d5cc3") } -2017-08-27 02:28:36 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a21234dce0b1045f716629" - } - ] -} -2017-08-27 02:28:36 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-27 02:28:36 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "59a21234dce0b1045f716629" - } - ] -} -2017-08-27 02:28:36 removed tweet 59a21234dce0b1045f71662a. -2017-08-27 02:28:36 -------------------------------------------------------------------------------- -2017-08-27 02:28:36 Request: -User: "tmeasday", role: "editor", id: "59a21234dce0b1045f716629", +2017-08-31 14:57:47 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:57:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:57:47 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:57:47 removed tweet 59a807cb8d536067b36d5cc3. +2017-08-31 14:57:47 registered authorizedLoader successfully +2017-08-31 14:57:47 registered authorizedLoader successfully +2017-08-31 14:57:47 -------------------------------------------------------------------------------- +2017-08-31 14:57:47 Request: +User: "tobkle", role: "admin", id: "59a807cb8d536067b36d5cc1", Operation: "", variables: "", Query: mutation { - removeTweet(id: "583676d3618530145474e352") + removeTweet(id: "59a807cb8d536067b36d5cc4") } -2017-08-27 02:28:36 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a21234dce0b1045f716629" - } - ] -} -2017-08-27 02:28:36 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-27 02:28:36 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "59a21234dce0b1045f716629" - } - ] -} -2017-08-27 02:28:36 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-08-27 02:28:36 -------------------------------------------------------------------------------- -2017-08-27 02:28:36 Request: -User: "tmeasday", role: "editor", id: "59a21234dce0b1045f716629", +2017-08-31 14:57:47 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:57:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:57:47 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:57:47 removed tweet 59a807cb8d536067b36d5cc4. +2017-08-31 14:57:47 registered authorizedLoader successfully +2017-08-31 14:57:47 registered authorizedLoader successfully +2017-08-31 14:57:48 -------------------------------------------------------------------------------- +2017-08-31 14:57:48 Request: +User: "tobkle", role: "admin", id: "59a807cb8d536067b36d5cc1", Operation: "", variables: "", Query: { - tweet(id: "59a21234dce0b1045f71662a") { + tweet(id: "59a807cb8d536067b36d5cc3") { body } } -2017-08-27 02:28:36 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a21234dce0b1045f716629" - } - ] -} -2017-08-27 02:28:36 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-27 02:28:36 -------------------------------------------------------------------------------- -2017-08-27 02:28:36 Request: -User: "tmeasday", role: "editor", id: "59a21234dce0b1045f716629", +2017-08-31 14:57:47 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:57:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:57:47 registered authorizedLoader successfully +2017-08-31 14:57:47 registered authorizedLoader successfully +2017-08-31 14:57:48 -------------------------------------------------------------------------------- +2017-08-31 14:57:48 Request: +User: "tobkle", role: "admin", id: "59a807cb8d536067b36d5cc1", Operation: "", variables: "", Query: mutation { - removeUser(id: "59a21234dce0b1045f716629") + removeUser(id: "59a807cb8d536067b36d5cc1") } -2017-08-27 02:28:36 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a21234dce0b1045f716629" - } - ] -} -2017-08-27 02:28:36 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-27 02:28:36 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a21234dce0b1045f716629" - } - ] -} -2017-08-27 02:28:36 removed user 59a21234dce0b1045f716629. -2017-08-27 02:28:36 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:28:36 -------------------------------------------------------------------------------- -2017-08-27 02:28:36 Request: +2017-08-31 14:57:48 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:57:48 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:57:48 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:57:48 removed user 59a807cb8d536067b36d5cc1. +2017-08-31 14:57:48 registered authorizedLoader successfully +2017-08-31 14:57:48 registered authorizedLoader successfully +2017-08-31 14:57:48 -------------------------------------------------------------------------------- +2017-08-31 14:57:48 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: { - user(id: "59a21234dce0b1045f716629") { + user(id: "59a807cb8d536067b36d5cc1") { username bio role } } -2017-08-27 02:28:36 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 02:28:36 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 03:17:24 -------------------------------------------------------------------------------- -2017-08-27 03:17:24 Request: +2017-08-31 14:57:48 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:57:48 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:57:48 ERROR Authorize readOne 'user' with user '' undefined +2017-08-31 14:57:48 registered authorizedLoader successfully +2017-08-31 14:59:16 -------------------------------------------------------------------------------- +2017-08-31 14:59:16 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -42453,10 +3584,12 @@ Query: } } -2017-08-27 03:17:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 -------------------------------------------------------------------------------- -2017-08-27 03:17:45 Request: +2017-08-31 14:59:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:16 registered authorizedLoader successfully +2017-08-31 14:59:16 registered authorizedLoader successfully +2017-08-31 14:59:37 -------------------------------------------------------------------------------- +2017-08-31 14:59:37 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -42468,10 +3601,12 @@ Query: } } -2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 -------------------------------------------------------------------------------- -2017-08-27 03:17:45 Request: +2017-08-31 14:59:37 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 registered authorizedLoader successfully +2017-08-31 14:59:37 registered authorizedLoader successfully +2017-08-31 14:59:37 -------------------------------------------------------------------------------- +2017-08-31 14:59:37 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -42482,10 +3617,12 @@ Query: } } -2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 -------------------------------------------------------------------------------- -2017-08-27 03:17:45 Request: +2017-08-31 14:59:37 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 registered authorizedLoader successfully +2017-08-31 14:59:37 registered authorizedLoader successfully +2017-08-31 14:59:37 -------------------------------------------------------------------------------- +2017-08-31 14:59:37 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -42496,10 +3633,12 @@ Query: } } -2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 -------------------------------------------------------------------------------- -2017-08-27 03:17:45 Request: +2017-08-31 14:59:37 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 registered authorizedLoader successfully +2017-08-31 14:59:37 registered authorizedLoader successfully +2017-08-31 14:59:37 -------------------------------------------------------------------------------- +2017-08-31 14:59:37 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -42510,10 +3649,12 @@ Query: } } -2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 -------------------------------------------------------------------------------- -2017-08-27 03:17:45 Request: +2017-08-31 14:59:37 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 registered authorizedLoader successfully +2017-08-31 14:59:37 registered authorizedLoader successfully +2017-08-31 14:59:37 -------------------------------------------------------------------------------- +2017-08-31 14:59:37 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -42525,10 +3666,10 @@ Query: } } -2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 -------------------------------------------------------------------------------- -2017-08-27 03:17:45 Request: +2017-08-31 14:59:37 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 -------------------------------------------------------------------------------- +2017-08-31 14:59:37 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -42539,11 +3680,15 @@ Query: } } -2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 -------------------------------------------------------------------------------- -2017-08-27 03:17:45 Request: +2017-08-31 14:59:37 registered authorizedLoader successfully +2017-08-31 14:59:37 registered authorizedLoader successfully +2017-08-31 14:59:37 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 registered authorizedLoader successfully +2017-08-31 14:59:37 registered authorizedLoader successfully +2017-08-31 14:59:37 -------------------------------------------------------------------------------- +2017-08-31 14:59:37 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -42554,11 +3699,13 @@ Query: } } -2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 -------------------------------------------------------------------------------- -2017-08-27 03:17:45 Request: +2017-08-31 14:59:37 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 registered authorizedLoader successfully +2017-08-31 14:59:37 registered authorizedLoader successfully +2017-08-31 14:59:37 -------------------------------------------------------------------------------- +2017-08-31 14:59:37 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -42569,11 +3716,13 @@ Query: } } -2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 -------------------------------------------------------------------------------- -2017-08-27 03:17:45 Request: +2017-08-31 14:59:37 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 registered authorizedLoader successfully +2017-08-31 14:59:37 registered authorizedLoader successfully +2017-08-31 14:59:37 -------------------------------------------------------------------------------- +2017-08-31 14:59:37 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -42584,11 +3733,13 @@ Query: } } -2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 -------------------------------------------------------------------------------- -2017-08-27 03:17:45 Request: +2017-08-31 14:59:37 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 registered authorizedLoader successfully +2017-08-31 14:59:37 registered authorizedLoader successfully +2017-08-31 14:59:37 -------------------------------------------------------------------------------- +2017-08-31 14:59:37 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -42601,11 +3752,13 @@ Query: } } -2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 -------------------------------------------------------------------------------- -2017-08-27 03:17:45 Request: +2017-08-31 14:59:37 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 registered authorizedLoader successfully +2017-08-31 14:59:37 registered authorizedLoader successfully +2017-08-31 14:59:37 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 -------------------------------------------------------------------------------- +2017-08-31 14:59:37 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -42618,11 +3771,13 @@ Query: } } -2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 -------------------------------------------------------------------------------- -2017-08-27 03:17:45 Request: +2017-08-31 14:59:37 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 registered authorizedLoader successfully +2017-08-31 14:59:37 registered authorizedLoader successfully +2017-08-31 14:59:37 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 -------------------------------------------------------------------------------- +2017-08-31 14:59:37 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -42635,11 +3790,13 @@ Query: } } -2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 -------------------------------------------------------------------------------- -2017-08-27 03:17:45 Request: +2017-08-31 14:59:37 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 registered authorizedLoader successfully +2017-08-31 14:59:37 registered authorizedLoader successfully +2017-08-31 14:59:37 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 -------------------------------------------------------------------------------- +2017-08-31 14:59:37 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -42652,11 +3809,13 @@ Query: } } -2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 -------------------------------------------------------------------------------- -2017-08-27 03:17:45 Request: +2017-08-31 14:59:37 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 registered authorizedLoader successfully +2017-08-31 14:59:37 registered authorizedLoader successfully +2017-08-31 14:59:37 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 -------------------------------------------------------------------------------- +2017-08-31 14:59:37 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -42669,11 +3828,13 @@ Query: } } -2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 -------------------------------------------------------------------------------- -2017-08-27 03:17:45 Request: +2017-08-31 14:59:37 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 registered authorizedLoader successfully +2017-08-31 14:59:37 registered authorizedLoader successfully +2017-08-31 14:59:37 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 -------------------------------------------------------------------------------- +2017-08-31 14:59:37 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -42686,11 +3847,13 @@ Query: } } -2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 -------------------------------------------------------------------------------- -2017-08-27 03:17:45 Request: +2017-08-31 14:59:37 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 registered authorizedLoader successfully +2017-08-31 14:59:37 registered authorizedLoader successfully +2017-08-31 14:59:37 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 -------------------------------------------------------------------------------- +2017-08-31 14:59:37 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -42703,11 +3866,13 @@ Query: } } -2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 -------------------------------------------------------------------------------- -2017-08-27 03:17:45 Request: +2017-08-31 14:59:37 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 registered authorizedLoader successfully +2017-08-31 14:59:37 registered authorizedLoader successfully +2017-08-31 14:59:37 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 -------------------------------------------------------------------------------- +2017-08-31 14:59:37 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -42720,11 +3885,13 @@ Query: } } -2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 -------------------------------------------------------------------------------- -2017-08-27 03:17:45 Request: +2017-08-31 14:59:37 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 registered authorizedLoader successfully +2017-08-31 14:59:37 registered authorizedLoader successfully +2017-08-31 14:59:37 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 -------------------------------------------------------------------------------- +2017-08-31 14:59:37 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -42737,11 +3904,13 @@ Query: } } -2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 -------------------------------------------------------------------------------- -2017-08-27 03:17:45 Request: +2017-08-31 14:59:37 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 registered authorizedLoader successfully +2017-08-31 14:59:37 registered authorizedLoader successfully +2017-08-31 14:59:37 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 -------------------------------------------------------------------------------- +2017-08-31 14:59:37 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -42754,11 +3923,13 @@ Query: } } -2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 -------------------------------------------------------------------------------- -2017-08-27 03:17:45 Request: +2017-08-31 14:59:37 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 registered authorizedLoader successfully +2017-08-31 14:59:37 registered authorizedLoader successfully +2017-08-31 14:59:37 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 -------------------------------------------------------------------------------- +2017-08-31 14:59:37 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -42771,11 +3942,13 @@ Query: } } -2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 -------------------------------------------------------------------------------- -2017-08-27 03:17:45 Request: +2017-08-31 14:59:37 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 registered authorizedLoader successfully +2017-08-31 14:59:37 registered authorizedLoader successfully +2017-08-31 14:59:37 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 -------------------------------------------------------------------------------- +2017-08-31 14:59:37 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -42788,11 +3961,13 @@ Query: } } -2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 -------------------------------------------------------------------------------- -2017-08-27 03:17:45 Request: +2017-08-31 14:59:37 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 registered authorizedLoader successfully +2017-08-31 14:59:37 registered authorizedLoader successfully +2017-08-31 14:59:37 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 -------------------------------------------------------------------------------- +2017-08-31 14:59:37 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -42805,11 +3980,13 @@ Query: } } -2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 -------------------------------------------------------------------------------- -2017-08-27 03:17:45 Request: +2017-08-31 14:59:37 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 registered authorizedLoader successfully +2017-08-31 14:59:37 registered authorizedLoader successfully +2017-08-31 14:59:37 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 -------------------------------------------------------------------------------- +2017-08-31 14:59:37 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -42822,11 +3999,13 @@ Query: } } -2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 -------------------------------------------------------------------------------- -2017-08-27 03:17:45 Request: +2017-08-31 14:59:37 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:37 registered authorizedLoader successfully +2017-08-31 14:59:37 registered authorizedLoader successfully +2017-08-31 14:59:37 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:38 -------------------------------------------------------------------------------- +2017-08-31 14:59:38 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -42839,11 +4018,13 @@ Query: } } -2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 -------------------------------------------------------------------------------- -2017-08-27 03:17:45 Request: +2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:38 -------------------------------------------------------------------------------- +2017-08-31 14:59:38 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -42856,11 +4037,13 @@ Query: } } -2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 -------------------------------------------------------------------------------- -2017-08-27 03:17:45 Request: +2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:38 -------------------------------------------------------------------------------- +2017-08-31 14:59:38 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -42871,10 +4054,10 @@ Query: } } -2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 -------------------------------------------------------------------------------- -2017-08-27 03:17:45 Request: +2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:38 -------------------------------------------------------------------------------- +2017-08-31 14:59:38 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -42886,8 +4069,10 @@ Query: } } -2017-08-27 03:17:45 -------------------------------------------------------------------------------- -2017-08-27 03:17:45 Request: +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 -------------------------------------------------------------------------------- +2017-08-31 14:59:38 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -42898,13 +4083,17 @@ Query: } } -2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:46 -------------------------------------------------------------------------------- -2017-08-27 03:17:46 Request: +2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:38 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 -------------------------------------------------------------------------------- +2017-08-31 14:59:38 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -42915,11 +4104,13 @@ Query: } } -2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:46 -------------------------------------------------------------------------------- -2017-08-27 03:17:46 Request: +2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:38 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 -------------------------------------------------------------------------------- +2017-08-31 14:59:38 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -42930,11 +4121,13 @@ Query: } } -2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:46 -------------------------------------------------------------------------------- -2017-08-27 03:17:46 Request: +2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:38 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 -------------------------------------------------------------------------------- +2017-08-31 14:59:38 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -42945,11 +4138,13 @@ Query: } } -2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:46 -------------------------------------------------------------------------------- -2017-08-27 03:17:46 Request: +2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:38 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 -------------------------------------------------------------------------------- +2017-08-31 14:59:38 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -42962,11 +4157,13 @@ Query: } } -2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:46 -------------------------------------------------------------------------------- -2017-08-27 03:17:46 Request: +2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:38 -------------------------------------------------------------------------------- +2017-08-31 14:59:38 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -42979,11 +4176,13 @@ Query: } } -2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:46 -------------------------------------------------------------------------------- -2017-08-27 03:17:46 Request: +2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:38 -------------------------------------------------------------------------------- +2017-08-31 14:59:38 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -42996,11 +4195,13 @@ Query: } } -2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:46 -------------------------------------------------------------------------------- -2017-08-27 03:17:46 Request: +2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:38 -------------------------------------------------------------------------------- +2017-08-31 14:59:38 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -43013,11 +4214,13 @@ Query: } } -2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:46 -------------------------------------------------------------------------------- -2017-08-27 03:17:46 Request: +2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:38 -------------------------------------------------------------------------------- +2017-08-31 14:59:38 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -43028,14 +4231,16 @@ mutation { } } -2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-27 03:17:46 inserted user 59a21dbadce0b1045f71662b. -2017-08-27 03:17:46 -------------------------------------------------------------------------------- -2017-08-27 03:17:46 Request: -User: "tobkle", role: "admin", id: "59a21dbadce0b1045f71662b", +2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:38 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-31 14:59:38 inserted user 59a8083a8d536067b36d5cc5. +2017-08-31 14:59:38 -------------------------------------------------------------------------------- +2017-08-31 14:59:38 Request: +User: "tobkle", role: "admin", id: "59a8083a8d536067b36d5cc5", Operation: "", variables: "", Query: mutation { @@ -43044,188 +4249,210 @@ mutation { } } -2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-27 03:17:46 inserted user 59a21dbadce0b1045f71662c. -2017-08-27 03:17:46 -------------------------------------------------------------------------------- -2017-08-27 03:17:46 Request: -User: "tobkle", role: "admin", id: "59a21dbadce0b1045f71662b", +2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:59:38 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-31 14:59:38 inserted user 59a8083a8d536067b36d5cc6. +2017-08-31 14:59:38 -------------------------------------------------------------------------------- +2017-08-31 14:59:38 Request: +User: "tobkle", role: "admin", id: "59a8083a8d536067b36d5cc5", Operation: "", variables: "", Query: { - user(id: "59a21dbadce0b1045f71662c") { + user(id: "59a8083a8d536067b36d5cc6") { username bio role } } -2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:17:46 -------------------------------------------------------------------------------- -2017-08-27 03:17:46 Request: -User: "tobkle", role: "admin", id: "59a21dbadce0b1045f71662b", +2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 -------------------------------------------------------------------------------- +2017-08-31 14:59:38 Request: +User: "tobkle", role: "admin", id: "59a8083a8d536067b36d5cc5", Operation: "", variables: "", Query: { - user(id: "59a21dbadce0b1045f71662b") { + user(id: "59a8083a8d536067b36d5cc5") { username role } } -2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:17:46 -------------------------------------------------------------------------------- -2017-08-27 03:17:46 Request: -User: "tobkle", role: "admin", id: "59a21dbadce0b1045f71662b", +2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 -------------------------------------------------------------------------------- +2017-08-31 14:59:38 Request: +User: "tobkle", role: "admin", id: "59a8083a8d536067b36d5cc5", Operation: "", variables: "", Query: mutation { - updateUser(id: "59a21dbadce0b1045f71662c", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + updateUser(id: "59a8083a8d536067b36d5cc6", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { username bio role } } -2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:17:46 updated user 59a21dbadce0b1045f71662c. -2017-08-27 03:17:46 -------------------------------------------------------------------------------- -2017-08-27 03:17:46 Request: -User: "tobkle", role: "admin", id: "59a21dbadce0b1045f71662b", +2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:59:38 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 updated user 59a8083a8d536067b36d5cc6. +2017-08-31 14:59:38 -------------------------------------------------------------------------------- +2017-08-31 14:59:38 Request: +User: "tobkle", role: "admin", id: "59a8083a8d536067b36d5cc5", Operation: "", variables: "", Query: mutation { - updateUser(id: "59a21dbadce0b1045f71662b", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + updateUser(id: "59a8083a8d536067b36d5cc5", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { username bio role } } -2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:17:46 updated user 59a21dbadce0b1045f71662b. -2017-08-27 03:17:46 -------------------------------------------------------------------------------- -2017-08-27 03:17:46 Request: -User: "tobkle", role: "admin", id: "59a21dbadce0b1045f71662b", +2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:59:38 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 updated user 59a8083a8d536067b36d5cc5. +2017-08-31 14:59:38 -------------------------------------------------------------------------------- +2017-08-31 14:59:38 Request: +User: "tobkle", role: "admin", id: "59a8083a8d536067b36d5cc5", Operation: "", variables: "", Query: mutation { - updateUser(id: "59a21dbadce0b1045f71662c", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + updateUser(id: "59a8083a8d536067b36d5cc6", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { username bio role } } -2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:17:46 updated user 59a21dbadce0b1045f71662c. -2017-08-27 03:17:46 -------------------------------------------------------------------------------- -2017-08-27 03:17:46 Request: -User: "tobkle", role: "admin", id: "59a21dbadce0b1045f71662b", +2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:59:38 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 updated user 59a8083a8d536067b36d5cc6. +2017-08-31 14:59:38 -------------------------------------------------------------------------------- +2017-08-31 14:59:38 Request: +User: "tobkle", role: "admin", id: "59a8083a8d536067b36d5cc5", Operation: "", variables: "", Query: mutation { - updateUser(id: "59a21dbadce0b1045f71662b", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + updateUser(id: "59a8083a8d536067b36d5cc5", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { username bio role } } -2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:17:46 updated user 59a21dbadce0b1045f71662b. -2017-08-27 03:17:46 -------------------------------------------------------------------------------- -2017-08-27 03:17:46 Request: -User: "tobkle", role: "editor", id: "59a21dbadce0b1045f71662b", +2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:59:38 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 updated user 59a8083a8d536067b36d5cc5. +2017-08-31 14:59:38 -------------------------------------------------------------------------------- +2017-08-31 14:59:38 Request: +User: "tobkle", role: "editor", id: "59a8083a8d536067b36d5cc5", Operation: "", variables: "", Query: mutation { - updateUser(id: "59a21dbadce0b1045f71662b", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + updateUser(id: "59a8083a8d536067b36d5cc5", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { username bio role } } -2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-31 14:59:38 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with authQuery: { "$or": [ { - "_id": "59a21dbadce0b1045f71662b" + "_id": "59a8083a8d536067b36d5cc5" } ] } -2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-27 03:17:46 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with +2017-08-31 14:59:38 updated user 59a8083a8d536067b36d5cc5. +2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with authQuery: { "$or": [ { - "_id": "59a21dbadce0b1045f71662b" + "_id": "59a8083a8d536067b36d5cc5" } ] } -2017-08-27 03:17:46 updated user 59a21dbadce0b1045f71662b. -2017-08-27 03:17:46 -------------------------------------------------------------------------------- -2017-08-27 03:17:46 Request: -User: "zoltan", role: "admin", id: "59a21dbadce0b1045f71662c", +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 -------------------------------------------------------------------------------- +2017-08-31 14:59:38 Request: +User: "zoltan", role: "admin", id: "59a8083a8d536067b36d5cc6", Operation: "", variables: "", Query: mutation { - updateUser(id: "59a21dbadce0b1045f71662b", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + updateUser(id: "59a8083a8d536067b36d5cc5", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { username bio role } } -2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'zoltan' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'zoltan' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize update 'updateUser' with user 'zoltan' and role 'admin' is authorized -2017-08-27 03:17:46 updated user 59a21dbadce0b1045f71662b. -2017-08-27 03:17:46 -------------------------------------------------------------------------------- -2017-08-27 03:17:46 Request: -User: "tobkle", role: "admin", id: "59a21dbadce0b1045f71662b", +2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'zoltan' and role 'admin' is authorized +2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'zoltan' and role 'admin' is authorized +2017-08-31 14:59:38 Authorize update 'updateUser' with user 'zoltan' and role 'admin' is authorized +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 updated user 59a8083a8d536067b36d5cc5. +2017-08-31 14:59:38 -------------------------------------------------------------------------------- +2017-08-31 14:59:38 Request: +User: "tobkle", role: "admin", id: "59a8083a8d536067b36d5cc5", Operation: "", variables: "", Query: mutation { - removeUser(id: "59a21dbadce0b1045f71662c") + removeUser(id: "59a8083a8d536067b36d5cc6") } -2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:17:46 removed user 59a21dbadce0b1045f71662c. -2017-08-27 03:17:46 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:17:46 -------------------------------------------------------------------------------- -2017-08-27 03:17:46 Request: -User: "tobkle", role: "admin", id: "59a21dbadce0b1045f71662b", +2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:59:38 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 removed user 59a8083a8d536067b36d5cc6. +2017-08-31 14:59:38 -------------------------------------------------------------------------------- +2017-08-31 14:59:38 Request: +User: "tobkle", role: "admin", id: "59a8083a8d536067b36d5cc5", Operation: "", variables: "", Query: mutation { - createTweet(input: {authorId: "59a21dbadce0b1045f71662b", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + createTweet(input: {authorId: "59a8083a8d536067b36d5cc5", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { id } } -2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-27 03:17:46 inserted tweet 59a21dbadce0b1045f71662d. -2017-08-27 03:17:46 -------------------------------------------------------------------------------- -2017-08-27 03:17:46 Request: -User: "tobkle", role: "admin", id: "59a21dbadce0b1045f71662b", +2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:59:38 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-31 14:59:38 inserted tweet 59a8083a8d536067b36d5cc7. +2017-08-31 14:59:38 -------------------------------------------------------------------------------- +2017-08-31 14:59:38 Request: +User: "tobkle", role: "admin", id: "59a8083a8d536067b36d5cc5", Operation: "", variables: "", Query: mutation { @@ -43234,15 +4461,15 @@ mutation { } } -2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:17:46 -------------------------------------------------------------------------------- -2017-08-27 03:17:46 Request: -User: "tobkle", role: "admin", id: "59a21dbadce0b1045f71662b", +2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:59:38 -------------------------------------------------------------------------------- +2017-08-31 14:59:38 Request: +User: "tobkle", role: "admin", id: "59a8083a8d536067b36d5cc5", Operation: "", variables: "", Query: { - tweet(id: "59a21dbadce0b1045f71662d") { + tweet(id: "59a8083a8d536067b36d5cc7") { author { id } @@ -43250,14 +4477,18 @@ Query: } } -2017-08-27 03:17:46 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:17:46 inserted tweet 59a21dbadce0b1045f71662e. -2017-08-27 03:17:46 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:17:46 -------------------------------------------------------------------------------- -2017-08-27 03:17:46 Request: -User: "tobkle", role: "admin", id: "59a21dbadce0b1045f71662b", +2017-08-31 14:59:38 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 inserted tweet 59a8083a8d536067b36d5cc8. +2017-08-31 14:59:38 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 -------------------------------------------------------------------------------- +2017-08-31 14:59:38 Request: +User: "tobkle", role: "admin", id: "59a8083a8d536067b36d5cc5", Operation: "", variables: "", Query: { @@ -43269,122 +4500,138 @@ Query: } } -2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:17:46 -------------------------------------------------------------------------------- -2017-08-27 03:17:46 Request: -User: "tobkle", role: "admin", id: "59a21dbadce0b1045f71662b", +2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 -------------------------------------------------------------------------------- +2017-08-31 14:59:38 Request: +User: "tobkle", role: "admin", id: "59a8083a8d536067b36d5cc5", Operation: "", variables: "", Query: mutation { - updateTweet(id: "59a21dbadce0b1045f71662d", input: {body: "This is a modified test tweet"}) { + updateTweet(id: "59a8083a8d536067b36d5cc7", input: {body: "This is a modified test tweet"}) { body } } -2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:17:46 updated tweet 59a21dbadce0b1045f71662d. -2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:17:46 -------------------------------------------------------------------------------- -2017-08-27 03:17:46 Request: -User: "tobkle", role: "admin", id: "59a21dbadce0b1045f71662b", +2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:59:38 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:59:38 updated tweet 59a8083a8d536067b36d5cc7. +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 -------------------------------------------------------------------------------- +2017-08-31 14:59:38 Request: +User: "tobkle", role: "admin", id: "59a8083a8d536067b36d5cc5", Operation: "", variables: "", Query: mutation { - updateTweet(id: "59a21dbadce0b1045f71662e", input: {body: "This is a modified test tweet"}) { + updateTweet(id: "59a8083a8d536067b36d5cc8", input: {body: "This is a modified test tweet"}) { body } } -2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:17:46 updated tweet 59a21dbadce0b1045f71662e. -2017-08-27 03:17:46 -------------------------------------------------------------------------------- -2017-08-27 03:17:46 Request: -User: "tobkle", role: "admin", id: "59a21dbadce0b1045f71662b", +2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:59:38 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 updated tweet 59a8083a8d536067b36d5cc8. +2017-08-31 14:59:38 -------------------------------------------------------------------------------- +2017-08-31 14:59:38 Request: +User: "tobkle", role: "admin", id: "59a8083a8d536067b36d5cc5", Operation: "", variables: "", Query: { - tweet(id: "59a21dbadce0b1045f71662d") { + tweet(id: "59a8083a8d536067b36d5cc7") { body } } -2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:17:46 -------------------------------------------------------------------------------- -2017-08-27 03:17:46 Request: -User: "tobkle", role: "admin", id: "59a21dbadce0b1045f71662b", +2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 -------------------------------------------------------------------------------- +2017-08-31 14:59:38 Request: +User: "tobkle", role: "admin", id: "59a8083a8d536067b36d5cc5", Operation: "", variables: "", Query: mutation { - removeTweet(id: "59a21dbadce0b1045f71662d") + removeTweet(id: "59a8083a8d536067b36d5cc7") } -2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:17:46 removed tweet 59a21dbadce0b1045f71662d. -2017-08-27 03:17:46 -------------------------------------------------------------------------------- -2017-08-27 03:17:46 Request: -User: "tobkle", role: "admin", id: "59a21dbadce0b1045f71662b", +2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:59:38 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 removed tweet 59a8083a8d536067b36d5cc7. +2017-08-31 14:59:38 -------------------------------------------------------------------------------- +2017-08-31 14:59:38 Request: +User: "tobkle", role: "admin", id: "59a8083a8d536067b36d5cc5", Operation: "", variables: "", Query: mutation { - removeTweet(id: "59a21dbadce0b1045f71662e") + removeTweet(id: "59a8083a8d536067b36d5cc8") } -2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:17:46 removed tweet 59a21dbadce0b1045f71662e. -2017-08-27 03:17:46 -------------------------------------------------------------------------------- -2017-08-27 03:17:46 Request: -User: "tobkle", role: "admin", id: "59a21dbadce0b1045f71662b", +2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:59:38 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:59:38 removed tweet 59a8083a8d536067b36d5cc8. +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 -------------------------------------------------------------------------------- +2017-08-31 14:59:38 Request: +User: "tobkle", role: "admin", id: "59a8083a8d536067b36d5cc5", Operation: "", variables: "", Query: { - tweet(id: "59a21dbadce0b1045f71662d") { + tweet(id: "59a8083a8d536067b36d5cc7") { body } } -2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:17:46 -------------------------------------------------------------------------------- -2017-08-27 03:17:46 Request: -User: "tobkle", role: "admin", id: "59a21dbadce0b1045f71662b", +2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 -------------------------------------------------------------------------------- +2017-08-31 14:59:38 Request: +User: "tobkle", role: "admin", id: "59a8083a8d536067b36d5cc5", Operation: "", variables: "", Query: mutation { - removeUser(id: "59a21dbadce0b1045f71662b") + removeUser(id: "59a8083a8d536067b36d5cc5") } -2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:17:46 removed user 59a21dbadce0b1045f71662b. -2017-08-27 03:17:46 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:17:46 -------------------------------------------------------------------------------- -2017-08-27 03:17:46 Request: +2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:59:38 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 removed user 59a8083a8d536067b36d5cc5. +2017-08-31 14:59:38 -------------------------------------------------------------------------------- +2017-08-31 14:59:38 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: { - user(id: "59a21dbadce0b1045f71662b") { + user(id: "59a8083a8d536067b36d5cc5") { username bio role } } -2017-08-27 03:17:46 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 03:17:46 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:17:46 -------------------------------------------------------------------------------- -2017-08-27 03:17:46 Request: +2017-08-31 14:59:38 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:59:38 ERROR Authorize readOne 'user' with user '' undefined +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 -------------------------------------------------------------------------------- +2017-08-31 14:59:38 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -43394,13 +4641,12 @@ mutation { } } -2017-08-27 03:17:46 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 03:17:46 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-27 03:17:46 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-27 03:17:46 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:17:46 -------------------------------------------------------------------------------- -2017-08-27 03:17:46 Request: +2017-08-31 14:59:38 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-31 14:59:38 -------------------------------------------------------------------------------- +2017-08-31 14:59:38 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -43412,12 +4658,12 @@ Query: } } -2017-08-27 03:17:46 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 03:17:46 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:17:46 -------------------------------------------------------------------------------- -2017-08-27 03:17:46 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. -2017-08-27 03:17:46 Request: +2017-08-31 14:59:38 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:59:38 ERROR Authorize readOne 'user' with user '' undefined +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 -------------------------------------------------------------------------------- +2017-08-31 14:59:38 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -43429,13 +4675,12 @@ mutation { } } -2017-08-27 03:17:46 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 03:17:46 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. -2017-08-27 03:17:46 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:17:46 -------------------------------------------------------------------------------- -2017-08-27 03:17:46 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-27 03:17:46 Request: +2017-08-31 14:59:38 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:59:38 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 -------------------------------------------------------------------------------- +2017-08-31 14:59:38 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -43443,12 +4688,12 @@ mutation { removeUser(id: "583291a1638566b3c5a92ca1") } -2017-08-27 03:17:46 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 03:17:46 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-27 03:17:46 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:17:46 -------------------------------------------------------------------------------- -2017-08-27 03:17:46 Request: +2017-08-31 14:59:38 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:59:38 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 -------------------------------------------------------------------------------- +2017-08-31 14:59:38 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -43458,12 +4703,11 @@ mutation { } } -2017-08-27 03:17:46 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 03:17:46 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:17:46 -------------------------------------------------------------------------------- -2017-08-27 03:17:46 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-27 03:17:46 Request: +2017-08-31 14:59:38 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 -------------------------------------------------------------------------------- +2017-08-31 14:59:38 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -43473,12 +4717,12 @@ mutation { } } -2017-08-27 03:17:46 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 03:17:46 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-27 03:17:46 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:17:46 -------------------------------------------------------------------------------- -2017-08-27 03:17:46 Request: +2017-08-31 14:59:38 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:59:38 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 -------------------------------------------------------------------------------- +2017-08-31 14:59:38 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -43491,12 +4735,12 @@ Query: } } -2017-08-27 03:17:46 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 03:17:46 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:17:46 -------------------------------------------------------------------------------- -2017-08-27 03:17:46 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-27 03:17:46 Request: +2017-08-31 14:59:38 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 ERROR Authorize readOne 'tweet author' with user '' undefined +2017-08-31 14:59:38 -------------------------------------------------------------------------------- +2017-08-31 14:59:38 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -43506,13 +4750,12 @@ mutation { } } -2017-08-27 03:17:46 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 03:17:46 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-27 03:17:46 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:17:46 -------------------------------------------------------------------------------- -2017-08-27 03:17:46 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-27 03:17:46 Request: +2017-08-31 14:59:38 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:59:38 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 -------------------------------------------------------------------------------- +2017-08-31 14:59:38 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -43522,13 +4765,12 @@ mutation { } } -2017-08-27 03:17:46 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 03:17:46 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-27 03:17:46 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:17:46 -------------------------------------------------------------------------------- -2017-08-27 03:17:46 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-27 03:17:46 Request: +2017-08-31 14:59:38 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:59:38 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 -------------------------------------------------------------------------------- +2017-08-31 14:59:38 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -43536,11 +4778,12 @@ mutation { removeTweet(id: "583676d3618530145474e352") } -2017-08-27 03:17:46 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 03:17:46 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-27 03:17:46 -------------------------------------------------------------------------------- -2017-08-27 03:17:46 Request: +2017-08-31 14:59:38 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:59:38 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 -------------------------------------------------------------------------------- +2017-08-31 14:59:38 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -43551,14 +4794,16 @@ mutation { } } -2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:46 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-27 03:17:46 inserted user 59a21dbadce0b1045f71662f. -2017-08-27 03:17:46 -------------------------------------------------------------------------------- -2017-08-27 03:17:46 Request: -User: "tobkle", role: "user", id: "59a21dbadce0b1045f71662f", +2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:38 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-31 14:59:38 inserted user 59a8083a8d536067b36d5cc9. +2017-08-31 14:59:38 -------------------------------------------------------------------------------- +2017-08-31 14:59:38 Request: +User: "tobkle", role: "user", id: "59a8083a8d536067b36d5cc9", Operation: "", variables: "", Query: mutation { @@ -43567,20 +4812,21 @@ mutation { } } -2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "_id": "59a21dbadce0b1045f71662f" + "_id": "59a8083a8d536067b36d5cc9" } ] } -2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 03:17:46 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. -2017-08-27 03:17:46 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. -2017-08-27 03:17:46 -------------------------------------------------------------------------------- -2017-08-27 03:17:46 Request: -User: "tobkle", role: "user", id: "59a21dbadce0b1045f71662f", +2017-08-31 14:59:38 registered authorizedLoader successfully +2017-08-31 14:59:39 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. +2017-08-31 14:59:39 -------------------------------------------------------------------------------- +2017-08-31 14:59:39 Request: +User: "tobkle", role: "user", id: "59a8083a8d536067b36d5cc9", Operation: "", variables: "", Query: { @@ -43591,59 +4837,65 @@ Query: } } -2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "_id": "59a21dbadce0b1045f71662f" + "_id": "59a8083a8d536067b36d5cc9" } ] } -2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 03:17:46 -------------------------------------------------------------------------------- -2017-08-27 03:17:46 Request: -User: "tobkle", role: "user", id: "59a21dbadce0b1045f71662f", +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 -------------------------------------------------------------------------------- +2017-08-31 14:59:39 Request: +User: "tobkle", role: "user", id: "59a8083a8d536067b36d5cc9", Operation: "", variables: "", Query: { - user(id: "59a21dbadce0b1045f71662f") { + user(id: "59a8083a8d536067b36d5cc9") { username } } -2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "_id": "59a21dbadce0b1045f71662f" + "_id": "59a8083a8d536067b36d5cc9" } ] } -2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 03:17:46 -------------------------------------------------------------------------------- -2017-08-27 03:17:46 Request: -User: "tobkle", role: "user", id: "59a21dbadce0b1045f71662f", +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 -------------------------------------------------------------------------------- +2017-08-31 14:59:39 Request: +User: "tobkle", role: "user", id: "59a8083a8d536067b36d5cc9", Operation: "", variables: "", Query: { - user(id: "59a21dbadce0b1045f71662f") { + user(id: "59a8083a8d536067b36d5cc9") { username role } } -2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "_id": "59a21dbadce0b1045f71662f" + "_id": "59a8083a8d536067b36d5cc9" } ] } -2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 03:17:46 -------------------------------------------------------------------------------- -2017-08-27 03:17:46 Request: -User: "tobkle", role: "user", id: "59a21dbadce0b1045f71662f", +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 -------------------------------------------------------------------------------- +2017-08-31 14:59:39 Request: +User: "tobkle", role: "user", id: "59a8083a8d536067b36d5cc9", Operation: "", variables: "", Query: mutation { @@ -43654,138 +4906,145 @@ mutation { } } -2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-31 14:59:39 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "_id": "59a21dbadce0b1045f71662f" + "_id": "59a8083a8d536067b36d5cc9" } ] } -2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 03:17:46 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with +2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "_id": "59a21dbadce0b1045f71662f" + "_id": "59a8083a8d536067b36d5cc9" } ] } -2017-08-27 03:17:46 ERROR update user not possible for 583291a1638566b3c5a92ca1. -2017-08-27 03:17:46 -------------------------------------------------------------------------------- -2017-08-27 03:17:46 Request: -User: "tobkle", role: "user", id: "59a21dbadce0b1045f71662f", +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 -------------------------------------------------------------------------------- +2017-08-31 14:59:39 Request: +User: "tobkle", role: "user", id: "59a8083a8d536067b36d5cc9", Operation: "", variables: "", Query: mutation { - updateUser(id: "59a21dbadce0b1045f71662f", input: {username: "tobkle", bio: "Maker of things, I guess"}) { + updateUser(id: "59a8083a8d536067b36d5cc9", input: {username: "tobkle", bio: "Maker of things, I guess"}) { username bio } } -2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-31 14:59:39 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "_id": "59a21dbadce0b1045f71662f" + "_id": "59a8083a8d536067b36d5cc9" } ] } -2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 03:17:46 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with +2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "_id": "59a21dbadce0b1045f71662f" + "_id": "59a8083a8d536067b36d5cc9" } ] } -2017-08-27 03:17:46 updated user 59a21dbadce0b1045f71662f. -2017-08-27 03:17:46 -------------------------------------------------------------------------------- -2017-08-27 03:17:46 Request: -User: "tobkle", role: "user", id: "59a21dbadce0b1045f71662f", +2017-08-31 14:59:39 updated user 59a8083a8d536067b36d5cc9. +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 -------------------------------------------------------------------------------- +2017-08-31 14:59:39 Request: +User: "tobkle", role: "user", id: "59a8083a8d536067b36d5cc9", Operation: "", variables: "", Query: mutation { - updateUser(id: "59a21dbadce0b1045f71662f", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + updateUser(id: "59a8083a8d536067b36d5cc9", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { username bio role } } -2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-31 14:59:39 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "_id": "59a21dbadce0b1045f71662f" + "_id": "59a8083a8d536067b36d5cc9" } ] } -2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 03:17:46 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with +2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "_id": "59a21dbadce0b1045f71662f" + "_id": "59a8083a8d536067b36d5cc9" } ] } -2017-08-27 03:17:46 updated user 59a21dbadce0b1045f71662f. -2017-08-27 03:17:46 -------------------------------------------------------------------------------- -2017-08-27 03:17:46 Request: -User: "tobkle", role: "user", id: "59a21dbadce0b1045f71662f", +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 updated user 59a8083a8d536067b36d5cc9. +2017-08-31 14:59:39 -------------------------------------------------------------------------------- +2017-08-31 14:59:39 Request: +User: "tobkle", role: "user", id: "59a8083a8d536067b36d5cc9", Operation: "", variables: "", Query: mutation { removeUser(id: "583291a1638566b3c5a92ca1") } -2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-31 14:59:39 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "_id": "59a21dbadce0b1045f71662f" + "_id": "59a8083a8d536067b36d5cc9" } ] } -2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 03:17:46 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with +2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "_id": "59a21dbadce0b1045f71662f" + "_id": "59a8083a8d536067b36d5cc9" } ] } -2017-08-27 03:17:46 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-08-27 03:17:46 -------------------------------------------------------------------------------- -2017-08-27 03:17:46 Request: -User: "tobkle", role: "user", id: "59a21dbadce0b1045f71662f", +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 -------------------------------------------------------------------------------- +2017-08-31 14:59:39 Request: +User: "tobkle", role: "user", id: "59a8083a8d536067b36d5cc9", Operation: "", variables: "", Query: mutation { - createTweet(input: {authorId: "59a21dbadce0b1045f71662f", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + createTweet(input: {authorId: "59a8083a8d536067b36d5cc9", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { id } } -2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-31 14:59:39 inserted tweet 59a8083b8d536067b36d5cca. +2017-08-31 14:59:39 Authorize create 'createTweet' with user 'tobkle' and role: 'user' is authorized by docRole. +2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "_id": "59a21dbadce0b1045f71662f" + "_id": "59a8083a8d536067b36d5cc9" } ] } -2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 03:17:46 Authorize create 'createTweet' with user 'tobkle' and role: 'user' is authorized by docRole. -2017-08-27 03:17:46 inserted tweet 59a21dbadce0b1045f716630. -2017-08-27 03:17:46 -------------------------------------------------------------------------------- -2017-08-27 03:17:46 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. -2017-08-27 03:17:46 Request: -User: "tobkle", role: "user", id: "59a21dbadce0b1045f71662f", +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 -------------------------------------------------------------------------------- +2017-08-31 14:59:39 Request: +User: "tobkle", role: "user", id: "59a8083a8d536067b36d5cc9", Operation: "", variables: "", Query: mutation { @@ -43794,23 +5053,25 @@ mutation { } } -2017-08-27 03:17:46 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-31 14:59:39 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. +2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "_id": "59a21dbadce0b1045f71662f" + "_id": "59a8083a8d536067b36d5cc9" } ] } -2017-08-27 03:17:46 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 03:17:46 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. -2017-08-27 03:17:47 -------------------------------------------------------------------------------- -2017-08-27 03:17:47 Request: -User: "tobkle", role: "user", id: "59a21dbadce0b1045f71662f", +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 -------------------------------------------------------------------------------- +2017-08-31 14:59:39 Request: +User: "tobkle", role: "user", id: "59a8083a8d536067b36d5cc9", Operation: "", variables: "", Query: { - tweet(id: "59a21dbadce0b1045f716630") { + tweet(id: "59a8083b8d536067b36d5cca") { author { id } @@ -43818,18 +5079,20 @@ Query: } } -2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "_id": "59a21dbadce0b1045f71662f" + "_id": "59a8083a8d536067b36d5cc9" } ] } -2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 03:17:47 -------------------------------------------------------------------------------- -2017-08-27 03:17:47 Request: -User: "tobkle", role: "user", id: "59a21dbadce0b1045f71662f", +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 -------------------------------------------------------------------------------- +2017-08-31 14:59:39 Request: +User: "tobkle", role: "user", id: "59a8083a8d536067b36d5cc9", Operation: "", variables: "", Query: { @@ -43841,50 +5104,54 @@ Query: } } -2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "_id": "59a21dbadce0b1045f71662f" + "_id": "59a8083a8d536067b36d5cc9" } ] } -2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 03:17:47 -------------------------------------------------------------------------------- -2017-08-27 03:17:47 Request: -User: "tobkle", role: "user", id: "59a21dbadce0b1045f71662f", +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 -------------------------------------------------------------------------------- +2017-08-31 14:59:39 Request: +User: "tobkle", role: "user", id: "59a8083a8d536067b36d5cc9", Operation: "", variables: "", Query: mutation { - updateTweet(id: "59a21dbadce0b1045f716630", input: {body: "This is a modified test tweet"}) { + updateTweet(id: "59a8083b8d536067b36d5cca", input: {body: "This is a modified test tweet"}) { body } } -2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-31 14:59:39 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "_id": "59a21dbadce0b1045f71662f" + "authorId": "59a8083a8d536067b36d5cc9" + }, + { + "coauthorsIds": "59a8083a8d536067b36d5cc9" } ] } -2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 03:17:47 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with +2017-08-31 14:59:39 updated tweet 59a8083b8d536067b36d5cca. +2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "authorId": "59a21dbadce0b1045f71662f" - }, - { - "coauthorsIds": "59a21dbadce0b1045f71662f" + "_id": "59a8083a8d536067b36d5cc9" } ] } -2017-08-27 03:17:47 updated tweet 59a21dbadce0b1045f716630. -2017-08-27 03:17:47 -------------------------------------------------------------------------------- -2017-08-27 03:17:47 Request: -User: "tobkle", role: "user", id: "59a21dbadce0b1045f71662f", +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 -------------------------------------------------------------------------------- +2017-08-31 14:59:39 Request: +User: "tobkle", role: "user", id: "59a8083a8d536067b36d5cc9", Operation: "", variables: "", Query: mutation { @@ -43893,166 +5160,177 @@ mutation { } } -2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-31 14:59:39 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "_id": "59a21dbadce0b1045f71662f" + "authorId": "59a8083a8d536067b36d5cc9" + }, + { + "coauthorsIds": "59a8083a8d536067b36d5cc9" } ] } -2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 03:17:47 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with +2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "authorId": "59a21dbadce0b1045f71662f" - }, - { - "coauthorsIds": "59a21dbadce0b1045f71662f" + "_id": "59a8083a8d536067b36d5cc9" } ] } -2017-08-27 03:17:47 ERROR update tweet not possible for 583676d3618530145474e352. -2017-08-27 03:17:47 -------------------------------------------------------------------------------- -2017-08-27 03:17:47 Request: -User: "tobkle", role: "user", id: "59a21dbadce0b1045f71662f", +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 -------------------------------------------------------------------------------- +2017-08-31 14:59:39 Request: +User: "tobkle", role: "user", id: "59a8083a8d536067b36d5cc9", Operation: "", variables: "", Query: { - tweet(id: "59a21dbadce0b1045f716630") { + tweet(id: "59a8083b8d536067b36d5cca") { body } } -2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "_id": "59a21dbadce0b1045f71662f" + "_id": "59a8083a8d536067b36d5cc9" } ] } -2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 03:17:47 -------------------------------------------------------------------------------- -2017-08-27 03:17:47 Request: -User: "tobkle", role: "user", id: "59a21dbadce0b1045f71662f", +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 -------------------------------------------------------------------------------- +2017-08-31 14:59:39 Request: +User: "tobkle", role: "user", id: "59a8083a8d536067b36d5cc9", Operation: "", variables: "", Query: mutation { - removeTweet(id: "59a21dbadce0b1045f716630") + removeTweet(id: "59a8083b8d536067b36d5cca") } -2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-31 14:59:39 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "_id": "59a21dbadce0b1045f71662f" + "authorId": "59a8083a8d536067b36d5cc9" } ] } -2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 03:17:47 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with +2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "authorId": "59a21dbadce0b1045f71662f" + "_id": "59a8083a8d536067b36d5cc9" } ] } -2017-08-27 03:17:47 removed tweet 59a21dbadce0b1045f716630. -2017-08-27 03:17:47 -------------------------------------------------------------------------------- -2017-08-27 03:17:47 Request: -User: "tobkle", role: "user", id: "59a21dbadce0b1045f71662f", +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 removed tweet 59a8083b8d536067b36d5cca. +2017-08-31 14:59:39 -------------------------------------------------------------------------------- +2017-08-31 14:59:39 Request: +User: "tobkle", role: "user", id: "59a8083a8d536067b36d5cc9", Operation: "", variables: "", Query: mutation { removeTweet(id: "583676d3618530145474e352") } -2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-31 14:59:39 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "_id": "59a21dbadce0b1045f71662f" + "authorId": "59a8083a8d536067b36d5cc9" } ] } -2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 03:17:47 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with +2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "authorId": "59a21dbadce0b1045f71662f" + "_id": "59a8083a8d536067b36d5cc9" } ] } -2017-08-27 03:17:47 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-08-27 03:17:47 -------------------------------------------------------------------------------- -2017-08-27 03:17:47 Request: -User: "tobkle", role: "user", id: "59a21dbadce0b1045f71662f", +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 -------------------------------------------------------------------------------- +2017-08-31 14:59:39 Request: +User: "tobkle", role: "user", id: "59a8083a8d536067b36d5cc9", Operation: "", variables: "", Query: { - tweet(id: "59a21dbadce0b1045f716630") { + tweet(id: "59a8083b8d536067b36d5cca") { body } } -2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "_id": "59a21dbadce0b1045f71662f" + "_id": "59a8083a8d536067b36d5cc9" } ] } -2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 03:17:47 -------------------------------------------------------------------------------- -2017-08-27 03:17:47 Request: -User: "tobkle", role: "user", id: "59a21dbadce0b1045f71662f", +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 -------------------------------------------------------------------------------- +2017-08-31 14:59:39 Request: +User: "tobkle", role: "user", id: "59a8083a8d536067b36d5cc9", Operation: "", variables: "", Query: mutation { - removeUser(id: "59a21dbadce0b1045f71662f") + removeUser(id: "59a8083a8d536067b36d5cc9") } -2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-31 14:59:39 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "_id": "59a21dbadce0b1045f71662f" + "_id": "59a8083a8d536067b36d5cc9" } ] } -2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 03:17:47 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with +2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "_id": "59a21dbadce0b1045f71662f" + "_id": "59a8083a8d536067b36d5cc9" } ] } -2017-08-27 03:17:47 removed user 59a21dbadce0b1045f71662f. -2017-08-27 03:17:47 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:17:47 -------------------------------------------------------------------------------- -2017-08-27 03:17:47 Request: +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 removed user 59a8083a8d536067b36d5cc9. +2017-08-31 14:59:39 -------------------------------------------------------------------------------- +2017-08-31 14:59:39 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: { - user(id: "59a21dbadce0b1045f71662f") { + user(id: "59a8083a8d536067b36d5cc9") { username bio role } } -2017-08-27 03:17:47 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 03:17:47 -------------------------------------------------------------------------------- -2017-08-27 03:17:47 Request: +2017-08-31 14:59:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:59:39 ERROR Authorize readOne 'user' with user '' undefined +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 -------------------------------------------------------------------------------- +2017-08-31 14:59:39 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -44063,14 +5341,16 @@ mutation { } } -2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:47 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:17:47 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-27 03:17:47 inserted user 59a21dbbdce0b1045f716631. -2017-08-27 03:17:47 -------------------------------------------------------------------------------- -2017-08-27 03:17:47 Request: -User: "tobkle", role: "editor", id: "59a21dbbdce0b1045f716631", +2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-31 14:59:39 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-31 14:59:39 inserted user 59a8083b8d536067b36d5ccb. +2017-08-31 14:59:39 -------------------------------------------------------------------------------- +2017-08-31 14:59:39 Request: +User: "tobkle", role: "editor", id: "59a8083b8d536067b36d5ccb", Operation: "", variables: "", Query: mutation { @@ -44079,20 +5359,21 @@ mutation { } } -2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with authQuery: { "$or": [ { - "_id": "59a21dbbdce0b1045f716631" + "_id": "59a8083b8d536067b36d5ccb" } ] } -2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-27 03:17:47 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. -2017-08-27 03:17:47 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. -2017-08-27 03:17:47 -------------------------------------------------------------------------------- -2017-08-27 03:17:47 Request: -User: "tobkle", role: "editor", id: "59a21dbbdce0b1045f716631", +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. +2017-08-31 14:59:39 -------------------------------------------------------------------------------- +2017-08-31 14:59:39 Request: +User: "tobkle", role: "editor", id: "59a8083b8d536067b36d5ccb", Operation: "", variables: "", Query: { @@ -44103,39 +5384,43 @@ Query: } } -2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with authQuery: { "$or": [ { - "_id": "59a21dbbdce0b1045f716631" + "_id": "59a8083b8d536067b36d5ccb" } ] } -2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-27 03:17:47 -------------------------------------------------------------------------------- -2017-08-27 03:17:47 Request: -User: "tobkle", role: "editor", id: "59a21dbbdce0b1045f716631", +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 -------------------------------------------------------------------------------- +2017-08-31 14:59:39 Request: +User: "tobkle", role: "editor", id: "59a8083b8d536067b36d5ccb", Operation: "", variables: "", Query: { - user(id: "59a21dbbdce0b1045f716631") { + user(id: "59a8083b8d536067b36d5ccb") { username role } } -2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with authQuery: { "$or": [ { - "_id": "59a21dbbdce0b1045f716631" + "_id": "59a8083b8d536067b36d5ccb" } ] } -2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-27 03:17:47 -------------------------------------------------------------------------------- -2017-08-27 03:17:47 Request: -User: "tobkle", role: "editor", id: "59a21dbbdce0b1045f716631", +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 -------------------------------------------------------------------------------- +2017-08-31 14:59:39 Request: +User: "tobkle", role: "editor", id: "59a8083b8d536067b36d5ccb", Operation: "", variables: "", Query: mutation { @@ -44146,138 +5431,145 @@ mutation { } } -2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-31 14:59:39 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with authQuery: { "$or": [ { - "_id": "59a21dbbdce0b1045f716631" + "_id": "59a8083b8d536067b36d5ccb" } ] } -2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-27 03:17:47 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with +2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with authQuery: { "$or": [ { - "_id": "59a21dbbdce0b1045f716631" + "_id": "59a8083b8d536067b36d5ccb" } ] } -2017-08-27 03:17:47 ERROR update user not possible for 583291a1638566b3c5a92ca1. -2017-08-27 03:17:47 -------------------------------------------------------------------------------- -2017-08-27 03:17:47 updated user 59a21dbbdce0b1045f716631. -2017-08-27 03:17:47 Request: -User: "tobkle", role: "editor", id: "59a21dbbdce0b1045f716631", +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 -------------------------------------------------------------------------------- +2017-08-31 14:59:39 Request: +User: "tobkle", role: "editor", id: "59a8083b8d536067b36d5ccb", Operation: "", variables: "", Query: mutation { - updateUser(id: "59a21dbbdce0b1045f716631", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { + updateUser(id: "59a8083b8d536067b36d5ccb", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { username bio } } -2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-31 14:59:39 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with authQuery: { "$or": [ { - "_id": "59a21dbbdce0b1045f716631" + "_id": "59a8083b8d536067b36d5ccb" } ] } -2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-27 03:17:47 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with +2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with authQuery: { "$or": [ { - "_id": "59a21dbbdce0b1045f716631" + "_id": "59a8083b8d536067b36d5ccb" } ] } -2017-08-27 03:17:47 -------------------------------------------------------------------------------- -2017-08-27 03:17:47 Request: -User: "tmeasday", role: "editor", id: "59a21dbbdce0b1045f716631", +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 updated user 59a8083b8d536067b36d5ccb. +2017-08-31 14:59:39 -------------------------------------------------------------------------------- +2017-08-31 14:59:39 Request: +User: "tmeasday", role: "editor", id: "59a8083b8d536067b36d5ccb", Operation: "", variables: "", Query: mutation { - updateUser(id: "59a21dbbdce0b1045f716631", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { + updateUser(id: "59a8083b8d536067b36d5ccb", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { username bio role } } -2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-31 14:59:39 updated user 59a8083b8d536067b36d5ccb. +2017-08-31 14:59:39 Authorize update 'updateUser' with user 'tmeasday' and role: 'editor' with authQuery: { "$or": [ { - "_id": "59a21dbbdce0b1045f716631" + "_id": "59a8083b8d536067b36d5ccb" } ] } -2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-27 03:17:47 Authorize update 'updateUser' with user 'tmeasday' and role: 'editor' with +2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with authQuery: { "$or": [ { - "_id": "59a21dbbdce0b1045f716631" + "_id": "59a8083b8d536067b36d5ccb" } ] } -2017-08-27 03:17:47 updated user 59a21dbbdce0b1045f716631. -2017-08-27 03:17:47 -------------------------------------------------------------------------------- -2017-08-27 03:17:47 Request: -User: "tmeasday", role: "editor", id: "59a21dbbdce0b1045f716631", +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 -------------------------------------------------------------------------------- +2017-08-31 14:59:39 Request: +User: "tmeasday", role: "editor", id: "59a8083b8d536067b36d5ccb", Operation: "", variables: "", Query: mutation { removeUser(id: "583291a1638566b3c5a92ca1") } -2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-31 14:59:39 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with authQuery: { "$or": [ { - "_id": "59a21dbbdce0b1045f716631" + "_id": "59a8083b8d536067b36d5ccb" } ] } -2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-27 03:17:47 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with +2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with authQuery: { "$or": [ { - "_id": "59a21dbbdce0b1045f716631" + "_id": "59a8083b8d536067b36d5ccb" } ] } -2017-08-27 03:17:47 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-08-27 03:17:47 -------------------------------------------------------------------------------- -2017-08-27 03:17:47 Request: -User: "tmeasday", role: "editor", id: "59a21dbbdce0b1045f716631", +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 -------------------------------------------------------------------------------- +2017-08-31 14:59:39 Request: +User: "tmeasday", role: "editor", id: "59a8083b8d536067b36d5ccb", Operation: "", variables: "", Query: mutation { - createTweet(input: {authorId: "59a21dbbdce0b1045f716631", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + createTweet(input: {authorId: "59a8083b8d536067b36d5ccb", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { id } } -2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-31 14:59:39 Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is authorized by docRole. +2017-08-31 14:59:39 inserted tweet 59a8083b8d536067b36d5ccc. +2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with authQuery: { "$or": [ { - "_id": "59a21dbbdce0b1045f716631" + "_id": "59a8083b8d536067b36d5ccb" } ] } -2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-27 03:17:47 Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is authorized by docRole. -2017-08-27 03:17:47 inserted tweet 59a21dbbdce0b1045f716632. -2017-08-27 03:17:47 -------------------------------------------------------------------------------- -2017-08-27 03:17:47 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. -2017-08-27 03:17:47 Request: -User: "tmeasday", role: "editor", id: "59a21dbbdce0b1045f716631", +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 -------------------------------------------------------------------------------- +2017-08-31 14:59:39 Request: +User: "tmeasday", role: "editor", id: "59a8083b8d536067b36d5ccb", Operation: "", variables: "", Query: mutation { @@ -44286,23 +5578,25 @@ mutation { } } -2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-31 14:59:39 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. +2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with authQuery: { "$or": [ { - "_id": "59a21dbbdce0b1045f716631" + "_id": "59a8083b8d536067b36d5ccb" } ] } -2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-27 03:17:47 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. -2017-08-27 03:17:47 -------------------------------------------------------------------------------- -2017-08-27 03:17:47 Request: -User: "tmeasday", role: "editor", id: "59a21dbbdce0b1045f716631", +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 -------------------------------------------------------------------------------- +2017-08-31 14:59:39 Request: +User: "tmeasday", role: "editor", id: "59a8083b8d536067b36d5ccb", Operation: "", variables: "", Query: { - tweet(id: "59a21dbbdce0b1045f716632") { + tweet(id: "59a8083b8d536067b36d5ccc") { author { id } @@ -44310,18 +5604,20 @@ Query: } } -2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with authQuery: { "$or": [ { - "_id": "59a21dbbdce0b1045f716631" + "_id": "59a8083b8d536067b36d5ccb" } ] } -2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-27 03:17:47 -------------------------------------------------------------------------------- -2017-08-27 03:17:47 Request: -User: "tmeasday", role: "editor", id: "59a21dbbdce0b1045f716631", +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 -------------------------------------------------------------------------------- +2017-08-31 14:59:39 Request: +User: "tmeasday", role: "editor", id: "59a8083b8d536067b36d5ccb", Operation: "", variables: "", Query: { @@ -44333,50 +5629,54 @@ Query: } } -2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with authQuery: { "$or": [ { - "_id": "59a21dbbdce0b1045f716631" + "_id": "59a8083b8d536067b36d5ccb" } ] } -2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-27 03:17:47 -------------------------------------------------------------------------------- -2017-08-27 03:17:47 Request: -User: "tmeasday", role: "editor", id: "59a21dbbdce0b1045f716631", +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 -------------------------------------------------------------------------------- +2017-08-31 14:59:39 Request: +User: "tmeasday", role: "editor", id: "59a8083b8d536067b36d5ccb", Operation: "", variables: "", Query: mutation { - updateTweet(id: "59a21dbbdce0b1045f716632", input: {body: "This is a modified test tweet"}) { + updateTweet(id: "59a8083b8d536067b36d5ccc", input: {body: "This is a modified test tweet"}) { body } } -2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-31 14:59:39 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with authQuery: { "$or": [ { - "_id": "59a21dbbdce0b1045f716631" + "authorId": "59a8083b8d536067b36d5ccb" + }, + { + "coauthorsIds": "59a8083b8d536067b36d5ccb" } ] } -2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-27 03:17:47 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with +2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with authQuery: { "$or": [ { - "authorId": "59a21dbbdce0b1045f716631" - }, - { - "coauthorsIds": "59a21dbbdce0b1045f716631" + "_id": "59a8083b8d536067b36d5ccb" } ] } -2017-08-27 03:17:47 updated tweet 59a21dbbdce0b1045f716632. -2017-08-27 03:17:47 -------------------------------------------------------------------------------- -2017-08-27 03:17:47 Request: -User: "tmeasday", role: "editor", id: "59a21dbbdce0b1045f716631", +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 updated tweet 59a8083b8d536067b36d5ccc. +2017-08-31 14:59:39 -------------------------------------------------------------------------------- +2017-08-31 14:59:39 Request: +User: "tmeasday", role: "editor", id: "59a8083b8d536067b36d5ccb", Operation: "", variables: "", Query: mutation { @@ -44385,182 +5685,177 @@ mutation { } } -2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-31 14:59:39 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with authQuery: { "$or": [ { - "_id": "59a21dbbdce0b1045f716631" + "authorId": "59a8083b8d536067b36d5ccb" + }, + { + "coauthorsIds": "59a8083b8d536067b36d5ccb" } ] } -2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-27 03:17:47 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with +2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with authQuery: { "$or": [ { - "authorId": "59a21dbbdce0b1045f716631" - }, - { - "coauthorsIds": "59a21dbbdce0b1045f716631" + "_id": "59a8083b8d536067b36d5ccb" } ] } -2017-08-27 03:17:47 ERROR update tweet not possible for 583676d3618530145474e352. -2017-08-27 03:17:47 -------------------------------------------------------------------------------- -2017-08-27 03:17:47 Request: -User: "tmeasday", role: "editor", id: "59a21dbbdce0b1045f716631", +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 -------------------------------------------------------------------------------- +2017-08-31 14:59:39 Request: +User: "tmeasday", role: "editor", id: "59a8083b8d536067b36d5ccb", Operation: "", variables: "", Query: { - tweet(id: "59a21dbbdce0b1045f716632") { + tweet(id: "59a8083b8d536067b36d5ccc") { body } } -2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with authQuery: { "$or": [ { - "_id": "59a21dbbdce0b1045f716631" + "_id": "59a8083b8d536067b36d5ccb" } ] } -2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-27 03:17:47 -------------------------------------------------------------------------------- -2017-08-27 03:17:47 Request: -User: "tmeasday", role: "editor", id: "59a21dbbdce0b1045f716631", +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 -------------------------------------------------------------------------------- +2017-08-31 14:59:39 Request: +User: "tmeasday", role: "editor", id: "59a8083b8d536067b36d5ccb", Operation: "", variables: "", Query: mutation { - removeTweet(id: "59a21dbbdce0b1045f716632") + removeTweet(id: "59a8083b8d536067b36d5ccc") } -2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-31 14:59:39 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with authQuery: { "$or": [ { - "_id": "59a21dbbdce0b1045f716631" + "authorId": "59a8083b8d536067b36d5ccb" } ] } -2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-27 03:17:47 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with +2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with authQuery: { "$or": [ { - "authorId": "59a21dbbdce0b1045f716631" + "_id": "59a8083b8d536067b36d5ccb" } ] } -2017-08-27 03:17:47 removed tweet 59a21dbbdce0b1045f716632. -2017-08-27 03:17:47 -------------------------------------------------------------------------------- -2017-08-27 03:17:47 Request: -User: "tmeasday", role: "editor", id: "59a21dbbdce0b1045f716631", +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 removed tweet 59a8083b8d536067b36d5ccc. +2017-08-31 14:59:39 -------------------------------------------------------------------------------- +2017-08-31 14:59:39 Request: +User: "tmeasday", role: "editor", id: "59a8083b8d536067b36d5ccb", Operation: "", variables: "", Query: mutation { removeTweet(id: "583676d3618530145474e352") } -2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-31 14:59:39 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with authQuery: { "$or": [ { - "_id": "59a21dbbdce0b1045f716631" + "authorId": "59a8083b8d536067b36d5ccb" } ] } -2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-27 03:17:47 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with +2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with authQuery: { "$or": [ { - "authorId": "59a21dbbdce0b1045f716631" + "_id": "59a8083b8d536067b36d5ccb" } ] } -2017-08-27 03:17:47 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-08-27 03:17:47 -------------------------------------------------------------------------------- -2017-08-27 03:17:47 Request: -User: "tmeasday", role: "editor", id: "59a21dbbdce0b1045f716631", +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 -------------------------------------------------------------------------------- +2017-08-31 14:59:39 Request: +User: "tmeasday", role: "editor", id: "59a8083b8d536067b36d5ccb", Operation: "", variables: "", Query: { - tweet(id: "59a21dbbdce0b1045f716632") { + tweet(id: "59a8083b8d536067b36d5ccc") { body } } -2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with authQuery: { "$or": [ { - "_id": "59a21dbbdce0b1045f716631" + "_id": "59a8083b8d536067b36d5ccb" } ] } -2017-08-27 03:17:47 -------------------------------------------------------------------------------- -2017-08-27 03:17:47 Request: -User: "tmeasday", role: "editor", id: "59a21dbbdce0b1045f716631", +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 -------------------------------------------------------------------------------- +2017-08-31 14:59:39 Request: +User: "tmeasday", role: "editor", id: "59a8083b8d536067b36d5ccb", Operation: "", variables: "", Query: mutation { - removeUser(id: "59a21dbbdce0b1045f716631") + removeUser(id: "59a8083b8d536067b36d5ccb") } -2017-08-27 03:17:47 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-31 14:59:39 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with authQuery: { "$or": [ { - "_id": "59a21dbbdce0b1045f716631" + "_id": "59a8083b8d536067b36d5ccb" } ] } -2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-27 03:17:47 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with +2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with authQuery: { "$or": [ { - "_id": "59a21dbbdce0b1045f716631" + "_id": "59a8083b8d536067b36d5ccb" } ] } -2017-08-27 03:17:47 removed user 59a21dbbdce0b1045f716631. -2017-08-27 03:17:47 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:17:47 -------------------------------------------------------------------------------- -2017-08-27 03:17:47 Request: +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 14:59:39 removed user 59a8083b8d536067b36d5ccb. +2017-08-31 14:59:39 -------------------------------------------------------------------------------- +2017-08-31 14:59:39 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: { - user(id: "59a21dbbdce0b1045f716631") { + user(id: "59a8083b8d536067b36d5ccb") { username bio role } } -2017-08-27 03:17:47 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:17:47 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 03:18:25 -------------------------------------------------------------------------------- -2017-08-27 03:18:25 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-27 03:18:25 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:25 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:33 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:18:33 -------------------------------------------------------------------------------- -2017-08-27 03:18:33 Request: +2017-08-31 14:59:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 14:59:39 ERROR Authorize readOne 'user' with user '' undefined +2017-08-31 14:59:39 registered authorizedLoader successfully +2017-08-31 15:03:25 -------------------------------------------------------------------------------- +2017-08-31 15:03:25 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -44664,41 +5959,47 @@ fragment TypeRef on __Type { } } -2017-08-27 03:18:33 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:18:33 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 03:18:36 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:18:36 -------------------------------------------------------------------------------- -2017-08-27 03:18:36 ERROR Authorize readMany 'users' with user '' and role: 'null' is not authorized. -2017-08-27 03:18:36 Request: +2017-08-31 15:03:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 15:03:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 15:03:25 registered authorizedLoader successfully +2017-08-31 15:03:26 -------------------------------------------------------------------------------- +2017-08-31 15:03:26 Request: User: "", role: "", id: "", Operation: "", variables: "{}", Query: { - users { + tweets { id } } -2017-08-27 03:18:36 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:18:36 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 03:18:36 ERROR Authorize readMany 'users' with user '' and role: 'null' is not authorized. -2017-08-27 03:18:43 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:18:43 -------------------------------------------------------------------------------- -2017-08-27 03:18:43 Request: -User: "", role: "", id: "", -Operation: "", variables: "{}", +2017-08-31 15:03:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 15:03:26 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 15:03:26 Authorize readMany 'tweets' with user '' and role '' is authorized +2017-08-31 15:03:26 registered authorizedLoader successfully +2017-08-31 15:12:53 Logger started +2017-08-31 15:14:30 Logger started +2017-08-31 15:22:58 Logger started +2017-08-31 15:36:48 Logger started +2017-08-31 15:36:59 -------------------------------------------------------------------------------- +2017-08-31 15:36:59 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", Query: { - tweets { - id + __schema { + queryType { + name + } } } -2017-08-27 03:18:43 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:18:43 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 03:18:43 Authorize readMany 'tweets' with user '' and role '' is authorized -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: +2017-08-31 15:36:59 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:36:59 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:36:59 registered authorizedLoader successfully +2017-08-31 15:36:59 registered authorizedLoader successfully +2017-08-31 15:37:21 -------------------------------------------------------------------------------- +2017-08-31 15:37:21 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -44710,10 +6011,12 @@ Query: } } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: +2017-08-31 15:37:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:21 registered authorizedLoader successfully +2017-08-31 15:37:21 registered authorizedLoader successfully +2017-08-31 15:37:21 -------------------------------------------------------------------------------- +2017-08-31 15:37:21 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -44724,10 +6027,12 @@ Query: } } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: +2017-08-31 15:37:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:21 registered authorizedLoader successfully +2017-08-31 15:37:21 registered authorizedLoader successfully +2017-08-31 15:37:21 -------------------------------------------------------------------------------- +2017-08-31 15:37:21 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -44738,10 +6043,12 @@ Query: } } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: +2017-08-31 15:37:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:21 registered authorizedLoader successfully +2017-08-31 15:37:21 registered authorizedLoader successfully +2017-08-31 15:37:21 -------------------------------------------------------------------------------- +2017-08-31 15:37:21 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -44752,10 +6059,12 @@ Query: } } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: +2017-08-31 15:37:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:21 registered authorizedLoader successfully +2017-08-31 15:37:21 registered authorizedLoader successfully +2017-08-31 15:37:21 -------------------------------------------------------------------------------- +2017-08-31 15:37:21 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -44767,10 +6076,12 @@ Query: } } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: +2017-08-31 15:37:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:21 registered authorizedLoader successfully +2017-08-31 15:37:21 registered authorizedLoader successfully +2017-08-31 15:37:21 -------------------------------------------------------------------------------- +2017-08-31 15:37:21 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -44781,11 +6092,13 @@ Query: } } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: +2017-08-31 15:37:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:21 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:21 registered authorizedLoader successfully +2017-08-31 15:37:21 registered authorizedLoader successfully +2017-08-31 15:37:21 -------------------------------------------------------------------------------- +2017-08-31 15:37:21 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -44796,11 +6109,13 @@ Query: } } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: +2017-08-31 15:37:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:21 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:21 registered authorizedLoader successfully +2017-08-31 15:37:21 registered authorizedLoader successfully +2017-08-31 15:37:21 -------------------------------------------------------------------------------- +2017-08-31 15:37:21 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -44811,11 +6126,13 @@ Query: } } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: +2017-08-31 15:37:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:21 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:21 registered authorizedLoader successfully +2017-08-31 15:37:21 registered authorizedLoader successfully +2017-08-31 15:37:21 -------------------------------------------------------------------------------- +2017-08-31 15:37:21 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -44826,11 +6143,13 @@ Query: } } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: +2017-08-31 15:37:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:21 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:21 registered authorizedLoader successfully +2017-08-31 15:37:21 registered authorizedLoader successfully +2017-08-31 15:37:21 -------------------------------------------------------------------------------- +2017-08-31 15:37:21 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -44843,11 +6162,13 @@ Query: } } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: +2017-08-31 15:37:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:21 registered authorizedLoader successfully +2017-08-31 15:37:21 registered authorizedLoader successfully +2017-08-31 15:37:21 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:21 -------------------------------------------------------------------------------- +2017-08-31 15:37:21 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -44860,11 +6181,13 @@ Query: } } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: +2017-08-31 15:37:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:21 registered authorizedLoader successfully +2017-08-31 15:37:21 registered authorizedLoader successfully +2017-08-31 15:37:21 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:21 -------------------------------------------------------------------------------- +2017-08-31 15:37:21 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -44877,11 +6200,13 @@ Query: } } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: +2017-08-31 15:37:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:21 registered authorizedLoader successfully +2017-08-31 15:37:21 registered authorizedLoader successfully +2017-08-31 15:37:22 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -44894,11 +6219,13 @@ Query: } } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: +2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -44911,11 +6238,13 @@ Query: } } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: +2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -44928,11 +6257,13 @@ Query: } } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: +2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -44945,11 +6276,13 @@ Query: } } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: +2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -44962,11 +6295,13 @@ Query: } } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: +2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -44979,11 +6314,13 @@ Query: } } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: +2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -44996,11 +6333,13 @@ Query: } } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: +2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -45013,11 +6352,13 @@ Query: } } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: +2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -45030,11 +6371,13 @@ Query: } } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: +2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -45047,11 +6390,13 @@ Query: } } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: +2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -45064,11 +6409,13 @@ Query: } } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: +2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -45081,11 +6428,13 @@ Query: } } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: +2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -45098,11 +6447,13 @@ Query: } } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: +2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -45113,8 +6464,8 @@ Query: } } -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -45126,10 +6477,16 @@ Query: } } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: +2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -45140,13 +6497,13 @@ Query: } } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: +2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -45157,11 +6514,13 @@ Query: } } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: +2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -45172,11 +6531,13 @@ Query: } } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: +2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -45187,11 +6548,13 @@ Query: } } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: +2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -45204,11 +6567,13 @@ Query: } } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: +2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -45221,11 +6586,13 @@ Query: } } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: +2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -45238,11 +6605,13 @@ Query: } } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: +2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -45255,11 +6624,13 @@ Query: } } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: +2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -45270,14 +6641,16 @@ mutation { } } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-27 03:18:48 inserted user 59a21df8dce0b1045f716633. -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: -User: "tobkle", role: "admin", id: "59a21df8dce0b1045f716633", +2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-31 15:37:22 inserted user 59a811126bffa16d859c767c. +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: +User: "tobkle", role: "admin", id: "59a811126bffa16d859c767c", Operation: "", variables: "", Query: mutation { @@ -45286,188 +6659,210 @@ mutation { } } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-27 03:18:48 inserted user 59a21df8dce0b1045f716634. -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: -User: "tobkle", role: "admin", id: "59a21df8dce0b1045f716633", +2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-31 15:37:22 inserted user 59a811126bffa16d859c767d. +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: +User: "tobkle", role: "admin", id: "59a811126bffa16d859c767c", Operation: "", variables: "", Query: { - user(id: "59a21df8dce0b1045f716634") { + user(id: "59a811126bffa16d859c767d") { username bio role } } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: -User: "tobkle", role: "admin", id: "59a21df8dce0b1045f716633", +2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: +User: "tobkle", role: "admin", id: "59a811126bffa16d859c767c", Operation: "", variables: "", Query: { - user(id: "59a21df8dce0b1045f716633") { + user(id: "59a811126bffa16d859c767c") { username role } } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: -User: "tobkle", role: "admin", id: "59a21df8dce0b1045f716633", +2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: +User: "tobkle", role: "admin", id: "59a811126bffa16d859c767c", Operation: "", variables: "", Query: mutation { - updateUser(id: "59a21df8dce0b1045f716634", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + updateUser(id: "59a811126bffa16d859c767d", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { username bio role } } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:18:48 updated user 59a21df8dce0b1045f716634. -2017-08-27 03:18:48 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: -User: "tobkle", role: "admin", id: "59a21df8dce0b1045f716633", +2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-31 15:37:22 updated user 59a811126bffa16d859c767d. +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: +User: "tobkle", role: "admin", id: "59a811126bffa16d859c767c", Operation: "", variables: "", Query: mutation { - updateUser(id: "59a21df8dce0b1045f716633", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + updateUser(id: "59a811126bffa16d859c767c", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { username bio role } } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:18:48 updated user 59a21df8dce0b1045f716633. -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: -User: "tobkle", role: "admin", id: "59a21df8dce0b1045f716633", +2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 updated user 59a811126bffa16d859c767c. +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: +User: "tobkle", role: "admin", id: "59a811126bffa16d859c767c", Operation: "", variables: "", Query: mutation { - updateUser(id: "59a21df8dce0b1045f716634", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + updateUser(id: "59a811126bffa16d859c767d", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { username bio role } } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:18:48 updated user 59a21df8dce0b1045f716634. -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: -User: "tobkle", role: "admin", id: "59a21df8dce0b1045f716633", +2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-31 15:37:22 updated user 59a811126bffa16d859c767d. +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: +User: "tobkle", role: "admin", id: "59a811126bffa16d859c767c", Operation: "", variables: "", Query: mutation { - updateUser(id: "59a21df8dce0b1045f716633", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + updateUser(id: "59a811126bffa16d859c767c", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { username bio role } } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:18:48 updated user 59a21df8dce0b1045f716633. -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: -User: "tobkle", role: "editor", id: "59a21df8dce0b1045f716633", +2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 updated user 59a811126bffa16d859c767c. +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: +User: "tobkle", role: "editor", id: "59a811126bffa16d859c767c", Operation: "", variables: "", Query: mutation { - updateUser(id: "59a21df8dce0b1045f716633", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + updateUser(id: "59a811126bffa16d859c767c", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { username bio role } } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-31 15:37:22 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with authQuery: { "$or": [ { - "_id": "59a21df8dce0b1045f716633" + "_id": "59a811126bffa16d859c767c" } ] } -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-27 03:18:48 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with +2017-08-31 15:37:22 updated user 59a811126bffa16d859c767c. +2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with authQuery: { "$or": [ { - "_id": "59a21df8dce0b1045f716633" + "_id": "59a811126bffa16d859c767c" } ] } -2017-08-27 03:18:48 updated user 59a21df8dce0b1045f716633. -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: -User: "zoltan", role: "admin", id: "59a21df8dce0b1045f716634", +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: +User: "zoltan", role: "admin", id: "59a811126bffa16d859c767d", Operation: "", variables: "", Query: mutation { - updateUser(id: "59a21df8dce0b1045f716633", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + updateUser(id: "59a811126bffa16d859c767c", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { username bio role } } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'zoltan' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'zoltan' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize update 'updateUser' with user 'zoltan' and role 'admin' is authorized -2017-08-27 03:18:48 updated user 59a21df8dce0b1045f716633. -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: -User: "tobkle", role: "admin", id: "59a21df8dce0b1045f716633", +2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'zoltan' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'zoltan' and role 'admin' is authorized +2017-08-31 15:37:22 updated user 59a811126bffa16d859c767c. +2017-08-31 15:37:22 Authorize update 'updateUser' with user 'zoltan' and role 'admin' is authorized +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: +User: "tobkle", role: "admin", id: "59a811126bffa16d859c767c", Operation: "", variables: "", Query: mutation { - removeUser(id: "59a21df8dce0b1045f716634") + removeUser(id: "59a811126bffa16d859c767d") } -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:18:48 removed user 59a21df8dce0b1045f716634. -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: -User: "tobkle", role: "admin", id: "59a21df8dce0b1045f716633", +2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-31 15:37:22 removed user 59a811126bffa16d859c767d. +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: +User: "tobkle", role: "admin", id: "59a811126bffa16d859c767c", Operation: "", variables: "", Query: mutation { - createTweet(input: {authorId: "59a21df8dce0b1045f716633", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + createTweet(input: {authorId: "59a811126bffa16d859c767c", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { id } } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-27 03:18:48 inserted tweet 59a21df8dce0b1045f716635. -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: -User: "tobkle", role: "admin", id: "59a21df8dce0b1045f716633", +2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-31 15:37:22 inserted tweet 59a811126bffa16d859c767e. +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: +User: "tobkle", role: "admin", id: "59a811126bffa16d859c767c", Operation: "", variables: "", Query: mutation { @@ -45476,15 +6871,15 @@ mutation { } } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: -User: "tobkle", role: "admin", id: "59a21df8dce0b1045f716633", +2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: +User: "tobkle", role: "admin", id: "59a811126bffa16d859c767c", Operation: "", variables: "", Query: { - tweet(id: "59a21df8dce0b1045f716635") { + tweet(id: "59a811126bffa16d859c767e") { author { id } @@ -45492,14 +6887,18 @@ Query: } } -2017-08-27 03:18:48 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:18:48 inserted tweet 59a21df8dce0b1045f716636. -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: -User: "tobkle", role: "admin", id: "59a21df8dce0b1045f716633", +2017-08-31 15:37:22 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 inserted tweet 59a811126bffa16d859c767f. +2017-08-31 15:37:22 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: +User: "tobkle", role: "admin", id: "59a811126bffa16d859c767c", Operation: "", variables: "", Query: { @@ -45511,122 +6910,138 @@ Query: } } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: -User: "tobkle", role: "admin", id: "59a21df8dce0b1045f716633", +2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: +User: "tobkle", role: "admin", id: "59a811126bffa16d859c767c", Operation: "", variables: "", Query: mutation { - updateTweet(id: "59a21df8dce0b1045f716635", input: {body: "This is a modified test tweet"}) { + updateTweet(id: "59a811126bffa16d859c767e", input: {body: "This is a modified test tweet"}) { body } } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:18:48 updated tweet 59a21df8dce0b1045f716635. -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: -User: "tobkle", role: "admin", id: "59a21df8dce0b1045f716633", +2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-31 15:37:22 updated tweet 59a811126bffa16d859c767e. +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: +User: "tobkle", role: "admin", id: "59a811126bffa16d859c767c", Operation: "", variables: "", Query: mutation { - updateTweet(id: "59a21df8dce0b1045f716636", input: {body: "This is a modified test tweet"}) { + updateTweet(id: "59a811126bffa16d859c767f", input: {body: "This is a modified test tweet"}) { body } } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:18:48 updated tweet 59a21df8dce0b1045f716636. -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: -User: "tobkle", role: "admin", id: "59a21df8dce0b1045f716633", +2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-31 15:37:22 updated tweet 59a811126bffa16d859c767f. +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: +User: "tobkle", role: "admin", id: "59a811126bffa16d859c767c", Operation: "", variables: "", Query: { - tweet(id: "59a21df8dce0b1045f716635") { + tweet(id: "59a811126bffa16d859c767e") { body } } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: -User: "tobkle", role: "admin", id: "59a21df8dce0b1045f716633", +2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: +User: "tobkle", role: "admin", id: "59a811126bffa16d859c767c", Operation: "", variables: "", Query: mutation { - removeTweet(id: "59a21df8dce0b1045f716635") + removeTweet(id: "59a811126bffa16d859c767e") } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:18:48 removed tweet 59a21df8dce0b1045f716635. -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: -User: "tobkle", role: "admin", id: "59a21df8dce0b1045f716633", +2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 removed tweet 59a811126bffa16d859c767e. +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: +User: "tobkle", role: "admin", id: "59a811126bffa16d859c767c", Operation: "", variables: "", Query: mutation { - removeTweet(id: "59a21df8dce0b1045f716636") + removeTweet(id: "59a811126bffa16d859c767f") } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:18:48 removed tweet 59a21df8dce0b1045f716636. -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: -User: "tobkle", role: "admin", id: "59a21df8dce0b1045f716633", +2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-08-31 15:37:22 removed tweet 59a811126bffa16d859c767f. +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: +User: "tobkle", role: "admin", id: "59a811126bffa16d859c767c", Operation: "", variables: "", Query: { - tweet(id: "59a21df8dce0b1045f716635") { + tweet(id: "59a811126bffa16d859c767e") { body } } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: -User: "tobkle", role: "admin", id: "59a21df8dce0b1045f716633", +2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: +User: "tobkle", role: "admin", id: "59a811126bffa16d859c767c", Operation: "", variables: "", Query: mutation { - removeUser(id: "59a21df8dce0b1045f716633") + removeUser(id: "59a811126bffa16d859c767c") } -2017-08-27 03:18:48 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:18:48 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-27 03:18:48 removed user 59a21df8dce0b1045f716633. -2017-08-27 03:18:48 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: +2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-08-31 15:37:22 removed user 59a811126bffa16d859c767c. +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: { - user(id: "59a21df8dce0b1045f716633") { + user(id: "59a811126bffa16d859c767c") { username bio role } } -2017-08-27 03:18:48 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 03:18:48 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:18:48 -------------------------------------------------------------------------------- -2017-08-27 03:18:48 Request: +2017-08-31 15:37:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 15:37:22 ERROR Authorize readOne 'user' with user '' not authorized +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -45636,13 +7051,12 @@ mutation { } } -2017-08-27 03:18:48 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:18:48 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 03:18:49 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-27 03:18:49 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-27 03:18:49 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:18:49 -------------------------------------------------------------------------------- -2017-08-27 03:18:49 Request: +2017-08-31 15:37:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -45654,12 +7068,12 @@ Query: } } -2017-08-27 03:18:49 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 03:18:49 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:18:49 -------------------------------------------------------------------------------- -2017-08-27 03:18:49 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. -2017-08-27 03:18:49 Request: +2017-08-31 15:37:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 15:37:22 ERROR Authorize readOne 'user' with user '' not authorized +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -45671,13 +7085,12 @@ mutation { } } -2017-08-27 03:18:49 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 03:18:49 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. -2017-08-27 03:18:49 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:18:49 -------------------------------------------------------------------------------- -2017-08-27 03:18:49 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-27 03:18:49 Request: +2017-08-31 15:37:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 15:37:22 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -45685,12 +7098,12 @@ mutation { removeUser(id: "583291a1638566b3c5a92ca1") } -2017-08-27 03:18:49 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 03:18:49 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-27 03:18:49 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:18:49 -------------------------------------------------------------------------------- -2017-08-27 03:18:49 Request: +2017-08-31 15:37:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 15:37:22 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -45700,12 +7113,11 @@ mutation { } } -2017-08-27 03:18:49 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 03:18:49 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:18:49 -------------------------------------------------------------------------------- -2017-08-27 03:18:49 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-27 03:18:49 Request: +2017-08-31 15:37:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -45715,12 +7127,12 @@ mutation { } } -2017-08-27 03:18:49 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 03:18:49 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-27 03:18:49 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:18:49 -------------------------------------------------------------------------------- -2017-08-27 03:18:49 Request: +2017-08-31 15:37:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 15:37:22 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -45733,12 +7145,12 @@ Query: } } -2017-08-27 03:18:49 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 03:18:49 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:18:49 -------------------------------------------------------------------------------- -2017-08-27 03:18:49 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-27 03:18:49 Request: +2017-08-31 15:37:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 ERROR Authorize readOne 'tweet author' with user '' not authorized +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -45748,13 +7160,12 @@ mutation { } } -2017-08-27 03:18:49 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 03:18:49 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-27 03:18:49 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:18:49 -------------------------------------------------------------------------------- -2017-08-27 03:18:49 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-27 03:18:49 Request: +2017-08-31 15:37:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 15:37:22 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -45764,13 +7175,12 @@ mutation { } } -2017-08-27 03:18:49 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 03:18:49 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-27 03:18:49 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:18:49 -------------------------------------------------------------------------------- -2017-08-27 03:18:49 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-27 03:18:49 Request: +2017-08-31 15:37:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 15:37:22 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: @@ -45778,11 +7188,12 @@ mutation { removeTweet(id: "583676d3618530145474e352") } -2017-08-27 03:18:49 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 03:18:49 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-27 03:18:49 -------------------------------------------------------------------------------- -2017-08-27 03:18:49 Request: +2017-08-31 15:37:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 15:37:22 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -45793,14 +7204,16 @@ mutation { } } -2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:49 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:49 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-27 03:18:49 inserted user 59a21df9dce0b1045f716637. -2017-08-27 03:18:49 -------------------------------------------------------------------------------- -2017-08-27 03:18:49 Request: -User: "tobkle", role: "user", id: "59a21df9dce0b1045f716637", +2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:22 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-31 15:37:22 inserted user 59a811126bffa16d859c7680. +2017-08-31 15:37:22 -------------------------------------------------------------------------------- +2017-08-31 15:37:22 Request: +User: "tobkle", role: "user", id: "59a811126bffa16d859c7680", Operation: "", variables: "", Query: mutation { @@ -45809,20 +7222,21 @@ mutation { } } -2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "_id": "59a21df9dce0b1045f716637" + "_id": "59a811126bffa16d859c7680" } ] } -2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 03:18:49 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. -2017-08-27 03:18:49 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. -2017-08-27 03:18:49 -------------------------------------------------------------------------------- -2017-08-27 03:18:49 Request: -User: "tobkle", role: "user", id: "59a21df9dce0b1045f716637", +2017-08-31 15:37:22 registered authorizedLoader successfully +2017-08-31 15:37:23 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. +2017-08-31 15:37:23 -------------------------------------------------------------------------------- +2017-08-31 15:37:23 Request: +User: "tobkle", role: "user", id: "59a811126bffa16d859c7680", Operation: "", variables: "", Query: { @@ -45833,59 +7247,65 @@ Query: } } -2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "_id": "59a21df9dce0b1045f716637" + "_id": "59a811126bffa16d859c7680" } ] } -2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 03:18:49 -------------------------------------------------------------------------------- -2017-08-27 03:18:49 Request: -User: "tobkle", role: "user", id: "59a21df9dce0b1045f716637", +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 -------------------------------------------------------------------------------- +2017-08-31 15:37:23 Request: +User: "tobkle", role: "user", id: "59a811126bffa16d859c7680", Operation: "", variables: "", Query: { - user(id: "59a21df9dce0b1045f716637") { + user(id: "59a811126bffa16d859c7680") { username } } -2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "_id": "59a21df9dce0b1045f716637" + "_id": "59a811126bffa16d859c7680" } ] } -2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 03:18:49 -------------------------------------------------------------------------------- -2017-08-27 03:18:49 Request: -User: "tobkle", role: "user", id: "59a21df9dce0b1045f716637", +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 -------------------------------------------------------------------------------- +2017-08-31 15:37:23 Request: +User: "tobkle", role: "user", id: "59a811126bffa16d859c7680", Operation: "", variables: "", Query: { - user(id: "59a21df9dce0b1045f716637") { + user(id: "59a811126bffa16d859c7680") { username role } } -2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "_id": "59a21df9dce0b1045f716637" + "_id": "59a811126bffa16d859c7680" } ] } -2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 03:18:49 -------------------------------------------------------------------------------- -2017-08-27 03:18:49 Request: -User: "tobkle", role: "user", id: "59a21df9dce0b1045f716637", +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 -------------------------------------------------------------------------------- +2017-08-31 15:37:23 Request: +User: "tobkle", role: "user", id: "59a811126bffa16d859c7680", Operation: "", variables: "", Query: mutation { @@ -45896,138 +7316,145 @@ mutation { } } -2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-31 15:37:23 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "_id": "59a21df9dce0b1045f716637" + "_id": "59a811126bffa16d859c7680" } ] } -2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 03:18:49 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with +2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "_id": "59a21df9dce0b1045f716637" + "_id": "59a811126bffa16d859c7680" } ] } -2017-08-27 03:18:49 ERROR update user not possible for 583291a1638566b3c5a92ca1. -2017-08-27 03:18:49 -------------------------------------------------------------------------------- -2017-08-27 03:18:49 Request: -User: "tobkle", role: "user", id: "59a21df9dce0b1045f716637", +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 -------------------------------------------------------------------------------- +2017-08-31 15:37:23 Request: +User: "tobkle", role: "user", id: "59a811126bffa16d859c7680", Operation: "", variables: "", Query: mutation { - updateUser(id: "59a21df9dce0b1045f716637", input: {username: "tobkle", bio: "Maker of things, I guess"}) { + updateUser(id: "59a811126bffa16d859c7680", input: {username: "tobkle", bio: "Maker of things, I guess"}) { username bio } } -2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-31 15:37:23 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "_id": "59a21df9dce0b1045f716637" + "_id": "59a811126bffa16d859c7680" } ] } -2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 03:18:49 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with +2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "_id": "59a21df9dce0b1045f716637" + "_id": "59a811126bffa16d859c7680" } ] } -2017-08-27 03:18:49 updated user 59a21df9dce0b1045f716637. -2017-08-27 03:18:49 -------------------------------------------------------------------------------- -2017-08-27 03:18:49 Request: -User: "tobkle", role: "user", id: "59a21df9dce0b1045f716637", +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 updated user 59a811126bffa16d859c7680. +2017-08-31 15:37:23 -------------------------------------------------------------------------------- +2017-08-31 15:37:23 Request: +User: "tobkle", role: "user", id: "59a811126bffa16d859c7680", Operation: "", variables: "", Query: mutation { - updateUser(id: "59a21df9dce0b1045f716637", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + updateUser(id: "59a811126bffa16d859c7680", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { username bio role } } -2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-31 15:37:23 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "_id": "59a21df9dce0b1045f716637" + "_id": "59a811126bffa16d859c7680" } ] } -2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 03:18:49 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with +2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "_id": "59a21df9dce0b1045f716637" + "_id": "59a811126bffa16d859c7680" } ] } -2017-08-27 03:18:49 updated user 59a21df9dce0b1045f716637. -2017-08-27 03:18:49 -------------------------------------------------------------------------------- -2017-08-27 03:18:49 Request: -User: "tobkle", role: "user", id: "59a21df9dce0b1045f716637", +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 updated user 59a811126bffa16d859c7680. +2017-08-31 15:37:23 -------------------------------------------------------------------------------- +2017-08-31 15:37:23 Request: +User: "tobkle", role: "user", id: "59a811126bffa16d859c7680", Operation: "", variables: "", Query: mutation { removeUser(id: "583291a1638566b3c5a92ca1") } -2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-31 15:37:23 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "_id": "59a21df9dce0b1045f716637" + "_id": "59a811126bffa16d859c7680" } ] } -2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 03:18:49 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with +2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "_id": "59a21df9dce0b1045f716637" + "_id": "59a811126bffa16d859c7680" } ] } -2017-08-27 03:18:49 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-08-27 03:18:49 -------------------------------------------------------------------------------- -2017-08-27 03:18:49 Request: -User: "tobkle", role: "user", id: "59a21df9dce0b1045f716637", +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 -------------------------------------------------------------------------------- +2017-08-31 15:37:23 Request: +User: "tobkle", role: "user", id: "59a811126bffa16d859c7680", Operation: "", variables: "", Query: mutation { - createTweet(input: {authorId: "59a21df9dce0b1045f716637", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + createTweet(input: {authorId: "59a811126bffa16d859c7680", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { id } } -2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-31 15:37:23 Authorize create 'createTweet' with user 'tobkle' and role: 'user' is authorized by docRole. +2017-08-31 15:37:23 inserted tweet 59a811136bffa16d859c7681. +2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "_id": "59a21df9dce0b1045f716637" + "_id": "59a811126bffa16d859c7680" } ] } -2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 03:18:49 Authorize create 'createTweet' with user 'tobkle' and role: 'user' is authorized by docRole. -2017-08-27 03:18:49 inserted tweet 59a21df9dce0b1045f716638. -2017-08-27 03:18:49 -------------------------------------------------------------------------------- -2017-08-27 03:18:49 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. -2017-08-27 03:18:49 Request: -User: "tobkle", role: "user", id: "59a21df9dce0b1045f716637", +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 -------------------------------------------------------------------------------- +2017-08-31 15:37:23 Request: +User: "tobkle", role: "user", id: "59a811126bffa16d859c7680", Operation: "", variables: "", Query: mutation { @@ -46036,23 +7463,25 @@ mutation { } } -2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-31 15:37:23 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. +2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "_id": "59a21df9dce0b1045f716637" + "_id": "59a811126bffa16d859c7680" } ] } -2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 03:18:49 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. -2017-08-27 03:18:49 -------------------------------------------------------------------------------- -2017-08-27 03:18:49 Request: -User: "tobkle", role: "user", id: "59a21df9dce0b1045f716637", +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 -------------------------------------------------------------------------------- +2017-08-31 15:37:23 Request: +User: "tobkle", role: "user", id: "59a811126bffa16d859c7680", Operation: "", variables: "", Query: { - tweet(id: "59a21df9dce0b1045f716638") { + tweet(id: "59a811136bffa16d859c7681") { author { id } @@ -46060,18 +7489,20 @@ Query: } } -2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "_id": "59a21df9dce0b1045f716637" + "_id": "59a811126bffa16d859c7680" } ] } -2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 03:18:49 -------------------------------------------------------------------------------- -2017-08-27 03:18:49 Request: -User: "tobkle", role: "user", id: "59a21df9dce0b1045f716637", +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 -------------------------------------------------------------------------------- +2017-08-31 15:37:23 Request: +User: "tobkle", role: "user", id: "59a811126bffa16d859c7680", Operation: "", variables: "", Query: { @@ -46083,50 +7514,54 @@ Query: } } -2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "_id": "59a21df9dce0b1045f716637" + "_id": "59a811126bffa16d859c7680" } ] } -2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 03:18:49 -------------------------------------------------------------------------------- -2017-08-27 03:18:49 Request: -User: "tobkle", role: "user", id: "59a21df9dce0b1045f716637", +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 -------------------------------------------------------------------------------- +2017-08-31 15:37:23 Request: +User: "tobkle", role: "user", id: "59a811126bffa16d859c7680", Operation: "", variables: "", Query: mutation { - updateTweet(id: "59a21df9dce0b1045f716638", input: {body: "This is a modified test tweet"}) { + updateTweet(id: "59a811136bffa16d859c7681", input: {body: "This is a modified test tweet"}) { body } } -2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-31 15:37:23 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "_id": "59a21df9dce0b1045f716637" + "authorId": "59a811126bffa16d859c7680" + }, + { + "coauthorsIds": "59a811126bffa16d859c7680" } ] } -2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 03:18:49 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with +2017-08-31 15:37:23 updated tweet 59a811136bffa16d859c7681. +2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "authorId": "59a21df9dce0b1045f716637" - }, - { - "coauthorsIds": "59a21df9dce0b1045f716637" + "_id": "59a811126bffa16d859c7680" } ] } -2017-08-27 03:18:49 updated tweet 59a21df9dce0b1045f716638. -2017-08-27 03:18:49 -------------------------------------------------------------------------------- -2017-08-27 03:18:49 Request: -User: "tobkle", role: "user", id: "59a21df9dce0b1045f716637", +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 -------------------------------------------------------------------------------- +2017-08-31 15:37:23 Request: +User: "tobkle", role: "user", id: "59a811126bffa16d859c7680", Operation: "", variables: "", Query: mutation { @@ -46135,166 +7570,177 @@ mutation { } } -2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-31 15:37:23 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "_id": "59a21df9dce0b1045f716637" + "authorId": "59a811126bffa16d859c7680" + }, + { + "coauthorsIds": "59a811126bffa16d859c7680" } ] } -2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 03:18:49 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with +2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "authorId": "59a21df9dce0b1045f716637" - }, - { - "coauthorsIds": "59a21df9dce0b1045f716637" + "_id": "59a811126bffa16d859c7680" } ] } -2017-08-27 03:18:49 ERROR update tweet not possible for 583676d3618530145474e352. -2017-08-27 03:18:49 -------------------------------------------------------------------------------- -2017-08-27 03:18:49 Request: -User: "tobkle", role: "user", id: "59a21df9dce0b1045f716637", +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 -------------------------------------------------------------------------------- +2017-08-31 15:37:23 Request: +User: "tobkle", role: "user", id: "59a811126bffa16d859c7680", Operation: "", variables: "", Query: { - tweet(id: "59a21df9dce0b1045f716638") { + tweet(id: "59a811136bffa16d859c7681") { body } } -2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "_id": "59a21df9dce0b1045f716637" + "_id": "59a811126bffa16d859c7680" } ] } -2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 03:18:49 -------------------------------------------------------------------------------- -2017-08-27 03:18:49 Request: -User: "tobkle", role: "user", id: "59a21df9dce0b1045f716637", +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 -------------------------------------------------------------------------------- +2017-08-31 15:37:23 Request: +User: "tobkle", role: "user", id: "59a811126bffa16d859c7680", Operation: "", variables: "", Query: mutation { - removeTweet(id: "59a21df9dce0b1045f716638") + removeTweet(id: "59a811136bffa16d859c7681") } -2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-31 15:37:23 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "_id": "59a21df9dce0b1045f716637" + "authorId": "59a811126bffa16d859c7680" } ] } -2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 03:18:49 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with +2017-08-31 15:37:23 removed tweet 59a811136bffa16d859c7681. +2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "authorId": "59a21df9dce0b1045f716637" + "_id": "59a811126bffa16d859c7680" } ] } -2017-08-27 03:18:49 removed tweet 59a21df9dce0b1045f716638. -2017-08-27 03:18:49 -------------------------------------------------------------------------------- -2017-08-27 03:18:49 Request: -User: "tobkle", role: "user", id: "59a21df9dce0b1045f716637", +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 -------------------------------------------------------------------------------- +2017-08-31 15:37:23 Request: +User: "tobkle", role: "user", id: "59a811126bffa16d859c7680", Operation: "", variables: "", Query: mutation { removeTweet(id: "583676d3618530145474e352") } -2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-31 15:37:23 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "_id": "59a21df9dce0b1045f716637" + "authorId": "59a811126bffa16d859c7680" } ] } -2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 03:18:49 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with +2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "authorId": "59a21df9dce0b1045f716637" + "_id": "59a811126bffa16d859c7680" } ] } -2017-08-27 03:18:49 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-08-27 03:18:49 -------------------------------------------------------------------------------- -2017-08-27 03:18:49 Request: -User: "tobkle", role: "user", id: "59a21df9dce0b1045f716637", +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 -------------------------------------------------------------------------------- +2017-08-31 15:37:23 Request: +User: "tobkle", role: "user", id: "59a811126bffa16d859c7680", Operation: "", variables: "", Query: { - tweet(id: "59a21df9dce0b1045f716638") { + tweet(id: "59a811136bffa16d859c7681") { body } } -2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "_id": "59a21df9dce0b1045f716637" + "_id": "59a811126bffa16d859c7680" } ] } -2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 03:18:49 -------------------------------------------------------------------------------- -2017-08-27 03:18:49 Request: -User: "tobkle", role: "user", id: "59a21df9dce0b1045f716637", +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 -------------------------------------------------------------------------------- +2017-08-31 15:37:23 Request: +User: "tobkle", role: "user", id: "59a811126bffa16d859c7680", Operation: "", variables: "", Query: mutation { - removeUser(id: "59a21df9dce0b1045f716637") + removeUser(id: "59a811126bffa16d859c7680") } -2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-08-31 15:37:23 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "_id": "59a21df9dce0b1045f716637" + "_id": "59a811126bffa16d859c7680" } ] } -2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-27 03:18:49 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with +2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with authQuery: { "$or": [ { - "_id": "59a21df9dce0b1045f716637" + "_id": "59a811126bffa16d859c7680" } ] } -2017-08-27 03:18:49 removed user 59a21df9dce0b1045f716637. -2017-08-27 03:18:49 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:18:49 -------------------------------------------------------------------------------- -2017-08-27 03:18:49 Request: +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 removed user 59a811126bffa16d859c7680. +2017-08-31 15:37:23 -------------------------------------------------------------------------------- +2017-08-31 15:37:23 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: { - user(id: "59a21df9dce0b1045f716637") { + user(id: "59a811126bffa16d859c7680") { username bio role } } -2017-08-27 03:18:49 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-27 03:18:49 -------------------------------------------------------------------------------- -2017-08-27 03:18:49 Request: +2017-08-31 15:37:23 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 15:37:23 ERROR Authorize readOne 'user' with user '' not authorized +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 -------------------------------------------------------------------------------- +2017-08-31 15:37:23 Request: User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", Operation: "", variables: "", Query: @@ -46305,14 +7751,16 @@ mutation { } } -2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:49 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-27 03:18:49 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-27 03:18:49 inserted user 59a21df9dce0b1045f716639. -2017-08-27 03:18:49 -------------------------------------------------------------------------------- -2017-08-27 03:18:49 Request: -User: "tobkle", role: "editor", id: "59a21df9dce0b1045f716639", +2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-08-31 15:37:23 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-08-31 15:37:23 inserted user 59a811136bffa16d859c7682. +2017-08-31 15:37:23 -------------------------------------------------------------------------------- +2017-08-31 15:37:23 Request: +User: "tobkle", role: "editor", id: "59a811136bffa16d859c7682", Operation: "", variables: "", Query: mutation { @@ -46321,20 +7769,21 @@ mutation { } } -2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with authQuery: { "$or": [ { - "_id": "59a21df9dce0b1045f716639" + "_id": "59a811136bffa16d859c7682" } ] } -2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-27 03:18:49 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. -2017-08-27 03:18:49 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. -2017-08-27 03:18:49 -------------------------------------------------------------------------------- -2017-08-27 03:18:49 Request: -User: "tobkle", role: "editor", id: "59a21df9dce0b1045f716639", +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. +2017-08-31 15:37:23 -------------------------------------------------------------------------------- +2017-08-31 15:37:23 Request: +User: "tobkle", role: "editor", id: "59a811136bffa16d859c7682", Operation: "", variables: "", Query: { @@ -46345,39 +7794,43 @@ Query: } } -2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with authQuery: { "$or": [ { - "_id": "59a21df9dce0b1045f716639" + "_id": "59a811136bffa16d859c7682" } ] } -2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-27 03:18:49 -------------------------------------------------------------------------------- -2017-08-27 03:18:49 Request: -User: "tobkle", role: "editor", id: "59a21df9dce0b1045f716639", +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 -------------------------------------------------------------------------------- +2017-08-31 15:37:23 Request: +User: "tobkle", role: "editor", id: "59a811136bffa16d859c7682", Operation: "", variables: "", Query: { - user(id: "59a21df9dce0b1045f716639") { + user(id: "59a811136bffa16d859c7682") { username role } } -2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with authQuery: { "$or": [ { - "_id": "59a21df9dce0b1045f716639" + "_id": "59a811136bffa16d859c7682" } ] } -2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-27 03:18:49 -------------------------------------------------------------------------------- -2017-08-27 03:18:49 Request: -User: "tobkle", role: "editor", id: "59a21df9dce0b1045f716639", +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 -------------------------------------------------------------------------------- +2017-08-31 15:37:23 Request: +User: "tobkle", role: "editor", id: "59a811136bffa16d859c7682", Operation: "", variables: "", Query: mutation { @@ -46388,138 +7841,145 @@ mutation { } } -2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-31 15:37:23 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with authQuery: { "$or": [ { - "_id": "59a21df9dce0b1045f716639" + "_id": "59a811136bffa16d859c7682" } ] } -2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-27 03:18:49 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with +2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with authQuery: { "$or": [ { - "_id": "59a21df9dce0b1045f716639" + "_id": "59a811136bffa16d859c7682" } ] } -2017-08-27 03:18:49 ERROR update user not possible for 583291a1638566b3c5a92ca1. -2017-08-27 03:18:49 -------------------------------------------------------------------------------- -2017-08-27 03:18:49 Request: -User: "tobkle", role: "editor", id: "59a21df9dce0b1045f716639", +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 -------------------------------------------------------------------------------- +2017-08-31 15:37:23 Request: +User: "tobkle", role: "editor", id: "59a811136bffa16d859c7682", Operation: "", variables: "", Query: mutation { - updateUser(id: "59a21df9dce0b1045f716639", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { + updateUser(id: "59a811136bffa16d859c7682", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { username bio } } -2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-08-31 15:37:23 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with authQuery: { "$or": [ { - "_id": "59a21df9dce0b1045f716639" + "_id": "59a811136bffa16d859c7682" } ] } -2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-27 03:18:49 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with +2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with authQuery: { "$or": [ { - "_id": "59a21df9dce0b1045f716639" + "_id": "59a811136bffa16d859c7682" } ] } -2017-08-27 03:18:49 updated user 59a21df9dce0b1045f716639. -2017-08-27 03:18:49 -------------------------------------------------------------------------------- -2017-08-27 03:18:49 Request: -User: "tmeasday", role: "editor", id: "59a21df9dce0b1045f716639", +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 updated user 59a811136bffa16d859c7682. +2017-08-31 15:37:23 -------------------------------------------------------------------------------- +2017-08-31 15:37:23 Request: +User: "tmeasday", role: "editor", id: "59a811136bffa16d859c7682", Operation: "", variables: "", Query: mutation { - updateUser(id: "59a21df9dce0b1045f716639", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { + updateUser(id: "59a811136bffa16d859c7682", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { username bio role } } -2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-31 15:37:23 Authorize update 'updateUser' with user 'tmeasday' and role: 'editor' with authQuery: { "$or": [ { - "_id": "59a21df9dce0b1045f716639" + "_id": "59a811136bffa16d859c7682" } ] } -2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-27 03:18:49 Authorize update 'updateUser' with user 'tmeasday' and role: 'editor' with +2017-08-31 15:37:23 updated user 59a811136bffa16d859c7682. +2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with authQuery: { "$or": [ { - "_id": "59a21df9dce0b1045f716639" + "_id": "59a811136bffa16d859c7682" } ] } -2017-08-27 03:18:49 updated user 59a21df9dce0b1045f716639. -2017-08-27 03:18:49 -------------------------------------------------------------------------------- -2017-08-27 03:18:49 Request: -User: "tmeasday", role: "editor", id: "59a21df9dce0b1045f716639", +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 -------------------------------------------------------------------------------- +2017-08-31 15:37:23 Request: +User: "tmeasday", role: "editor", id: "59a811136bffa16d859c7682", Operation: "", variables: "", Query: mutation { removeUser(id: "583291a1638566b3c5a92ca1") } -2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-31 15:37:23 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with authQuery: { "$or": [ { - "_id": "59a21df9dce0b1045f716639" + "_id": "59a811136bffa16d859c7682" } ] } -2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-27 03:18:49 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with authQuery: { "$or": [ { - "_id": "59a21df9dce0b1045f716639" + "_id": "59a811136bffa16d859c7682" } ] } -2017-08-27 03:18:49 ERROR remove user not possible for 583291a1638566b3c5a92ca1. -2017-08-27 03:18:49 -------------------------------------------------------------------------------- -2017-08-27 03:18:49 Request: -User: "tmeasday", role: "editor", id: "59a21df9dce0b1045f716639", +2017-08-31 15:37:23 -------------------------------------------------------------------------------- +2017-08-31 15:37:23 Request: +User: "tmeasday", role: "editor", id: "59a811136bffa16d859c7682", Operation: "", variables: "", Query: mutation { - createTweet(input: {authorId: "59a21df9dce0b1045f716639", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + createTweet(input: {authorId: "59a811136bffa16d859c7682", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { id } } -2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-31 15:37:23 Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is authorized by docRole. +2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with authQuery: { "$or": [ { - "_id": "59a21df9dce0b1045f716639" + "_id": "59a811136bffa16d859c7682" } ] } -2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-27 03:18:49 Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is authorized by docRole. -2017-08-27 03:18:49 inserted tweet 59a21df9dce0b1045f71663a. -2017-08-27 03:18:49 -------------------------------------------------------------------------------- -2017-08-27 03:18:49 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. -2017-08-27 03:18:49 Request: -User: "tmeasday", role: "editor", id: "59a21df9dce0b1045f716639", +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 inserted tweet 59a811136bffa16d859c7683. +2017-08-31 15:37:23 -------------------------------------------------------------------------------- +2017-08-31 15:37:23 Request: +User: "tmeasday", role: "editor", id: "59a811136bffa16d859c7682", Operation: "", variables: "", Query: mutation { @@ -46528,23 +7988,25 @@ mutation { } } -2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-31 15:37:23 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. +2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with authQuery: { "$or": [ { - "_id": "59a21df9dce0b1045f716639" + "_id": "59a811136bffa16d859c7682" } ] } -2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-27 03:18:49 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. -2017-08-27 03:18:49 -------------------------------------------------------------------------------- -2017-08-27 03:18:49 Request: -User: "tmeasday", role: "editor", id: "59a21df9dce0b1045f716639", +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 -------------------------------------------------------------------------------- +2017-08-31 15:37:23 Request: +User: "tmeasday", role: "editor", id: "59a811136bffa16d859c7682", Operation: "", variables: "", Query: { - tweet(id: "59a21df9dce0b1045f71663a") { + tweet(id: "59a811136bffa16d859c7683") { author { id } @@ -46552,18 +8014,20 @@ Query: } } -2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with authQuery: { "$or": [ { - "_id": "59a21df9dce0b1045f716639" + "_id": "59a811136bffa16d859c7682" } ] } -2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-27 03:18:49 -------------------------------------------------------------------------------- -2017-08-27 03:18:49 Request: -User: "tmeasday", role: "editor", id: "59a21df9dce0b1045f716639", +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 -------------------------------------------------------------------------------- +2017-08-31 15:37:23 Request: +User: "tmeasday", role: "editor", id: "59a811136bffa16d859c7682", Operation: "", variables: "", Query: { @@ -46575,50 +8039,54 @@ Query: } } -2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with authQuery: { "$or": [ { - "_id": "59a21df9dce0b1045f716639" + "_id": "59a811136bffa16d859c7682" } ] } -2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-27 03:18:49 -------------------------------------------------------------------------------- -2017-08-27 03:18:49 Request: -User: "tmeasday", role: "editor", id: "59a21df9dce0b1045f716639", +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 -------------------------------------------------------------------------------- +2017-08-31 15:37:23 Request: +User: "tmeasday", role: "editor", id: "59a811136bffa16d859c7682", Operation: "", variables: "", Query: mutation { - updateTweet(id: "59a21df9dce0b1045f71663a", input: {body: "This is a modified test tweet"}) { + updateTweet(id: "59a811136bffa16d859c7683", input: {body: "This is a modified test tweet"}) { body } } -2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-31 15:37:23 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with authQuery: { "$or": [ { - "_id": "59a21df9dce0b1045f716639" + "authorId": "59a811136bffa16d859c7682" + }, + { + "coauthorsIds": "59a811136bffa16d859c7682" } ] } -2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-27 03:18:49 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with +2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with authQuery: { "$or": [ { - "authorId": "59a21df9dce0b1045f716639" - }, - { - "coauthorsIds": "59a21df9dce0b1045f716639" + "_id": "59a811136bffa16d859c7682" } ] } -2017-08-27 03:18:49 updated tweet 59a21df9dce0b1045f71663a. -2017-08-27 03:18:49 -------------------------------------------------------------------------------- -2017-08-27 03:18:49 Request: -User: "tmeasday", role: "editor", id: "59a21df9dce0b1045f716639", +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 updated tweet 59a811136bffa16d859c7683. +2017-08-31 15:37:23 -------------------------------------------------------------------------------- +2017-08-31 15:37:23 Request: +User: "tmeasday", role: "editor", id: "59a811136bffa16d859c7682", Operation: "", variables: "", Query: mutation { @@ -46627,161 +8095,172 @@ mutation { } } -2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-31 15:37:23 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with authQuery: { "$or": [ { - "_id": "59a21df9dce0b1045f716639" + "authorId": "59a811136bffa16d859c7682" + }, + { + "coauthorsIds": "59a811136bffa16d859c7682" } ] } -2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-27 03:18:49 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with +2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with authQuery: { "$or": [ { - "authorId": "59a21df9dce0b1045f716639" - }, - { - "coauthorsIds": "59a21df9dce0b1045f716639" + "_id": "59a811136bffa16d859c7682" } ] } -2017-08-27 03:18:49 ERROR update tweet not possible for 583676d3618530145474e352. -2017-08-27 03:18:49 -------------------------------------------------------------------------------- -2017-08-27 03:18:49 Request: -User: "tmeasday", role: "editor", id: "59a21df9dce0b1045f716639", +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 -------------------------------------------------------------------------------- +2017-08-31 15:37:23 Request: +User: "tmeasday", role: "editor", id: "59a811136bffa16d859c7682", Operation: "", variables: "", Query: { - tweet(id: "59a21df9dce0b1045f71663a") { + tweet(id: "59a811136bffa16d859c7683") { body } } -2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with authQuery: { "$or": [ { - "_id": "59a21df9dce0b1045f716639" + "_id": "59a811136bffa16d859c7682" } ] } -2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-27 03:18:49 -------------------------------------------------------------------------------- -2017-08-27 03:18:49 Request: -User: "tmeasday", role: "editor", id: "59a21df9dce0b1045f716639", +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 -------------------------------------------------------------------------------- +2017-08-31 15:37:23 Request: +User: "tmeasday", role: "editor", id: "59a811136bffa16d859c7682", Operation: "", variables: "", Query: mutation { - removeTweet(id: "59a21df9dce0b1045f71663a") + removeTweet(id: "59a811136bffa16d859c7683") } -2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-31 15:37:23 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with authQuery: { "$or": [ { - "_id": "59a21df9dce0b1045f716639" + "authorId": "59a811136bffa16d859c7682" } ] } -2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-27 03:18:49 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with +2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with authQuery: { "$or": [ { - "authorId": "59a21df9dce0b1045f716639" + "_id": "59a811136bffa16d859c7682" } ] } -2017-08-27 03:18:49 removed tweet 59a21df9dce0b1045f71663a. -2017-08-27 03:18:49 -------------------------------------------------------------------------------- -2017-08-27 03:18:49 Request: -User: "tmeasday", role: "editor", id: "59a21df9dce0b1045f716639", +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 removed tweet 59a811136bffa16d859c7683. +2017-08-31 15:37:23 -------------------------------------------------------------------------------- +2017-08-31 15:37:23 Request: +User: "tmeasday", role: "editor", id: "59a811136bffa16d859c7682", Operation: "", variables: "", Query: mutation { removeTweet(id: "583676d3618530145474e352") } -2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-31 15:37:23 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with authQuery: { "$or": [ { - "_id": "59a21df9dce0b1045f716639" + "authorId": "59a811136bffa16d859c7682" } ] } -2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-27 03:18:49 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with +2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with authQuery: { "$or": [ { - "authorId": "59a21df9dce0b1045f716639" + "_id": "59a811136bffa16d859c7682" } ] } -2017-08-27 03:18:49 ERROR remove tweet not possible for 583676d3618530145474e352. -2017-08-27 03:18:49 -------------------------------------------------------------------------------- -2017-08-27 03:18:49 Request: -User: "tmeasday", role: "editor", id: "59a21df9dce0b1045f716639", +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 -------------------------------------------------------------------------------- +2017-08-31 15:37:23 Request: +User: "tmeasday", role: "editor", id: "59a811136bffa16d859c7682", Operation: "", variables: "", Query: { - tweet(id: "59a21df9dce0b1045f71663a") { + tweet(id: "59a811136bffa16d859c7683") { body } } -2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with authQuery: { "$or": [ { - "_id": "59a21df9dce0b1045f716639" + "_id": "59a811136bffa16d859c7682" } ] } -2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-27 03:18:49 -------------------------------------------------------------------------------- -2017-08-27 03:18:49 Request: -User: "tmeasday", role: "editor", id: "59a21df9dce0b1045f716639", +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 -------------------------------------------------------------------------------- +2017-08-31 15:37:23 Request: +User: "tmeasday", role: "editor", id: "59a811136bffa16d859c7682", Operation: "", variables: "", Query: mutation { - removeUser(id: "59a21df9dce0b1045f716639") + removeUser(id: "59a811136bffa16d859c7682") } -2017-08-27 03:18:49 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-08-31 15:37:23 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with authQuery: { "$or": [ { - "_id": "59a21df9dce0b1045f716639" + "_id": "59a811136bffa16d859c7682" } ] } -2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-27 03:18:49 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with +2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with authQuery: { "$or": [ { - "_id": "59a21df9dce0b1045f716639" + "_id": "59a811136bffa16d859c7682" } ] } -2017-08-27 03:18:49 removed user 59a21df9dce0b1045f716639. -2017-08-27 03:18:49 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:18:49 -------------------------------------------------------------------------------- -2017-08-27 03:18:49 Request: +2017-08-31 15:37:23 registered authorizedLoader successfully +2017-08-31 15:37:23 removed user 59a811136bffa16d859c7682. +2017-08-31 15:37:23 -------------------------------------------------------------------------------- +2017-08-31 15:37:23 Request: User: "", role: "", id: "", Operation: "", variables: "", Query: { - user(id: "59a21df9dce0b1045f716639") { + user(id: "59a811136bffa16d859c7682") { username bio role } } -2017-08-27 03:18:49 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-27 03:18:49 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 15:37:23 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-08-31 15:37:23 ERROR Authorize readOne 'user' with user '' not authorized +2017-08-31 15:37:23 registered authorizedLoader successfully diff --git a/test/output-app/model/Tweet.js b/test/output-app/model/Tweet.js index de08f5b..01832f4 100644 --- a/test/output-app/model/Tweet.js +++ b/test/output-app/model/Tweet.js @@ -1,33 +1,52 @@ -import DataLoader from 'dataloader'; -import { findByIds, queryForRoles, getLogFilename, logger, authlog, checkAuthDoc, protectFields } from 'create-graphql-server-authorization'; -const log = logger(getLogFilename()); +import { + queryForRoles, + onAuthRegisterLoader, + authlog, + checkAuthDoc +} from 'create-graphql-server-authorization'; export default class Tweet { constructor(context) { this.context = context; this.collection = context.db.collection('tweet'); this.pubsub = context.pubsub; - const that = this; - try { - const { me, User } = context; - const authQuery = queryForRoles(me, ['admin','world'], ['authorId','coauthorsIds'], { User }, authlog('tweet findOneById', 'readOne', me)); - that.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); - } catch (err) { log.error(err.message); } + this.log = context.log; + const { me, User } = context; + queryForRoles( + me, + ['admin','world'], + ['authorId','coauthorsIds'], + { User }, + onAuthRegisterLoader('tweet findOneById', 'readOne', me, this)); } async findOneById(id, me, resolver) { - try { - if (!this.authorizedLoader) return null; - return await this.authorizedLoader.load(id); - } catch (err) { log.error(err.message); } + const log = authlog('tweet findOneById', resolver, me); + if (!this.authorizedLoader) { + log.error('not authorized'); + return null; + } + return await this.authorizedLoader.load(id); } find({ lastCreatedAt = 0, limit = 10, baseQuery = {} }, me, resolver) { - try { - const authQuery = queryForRoles(me, ['admin','world'], ['authorId','coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); - const finalQuery = {...baseQuery, ...authQuery, createdAt: { $gt: lastCreatedAt } }; - return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); - } catch (err) { log.error(err.message); } + const authQuery = queryForRoles( + me, + ['admin','world'], + ['authorId','coauthorsIds'], + { User: this.context.User }, + authlog(resolver, 'readMany', me) + ); + const finalQuery = { + ...baseQuery, + ...authQuery, + createdAt: { $gt: lastCreatedAt } + }; + return this.collection + .find(finalQuery) + .sort({ createdAt: 1 }) + .limit(limit) + .toArray(); } author(tweet, me, resolver) { @@ -53,59 +72,73 @@ export default class Tweet { } async insert(doc, me, resolver) { - try { - let docToInsert = Object.assign({}, doc, { - createdAt: Date.now(), - updatedAt: Date.now(), - createdById: (me && me._id) ? me._id : 'unknown', - updatedById: (me && me._id) ? me._id : 'unknown', - }); - checkAuthDoc(docToInsert, me, ['admin'], ['authorId'], { User: this.context.User }, authlog(resolver, 'create', me)); - const id = (await this.collection.insertOne(docToInsert)).insertedId; - if (!id) { - throw new Error(`insert tweet not possible.`); - } - log.debug(`inserted tweet ${id}.`); - const insertedDoc = this.findOneById(id, me, 'pubsub tweetInserted'); - this.pubsub.publish('tweetInserted', insertedDoc); - return insertedDoc; - } catch (err) { log.error(err.message); } + let docToInsert = Object.assign({}, doc, { + createdAt: Date.now(), + updatedAt: Date.now(), + createdById: (me && me._id) ? me._id : 'unknown', + updatedById: (me && me._id) ? me._id : 'unknown', + }); + checkAuthDoc( + docToInsert, + me, + ['admin'], + ['authorId'], + { User: this.context.User }, + authlog(resolver, 'create', me) + ); + const id = (await this.collection.insertOne(docToInsert)).insertedId; + if (!id) { + throw new Error(`insert tweet not possible.`); + } + this.log.debug(`inserted tweet ${id}.`); + const insertedDoc = this.findOneById(id, me, 'pubsub tweetInserted'); + this.pubsub.publish('tweetInserted', insertedDoc); + return insertedDoc; } async updateById(id, doc, me, resolver) { - try { - let docToUpdate = {$set: Object.assign({}, doc, { - updatedAt: Date.now(), - updatedById: (me && me._id) ? me._id : 'unknown', - })}; - const baseQuery = {_id: id}; - const authQuery = queryForRoles(me, ['admin'], ['authorId','coauthorsIds'], { User: this.context.User }, authlog(resolver, 'update', me)); - const finalQuery = {...baseQuery, ...authQuery}; - const result = await this.collection.updateOne(finalQuery, docToUpdate); - if (result.result.ok !== 1 || result.result.n !== 1){ - throw new Error(`update tweet not possible for ${id}.`); - } - log.debug(`updated tweet ${id}.`); - this.authorizedLoader.clear(id); - const updatedDoc = this.findOneById(id, me, 'pubsub tweetUpdated'); - this.pubsub.publish('tweetUpdated', updatedDoc); - return updatedDoc; - } catch (err) { log.error(err.message); } + let docToUpdate = { + $set: Object.assign({}, doc, { + updatedAt: Date.now(), + updatedById: (me && me._id) ? me._id : 'unknown' + })}; + const baseQuery = {_id: id}; + const authQuery = queryForRoles( + me, + ['admin'], + ['authorId','coauthorsIds'], + { User: this.context.User }, + authlog(resolver, 'update', me) + ); + const finalQuery = {...baseQuery, ...authQuery}; + const result = await this.collection.updateOne(finalQuery, docToUpdate); + if (result.result.ok !== 1 || result.result.n !== 1){ + throw new Error(`update tweet not possible for ${id}.`); + } + this.log.debug(`updated tweet ${id}.`); + this.authorizedLoader.clear(id); + const updatedDoc = this.findOneById(id, me, 'pubsub tweetUpdated'); + this.pubsub.publish('tweetUpdated', updatedDoc); + return updatedDoc; } async removeById(id, me, resolver) { - try { - const baseQuery = {_id: id}; - const authQuery = queryForRoles(me, ['admin'], ['authorId'], { User: this.context.User }, authlog(resolver, 'delete', me)); - const finalQuery = {...baseQuery, ...authQuery}; - const result = await this.collection.remove(finalQuery); - if (result.result.ok !== 1 || result.result.n !== 1){ - throw new Error(`remove tweet not possible for ${id}.`); - } - log.debug(`removed tweet ${id}.`); - this.authorizedLoader.clear(id); - this.pubsub.publish('tweetRemoved', id); - return result; - } catch (err) { log.error(err.message); } + const baseQuery = {_id: id}; + const authQuery = queryForRoles( + me, + ['admin'], + ['authorId'], + { User: this.context.User }, + authlog(resolver, 'delete', me) + ); + const finalQuery = {...baseQuery, ...authQuery}; + const result = await this.collection.remove(finalQuery); + if (result.result.ok !== 1 || result.result.n !== 1){ + throw new Error(`remove tweet not possible for ${id}.`); + } + this.log.debug(`removed tweet ${id}.`); + this.authorizedLoader.clear(id); + this.pubsub.publish('tweetRemoved', id); + return result; } } diff --git a/test/output-app/model/User.js b/test/output-app/model/User.js index fc07005..54848fe 100644 --- a/test/output-app/model/User.js +++ b/test/output-app/model/User.js @@ -1,21 +1,27 @@ -import DataLoader from 'dataloader'; -import { findByIds, queryForRoles, getLogFilename, logger, authlog, checkAuthDoc, protectFields } from 'create-graphql-server-authorization'; +import { + queryForRoles, + onAuthRegisterLoader, + authlog, + checkAuthDoc, + protectFields +} from 'create-graphql-server-authorization'; import bcrypt from 'bcrypt'; const SALT_ROUNDS = 10; -const log = logger(getLogFilename()); export default class User { constructor(context) { this.context = context; this.collection = context.db.collection('user'); this.pubsub = context.pubsub; + this.log = context.log; this.authRole = User.authRole; - const that = this; - try { - const { me } = context; - const authQuery = queryForRoles(me, ['admin'], ['_id'], { User }, authlog('user findOneById', 'readOne', me)); - that.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); - } catch (err) { log.error(err.message); } + const { me } = context; + queryForRoles( + me, + ['admin'], ['_id'], + { User }, + onAuthRegisterLoader('user findOneById', 'readOne', me, this) + ); } static authRole(user){ @@ -23,18 +29,31 @@ export default class User { } async findOneById(id, me, resolver) { - try { - if (!this.authorizedLoader) return null; - return await this.authorizedLoader.load(id); - } catch (err) { log.error(err.message); } + const log = authlog(resolver, 'readOne', me); + if (!this.authorizedLoader) { + log.error('not authorized'); + return null; + } + return await this.authorizedLoader.load(id); } find({ lastCreatedAt = 0, limit = 10, baseQuery = {} }, me, resolver) { - try { - const authQuery = queryForRoles(me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'readMany', me)); - const finalQuery = {...baseQuery, ...authQuery, createdAt: { $gt: lastCreatedAt } }; - return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); - } catch (err) { log.error(err.message); } + const authQuery = queryForRoles( + me, + ['admin'], ['_id'], + { User: this.context.User }, + authlog(resolver, 'readMany', me) + ); + const finalQuery = { + ...baseQuery, + ...authQuery, + createdAt: { $gt: lastCreatedAt } + }; + return this.collection + .find(finalQuery) + .sort({ createdAt: 1 }) + .limit(limit) + .toArray(); } tweets(user, { minLikes, lastCreatedAt = 0, limit = 10 }, me, resolver) { @@ -66,65 +85,88 @@ export default class User { } async insert(doc, me, resolver) { - try { - // We don't want to store passwords plaintext! - const { password, ...rest } = doc; - const hash = await bcrypt.hash(password, SALT_ROUNDS); - let docToInsert = Object.assign({}, rest, { - hash, - createdAt: Date.now(), - updatedAt: Date.now(), - createdById: (me && me._id) ? me._id : 'unknown', - updatedById: (me && me._id) ? me._id : 'unknown', - }); - checkAuthDoc(docToInsert, me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'create', me)); - docToInsert = protectFields(me, ['admin'], ['role'], docToInsert, { User: this.context.User }); - const id = (await this.collection.insertOne(docToInsert)).insertedId; - if (!id) { - throw new Error(`insert user not possible.`); - } - log.debug(`inserted user ${id}.`); - const insertedDoc = this.findOneById(id, me, 'pubsub userInserted'); - this.pubsub.publish('userInserted', insertedDoc); - return insertedDoc; - } catch (err) { log.error(err.message); } + // We don't want to store passwords in plaintext + const { password, ...rest } = doc; + const hash = await bcrypt.hash(password, SALT_ROUNDS); + let docToInsert = Object.assign({}, rest, { + hash, + createdAt: Date.now(), + updatedAt: Date.now(), + createdById: (me && me._id) ? me._id : 'unknown', + updatedById: (me && me._id) ? me._id : 'unknown', + }); + checkAuthDoc( + docToInsert, + me, + ['admin'], + ['_id'], + { User: this.context.User }, + authlog(resolver, 'create', me) + ); + docToInsert = protectFields(me, ['admin'], ['role'], docToInsert, { + User: this.context.User + }); + const id = (await this.collection.insertOne(docToInsert)).insertedId; + if (!id) { + throw new Error(`insert user not possible.`); + } + this.log.debug(`inserted user ${id}.`); + const insertedDoc = this.findOneById(id, me, 'pubsub userInserted'); + this.pubsub.publish('userInserted', insertedDoc); + return insertedDoc; } async updateById(id, doc, me, resolver) { - try { - let docToUpdate = {$set: Object.assign({}, doc, { - updatedAt: Date.now(), - updatedById: (me && me._id) ? me._id : 'unknown', - })}; - const baseQuery = {_id: id}; - const authQuery = queryForRoles(me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'update', me)); - const finalQuery = {...baseQuery, ...authQuery}; - docToUpdate.$set = protectFields(me, ['admin'], ['role'], docToUpdate.$set, { User: this.context.User }); - const result = await this.collection.updateOne(finalQuery, docToUpdate); - if (result.result.ok !== 1 || result.result.n !== 1){ - throw new Error(`update user not possible for ${id}.`); - } - log.debug(`updated user ${id}.`); - this.authorizedLoader.clear(id); - const updatedDoc = this.findOneById(id, me, 'pubsub userUpdated'); - this.pubsub.publish('userUpdated', updatedDoc); - return updatedDoc; - } catch (err) { log.error(err.message); } + let docToUpdate = { + $set: Object.assign({}, doc, { + updatedAt: Date.now(), + updatedById: (me && me._id) ? me._id : 'unknown' + }) + }; + const baseQuery = {_id: id}; + const authQuery = queryForRoles( + me, + ['admin'], + ['_id'], + { User: this.context.User }, + authlog(resolver, 'update', me) + ); + docToUpdate.$set = protectFields( + me, + ['admin'], + ['role'], + docToUpdate.$set, + { User: this.context.User } + ); + const finalQuery = {...baseQuery, ...authQuery}; + const result = await this.collection.updateOne(finalQuery, docToUpdate); + if (result.result.ok !== 1 || result.result.n !== 1){ + throw new Error(`update user not possible for ${id}.`); + } + this.log.debug(`updated user ${id}.`); + this.authorizedLoader.clear(id); + const updatedDoc = this.findOneById(id, me, 'pubsub userUpdated'); + this.pubsub.publish('userUpdated', updatedDoc); + return updatedDoc; } async removeById(id, me, resolver) { - try { - const baseQuery = {_id: id}; - const authQuery = queryForRoles(me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'delete', me)); - const finalQuery = {...baseQuery, ...authQuery}; - const result = await this.collection.remove(finalQuery); - if (result.result.ok !== 1 || result.result.n !== 1){ - throw new Error(`remove user not possible for ${id}.`); - } - log.debug(`removed user ${id}.`); - this.authorizedLoader.clear(id); - this.pubsub.publish('userRemoved', id); - return result; - } catch (err) { log.error(err.message); } + const baseQuery = {_id: id}; + const authQuery = queryForRoles( + me, + ['admin'], + ['_id'], + { User: this.context.User }, + authlog(resolver, 'delete', me) + ); + const finalQuery = {...baseQuery, ...authQuery}; + const result = await this.collection.remove(finalQuery); + if (result.result.ok !== 1 || result.result.n !== 1){ + throw new Error(`remove user not possible for ${id}.`); + } + this.log.debug(`removed user ${id}.`); + this.authorizedLoader.clear(id); + this.pubsub.publish('userRemoved', id); + return result; } } diff --git a/test/output-app/package.json b/test/output-app/package.json index bb31633..899b308 100644 --- a/test/output-app/package.json +++ b/test/output-app/package.json @@ -39,7 +39,7 @@ "bcrypt": "^1.0.2", "body-parser": "1.15.2", "cors": "^2.8.1", - "create-graphql-server-authorization": "^0.0.35", + "create-graphql-server-authorization": "^0.0.40", "dataloader": "^1.2.0", "denodeify": "^1.2.1", "dotenv": "2.0.0", diff --git a/test/output-app/server/index.js b/test/output-app/server/index.js index bf36cd8..de2040e 100644 --- a/test/output-app/server/index.js +++ b/test/output-app/server/index.js @@ -48,7 +48,7 @@ async function startServer() { app.use('/graphql', (req, res, next) => { passport.authenticate('jwt', { session: false }, (err, me) => { - req.context = addModelsToContext({ db, pubsub, me, UserCollection }); + req.context = addModelsToContext({ db, pubsub, me, UserCollection, log }); graphqlExpress(() => { // Get the query, the same way express-graphql does it // https://github.com/graphql/express-graphql/blob/3fa6e68582d6d933d37fa9e841da5d2aa39261cd/src/index.js#L257 diff --git a/test/output-app/yarn.lock b/test/output-app/yarn.lock index e8ad9ae..9d78a6c 100644 --- a/test/output-app/yarn.lock +++ b/test/output-app/yarn.lock @@ -77,6 +77,18 @@ ajv@^4.7.0, ajv@^4.9.1: co "^4.6.0" json-stable-stringify "^1.0.1" +align-text@^0.1.1, align-text@^0.1.3: + version "0.1.4" + resolved "https://registry.yarnpkg.com/align-text/-/align-text-0.1.4.tgz#0cd90a561093f35d0a99256c22b7069433fad117" + dependencies: + kind-of "^3.0.2" + longest "^1.0.1" + repeat-string "^1.5.2" + +amdefine@>=0.0.4: + version "1.0.1" + resolved "https://registry.yarnpkg.com/amdefine/-/amdefine-1.0.1.tgz#4a5282ac164729e93619bcfd3ad151f817ce91f5" + ansi-escapes@^1.1.0: version "1.4.0" resolved "https://registry.yarnpkg.com/ansi-escapes/-/ansi-escapes-1.4.0.tgz#d3a8a83b319aa67793662b13e761c7911422306e" @@ -169,6 +181,10 @@ assertion-error@^1.0.1: version "1.0.2" resolved "https://registry.yarnpkg.com/assertion-error/-/assertion-error-1.0.2.tgz#13ca515d86206da0bac66e834dd397d87581094c" +ast-types@0.9.11: + version "0.9.11" + resolved "https://registry.yarnpkg.com/ast-types/-/ast-types-0.9.11.tgz#371177bb59232ff5ceaa1d09ee5cad705b1a5aa9" + async-each@^1.0.0: version "1.0.1" resolved "https://registry.yarnpkg.com/async-each/-/async-each-1.0.1.tgz#19d386a1d9edc6e7c1c85d388aedbcc56d33602d" @@ -179,6 +195,10 @@ async@2.1.4: dependencies: lodash "^4.14.0" +async@^1.4.0: + version "1.5.2" + resolved "https://registry.yarnpkg.com/async/-/async-1.5.2.tgz#ec6a61ae56480c0c3cb241c95618e20892f9672a" + async@~1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/async/-/async-1.0.0.tgz#f8fc04ca3a13784ade9e1641af98578cfbd647a9" @@ -1033,6 +1053,10 @@ camelcase-keys@^2.0.0: camelcase "^2.0.0" map-obj "^1.0.0" +camelcase@^1.0.2: + version "1.2.1" + resolved "https://registry.yarnpkg.com/camelcase/-/camelcase-1.2.1.tgz#9bb5304d2e0b56698b2c758b08a3eaa9daa58a39" + camelcase@^2.0.0, camelcase@^2.0.1: version "2.1.1" resolved "https://registry.yarnpkg.com/camelcase/-/camelcase-2.1.1.tgz#7c1d16d679a1bbe59ca02cacecfb011e201f5a1f" @@ -1041,6 +1065,13 @@ caseless@~0.12.0: version "0.12.0" resolved "https://registry.yarnpkg.com/caseless/-/caseless-0.12.0.tgz#1b681c21ff84033c826543090689420d187151dc" +center-align@^0.1.1: + version "0.1.3" + resolved "https://registry.yarnpkg.com/center-align/-/center-align-0.1.3.tgz#aa0d32629b6ee972200411cbd4461c907bc2b7ad" + dependencies: + align-text "^0.1.3" + lazy-cache "^1.0.3" + chai@^3.5.0: version "3.5.0" resolved "https://registry.yarnpkg.com/chai/-/chai-3.5.0.tgz#4d02637b067fe958bdbfdd3a40ec56fef7373247" @@ -1098,6 +1129,14 @@ cli-width@^2.0.0: version "2.2.0" resolved "https://registry.yarnpkg.com/cli-width/-/cli-width-2.2.0.tgz#ff19ede8a9a5e579324147b0c11f0fbcbabed639" +cliui@^2.1.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/cliui/-/cliui-2.1.0.tgz#4b475760ff80264c762c3a1719032e91c7fea0d1" + dependencies: + center-align "^0.1.1" + right-align "^0.1.1" + wordwrap "0.0.2" + cliui@^3.0.3: version "3.2.0" resolved "https://registry.yarnpkg.com/cliui/-/cliui-3.2.0.tgz#120601537a916d29940f934da3b48d585a39213d" @@ -1205,7 +1244,7 @@ cookie@0.3.1: version "0.3.1" resolved "https://registry.yarnpkg.com/cookie/-/cookie-0.3.1.tgz#e7e0a1f9ef43b4c8ba925c5c5a96e806d16873bb" -core-js@^2.4.0, core-js@^2.5.0: +core-js@^2.4.0, core-js@^2.4.1, core-js@^2.5.0: version "2.5.0" resolved "https://registry.yarnpkg.com/core-js/-/core-js-2.5.0.tgz#569c050918be6486b3837552028ae0466b717086" @@ -1224,14 +1263,21 @@ crc@3.4.0: version "3.4.0" resolved "https://registry.yarnpkg.com/crc/-/crc-3.4.0.tgz#4258e351613a74ef1153dfcb05e820c3e9715d7f" -create-graphql-server-authorization@^0.0.35: - version "0.0.35" - resolved "https://registry.yarnpkg.com/create-graphql-server-authorization/-/create-graphql-server-authorization-0.0.35.tgz#86f102e339bef86a009879c51c25dfcb91175778" +create-graphql-server-authorization@^0.0.40: + version "0.0.40" + resolved "https://registry.yarnpkg.com/create-graphql-server-authorization/-/create-graphql-server-authorization-0.0.40.tgz#134e13e23274c44ad606dd3f7aca32455c238a96" dependencies: + babylon "^6.18.0" global "^4.3.2" + graphql "^0.11.1" + handlebars "^4.0.10" iterall "^1.1.0" lodash "4.16.4" + lodash.clonedeep "^4.5.0" + lodash.includes "^4.3.0" + lodash.merge "^4.6.0" mongodb "^2.2.31" + recast "^0.12.6" winston "^2.3.1" cryptiles@2.x.x: @@ -1282,7 +1328,7 @@ debug@2.2.0, debug@~2.2.0: dependencies: ms "0.7.1" -decamelize@^1.1.1, decamelize@^1.1.2: +decamelize@^1.0.0, decamelize@^1.1.1, decamelize@^1.1.2: version "1.2.0" resolved "https://registry.yarnpkg.com/decamelize/-/decamelize-1.2.0.tgz#f6534d15148269b20352e7bee26f501f9a191290" @@ -1667,7 +1713,7 @@ espree@^3.3.1: acorn "^5.1.1" acorn-jsx "^3.0.0" -esprima@^4.0.0: +esprima@^4.0.0, esprima@~4.0.0: version "4.0.0" resolved "https://registry.yarnpkg.com/esprima/-/esprima-4.0.0.tgz#4499eddcd1110e0b218bacf2fa7f7f59f55ca804" @@ -2151,6 +2197,12 @@ graphql@0.7.2, graphql@^0.7.0: dependencies: iterall "1.0.2" +graphql@^0.11.1: + version "0.11.1" + resolved "https://registry.yarnpkg.com/graphql/-/graphql-0.11.1.tgz#c9f004255db946a7f5f48ada0041290b9bd02c3d" + dependencies: + iterall "^1.1.0" + growl@1.9.2: version "1.9.2" resolved "https://registry.yarnpkg.com/growl/-/growl-1.9.2.tgz#0ea7743715db8d8de2c5ede1775e1b45ac85c02f" @@ -2165,6 +2217,16 @@ gulp-sourcemaps@1.6.0: through2 "^2.0.0" vinyl "^1.0.0" +handlebars@^4.0.10: + version "4.0.10" + resolved "https://registry.yarnpkg.com/handlebars/-/handlebars-4.0.10.tgz#3d30c718b09a3d96f23ea4cc1f403c4d3ba9ff4f" + dependencies: + async "^1.4.0" + optimist "^0.6.1" + source-map "^0.4.4" + optionalDependencies: + uglify-js "^2.6" + har-schema@^1.0.5: version "1.0.5" resolved "https://registry.yarnpkg.com/har-schema/-/har-schema-1.0.5.tgz#d263135f43307c02c602afc8fe95970c0151369e" @@ -2682,6 +2744,10 @@ latest-version@^1.0.0: dependencies: package-json "^1.0.0" +lazy-cache@^1.0.3: + version "1.0.4" + resolved "https://registry.yarnpkg.com/lazy-cache/-/lazy-cache-1.0.4.tgz#a1d78fc3a50474cb80845d3b3b6e1da49a446e8e" + lazystream@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/lazystream/-/lazystream-1.0.0.tgz#f6995fe0f820392f61396be89462407bb77168e4" @@ -2754,6 +2820,10 @@ lodash.assign@^3.0.0: lodash._createassigner "^3.0.0" lodash.keys "^3.0.0" +lodash.clonedeep@^4.5.0: + version "4.5.0" + resolved "https://registry.yarnpkg.com/lodash.clonedeep/-/lodash.clonedeep-4.5.0.tgz#e23f3f9c4f8fbdde872529c1071857a086e5ccef" + lodash.cond@^4.3.0: version "4.5.2" resolved "https://registry.yarnpkg.com/lodash.cond/-/lodash.cond-4.5.2.tgz#f471a1da486be60f6ab955d17115523dd1d255d5" @@ -2773,6 +2843,10 @@ lodash.defaults@^3.1.2: lodash.assign "^3.0.0" lodash.restparam "^3.0.0" +lodash.includes@^4.3.0: + version "4.3.0" + resolved "https://registry.yarnpkg.com/lodash.includes/-/lodash.includes-4.3.0.tgz#60bb98a87cb923c68ca1e51325483314849f553f" + lodash.isarguments@^3.0.0: version "3.1.0" resolved "https://registry.yarnpkg.com/lodash.isarguments/-/lodash.isarguments-3.1.0.tgz#2f573d85c6a24289ff00663b491c1d338ff3458a" @@ -2801,6 +2875,10 @@ lodash.keys@^3.0.0: lodash.isarguments "^3.0.0" lodash.isarray "^3.0.0" +lodash.merge@^4.6.0: + version "4.6.0" + resolved "https://registry.yarnpkg.com/lodash.merge/-/lodash.merge-4.6.0.tgz#69884ba144ac33fe699737a6086deffadd0f89c5" + lodash.once@^4.0.0: version "4.1.1" resolved "https://registry.yarnpkg.com/lodash.once/-/lodash.once-4.1.1.tgz#0dd3971213c7c56df880977d504c88fb471a97ac" @@ -2827,6 +2905,10 @@ log-symbols@^1.0.2: dependencies: chalk "^1.0.0" +longest@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/longest/-/longest-1.0.1.tgz#30a0b2da38f73770e8294a0d22e6625ed77d0097" + loose-envify@^1.0.0: version "1.3.1" resolved "https://registry.yarnpkg.com/loose-envify/-/loose-envify-1.3.1.tgz#d1a8ad33fa9ce0e713d65fdd0ac8b748d478c848" @@ -2937,6 +3019,10 @@ minimist@^1.1.0, minimist@^1.1.3, minimist@^1.2.0: version "1.2.0" resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.0.tgz#a35008b20f41383eec1fb914f4cd5df79a264284" +minimist@~0.0.1: + version "0.0.10" + resolved "https://registry.yarnpkg.com/minimist/-/minimist-0.0.10.tgz#de3f98543dbf96082be48ad1a0c7cda836301dcf" + mkdirp@0.5.1, "mkdirp@>=0.5 0", mkdirp@^0.5.0, mkdirp@^0.5.1: version "0.5.1" resolved "https://registry.yarnpkg.com/mkdirp/-/mkdirp-0.5.1.tgz#30057438eac6cf7f8c4767f38648d6697d75c903" @@ -3172,6 +3258,13 @@ onetime@^1.0.0: version "1.1.0" resolved "https://registry.yarnpkg.com/onetime/-/onetime-1.1.0.tgz#a1f7838f8314c516f05ecefcbc4ccfe04b4ed789" +optimist@^0.6.1: + version "0.6.1" + resolved "https://registry.yarnpkg.com/optimist/-/optimist-0.6.1.tgz#da3ea74686fa21a19a111c326e90eb15a0196686" + dependencies: + minimist "~0.0.1" + wordwrap "~0.0.2" + optionator@^0.8.2: version "0.8.2" resolved "https://registry.yarnpkg.com/optionator/-/optionator-0.8.2.tgz#364c5e409d3f4d6301d6c0b4c05bba50180aeb64" @@ -3365,7 +3458,7 @@ preserve@^0.2.0: version "0.2.0" resolved "https://registry.yarnpkg.com/preserve/-/preserve-0.2.0.tgz#815ed1f6ebc65926f865b310c0713bcb3315ce4b" -private@^0.1.6, private@^0.1.7: +private@^0.1.6, private@^0.1.7, private@~0.1.5: version "0.1.7" resolved "https://registry.yarnpkg.com/private/-/private-0.1.7.tgz#68ce5e8a1ef0a23bb570cc28537b5332aba63ef1" @@ -3516,6 +3609,16 @@ readline2@^1.0.1: is-fullwidth-code-point "^1.0.0" mute-stream "0.0.5" +recast@^0.12.6: + version "0.12.6" + resolved "https://registry.yarnpkg.com/recast/-/recast-0.12.6.tgz#4b0fb82feb1d10b3bd62d34943426d9b3ed30d4c" + dependencies: + ast-types "0.9.11" + core-js "^2.4.1" + esprima "~4.0.0" + private "~0.1.5" + source-map "~0.5.0" + redent@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/redent/-/redent-1.0.0.tgz#cf916ab1fd5f1f16dfb20822dd6ec7f730c2afde" @@ -3664,6 +3767,12 @@ restore-cursor@^1.0.1: exit-hook "^1.0.0" onetime "^1.0.0" +right-align@^0.1.1: + version "0.1.3" + resolved "https://registry.yarnpkg.com/right-align/-/right-align-0.1.3.tgz#61339b722fe6a3515689210d24e14c96148613ef" + dependencies: + align-text "^0.1.1" + rimraf@2, rimraf@^2.2.8, rimraf@^2.5.1, rimraf@^2.6.1: version "2.6.1" resolved "https://registry.yarnpkg.com/rimraf/-/rimraf-2.6.1.tgz#c2338ec643df7a1b7fe5c54fa86f57428a55f33d" @@ -3815,7 +3924,13 @@ source-map-support@^0.4.15, source-map-support@^0.4.2: dependencies: source-map "^0.5.6" -source-map@^0.5.0, source-map@^0.5.6: +source-map@^0.4.4: + version "0.4.4" + resolved "https://registry.yarnpkg.com/source-map/-/source-map-0.4.4.tgz#eba4f5da9c0dc999de68032d8b4f76173652036b" + dependencies: + amdefine ">=0.0.4" + +source-map@^0.5.0, source-map@^0.5.6, source-map@~0.5.0, source-map@~0.5.1: version "0.5.7" resolved "https://registry.yarnpkg.com/source-map/-/source-map-0.5.7.tgz#8a039d2d1021d22d1ea14c80d8ea468ba2ef3fcc" @@ -4170,6 +4285,19 @@ typedarray@^0.0.6: version "0.0.6" resolved "https://registry.yarnpkg.com/typedarray/-/typedarray-0.0.6.tgz#867ac74e3864187b1d3d47d996a78ec5c8830777" +uglify-js@^2.6: + version "2.8.29" + resolved "https://registry.yarnpkg.com/uglify-js/-/uglify-js-2.8.29.tgz#29c5733148057bb4e1f75df35b7a9cb72e6a59dd" + dependencies: + source-map "~0.5.1" + yargs "~3.10.0" + optionalDependencies: + uglify-to-browserify "~1.0.0" + +uglify-to-browserify@~1.0.0: + version "1.0.2" + resolved "https://registry.yarnpkg.com/uglify-to-browserify/-/uglify-to-browserify-1.0.2.tgz#6e0924d6bda6b5afe349e39a6d632850a0f882b7" + uid-number@^0.0.6: version "0.0.6" resolved "https://registry.yarnpkg.com/uid-number/-/uid-number-0.0.6.tgz#0ea10e8035e8eb5b8e4449f06da1c730663baa81" @@ -4321,6 +4449,10 @@ wide-align@^1.1.0: dependencies: string-width "^1.0.2" +window-size@0.1.0: + version "0.1.0" + resolved "https://registry.yarnpkg.com/window-size/-/window-size-0.1.0.tgz#5438cd2ea93b202efa3a19fe8887aee7c94f9c9d" + window-size@^0.1.4: version "0.1.4" resolved "https://registry.yarnpkg.com/window-size/-/window-size-0.1.4.tgz#f8e1aa1ee5a53ec5bf151ffa09742a6ad7697876" @@ -4336,6 +4468,14 @@ winston@^2.3.1: isstream "0.1.x" stack-trace "0.0.x" +wordwrap@0.0.2: + version "0.0.2" + resolved "https://registry.yarnpkg.com/wordwrap/-/wordwrap-0.0.2.tgz#b79669bb42ecb409f83d583cad52ca17eaa1643f" + +wordwrap@~0.0.2: + version "0.0.3" + resolved "https://registry.yarnpkg.com/wordwrap/-/wordwrap-0.0.3.tgz#a3d5da6cd5c0bc0008d37234bbaf1bed63059107" + wordwrap@~1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/wordwrap/-/wordwrap-1.0.0.tgz#27584810891456a4171c8d0226441ade90cbcaeb" @@ -4395,6 +4535,15 @@ yargs@^3.26.0: window-size "^0.1.4" y18n "^3.2.0" +yargs@~3.10.0: + version "3.10.0" + resolved "https://registry.yarnpkg.com/yargs/-/yargs-3.10.0.tgz#f7ee7bd857dd7c1d2d38c0e74efbd681d1431fd1" + dependencies: + camelcase "^1.0.2" + cliui "^2.1.0" + decamelize "^1.0.0" + window-size "0.1.0" + yauzl@^2.2.1: version "2.8.0" resolved "https://registry.yarnpkg.com/yauzl/-/yauzl-2.8.0.tgz#79450aff22b2a9c5a41ef54e02db907ccfbf9ee2" diff --git a/yarn.lock b/yarn.lock index 9ea84a4..110a0cb 100644 --- a/yarn.lock +++ b/yarn.lock @@ -40,6 +40,18 @@ ajv@^5.2.0: json-schema-traverse "^0.3.0" json-stable-stringify "^1.0.1" +align-text@^0.1.1, align-text@^0.1.3: + version "0.1.4" + resolved "https://registry.yarnpkg.com/align-text/-/align-text-0.1.4.tgz#0cd90a561093f35d0a99256c22b7069433fad117" + dependencies: + kind-of "^3.0.2" + longest "^1.0.1" + repeat-string "^1.5.2" + +amdefine@>=0.0.4: + version "1.0.1" + resolved "https://registry.yarnpkg.com/amdefine/-/amdefine-1.0.1.tgz#4a5282ac164729e93619bcfd3ad151f817ce91f5" + ansi-escapes@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/ansi-escapes/-/ansi-escapes-2.0.0.tgz#5bae52be424878dd9783e8910e3fc2922e83c81b" @@ -134,6 +146,10 @@ assertion-error@^1.0.1: version "1.0.2" resolved "https://registry.yarnpkg.com/assertion-error/-/assertion-error-1.0.2.tgz#13ca515d86206da0bac66e834dd397d87581094c" +ast-types@0.9.11: + version "0.9.11" + resolved "https://registry.yarnpkg.com/ast-types/-/ast-types-0.9.11.tgz#371177bb59232ff5ceaa1d09ee5cad705b1a5aa9" + ast-types@0.9.6: version "0.9.6" resolved "https://registry.yarnpkg.com/ast-types/-/ast-types-0.9.6.tgz#102c9e9e9005d3e7e3829bf0c4fa24ee862ee9b9" @@ -142,6 +158,10 @@ async-each@^1.0.0: version "1.0.1" resolved "https://registry.yarnpkg.com/async-each/-/async-each-1.0.1.tgz#19d386a1d9edc6e7c1c85d388aedbcc56d33602d" +async@^1.4.0: + version "1.5.2" + resolved "https://registry.yarnpkg.com/async/-/async-1.5.2.tgz#ec6a61ae56480c0c3cb241c95618e20892f9672a" + async@~1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/async/-/async-1.0.0.tgz#f8fc04ca3a13784ade9e1641af98578cfbd647a9" @@ -929,6 +949,10 @@ camelcase-keys@^2.0.0: camelcase "^2.0.0" map-obj "^1.0.0" +camelcase@^1.0.2: + version "1.2.1" + resolved "https://registry.yarnpkg.com/camelcase/-/camelcase-1.2.1.tgz#9bb5304d2e0b56698b2c758b08a3eaa9daa58a39" + camelcase@^2.0.0: version "2.1.1" resolved "https://registry.yarnpkg.com/camelcase/-/camelcase-2.1.1.tgz#7c1d16d679a1bbe59ca02cacecfb011e201f5a1f" @@ -937,6 +961,13 @@ caseless@~0.12.0: version "0.12.0" resolved "https://registry.yarnpkg.com/caseless/-/caseless-0.12.0.tgz#1b681c21ff84033c826543090689420d187151dc" +center-align@^0.1.1: + version "0.1.3" + resolved "https://registry.yarnpkg.com/center-align/-/center-align-0.1.3.tgz#aa0d32629b6ee972200411cbd4461c907bc2b7ad" + dependencies: + align-text "^0.1.3" + lazy-cache "^1.0.3" + chai-diff@^1.0.1: version "1.0.1" resolved "https://registry.yarnpkg.com/chai-diff/-/chai-diff-1.0.1.tgz#6c66894700d80cd90350ab4e4403625d4f53a1c1" @@ -1012,6 +1043,14 @@ cli-width@^2.0.0: version "2.2.0" resolved "https://registry.yarnpkg.com/cli-width/-/cli-width-2.2.0.tgz#ff19ede8a9a5e579324147b0c11f0fbcbabed639" +cliui@^2.1.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/cliui/-/cliui-2.1.0.tgz#4b475760ff80264c762c3a1719032e91c7fea0d1" + dependencies: + center-align "^0.1.1" + right-align "^0.1.1" + wordwrap "0.0.2" + co@^4.6.0: version "4.6.0" resolved "https://registry.yarnpkg.com/co/-/co-4.6.0.tgz#6ea6bdf3d853ae54ccb8e47bfa0bf3f9031fb184" @@ -1074,7 +1113,7 @@ convert-source-map@^1.1.0, convert-source-map@^1.5.0: version "1.5.0" resolved "https://registry.yarnpkg.com/convert-source-map/-/convert-source-map-1.5.0.tgz#9acd70851c6d5dfdd93d9282e5edf94a03ff46b5" -core-js@^2.4.0, core-js@^2.5.0: +core-js@^2.4.0, core-js@^2.4.1, core-js@^2.5.0: version "2.5.0" resolved "https://registry.yarnpkg.com/core-js/-/core-js-2.5.0.tgz#569c050918be6486b3837552028ae0466b717086" @@ -1091,14 +1130,21 @@ cpr@^2.0.0: mkdirp "~0.5.1" rimraf "^2.5.4" -create-graphql-server-authorization@^0.0.35: - version "0.0.35" - resolved "https://registry.yarnpkg.com/create-graphql-server-authorization/-/create-graphql-server-authorization-0.0.35.tgz#86f102e339bef86a009879c51c25dfcb91175778" +create-graphql-server-authorization@^0.0.40: + version "0.0.40" + resolved "https://registry.yarnpkg.com/create-graphql-server-authorization/-/create-graphql-server-authorization-0.0.40.tgz#134e13e23274c44ad606dd3f7aca32455c238a96" dependencies: + babylon "^6.18.0" global "^4.3.2" + graphql "^0.11.1" + handlebars "^4.0.10" iterall "^1.1.0" lodash "4.16.4" + lodash.clonedeep "^4.5.0" + lodash.includes "^4.3.0" + lodash.merge "^4.6.0" mongodb "^2.2.31" + recast "^0.12.6" winston "^2.3.1" cross-spawn@^5.1.0: @@ -1145,13 +1191,17 @@ dashdash@^1.12.0: dependencies: assert-plus "^1.0.0" +dataloader@^1.3.0: + version "1.3.0" + resolved "https://registry.yarnpkg.com/dataloader/-/dataloader-1.3.0.tgz#6fec5be4b30a712e4afd30b86b4334566b97673b" + debug@2.6.8, debug@^2.1.1, debug@^2.2.0, debug@^2.6.8: version "2.6.8" resolved "https://registry.yarnpkg.com/debug/-/debug-2.6.8.tgz#e731531ca2ede27d188222427da17821d68ff4fc" dependencies: ms "2.0.0" -decamelize@^1.1.2: +decamelize@^1.0.0, decamelize@^1.1.2: version "1.2.0" resolved "https://registry.yarnpkg.com/decamelize/-/decamelize-1.2.0.tgz#f6534d15148269b20352e7bee26f501f9a191290" @@ -1415,7 +1465,7 @@ espree@^3.5.0: acorn "^5.1.1" acorn-jsx "^3.0.0" -esprima@^4.0.0: +esprima@^4.0.0, esprima@~4.0.0: version "4.0.0" resolved "https://registry.yarnpkg.com/esprima/-/esprima-4.0.0.tgz#4499eddcd1110e0b218bacf2fa7f7f59f55ca804" @@ -1715,10 +1765,26 @@ graphql@0.7.2: dependencies: iterall "1.0.2" +graphql@^0.11.1: + version "0.11.1" + resolved "https://registry.yarnpkg.com/graphql/-/graphql-0.11.1.tgz#c9f004255db946a7f5f48ada0041290b9bd02c3d" + dependencies: + iterall "^1.1.0" + growl@1.9.2: version "1.9.2" resolved "https://registry.yarnpkg.com/growl/-/growl-1.9.2.tgz#0ea7743715db8d8de2c5ede1775e1b45ac85c02f" +handlebars@^4.0.10: + version "4.0.10" + resolved "https://registry.yarnpkg.com/handlebars/-/handlebars-4.0.10.tgz#3d30c718b09a3d96f23ea4cc1f403c4d3ba9ff4f" + dependencies: + async "^1.4.0" + optimist "^0.6.1" + source-map "^0.4.4" + optionalDependencies: + uglify-js "^2.6" + har-schema@^1.0.5: version "1.0.5" resolved "https://registry.yarnpkg.com/har-schema/-/har-schema-1.0.5.tgz#d263135f43307c02c602afc8fe95970c0151369e" @@ -2081,6 +2147,10 @@ kind-of@^4.0.0: dependencies: is-buffer "^1.1.5" +lazy-cache@^1.0.3: + version "1.0.4" + resolved "https://registry.yarnpkg.com/lazy-cache/-/lazy-cache-1.0.4.tgz#a1d78fc3a50474cb80845d3b3b6e1da49a446e8e" + levn@^0.3.0, levn@~0.3.0: version "0.3.0" resolved "https://registry.yarnpkg.com/levn/-/levn-0.3.0.tgz#3b09924edf9f083c0490fdd4c0bc4421e04764ee" @@ -2187,6 +2257,10 @@ log-symbols@^1.0.2: dependencies: chalk "^1.0.0" +longest@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/longest/-/longest-1.0.1.tgz#30a0b2da38f73770e8294a0d22e6625ed77d0097" + loose-envify@^1.0.0: version "1.3.1" resolved "https://registry.yarnpkg.com/loose-envify/-/loose-envify-1.3.1.tgz#d1a8ad33fa9ce0e713d65fdd0ac8b748d478c848" @@ -2286,6 +2360,10 @@ minimist@^1.1.0, minimist@^1.1.3, minimist@^1.2.0: version "1.2.0" resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.0.tgz#a35008b20f41383eec1fb914f4cd5df79a264284" +minimist@~0.0.1: + version "0.0.10" + resolved "https://registry.yarnpkg.com/minimist/-/minimist-0.0.10.tgz#de3f98543dbf96082be48ad1a0c7cda836301dcf" + mkdirp@0.5.1, "mkdirp@>=0.5 0", mkdirp@^0.5.1, mkdirp@~0.5.1: version "0.5.1" resolved "https://registry.yarnpkg.com/mkdirp/-/mkdirp-0.5.1.tgz#30057438eac6cf7f8c4767f38648d6697d75c903" @@ -2422,6 +2500,13 @@ onetime@^2.0.0: dependencies: mimic-fn "^1.0.0" +optimist@^0.6.1: + version "0.6.1" + resolved "https://registry.yarnpkg.com/optimist/-/optimist-0.6.1.tgz#da3ea74686fa21a19a111c326e90eb15a0196686" + dependencies: + minimist "~0.0.1" + wordwrap "~0.0.2" + optionator@^0.8.2: version "0.8.2" resolved "https://registry.yarnpkg.com/optionator/-/optionator-0.8.2.tgz#364c5e409d3f4d6301d6c0b4c05bba50180aeb64" @@ -2644,6 +2729,16 @@ recast@^0.11.18: private "~0.1.5" source-map "~0.5.0" +recast@^0.12.6: + version "0.12.6" + resolved "https://registry.yarnpkg.com/recast/-/recast-0.12.6.tgz#4b0fb82feb1d10b3bd62d34943426d9b3ed30d4c" + dependencies: + ast-types "0.9.11" + core-js "^2.4.1" + esprima "~4.0.0" + private "~0.1.5" + source-map "~0.5.0" + redent@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/redent/-/redent-1.0.0.tgz#cf916ab1fd5f1f16dfb20822dd6ec7f730c2afde" @@ -2776,6 +2871,12 @@ restore-cursor@^2.0.0: onetime "^2.0.0" signal-exit "^3.0.2" +right-align@^0.1.1: + version "0.1.3" + resolved "https://registry.yarnpkg.com/right-align/-/right-align-0.1.3.tgz#61339b722fe6a3515689210d24e14c96148613ef" + dependencies: + align-text "^0.1.1" + rimraf@2, rimraf@^2.2.8, rimraf@^2.5.1, rimraf@^2.5.4, rimraf@^2.6.1: version "2.6.1" resolved "https://registry.yarnpkg.com/rimraf/-/rimraf-2.6.1.tgz#c2338ec643df7a1b7fe5c54fa86f57428a55f33d" @@ -2862,7 +2963,13 @@ source-map-support@^0.4.15, source-map-support@^0.4.2: dependencies: source-map "^0.5.6" -source-map@^0.5.0, source-map@^0.5.6, source-map@~0.5.0: +source-map@^0.4.4: + version "0.4.4" + resolved "https://registry.yarnpkg.com/source-map/-/source-map-0.4.4.tgz#eba4f5da9c0dc999de68032d8b4f76173652036b" + dependencies: + amdefine ">=0.0.4" + +source-map@^0.5.0, source-map@^0.5.6, source-map@~0.5.0, source-map@~0.5.1: version "0.5.7" resolved "https://registry.yarnpkg.com/source-map/-/source-map-0.5.7.tgz#8a039d2d1021d22d1ea14c80d8ea468ba2ef3fcc" @@ -3067,6 +3174,19 @@ typedarray@^0.0.6: version "0.0.6" resolved "https://registry.yarnpkg.com/typedarray/-/typedarray-0.0.6.tgz#867ac74e3864187b1d3d47d996a78ec5c8830777" +uglify-js@^2.6: + version "2.8.29" + resolved "https://registry.yarnpkg.com/uglify-js/-/uglify-js-2.8.29.tgz#29c5733148057bb4e1f75df35b7a9cb72e6a59dd" + dependencies: + source-map "~0.5.1" + yargs "~3.10.0" + optionalDependencies: + uglify-to-browserify "~1.0.0" + +uglify-to-browserify@~1.0.0: + version "1.0.2" + resolved "https://registry.yarnpkg.com/uglify-to-browserify/-/uglify-to-browserify-1.0.2.tgz#6e0924d6bda6b5afe349e39a6d632850a0f882b7" + uid-number@^0.0.6: version "0.0.6" resolved "https://registry.yarnpkg.com/uid-number/-/uid-number-0.0.6.tgz#0ea10e8035e8eb5b8e4449f06da1c730663baa81" @@ -3116,6 +3236,10 @@ wide-align@^1.1.0: dependencies: string-width "^1.0.2" +window-size@0.1.0: + version "0.1.0" + resolved "https://registry.yarnpkg.com/window-size/-/window-size-0.1.0.tgz#5438cd2ea93b202efa3a19fe8887aee7c94f9c9d" + winston@^2.3.1: version "2.3.1" resolved "https://registry.yarnpkg.com/winston/-/winston-2.3.1.tgz#0b48420d978c01804cf0230b648861598225a119" @@ -3127,6 +3251,14 @@ winston@^2.3.1: isstream "0.1.x" stack-trace "0.0.x" +wordwrap@0.0.2: + version "0.0.2" + resolved "https://registry.yarnpkg.com/wordwrap/-/wordwrap-0.0.2.tgz#b79669bb42ecb409f83d583cad52ca17eaa1643f" + +wordwrap@~0.0.2: + version "0.0.3" + resolved "https://registry.yarnpkg.com/wordwrap/-/wordwrap-0.0.3.tgz#a3d5da6cd5c0bc0008d37234bbaf1bed63059107" + wordwrap@~1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/wordwrap/-/wordwrap-1.0.0.tgz#27584810891456a4171c8d0226441ade90cbcaeb" @@ -3144,3 +3276,12 @@ write@^0.2.1: yallist@^2.1.2: version "2.1.2" resolved "https://registry.yarnpkg.com/yallist/-/yallist-2.1.2.tgz#1c11f9218f076089a47dd512f93c6699a6a81d52" + +yargs@~3.10.0: + version "3.10.0" + resolved "https://registry.yarnpkg.com/yargs/-/yargs-3.10.0.tgz#f7ee7bd857dd7c1d2d38c0e74efbd681d1431fd1" + dependencies: + camelcase "^1.0.2" + cliui "^2.1.0" + decamelize "^1.0.0" + window-size "0.1.0" From 9e2d358e5778729a8009a0a126f781d3290775be Mon Sep 17 00:00:00 2001 From: tobkle Date: Sat, 2 Sep 2017 02:27:44 +0200 Subject: [PATCH 67/69] with handlebars templating --- README.md | 10 +- bin/create-graphql-server.js | 2 +- bin/gentest.js | 44 +- generate/index.js | 28 +- generate/model/index.js | 144 +- generate/model/templates/README.md | 12 + generate/model/templates/base.js.template | 83 - .../common/defaultPaginatedField.template | 0 .../common/defaultSingularField.template | 0 .../model/templates/default/default.template | 12 + .../default/default_default.template | 2 +- .../paginatedAssociation.js.template | 7 - .../templates/singularAssociation.js.template | 6 - .../templates}/user/default_user.template | 2 +- generate/model/templates/user/user.template | 12 + generate/resolvers/index.js | 73 +- generate/resolvers/templates/README.md | 12 + generate/resolvers/templates/base.js.template | 44 - .../common/defaultPaginatedField.template | 0 .../common/defaultSingularField.template | 0 .../templates/default/default.template | 12 + .../default/default_default.template | 0 .../templates/fieldOfType.js.template | 5 - .../templates/paginatedField.js.template | 5 - generate/schema/index.js | 25 +- .../model/default/authorize_default.template | 139 - .../templates/model/default/default.template | 5 - .../model/user/authorize_user.template | 161 - generate/templates/model/user/user.template | 5 - .../resolver/default/auth_default.template | 52 - .../resolver/default/default.template | 5 - generate/util/capitalization.js | 14 + generate/{ => util}/constants.js | 34 +- generate/{ => util}/getCode.js | 155 +- generate/{ => util}/getContext.js | 117 +- generate/{ => util}/getName.js | 17 +- generate/{ => util}/getPartials.js | 30 +- generate/util/graphql.js | 15 + generate/util/prep.js | 14 - generate/{ => util}/read.js | 0 package.json | 5 +- skel/README.md | 805 +- skel/package.json | 2 +- skel/server/index.js | 2 +- test/output-app/README.md | 805 +- test/output-app/index.js | 2 +- test/output-app/log/all-logs-readable.log | 8266 ----------------- test/output-app/model/Tweet.js | 59 +- test/output-app/model/User.js | 59 +- test/output-app/package.json | 2 +- test/output-app/resolvers/Tweet.js | 32 +- test/output-app/resolvers/User.js | 36 +- test/output-app/schema/Tweet.graphql | 2 +- test/output-app/schema/User.graphql | 2 +- test/output-app/yarn.lock | 11 +- yarn.lock | 11 +- 56 files changed, 522 insertions(+), 10882 deletions(-) create mode 100644 generate/model/templates/README.md delete mode 100644 generate/model/templates/base.js.template rename generate/{templates/model => model/templates}/common/defaultPaginatedField.template (100%) rename generate/{templates/model => model/templates}/common/defaultSingularField.template (100%) create mode 100644 generate/model/templates/default/default.template rename generate/{templates/model => model/templates}/default/default_default.template (99%) delete mode 100644 generate/model/templates/paginatedAssociation.js.template delete mode 100644 generate/model/templates/singularAssociation.js.template rename generate/{templates/model => model/templates}/user/default_user.template (99%) create mode 100644 generate/model/templates/user/user.template create mode 100644 generate/resolvers/templates/README.md delete mode 100644 generate/resolvers/templates/base.js.template rename generate/{templates/resolver => resolvers/templates}/common/defaultPaginatedField.template (100%) rename generate/{templates/resolver => resolvers/templates}/common/defaultSingularField.template (100%) create mode 100644 generate/resolvers/templates/default/default.template rename generate/{templates/resolver => resolvers/templates}/default/default_default.template (100%) delete mode 100644 generate/resolvers/templates/fieldOfType.js.template delete mode 100644 generate/resolvers/templates/paginatedField.js.template delete mode 100644 generate/templates/model/default/authorize_default.template delete mode 100644 generate/templates/model/default/default.template delete mode 100644 generate/templates/model/user/authorize_user.template delete mode 100644 generate/templates/model/user/user.template delete mode 100644 generate/templates/resolver/default/auth_default.template delete mode 100644 generate/templates/resolver/default/default.template rename generate/{ => util}/constants.js (93%) rename generate/{ => util}/getCode.js (64%) rename generate/{ => util}/getContext.js (63%) rename generate/{ => util}/getName.js (50%) rename generate/{ => util}/getPartials.js (74%) delete mode 100644 generate/util/prep.js rename generate/{ => util}/read.js (100%) diff --git a/README.md b/README.md index 7f8ccde..8b755e7 100644 --- a/README.md +++ b/README.md @@ -115,7 +115,8 @@ type User { } ``` -You could update the generated `CreateUserInput` input object to take a `password` field: +The generator automatically adjusts your schema and code in the following way: +It adjusts the generated `CreateUserInput` input object to take a `password` field: ```graphql input CreateUserInput { @@ -125,7 +126,7 @@ input CreateUserInput { } ``` -And then update the generated `User` model to hash that password and store it: +And in updates the generated `User` model to hash that password and store it: ```js import bcrypt from 'bcrypt'; @@ -151,6 +152,8 @@ class User { } ``` +So the "User" type is treated differently as any other default type. + ## Authorization create-graphql-server can also handle authorizations. There are two ways to control authorizations: @@ -251,6 +254,9 @@ docToInsert = protectFields(me, ['admin'], ['role'], docToInsert, { User: this.c ``` By this, only a User (me) with role "admin" is allowed to access the field "docToInsert.role". For any other user, this field is removed from the docToInsert during the protectFields run. +## Example Implementation +[Please have a look at the example implementation.](https://github.com/tmeasday/create-graphql-server/tree/master/test/output-app) + ## Client side code To create users, simply call your generated `createUser` mutation (you may want to add authorization to the resolver, feel free to modify it). diff --git a/bin/create-graphql-server.js b/bin/create-graphql-server.js index b34fc6d..be2b25b 100755 --- a/bin/create-graphql-server.js +++ b/bin/create-graphql-server.js @@ -92,8 +92,8 @@ function getFileUpdateList(inputSchemaFile, mode) { // provide a dummy type file just with the type name inputSchemaStr = `type ${adjustTypeName(inputSchemaFile)} {}`; } - // generate code therefore in memory first + debugger; const { typeName, TypeName, diff --git a/bin/gentest.js b/bin/gentest.js index 73f934e..f688965 100755 --- a/bin/gentest.js +++ b/bin/gentest.js @@ -1,44 +1,40 @@ #!/usr/bin/env babel-node --inspect /* eslint-disable no-console */ - var exec = require('child_process').exec; import fs from 'fs'; import path from 'path'; import os from 'os'; import minimist from 'minimist'; -import { parse, print } from 'graphql'; -import readInput from '../generate/read'; -import { getCode } from '../generate/getCode'; -import generateSchema from '../generate/schema'; -import { generateResolver, generateModel } from '../generate'; +import generate from '../generate'; const argv = minimist(process.argv.slice(2)); const commands = argv._; const file = commands[0] || path.join('test', 'input', 'User.graphql'); +const targetDir = commands[1] || os.tmpdir(); +debugger; +const inputSchemaStr = fs.readFileSync(file, 'utf8'); +const { + typeName, + TypeName, + outputSchemaStr, + resolversStr, + modelStr, +} = generate(inputSchemaStr); -const inputSchema = readInput(file); -const outputSchema = generateSchema(inputSchema); -const outputSchemaStr = print(outputSchema); -const modelCode = generateModel(inputSchema); -const resolverCode = generateResolver(inputSchema); - -console.log('\n\INPUT:\n\n', file); +console.log('\n\INPUT:\n\n', inputSchemaStr); console.log('\n\nSCHEMA:\n\n', outputSchemaStr); -console.log('\n\MODEL:\n\n', modelCode); -console.log('\n\RESOLVER:\n\n', resolverCode, '\n\n'); - -writeFile(file, print(inputSchema), '.input'); +console.log('\n\MODEL:\n\n', modelStr); +console.log('\n\RESOLVER:\n\n', resolversStr, '\n\n'); +writeFile(file, inputSchemaStr, '.input'); writeFile(file, outputSchemaStr, '.graphql'); -writeFile(file, modelCode, '.model.js'); -writeFile(file, resolverCode, '.resolver.js'); +writeFile(file, modelStr, '.model.js'); +writeFile(file, resolversStr, '.resolver.js'); process.exit(0); function writeFile(file, data, type) { - const tmpdir = os.tmpdir(); - const filename = path.basename(file, '.graphql'); - const newPath = path.join(tmpdir, filename + type); - console.log('writing to and open in sublime editor...', newPath); + const newPath = path.join(targetDir, path.basename(file, '.graphql') + type); + console.log('writing to file and opening file in sublime editor...', newPath); fs.writeFileSync(newPath, data, 'utf8'); exec(`subl ${newPath}`); -} \ No newline at end of file +} diff --git a/generate/index.js b/generate/index.js index 73f3b1b..364c1b8 100644 --- a/generate/index.js +++ b/generate/index.js @@ -1,42 +1,26 @@ // We are in an intermediate step where we aren't actually generating files // but we are generating code. - import { parse, print } from 'graphql'; -import generateSchema from './schema'; -import { getCode } from './getCode'; - import { lcFirst } from './util/capitalization'; +import generateModel from './model'; +import generateResolver from './resolvers'; +import generateSchema from './schema'; export default function generate(inputSchemaStr) { const inputSchema = parse(inputSchemaStr); const type = inputSchema.definitions[0]; const TypeName = type.name.value; + const typeName = lcFirst(TypeName); const outputSchema = generateSchema(inputSchema); const outputSchemaStr = print(outputSchema); const resolversStr = generateResolver(inputSchema); const modelStr = generateModel(inputSchema); - + return { - typeName: lcFirst(TypeName), + typeName, TypeName, outputSchemaStr, resolversStr, modelStr, }; } - -export function generateModel(inputSchema) { - return getCode({ - inputSchema, - basePath: ['generate', 'templates', 'model'], - authPath: ['node_modules', 'create-graphql-server-authorization', 'templates', 'model', 'auth'] - }); -} - -export function generateResolver(inputSchema) { - return getCode({ - inputSchema, - basePath: ['generate', 'templates', 'resolver'], - authPath: ['node_modules', 'create-graphql-server-authorization', 'templates','resolver', 'auth'] - }); -} diff --git a/generate/model/index.js b/generate/model/index.js index 4eb7359..dd9be36 100644 --- a/generate/model/index.js +++ b/generate/model/index.js @@ -1,139 +1,19 @@ -import fs from 'fs'; import { print } from 'recast'; +import { templateToAst } from '../util/read'; +import getCode from '../util/getCode'; +import { MODEL } from '../util/constants'; +import { modulePath } from 'create-graphql-server-authorization'; -import { templateToAst } from '../read'; -import { lcFirst } from '../util/capitalization'; -import generatePerField from '../util/generatePerField'; -import { generateAuthorizationCode } from 'create-graphql-server-authorization'; - -function read(name) { - return fs.readFileSync(`${__dirname}/templates/${name}.js.template`, 'utf8'); -} - -const templates = { - base: read('base'), - singularAssociation: read('singularAssociation'), - paginatedAssociation: read('paginatedAssociation'), -}; - -function buildAst(template, { - typeName, - fieldName, - argsStr, - ReturnTypeName, - query, -}) { - const argsWithDefaultsStr = argsStr - .replace('lastCreatedAt', 'lastCreatedAt = 0') - .replace('limit', 'limit = 10'); - return templateToAst(template, { - typeName, - fieldName, - argsStr: argsWithDefaultsStr, - ReturnTypeName, - query, - }); -} - -const generators = { - base(replacements) { - return templateToAst(templates.base, replacements) - }, - belongsTo(replacements) { - return buildAst(templates.singularAssociation, replacements); - }, - belongsToMany(replacements) { - const { typeName, fieldName } = replacements; - return buildAst(templates.paginatedAssociation, { - ...replacements, - query: `_id: { $in: ${typeName}.${fieldName}Ids || [] }`, - }); - }, - // TODO: write test and implement - // hasOne({ typeName, fieldName, ReturnTypeName }, { as }) { - // return templateToAst(templates.singularAssociation, { - // typeName, - // fieldName, - // ReturnTypeName, - // }); - // }, - hasMany(replacements, { as }) { - const { typeName } = replacements; - return buildAst(templates.paginatedAssociation, { - ...replacements, - query: `${as || typeName}Id: ${typeName}._id`, - }); - }, - hasAndBelongsToMany(replacements, { as }) { - const { typeName } = replacements; - return buildAst(templates.paginatedAssociation, { - ...replacements, - query: `${as || typeName}Ids: ${typeName}._id`, - }); - }, -}; - -function getClassMethods(program){ - let classMethodsAst; - - program.body.forEach(Node => { - - if (Node.type === 'ExportDefaultDeclaration' && - Node.declaration.type === 'ClassDeclaration' && - Node.declaration.body.type === 'ClassBody'){ - classMethodsAst = Node.declaration.body.body; - } - - }); - - return classMethodsAst; -} - -function getResolverClassMethod(program){ - let classMethodsAst; - - program.body.forEach(Node => { - - if (Node.type === 'ClassDeclaration' && - Node.body.type === 'ClassBody' && - Node.body.body[0].type === 'ClassMethod'){ - classMethodsAst = Node.body.body[0]; - } - - }); - - return classMethodsAst; -} - -export function generateModelAst(inputSchema) { - const type = inputSchema.definitions[0]; - const TypeName = type.name.value; - const typeName = lcFirst(TypeName); - - const ast = generators.base({ - TypeName, - typeName, - ...generateAuthorizationCode( typeName, inputSchema ) - }); - - // XXX: rather than hardcoding in array indices it would be less brittle to - // walk the tree using https://github.com/benjamn/ast-types - // find: 'ExportDefaultDeclaration' - const classMethodsAst = getClassMethods(ast.program); - - const findOneMethod = classMethodsAst.find(m => m.key.name === 'find'); - let nextIndex = classMethodsAst.indexOf(findOneMethod) + 1; +export default function generateModel(inputSchema) { - generatePerField(type, generators).forEach((resolverFunctionAst) => { - const classMethodAst = getResolverClassMethod(resolverFunctionAst.program); - classMethodsAst.splice(nextIndex, 0, classMethodAst); - nextIndex += 1; + const templateCode = getCode(MODEL, { + inputSchema, + basePath: [__dirname, 'templates'], + authPath: [modulePath, 'templates', 'model', 'auth'] }); - return ast; -} - -export default function generateModel(inputSchema) { - const ast = generateModelAst(inputSchema); + // validate syntax of generated template code + const replacements = {}; + const ast = templateToAst(templateCode, replacements); return print(ast, { trailingComma: true }).code; } diff --git a/generate/model/templates/README.md b/generate/model/templates/README.md new file mode 100644 index 0000000..56c9898 --- /dev/null +++ b/generate/model/templates/README.md @@ -0,0 +1,12 @@ +In order to enable different authorization concepts, +the templates with a specific and opinionated authorization concept +are factored out, in a own npm module. You will find those templates +in the following npm module: + +** node_modules/create-graphql-server-authorization/templates/auth ** + +Please feel free to fork create-graphql-server-authorization +and implement your own authorization concept there, or add your own +templates here. + + diff --git a/generate/model/templates/base.js.template b/generate/model/templates/base.js.template deleted file mode 100644 index 916803d..0000000 --- a/generate/model/templates/base.js.template +++ /dev/null @@ -1,83 +0,0 @@ -import DataLoader from 'dataloader'; -import { findByIds, queryForRoles, getLogFilename, logger, authlog, checkAuthDoc, protectFields } from 'create-graphql-server-authorization';generateBcryptDefinition -const log = logger(getLogFilename()); - -export default class TypeName { - constructor(context) { - this.context = context; - this.collection = context.db.collection('typeName'); - this.pubsub = context.pubsub;generateAuthRoleDefinition - const that = this; - try { - generateAuthCodeModeReadOne - } catch (err) { log.error(err.message); } - } - generateAuthRoleMethod - async findOneById(id, me, resolver) { - try { - if (!this.authorizedLoader) return null; - return await this.authorizedLoader.load(id); - } catch (err) { log.error(err.message); } - } - - find({ lastCreatedAt = 0, limit = 10, baseQuery = {} }, me, resolver) { - try { - generateAuthCodeModeReadMany - return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); - } catch (err) { log.error(err.message); } - } - - generateCreatedBy - - generateUpdatedBy - - async insert(doc, me, resolver) { - try { - generateAuthCodeModeCreate - const id = (await this.collection.insertOne(docToInsert)).insertedId; - if (!id) { - throw new Error(`insert typeName not possible.`); - } - log.debug(`inserted typeName ${id}.`); - const insertedDoc = this.findOneById(id, me, 'pubsub typeNameInserted'); - this.pubsub.publish('typeNameInserted', insertedDoc); - return insertedDoc; - } catch (err) { log.error(err.message); } - } - - async updateById(id, doc, me, resolver) { - try { - let docToUpdate = {$set: Object.assign({}, doc, { - updatedAt: Date.now(), - updatedById: (me && me._id) ? me._id : 'unknown', - })}; - const baseQuery = {_id: id}; - generateAuthCodeModeUpdate - const result = await this.collection.updateOne(finalQuery, docToUpdate); - if (result.result.ok !== 1 || result.result.n !== 1){ - throw new Error(`update typeName not possible for ${id}.`); - } - log.debug(`updated typeName ${id}.`); - this.authorizedLoader.clear(id); - const updatedDoc = this.findOneById(id, me, 'pubsub typeNameUpdated'); - this.pubsub.publish('typeNameUpdated', updatedDoc); - return updatedDoc; - } catch (err) { log.error(err.message); } - } - - async removeById(id, me, resolver) { - try { - const baseQuery = {_id: id}; - generateAuthCodeModeDelete - const result = await this.collection.remove(finalQuery); - if (result.result.ok !== 1 || result.result.n !== 1){ - throw new Error(`remove typeName not possible for ${id}.`); - } - log.debug(`removed typeName ${id}.`); - this.authorizedLoader.clear(id); - this.pubsub.publish('typeNameRemoved', id); - return result; - } catch (err) { log.error(err.message); } - } - -} diff --git a/generate/templates/model/common/defaultPaginatedField.template b/generate/model/templates/common/defaultPaginatedField.template similarity index 100% rename from generate/templates/model/common/defaultPaginatedField.template rename to generate/model/templates/common/defaultPaginatedField.template diff --git a/generate/templates/model/common/defaultSingularField.template b/generate/model/templates/common/defaultSingularField.template similarity index 100% rename from generate/templates/model/common/defaultSingularField.template rename to generate/model/templates/common/defaultSingularField.template diff --git a/generate/model/templates/default/default.template b/generate/model/templates/default/default.template new file mode 100644 index 0000000..fe0b47b --- /dev/null +++ b/generate/model/templates/default/default.template @@ -0,0 +1,12 @@ +{{!-- If authorization is switched on, the authorize variable is true --}} +{{!-- so it loads the template in the file "authorize_default", --}} +{{!-- which you will find in the npm module: --}} +{{!-- node_modules/create-graphql-server-authorization/templates --}} +{{!-- If the type has no @authorize directive --}} +{{!-- then the default generator is processed and --}} +{{!-- the template default_default here is loaded --}} +{{#if authorize }} +{{> authorize_default }} +{{else }} +{{> default_default }} +{{/if }} \ No newline at end of file diff --git a/generate/templates/model/default/default_default.template b/generate/model/templates/default/default_default.template similarity index 99% rename from generate/templates/model/default/default_default.template rename to generate/model/templates/default/default_default.template index 682dbe6..9a1436e 100644 --- a/generate/templates/model/default/default_default.template +++ b/generate/model/templates/default/default_default.template @@ -38,7 +38,7 @@ export default class {{TypeName}} { {{#each paginatedFields }} {{> defaultPaginatedField }} {{/each}} - + async insert(doc) { const docToInsert = Object.assign({}, doc, { createdAt: Date.now(), diff --git a/generate/model/templates/paginatedAssociation.js.template b/generate/model/templates/paginatedAssociation.js.template deleted file mode 100644 index 1670651..0000000 --- a/generate/model/templates/paginatedAssociation.js.template +++ /dev/null @@ -1,7 +0,0 @@ -class PaginatedAssociation { - fieldName(typeName, argsStr, me, resolver) { - const baseQuery = { query }; - return this.context.ReturnTypeName.find({ lastCreatedAt, limit, baseQuery }, me, resolver); - } - -} diff --git a/generate/model/templates/singularAssociation.js.template b/generate/model/templates/singularAssociation.js.template deleted file mode 100644 index 669ad91..0000000 --- a/generate/model/templates/singularAssociation.js.template +++ /dev/null @@ -1,6 +0,0 @@ -class SingularAssociation { - fieldName(typeName, me, resolver) { - return this.context.ReturnTypeName.findOneById(typeName.fieldNameId, me, resolver); - } - -} diff --git a/generate/templates/model/user/default_user.template b/generate/model/templates/user/default_user.template similarity index 99% rename from generate/templates/model/user/default_user.template rename to generate/model/templates/user/default_user.template index 9fdb89c..efedf6c 100644 --- a/generate/templates/model/user/default_user.template +++ b/generate/model/templates/user/default_user.template @@ -40,7 +40,7 @@ export default class {{TypeName}} { {{#each paginatedFields}} {{> defaultPaginatedField }} {{/each}} - + async insert(doc) { // We don't want to store passwords in plaintext const { password, ...rest } = doc; diff --git a/generate/model/templates/user/user.template b/generate/model/templates/user/user.template new file mode 100644 index 0000000..84c8caf --- /dev/null +++ b/generate/model/templates/user/user.template @@ -0,0 +1,12 @@ +{{!-- If authorization is switched on, the authorize variable is true --}} +{{!-- so it loads the template in the file "authorize_user", --}} +{{!-- which you will find in the npm module: --}} +{{!-- node_modules/create-graphql-server-authorization/templates --}} +{{!-- If the type has no @authorize directive --}} +{{!-- then the default generator is processed and --}} +{{!-- the template default_user here is loaded --}} +{{#if authorize }} +{{> authorize_user }} +{{else }} +{{> default_user }} +{{/if }} \ No newline at end of file diff --git a/generate/resolvers/index.js b/generate/resolvers/index.js index b983b3c..3d44c61 100644 --- a/generate/resolvers/index.js +++ b/generate/resolvers/index.js @@ -1,62 +1,19 @@ -import fs from 'fs'; -import { print } from 'recast'; - -import { templateToAst } from '../read'; -import generatePerField from '../util/generatePerField'; -import { lcFirst } from '../util/capitalization'; - -function read(name) { - return fs.readFileSync(`${__dirname}/templates/${name}.js.template`, 'utf8'); -} - -const templates = { - base: read('base'), - fieldOfType: read('fieldOfType'), - paginatedField: read('paginatedField'), -}; - -function generateResolver(template) { - return ({ TypeName, typeName, fieldName, argsStr }) => { - return templateToAst(template, { typeName, TypeName, fieldName, argsStr }); - }; -} - -const generators = { - base({ typeName, TypeName }) { - return templateToAst(templates.base, { typeName, TypeName }); - }, - belongsTo: generateResolver(templates.fieldOfType), - belongsToMany: generateResolver(templates.paginatedField), - hasOne: generateResolver(templates.fieldOfType), - hasMany: generateResolver(templates.paginatedField), - hasAndBelongsToMany: generateResolver(templates.paginatedField), -}; - -export function generateResolversAst(inputSchema) { - const type = inputSchema.definitions[0]; - const TypeName = type.name.value; - const typeName = lcFirst(TypeName); - - const ast = generators.base({ TypeName, typeName }); - - // XXX: rather than hardcoding in array indices it would be less brittle to - // walk the tree using https://github.com/benjamn/ast-types - const typeResolversAst = ast.program.body[0] // const - .declarations[0].init // object expression - .properties[0].value; // object value - - generatePerField(type, generators).forEach((resolverFunctionAst) => { - const resolverProperty = resolverFunctionAst.program.body[0] // variable declaration - .declarations[0].init // object expression - .properties[0]; - - typeResolversAst.properties.push(resolverProperty); + import { print } from 'recast'; + import getCode from '../util/getCode'; + import { templateToAst } from '../util/read'; + import { RESOLVER } from '../util/constants'; + import { modulePath } from 'create-graphql-server-authorization'; + +export default function generateResolver(inputSchema) { + + const templateCode = getCode(RESOLVER, { + inputSchema, + basePath: [__dirname, 'templates'], + authPath: [modulePath, 'templates','resolver', 'auth'] }); - return ast; -} - -export default function generateResolvers(inputSchema) { - const ast = generateResolversAst(inputSchema); + // validate syntax of generated template code + const replacements = {}; + const ast = templateToAst(templateCode, replacements); return print(ast, { trailingComma: true }).code; } diff --git a/generate/resolvers/templates/README.md b/generate/resolvers/templates/README.md new file mode 100644 index 0000000..56c9898 --- /dev/null +++ b/generate/resolvers/templates/README.md @@ -0,0 +1,12 @@ +In order to enable different authorization concepts, +the templates with a specific and opinionated authorization concept +are factored out, in a own npm module. You will find those templates +in the following npm module: + +** node_modules/create-graphql-server-authorization/templates/auth ** + +Please feel free to fork create-graphql-server-authorization +and implement your own authorization concept there, or add your own +templates here. + + diff --git a/generate/resolvers/templates/base.js.template b/generate/resolvers/templates/base.js.template deleted file mode 100644 index 19472f6..0000000 --- a/generate/resolvers/templates/base.js.template +++ /dev/null @@ -1,44 +0,0 @@ -const resolvers = { - TypeName: { - id(typeName) { - return typeName._id; - }, - - createdBy(typeName, args, { TypeName, me }) { - return TypeName.createdBy(typeName, me, 'typeName createdBy'); - }, - - updatedBy(typeName, args, { TypeName, me }) { - return TypeName.updatedBy(typeName, me, 'typeName updatedBy'); - }, - }, - Query: { - typeNames(root, { lastCreatedAt, limit }, { TypeName, me }) { - return TypeName.find({ lastCreatedAt, limit }, me, 'typeNames'); - }, - - typeName(root, { id }, { TypeName, me }) { - return TypeName.findOneById(id, me, 'typeName'); - }, - }, - Mutation: { - async createTypeName(root, { input }, { TypeName, me }) { - return await TypeName.insert(input, me, 'createTypeName'); - }, - - async updateTypeName(root, { id, input }, { TypeName, me }) { - return await TypeName.updateById(id, input, me, 'updateTypeName'); - }, - - async removeTypeName(root, { id }, { TypeName, me }) { - return await TypeName.removeById(id, me, 'removeTypeName'); - }, - }, - Subscription: { - typeNameCreated: typeName => typeName, - typeNameUpdated: typeName => typeName, - typeNameRemoved: id => id, - }, -}; - -export default resolvers; diff --git a/generate/templates/resolver/common/defaultPaginatedField.template b/generate/resolvers/templates/common/defaultPaginatedField.template similarity index 100% rename from generate/templates/resolver/common/defaultPaginatedField.template rename to generate/resolvers/templates/common/defaultPaginatedField.template diff --git a/generate/templates/resolver/common/defaultSingularField.template b/generate/resolvers/templates/common/defaultSingularField.template similarity index 100% rename from generate/templates/resolver/common/defaultSingularField.template rename to generate/resolvers/templates/common/defaultSingularField.template diff --git a/generate/resolvers/templates/default/default.template b/generate/resolvers/templates/default/default.template new file mode 100644 index 0000000..fe0b47b --- /dev/null +++ b/generate/resolvers/templates/default/default.template @@ -0,0 +1,12 @@ +{{!-- If authorization is switched on, the authorize variable is true --}} +{{!-- so it loads the template in the file "authorize_default", --}} +{{!-- which you will find in the npm module: --}} +{{!-- node_modules/create-graphql-server-authorization/templates --}} +{{!-- If the type has no @authorize directive --}} +{{!-- then the default generator is processed and --}} +{{!-- the template default_default here is loaded --}} +{{#if authorize }} +{{> authorize_default }} +{{else }} +{{> default_default }} +{{/if }} \ No newline at end of file diff --git a/generate/templates/resolver/default/default_default.template b/generate/resolvers/templates/default/default_default.template similarity index 100% rename from generate/templates/resolver/default/default_default.template rename to generate/resolvers/templates/default/default_default.template diff --git a/generate/resolvers/templates/fieldOfType.js.template b/generate/resolvers/templates/fieldOfType.js.template deleted file mode 100644 index 45e2c3f..0000000 --- a/generate/resolvers/templates/fieldOfType.js.template +++ /dev/null @@ -1,5 +0,0 @@ -const fieldOfType = { - fieldName(typeName, argsStr, { TypeName, me }) { - return TypeName.fieldName(typeName, me, 'typeName fieldName'); - }, -}; diff --git a/generate/resolvers/templates/paginatedField.js.template b/generate/resolvers/templates/paginatedField.js.template deleted file mode 100644 index 44f3387..0000000 --- a/generate/resolvers/templates/paginatedField.js.template +++ /dev/null @@ -1,5 +0,0 @@ -const paginatedField = { - fieldName(typeName, argsStr, { TypeName, me }) { - return TypeName.fieldName(typeName, argsStr, me, 'typeName fieldName'); - }, -}; diff --git a/generate/schema/index.js b/generate/schema/index.js index 6252207..d16b3d5 100644 --- a/generate/schema/index.js +++ b/generate/schema/index.js @@ -1,6 +1,8 @@ import assert from 'assert'; import cloneDeep from 'lodash.clonedeep'; import includes from 'lodash.includes'; +import { lcFirst } from '../util/capitalization'; +import { adjustSchemaForAuthorization } from 'create-graphql-server-authorization'; import { buildField, @@ -12,28 +14,11 @@ import { idArgument, isScalarField, SCALAR_TYPE_NAMES, + getType } from '../util/graphql'; -import { lcFirst } from '../util/capitalization'; -import { adjustSchemaForAuthorization } from 'create-graphql-server-authorization'; - /* eslint-disable no-param-reassign */ -function getType(field){ - - if (field.type.kind === 'Name' || - field.type.kind === 'NamedType') - return field.type.name.value; - - else if (field.type.kind === 'NonNullType' && - (field.type.type.kind === 'Name' || - field.type.type.kind === 'NamedType') - ) - return field.type.type.name.value; - - return ''; -} - export default function generateSchema(inputSchema) { // Check that the input looks like we expect -- a single ObjectType definition assert(inputSchema.kind === 'Document'); @@ -45,6 +30,9 @@ export default function generateSchema(inputSchema) { const TypeName = type.name.value; const typeName = lcFirst(TypeName); + // remove @authorize directive from header directives + type.directives = type.directives.filter(directive => directive.name.value !== 'authorize'); + const createInputFields = []; const updateInputFields = []; @@ -150,7 +138,6 @@ export default function generateSchema(inputSchema) { ); // Create update input type if readonly fields - outputSchema.definitions.push(buildTypeExtension( buildTypeDefinition('Mutation', [ buildField(`create${TypeName}`, [ diff --git a/generate/templates/model/default/authorize_default.template b/generate/templates/model/default/authorize_default.template deleted file mode 100644 index c86f711..0000000 --- a/generate/templates/model/default/authorize_default.template +++ /dev/null @@ -1,139 +0,0 @@ -/* eslint-disable prettier */ -import { - queryForRoles, - onAuthRegisterLoader, - authlog, - checkAuthDoc -} from 'create-graphql-server-authorization'; - -export default class {{TypeName}} { - constructor(context) { - this.context = context; - this.collection = context.db.collection('{{typeName}}'); - this.pubsub = context.pubsub; - this.log = context.log; - const { me, {{User}} } = context; - queryForRoles( - me, - {{{userRoles.readOne}}}, - {{{docRoles.readOne}}}, - { {{User}} }, - onAuthRegisterLoader('{{typeName}} findOneById', 'readOne', me, this) - ); - } - - async findOneById(id, me, resolver) { - const log = authlog(resolver, 'readOne', me); - if (!this.authorizedLoader) { - log.error('not authorized'); - return null; - } - return await this.authorizedLoader.load(id); - } - - find({ lastCreatedAt = 0, limit = 10, baseQuery = {} }, me, resolver) { - const authQuery = queryForRoles( - me, - {{{userRoles.readMany}}}, - {{{docRoles.readMany}}}, - { {{User}}: this.context.{{User}} }, - authlog(resolver, 'readMany', me) - ); - const finalQuery = { - ...baseQuery, - ...authQuery, - createdAt: { $gt: lastCreatedAt } - }; - return this.collection - .find(finalQuery) - .sort({ createdAt: 1 }) - .limit(limit) - .toArray(); - } -{{#each singularFields}} -{{> defaultSingularField }} -{{/each}} -{{#each paginatedFields}} -{{> defaultPaginatedField }} -{{/each}} - - createdBy({{typeName}}, me, resolver) { - return this.context.{{User}}.findOneById({{typeName}}.createdById, me, resolver); - } - - updatedBy({{typeName}}, me, resolver) { - return this.context.{{User}}.findOneById({{typeName}}.updatedById, me, resolver); - } - - async insert(doc, me, resolver) { - const docToInsert = Object.assign({}, doc, { - createdAt: Date.now(), - updatedAt: Date.now(), - createdById: (me && me._id) ? me._id : 'unknown', - updatedById: (me && me._id) ? me._id : 'unknown', - }); - checkAuthDoc( - docToInsert, - me, - {{{userRoles.create}}}, - {{{docRoles.create}}}, - { {{User}}: this.context.{{User}} }, - authlog(resolver, 'create', me) - ); - const id = (await this.collection.insertOne(docToInsert)).insertedId; - if (!id) { - throw new Error(`insert {{typeName}} not possible.`); - } - this.log.debug(`inserted {{typeName}} ${id}.`); - const insertedDoc = this.findOneById(id, me, 'pubsub {{typeName}}Inserted'); - this.pubsub.publish('{{typeName}}Inserted', insertedDoc); - return insertedDoc; - } - - async updateById(id, doc, me, resolver) { - const docToUpdate = { - $set: Object.assign({}, doc, { - updatedAt: Date.now(), - updatedById: me && me._id ? me._id : 'unknown' - }) - }; - const baseQuery = { _id: id }; - const authQuery = queryForRoles( - me, - {{{userRoles.update}}}, - {{{docRoles.update}}}, - { {{User}}: this.context.{{User}} }, - authlog(resolver, 'update', me) - ); - const finalQuery = { ...baseQuery, ...authQuery }; - const result = await this.collection.updateOne(finalQuery, docToUpdate); - if (result.result.ok !== 1 || result.result.n !== 1) { - throw new Error(`update {{typeName}} not possible for ${id}.`); - } - this.log.debug(`updated {{typeName}} ${id}.`); - this.authorizedLoader.clear(id); - const updatedDoc = this.findOneById(id, me, 'pubsub {{typeName}}Updated'); - this.pubsub.publish('{{typeName}}Updated', updatedDoc); - return updatedDoc; - } - - async removeById(id, me, resolver) { - const baseQuery = { _id: id }; - const authQuery = queryForRoles( - me, - {{{userRoles.delete}}}, - {{{docRoles.delete}}}, - { {{User}}: this.context.{{User}} }, - authlog(resolver, 'delete', me) - ); - const finalQuery = { ...baseQuery, ...authQuery }; - const result = await this.collection.remove(finalQuery); - if (result.result.ok !== 1 || result.result.n !== 1) { - throw new Error(`remove {{typeName}} not possible for ${id}.`); - } - this.log.debug(`removed {{typeName}} ${id}.`); - this.authorizedLoader.clear(id); - this.pubsub.publish('{{typeName}}Removed', id); - return result; - } -} diff --git a/generate/templates/model/default/default.template b/generate/templates/model/default/default.template deleted file mode 100644 index 15fb27d..0000000 --- a/generate/templates/model/default/default.template +++ /dev/null @@ -1,5 +0,0 @@ -{{#if authorize }} -{{> authorize_default }} -{{else }} -{{> default_default }} -{{/if }} \ No newline at end of file diff --git a/generate/templates/model/user/authorize_user.template b/generate/templates/model/user/authorize_user.template deleted file mode 100644 index 1c7d1ed..0000000 --- a/generate/templates/model/user/authorize_user.template +++ /dev/null @@ -1,161 +0,0 @@ -/* eslint-disable prettier */ -import { - queryForRoles, - onAuthRegisterLoader, - authlog, - checkAuthDoc, - protectFields -} from 'create-graphql-server-authorization'; -import bcrypt from 'bcrypt'; -const SALT_ROUNDS = 10; - -export default class {{TypeName}} { - constructor(context) { - this.context = context; - this.collection = context.db.collection('{{typeName}}'); - this.pubsub = context.pubsub; - this.log = context.log; - this.authRole = {{User}}.authRole; - const { me } = context; - queryForRoles( - me, - {{{userRoles.readOne}}}, - {{{docRoles.readOne}}}, - { {{User}} }, - onAuthRegisterLoader('{{typeName}} findOneById', 'readOne', me, this) - ); - } - - static authRole({{typeName}}) { - return {{typeName}} && {{typeName}}.{{roleField}} ? {{typeName}}.{{roleField}} : null; - } - - async findOneById(id, me, resolver) { - const log = authlog(resolver, 'readOne', me); - if (!this.authorizedLoader) { - log.error('not authorized'); - return null; - } - return await this.authorizedLoader.load(id); - } - - find({ lastCreatedAt = 0, limit = 10, baseQuery = {} }, me, resolver) { - const authQuery = queryForRoles( - me, - {{{userRoles.readMany}}}, - {{{docRoles.readMany}}}, - { {{User}}: this.context.{{User}} }, - authlog(resolver, 'readMany', me) - ); - const finalQuery = { - ...baseQuery, - ...authQuery, - createdAt: { $gt: lastCreatedAt } - }; - return this.collection - .find(finalQuery) - .sort({ createdAt: 1 }) - .limit(limit) - .toArray(); - } -{{#each singularFields}} -{{> defaultSingularField }} -{{/each}} -{{#each paginatedFields}} -{{> defaultPaginatedField }} -{{/each}} - - createdBy({{typeName}}, me, resolver) { - return this.context.{{User}}.findOneById({{typeName}}.createdById, me, resolver); - } - - updatedBy({{typeName}}, me, resolver) { - return this.context.{{User}}.findOneById({{typeName}}.updatedById, me, resolver); - } - - async insert(doc, me, resolver) { - // We don't want to store passwords in plaintext - const { password, ...rest } = doc; - const hash = await bcrypt.hash(password, SALT_ROUNDS); - let docToInsert = Object.assign({}, rest, { - hash, - createdAt: Date.now(), - updatedAt: Date.now(), - createdById: me && me._id ? me._id : 'unknown', - updatedById: me && me._id ? me._id : 'unknown' - }); - checkAuthDoc( - docToInsert, - me, - {{{userRoles.create}}}, - {{{docRoles.create}}}, - { {{User}}: this.context.{{User}} }, - authlog(resolver, 'create', me) - ); - docToInsert = protectFields(me, [{{#if firstUserRole}}'{{firstUserRole}}'{{/if}}], [{{#if roleField}}'{{roleField}}'{{/if}}], docToInsert, { - {{User}}: this.context.{{User}} - }); - const id = (await this.collection.insertOne(docToInsert)).insertedId; - if (!id) { - throw new Error(`insert {{typeName}} not possible.`); - } - this.log.debug(`inserted {{typeName}} ${id}.`); - const insertedDoc = this.findOneById(id, me, 'pubsub {{typeName}}Inserted'); - this.pubsub.publish('{{typeName}}Inserted', insertedDoc); - return insertedDoc; - } - - async updateById(id, doc, me, resolver) { - const docToUpdate = { - $set: Object.assign({}, doc, { - updatedAt: Date.now(), - updatedById: me && me._id ? me._id : 'unknown' - }) - }; - const baseQuery = { _id: id }; - const authQuery = queryForRoles( - me, - {{{userRoles.update}}}, - {{{docRoles.update}}}, - { {{User}}: this.context.{{User}} }, - authlog(resolver, 'update', me) - ); - docToUpdate.$set = protectFields( - me, - [{{#if firstUserRole}}'{{firstUserRole}}'{{/if}}], - [{{#if roleField}}'{{roleField}}'{{/if}}], - docToUpdate.$set, - { {{User}}: this.context.{{User}} } - ); - const finalQuery = { ...baseQuery, ...authQuery }; - const result = await this.collection.updateOne(finalQuery, docToUpdate); - if (result.result.ok !== 1 || result.result.n !== 1) { - throw new Error(`update {{typeName}} not possible for ${id}.`); - } - this.log.debug(`updated {{typeName}} ${id}.`); - this.authorizedLoader.clear(id); - const updatedDoc = this.findOneById(id, me, 'pubsub {{typeName}}Updated'); - this.pubsub.publish('{{typeName}}Updated', updatedDoc); - return updatedDoc; - } - - async removeById(id, me, resolver) { - const baseQuery = { _id: id }; - const authQuery = queryForRoles( - me, - {{{userRoles.delete}}}, - {{{docRoles.delete}}}, - { {{User}}: this.context.{{User}} }, - authlog(resolver, 'delete', me) - ); - const finalQuery = { ...baseQuery, ...authQuery }; - const result = await this.collection.remove(finalQuery); - if (result.result.ok !== 1 || result.result.n !== 1) { - throw new Error(`remove {{typeName}} not possible for ${id}.`); - } - this.log.debug(`removed {{typeName}} ${id}.`); - this.authorizedLoader.clear(id); - this.pubsub.publish('{{typeName}}Removed', id); - return result; - } -} diff --git a/generate/templates/model/user/user.template b/generate/templates/model/user/user.template deleted file mode 100644 index c5ab4a9..0000000 --- a/generate/templates/model/user/user.template +++ /dev/null @@ -1,5 +0,0 @@ -{{#if authorize }} -{{> authorize_user }} -{{else }} -{{> default_user }} -{{/if }} \ No newline at end of file diff --git a/generate/templates/resolver/default/auth_default.template b/generate/templates/resolver/default/auth_default.template deleted file mode 100644 index 67cf99e..0000000 --- a/generate/templates/resolver/default/auth_default.template +++ /dev/null @@ -1,52 +0,0 @@ -/* eslint-disable prettier */ -/* eslint comma-dangle: [2, "only-multiline"] */ -const resolvers = { - {{TypeName}}: { - id({{typeName}}) { - return {{typeName}}._id; - }, -{{#each singularFields}} -{{> defaultSingularField }} -{{/each}} -{{#each paginatedFields}} -{{> defaultPaginatedField }} -{{/each}} - - createdBy({{typeName}}, args, { {{TypeName}}, me }) { - return {{TypeName}}.createdBy({{typeName}}, me, '{{typeName}} createdBy'); - }, - - updatedBy({{typeName}}, args, { {{TypeName}}, me }) { - return {{TypeName}}.updatedBy({{typeName}}, me, '{{typeName}} updatedBy'); - } - }, - Query: { - {{typeName}}s(root, { lastCreatedAt, limit }, { {{TypeName}}, me }) { - return {{TypeName}}.find({ lastCreatedAt, limit }, me, '{{typeName}}s'); - }, - - {{typeName}}(root, { id }, { {{TypeName}}, me }) { - return {{TypeName}}.findOneById(id, me, '{{typeName}}'); - } - }, - Mutation: { - async create{{TypeName}}(root, { input }, { {{TypeName}}, me }) { - return await {{TypeName}}.insert(input, me, 'create{{TypeName}}'); - }, - - async update{{TypeName}}(root, { id, input }, { {{TypeName}}, me }) { - return await {{TypeName}}.updateById(id, input, me, 'update{{TypeName}}'); - }, - - async remove{{TypeName}}(root, { id }, { {{TypeName}}, me }) { - return await {{TypeName}}.removeById(id, me, 'remove{{TypeName}}'); - } - }, - Subscription: { - {{typeName}}Created: {{typeName}} => {{typeName}}, - {{typeName}}Updated: {{typeName}} => {{typeName}}, - {{typeName}}Removed: id => id - } -}; - -export default resolvers; diff --git a/generate/templates/resolver/default/default.template b/generate/templates/resolver/default/default.template deleted file mode 100644 index 0322f2f..0000000 --- a/generate/templates/resolver/default/default.template +++ /dev/null @@ -1,5 +0,0 @@ -{{#if authorize }} -{{> auth_default }} -{{else }} -{{> default_default }} -{{/if }} \ No newline at end of file diff --git a/generate/util/capitalization.js b/generate/util/capitalization.js index c09c38d..61032aa 100644 --- a/generate/util/capitalization.js +++ b/generate/util/capitalization.js @@ -1,7 +1,21 @@ +/** + * converts first character of string to lower case + * @private + * @param {string} str - string + * @return {string} converted_string - first character is lower case + */ + export function lcFirst(str) { return str[0].toLowerCase() + str.substring(1); } +/** + * converts first character of string to upper case + * @private + * @param {string} str - string + * @return {string} converted_string - first character is upper case + */ + export function ucFirst(str) { return str[0].toUpperCase() + str.substring(1); } diff --git a/generate/constants.js b/generate/util/constants.js similarity index 93% rename from generate/constants.js rename to generate/util/constants.js index 5925f2b..f175853 100644 --- a/generate/constants.js +++ b/generate/util/constants.js @@ -27,25 +27,14 @@ export const TEMPLATES_AUTH_DIR = 'auth'; export const TEMPLATES_COMMON_DIR = 'common'; export const TEMPLATES_DEFAULT_DIR = 'default'; export const TEMPLATES_DEFAULT_TEMPLATE = 'default'; +export const MODEL = 'model'; +export const RESOLVER = 'resolver'; +export const SCHEMA = 'schema'; +// for field associations export const SINGULAR = 'singular'; export const PAGINATED = 'paginated'; -// test directories -export const SRC_DIR = 'src'; -export const TEST_DIR = '__tests__'; -export const TEST_GQL_DATA = 'data'; -export const TEST_CODE = 'code'; -export const TEST_MODEL = 'model'; -export const TEST_RESOLVER = 'resolver'; -export const TEST_GQL_EXTENSION = '.graphql'; -export const TEST_EXPECTED_CODE = 'expected'; -export const TEST_GENERATED_CODE = 'generated'; -export const TEST_MODEL_EXTENSION = '.js'; -export const TEST_MODEL_EXTENSION2 = 'model'; -export const TEST_RESOLVER_EXTENSION = '.js'; -export const TEST_RESOLVER_EXTENSION2 = 'resolver'; - // name of the @authorize directive, which triggers authorization logic export const AUTHORIZE_DIRECTIVE = 'authorize'; @@ -90,3 +79,18 @@ export const NO_USER = ''; export const LOG_LEVEL = 'debug'; export const LOG_MAX_FILES = 5; export const LOG_MAX_SIZE = 5; + +// test directories (in npm module create-graphql-create-server-authorization) +export const SRC_DIR = 'src'; +export const TEST_DIR = '__tests__'; +export const TEST_GQL_DATA = 'data'; +export const TEST_CODE = 'code'; +export const TEST_MODEL = 'model'; +export const TEST_RESOLVER = 'resolver'; +export const TEST_GQL_EXTENSION = '.graphql'; +export const TEST_EXPECTED_CODE = 'expected'; +export const TEST_GENERATED_CODE = 'generated'; +export const TEST_MODEL_EXTENSION = '.js'; +export const TEST_MODEL_EXTENSION2 = 'model'; +export const TEST_RESOLVER_EXTENSION = '.js'; +export const TEST_RESOLVER_EXTENSION2 = 'resolver'; diff --git a/generate/getCode.js b/generate/util/getCode.js similarity index 64% rename from generate/getCode.js rename to generate/util/getCode.js index 6e62d70..6727a54 100644 --- a/generate/getCode.js +++ b/generate/util/getCode.js @@ -1,8 +1,10 @@ // @flow +import path from 'path'; import Handlebars from 'handlebars'; -import { getContext } from './getContext'; -import { getPartials } from './getPartials'; -import { getName } from './getName'; +import getContext from './getContext'; +import getPartials from './getPartials'; +import getName from './getName'; + import { ENCODING, USER_LITERAL, @@ -12,12 +14,15 @@ import { TEMPLATES_COMMON_DIR, TEMPLATES_DEFAULT_DIR, TEMPLATES_AUTH_DIR, - TEMPLATES_DEFAULT_TEMPLATE + TEMPLATES_DEFAULT_TEMPLATE, + MODEL, + RESOLVER } from './constants'; /** * get generated code from template partials * @public + * @param {string} codeType - the code to be generated: MODEL || RESOLVER * @param {Object} config - configuration object * @property {object} inputSchema - schema of the type * @property {string} userType - the user type @@ -37,7 +42,7 @@ import { * @return {string} code - generated code for a model */ -export function getCode({ +export default function getCode(codeType, { userType = USER_LITERAL, inputSchema = {}, defaultTemplate = TEMPLATES_DEFAULT_TEMPLATE, @@ -57,6 +62,10 @@ export function getCode({ // partials dictionary for template resolution const partials = {}; + // adds helpers to handlebars + registerHandlebarsHelpers(); + + // define the compiler function compile(templates) { templates.forEach(partial => { partials[partial.name] = Handlebars.compile(partial.source); @@ -64,26 +73,45 @@ export function getCode({ }); } - Handlebars.registerHelper('foreach', function(arr, options) { - if (options.inverse && !arr.length) { - return options.inverse(this); - } - return arr - .map(function(item, index) { - item.$index = index; - item.$first = index === 0; - item.$last = index === arr.length - 1; - item.$notFirst = index !== 0; - item.$notLast = index !== arr.length - 1; - return options.fn(item); - }) - .join(''); - }); - // getting data context - const context = getContext(inputSchema, userType); + const context = getContext(inputSchema, userType, codeType); + const TypeName = context.TypeName; const typeName = context.typeName; + let startTemplate = typeName; + + logPath(authPath, authCommonDir); + // getting auth common partial templates (might be in an npm module) + const authCommonPartials = getPartials({ + basePath: authPath, + directoryPath: [authCommonDir], + extension: authExtension, + encoding: authEncoding, + getNameFunc: authGetNameFunc + }); + + logPath(authPath, typeName); + // getting auth type specific partial templates (might be in an npm module) + let authTypePartials = getPartials({ + basePath: authPath, + directoryPath: [typeName], + extension: authExtension, + encoding: authEncoding, + getNameFunc: authGetNameFunc + }); + // fallback to auth default partial templates (might be in an npm module) + if (authTypePartials.length === 0) { + logPath(authPath, authDefaultDir); + authTypePartials = getPartials({ + basePath: authPath, + directoryPath: [authDefaultDir], + extension: authExtension, + encoding: authEncoding, + getNameFunc: authGetNameFunc + }); + } + + logPath(basePath, baseCommonDir); // getting common partial templates const baseCommonPartials = getPartials({ basePath, @@ -93,6 +121,7 @@ export function getCode({ getNameFunc: baseGetNameFunc }); + logPath(basePath, typeName); // getting type specific partial templates let baseTypePartials = getPartials({ basePath, @@ -102,11 +131,10 @@ export function getCode({ getNameFunc: baseGetNameFunc }); - // set the start template - let startTemplate = typeName; - - // fallback to default partial templates + // fallback to default partial templates, + // if there are no type specific templates found if (baseTypePartials.length === 0) { + logPath(basePath, baseDefaultDir); baseTypePartials = getPartials({ basePath, directoryPath: [baseDefaultDir], @@ -114,51 +142,58 @@ export function getCode({ encoding: baseEncoding, getNameFunc: baseGetNameFunc }); - // reset start template to the default template, as type template not exists + // reset start template to the default template, + // as type specific template does not exist startTemplate = defaultTemplate; } - // getting auth common partial templates - const authCommonPartials = getPartials({ - basePath: authPath, - directoryPath: [authCommonDir], - extension: authExtension, - encoding: authEncoding, - getNameFunc: authGetNameFunc - }); - - // getting auth type specific partial templates - let authTypePartials = getPartials({ - basePath: authPath, - directoryPath: [typeName], - extension: authExtension, - encoding: authEncoding, - getNameFunc: authGetNameFunc - }); - - // fallback to auth default partial templates - if (authTypePartials.length === 0) { - authTypePartials = getPartials({ - basePath: authPath, - directoryPath: [authDefaultDir], - extension: authExtension, - encoding: authEncoding, - getNameFunc: authGetNameFunc - }); - } + // compile all auth partials + compile(authCommonPartials); + compile(authTypePartials); // compile all base partials compile(baseCommonPartials); compile(baseTypePartials); - // compile all auth partials - compile(authCommonPartials); - compile(authTypePartials); + console.log('Found the following templates:', JSON.stringify(Object.keys(partials), null, 2)); + console.log(`Generating ${codeType} for type "${TypeName}" with template "${startTemplate}"`); // run start template with data context const code = partials[startTemplate](context); - // return the final model code + // return the final code return code; } - \ No newline at end of file + +/** + * registers a helper, which could be used in the templates + * @example + * {{#foreach}} + * {{#if $last}} console.log('this was the last element') {{/if}} + * {{#if $notLast}} console.log('this was not the last one') {{/if}} + * {{/foreach}} + * + */ + +function registerHandlebarsHelpers() { + Handlebars.registerHelper('foreach', function(arr, options) { + if (options.inverse && !arr.length) { + return options.inverse(this); + } + return arr + .map(function(item, index) { + item.$index = index; + item.$first = index === 0; + item.$last = index === arr.length - 1; + item.$notFirst = index !== 0; + item.$notLast = index !== arr.length - 1; + return options.fn(item); + }) + .join(''); + }); +} + +function logPath(abspath, dir) { + const directory = path.join(...abspath, dir); + console.log(`searching templates in "${directory}"`); +} \ No newline at end of file diff --git a/generate/getContext.js b/generate/util/getContext.js similarity index 63% rename from generate/getContext.js rename to generate/util/getContext.js index cda4bc2..228cf71 100644 --- a/generate/getContext.js +++ b/generate/util/getContext.js @@ -1,26 +1,33 @@ // @flow /* eslint-disable max-len */ +import { + getRoles, + isAuthorizeDirectiveDefined +} from 'create-graphql-server-authorization'; -import { getRoles, isAuthorizeDirectiveDefined } from 'create-graphql-server-authorization'; -import { lcFirst, ucFirst } from './util/capitalization'; -import generatePerField from './util/generatePerField'; -import { prep } from './util/prep'; +import { lcFirst, ucFirst } from './capitalization'; +import generatePerField from './generatePerField'; import { CREATE, USER_LITERAL, ROLE_FIELD_DEFAULT, SINGULAR, - PAGINATED + PAGINATED, + MODEL, + RESOLVER, + SCHEMA } from './constants'; /** - * get context for later template compilation + * gets context for later template compilation * reads schema and determines data context for code replacements * @public * @param {Object} inputSchema - schema of the type * @param {string} User - name of the user model for User model context + * @param {string} codeType - to distinguish MODEL/RESOLVER runs * @return {Object} templateContext - data context for template compilation + * * @property {boolean} authorize - if authorization logic is there * @property {boolean} isUserType- if it is the User type * @property {string} typeName - name of the type with starting lower case @@ -32,9 +39,11 @@ import { * @property {string} roleField - field name where the userRole is stored * @property {array} singularFields - fields array * @property {array} paginatedFields - fields array + * @property {object} schema - schema definition */ -export function getContext(inputSchema = {}, User = USER_LITERAL) { +export default function getContext( + inputSchema = {}, User = USER_LITERAL, codeType = MODEL) { // for field generation // prepare template context for later compilation const authorize = isAuthorizeDirectiveDefined(inputSchema); @@ -43,34 +52,36 @@ export function getContext(inputSchema = {}, User = USER_LITERAL) { const TypeName = inputSchema.definitions[0].name.value; const typeName = lcFirst(TypeName); const isUserType = TypeName === User; + + // getting the role definitions out of the @authorize directive const { userRoles, docRoles, roleFieldName } = getRoles( authorize, inputSchema ); - // get generated fields - const { singularFields, paginatedFields } = getFields(inputSchema); + // get generated fields for resolvers and models + const { singularFields, paginatedFields } = getFields(inputSchema, codeType); - // protectFields only on the user type - // roleField shouldn't be empty out, otherwise syntax errors occurs - // it checks, if the field is really there - // take the first userRole into the protectFields as a suggestion + // prepare protectFields only on for the "User" type as an example + // roleField shouldn't be empty + // it checks, if the field is there + // it takes the first found userRole into the protectFields as a suggestion // to the programmer, assuming this is the most important role, // with higher authorization (see in README.md) - const firstUserRole = userRoles[CREATE][0] ? userRoles[CREATE][0] : ``; const roleField = roleFieldName ? `${roleFieldName}` : `${ROLE_FIELD_DEFAULT}`; + // create proper strings for the roles, for template injection Object.keys(userRoles).forEach(mode => { - userRoles[mode] = prep(userRoles[mode]); + userRoles[mode] = prepareString(userRoles[mode]); }); - Object.keys(userRoles).forEach(mode => { - docRoles[mode] = prep(docRoles[mode]); + docRoles[mode] = prepareString(docRoles[mode]); }); + // this is the returned data context for the later template processing return { authorize, isUserType, @@ -87,49 +98,60 @@ export function getContext(inputSchema = {}, User = USER_LITERAL) { } /** - * get fields contexts for singular and paginated associations + * prepares contexts for singular and paginated field associations * @param {Object} inputSchema - schema of the type + * @param {string} codeType - to distinguish between MODEL/RESOLVER * @return {Object} fields - fields for associations * @property singularFields - fields for singular associations * @property paginatedFields - fields for paginated associations */ -function getFields(inputSchema) { - // field generator logic +function getFields(inputSchema, codeType) { const type = inputSchema.definitions[0]; + + // prepare singular and paginated field arrays for the field templates const singularFields = []; const paginatedFields = []; + // generators for the different field association types: const generators = { + + // singular association @belongsTo belongsTo(replacements) { - const field = getFieldContext(SINGULAR, replacements); + const field = buildFieldContext(SINGULAR, replacements, codeType); singularFields.push(field); return field; }, + + // paginated association @belongsToMany belongsToMany(replacements) { const { typeName, fieldName } = replacements; - const field = getFieldContext(PAGINATED, { + const field = buildFieldContext(PAGINATED, { ...replacements, query: `_id: { $in: ${typeName}.${fieldName}Ids || [] }` - }); + }, codeType); paginatedFields.push(field); return field; }, + + // paginated association @hasMany hasMany(replacements, { as }) { const { typeName } = replacements; - const field = getFieldContext(PAGINATED, { + const field = buildFieldContext(PAGINATED, { ...replacements, query: `${as || typeName}Id: ${typeName}._id` - }); + }, codeType); paginatedFields.push(field); return field; }, + + // paginated association @hasAndBelongsToMany hasAndBelongsToMany(replacements, { as }) { const { typeName } = replacements; - const field = getFieldContext(PAGINATED, { + const field = buildFieldContext(PAGINATED, { ...replacements, query: `${as || typeName}Ids: ${typeName}._id` - }); + }, codeType); paginatedFields.push(field); return field; } @@ -141,15 +163,20 @@ function getFields(inputSchema) { } /** - * gets context of one field - * @param {string} fieldtype - SINGULAR or PAGINATED + * builds a field's context + * + * @param {string} fieldtype - SINGULAR or PAGINATED field type * @param {object} context - context for the template partial + * * @property {string} typeName - name of the type * @property {string} fieldName - name of the field * @property {string} argsStr - arguments of the field - * @property {string} ReturnTypeName - type to reference - * @property {string} query - query for the data access + * @property {string} ReturnTypeName - type to build association with + * @property {string} query - query for the data access to the referenced type + * + * @param {string} codeType - to distinguish between MODEL/RESOLVER * @return {Object} field - field for an association + * * @property {string} fieldType - SINGULAR or PAGINATED * @property {string} fieldName - name of the field * @property {string} typeName - name of the type with first lower character @@ -160,18 +187,23 @@ function getFields(inputSchema) { * @property {string} query - which fields to query during association */ -function getFieldContext( - fieldType, - { typeName, fieldName, argsStr, ReturnTypeName, query } -) { +function buildFieldContext(fieldType, { + typeName, fieldName, argsStr, ReturnTypeName, query }, codeType) { + // clone the string let argFields = (' ' + argsStr).slice(1); + + // populate some arguments with defaults const argsWithDefaultsStr = argsStr .replace('lastCreatedAt', 'lastCreatedAt = 0') .replace('limit', 'limit = 10'); + + // prepares a fields string to pass on to the referenced type if (fieldType === PAGINATED && argFields !== '') { argFields = argFields.replace('{ ', '{ baseQuery, '); } - const field = { + + // returns the build field context + return { fieldType: fieldType || '', fieldName: fieldName || '', typeName: typeName || '', @@ -181,6 +213,17 @@ function getFieldContext( argsFields: argFields || '', query: query || '' }; - return field; } +/** + * prepare roles for code generator + * convert array to String value + * replace " by ' + * @private + * @param {array} role - name of role + * @return {string} roleString - role string + */ + +function prepareString(role) { + return JSON.stringify(role).replace(/"/g, "'").replace(/,/g, ', '); +} diff --git a/generate/getName.js b/generate/util/getName.js similarity index 50% rename from generate/getName.js rename to generate/util/getName.js index 8129423..dab4987 100644 --- a/generate/getName.js +++ b/generate/util/getName.js @@ -1,12 +1,10 @@ // @flow - import path from 'path'; /** - * get the name of the partial template according to default naming convention - * defines the name of the partial template in its directory structure - * prepare name prefix: take just partial name on root template directory - * on deeper directory structures, prefix directory name to partial name + * It defines the name of a found partial template + * by its directory hierarchy level and its file name. + * These names are used to identify and distinguish partial names * @private * @param {array} directoryPath - partials directory name parts * @param {string} filename - file name of the partial template @@ -14,12 +12,13 @@ import path from 'path'; * @return {string} name - name of the partial * * @example - * name = hello {base}/hello.template - * name = auth_hello {base}/auth/hello.template - * name = auth_special_hello {base}/auth/special/hello.template + * partial template names: found in directory hierarchy: + * name = hello {basePath}/hello.template + * name = auth_hello {basePath}/auth/hello.template + * name = auth_special_hello {basePath}/auth/special/hello.template */ -export function getName(directoryPath, filename, extension) { +export default function getName(directoryPath, filename, extension) { const dirClone = [...directoryPath]; let prefix = ''; if (dirClone.length > 1) { diff --git a/generate/getPartials.js b/generate/util/getPartials.js similarity index 74% rename from generate/getPartials.js rename to generate/util/getPartials.js index 50017e8..5ff873e 100644 --- a/generate/getPartials.js +++ b/generate/util/getPartials.js @@ -1,12 +1,12 @@ // @flow - import fs from 'fs'; import path from 'path'; +import getName from './getName'; import { TEMPLATE_EXTENSION, ENCODING } from './constants'; -import { getName } from './getName'; /** * reads all available partials of a template directory + * into a partial template registry * @public * @param {Object} configPartial - configuration object * @property {array} basePath - base directory to start reading @@ -27,30 +27,35 @@ import { getName } from './getName'; * ] */ -export function getPartials({ +export default function getPartials({ basePath = [], directoryPath = [], extension = TEMPLATE_EXTENSION, encoding = ENCODING, getNameFunc = getName }) { - const partialsDirectory = path.join(...basePath, ...directoryPath); + // collect all found partials in this partials array let partials = []; - if ( - !fs.existsSync(partialsDirectory) || - !fs.statSync(partialsDirectory).isDirectory() - ) { + // prepare directory name + const partialsDirectory = path.join(...basePath, ...directoryPath); + + // checks if name is an existing directory + if (!fs.existsSync(partialsDirectory) || + !fs.statSync(partialsDirectory).isDirectory() ) { return partials; } + // for easier reading as function: process directory tree recursively function filter_and_recursion_processing(file) { const filePath = path.join(...basePath, ...directoryPath, file); + if (path.extname(file) === extension) { - // partial file is found, do processing with it later + // partial file is found, passing through filter, process it later return file; + } else if (fs.statSync(filePath).isDirectory()) { - // directory found, do recursion and get processed results back + // directory found, do recursion and get processed partials back partials = partials.concat( getPartials({ basePath, @@ -61,17 +66,22 @@ export function getPartials({ }) ); } + return false; } + // for easier reading as function: process a partial template function partial_processing(file) { const partial = {}; + partial.name = getNameFunc(directoryPath, file, extension); partial.path = path.join(...basePath, ...directoryPath, file); partial.source = fs.readFileSync(partial.path, encoding); + partials.push(partial); } + // read directory tree, filter for '.template' files, sort them, process them fs .readdirSync(partialsDirectory) .filter(filter_and_recursion_processing) diff --git a/generate/util/graphql.js b/generate/util/graphql.js index 73568fa..e182c78 100644 --- a/generate/util/graphql.js +++ b/generate/util/graphql.js @@ -105,3 +105,18 @@ export function applyCustomDirectives(field) { export function idArgument() { return buildArgument('id', 'ObjID!'); } + + +export function getType(field) { + if (field.type.kind === 'Name' || + field.type.kind === 'NamedType') + return field.type.name.value; + + else if (field.type.kind === 'NonNullType' && + (field.type.type.kind === 'Name' || + field.type.type.kind === 'NamedType') + ) + return field.type.type.name.value; + + return ''; +} diff --git a/generate/util/prep.js b/generate/util/prep.js deleted file mode 100644 index 93d126a..0000000 --- a/generate/util/prep.js +++ /dev/null @@ -1,14 +0,0 @@ -// @flow - -/** - * prepare roles for code generator - * convert array to String value - * replace " by ' - * @private - * @param {array} role - name of role - * @return {string} roleString - role string - */ - -export function prep(role) { - return JSON.stringify(role).replace(/"/g, "'").replace(/,/g, ', '); -} diff --git a/generate/read.js b/generate/util/read.js similarity index 100% rename from generate/read.js rename to generate/util/read.js diff --git a/package.json b/package.json index 7f6d5c1..5f63e0e 100644 --- a/package.json +++ b/package.json @@ -21,7 +21,8 @@ "clean": "rm -rf dist/*", "build": "npm run clean && babel bin --out-dir dist/bin && babel generate -D --out-dir dist/generate && cp -r skel dist", "prepublish": "npm run build", - "gentest": "babel-node --inspect bin/gentest.js -- " + "gentest": "babel-node --inspect bin/gentest.js -- ", + "nodemon": "nodemon --watch generate generate/schema/index_new.js --exec babel-node" }, "config": { "logfile": "log/all-logs-readable.log", @@ -54,7 +55,7 @@ "babylon": "^6.14.1", "chalk": "^1.1.3", "cpr": "^2.0.0", - "create-graphql-server-authorization": "^0.0.40", + "create-graphql-server-authorization": "^0.0.42", "dataloader": "^1.3.0", "denodeify": "^1.2.1", "escape-string-regexp": "^1.0.5", diff --git a/skel/README.md b/skel/README.md index fad4cb5..085848b 100644 --- a/skel/README.md +++ b/skel/README.md @@ -15,54 +15,6 @@ In the server, the database is started, and the UserCollection is defined. That' In ```js authenticate(app, UserCollection)``` the authentication is prepared and processed. Later, if a user sends a 'graphql' request, the user is determined with ```js passport.authenticate(...)```. After that, the user is whether an anonymous user or an authenticated user. You find the identified user in the object "me". Then the type models have to be initialized with the user "me" authorizations: ```js req.context = addModelsToContext({... me ...})```. -```javascript -... -async function startServer() { - log.info('Logger started'); - - const db = await MongoClient.connect(MONGO_URL); - const UserCollection = db.collection('user'); - - const app = express().use('*', cors()); - app.use(bodyParser.urlencoded({ extended: true })); - app.use(bodyParser.json()); - app.use(morgan("dev", { "stream": stream })); - - authenticate(app, UserCollection); - - app.use('/graphql', (req, res, next) => { - passport.authenticate('jwt', { session: false }, (err, me) => { - req.context = addModelsToContext({ db, pubsub, me, UserCollection }); - graphqlExpress(() => { - // Get the query, the same way express-graphql does it - // https://github.com/graphql/express-graphql/blob/3fa6e68582d6d933d37fa9e841da5d2aa39261cd/src/index.js#L257 - const {variables, operationName} = req.body; - const {_id, username, role} = me; - const query = req.query.query || req.body.query; - log.debug('-'.repeat(80)); - log.debug(`Request:\nUser: "${(username) ? username: ''}", role: "${(role) ? role : ''}", id: "${(_id) ? _id : ''}",\nOperation: "${operationName ? operationName : ''}", variables: "${variables ? JSON.stringify(variables) : ''}",\nQuery:\n${print(parse(query))}`); - if (query && query.length > 4000) { - // None of our app's queries are this long - // Probably indicates someone trying to send an overly expensive query - log.error('Query too large.'); - throw new Error('Query too large.'); - } - return { - schema, - context: Object.assign({ me }, req.context), - debug: true, - formatError(e) { - console.log(e); - return e; - }, - }; - })(req, res, next); - })(req, res, next); - }); - ... -} -``` - By-the-way: The server/index.js is able to access the User collection directly by the following two lines. This is used in the server/authenticate.js during authenticate. ```js ... @@ -235,310 +187,6 @@ This has the following meaning: Use create-graphql-server command to generate the according schema, resolver, model files with the create-graphql-server command line interface. After its generation, you will find the generated files in the sub folders: schema, resolvers, model. The generated model files will use the following functions to implement the authorization logic. -### model.js -This is an example of a database model of type . - -```javascript -import DataLoader from 'dataloader'; -import { findByIds, queryForRoles, getLogFilename, logger, authlog, checkAuthDoc } from 'create-graphql-server-authorization'; -const log = logger(getLogFilename()); - -export default class { - constructor(context) { - this.context = context; - this.collection = context.db.collection(''); - this.pubsub = context.pubsub; - let authQuery; - try { - const { me, User } = context; - authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User }, authlog(' findOneById', 'readOne', me)); - } catch (err) { - log.error(err.message); - authQuery = {_id: false}; // otherwise admin access - } - this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); - } - - async findOneById(id, me, resolver) { - try { - return await this.authorizedLoader.load(id); - } catch (err) { log.error(err.message); } - } - - find({ lastCreatedAt = 0, limit = 10, baseQuery = {} }, me, resolver) { - try { - const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); - const finalQuery = {...baseQuery, ...authQuery, createdAt: { $gt: lastCreatedAt }}; - return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); - } catch (err){ log.error(err.message); } - } -... -} -``` - -### ./model/Tweet.js -generated model file for the above input type Tweet.graphql considering the @authorize directive. You can see, the directive argument "read" is used to express "readOne" and "readMany" at the same time. Instead you can use "readOne" and "readMany" for fine grained control on read operations, to allow access to just one record or many records. -```javascript -import DataLoader from 'dataloader'; -import { findByIds, queryForRoles, getLogFilename, logger, authlog, checkAuthDoc } from 'create-graphql-server-authorization'; -const log = logger(getLogFilename()); - -export default class Tweet { - constructor(context) { - this.context = context; - this.collection = context.db.collection('tweet'); - this.pubsub = context.pubsub; - let authQuery; - try { - const { me, User } = context; - authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User }, authlog('tweet findOneById', 'readOne', me)); - } catch (err) { - log.error(err.message); - authQuery = {_id: false}; // otherwise admin access - } - this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); - } - - async findOneById(id, me, resolver) { - try { - return await this.authorizedLoader.load(id); - } catch (err) { log.error(err.message); } - } - - find({ lastCreatedAt = 0, limit = 10, baseQuery = {} }, me, resolver) { - try { - const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); - const finalQuery = {...baseQuery, ...authQuery, createdAt: { $gt: lastCreatedAt }}; - return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); - } catch (err){ log.error(err.message); } - } - - createdBy(tweet, me, resolver) { - return this.context.User.findOneById(tweet.createdById, me, resolver); - } - - updatedBy(tweet, me, resolver) { - return this.context.User.findOneById(tweet.updatedById, me, resolver); - } - - author(tweet, me, resolver) { - return this.context.User.findOneById(tweet.authorId, me, resolver); - } - - coauthors(tweet, { lastCreatedAt = 0, limit = 10 }, me, resolver) { - const baseQuery = {_id: { $in: tweet.coauthorsIds } }; - return this.context.User.find({ lastCreatedAt, limit, baseQuery }, me, resolver); - } - - likers(tweet, { lastCreatedAt = 0, limit = 10 }, me, resolver) { - const baseQuery = {likedIds: tweet._id, createdAt: { $gt: lastCreatedAt } }; - return this.context.User.find({ lastCreatedAt, limit, baseQuery }, me, resolver); - } - - async insert(doc, me, resolver) { - try { - - let docToInsert = Object.assign({}, doc, { - createdAt: Date.now(), - updatedAt: Date.now(), - createdById: (me && me._id) ? me._id : 'unknown', - updatedById: (me && me._id) ? me._id : 'unknown', - }); - log.debug(JSON.stringify(docToInsert, null, 2)); - - checkAuthDoc(docToInsert, me, ['admin'], ['authorId'], { User: this.context.User }, authlog(resolver, 'create', me)); - const id = (await this.collection.insertOne(docToInsert)).insertedId; - if (!id) { - throw new Error(`insert tweet not possible.`); - } - - log.debug(`inserted tweet ${id}.`); - const insertedDoc = this.findOneById(id, me, 'pubsub tweetInserted'); - this.pubsub.publish('tweetInserted', insertedDoc); - return insertedDoc; - - } catch (err){ log.error(err.message); } - } - - async updateById(id, doc, me, resolver) { - try { - - let docToUpdate = {$set: Object.assign({}, doc, { - updatedAt: Date.now(), - updatedById: (me && me._id) ? me._id : 'unknown', - })}; - - const baseQuery = {_id: id}; - const authQuery = queryForRoles(me, ['admin'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'update', me)); - const finalQuery = {...baseQuery, ...authQuery}; - const result = await this.collection.updateOne(finalQuery, docToUpdate); - if (result.result.ok !== 1 || result.result.n !== 1){ - throw new Error(`update tweet not possible for ${id}.`); - } - - log.debug(`updated tweet ${id}.`); - this.authorizedLoader.clear(id); - const updatedDoc = this.findOneById(id, me, 'pubsub tweetUpdated'); - this.pubsub.publish('tweetUpdated', updatedDoc); - return updatedDoc; - - } catch (err){ log.error(err.message); } - } - - async removeById(id, me, resolver) { - try { - - const baseQuery = {_id: id}; - const authQuery = queryForRoles(me, ['admin'], ['authorId'], { User: this.context.User }, authlog(resolver, 'delete', me)); - const finalQuery = {...baseQuery, ...authQuery}; - const result = await this.collection.remove(finalQuery); - if (result.result.ok !== 1 || result.result.n !== 1){ - throw new Error(`remove tweet not possible for ${id}.`); - } - - log.debug(`removed tweet ${id}.`); - this.authorizedLoader.clear(id); - this.pubsub.publish('tweetRemoved', id); - return result; - - } catch (err){ log.error(err.message); } - } -} -``` - -### ./model/User.js -generated model file for the above input type User.graphql considering the @authorize directive. -```javascript -import DataLoader from 'dataloader'; -import { findByIds, queryForRoles, getLogFilename, logger, authlog, checkAuthDoc, protectFields } from 'create-graphql-server-authorization'; -const log = logger(getLogFilename()); - -export default class User { - constructor(context) { - this.context = context; - this.collection = context.db.collection('user'); - this.pubsub = context.pubsub; - this.authRole = User.authRole; - let authQuery; - try { - const { me } = context; - authQuery = queryForRoles(me, ['admin'], ['_id'], { User }, authlog('user findOneById', 'readOne', me)); - } catch (err) { - log.error(err.message); - authQuery = {_id: false}; // otherwise admin access - } - this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); - } - - static authRole(user){ - return (user && user.role) ? user.role : null; - } - - async findOneById(id, me, resolver) { - try { - return await this.authorizedLoader.load(id); - } catch (err) { log.error(err.message); } - } - - find({ lastCreatedAt = 0, limit = 10, baseQuery = { createdAt: { $gt: lastCreatedAt } } }, me, resolver) { - try { - const authQuery = queryForRoles(me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'readMany', me)); - const finalQuery = {...baseQuery, ...authQuery}; - return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); - } catch (err) { log.error(err.message); } - } - - tweets(user, { minLikes, lastCreatedAt = 0, limit = 10 }, me, resolver) { - const baseQuery = { authorId: user._id, createdAt: { $gt: lastCreatedAt } }; - return this.context.Tweet.find({ lastCreatedAt, limit, baseQuery }, me, resolver); - } - - liked(user, { lastCreatedAt = 0, limit = 10 }, me, resolver) { - const baseQuery = { _id: { $in: user.likedIds || [] }, createdAt: { $gt: lastCreatedAt } }; - return this.context.Tweet.find({ lastCreatedAt, limit, baseQuery }, me, resolver); - } - - following(user, { lastCreatedAt = 0, limit = 10 }, me, resolver) { - const baseQuery = { _id: { $in: user.followingIds || [] }, createdAt: { $gt: lastCreatedAt } }; - return this.context.User.find({ lastCreatedAt, limit, baseQuery }, me, resolver); - } - - followers(user, { lastCreatedAt = 0, limit = 10 }, me, resolver) { - const baseQuery = { followingIds: user._id, createdAt: { $gt: lastCreatedAt } }; - return this.context.User.find({ lastCreatedAt, limit, baseQuery }, me, resolver); - } - - createdBy(user, me, resolver) { - return this.context.User.findOneById(user.createdById, me, resolver); - } - - updatedBy(user, me, resolver) { - return this.context.User.findOneById(user.updatedById, me, resolver); - } - - async insert(doc, me, resolver) { - try { - let docToInsert = Object.assign({}, doc, { - createdAt: Date.now(), - updatedAt: Date.now(), - createdById: (me && me._id) ? me._id : 'unknown', - updatedById: (me && me._id) ? me._id : 'unknown', - }); - checkAuthDoc(docToInsert, me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'create', me)); - docToInsert = protectFields(me, ['admin'], ['role'], docToInsert, { User: this.context.User }); - const id = (await this.collection.insertOne(docToInsert)).insertedId; - if (!id) { - throw new Error(`insert user not possible.`); - } - log.debug(`inserted user ${id}.`); - const insertedDoc = this.findOneById(id, me, 'pubsub userInserted'); - this.pubsub.publish('userInserted', insertedDoc); - return insertedDoc; - } catch (err) { log.error(err.message); } - } - - async updateById(id, doc, me, resolver) { - try { - let docToUpdate = {$set: Object.assign({}, doc, { - updatedAt: Date.now(), - updatedById: (me && me._id) ? me._id : 'unknown', - })}; - const baseQuery = {_id: id}; - const authQuery = queryForRoles(me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'update', me)); - const finalQuery = {...baseQuery, ...authQuery}; - docToUpdate.$set = protectFields(me, ['admin'], ['role'], docToUpdate.$set, { User: this.context.User }); - const result = await this.collection.updateOne(finalQuery, docToUpdate); - if (result.result.ok !== 1 || result.result.n !== 1){ - throw new Error(`update user not possible for ${id}.`); - } - log.debug(`updated user ${id}.`); - this.authorizedLoader.clear(id); - const updatedDoc = this.findOneById(id, me, 'pubsub userUpdated') - this.pubsub.publish('userUpdated', updatedDoc); - return updatedDoc; - } catch (err) { log.error(err.message); } - } - - async removeById(id, me, resolver) { - try { - const baseQuery = {_id: id}; - const authQuery = queryForRoles(me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'delete', me)); - const finalQuery = {...baseQuery, ...authQuery}; - const result = await this.collection.remove(finalQuery); - if (result.result.ok !== 1 || result.result.n !== 1){ - throw new Error(`remove user not possible for ${id}.`); - } - log.debug(`removed user ${id}.`); - this.authorizedLoader.clear(id); - this.pubsub.publish('userRemoved', id); - return result; - } catch (err) { log.error(err.message); } - } -} -``` - -As you can see in both model header lines, we are using a specialized npm package "create-graphql-server-authorization". - ## create-graphql-server-authorization Install it with: ```bash @@ -546,253 +194,29 @@ npm install create-graphql-server-authorization ``` [Github: create-graphql-server-authorization](https://github.com/tobkle/create-graphql-server-authorization) +[Please have a look in the API documentation.](https://tobkle.github.io/create-graphql-server-authorization/) + This uses the following functions from that module: ### function authlog A logging function that understands "resolvers", "modes" and "users". Simple wrapper around whatever logging function we use. -```javascript -/* - * Central logger for authorization checks - * @param {string} resolver - * @param {string} mode - * @param {object} me - * @return { - * debug {function}, - * error {function} - * } - */ -function authlog(resolver = "", mode = "", me = {}) { - const logFilename = getLogFilename(); - const log = logger(logFilename); - - const makeMessage = message => - `Authorize ${mode} "${resolver}" with user "${me.username - ? me.username - : ""}" ${message}`; - - return { - debug: message => { - const resultMessage = makeMessage(message); - log.debug(resultMessage); - return resultMessage; - }, - error: message => { - const resultMessage = makeMessage(message); - log.error(resultMessage); - throw new Error(makeMessage(message)); - } - }; -} -``` - ### function findByIds This is an extended version of [mongo-find-by-ids](https://github.com/tmeasday/mongo-find-by-ids). The enhancement is only to provide an additional authQuery object, to extend the query to meet additional authorizations. -```javascript -/* - * find a record by id (cached with dataloader) - * returns the record, cached if already read, checks authorization if set - * enhancement of tmeasday'findByIds - * @param {string, array} docRoleField - * @param {object} userId - * @return {boolean} foundUserId - */ -function findByIds(collection, ids = [], authQuery) { - const baseQuery = { _id: { $in: ids } }; - const finalQuery = { ...baseQuery, ...authQuery }; - return collection.find(finalQuery).toArray().then(docs => { - const idMap = {}; - docs.forEach(d => { - idMap[d._id] = d; - }); - return ids.map(id => idMap[id]); - }); -} - -module.exports = findByIds; -``` ### function protectFields Use function protectFields to protect single fields from access. Provide signed in user in "me", the authorized User roles for the protected field(s) - meaning the user who is allowed to access the field -, provide an array with protected fields, and the current document object, which is to be checked for protected fields and the User model context. -```javascript -/* - * Protects a field based on authorizations - * @param {object} me - * @param {array} authorizedUserRoles - * @param {array} protectedFields - * @param {object} inputObject - * @param {object} User - * @return {object} result - */ -function protectFields( - me = {}, - authorizedUserRoles = [], - protectedFields = [], - inputObject = {}, - { User } = { User: dummyUserContext } -) { - // pure function - const result = Object.assign({}, inputObject); - - // getting role of current User - const role = User.authRole(me); - - // if user is not allowed to access specific fields, remove field from object... - if (!authorizedUserRoles.includes(role)) { - protectedFields.forEach(protectedField => { - if (result[protectedField]) delete result[protectedField]; - }); - } - - return result; -} -``` - ### function checkAuthDoc Use function checkAuthDoc to check and get back the document. Especially used in insert operations, to figure out, if the toBeInsertedDoc is valid to be added by this userRole, docRole and action. -```javascript -/* - * Returns an authorized document - * @param {object} doc - * @param {object} me - * @param {array} userRoles - * @param {array} docRoles - * @param {object} User - * @param {function} logger - * @return {object} doc - */ - -function checkAuthDoc( - doc = {}, - me = {}, - userRoles = [], - docRoles = [], - { User }, - logger = defaultLogger -) { - let resultDoc = Object.assign({}, doc); - - // get the User's role - const role = User.authRole(me); - - // check if userRole entitles current user for this action - if (userRoleAuthorized(me, userRoles, { User }, logger)) { - logger.debug(`and role: "${role}" is authorized by userRole.`); - return resultDoc; - } - - // check if docRole entitles current user for this document and action - let authorized = false; - docRoles.every(field => { - if ( - resultDoc[field] && - me._id && - fieldContainsUserId(resultDoc[field], me._id) - ) { - authorized = true; - } - }); - if (authorized) { - logger.debug(`and role: "${role}" is authorized by docRole.`); - return resultDoc; - } - - // Not Authorized, throw exception in logger.error - logger.error(`and role: "${role}" is not authorized.`); -} -``` - - ### function loggedIn Use function loggedIn, to check if a user is logged in. -```javascript -/* - * Checks if an user is logged in - * @param {object} me - * @return {boolean} loggedIn - */ - -function loggedIn(me) { - if (me && me._id && me._id.toString() !== "") { - return true; - } - return false; -} -``` - ### function queryForRoles Use function queryForRoles to generate an authQuery object. -It expects the following arguments: -```javascript -/* - * Prepare a query object for mongodb operations with authorization queries - * creates an authQuery object with additional query arguments, to implement authorization restrictions for mongodb access - * @param {object} me - * @param {array} userRoles - * @param {array} docRoles - * @param {object} inputObject - * @param {object} User - * @param {object} logger - * @return {object, exception} queryObject - * - * @example: const authQuery = queryForRoles(me, userRoles, docRoles, { User }, authlog(resolver, mode, me ) ); - */ -function queryForRoles( - me = {}, - userRoles = [], - docRoles = [], - { User } = { User: dummyUserContext }, - logger = defaultLogger -) { - // on insufficient authorization data, it cannot be authorized, throws exception - if (!User || !User.authRole || !me || (!userRoles && !docRoles)) - logger.error(` is not authorized, due to authorization data.`); - - // get current User's role - const role = User.authRole(me); - - // Build query for the case: The logged in user's role is authorized - if (userRoleAuthorized(me, userRoles, { User }, logger)) { - return {}; // empty authQuery means, do operation with no access restrictions - } - - // Build query for the case: The user is listed in any document field - const query = { $or: [] }; - // makes only sense, if user is logged in - otherwise no userId - if (loggedIn(me)) { - // prepare selection criterias as "authQuery" object - // for later mongodb "find(...baseQuery, ...authQuery)" - // ... AND ...{ field1 OR field2} - // which will be also considered during the database access - // as an "$or: [ { field1: userId}, { field2: userId} ]" - // with all document roles as fields for the later selection. - // At least one of those fields must match the userId, - // otherwise, whether no data found or not authorized to access data - docRoles.forEach(docRole => query.$or.push({ [docRole]: me._id })); - // return this authQuery only, if there was at least 1 field added - // otherwise it will result in an unlimited access - if (query.$or.length > 0) { - // for easier debugging write into the authorzation logs - logger.debug( - `and role: "${role ? role : ""}" with - authQuery: ${JSON.stringify(query, null, 2)}` - ); - // return the query as authQuery for later selection - return query; - } - } - - // Not Authorized - throw exception in logger.error - const message = `and role: "${role}" is not authorized.`; - logger.error(message); -} -``` - It expects the following arguments with the meanings: * **me:** this is the logged in user object out of the resolver's context * **userRoles:** an array with userRoles, which was generated by the @authorize directives in the .graphql file @@ -812,112 +236,9 @@ It expects the following arguments with the meanings: ### function userRoleAuthorized This helper function is used by queryForRoles, and decides, if a user gains the authorization by its role. For example: If a user has a field "role" in his user document and it contains the value "admin". So it checks if a user's role is admin, and allows all operations for admins. -```javascript -/* - * Is a user's role authorized for a document - * @param {object} me - * @param {array} userRoles - * @param {object} User - * @param {object} logger - * @return {boolean} authorized - */ - -// returns true, if the user's role is authorized for a document -function userRoleAuthorized( - me = {}, - userRoles = [], - { User } = { User: dummyUserContext }, - logger = defaultLogger -) { - // on insufficient authorization data, it cannot be authorized - if (!User || !User.authRole || !me || !userRoles) return false; - - // get current User's role - const role = User.authRole(me); - - // determine, if the given userRoles authorize the current User by its role - if ( - // userRole: "world" should authorize everyone - known and unknown users - userRoles.includes("world") || - // or there must be a userRole given, and current user must have a role - // and the current user's role must be in the given userRoles - (role && role !== "" && userRoles.length > 0 && userRoles.includes(role)) - ) { - // => authorized - logger.debug(`and role "${role ? role : ""}" is authorized`); - return true; - } - - // => not authorized - return false; -} -``` ### function fieldContainsUserId This helper function is used in the models and checks, if the provided field of types: array, object or string contains the userId. -```javascript -/* - * checks, if a field contains a user's id - * returns true, if a field of type array/object/string contains the userId - * @param {string, object, array} docRoleField - * @param {string, object} userId - * @return {boolean} foundUserId - */ -function fieldContainsUserId(docRoleField, compressedUserId) { - let found = false; - - // empty docRoleField is not a valid docRoleField - if (!docRoleField || docRoleField === "" || docRoleField.length === 0) - return false; - - // empty (compressed) userId is not a valid userId - if ( - !compressedUserId || - compressedUserId === "" || - compressedUserId.toString() === "" - ) - return false; - - // extract userId, if it is a mongoID field - const userId = extractUserId(compressedUserId); - - // empty (uncompressed) userId is not a valid userId - if (!userId || userId === "") return false; - - // docRoleField of type Array - if (_.isArray(docRoleField)) { - docRoleField.forEach(field => { - if (fieldContainsUserId(field, userId)) { - found = true; - } - }); - if (found) return true; - return false; - } - - // docRoleField of type Object - if (_.isObject(docRoleField)) { - // For each field in the object - Object.keys(docRoleField).forEach(field => { - if ( - fieldContainsUserId(docRoleField[field], userId) || - fieldContainsUserId(field, userId) - ) { - found = true; - } - }); - if (found) return true; - return false; - } - - // docRoleField of type field - if (docRoleField.toString() === userId.toString()) { - return true; - } - - return false; -} -``` ### ./resolver/User.js In the resolver interfaces, there are different objects: @@ -927,69 +248,6 @@ In the resolver interfaces, there are different objects: * the context object "me", contains the current logged in user -if logged in-, which is provided from the server's passport implementation * the last argument in the resolver function is the resolver's name, which is optional and only to enhance the logging in debugging mode by additional information. If you have to analyze authorization outcomes, this helps a lot to figure out, which resolvers authorization rule fired. -```javascript - const resolvers = { - User: { - id(user) { - return user._id; - }, - - createdBy(user, args, { User, me }) { - return User.createdBy(user, me, 'user createdBy'); - }, - - updatedBy(user, args, { User, me }) { - return User.updatedBy(user, me, 'user updatedBy'); - }, - - tweets(user, { minLikes, lastCreatedAt, limit }, { User, me }) { - return User.tweets(user, { minLikes, lastCreatedAt, limit }, me, 'user tweets'); - }, - - liked(user, { lastCreatedAt, limit }, { User, me }) { - return User.liked(user, { lastCreatedAt, limit }, me, 'user liked'); - }, - - following(user, { lastCreatedAt, limit }, { User, me }) { - return User.following(user, { lastCreatedAt, limit }, me, 'user following'); - }, - - followers(user, { lastCreatedAt, limit }, { User, me }) { - return User.followers(user, { lastCreatedAt, limit }, me, 'user followers'); - }, - }, - Query: { - users(root, { lastCreatedAt, limit }, { User, me }) { - return User.find({ lastCreatedAt, limit }, me, 'users'); - }, - - user(root, { id }, { User, me }) { - return User.findOneById(id, me, 'user'); - }, - }, - Mutation: { - async createUser(root, { input }, { User, me }) { - return await User.insert(input, me, 'createUser'); - }, - - async updateUser(root, { id, input }, { User, me }) { - return await User.updateById(id, input, me, 'updateUser'); - }, - - async removeUser(root, { id }, { User, me }) { - return await User.removeById(id, me, 'removeUser'); - }, - }, - Subscription: { - userCreated: user => user, - userUpdated: user => user, - userRemoved: id => id, - }, - }; - - export default resolvers; -``` - ### ./resolver/Tweet.js In the resolver interfaces, there are different objects: * the root object "tweet", contains the document fields @@ -998,65 +256,6 @@ In the resolver interfaces, there are different objects: * the context object "me", contains the current logged in user -if logged in-, which is provided from the server's passport implementation * the last argument in the resolver function is the resolver's name, which is optional and only to enhance the logging in debugging mode by additional information. If you have to analyze authorization outcomes, this helps a lot to figure out, which resolvers authorization rule fired. -```javascript - const resolvers = { - Tweet: { - id(tweet) { - return tweet._id; - }, - - author(tweet, args, { Tweet, me }) { - return Tweet.author(tweet, me, 'tweet author'); - }, - - createdBy(tweet, args, { Tweet, me }) { - return Tweet.createdBy(tweet, me, 'tweet createdBy'); - }, - - updatedBy(tweet, args, { Tweet, me }) { - return Tweet.updatedBy(tweet, me, 'tweet updatedBy'); - }, - - coauthors(tweet, { lastCreatedAt, limit }, { Tweet, me }) { - return Tweet.coauthors(tweet, { lastCreatedAt, limit }, me, 'tweet coauthors'); - }, - - likers(tweet, { lastCreatedAt, limit }, { Tweet, me }) { - return Tweet.likers(tweet, { lastCreatedAt, limit }, me, 'tweet likers'); - }, - }, - Query: { - tweets(root, { lastCreatedAt, limit }, { Tweet, me }) { - return Tweet.find({ lastCreatedAt, limit }, me, 'tweets'); - }, - - tweet(root, { id }, { Tweet, me }) { - return Tweet.findOneById(id, me, 'tweet'); - }, - }, - Mutation: { - async createTweet(root, { input }, { Tweet, me }) { - return await Tweet.insert(input, me, 'createTweet'); - }, - - async updateTweet(root, { id, input }, { Tweet, me }) { - return await Tweet.updateById(id, input, me, 'updateTweet'); - }, - - async removeTweet(root, { id }, { Tweet, me }) { - return await Tweet.removeById(id, me, 'removeTweet'); - }, - }, - Subscription: { - tweetCreated: tweet => tweet, - tweetUpdated: tweet => tweet, - tweetRemoved: id => id, - }, - }; - - export default resolvers; -``` - ### Testing If you run within the project root at least one time, it generates the database and adds the seed tweet and user documents once during each run. ```bash diff --git a/skel/package.json b/skel/package.json index 0041ee1..65f152f 100644 --- a/skel/package.json +++ b/skel/package.json @@ -39,7 +39,7 @@ "bcrypt": "^1.0.2", "body-parser": "1.15.2", "cors": "^2.8.1", - "create-graphql-server-authorization": "^0.0.40", + "create-graphql-server-authorization": "^0.0.42", "dataloader": "^1.2.0", "denodeify": "^1.2.1", "dotenv": "2.0.0", diff --git a/skel/server/index.js b/skel/server/index.js index bf36cd8..de2040e 100644 --- a/skel/server/index.js +++ b/skel/server/index.js @@ -48,7 +48,7 @@ async function startServer() { app.use('/graphql', (req, res, next) => { passport.authenticate('jwt', { session: false }, (err, me) => { - req.context = addModelsToContext({ db, pubsub, me, UserCollection }); + req.context = addModelsToContext({ db, pubsub, me, UserCollection, log }); graphqlExpress(() => { // Get the query, the same way express-graphql does it // https://github.com/graphql/express-graphql/blob/3fa6e68582d6d933d37fa9e841da5d2aa39261cd/src/index.js#L257 diff --git a/test/output-app/README.md b/test/output-app/README.md index fad4cb5..085848b 100644 --- a/test/output-app/README.md +++ b/test/output-app/README.md @@ -15,54 +15,6 @@ In the server, the database is started, and the UserCollection is defined. That' In ```js authenticate(app, UserCollection)``` the authentication is prepared and processed. Later, if a user sends a 'graphql' request, the user is determined with ```js passport.authenticate(...)```. After that, the user is whether an anonymous user or an authenticated user. You find the identified user in the object "me". Then the type models have to be initialized with the user "me" authorizations: ```js req.context = addModelsToContext({... me ...})```. -```javascript -... -async function startServer() { - log.info('Logger started'); - - const db = await MongoClient.connect(MONGO_URL); - const UserCollection = db.collection('user'); - - const app = express().use('*', cors()); - app.use(bodyParser.urlencoded({ extended: true })); - app.use(bodyParser.json()); - app.use(morgan("dev", { "stream": stream })); - - authenticate(app, UserCollection); - - app.use('/graphql', (req, res, next) => { - passport.authenticate('jwt', { session: false }, (err, me) => { - req.context = addModelsToContext({ db, pubsub, me, UserCollection }); - graphqlExpress(() => { - // Get the query, the same way express-graphql does it - // https://github.com/graphql/express-graphql/blob/3fa6e68582d6d933d37fa9e841da5d2aa39261cd/src/index.js#L257 - const {variables, operationName} = req.body; - const {_id, username, role} = me; - const query = req.query.query || req.body.query; - log.debug('-'.repeat(80)); - log.debug(`Request:\nUser: "${(username) ? username: ''}", role: "${(role) ? role : ''}", id: "${(_id) ? _id : ''}",\nOperation: "${operationName ? operationName : ''}", variables: "${variables ? JSON.stringify(variables) : ''}",\nQuery:\n${print(parse(query))}`); - if (query && query.length > 4000) { - // None of our app's queries are this long - // Probably indicates someone trying to send an overly expensive query - log.error('Query too large.'); - throw new Error('Query too large.'); - } - return { - schema, - context: Object.assign({ me }, req.context), - debug: true, - formatError(e) { - console.log(e); - return e; - }, - }; - })(req, res, next); - })(req, res, next); - }); - ... -} -``` - By-the-way: The server/index.js is able to access the User collection directly by the following two lines. This is used in the server/authenticate.js during authenticate. ```js ... @@ -235,310 +187,6 @@ This has the following meaning: Use create-graphql-server command to generate the according schema, resolver, model files with the create-graphql-server command line interface. After its generation, you will find the generated files in the sub folders: schema, resolvers, model. The generated model files will use the following functions to implement the authorization logic. -### model.js -This is an example of a database model of type . - -```javascript -import DataLoader from 'dataloader'; -import { findByIds, queryForRoles, getLogFilename, logger, authlog, checkAuthDoc } from 'create-graphql-server-authorization'; -const log = logger(getLogFilename()); - -export default class { - constructor(context) { - this.context = context; - this.collection = context.db.collection(''); - this.pubsub = context.pubsub; - let authQuery; - try { - const { me, User } = context; - authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User }, authlog(' findOneById', 'readOne', me)); - } catch (err) { - log.error(err.message); - authQuery = {_id: false}; // otherwise admin access - } - this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); - } - - async findOneById(id, me, resolver) { - try { - return await this.authorizedLoader.load(id); - } catch (err) { log.error(err.message); } - } - - find({ lastCreatedAt = 0, limit = 10, baseQuery = {} }, me, resolver) { - try { - const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); - const finalQuery = {...baseQuery, ...authQuery, createdAt: { $gt: lastCreatedAt }}; - return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); - } catch (err){ log.error(err.message); } - } -... -} -``` - -### ./model/Tweet.js -generated model file for the above input type Tweet.graphql considering the @authorize directive. You can see, the directive argument "read" is used to express "readOne" and "readMany" at the same time. Instead you can use "readOne" and "readMany" for fine grained control on read operations, to allow access to just one record or many records. -```javascript -import DataLoader from 'dataloader'; -import { findByIds, queryForRoles, getLogFilename, logger, authlog, checkAuthDoc } from 'create-graphql-server-authorization'; -const log = logger(getLogFilename()); - -export default class Tweet { - constructor(context) { - this.context = context; - this.collection = context.db.collection('tweet'); - this.pubsub = context.pubsub; - let authQuery; - try { - const { me, User } = context; - authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User }, authlog('tweet findOneById', 'readOne', me)); - } catch (err) { - log.error(err.message); - authQuery = {_id: false}; // otherwise admin access - } - this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); - } - - async findOneById(id, me, resolver) { - try { - return await this.authorizedLoader.load(id); - } catch (err) { log.error(err.message); } - } - - find({ lastCreatedAt = 0, limit = 10, baseQuery = {} }, me, resolver) { - try { - const authQuery = queryForRoles(me, ['admin', 'world'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me)); - const finalQuery = {...baseQuery, ...authQuery, createdAt: { $gt: lastCreatedAt }}; - return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); - } catch (err){ log.error(err.message); } - } - - createdBy(tweet, me, resolver) { - return this.context.User.findOneById(tweet.createdById, me, resolver); - } - - updatedBy(tweet, me, resolver) { - return this.context.User.findOneById(tweet.updatedById, me, resolver); - } - - author(tweet, me, resolver) { - return this.context.User.findOneById(tweet.authorId, me, resolver); - } - - coauthors(tweet, { lastCreatedAt = 0, limit = 10 }, me, resolver) { - const baseQuery = {_id: { $in: tweet.coauthorsIds } }; - return this.context.User.find({ lastCreatedAt, limit, baseQuery }, me, resolver); - } - - likers(tweet, { lastCreatedAt = 0, limit = 10 }, me, resolver) { - const baseQuery = {likedIds: tweet._id, createdAt: { $gt: lastCreatedAt } }; - return this.context.User.find({ lastCreatedAt, limit, baseQuery }, me, resolver); - } - - async insert(doc, me, resolver) { - try { - - let docToInsert = Object.assign({}, doc, { - createdAt: Date.now(), - updatedAt: Date.now(), - createdById: (me && me._id) ? me._id : 'unknown', - updatedById: (me && me._id) ? me._id : 'unknown', - }); - log.debug(JSON.stringify(docToInsert, null, 2)); - - checkAuthDoc(docToInsert, me, ['admin'], ['authorId'], { User: this.context.User }, authlog(resolver, 'create', me)); - const id = (await this.collection.insertOne(docToInsert)).insertedId; - if (!id) { - throw new Error(`insert tweet not possible.`); - } - - log.debug(`inserted tweet ${id}.`); - const insertedDoc = this.findOneById(id, me, 'pubsub tweetInserted'); - this.pubsub.publish('tweetInserted', insertedDoc); - return insertedDoc; - - } catch (err){ log.error(err.message); } - } - - async updateById(id, doc, me, resolver) { - try { - - let docToUpdate = {$set: Object.assign({}, doc, { - updatedAt: Date.now(), - updatedById: (me && me._id) ? me._id : 'unknown', - })}; - - const baseQuery = {_id: id}; - const authQuery = queryForRoles(me, ['admin'], ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'update', me)); - const finalQuery = {...baseQuery, ...authQuery}; - const result = await this.collection.updateOne(finalQuery, docToUpdate); - if (result.result.ok !== 1 || result.result.n !== 1){ - throw new Error(`update tweet not possible for ${id}.`); - } - - log.debug(`updated tweet ${id}.`); - this.authorizedLoader.clear(id); - const updatedDoc = this.findOneById(id, me, 'pubsub tweetUpdated'); - this.pubsub.publish('tweetUpdated', updatedDoc); - return updatedDoc; - - } catch (err){ log.error(err.message); } - } - - async removeById(id, me, resolver) { - try { - - const baseQuery = {_id: id}; - const authQuery = queryForRoles(me, ['admin'], ['authorId'], { User: this.context.User }, authlog(resolver, 'delete', me)); - const finalQuery = {...baseQuery, ...authQuery}; - const result = await this.collection.remove(finalQuery); - if (result.result.ok !== 1 || result.result.n !== 1){ - throw new Error(`remove tweet not possible for ${id}.`); - } - - log.debug(`removed tweet ${id}.`); - this.authorizedLoader.clear(id); - this.pubsub.publish('tweetRemoved', id); - return result; - - } catch (err){ log.error(err.message); } - } -} -``` - -### ./model/User.js -generated model file for the above input type User.graphql considering the @authorize directive. -```javascript -import DataLoader from 'dataloader'; -import { findByIds, queryForRoles, getLogFilename, logger, authlog, checkAuthDoc, protectFields } from 'create-graphql-server-authorization'; -const log = logger(getLogFilename()); - -export default class User { - constructor(context) { - this.context = context; - this.collection = context.db.collection('user'); - this.pubsub = context.pubsub; - this.authRole = User.authRole; - let authQuery; - try { - const { me } = context; - authQuery = queryForRoles(me, ['admin'], ['_id'], { User }, authlog('user findOneById', 'readOne', me)); - } catch (err) { - log.error(err.message); - authQuery = {_id: false}; // otherwise admin access - } - this.authorizedLoader = new DataLoader(ids => findByIds(this.collection, ids, authQuery)); - } - - static authRole(user){ - return (user && user.role) ? user.role : null; - } - - async findOneById(id, me, resolver) { - try { - return await this.authorizedLoader.load(id); - } catch (err) { log.error(err.message); } - } - - find({ lastCreatedAt = 0, limit = 10, baseQuery = { createdAt: { $gt: lastCreatedAt } } }, me, resolver) { - try { - const authQuery = queryForRoles(me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'readMany', me)); - const finalQuery = {...baseQuery, ...authQuery}; - return this.collection.find(finalQuery).sort({ createdAt: 1 }).limit(limit).toArray(); - } catch (err) { log.error(err.message); } - } - - tweets(user, { minLikes, lastCreatedAt = 0, limit = 10 }, me, resolver) { - const baseQuery = { authorId: user._id, createdAt: { $gt: lastCreatedAt } }; - return this.context.Tweet.find({ lastCreatedAt, limit, baseQuery }, me, resolver); - } - - liked(user, { lastCreatedAt = 0, limit = 10 }, me, resolver) { - const baseQuery = { _id: { $in: user.likedIds || [] }, createdAt: { $gt: lastCreatedAt } }; - return this.context.Tweet.find({ lastCreatedAt, limit, baseQuery }, me, resolver); - } - - following(user, { lastCreatedAt = 0, limit = 10 }, me, resolver) { - const baseQuery = { _id: { $in: user.followingIds || [] }, createdAt: { $gt: lastCreatedAt } }; - return this.context.User.find({ lastCreatedAt, limit, baseQuery }, me, resolver); - } - - followers(user, { lastCreatedAt = 0, limit = 10 }, me, resolver) { - const baseQuery = { followingIds: user._id, createdAt: { $gt: lastCreatedAt } }; - return this.context.User.find({ lastCreatedAt, limit, baseQuery }, me, resolver); - } - - createdBy(user, me, resolver) { - return this.context.User.findOneById(user.createdById, me, resolver); - } - - updatedBy(user, me, resolver) { - return this.context.User.findOneById(user.updatedById, me, resolver); - } - - async insert(doc, me, resolver) { - try { - let docToInsert = Object.assign({}, doc, { - createdAt: Date.now(), - updatedAt: Date.now(), - createdById: (me && me._id) ? me._id : 'unknown', - updatedById: (me && me._id) ? me._id : 'unknown', - }); - checkAuthDoc(docToInsert, me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'create', me)); - docToInsert = protectFields(me, ['admin'], ['role'], docToInsert, { User: this.context.User }); - const id = (await this.collection.insertOne(docToInsert)).insertedId; - if (!id) { - throw new Error(`insert user not possible.`); - } - log.debug(`inserted user ${id}.`); - const insertedDoc = this.findOneById(id, me, 'pubsub userInserted'); - this.pubsub.publish('userInserted', insertedDoc); - return insertedDoc; - } catch (err) { log.error(err.message); } - } - - async updateById(id, doc, me, resolver) { - try { - let docToUpdate = {$set: Object.assign({}, doc, { - updatedAt: Date.now(), - updatedById: (me && me._id) ? me._id : 'unknown', - })}; - const baseQuery = {_id: id}; - const authQuery = queryForRoles(me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'update', me)); - const finalQuery = {...baseQuery, ...authQuery}; - docToUpdate.$set = protectFields(me, ['admin'], ['role'], docToUpdate.$set, { User: this.context.User }); - const result = await this.collection.updateOne(finalQuery, docToUpdate); - if (result.result.ok !== 1 || result.result.n !== 1){ - throw new Error(`update user not possible for ${id}.`); - } - log.debug(`updated user ${id}.`); - this.authorizedLoader.clear(id); - const updatedDoc = this.findOneById(id, me, 'pubsub userUpdated') - this.pubsub.publish('userUpdated', updatedDoc); - return updatedDoc; - } catch (err) { log.error(err.message); } - } - - async removeById(id, me, resolver) { - try { - const baseQuery = {_id: id}; - const authQuery = queryForRoles(me, ['admin'], ['_id'], { User: this.context.User }, authlog(resolver, 'delete', me)); - const finalQuery = {...baseQuery, ...authQuery}; - const result = await this.collection.remove(finalQuery); - if (result.result.ok !== 1 || result.result.n !== 1){ - throw new Error(`remove user not possible for ${id}.`); - } - log.debug(`removed user ${id}.`); - this.authorizedLoader.clear(id); - this.pubsub.publish('userRemoved', id); - return result; - } catch (err) { log.error(err.message); } - } -} -``` - -As you can see in both model header lines, we are using a specialized npm package "create-graphql-server-authorization". - ## create-graphql-server-authorization Install it with: ```bash @@ -546,253 +194,29 @@ npm install create-graphql-server-authorization ``` [Github: create-graphql-server-authorization](https://github.com/tobkle/create-graphql-server-authorization) +[Please have a look in the API documentation.](https://tobkle.github.io/create-graphql-server-authorization/) + This uses the following functions from that module: ### function authlog A logging function that understands "resolvers", "modes" and "users". Simple wrapper around whatever logging function we use. -```javascript -/* - * Central logger for authorization checks - * @param {string} resolver - * @param {string} mode - * @param {object} me - * @return { - * debug {function}, - * error {function} - * } - */ -function authlog(resolver = "", mode = "", me = {}) { - const logFilename = getLogFilename(); - const log = logger(logFilename); - - const makeMessage = message => - `Authorize ${mode} "${resolver}" with user "${me.username - ? me.username - : ""}" ${message}`; - - return { - debug: message => { - const resultMessage = makeMessage(message); - log.debug(resultMessage); - return resultMessage; - }, - error: message => { - const resultMessage = makeMessage(message); - log.error(resultMessage); - throw new Error(makeMessage(message)); - } - }; -} -``` - ### function findByIds This is an extended version of [mongo-find-by-ids](https://github.com/tmeasday/mongo-find-by-ids). The enhancement is only to provide an additional authQuery object, to extend the query to meet additional authorizations. -```javascript -/* - * find a record by id (cached with dataloader) - * returns the record, cached if already read, checks authorization if set - * enhancement of tmeasday'findByIds - * @param {string, array} docRoleField - * @param {object} userId - * @return {boolean} foundUserId - */ -function findByIds(collection, ids = [], authQuery) { - const baseQuery = { _id: { $in: ids } }; - const finalQuery = { ...baseQuery, ...authQuery }; - return collection.find(finalQuery).toArray().then(docs => { - const idMap = {}; - docs.forEach(d => { - idMap[d._id] = d; - }); - return ids.map(id => idMap[id]); - }); -} - -module.exports = findByIds; -``` ### function protectFields Use function protectFields to protect single fields from access. Provide signed in user in "me", the authorized User roles for the protected field(s) - meaning the user who is allowed to access the field -, provide an array with protected fields, and the current document object, which is to be checked for protected fields and the User model context. -```javascript -/* - * Protects a field based on authorizations - * @param {object} me - * @param {array} authorizedUserRoles - * @param {array} protectedFields - * @param {object} inputObject - * @param {object} User - * @return {object} result - */ -function protectFields( - me = {}, - authorizedUserRoles = [], - protectedFields = [], - inputObject = {}, - { User } = { User: dummyUserContext } -) { - // pure function - const result = Object.assign({}, inputObject); - - // getting role of current User - const role = User.authRole(me); - - // if user is not allowed to access specific fields, remove field from object... - if (!authorizedUserRoles.includes(role)) { - protectedFields.forEach(protectedField => { - if (result[protectedField]) delete result[protectedField]; - }); - } - - return result; -} -``` - ### function checkAuthDoc Use function checkAuthDoc to check and get back the document. Especially used in insert operations, to figure out, if the toBeInsertedDoc is valid to be added by this userRole, docRole and action. -```javascript -/* - * Returns an authorized document - * @param {object} doc - * @param {object} me - * @param {array} userRoles - * @param {array} docRoles - * @param {object} User - * @param {function} logger - * @return {object} doc - */ - -function checkAuthDoc( - doc = {}, - me = {}, - userRoles = [], - docRoles = [], - { User }, - logger = defaultLogger -) { - let resultDoc = Object.assign({}, doc); - - // get the User's role - const role = User.authRole(me); - - // check if userRole entitles current user for this action - if (userRoleAuthorized(me, userRoles, { User }, logger)) { - logger.debug(`and role: "${role}" is authorized by userRole.`); - return resultDoc; - } - - // check if docRole entitles current user for this document and action - let authorized = false; - docRoles.every(field => { - if ( - resultDoc[field] && - me._id && - fieldContainsUserId(resultDoc[field], me._id) - ) { - authorized = true; - } - }); - if (authorized) { - logger.debug(`and role: "${role}" is authorized by docRole.`); - return resultDoc; - } - - // Not Authorized, throw exception in logger.error - logger.error(`and role: "${role}" is not authorized.`); -} -``` - - ### function loggedIn Use function loggedIn, to check if a user is logged in. -```javascript -/* - * Checks if an user is logged in - * @param {object} me - * @return {boolean} loggedIn - */ - -function loggedIn(me) { - if (me && me._id && me._id.toString() !== "") { - return true; - } - return false; -} -``` - ### function queryForRoles Use function queryForRoles to generate an authQuery object. -It expects the following arguments: -```javascript -/* - * Prepare a query object for mongodb operations with authorization queries - * creates an authQuery object with additional query arguments, to implement authorization restrictions for mongodb access - * @param {object} me - * @param {array} userRoles - * @param {array} docRoles - * @param {object} inputObject - * @param {object} User - * @param {object} logger - * @return {object, exception} queryObject - * - * @example: const authQuery = queryForRoles(me, userRoles, docRoles, { User }, authlog(resolver, mode, me ) ); - */ -function queryForRoles( - me = {}, - userRoles = [], - docRoles = [], - { User } = { User: dummyUserContext }, - logger = defaultLogger -) { - // on insufficient authorization data, it cannot be authorized, throws exception - if (!User || !User.authRole || !me || (!userRoles && !docRoles)) - logger.error(` is not authorized, due to authorization data.`); - - // get current User's role - const role = User.authRole(me); - - // Build query for the case: The logged in user's role is authorized - if (userRoleAuthorized(me, userRoles, { User }, logger)) { - return {}; // empty authQuery means, do operation with no access restrictions - } - - // Build query for the case: The user is listed in any document field - const query = { $or: [] }; - // makes only sense, if user is logged in - otherwise no userId - if (loggedIn(me)) { - // prepare selection criterias as "authQuery" object - // for later mongodb "find(...baseQuery, ...authQuery)" - // ... AND ...{ field1 OR field2} - // which will be also considered during the database access - // as an "$or: [ { field1: userId}, { field2: userId} ]" - // with all document roles as fields for the later selection. - // At least one of those fields must match the userId, - // otherwise, whether no data found or not authorized to access data - docRoles.forEach(docRole => query.$or.push({ [docRole]: me._id })); - // return this authQuery only, if there was at least 1 field added - // otherwise it will result in an unlimited access - if (query.$or.length > 0) { - // for easier debugging write into the authorzation logs - logger.debug( - `and role: "${role ? role : ""}" with - authQuery: ${JSON.stringify(query, null, 2)}` - ); - // return the query as authQuery for later selection - return query; - } - } - - // Not Authorized - throw exception in logger.error - const message = `and role: "${role}" is not authorized.`; - logger.error(message); -} -``` - It expects the following arguments with the meanings: * **me:** this is the logged in user object out of the resolver's context * **userRoles:** an array with userRoles, which was generated by the @authorize directives in the .graphql file @@ -812,112 +236,9 @@ It expects the following arguments with the meanings: ### function userRoleAuthorized This helper function is used by queryForRoles, and decides, if a user gains the authorization by its role. For example: If a user has a field "role" in his user document and it contains the value "admin". So it checks if a user's role is admin, and allows all operations for admins. -```javascript -/* - * Is a user's role authorized for a document - * @param {object} me - * @param {array} userRoles - * @param {object} User - * @param {object} logger - * @return {boolean} authorized - */ - -// returns true, if the user's role is authorized for a document -function userRoleAuthorized( - me = {}, - userRoles = [], - { User } = { User: dummyUserContext }, - logger = defaultLogger -) { - // on insufficient authorization data, it cannot be authorized - if (!User || !User.authRole || !me || !userRoles) return false; - - // get current User's role - const role = User.authRole(me); - - // determine, if the given userRoles authorize the current User by its role - if ( - // userRole: "world" should authorize everyone - known and unknown users - userRoles.includes("world") || - // or there must be a userRole given, and current user must have a role - // and the current user's role must be in the given userRoles - (role && role !== "" && userRoles.length > 0 && userRoles.includes(role)) - ) { - // => authorized - logger.debug(`and role "${role ? role : ""}" is authorized`); - return true; - } - - // => not authorized - return false; -} -``` ### function fieldContainsUserId This helper function is used in the models and checks, if the provided field of types: array, object or string contains the userId. -```javascript -/* - * checks, if a field contains a user's id - * returns true, if a field of type array/object/string contains the userId - * @param {string, object, array} docRoleField - * @param {string, object} userId - * @return {boolean} foundUserId - */ -function fieldContainsUserId(docRoleField, compressedUserId) { - let found = false; - - // empty docRoleField is not a valid docRoleField - if (!docRoleField || docRoleField === "" || docRoleField.length === 0) - return false; - - // empty (compressed) userId is not a valid userId - if ( - !compressedUserId || - compressedUserId === "" || - compressedUserId.toString() === "" - ) - return false; - - // extract userId, if it is a mongoID field - const userId = extractUserId(compressedUserId); - - // empty (uncompressed) userId is not a valid userId - if (!userId || userId === "") return false; - - // docRoleField of type Array - if (_.isArray(docRoleField)) { - docRoleField.forEach(field => { - if (fieldContainsUserId(field, userId)) { - found = true; - } - }); - if (found) return true; - return false; - } - - // docRoleField of type Object - if (_.isObject(docRoleField)) { - // For each field in the object - Object.keys(docRoleField).forEach(field => { - if ( - fieldContainsUserId(docRoleField[field], userId) || - fieldContainsUserId(field, userId) - ) { - found = true; - } - }); - if (found) return true; - return false; - } - - // docRoleField of type field - if (docRoleField.toString() === userId.toString()) { - return true; - } - - return false; -} -``` ### ./resolver/User.js In the resolver interfaces, there are different objects: @@ -927,69 +248,6 @@ In the resolver interfaces, there are different objects: * the context object "me", contains the current logged in user -if logged in-, which is provided from the server's passport implementation * the last argument in the resolver function is the resolver's name, which is optional and only to enhance the logging in debugging mode by additional information. If you have to analyze authorization outcomes, this helps a lot to figure out, which resolvers authorization rule fired. -```javascript - const resolvers = { - User: { - id(user) { - return user._id; - }, - - createdBy(user, args, { User, me }) { - return User.createdBy(user, me, 'user createdBy'); - }, - - updatedBy(user, args, { User, me }) { - return User.updatedBy(user, me, 'user updatedBy'); - }, - - tweets(user, { minLikes, lastCreatedAt, limit }, { User, me }) { - return User.tweets(user, { minLikes, lastCreatedAt, limit }, me, 'user tweets'); - }, - - liked(user, { lastCreatedAt, limit }, { User, me }) { - return User.liked(user, { lastCreatedAt, limit }, me, 'user liked'); - }, - - following(user, { lastCreatedAt, limit }, { User, me }) { - return User.following(user, { lastCreatedAt, limit }, me, 'user following'); - }, - - followers(user, { lastCreatedAt, limit }, { User, me }) { - return User.followers(user, { lastCreatedAt, limit }, me, 'user followers'); - }, - }, - Query: { - users(root, { lastCreatedAt, limit }, { User, me }) { - return User.find({ lastCreatedAt, limit }, me, 'users'); - }, - - user(root, { id }, { User, me }) { - return User.findOneById(id, me, 'user'); - }, - }, - Mutation: { - async createUser(root, { input }, { User, me }) { - return await User.insert(input, me, 'createUser'); - }, - - async updateUser(root, { id, input }, { User, me }) { - return await User.updateById(id, input, me, 'updateUser'); - }, - - async removeUser(root, { id }, { User, me }) { - return await User.removeById(id, me, 'removeUser'); - }, - }, - Subscription: { - userCreated: user => user, - userUpdated: user => user, - userRemoved: id => id, - }, - }; - - export default resolvers; -``` - ### ./resolver/Tweet.js In the resolver interfaces, there are different objects: * the root object "tweet", contains the document fields @@ -998,65 +256,6 @@ In the resolver interfaces, there are different objects: * the context object "me", contains the current logged in user -if logged in-, which is provided from the server's passport implementation * the last argument in the resolver function is the resolver's name, which is optional and only to enhance the logging in debugging mode by additional information. If you have to analyze authorization outcomes, this helps a lot to figure out, which resolvers authorization rule fired. -```javascript - const resolvers = { - Tweet: { - id(tweet) { - return tweet._id; - }, - - author(tweet, args, { Tweet, me }) { - return Tweet.author(tweet, me, 'tweet author'); - }, - - createdBy(tweet, args, { Tweet, me }) { - return Tweet.createdBy(tweet, me, 'tweet createdBy'); - }, - - updatedBy(tweet, args, { Tweet, me }) { - return Tweet.updatedBy(tweet, me, 'tweet updatedBy'); - }, - - coauthors(tweet, { lastCreatedAt, limit }, { Tweet, me }) { - return Tweet.coauthors(tweet, { lastCreatedAt, limit }, me, 'tweet coauthors'); - }, - - likers(tweet, { lastCreatedAt, limit }, { Tweet, me }) { - return Tweet.likers(tweet, { lastCreatedAt, limit }, me, 'tweet likers'); - }, - }, - Query: { - tweets(root, { lastCreatedAt, limit }, { Tweet, me }) { - return Tweet.find({ lastCreatedAt, limit }, me, 'tweets'); - }, - - tweet(root, { id }, { Tweet, me }) { - return Tweet.findOneById(id, me, 'tweet'); - }, - }, - Mutation: { - async createTweet(root, { input }, { Tweet, me }) { - return await Tweet.insert(input, me, 'createTweet'); - }, - - async updateTweet(root, { id, input }, { Tweet, me }) { - return await Tweet.updateById(id, input, me, 'updateTweet'); - }, - - async removeTweet(root, { id }, { Tweet, me }) { - return await Tweet.removeById(id, me, 'removeTweet'); - }, - }, - Subscription: { - tweetCreated: tweet => tweet, - tweetUpdated: tweet => tweet, - tweetRemoved: id => id, - }, - }; - - export default resolvers; -``` - ### Testing If you run within the project root at least one time, it generates the database and adds the seed tweet and user documents once during each run. ```bash diff --git a/test/output-app/index.js b/test/output-app/index.js index 449bd70..0035126 100644 --- a/test/output-app/index.js +++ b/test/output-app/index.js @@ -102,7 +102,7 @@ if (!MONGO_URL) { nodemon({ script: path.join('server', 'index.js'), ext: 'js graphql', - exec: 'babel-node --inspect', + exec: 'babel-node', }).on('restart', () => console.log('Restarting server due to file change\n')); diff --git a/test/output-app/log/all-logs-readable.log b/test/output-app/log/all-logs-readable.log index 33facda..e69de29 100644 --- a/test/output-app/log/all-logs-readable.log +++ b/test/output-app/log/all-logs-readable.log @@ -1,8266 +0,0 @@ -2017-08-31 14:20:28 -------------------------------------------------------------------------------- -2017-08-31 14:20:28 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-31 14:20:28 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:28 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:28 registered authorizedLoader successfully -2017-08-31 14:20:28 registered authorizedLoader successfully -2017-08-31 14:20:51 -------------------------------------------------------------------------------- -2017-08-31 14:20:51 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 -------------------------------------------------------------------------------- -2017-08-31 14:20:51 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - role - username - } -} - -2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 -------------------------------------------------------------------------------- -2017-08-31 14:20:51 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - role - username - } -} - -2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 -------------------------------------------------------------------------------- -2017-08-31 14:20:51 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca2") { - role - username - } -} - -2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 -------------------------------------------------------------------------------- -2017-08-31 14:20:51 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - id - username - bio - } -} - -2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 -------------------------------------------------------------------------------- -2017-08-31 14:20:51 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users { - username - createdAt - } -} - -2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 -------------------------------------------------------------------------------- -2017-08-31 14:20:51 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(limit: 1) { - username - createdAt - } -} - -2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 -------------------------------------------------------------------------------- -2017-08-31 14:20:51 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993) { - username - createdAt - } -} - -2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 -------------------------------------------------------------------------------- -2017-08-31 14:20:51 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } -} - -2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 -------------------------------------------------------------------------------- -2017-08-31 14:20:51 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers { - username - createdAt - } - } -} - -2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 -------------------------------------------------------------------------------- -2017-08-31 14:20:51 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(limit: 1) { - username - createdAt - } - } -} - -2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 -------------------------------------------------------------------------------- -2017-08-31 14:20:51 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 -------------------------------------------------------------------------------- -2017-08-31 14:20:51 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 -------------------------------------------------------------------------------- -2017-08-31 14:20:51 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following { - username - createdAt - } - } -} - -2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 -------------------------------------------------------------------------------- -2017-08-31 14:20:51 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(limit: 1) { - username - createdAt - } - } -} - -2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 -------------------------------------------------------------------------------- -2017-08-31 14:20:51 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 -------------------------------------------------------------------------------- -2017-08-31 14:20:51 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 -------------------------------------------------------------------------------- -2017-08-31 14:20:51 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets { - id - createdAt - } - } -} - -2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 -------------------------------------------------------------------------------- -2017-08-31 14:20:51 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(limit: 1) { - id - createdAt - } - } -} - -2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 -------------------------------------------------------------------------------- -2017-08-31 14:20:51 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } - } -} - -2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 -------------------------------------------------------------------------------- -2017-08-31 14:20:51 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } - } -} - -2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 -------------------------------------------------------------------------------- -2017-08-31 14:20:51 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked { - id - createdAt - } - } -} - -2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 -------------------------------------------------------------------------------- -2017-08-31 14:20:51 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(limit: 1) { - id - createdAt - } - } -} - -2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 -------------------------------------------------------------------------------- -2017-08-31 14:20:51 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334) { - id - createdAt - } - } -} - -2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 -------------------------------------------------------------------------------- -2017-08-31 14:20:51 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334, limit: 1) { - id - createdAt - } - } -} - -2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 -------------------------------------------------------------------------------- -2017-08-31 14:20:51 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - id - body - } -} - -2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 -------------------------------------------------------------------------------- -2017-08-31 14:20:51 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets { - id - createdAt - } -} - -2017-08-31 14:20:51 -------------------------------------------------------------------------------- -2017-08-31 14:20:51 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - author { - username - } - } -} - -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 -------------------------------------------------------------------------------- -2017-08-31 14:20:51 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(limit: 1) { - id - createdAt - } -} - -2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 -------------------------------------------------------------------------------- -2017-08-31 14:20:51 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } -} - -2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 -------------------------------------------------------------------------------- -2017-08-31 14:20:51 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } -} - -2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 -------------------------------------------------------------------------------- -2017-08-31 14:20:51 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers { - username - createdAt - } - } -} - -2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 -------------------------------------------------------------------------------- -2017-08-31 14:20:51 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(limit: 1) { - username - createdAt - } - } -} - -2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 -------------------------------------------------------------------------------- -2017-08-31 14:20:51 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993) { - username - createdAt - } - } -} - -2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 -------------------------------------------------------------------------------- -2017-08-31 14:20:51 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } - } -} - -2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 -------------------------------------------------------------------------------- -2017-08-31 14:20:51 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "admin"}) { - id - role - } -} - -2017-08-31 14:20:51 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:51 registered authorizedLoader successfully -2017-08-31 14:20:52 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:52 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "zol@gmail.com", password: "password", username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "undefined") { - username - bio - role - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "undefined") { - username - role - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "undefined", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "undefined", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { - username - bio - role - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "undefined") -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "undefined", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "undefined") { - author { - id - } - body - } -} - -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 ERROR Authorize readOne 'tweet author' with user '' undefined -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "undefined", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "undefined", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "undefined") { - body - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "undefined") -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "undefined") -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "undefined") { - body - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "undefined") -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "undefined") { - username - bio - role - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "admin"}) { - id - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 ERROR Authorize readOne 'user' with user '' undefined -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 ERROR Authorize readOne 'tweet author' with user '' undefined -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "user"}) { - id - role - } -} - -2017-08-31 14:20:52 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:52 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "zol@gmail.com", password: "password", username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 ERROR Authorize readOne 'user' with user '' undefined -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "undefined") { - username - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "undefined") { - username - role - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "undefined", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "undefined") { - author { - id - } - body - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 ERROR Authorize readOne 'tweet author' with user '' undefined -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "undefined", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "undefined") { - body - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "undefined") -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "undefined") { - body - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "undefined") -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "undefined") { - username - bio - role - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "editor"}) { - id - role - } -} - -2017-08-31 14:20:52 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:20:52 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "zol@gmail.com", password: "password", username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 ERROR Authorize readOne 'user' with user '' undefined -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "undefined") { - username - role - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "undefined", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "undefined", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "undefined", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "undefined") { - author { - id - } - body - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 ERROR Authorize readOne 'tweet author' with user '' undefined -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "undefined", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "undefined") { - body - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "undefined") -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "undefined") { - body - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "undefined") -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:20:52 -------------------------------------------------------------------------------- -2017-08-31 14:20:52 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "undefined") { - username - bio - role - } -} - -2017-08-31 14:20:52 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:20:52 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:20:52 registered authorizedLoader successfully -2017-08-31 14:37:07 -------------------------------------------------------------------------------- -2017-08-31 14:37:07 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-31 14:37:07 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:37:07 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:37:07 registered authorizedLoader successfully -2017-08-31 14:37:07 registered authorizedLoader successfully -2017-08-31 14:37:29 -------------------------------------------------------------------------------- -2017-08-31 14:37:29 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "admin"}) { - id - role - } -} - -2017-08-31 14:37:29 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:37:29 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:37:29 registered authorizedLoader successfully -2017-08-31 14:37:29 registered authorizedLoader successfully -2017-08-31 14:37:29 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:37:29 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-31 14:37:29 -------------------------------------------------------------------------------- -2017-08-31 14:37:29 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "zol@gmail.com", password: "password", username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-31 14:37:29 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:37:29 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:37:29 registered authorizedLoader successfully -2017-08-31 14:37:29 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-31 14:37:29 -------------------------------------------------------------------------------- -2017-08-31 14:37:29 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "undefined") { - username - bio - role - } -} - -2017-08-31 14:37:29 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:37:29 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:37:29 registered authorizedLoader successfully -2017-08-31 14:37:29 -------------------------------------------------------------------------------- -2017-08-31 14:37:29 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "undefined") { - username - role - } -} - -2017-08-31 14:37:29 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:37:29 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:37:29 registered authorizedLoader successfully -2017-08-31 14:37:29 -------------------------------------------------------------------------------- -2017-08-31 14:37:29 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "undefined", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-31 14:37:29 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:37:29 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:37:29 registered authorizedLoader successfully -2017-08-31 14:37:29 -------------------------------------------------------------------------------- -2017-08-31 14:37:29 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-31 14:37:29 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:37:29 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:37:29 registered authorizedLoader successfully -2017-08-31 14:37:29 -------------------------------------------------------------------------------- -2017-08-31 14:37:29 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "undefined", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { - username - bio - role - } -} - -2017-08-31 14:37:29 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:37:29 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:37:29 registered authorizedLoader successfully -2017-08-31 14:37:29 -------------------------------------------------------------------------------- -2017-08-31 14:37:29 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-31 14:37:29 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:37:29 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:37:29 registered authorizedLoader successfully -2017-08-31 14:37:29 -------------------------------------------------------------------------------- -2017-08-31 14:37:29 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-31 14:37:29 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:37:29 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:37:29 registered authorizedLoader successfully -2017-08-31 14:37:29 -------------------------------------------------------------------------------- -2017-08-31 14:37:29 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-31 14:37:29 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:37:29 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:37:29 registered authorizedLoader successfully -2017-08-31 14:37:29 -------------------------------------------------------------------------------- -2017-08-31 14:37:29 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "undefined") -} - -2017-08-31 14:37:29 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:37:29 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:37:29 registered authorizedLoader successfully -2017-08-31 14:37:29 -------------------------------------------------------------------------------- -2017-08-31 14:37:29 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "undefined", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-31 14:37:29 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:37:29 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:37:29 registered authorizedLoader successfully -2017-08-31 14:37:29 -------------------------------------------------------------------------------- -2017-08-31 14:37:29 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-31 14:37:29 -------------------------------------------------------------------------------- -2017-08-31 14:37:29 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "undefined") { - author { - id - } - body - } -} - -2017-08-31 14:37:29 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:37:29 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:37:29 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-31 14:37:29 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:37:29 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:37:29 registered authorizedLoader successfully -2017-08-31 14:37:29 registered authorizedLoader successfully -2017-08-31 14:37:29 -------------------------------------------------------------------------------- -2017-08-31 14:37:29 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-31 14:37:29 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:37:29 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:37:29 registered authorizedLoader successfully -2017-08-31 14:37:29 ERROR Authorize readOne 'tweet author' with user '' undefined -2017-08-31 14:37:29 -------------------------------------------------------------------------------- -2017-08-31 14:37:29 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "undefined", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-31 14:37:29 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:37:29 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:37:29 registered authorizedLoader successfully -2017-08-31 14:37:29 -------------------------------------------------------------------------------- -2017-08-31 14:37:29 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "undefined", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-31 14:37:29 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:37:29 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:37:29 registered authorizedLoader successfully -2017-08-31 14:37:29 -------------------------------------------------------------------------------- -2017-08-31 14:37:29 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "undefined") { - body - } -} - -2017-08-31 14:37:29 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:37:29 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:37:29 registered authorizedLoader successfully -2017-08-31 14:37:29 -------------------------------------------------------------------------------- -2017-08-31 14:37:29 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "undefined") -} - -2017-08-31 14:37:29 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:37:29 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:37:29 registered authorizedLoader successfully -2017-08-31 14:37:29 -------------------------------------------------------------------------------- -2017-08-31 14:37:29 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "undefined") -} - -2017-08-31 14:37:29 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:37:29 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:37:29 registered authorizedLoader successfully -2017-08-31 14:37:29 -------------------------------------------------------------------------------- -2017-08-31 14:37:29 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "undefined") { - body - } -} - -2017-08-31 14:37:29 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:37:29 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:37:29 registered authorizedLoader successfully -2017-08-31 14:37:29 -------------------------------------------------------------------------------- -2017-08-31 14:37:29 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "undefined") -} - -2017-08-31 14:37:29 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:37:29 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:37:29 registered authorizedLoader successfully -2017-08-31 14:37:29 -------------------------------------------------------------------------------- -2017-08-31 14:37:29 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "undefined") { - username - bio - role - } -} - -2017-08-31 14:37:29 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:37:29 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:37:29 registered authorizedLoader successfully -2017-08-31 14:39:59 Logger started -2017-08-31 14:40:50 Logger started -2017-08-31 14:41:05 -------------------------------------------------------------------------------- -2017-08-31 14:41:05 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-31 14:41:05 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:41:05 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:41:05 registered authorizedLoader successfully -2017-08-31 14:41:05 registered authorizedLoader successfully -2017-08-31 14:41:27 -------------------------------------------------------------------------------- -2017-08-31 14:41:27 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "admin"}) { - id - role - } -} - -2017-08-31 14:41:27 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:41:27 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:41:27 registered authorizedLoader successfully -2017-08-31 14:41:27 registered authorizedLoader successfully -2017-08-31 14:41:28 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:41:28 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-31 14:41:28 -------------------------------------------------------------------------------- -2017-08-31 14:41:28 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "zol@gmail.com", password: "password", username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-31 14:41:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:41:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:41:28 registered authorizedLoader successfully -2017-08-31 14:41:28 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-31 14:41:28 -------------------------------------------------------------------------------- -2017-08-31 14:41:28 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "undefined") { - username - bio - role - } -} - -2017-08-31 14:41:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:41:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:41:28 registered authorizedLoader successfully -2017-08-31 14:41:28 -------------------------------------------------------------------------------- -2017-08-31 14:41:28 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "undefined") { - username - role - } -} - -2017-08-31 14:41:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:41:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:41:28 registered authorizedLoader successfully -2017-08-31 14:41:28 -------------------------------------------------------------------------------- -2017-08-31 14:41:28 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "undefined", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-31 14:41:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:41:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:41:28 registered authorizedLoader successfully -2017-08-31 14:41:28 -------------------------------------------------------------------------------- -2017-08-31 14:41:28 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-31 14:41:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:41:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:41:28 registered authorizedLoader successfully -2017-08-31 14:41:28 -------------------------------------------------------------------------------- -2017-08-31 14:41:28 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "undefined", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { - username - bio - role - } -} - -2017-08-31 14:41:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:41:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:41:28 registered authorizedLoader successfully -2017-08-31 14:41:28 -------------------------------------------------------------------------------- -2017-08-31 14:41:28 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-31 14:41:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:41:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:41:28 registered authorizedLoader successfully -2017-08-31 14:41:28 -------------------------------------------------------------------------------- -2017-08-31 14:41:28 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-31 14:41:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:41:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:41:28 registered authorizedLoader successfully -2017-08-31 14:41:28 -------------------------------------------------------------------------------- -2017-08-31 14:41:28 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-31 14:41:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:41:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:41:28 registered authorizedLoader successfully -2017-08-31 14:41:28 -------------------------------------------------------------------------------- -2017-08-31 14:41:28 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "undefined") -} - -2017-08-31 14:41:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:41:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:41:28 registered authorizedLoader successfully -2017-08-31 14:41:28 -------------------------------------------------------------------------------- -2017-08-31 14:41:28 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "undefined", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-31 14:41:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:41:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:41:28 registered authorizedLoader successfully -2017-08-31 14:41:28 -------------------------------------------------------------------------------- -2017-08-31 14:41:28 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "undefined") { - author { - id - } - body - } -} - -2017-08-31 14:41:28 -------------------------------------------------------------------------------- -2017-08-31 14:41:28 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-31 14:41:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:41:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:41:28 -------------------------------------------------------------------------------- -2017-08-31 14:41:28 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-31 14:41:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:41:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:41:28 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-31 14:41:28 registered authorizedLoader successfully -2017-08-31 14:41:28 registered authorizedLoader successfully -2017-08-31 14:41:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:41:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:41:28 registered authorizedLoader successfully -2017-08-31 14:41:28 ERROR Authorize readOne 'tweet author' with user '' undefined -2017-08-31 14:41:28 -------------------------------------------------------------------------------- -2017-08-31 14:41:28 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "undefined", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-31 14:41:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:41:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:41:28 registered authorizedLoader successfully -2017-08-31 14:41:28 -------------------------------------------------------------------------------- -2017-08-31 14:41:28 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "undefined", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-31 14:41:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:41:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:41:28 registered authorizedLoader successfully -2017-08-31 14:41:28 -------------------------------------------------------------------------------- -2017-08-31 14:41:28 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "undefined") { - body - } -} - -2017-08-31 14:41:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:41:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:41:28 registered authorizedLoader successfully -2017-08-31 14:41:28 -------------------------------------------------------------------------------- -2017-08-31 14:41:28 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "undefined") -} - -2017-08-31 14:41:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:41:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:41:28 registered authorizedLoader successfully -2017-08-31 14:41:28 -------------------------------------------------------------------------------- -2017-08-31 14:41:28 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "undefined") -} - -2017-08-31 14:41:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:41:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:41:28 registered authorizedLoader successfully -2017-08-31 14:41:28 -------------------------------------------------------------------------------- -2017-08-31 14:41:28 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "undefined") { - body - } -} - -2017-08-31 14:41:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:41:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:41:28 registered authorizedLoader successfully -2017-08-31 14:41:28 -------------------------------------------------------------------------------- -2017-08-31 14:41:28 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "undefined") -} - -2017-08-31 14:41:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:41:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:41:28 registered authorizedLoader successfully -2017-08-31 14:41:28 -------------------------------------------------------------------------------- -2017-08-31 14:41:28 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "undefined") { - username - bio - role - } -} - -2017-08-31 14:41:28 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:41:28 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:41:28 registered authorizedLoader successfully -2017-08-31 14:42:45 -------------------------------------------------------------------------------- -2017-08-31 14:42:45 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-31 14:42:45 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:42:45 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:42:45 registered authorizedLoader successfully -2017-08-31 14:42:45 registered authorizedLoader successfully -2017-08-31 14:43:07 -------------------------------------------------------------------------------- -2017-08-31 14:43:07 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "admin"}) { - id - role - } -} - -2017-08-31 14:43:07 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:43:07 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:43:07 registered authorizedLoader successfully -2017-08-31 14:43:07 registered authorizedLoader successfully -2017-08-31 14:43:07 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:43:07 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-31 14:43:07 -------------------------------------------------------------------------------- -2017-08-31 14:43:07 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "zol@gmail.com", password: "password", username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-31 14:43:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:43:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:43:07 registered authorizedLoader successfully -2017-08-31 14:43:07 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-31 14:43:07 -------------------------------------------------------------------------------- -2017-08-31 14:43:07 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "undefined") { - username - bio - role - } -} - -2017-08-31 14:43:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:43:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:43:07 registered authorizedLoader successfully -2017-08-31 14:43:07 -------------------------------------------------------------------------------- -2017-08-31 14:43:07 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "undefined") { - username - role - } -} - -2017-08-31 14:43:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:43:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:43:07 registered authorizedLoader successfully -2017-08-31 14:43:07 -------------------------------------------------------------------------------- -2017-08-31 14:43:07 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "undefined", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-31 14:43:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:43:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:43:07 registered authorizedLoader successfully -2017-08-31 14:43:07 -------------------------------------------------------------------------------- -2017-08-31 14:43:07 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-31 14:43:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:43:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:43:07 registered authorizedLoader successfully -2017-08-31 14:43:07 -------------------------------------------------------------------------------- -2017-08-31 14:43:07 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "undefined", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { - username - bio - role - } -} - -2017-08-31 14:43:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:43:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:43:07 registered authorizedLoader successfully -2017-08-31 14:43:07 -------------------------------------------------------------------------------- -2017-08-31 14:43:07 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-31 14:43:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:43:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:43:07 registered authorizedLoader successfully -2017-08-31 14:43:07 -------------------------------------------------------------------------------- -2017-08-31 14:43:07 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-31 14:43:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:43:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:43:07 registered authorizedLoader successfully -2017-08-31 14:43:07 -------------------------------------------------------------------------------- -2017-08-31 14:43:07 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "undefined", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-31 14:43:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:43:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:43:07 registered authorizedLoader successfully -2017-08-31 14:43:07 -------------------------------------------------------------------------------- -2017-08-31 14:43:07 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "undefined") -} - -2017-08-31 14:43:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:43:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:43:07 registered authorizedLoader successfully -2017-08-31 14:43:07 -------------------------------------------------------------------------------- -2017-08-31 14:43:07 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "undefined", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-31 14:43:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:43:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:43:07 registered authorizedLoader successfully -2017-08-31 14:43:07 -------------------------------------------------------------------------------- -2017-08-31 14:43:07 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "undefined") { - author { - id - } - body - } -} - -2017-08-31 14:43:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:43:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:43:07 -------------------------------------------------------------------------------- -2017-08-31 14:43:07 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-31 14:43:07 registered authorizedLoader successfully -2017-08-31 14:43:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:43:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:43:07 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-31 14:43:07 -------------------------------------------------------------------------------- -2017-08-31 14:43:07 registered authorizedLoader successfully -2017-08-31 14:43:07 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-31 14:43:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:43:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:43:07 registered authorizedLoader successfully -2017-08-31 14:43:07 ERROR Authorize readOne 'tweet author' with user '' undefined -2017-08-31 14:43:07 -------------------------------------------------------------------------------- -2017-08-31 14:43:07 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "undefined", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-31 14:43:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:43:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:43:07 registered authorizedLoader successfully -2017-08-31 14:43:07 -------------------------------------------------------------------------------- -2017-08-31 14:43:07 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "undefined", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-31 14:43:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:43:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:43:07 registered authorizedLoader successfully -2017-08-31 14:43:07 -------------------------------------------------------------------------------- -2017-08-31 14:43:07 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "undefined") { - body - } -} - -2017-08-31 14:43:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:43:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:43:07 registered authorizedLoader successfully -2017-08-31 14:43:07 -------------------------------------------------------------------------------- -2017-08-31 14:43:07 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "undefined") -} - -2017-08-31 14:43:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:43:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:43:07 registered authorizedLoader successfully -2017-08-31 14:43:07 -------------------------------------------------------------------------------- -2017-08-31 14:43:07 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "undefined") -} - -2017-08-31 14:43:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:43:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:43:07 registered authorizedLoader successfully -2017-08-31 14:43:07 -------------------------------------------------------------------------------- -2017-08-31 14:43:07 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "undefined") { - body - } -} - -2017-08-31 14:43:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:43:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:43:07 registered authorizedLoader successfully -2017-08-31 14:43:07 -------------------------------------------------------------------------------- -2017-08-31 14:43:07 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "undefined") -} - -2017-08-31 14:43:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:43:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:43:07 registered authorizedLoader successfully -2017-08-31 14:43:07 -------------------------------------------------------------------------------- -2017-08-31 14:43:07 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "undefined") { - username - bio - role - } -} - -2017-08-31 14:43:07 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:43:07 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:43:07 registered authorizedLoader successfully -2017-08-31 14:46:39 -------------------------------------------------------------------------------- -2017-08-31 14:46:39 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -query IntrospectionQuery { - __schema { - queryType { - name - } - mutationType { - name - } - subscriptionType { - name - } - types { - ...FullType - } - directives { - name - description - locations - args { - ...InputValue - } - } - } -} - -fragment FullType on __Type { - kind - name - description - fields(includeDeprecated: true) { - name - description - args { - ...InputValue - } - type { - ...TypeRef - } - isDeprecated - deprecationReason - } - inputFields { - ...InputValue - } - interfaces { - ...TypeRef - } - enumValues(includeDeprecated: true) { - name - description - isDeprecated - deprecationReason - } - possibleTypes { - ...TypeRef - } -} - -fragment InputValue on __InputValue { - name - description - type { - ...TypeRef - } - defaultValue -} - -fragment TypeRef on __Type { - kind - name - ofType { - kind - name - ofType { - kind - name - ofType { - kind - name - ofType { - kind - name - ofType { - kind - name - ofType { - kind - name - ofType { - kind - name - } - } - } - } - } - } - } -} - -2017-08-31 14:46:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:46:39 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:46:39 registered authorizedLoader successfully -2017-08-31 14:46:41 -------------------------------------------------------------------------------- -2017-08-31 14:46:41 Request: -User: "", role: "", id: "", -Operation: "", variables: "{}", -Query: -{ - tweets { - id - } -} - -2017-08-31 14:46:41 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:46:41 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:46:41 Authorize readMany 'tweets' with user '' and role '' is authorized -2017-08-31 14:46:41 registered authorizedLoader successfully -2017-08-31 14:49:30 -------------------------------------------------------------------------------- -2017-08-31 14:49:30 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-31 14:49:20 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:49:20 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:49:20 registered authorizedLoader successfully -2017-08-31 14:49:20 registered authorizedLoader successfully -2017-08-31 14:49:42 -------------------------------------------------------------------------------- -2017-08-31 14:49:42 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -query IntrospectionQuery { - __schema { - queryType { - name - } - mutationType { - name - } - subscriptionType { - name - } - types { - ...FullType - } - directives { - name - description - locations - args { - ...InputValue - } - } - } -} - -fragment FullType on __Type { - kind - name - description - fields(includeDeprecated: true) { - name - description - args { - ...InputValue - } - type { - ...TypeRef - } - isDeprecated - deprecationReason - } - inputFields { - ...InputValue - } - interfaces { - ...TypeRef - } - enumValues(includeDeprecated: true) { - name - description - isDeprecated - deprecationReason - } - possibleTypes { - ...TypeRef - } -} - -fragment InputValue on __InputValue { - name - description - type { - ...TypeRef - } - defaultValue -} - -fragment TypeRef on __Type { - kind - name - ofType { - kind - name - ofType { - kind - name - ofType { - kind - name - ofType { - kind - name - ofType { - kind - name - ofType { - kind - name - ofType { - kind - name - } - } - } - } - } - } - } -} - -2017-08-31 14:49:42 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:49:42 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:49:42 registered authorizedLoader successfully -2017-08-31 14:49:57 -------------------------------------------------------------------------------- -2017-08-31 14:49:57 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-31 14:49:57 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:49:57 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:49:57 registered authorizedLoader successfully -2017-08-31 14:49:57 registered authorizedLoader successfully -2017-08-31 14:50:21 -------------------------------------------------------------------------------- -2017-08-31 14:50:21 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "admin"}) { - id - role - } -} - -2017-08-31 14:50:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:50:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:50:21 registered authorizedLoader successfully -2017-08-31 14:50:21 registered authorizedLoader successfully -2017-08-31 14:50:34 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:51:15 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-31 14:56:09 -------------------------------------------------------------------------------- -2017-08-31 14:56:09 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-31 14:56:09 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:56:09 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:56:09 registered authorizedLoader successfully -2017-08-31 14:56:09 registered authorizedLoader successfully -2017-08-31 14:56:39 Logger started -2017-08-31 14:57:06 Logger started -2017-08-31 14:57:24 -------------------------------------------------------------------------------- -2017-08-31 14:57:24 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-31 14:57:24 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:57:24 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:57:24 registered authorizedLoader successfully -2017-08-31 14:57:24 registered authorizedLoader successfully -2017-08-31 14:57:47 -------------------------------------------------------------------------------- -2017-08-31 14:57:47 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "admin"}) { - id - role - } -} - -2017-08-31 14:57:47 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:57:47 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:57:47 registered authorizedLoader successfully -2017-08-31 14:57:47 registered authorizedLoader successfully -2017-08-31 14:57:47 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:57:47 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-31 14:57:47 inserted user 59a807cb8d536067b36d5cc1. -2017-08-31 14:57:47 -------------------------------------------------------------------------------- -2017-08-31 14:57:47 Request: -User: "tobkle", role: "admin", id: "59a807cb8d536067b36d5cc1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "zol@gmail.com", password: "password", username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-31 14:57:47 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:57:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:57:47 registered authorizedLoader successfully -2017-08-31 14:57:47 registered authorizedLoader successfully -2017-08-31 14:57:47 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:57:47 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-31 14:57:47 inserted user 59a807cb8d536067b36d5cc2. -2017-08-31 14:57:47 -------------------------------------------------------------------------------- -2017-08-31 14:57:47 Request: -User: "tobkle", role: "admin", id: "59a807cb8d536067b36d5cc1", -Operation: "", variables: "", -Query: -{ - user(id: "59a807cb8d536067b36d5cc2") { - username - bio - role - } -} - -2017-08-31 14:57:47 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:57:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:57:47 registered authorizedLoader successfully -2017-08-31 14:57:47 registered authorizedLoader successfully -2017-08-31 14:57:47 -------------------------------------------------------------------------------- -2017-08-31 14:57:47 Request: -User: "tobkle", role: "admin", id: "59a807cb8d536067b36d5cc1", -Operation: "", variables: "", -Query: -{ - user(id: "59a807cb8d536067b36d5cc1") { - username - role - } -} - -2017-08-31 14:57:47 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:57:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:57:47 registered authorizedLoader successfully -2017-08-31 14:57:47 registered authorizedLoader successfully -2017-08-31 14:57:47 -------------------------------------------------------------------------------- -2017-08-31 14:57:47 Request: -User: "tobkle", role: "admin", id: "59a807cb8d536067b36d5cc1", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a807cb8d536067b36d5cc2", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-31 14:57:47 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:57:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:57:47 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:57:47 registered authorizedLoader successfully -2017-08-31 14:57:47 registered authorizedLoader successfully -2017-08-31 14:57:47 updated user 59a807cb8d536067b36d5cc2. -2017-08-31 14:57:47 -------------------------------------------------------------------------------- -2017-08-31 14:57:47 Request: -User: "tobkle", role: "admin", id: "59a807cb8d536067b36d5cc1", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a807cb8d536067b36d5cc1", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-31 14:57:47 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:57:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:57:47 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:57:47 registered authorizedLoader successfully -2017-08-31 14:57:47 registered authorizedLoader successfully -2017-08-31 14:57:47 updated user 59a807cb8d536067b36d5cc1. -2017-08-31 14:57:47 -------------------------------------------------------------------------------- -2017-08-31 14:57:47 Request: -User: "tobkle", role: "admin", id: "59a807cb8d536067b36d5cc1", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a807cb8d536067b36d5cc2", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { - username - bio - role - } -} - -2017-08-31 14:57:47 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:57:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:57:47 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:57:47 updated user 59a807cb8d536067b36d5cc2. -2017-08-31 14:57:47 registered authorizedLoader successfully -2017-08-31 14:57:47 registered authorizedLoader successfully -2017-08-31 14:57:47 -------------------------------------------------------------------------------- -2017-08-31 14:57:47 Request: -User: "tobkle", role: "admin", id: "59a807cb8d536067b36d5cc1", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a807cb8d536067b36d5cc1", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-31 14:57:47 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:57:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:57:47 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:57:47 updated user 59a807cb8d536067b36d5cc1. -2017-08-31 14:57:47 registered authorizedLoader successfully -2017-08-31 14:57:47 registered authorizedLoader successfully -2017-08-31 14:57:47 -------------------------------------------------------------------------------- -2017-08-31 14:57:47 Request: -User: "tobkle", role: "editor", id: "59a807cb8d536067b36d5cc1", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a807cb8d536067b36d5cc1", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-31 14:57:47 registered authorizedLoader successfully -2017-08-31 14:57:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-31 14:57:47 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a807cb8d536067b36d5cc1" - } - ] -} -2017-08-31 14:57:47 updated user 59a807cb8d536067b36d5cc1. -2017-08-31 14:57:47 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a807cb8d536067b36d5cc1" - } - ] -} -2017-08-31 14:57:47 registered authorizedLoader successfully -2017-08-31 14:57:47 -------------------------------------------------------------------------------- -2017-08-31 14:57:47 Request: -User: "zoltan", role: "admin", id: "59a807cb8d536067b36d5cc2", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a807cb8d536067b36d5cc1", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-31 14:57:47 Authorize readOne 'user findOneById' with user 'zoltan' and role 'admin' is authorized -2017-08-31 14:57:47 Authorize readOne 'tweet findOneById' with user 'zoltan' and role 'admin' is authorized -2017-08-31 14:57:47 updated user 59a807cb8d536067b36d5cc1. -2017-08-31 14:57:47 Authorize update 'updateUser' with user 'zoltan' and role 'admin' is authorized -2017-08-31 14:57:47 registered authorizedLoader successfully -2017-08-31 14:57:47 registered authorizedLoader successfully -2017-08-31 14:57:47 -------------------------------------------------------------------------------- -2017-08-31 14:57:47 Request: -User: "tobkle", role: "admin", id: "59a807cb8d536067b36d5cc1", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59a807cb8d536067b36d5cc2") -} - -2017-08-31 14:57:47 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:57:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:57:47 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:57:47 registered authorizedLoader successfully -2017-08-31 14:57:47 registered authorizedLoader successfully -2017-08-31 14:57:47 removed user 59a807cb8d536067b36d5cc2. -2017-08-31 14:57:47 -------------------------------------------------------------------------------- -2017-08-31 14:57:47 Request: -User: "tobkle", role: "admin", id: "59a807cb8d536067b36d5cc1", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59a807cb8d536067b36d5cc1", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-31 14:57:47 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:57:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:57:47 inserted tweet 59a807cb8d536067b36d5cc3. -2017-08-31 14:57:47 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:57:47 registered authorizedLoader successfully -2017-08-31 14:57:47 registered authorizedLoader successfully -2017-08-31 14:57:47 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-31 14:57:47 -------------------------------------------------------------------------------- -2017-08-31 14:57:47 Request: -User: "tobkle", role: "admin", id: "59a807cb8d536067b36d5cc1", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-31 14:57:47 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:57:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:57:47 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:57:47 registered authorizedLoader successfully -2017-08-31 14:57:47 registered authorizedLoader successfully -2017-08-31 14:57:47 inserted tweet 59a807cb8d536067b36d5cc4. -2017-08-31 14:57:47 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-31 14:57:47 -------------------------------------------------------------------------------- -2017-08-31 14:57:47 Request: -User: "tobkle", role: "admin", id: "59a807cb8d536067b36d5cc1", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a807cb8d536067b36d5cc3") { - author { - id - } - body - } -} - -2017-08-31 14:57:47 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:57:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:57:47 registered authorizedLoader successfully -2017-08-31 14:57:47 registered authorizedLoader successfully -2017-08-31 14:57:47 -------------------------------------------------------------------------------- -2017-08-31 14:57:47 Request: -User: "tobkle", role: "admin", id: "59a807cb8d536067b36d5cc1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-31 14:57:47 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:57:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:57:47 registered authorizedLoader successfully -2017-08-31 14:57:47 registered authorizedLoader successfully -2017-08-31 14:57:47 -------------------------------------------------------------------------------- -2017-08-31 14:57:47 Request: -User: "tobkle", role: "admin", id: "59a807cb8d536067b36d5cc1", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59a807cb8d536067b36d5cc3", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-31 14:57:47 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:57:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:57:47 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:57:47 updated tweet 59a807cb8d536067b36d5cc3. -2017-08-31 14:57:47 registered authorizedLoader successfully -2017-08-31 14:57:47 registered authorizedLoader successfully -2017-08-31 14:57:47 -------------------------------------------------------------------------------- -2017-08-31 14:57:47 Request: -User: "tobkle", role: "admin", id: "59a807cb8d536067b36d5cc1", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59a807cb8d536067b36d5cc4", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-31 14:57:47 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:57:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:57:47 updated tweet 59a807cb8d536067b36d5cc4. -2017-08-31 14:57:47 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:57:47 registered authorizedLoader successfully -2017-08-31 14:57:47 registered authorizedLoader successfully -2017-08-31 14:57:47 -------------------------------------------------------------------------------- -2017-08-31 14:57:47 Request: -User: "tobkle", role: "admin", id: "59a807cb8d536067b36d5cc1", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a807cb8d536067b36d5cc3") { - body - } -} - -2017-08-31 14:57:47 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:57:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:57:47 registered authorizedLoader successfully -2017-08-31 14:57:47 registered authorizedLoader successfully -2017-08-31 14:57:47 -------------------------------------------------------------------------------- -2017-08-31 14:57:47 Request: -User: "tobkle", role: "admin", id: "59a807cb8d536067b36d5cc1", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59a807cb8d536067b36d5cc3") -} - -2017-08-31 14:57:47 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:57:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:57:47 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:57:47 removed tweet 59a807cb8d536067b36d5cc3. -2017-08-31 14:57:47 registered authorizedLoader successfully -2017-08-31 14:57:47 registered authorizedLoader successfully -2017-08-31 14:57:47 -------------------------------------------------------------------------------- -2017-08-31 14:57:47 Request: -User: "tobkle", role: "admin", id: "59a807cb8d536067b36d5cc1", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59a807cb8d536067b36d5cc4") -} - -2017-08-31 14:57:47 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:57:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:57:47 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:57:47 removed tweet 59a807cb8d536067b36d5cc4. -2017-08-31 14:57:47 registered authorizedLoader successfully -2017-08-31 14:57:47 registered authorizedLoader successfully -2017-08-31 14:57:48 -------------------------------------------------------------------------------- -2017-08-31 14:57:48 Request: -User: "tobkle", role: "admin", id: "59a807cb8d536067b36d5cc1", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a807cb8d536067b36d5cc3") { - body - } -} - -2017-08-31 14:57:47 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:57:47 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:57:47 registered authorizedLoader successfully -2017-08-31 14:57:47 registered authorizedLoader successfully -2017-08-31 14:57:48 -------------------------------------------------------------------------------- -2017-08-31 14:57:48 Request: -User: "tobkle", role: "admin", id: "59a807cb8d536067b36d5cc1", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59a807cb8d536067b36d5cc1") -} - -2017-08-31 14:57:48 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:57:48 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:57:48 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:57:48 removed user 59a807cb8d536067b36d5cc1. -2017-08-31 14:57:48 registered authorizedLoader successfully -2017-08-31 14:57:48 registered authorizedLoader successfully -2017-08-31 14:57:48 -------------------------------------------------------------------------------- -2017-08-31 14:57:48 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59a807cb8d536067b36d5cc1") { - username - bio - role - } -} - -2017-08-31 14:57:48 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:57:48 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:57:48 ERROR Authorize readOne 'user' with user '' undefined -2017-08-31 14:57:48 registered authorizedLoader successfully -2017-08-31 14:59:16 -------------------------------------------------------------------------------- -2017-08-31 14:59:16 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-31 14:59:16 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:16 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:16 registered authorizedLoader successfully -2017-08-31 14:59:16 registered authorizedLoader successfully -2017-08-31 14:59:37 -------------------------------------------------------------------------------- -2017-08-31 14:59:37 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-31 14:59:37 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 registered authorizedLoader successfully -2017-08-31 14:59:37 registered authorizedLoader successfully -2017-08-31 14:59:37 -------------------------------------------------------------------------------- -2017-08-31 14:59:37 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - role - username - } -} - -2017-08-31 14:59:37 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 registered authorizedLoader successfully -2017-08-31 14:59:37 registered authorizedLoader successfully -2017-08-31 14:59:37 -------------------------------------------------------------------------------- -2017-08-31 14:59:37 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - role - username - } -} - -2017-08-31 14:59:37 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 registered authorizedLoader successfully -2017-08-31 14:59:37 registered authorizedLoader successfully -2017-08-31 14:59:37 -------------------------------------------------------------------------------- -2017-08-31 14:59:37 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca2") { - role - username - } -} - -2017-08-31 14:59:37 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 registered authorizedLoader successfully -2017-08-31 14:59:37 registered authorizedLoader successfully -2017-08-31 14:59:37 -------------------------------------------------------------------------------- -2017-08-31 14:59:37 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - id - username - bio - } -} - -2017-08-31 14:59:37 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 -------------------------------------------------------------------------------- -2017-08-31 14:59:37 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users { - username - createdAt - } -} - -2017-08-31 14:59:37 registered authorizedLoader successfully -2017-08-31 14:59:37 registered authorizedLoader successfully -2017-08-31 14:59:37 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 registered authorizedLoader successfully -2017-08-31 14:59:37 registered authorizedLoader successfully -2017-08-31 14:59:37 -------------------------------------------------------------------------------- -2017-08-31 14:59:37 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(limit: 1) { - username - createdAt - } -} - -2017-08-31 14:59:37 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 registered authorizedLoader successfully -2017-08-31 14:59:37 registered authorizedLoader successfully -2017-08-31 14:59:37 -------------------------------------------------------------------------------- -2017-08-31 14:59:37 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993) { - username - createdAt - } -} - -2017-08-31 14:59:37 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 registered authorizedLoader successfully -2017-08-31 14:59:37 registered authorizedLoader successfully -2017-08-31 14:59:37 -------------------------------------------------------------------------------- -2017-08-31 14:59:37 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } -} - -2017-08-31 14:59:37 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 registered authorizedLoader successfully -2017-08-31 14:59:37 registered authorizedLoader successfully -2017-08-31 14:59:37 -------------------------------------------------------------------------------- -2017-08-31 14:59:37 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers { - username - createdAt - } - } -} - -2017-08-31 14:59:37 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 registered authorizedLoader successfully -2017-08-31 14:59:37 registered authorizedLoader successfully -2017-08-31 14:59:37 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 -------------------------------------------------------------------------------- -2017-08-31 14:59:37 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(limit: 1) { - username - createdAt - } - } -} - -2017-08-31 14:59:37 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 registered authorizedLoader successfully -2017-08-31 14:59:37 registered authorizedLoader successfully -2017-08-31 14:59:37 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 -------------------------------------------------------------------------------- -2017-08-31 14:59:37 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-08-31 14:59:37 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 registered authorizedLoader successfully -2017-08-31 14:59:37 registered authorizedLoader successfully -2017-08-31 14:59:37 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 -------------------------------------------------------------------------------- -2017-08-31 14:59:37 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-08-31 14:59:37 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 registered authorizedLoader successfully -2017-08-31 14:59:37 registered authorizedLoader successfully -2017-08-31 14:59:37 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 -------------------------------------------------------------------------------- -2017-08-31 14:59:37 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following { - username - createdAt - } - } -} - -2017-08-31 14:59:37 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 registered authorizedLoader successfully -2017-08-31 14:59:37 registered authorizedLoader successfully -2017-08-31 14:59:37 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 -------------------------------------------------------------------------------- -2017-08-31 14:59:37 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(limit: 1) { - username - createdAt - } - } -} - -2017-08-31 14:59:37 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 registered authorizedLoader successfully -2017-08-31 14:59:37 registered authorizedLoader successfully -2017-08-31 14:59:37 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 -------------------------------------------------------------------------------- -2017-08-31 14:59:37 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-08-31 14:59:37 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 registered authorizedLoader successfully -2017-08-31 14:59:37 registered authorizedLoader successfully -2017-08-31 14:59:37 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 -------------------------------------------------------------------------------- -2017-08-31 14:59:37 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-08-31 14:59:37 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 registered authorizedLoader successfully -2017-08-31 14:59:37 registered authorizedLoader successfully -2017-08-31 14:59:37 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 -------------------------------------------------------------------------------- -2017-08-31 14:59:37 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets { - id - createdAt - } - } -} - -2017-08-31 14:59:37 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 registered authorizedLoader successfully -2017-08-31 14:59:37 registered authorizedLoader successfully -2017-08-31 14:59:37 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 -------------------------------------------------------------------------------- -2017-08-31 14:59:37 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(limit: 1) { - id - createdAt - } - } -} - -2017-08-31 14:59:37 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 registered authorizedLoader successfully -2017-08-31 14:59:37 registered authorizedLoader successfully -2017-08-31 14:59:37 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 -------------------------------------------------------------------------------- -2017-08-31 14:59:37 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } - } -} - -2017-08-31 14:59:37 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 registered authorizedLoader successfully -2017-08-31 14:59:37 registered authorizedLoader successfully -2017-08-31 14:59:37 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 -------------------------------------------------------------------------------- -2017-08-31 14:59:37 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } - } -} - -2017-08-31 14:59:37 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 registered authorizedLoader successfully -2017-08-31 14:59:37 registered authorizedLoader successfully -2017-08-31 14:59:37 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 -------------------------------------------------------------------------------- -2017-08-31 14:59:37 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked { - id - createdAt - } - } -} - -2017-08-31 14:59:37 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 registered authorizedLoader successfully -2017-08-31 14:59:37 registered authorizedLoader successfully -2017-08-31 14:59:37 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 -------------------------------------------------------------------------------- -2017-08-31 14:59:37 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(limit: 1) { - id - createdAt - } - } -} - -2017-08-31 14:59:37 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:37 registered authorizedLoader successfully -2017-08-31 14:59:37 registered authorizedLoader successfully -2017-08-31 14:59:37 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:38 -------------------------------------------------------------------------------- -2017-08-31 14:59:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334) { - id - createdAt - } - } -} - -2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:38 -------------------------------------------------------------------------------- -2017-08-31 14:59:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334, limit: 1) { - id - createdAt - } - } -} - -2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:38 -------------------------------------------------------------------------------- -2017-08-31 14:59:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - id - body - } -} - -2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:38 -------------------------------------------------------------------------------- -2017-08-31 14:59:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - author { - username - } - } -} - -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 -------------------------------------------------------------------------------- -2017-08-31 14:59:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets { - id - createdAt - } -} - -2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:38 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 -------------------------------------------------------------------------------- -2017-08-31 14:59:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(limit: 1) { - id - createdAt - } -} - -2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:38 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 -------------------------------------------------------------------------------- -2017-08-31 14:59:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } -} - -2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:38 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 -------------------------------------------------------------------------------- -2017-08-31 14:59:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } -} - -2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:38 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 -------------------------------------------------------------------------------- -2017-08-31 14:59:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers { - username - createdAt - } - } -} - -2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:38 -------------------------------------------------------------------------------- -2017-08-31 14:59:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(limit: 1) { - username - createdAt - } - } -} - -2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:38 -------------------------------------------------------------------------------- -2017-08-31 14:59:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993) { - username - createdAt - } - } -} - -2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:38 -------------------------------------------------------------------------------- -2017-08-31 14:59:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } - } -} - -2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:38 -------------------------------------------------------------------------------- -2017-08-31 14:59:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "admin"}) { - id - role - } -} - -2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:38 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-31 14:59:38 inserted user 59a8083a8d536067b36d5cc5. -2017-08-31 14:59:38 -------------------------------------------------------------------------------- -2017-08-31 14:59:38 Request: -User: "tobkle", role: "admin", id: "59a8083a8d536067b36d5cc5", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "zol@gmail.com", password: "password", username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:59:38 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-31 14:59:38 inserted user 59a8083a8d536067b36d5cc6. -2017-08-31 14:59:38 -------------------------------------------------------------------------------- -2017-08-31 14:59:38 Request: -User: "tobkle", role: "admin", id: "59a8083a8d536067b36d5cc5", -Operation: "", variables: "", -Query: -{ - user(id: "59a8083a8d536067b36d5cc6") { - username - bio - role - } -} - -2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 -------------------------------------------------------------------------------- -2017-08-31 14:59:38 Request: -User: "tobkle", role: "admin", id: "59a8083a8d536067b36d5cc5", -Operation: "", variables: "", -Query: -{ - user(id: "59a8083a8d536067b36d5cc5") { - username - role - } -} - -2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 -------------------------------------------------------------------------------- -2017-08-31 14:59:38 Request: -User: "tobkle", role: "admin", id: "59a8083a8d536067b36d5cc5", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a8083a8d536067b36d5cc6", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:59:38 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 updated user 59a8083a8d536067b36d5cc6. -2017-08-31 14:59:38 -------------------------------------------------------------------------------- -2017-08-31 14:59:38 Request: -User: "tobkle", role: "admin", id: "59a8083a8d536067b36d5cc5", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a8083a8d536067b36d5cc5", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:59:38 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 updated user 59a8083a8d536067b36d5cc5. -2017-08-31 14:59:38 -------------------------------------------------------------------------------- -2017-08-31 14:59:38 Request: -User: "tobkle", role: "admin", id: "59a8083a8d536067b36d5cc5", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a8083a8d536067b36d5cc6", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { - username - bio - role - } -} - -2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:59:38 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 updated user 59a8083a8d536067b36d5cc6. -2017-08-31 14:59:38 -------------------------------------------------------------------------------- -2017-08-31 14:59:38 Request: -User: "tobkle", role: "admin", id: "59a8083a8d536067b36d5cc5", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a8083a8d536067b36d5cc5", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:59:38 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 updated user 59a8083a8d536067b36d5cc5. -2017-08-31 14:59:38 -------------------------------------------------------------------------------- -2017-08-31 14:59:38 Request: -User: "tobkle", role: "editor", id: "59a8083a8d536067b36d5cc5", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a8083a8d536067b36d5cc5", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-31 14:59:38 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a8083a8d536067b36d5cc5" - } - ] -} -2017-08-31 14:59:38 updated user 59a8083a8d536067b36d5cc5. -2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a8083a8d536067b36d5cc5" - } - ] -} -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 -------------------------------------------------------------------------------- -2017-08-31 14:59:38 Request: -User: "zoltan", role: "admin", id: "59a8083a8d536067b36d5cc6", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a8083a8d536067b36d5cc5", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'zoltan' and role 'admin' is authorized -2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'zoltan' and role 'admin' is authorized -2017-08-31 14:59:38 Authorize update 'updateUser' with user 'zoltan' and role 'admin' is authorized -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 updated user 59a8083a8d536067b36d5cc5. -2017-08-31 14:59:38 -------------------------------------------------------------------------------- -2017-08-31 14:59:38 Request: -User: "tobkle", role: "admin", id: "59a8083a8d536067b36d5cc5", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59a8083a8d536067b36d5cc6") -} - -2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:59:38 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 removed user 59a8083a8d536067b36d5cc6. -2017-08-31 14:59:38 -------------------------------------------------------------------------------- -2017-08-31 14:59:38 Request: -User: "tobkle", role: "admin", id: "59a8083a8d536067b36d5cc5", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59a8083a8d536067b36d5cc5", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:59:38 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-31 14:59:38 inserted tweet 59a8083a8d536067b36d5cc7. -2017-08-31 14:59:38 -------------------------------------------------------------------------------- -2017-08-31 14:59:38 Request: -User: "tobkle", role: "admin", id: "59a8083a8d536067b36d5cc5", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:59:38 -------------------------------------------------------------------------------- -2017-08-31 14:59:38 Request: -User: "tobkle", role: "admin", id: "59a8083a8d536067b36d5cc5", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a8083a8d536067b36d5cc7") { - author { - id - } - body - } -} - -2017-08-31 14:59:38 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 inserted tweet 59a8083a8d536067b36d5cc8. -2017-08-31 14:59:38 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 -------------------------------------------------------------------------------- -2017-08-31 14:59:38 Request: -User: "tobkle", role: "admin", id: "59a8083a8d536067b36d5cc5", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 -------------------------------------------------------------------------------- -2017-08-31 14:59:38 Request: -User: "tobkle", role: "admin", id: "59a8083a8d536067b36d5cc5", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59a8083a8d536067b36d5cc7", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:59:38 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:59:38 updated tweet 59a8083a8d536067b36d5cc7. -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 -------------------------------------------------------------------------------- -2017-08-31 14:59:38 Request: -User: "tobkle", role: "admin", id: "59a8083a8d536067b36d5cc5", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59a8083a8d536067b36d5cc8", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:59:38 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 updated tweet 59a8083a8d536067b36d5cc8. -2017-08-31 14:59:38 -------------------------------------------------------------------------------- -2017-08-31 14:59:38 Request: -User: "tobkle", role: "admin", id: "59a8083a8d536067b36d5cc5", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a8083a8d536067b36d5cc7") { - body - } -} - -2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 -------------------------------------------------------------------------------- -2017-08-31 14:59:38 Request: -User: "tobkle", role: "admin", id: "59a8083a8d536067b36d5cc5", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59a8083a8d536067b36d5cc7") -} - -2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:59:38 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 removed tweet 59a8083a8d536067b36d5cc7. -2017-08-31 14:59:38 -------------------------------------------------------------------------------- -2017-08-31 14:59:38 Request: -User: "tobkle", role: "admin", id: "59a8083a8d536067b36d5cc5", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59a8083a8d536067b36d5cc8") -} - -2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:59:38 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:59:38 removed tweet 59a8083a8d536067b36d5cc8. -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 -------------------------------------------------------------------------------- -2017-08-31 14:59:38 Request: -User: "tobkle", role: "admin", id: "59a8083a8d536067b36d5cc5", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a8083a8d536067b36d5cc7") { - body - } -} - -2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 -------------------------------------------------------------------------------- -2017-08-31 14:59:38 Request: -User: "tobkle", role: "admin", id: "59a8083a8d536067b36d5cc5", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59a8083a8d536067b36d5cc5") -} - -2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:59:38 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 removed user 59a8083a8d536067b36d5cc5. -2017-08-31 14:59:38 -------------------------------------------------------------------------------- -2017-08-31 14:59:38 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59a8083a8d536067b36d5cc5") { - username - bio - role - } -} - -2017-08-31 14:59:38 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:59:38 ERROR Authorize readOne 'user' with user '' undefined -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 -------------------------------------------------------------------------------- -2017-08-31 14:59:38 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "admin"}) { - id - } -} - -2017-08-31 14:59:38 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-31 14:59:38 -------------------------------------------------------------------------------- -2017-08-31 14:59:38 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-31 14:59:38 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:59:38 ERROR Authorize readOne 'user' with user '' undefined -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 -------------------------------------------------------------------------------- -2017-08-31 14:59:38 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-31 14:59:38 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:59:38 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 -------------------------------------------------------------------------------- -2017-08-31 14:59:38 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-31 14:59:38 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:59:38 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 -------------------------------------------------------------------------------- -2017-08-31 14:59:38 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-31 14:59:38 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 -------------------------------------------------------------------------------- -2017-08-31 14:59:38 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-31 14:59:38 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:59:38 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 -------------------------------------------------------------------------------- -2017-08-31 14:59:38 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-31 14:59:38 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 ERROR Authorize readOne 'tweet author' with user '' undefined -2017-08-31 14:59:38 -------------------------------------------------------------------------------- -2017-08-31 14:59:38 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-31 14:59:38 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:59:38 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 -------------------------------------------------------------------------------- -2017-08-31 14:59:38 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-31 14:59:38 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:59:38 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 -------------------------------------------------------------------------------- -2017-08-31 14:59:38 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-31 14:59:38 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:59:38 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 -------------------------------------------------------------------------------- -2017-08-31 14:59:38 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "user"}) { - id - role - } -} - -2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:38 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-31 14:59:38 inserted user 59a8083a8d536067b36d5cc9. -2017-08-31 14:59:38 -------------------------------------------------------------------------------- -2017-08-31 14:59:38 Request: -User: "tobkle", role: "user", id: "59a8083a8d536067b36d5cc9", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "zol@gmail.com", password: "password", username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:38 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-31 14:59:38 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a8083a8d536067b36d5cc9" - } - ] -} -2017-08-31 14:59:38 registered authorizedLoader successfully -2017-08-31 14:59:39 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. -2017-08-31 14:59:39 -------------------------------------------------------------------------------- -2017-08-31 14:59:39 Request: -User: "tobkle", role: "user", id: "59a8083a8d536067b36d5cc9", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a8083a8d536067b36d5cc9" - } - ] -} -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 -------------------------------------------------------------------------------- -2017-08-31 14:59:39 Request: -User: "tobkle", role: "user", id: "59a8083a8d536067b36d5cc9", -Operation: "", variables: "", -Query: -{ - user(id: "59a8083a8d536067b36d5cc9") { - username - } -} - -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a8083a8d536067b36d5cc9" - } - ] -} -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 -------------------------------------------------------------------------------- -2017-08-31 14:59:39 Request: -User: "tobkle", role: "user", id: "59a8083a8d536067b36d5cc9", -Operation: "", variables: "", -Query: -{ - user(id: "59a8083a8d536067b36d5cc9") { - username - role - } -} - -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a8083a8d536067b36d5cc9" - } - ] -} -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 -------------------------------------------------------------------------------- -2017-08-31 14:59:39 Request: -User: "tobkle", role: "user", id: "59a8083a8d536067b36d5cc9", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-31 14:59:39 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a8083a8d536067b36d5cc9" - } - ] -} -2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a8083a8d536067b36d5cc9" - } - ] -} -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 -------------------------------------------------------------------------------- -2017-08-31 14:59:39 Request: -User: "tobkle", role: "user", id: "59a8083a8d536067b36d5cc9", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a8083a8d536067b36d5cc9", input: {username: "tobkle", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-31 14:59:39 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a8083a8d536067b36d5cc9" - } - ] -} -2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a8083a8d536067b36d5cc9" - } - ] -} -2017-08-31 14:59:39 updated user 59a8083a8d536067b36d5cc9. -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 -------------------------------------------------------------------------------- -2017-08-31 14:59:39 Request: -User: "tobkle", role: "user", id: "59a8083a8d536067b36d5cc9", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a8083a8d536067b36d5cc9", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-31 14:59:39 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a8083a8d536067b36d5cc9" - } - ] -} -2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a8083a8d536067b36d5cc9" - } - ] -} -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 updated user 59a8083a8d536067b36d5cc9. -2017-08-31 14:59:39 -------------------------------------------------------------------------------- -2017-08-31 14:59:39 Request: -User: "tobkle", role: "user", id: "59a8083a8d536067b36d5cc9", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-31 14:59:39 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a8083a8d536067b36d5cc9" - } - ] -} -2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a8083a8d536067b36d5cc9" - } - ] -} -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 -------------------------------------------------------------------------------- -2017-08-31 14:59:39 Request: -User: "tobkle", role: "user", id: "59a8083a8d536067b36d5cc9", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59a8083a8d536067b36d5cc9", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-31 14:59:39 inserted tweet 59a8083b8d536067b36d5cca. -2017-08-31 14:59:39 Authorize create 'createTweet' with user 'tobkle' and role: 'user' is authorized by docRole. -2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a8083a8d536067b36d5cc9" - } - ] -} -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 -------------------------------------------------------------------------------- -2017-08-31 14:59:39 Request: -User: "tobkle", role: "user", id: "59a8083a8d536067b36d5cc9", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-31 14:59:39 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. -2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a8083a8d536067b36d5cc9" - } - ] -} -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 -------------------------------------------------------------------------------- -2017-08-31 14:59:39 Request: -User: "tobkle", role: "user", id: "59a8083a8d536067b36d5cc9", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a8083b8d536067b36d5cca") { - author { - id - } - body - } -} - -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a8083a8d536067b36d5cc9" - } - ] -} -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 -------------------------------------------------------------------------------- -2017-08-31 14:59:39 Request: -User: "tobkle", role: "user", id: "59a8083a8d536067b36d5cc9", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a8083a8d536067b36d5cc9" - } - ] -} -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 -------------------------------------------------------------------------------- -2017-08-31 14:59:39 Request: -User: "tobkle", role: "user", id: "59a8083a8d536067b36d5cc9", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59a8083b8d536067b36d5cca", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-31 14:59:39 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59a8083a8d536067b36d5cc9" - }, - { - "coauthorsIds": "59a8083a8d536067b36d5cc9" - } - ] -} -2017-08-31 14:59:39 updated tweet 59a8083b8d536067b36d5cca. -2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a8083a8d536067b36d5cc9" - } - ] -} -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 -------------------------------------------------------------------------------- -2017-08-31 14:59:39 Request: -User: "tobkle", role: "user", id: "59a8083a8d536067b36d5cc9", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-31 14:59:39 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59a8083a8d536067b36d5cc9" - }, - { - "coauthorsIds": "59a8083a8d536067b36d5cc9" - } - ] -} -2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a8083a8d536067b36d5cc9" - } - ] -} -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 -------------------------------------------------------------------------------- -2017-08-31 14:59:39 Request: -User: "tobkle", role: "user", id: "59a8083a8d536067b36d5cc9", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a8083b8d536067b36d5cca") { - body - } -} - -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a8083a8d536067b36d5cc9" - } - ] -} -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 -------------------------------------------------------------------------------- -2017-08-31 14:59:39 Request: -User: "tobkle", role: "user", id: "59a8083a8d536067b36d5cc9", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59a8083b8d536067b36d5cca") -} - -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-31 14:59:39 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59a8083a8d536067b36d5cc9" - } - ] -} -2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a8083a8d536067b36d5cc9" - } - ] -} -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 removed tweet 59a8083b8d536067b36d5cca. -2017-08-31 14:59:39 -------------------------------------------------------------------------------- -2017-08-31 14:59:39 Request: -User: "tobkle", role: "user", id: "59a8083a8d536067b36d5cc9", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-31 14:59:39 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59a8083a8d536067b36d5cc9" - } - ] -} -2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a8083a8d536067b36d5cc9" - } - ] -} -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 -------------------------------------------------------------------------------- -2017-08-31 14:59:39 Request: -User: "tobkle", role: "user", id: "59a8083a8d536067b36d5cc9", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a8083b8d536067b36d5cca") { - body - } -} - -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a8083a8d536067b36d5cc9" - } - ] -} -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 -------------------------------------------------------------------------------- -2017-08-31 14:59:39 Request: -User: "tobkle", role: "user", id: "59a8083a8d536067b36d5cc9", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59a8083a8d536067b36d5cc9") -} - -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-31 14:59:39 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a8083a8d536067b36d5cc9" - } - ] -} -2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a8083a8d536067b36d5cc9" - } - ] -} -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 removed user 59a8083a8d536067b36d5cc9. -2017-08-31 14:59:39 -------------------------------------------------------------------------------- -2017-08-31 14:59:39 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59a8083a8d536067b36d5cc9") { - username - bio - role - } -} - -2017-08-31 14:59:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:59:39 ERROR Authorize readOne 'user' with user '' undefined -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 -------------------------------------------------------------------------------- -2017-08-31 14:59:39 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "editor"}) { - id - role - } -} - -2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-31 14:59:39 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-31 14:59:39 inserted user 59a8083b8d536067b36d5ccb. -2017-08-31 14:59:39 -------------------------------------------------------------------------------- -2017-08-31 14:59:39 Request: -User: "tobkle", role: "editor", id: "59a8083b8d536067b36d5ccb", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "zol@gmail.com", password: "password", username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a8083b8d536067b36d5ccb" - } - ] -} -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. -2017-08-31 14:59:39 -------------------------------------------------------------------------------- -2017-08-31 14:59:39 Request: -User: "tobkle", role: "editor", id: "59a8083b8d536067b36d5ccb", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a8083b8d536067b36d5ccb" - } - ] -} -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 -------------------------------------------------------------------------------- -2017-08-31 14:59:39 Request: -User: "tobkle", role: "editor", id: "59a8083b8d536067b36d5ccb", -Operation: "", variables: "", -Query: -{ - user(id: "59a8083b8d536067b36d5ccb") { - username - role - } -} - -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a8083b8d536067b36d5ccb" - } - ] -} -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 -------------------------------------------------------------------------------- -2017-08-31 14:59:39 Request: -User: "tobkle", role: "editor", id: "59a8083b8d536067b36d5ccb", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-31 14:59:39 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a8083b8d536067b36d5ccb" - } - ] -} -2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a8083b8d536067b36d5ccb" - } - ] -} -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 -------------------------------------------------------------------------------- -2017-08-31 14:59:39 Request: -User: "tobkle", role: "editor", id: "59a8083b8d536067b36d5ccb", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a8083b8d536067b36d5ccb", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-31 14:59:39 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a8083b8d536067b36d5ccb" - } - ] -} -2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a8083b8d536067b36d5ccb" - } - ] -} -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 updated user 59a8083b8d536067b36d5ccb. -2017-08-31 14:59:39 -------------------------------------------------------------------------------- -2017-08-31 14:59:39 Request: -User: "tmeasday", role: "editor", id: "59a8083b8d536067b36d5ccb", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a8083b8d536067b36d5ccb", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-31 14:59:39 updated user 59a8083b8d536067b36d5ccb. -2017-08-31 14:59:39 Authorize update 'updateUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a8083b8d536067b36d5ccb" - } - ] -} -2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a8083b8d536067b36d5ccb" - } - ] -} -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 -------------------------------------------------------------------------------- -2017-08-31 14:59:39 Request: -User: "tmeasday", role: "editor", id: "59a8083b8d536067b36d5ccb", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-31 14:59:39 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a8083b8d536067b36d5ccb" - } - ] -} -2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a8083b8d536067b36d5ccb" - } - ] -} -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 -------------------------------------------------------------------------------- -2017-08-31 14:59:39 Request: -User: "tmeasday", role: "editor", id: "59a8083b8d536067b36d5ccb", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59a8083b8d536067b36d5ccb", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-31 14:59:39 Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is authorized by docRole. -2017-08-31 14:59:39 inserted tweet 59a8083b8d536067b36d5ccc. -2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a8083b8d536067b36d5ccb" - } - ] -} -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 -------------------------------------------------------------------------------- -2017-08-31 14:59:39 Request: -User: "tmeasday", role: "editor", id: "59a8083b8d536067b36d5ccb", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-31 14:59:39 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. -2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a8083b8d536067b36d5ccb" - } - ] -} -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 -------------------------------------------------------------------------------- -2017-08-31 14:59:39 Request: -User: "tmeasday", role: "editor", id: "59a8083b8d536067b36d5ccb", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a8083b8d536067b36d5ccc") { - author { - id - } - body - } -} - -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a8083b8d536067b36d5ccb" - } - ] -} -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 -------------------------------------------------------------------------------- -2017-08-31 14:59:39 Request: -User: "tmeasday", role: "editor", id: "59a8083b8d536067b36d5ccb", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a8083b8d536067b36d5ccb" - } - ] -} -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 -------------------------------------------------------------------------------- -2017-08-31 14:59:39 Request: -User: "tmeasday", role: "editor", id: "59a8083b8d536067b36d5ccb", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59a8083b8d536067b36d5ccc", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-31 14:59:39 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "59a8083b8d536067b36d5ccb" - }, - { - "coauthorsIds": "59a8083b8d536067b36d5ccb" - } - ] -} -2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a8083b8d536067b36d5ccb" - } - ] -} -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 updated tweet 59a8083b8d536067b36d5ccc. -2017-08-31 14:59:39 -------------------------------------------------------------------------------- -2017-08-31 14:59:39 Request: -User: "tmeasday", role: "editor", id: "59a8083b8d536067b36d5ccb", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-31 14:59:39 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "59a8083b8d536067b36d5ccb" - }, - { - "coauthorsIds": "59a8083b8d536067b36d5ccb" - } - ] -} -2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a8083b8d536067b36d5ccb" - } - ] -} -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 -------------------------------------------------------------------------------- -2017-08-31 14:59:39 Request: -User: "tmeasday", role: "editor", id: "59a8083b8d536067b36d5ccb", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a8083b8d536067b36d5ccc") { - body - } -} - -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a8083b8d536067b36d5ccb" - } - ] -} -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 -------------------------------------------------------------------------------- -2017-08-31 14:59:39 Request: -User: "tmeasday", role: "editor", id: "59a8083b8d536067b36d5ccb", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59a8083b8d536067b36d5ccc") -} - -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-31 14:59:39 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "59a8083b8d536067b36d5ccb" - } - ] -} -2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a8083b8d536067b36d5ccb" - } - ] -} -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 removed tweet 59a8083b8d536067b36d5ccc. -2017-08-31 14:59:39 -------------------------------------------------------------------------------- -2017-08-31 14:59:39 Request: -User: "tmeasday", role: "editor", id: "59a8083b8d536067b36d5ccb", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-31 14:59:39 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "59a8083b8d536067b36d5ccb" - } - ] -} -2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a8083b8d536067b36d5ccb" - } - ] -} -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 -------------------------------------------------------------------------------- -2017-08-31 14:59:39 Request: -User: "tmeasday", role: "editor", id: "59a8083b8d536067b36d5ccb", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a8083b8d536067b36d5ccc") { - body - } -} - -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a8083b8d536067b36d5ccb" - } - ] -} -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 -------------------------------------------------------------------------------- -2017-08-31 14:59:39 Request: -User: "tmeasday", role: "editor", id: "59a8083b8d536067b36d5ccb", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59a8083b8d536067b36d5ccb") -} - -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-31 14:59:39 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a8083b8d536067b36d5ccb" - } - ] -} -2017-08-31 14:59:39 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a8083b8d536067b36d5ccb" - } - ] -} -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 14:59:39 removed user 59a8083b8d536067b36d5ccb. -2017-08-31 14:59:39 -------------------------------------------------------------------------------- -2017-08-31 14:59:39 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59a8083b8d536067b36d5ccb") { - username - bio - role - } -} - -2017-08-31 14:59:39 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 14:59:39 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 14:59:39 ERROR Authorize readOne 'user' with user '' undefined -2017-08-31 14:59:39 registered authorizedLoader successfully -2017-08-31 15:03:25 -------------------------------------------------------------------------------- -2017-08-31 15:03:25 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -query IntrospectionQuery { - __schema { - queryType { - name - } - mutationType { - name - } - subscriptionType { - name - } - types { - ...FullType - } - directives { - name - description - locations - args { - ...InputValue - } - } - } -} - -fragment FullType on __Type { - kind - name - description - fields(includeDeprecated: true) { - name - description - args { - ...InputValue - } - type { - ...TypeRef - } - isDeprecated - deprecationReason - } - inputFields { - ...InputValue - } - interfaces { - ...TypeRef - } - enumValues(includeDeprecated: true) { - name - description - isDeprecated - deprecationReason - } - possibleTypes { - ...TypeRef - } -} - -fragment InputValue on __InputValue { - name - description - type { - ...TypeRef - } - defaultValue -} - -fragment TypeRef on __Type { - kind - name - ofType { - kind - name - ofType { - kind - name - ofType { - kind - name - ofType { - kind - name - ofType { - kind - name - ofType { - kind - name - ofType { - kind - name - } - } - } - } - } - } - } -} - -2017-08-31 15:03:25 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 15:03:25 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 15:03:25 registered authorizedLoader successfully -2017-08-31 15:03:26 -------------------------------------------------------------------------------- -2017-08-31 15:03:26 Request: -User: "", role: "", id: "", -Operation: "", variables: "{}", -Query: -{ - tweets { - id - } -} - -2017-08-31 15:03:26 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 15:03:26 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 15:03:26 Authorize readMany 'tweets' with user '' and role '' is authorized -2017-08-31 15:03:26 registered authorizedLoader successfully -2017-08-31 15:12:53 Logger started -2017-08-31 15:14:30 Logger started -2017-08-31 15:22:58 Logger started -2017-08-31 15:36:48 Logger started -2017-08-31 15:36:59 -------------------------------------------------------------------------------- -2017-08-31 15:36:59 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-31 15:36:59 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:36:59 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:36:59 registered authorizedLoader successfully -2017-08-31 15:36:59 registered authorizedLoader successfully -2017-08-31 15:37:21 -------------------------------------------------------------------------------- -2017-08-31 15:37:21 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - __schema { - queryType { - name - } - } -} - -2017-08-31 15:37:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:21 registered authorizedLoader successfully -2017-08-31 15:37:21 registered authorizedLoader successfully -2017-08-31 15:37:21 -------------------------------------------------------------------------------- -2017-08-31 15:37:21 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - role - username - } -} - -2017-08-31 15:37:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:21 registered authorizedLoader successfully -2017-08-31 15:37:21 registered authorizedLoader successfully -2017-08-31 15:37:21 -------------------------------------------------------------------------------- -2017-08-31 15:37:21 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - role - username - } -} - -2017-08-31 15:37:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:21 registered authorizedLoader successfully -2017-08-31 15:37:21 registered authorizedLoader successfully -2017-08-31 15:37:21 -------------------------------------------------------------------------------- -2017-08-31 15:37:21 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca2") { - role - username - } -} - -2017-08-31 15:37:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:21 registered authorizedLoader successfully -2017-08-31 15:37:21 registered authorizedLoader successfully -2017-08-31 15:37:21 -------------------------------------------------------------------------------- -2017-08-31 15:37:21 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - id - username - bio - } -} - -2017-08-31 15:37:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:21 registered authorizedLoader successfully -2017-08-31 15:37:21 registered authorizedLoader successfully -2017-08-31 15:37:21 -------------------------------------------------------------------------------- -2017-08-31 15:37:21 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users { - username - createdAt - } -} - -2017-08-31 15:37:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:21 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:21 registered authorizedLoader successfully -2017-08-31 15:37:21 registered authorizedLoader successfully -2017-08-31 15:37:21 -------------------------------------------------------------------------------- -2017-08-31 15:37:21 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(limit: 1) { - username - createdAt - } -} - -2017-08-31 15:37:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:21 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:21 registered authorizedLoader successfully -2017-08-31 15:37:21 registered authorizedLoader successfully -2017-08-31 15:37:21 -------------------------------------------------------------------------------- -2017-08-31 15:37:21 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993) { - username - createdAt - } -} - -2017-08-31 15:37:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:21 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:21 registered authorizedLoader successfully -2017-08-31 15:37:21 registered authorizedLoader successfully -2017-08-31 15:37:21 -------------------------------------------------------------------------------- -2017-08-31 15:37:21 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - users(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } -} - -2017-08-31 15:37:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:21 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:21 registered authorizedLoader successfully -2017-08-31 15:37:21 registered authorizedLoader successfully -2017-08-31 15:37:21 -------------------------------------------------------------------------------- -2017-08-31 15:37:21 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers { - username - createdAt - } - } -} - -2017-08-31 15:37:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:21 registered authorizedLoader successfully -2017-08-31 15:37:21 registered authorizedLoader successfully -2017-08-31 15:37:21 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:21 -------------------------------------------------------------------------------- -2017-08-31 15:37:21 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(limit: 1) { - username - createdAt - } - } -} - -2017-08-31 15:37:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:21 registered authorizedLoader successfully -2017-08-31 15:37:21 registered authorizedLoader successfully -2017-08-31 15:37:21 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:21 -------------------------------------------------------------------------------- -2017-08-31 15:37:21 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-08-31 15:37:21 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:21 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:21 registered authorizedLoader successfully -2017-08-31 15:37:21 registered authorizedLoader successfully -2017-08-31 15:37:22 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - followers(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following { - username - createdAt - } - } -} - -2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(limit: 1) { - username - createdAt - } - } -} - -2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993) { - username - createdAt - } - } -} - -2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - following(lastCreatedAt: 1479776905993, limit: 1) { - username - createdAt - } - } -} - -2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets { - id - createdAt - } - } -} - -2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(limit: 1) { - id - createdAt - } - } -} - -2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } - } -} - -2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } - } -} - -2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked { - id - createdAt - } - } -} - -2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(limit: 1) { - id - createdAt - } - } -} - -2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334) { - id - createdAt - } - } -} - -2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca0") { - liked(lastCreatedAt: 1479964371334, limit: 1) { - id - createdAt - } - } -} - -2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - id - body - } -} - -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e351") { - author { - username - } - } -} - -2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets { - id - createdAt - } -} - -2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(limit: 1) { - id - createdAt - } -} - -2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853) { - id - createdAt - } -} - -2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweets(lastCreatedAt: 1479964340853, limit: 1) { - id - createdAt - } -} - -2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers { - username - createdAt - } - } -} - -2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(limit: 1) { - username - createdAt - } - } -} - -2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993) { - username - createdAt - } - } -} - -2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e353") { - likers(lastCreatedAt: 1479776904993, limit: 1) { - username - createdAt - } - } -} - -2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "admin"}) { - id - role - } -} - -2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-31 15:37:22 inserted user 59a811126bffa16d859c767c. -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "tobkle", role: "admin", id: "59a811126bffa16d859c767c", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "zol@gmail.com", password: "password", username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-31 15:37:22 inserted user 59a811126bffa16d859c767d. -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "tobkle", role: "admin", id: "59a811126bffa16d859c767c", -Operation: "", variables: "", -Query: -{ - user(id: "59a811126bffa16d859c767d") { - username - bio - role - } -} - -2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "tobkle", role: "admin", id: "59a811126bffa16d859c767c", -Operation: "", variables: "", -Query: -{ - user(id: "59a811126bffa16d859c767c") { - username - role - } -} - -2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "tobkle", role: "admin", id: "59a811126bffa16d859c767c", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a811126bffa16d859c767d", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-31 15:37:22 updated user 59a811126bffa16d859c767d. -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "tobkle", role: "admin", id: "59a811126bffa16d859c767c", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a811126bffa16d859c767c", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 updated user 59a811126bffa16d859c767c. -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "tobkle", role: "admin", id: "59a811126bffa16d859c767c", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a811126bffa16d859c767d", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { - username - bio - role - } -} - -2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-31 15:37:22 updated user 59a811126bffa16d859c767d. -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "tobkle", role: "admin", id: "59a811126bffa16d859c767c", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a811126bffa16d859c767c", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { - username - bio - role - } -} - -2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 updated user 59a811126bffa16d859c767c. -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "tobkle", role: "editor", id: "59a811126bffa16d859c767c", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a811126bffa16d859c767c", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-31 15:37:22 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a811126bffa16d859c767c" - } - ] -} -2017-08-31 15:37:22 updated user 59a811126bffa16d859c767c. -2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a811126bffa16d859c767c" - } - ] -} -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "zoltan", role: "admin", id: "59a811126bffa16d859c767d", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a811126bffa16d859c767c", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'zoltan' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'zoltan' and role 'admin' is authorized -2017-08-31 15:37:22 updated user 59a811126bffa16d859c767c. -2017-08-31 15:37:22 Authorize update 'updateUser' with user 'zoltan' and role 'admin' is authorized -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "tobkle", role: "admin", id: "59a811126bffa16d859c767c", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59a811126bffa16d859c767d") -} - -2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-31 15:37:22 removed user 59a811126bffa16d859c767d. -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "tobkle", role: "admin", id: "59a811126bffa16d859c767c", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59a811126bffa16d859c767c", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-31 15:37:22 inserted tweet 59a811126bffa16d859c767e. -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "tobkle", role: "admin", id: "59a811126bffa16d859c767c", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "tobkle", role: "admin", id: "59a811126bffa16d859c767c", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a811126bffa16d859c767e") { - author { - id - } - body - } -} - -2017-08-31 15:37:22 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 inserted tweet 59a811126bffa16d859c767f. -2017-08-31 15:37:22 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. -2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "tobkle", role: "admin", id: "59a811126bffa16d859c767c", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "tobkle", role: "admin", id: "59a811126bffa16d859c767c", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59a811126bffa16d859c767e", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-31 15:37:22 updated tweet 59a811126bffa16d859c767e. -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "tobkle", role: "admin", id: "59a811126bffa16d859c767c", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59a811126bffa16d859c767f", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-31 15:37:22 updated tweet 59a811126bffa16d859c767f. -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "tobkle", role: "admin", id: "59a811126bffa16d859c767c", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a811126bffa16d859c767e") { - body - } -} - -2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "tobkle", role: "admin", id: "59a811126bffa16d859c767c", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59a811126bffa16d859c767e") -} - -2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 removed tweet 59a811126bffa16d859c767e. -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "tobkle", role: "admin", id: "59a811126bffa16d859c767c", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59a811126bffa16d859c767f") -} - -2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized -2017-08-31 15:37:22 removed tweet 59a811126bffa16d859c767f. -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "tobkle", role: "admin", id: "59a811126bffa16d859c767c", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a811126bffa16d859c767e") { - body - } -} - -2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "tobkle", role: "admin", id: "59a811126bffa16d859c767c", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59a811126bffa16d859c767c") -} - -2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized -2017-08-31 15:37:22 removed user 59a811126bffa16d859c767c. -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59a811126bffa16d859c767c") { - username - bio - role - } -} - -2017-08-31 15:37:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 15:37:22 ERROR Authorize readOne 'user' with user '' not authorized -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "admin"}) { - id - } -} - -2017-08-31 15:37:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-31 15:37:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 15:37:22 ERROR Authorize readOne 'user' with user '' not authorized -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-31 15:37:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 15:37:22 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-31 15:37:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 15:37:22 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-31 15:37:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-31 15:37:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 15:37:22 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-31 15:37:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 ERROR Authorize readOne 'tweet author' with user '' not authorized -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-31 15:37:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 15:37:22 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-31 15:37:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 15:37:22 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-31 15:37:22 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 15:37:22 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "user"}) { - id - role - } -} - -2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:22 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-31 15:37:22 inserted user 59a811126bffa16d859c7680. -2017-08-31 15:37:22 -------------------------------------------------------------------------------- -2017-08-31 15:37:22 Request: -User: "tobkle", role: "user", id: "59a811126bffa16d859c7680", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "zol@gmail.com", password: "password", username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:22 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-31 15:37:22 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a811126bffa16d859c7680" - } - ] -} -2017-08-31 15:37:22 registered authorizedLoader successfully -2017-08-31 15:37:23 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. -2017-08-31 15:37:23 -------------------------------------------------------------------------------- -2017-08-31 15:37:23 Request: -User: "tobkle", role: "user", id: "59a811126bffa16d859c7680", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a811126bffa16d859c7680" - } - ] -} -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 -------------------------------------------------------------------------------- -2017-08-31 15:37:23 Request: -User: "tobkle", role: "user", id: "59a811126bffa16d859c7680", -Operation: "", variables: "", -Query: -{ - user(id: "59a811126bffa16d859c7680") { - username - } -} - -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a811126bffa16d859c7680" - } - ] -} -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 -------------------------------------------------------------------------------- -2017-08-31 15:37:23 Request: -User: "tobkle", role: "user", id: "59a811126bffa16d859c7680", -Operation: "", variables: "", -Query: -{ - user(id: "59a811126bffa16d859c7680") { - username - role - } -} - -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a811126bffa16d859c7680" - } - ] -} -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 -------------------------------------------------------------------------------- -2017-08-31 15:37:23 Request: -User: "tobkle", role: "user", id: "59a811126bffa16d859c7680", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-31 15:37:23 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a811126bffa16d859c7680" - } - ] -} -2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a811126bffa16d859c7680" - } - ] -} -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 -------------------------------------------------------------------------------- -2017-08-31 15:37:23 Request: -User: "tobkle", role: "user", id: "59a811126bffa16d859c7680", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a811126bffa16d859c7680", input: {username: "tobkle", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-31 15:37:23 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a811126bffa16d859c7680" - } - ] -} -2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a811126bffa16d859c7680" - } - ] -} -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 updated user 59a811126bffa16d859c7680. -2017-08-31 15:37:23 -------------------------------------------------------------------------------- -2017-08-31 15:37:23 Request: -User: "tobkle", role: "user", id: "59a811126bffa16d859c7680", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a811126bffa16d859c7680", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-31 15:37:23 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a811126bffa16d859c7680" - } - ] -} -2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a811126bffa16d859c7680" - } - ] -} -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 updated user 59a811126bffa16d859c7680. -2017-08-31 15:37:23 -------------------------------------------------------------------------------- -2017-08-31 15:37:23 Request: -User: "tobkle", role: "user", id: "59a811126bffa16d859c7680", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-31 15:37:23 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a811126bffa16d859c7680" - } - ] -} -2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a811126bffa16d859c7680" - } - ] -} -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 -------------------------------------------------------------------------------- -2017-08-31 15:37:23 Request: -User: "tobkle", role: "user", id: "59a811126bffa16d859c7680", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59a811126bffa16d859c7680", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-31 15:37:23 Authorize create 'createTweet' with user 'tobkle' and role: 'user' is authorized by docRole. -2017-08-31 15:37:23 inserted tweet 59a811136bffa16d859c7681. -2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a811126bffa16d859c7680" - } - ] -} -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 -------------------------------------------------------------------------------- -2017-08-31 15:37:23 Request: -User: "tobkle", role: "user", id: "59a811126bffa16d859c7680", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-31 15:37:23 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. -2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a811126bffa16d859c7680" - } - ] -} -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 -------------------------------------------------------------------------------- -2017-08-31 15:37:23 Request: -User: "tobkle", role: "user", id: "59a811126bffa16d859c7680", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a811136bffa16d859c7681") { - author { - id - } - body - } -} - -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a811126bffa16d859c7680" - } - ] -} -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 -------------------------------------------------------------------------------- -2017-08-31 15:37:23 Request: -User: "tobkle", role: "user", id: "59a811126bffa16d859c7680", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a811126bffa16d859c7680" - } - ] -} -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 -------------------------------------------------------------------------------- -2017-08-31 15:37:23 Request: -User: "tobkle", role: "user", id: "59a811126bffa16d859c7680", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59a811136bffa16d859c7681", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-31 15:37:23 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59a811126bffa16d859c7680" - }, - { - "coauthorsIds": "59a811126bffa16d859c7680" - } - ] -} -2017-08-31 15:37:23 updated tweet 59a811136bffa16d859c7681. -2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a811126bffa16d859c7680" - } - ] -} -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 -------------------------------------------------------------------------------- -2017-08-31 15:37:23 Request: -User: "tobkle", role: "user", id: "59a811126bffa16d859c7680", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-31 15:37:23 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59a811126bffa16d859c7680" - }, - { - "coauthorsIds": "59a811126bffa16d859c7680" - } - ] -} -2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a811126bffa16d859c7680" - } - ] -} -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 -------------------------------------------------------------------------------- -2017-08-31 15:37:23 Request: -User: "tobkle", role: "user", id: "59a811126bffa16d859c7680", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a811136bffa16d859c7681") { - body - } -} - -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a811126bffa16d859c7680" - } - ] -} -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 -------------------------------------------------------------------------------- -2017-08-31 15:37:23 Request: -User: "tobkle", role: "user", id: "59a811126bffa16d859c7680", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59a811136bffa16d859c7681") -} - -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-31 15:37:23 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59a811126bffa16d859c7680" - } - ] -} -2017-08-31 15:37:23 removed tweet 59a811136bffa16d859c7681. -2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a811126bffa16d859c7680" - } - ] -} -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 -------------------------------------------------------------------------------- -2017-08-31 15:37:23 Request: -User: "tobkle", role: "user", id: "59a811126bffa16d859c7680", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-31 15:37:23 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "authorId": "59a811126bffa16d859c7680" - } - ] -} -2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a811126bffa16d859c7680" - } - ] -} -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 -------------------------------------------------------------------------------- -2017-08-31 15:37:23 Request: -User: "tobkle", role: "user", id: "59a811126bffa16d859c7680", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a811136bffa16d859c7681") { - body - } -} - -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a811126bffa16d859c7680" - } - ] -} -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 -------------------------------------------------------------------------------- -2017-08-31 15:37:23 Request: -User: "tobkle", role: "user", id: "59a811126bffa16d859c7680", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59a811126bffa16d859c7680") -} - -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized -2017-08-31 15:37:23 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a811126bffa16d859c7680" - } - ] -} -2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with - authQuery: { - "$or": [ - { - "_id": "59a811126bffa16d859c7680" - } - ] -} -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 removed user 59a811126bffa16d859c7680. -2017-08-31 15:37:23 -------------------------------------------------------------------------------- -2017-08-31 15:37:23 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59a811126bffa16d859c7680") { - username - bio - role - } -} - -2017-08-31 15:37:23 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 15:37:23 ERROR Authorize readOne 'user' with user '' not authorized -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 -------------------------------------------------------------------------------- -2017-08-31 15:37:23 Request: -User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "editor"}) { - id - role - } -} - -2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized -2017-08-31 15:37:23 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. -2017-08-31 15:37:23 inserted user 59a811136bffa16d859c7682. -2017-08-31 15:37:23 -------------------------------------------------------------------------------- -2017-08-31 15:37:23 Request: -User: "tobkle", role: "editor", id: "59a811136bffa16d859c7682", -Operation: "", variables: "", -Query: -mutation { - createUser(input: {email: "zol@gmail.com", password: "password", username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { - id - } -} - -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a811136bffa16d859c7682" - } - ] -} -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. -2017-08-31 15:37:23 -------------------------------------------------------------------------------- -2017-08-31 15:37:23 Request: -User: "tobkle", role: "editor", id: "59a811136bffa16d859c7682", -Operation: "", variables: "", -Query: -{ - user(id: "583291a1638566b3c5a92ca1") { - username - bio - role - } -} - -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a811136bffa16d859c7682" - } - ] -} -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 -------------------------------------------------------------------------------- -2017-08-31 15:37:23 Request: -User: "tobkle", role: "editor", id: "59a811136bffa16d859c7682", -Operation: "", variables: "", -Query: -{ - user(id: "59a811136bffa16d859c7682") { - username - role - } -} - -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a811136bffa16d859c7682" - } - ] -} -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 -------------------------------------------------------------------------------- -2017-08-31 15:37:23 Request: -User: "tobkle", role: "editor", id: "59a811136bffa16d859c7682", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-31 15:37:23 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a811136bffa16d859c7682" - } - ] -} -2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a811136bffa16d859c7682" - } - ] -} -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 -------------------------------------------------------------------------------- -2017-08-31 15:37:23 Request: -User: "tobkle", role: "editor", id: "59a811136bffa16d859c7682", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a811136bffa16d859c7682", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { - username - bio - } -} - -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized -2017-08-31 15:37:23 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a811136bffa16d859c7682" - } - ] -} -2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a811136bffa16d859c7682" - } - ] -} -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 updated user 59a811136bffa16d859c7682. -2017-08-31 15:37:23 -------------------------------------------------------------------------------- -2017-08-31 15:37:23 Request: -User: "tmeasday", role: "editor", id: "59a811136bffa16d859c7682", -Operation: "", variables: "", -Query: -mutation { - updateUser(id: "59a811136bffa16d859c7682", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { - username - bio - role - } -} - -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-31 15:37:23 Authorize update 'updateUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a811136bffa16d859c7682" - } - ] -} -2017-08-31 15:37:23 updated user 59a811136bffa16d859c7682. -2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a811136bffa16d859c7682" - } - ] -} -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 -------------------------------------------------------------------------------- -2017-08-31 15:37:23 Request: -User: "tmeasday", role: "editor", id: "59a811136bffa16d859c7682", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "583291a1638566b3c5a92ca1") -} - -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-31 15:37:23 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a811136bffa16d859c7682" - } - ] -} -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a811136bffa16d859c7682" - } - ] -} -2017-08-31 15:37:23 -------------------------------------------------------------------------------- -2017-08-31 15:37:23 Request: -User: "tmeasday", role: "editor", id: "59a811136bffa16d859c7682", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "59a811136bffa16d859c7682", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { - id - } -} - -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-31 15:37:23 Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is authorized by docRole. -2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a811136bffa16d859c7682" - } - ] -} -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 inserted tweet 59a811136bffa16d859c7683. -2017-08-31 15:37:23 -------------------------------------------------------------------------------- -2017-08-31 15:37:23 Request: -User: "tmeasday", role: "editor", id: "59a811136bffa16d859c7682", -Operation: "", variables: "", -Query: -mutation { - createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { - id - } -} - -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-31 15:37:23 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. -2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a811136bffa16d859c7682" - } - ] -} -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 -------------------------------------------------------------------------------- -2017-08-31 15:37:23 Request: -User: "tmeasday", role: "editor", id: "59a811136bffa16d859c7682", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a811136bffa16d859c7683") { - author { - id - } - body - } -} - -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a811136bffa16d859c7682" - } - ] -} -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 -------------------------------------------------------------------------------- -2017-08-31 15:37:23 Request: -User: "tmeasday", role: "editor", id: "59a811136bffa16d859c7682", -Operation: "", variables: "", -Query: -{ - tweet(id: "583676d3618530145474e352") { - author { - id - } - body - } -} - -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a811136bffa16d859c7682" - } - ] -} -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 -------------------------------------------------------------------------------- -2017-08-31 15:37:23 Request: -User: "tmeasday", role: "editor", id: "59a811136bffa16d859c7682", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "59a811136bffa16d859c7683", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-31 15:37:23 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "59a811136bffa16d859c7682" - }, - { - "coauthorsIds": "59a811136bffa16d859c7682" - } - ] -} -2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a811136bffa16d859c7682" - } - ] -} -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 updated tweet 59a811136bffa16d859c7683. -2017-08-31 15:37:23 -------------------------------------------------------------------------------- -2017-08-31 15:37:23 Request: -User: "tmeasday", role: "editor", id: "59a811136bffa16d859c7682", -Operation: "", variables: "", -Query: -mutation { - updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { - body - } -} - -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-31 15:37:23 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "59a811136bffa16d859c7682" - }, - { - "coauthorsIds": "59a811136bffa16d859c7682" - } - ] -} -2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a811136bffa16d859c7682" - } - ] -} -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 -------------------------------------------------------------------------------- -2017-08-31 15:37:23 Request: -User: "tmeasday", role: "editor", id: "59a811136bffa16d859c7682", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a811136bffa16d859c7683") { - body - } -} - -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a811136bffa16d859c7682" - } - ] -} -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 -------------------------------------------------------------------------------- -2017-08-31 15:37:23 Request: -User: "tmeasday", role: "editor", id: "59a811136bffa16d859c7682", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "59a811136bffa16d859c7683") -} - -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-31 15:37:23 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "59a811136bffa16d859c7682" - } - ] -} -2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a811136bffa16d859c7682" - } - ] -} -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 removed tweet 59a811136bffa16d859c7683. -2017-08-31 15:37:23 -------------------------------------------------------------------------------- -2017-08-31 15:37:23 Request: -User: "tmeasday", role: "editor", id: "59a811136bffa16d859c7682", -Operation: "", variables: "", -Query: -mutation { - removeTweet(id: "583676d3618530145474e352") -} - -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-31 15:37:23 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "authorId": "59a811136bffa16d859c7682" - } - ] -} -2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a811136bffa16d859c7682" - } - ] -} -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 -------------------------------------------------------------------------------- -2017-08-31 15:37:23 Request: -User: "tmeasday", role: "editor", id: "59a811136bffa16d859c7682", -Operation: "", variables: "", -Query: -{ - tweet(id: "59a811136bffa16d859c7683") { - body - } -} - -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a811136bffa16d859c7682" - } - ] -} -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 -------------------------------------------------------------------------------- -2017-08-31 15:37:23 Request: -User: "tmeasday", role: "editor", id: "59a811136bffa16d859c7682", -Operation: "", variables: "", -Query: -mutation { - removeUser(id: "59a811136bffa16d859c7682") -} - -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized -2017-08-31 15:37:23 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a811136bffa16d859c7682" - } - ] -} -2017-08-31 15:37:23 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with - authQuery: { - "$or": [ - { - "_id": "59a811136bffa16d859c7682" - } - ] -} -2017-08-31 15:37:23 registered authorizedLoader successfully -2017-08-31 15:37:23 removed user 59a811136bffa16d859c7682. -2017-08-31 15:37:23 -------------------------------------------------------------------------------- -2017-08-31 15:37:23 Request: -User: "", role: "", id: "", -Operation: "", variables: "", -Query: -{ - user(id: "59a811136bffa16d859c7682") { - username - bio - role - } -} - -2017-08-31 15:37:23 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. -2017-08-31 15:37:23 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized -2017-08-31 15:37:23 ERROR Authorize readOne 'user' with user '' not authorized -2017-08-31 15:37:23 registered authorizedLoader successfully diff --git a/test/output-app/model/Tweet.js b/test/output-app/model/Tweet.js index 01832f4..40e233b 100644 --- a/test/output-app/model/Tweet.js +++ b/test/output-app/model/Tweet.js @@ -1,3 +1,4 @@ +/* eslint-disable prettier */ import { queryForRoles, onAuthRegisterLoader, @@ -14,14 +15,15 @@ export default class Tweet { const { me, User } = context; queryForRoles( me, - ['admin','world'], - ['authorId','coauthorsIds'], + ['admin', 'world'], + ['authorId', 'coauthorsIds'], { User }, - onAuthRegisterLoader('tweet findOneById', 'readOne', me, this)); + onAuthRegisterLoader('tweet findOneById', 'readOne', me, this) + ); } async findOneById(id, me, resolver) { - const log = authlog('tweet findOneById', resolver, me); + const log = authlog(resolver, 'readOne', me); if (!this.authorizedLoader) { log.error('not authorized'); return null; @@ -32,8 +34,8 @@ export default class Tweet { find({ lastCreatedAt = 0, limit = 10, baseQuery = {} }, me, resolver) { const authQuery = queryForRoles( me, - ['admin','world'], - ['authorId','coauthorsIds'], + ['admin', 'world'], + ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'readMany', me) ); @@ -50,17 +52,29 @@ export default class Tweet { } author(tweet, me, resolver) { - return this.context.User.findOneById(tweet.authorId, me, resolver); + return this.context.User.findOneById( + tweet.authorId, + me, + resolver + ); } coauthors(tweet, { lastCreatedAt = 0, limit = 10 }, me, resolver) { const baseQuery = { _id: { $in: tweet.coauthorsIds || [] } }; - return this.context.User.find({ lastCreatedAt, limit, baseQuery }, me, resolver); + return this.context.User.find( + { baseQuery, lastCreatedAt, limit }, + me, + resolver + ); } likers(tweet, { lastCreatedAt = 0, limit = 10 }, me, resolver) { const baseQuery = { likedIds: tweet._id }; - return this.context.User.find({ lastCreatedAt, limit, baseQuery }, me, resolver); + return this.context.User.find( + { baseQuery, lastCreatedAt, limit }, + me, + resolver + ); } createdBy(tweet, me, resolver) { @@ -72,7 +86,7 @@ export default class Tweet { } async insert(doc, me, resolver) { - let docToInsert = Object.assign({}, doc, { + const docToInsert = Object.assign({}, doc, { createdAt: Date.now(), updatedAt: Date.now(), createdById: (me && me._id) ? me._id : 'unknown', @@ -82,7 +96,7 @@ export default class Tweet { docToInsert, me, ['admin'], - ['authorId'], + ['authorId'], { User: this.context.User }, authlog(resolver, 'create', me) ); @@ -97,22 +111,23 @@ export default class Tweet { } async updateById(id, doc, me, resolver) { - let docToUpdate = { + const docToUpdate = { $set: Object.assign({}, doc, { - updatedAt: Date.now(), - updatedById: (me && me._id) ? me._id : 'unknown' - })}; - const baseQuery = {_id: id}; + updatedAt: Date.now(), + updatedById: me && me._id ? me._id : 'unknown' + }) + }; + const baseQuery = { _id: id }; const authQuery = queryForRoles( me, ['admin'], - ['authorId','coauthorsIds'], + ['authorId', 'coauthorsIds'], { User: this.context.User }, authlog(resolver, 'update', me) ); - const finalQuery = {...baseQuery, ...authQuery}; + const finalQuery = { ...baseQuery, ...authQuery }; const result = await this.collection.updateOne(finalQuery, docToUpdate); - if (result.result.ok !== 1 || result.result.n !== 1){ + if (result.result.ok !== 1 || result.result.n !== 1) { throw new Error(`update tweet not possible for ${id}.`); } this.log.debug(`updated tweet ${id}.`); @@ -123,7 +138,7 @@ export default class Tweet { } async removeById(id, me, resolver) { - const baseQuery = {_id: id}; + const baseQuery = { _id: id }; const authQuery = queryForRoles( me, ['admin'], @@ -131,9 +146,9 @@ export default class Tweet { { User: this.context.User }, authlog(resolver, 'delete', me) ); - const finalQuery = {...baseQuery, ...authQuery}; + const finalQuery = { ...baseQuery, ...authQuery }; const result = await this.collection.remove(finalQuery); - if (result.result.ok !== 1 || result.result.n !== 1){ + if (result.result.ok !== 1 || result.result.n !== 1) { throw new Error(`remove tweet not possible for ${id}.`); } this.log.debug(`removed tweet ${id}.`); diff --git a/test/output-app/model/User.js b/test/output-app/model/User.js index 54848fe..344c0d6 100644 --- a/test/output-app/model/User.js +++ b/test/output-app/model/User.js @@ -1,3 +1,4 @@ +/* eslint-disable prettier */ import { queryForRoles, onAuthRegisterLoader, @@ -18,14 +19,15 @@ export default class User { const { me } = context; queryForRoles( me, - ['admin'], ['_id'], + ['admin'], + ['_id'], { User }, onAuthRegisterLoader('user findOneById', 'readOne', me, this) ); } - static authRole(user){ - return (user && user.role) ? user.role : null; + static authRole(user) { + return user && user.role ? user.role : null; } async findOneById(id, me, resolver) { @@ -40,7 +42,8 @@ export default class User { find({ lastCreatedAt = 0, limit = 10, baseQuery = {} }, me, resolver) { const authQuery = queryForRoles( me, - ['admin'], ['_id'], + ['admin'], + ['_id'], { User: this.context.User }, authlog(resolver, 'readMany', me) ); @@ -58,22 +61,38 @@ export default class User { tweets(user, { minLikes, lastCreatedAt = 0, limit = 10 }, me, resolver) { const baseQuery = { authorId: user._id }; - return this.context.Tweet.find({ lastCreatedAt, limit, baseQuery }, me, resolver); + return this.context.Tweet.find( + { baseQuery, minLikes, lastCreatedAt, limit }, + me, + resolver + ); } liked(user, { lastCreatedAt = 0, limit = 10 }, me, resolver) { const baseQuery = { _id: { $in: user.likedIds || [] } }; - return this.context.Tweet.find({ lastCreatedAt, limit, baseQuery }, me, resolver); + return this.context.Tweet.find( + { baseQuery, lastCreatedAt, limit }, + me, + resolver + ); } following(user, { lastCreatedAt = 0, limit = 10 }, me, resolver) { const baseQuery = { _id: { $in: user.followingIds || [] } }; - return this.context.User.find({ lastCreatedAt, limit, baseQuery }, me, resolver); + return this.context.User.find( + { baseQuery, lastCreatedAt, limit }, + me, + resolver + ); } followers(user, { lastCreatedAt = 0, limit = 10 }, me, resolver) { const baseQuery = { followingIds: user._id }; - return this.context.User.find({ lastCreatedAt, limit, baseQuery }, me, resolver); + return this.context.User.find( + { baseQuery, lastCreatedAt, limit }, + me, + resolver + ); } createdBy(user, me, resolver) { @@ -92,8 +111,8 @@ export default class User { hash, createdAt: Date.now(), updatedAt: Date.now(), - createdById: (me && me._id) ? me._id : 'unknown', - updatedById: (me && me._id) ? me._id : 'unknown', + createdById: me && me._id ? me._id : 'unknown', + updatedById: me && me._id ? me._id : 'unknown' }); checkAuthDoc( docToInsert, @@ -103,7 +122,7 @@ export default class User { { User: this.context.User }, authlog(resolver, 'create', me) ); - docToInsert = protectFields(me, ['admin'], ['role'], docToInsert, { + docToInsert = protectFields(me, ['admin'], ['role'], docToInsert, { User: this.context.User }); const id = (await this.collection.insertOne(docToInsert)).insertedId; @@ -117,13 +136,13 @@ export default class User { } async updateById(id, doc, me, resolver) { - let docToUpdate = { + const docToUpdate = { $set: Object.assign({}, doc, { - updatedAt: Date.now(), - updatedById: (me && me._id) ? me._id : 'unknown' + updatedAt: Date.now(), + updatedById: me && me._id ? me._id : 'unknown' }) }; - const baseQuery = {_id: id}; + const baseQuery = { _id: id }; const authQuery = queryForRoles( me, ['admin'], @@ -138,9 +157,9 @@ export default class User { docToUpdate.$set, { User: this.context.User } ); - const finalQuery = {...baseQuery, ...authQuery}; + const finalQuery = { ...baseQuery, ...authQuery }; const result = await this.collection.updateOne(finalQuery, docToUpdate); - if (result.result.ok !== 1 || result.result.n !== 1){ + if (result.result.ok !== 1 || result.result.n !== 1) { throw new Error(`update user not possible for ${id}.`); } this.log.debug(`updated user ${id}.`); @@ -151,7 +170,7 @@ export default class User { } async removeById(id, me, resolver) { - const baseQuery = {_id: id}; + const baseQuery = { _id: id }; const authQuery = queryForRoles( me, ['admin'], @@ -159,9 +178,9 @@ export default class User { { User: this.context.User }, authlog(resolver, 'delete', me) ); - const finalQuery = {...baseQuery, ...authQuery}; + const finalQuery = { ...baseQuery, ...authQuery }; const result = await this.collection.remove(finalQuery); - if (result.result.ok !== 1 || result.result.n !== 1){ + if (result.result.ok !== 1 || result.result.n !== 1) { throw new Error(`remove user not possible for ${id}.`); } this.log.debug(`removed user ${id}.`); diff --git a/test/output-app/package.json b/test/output-app/package.json index 899b308..8dead59 100644 --- a/test/output-app/package.json +++ b/test/output-app/package.json @@ -39,7 +39,7 @@ "bcrypt": "^1.0.2", "body-parser": "1.15.2", "cors": "^2.8.1", - "create-graphql-server-authorization": "^0.0.40", + "create-graphql-server-authorization": "^0.0.42", "dataloader": "^1.2.0", "denodeify": "^1.2.1", "dotenv": "2.0.0", diff --git a/test/output-app/resolvers/Tweet.js b/test/output-app/resolvers/Tweet.js index 76e29b0..02c47dc 100644 --- a/test/output-app/resolvers/Tweet.js +++ b/test/output-app/resolvers/Tweet.js @@ -1,28 +1,30 @@ +/* eslint-disable prettier */ +/* eslint comma-dangle: [2, "only-multiline"] */ const resolvers = { Tweet: { id(tweet) { return tweet._id; }, - createdBy(tweet, args, { Tweet, me }) { - return Tweet.createdBy(tweet, me, 'tweet createdBy'); + author(tweet, args, { Tweet, me }) { + return Tweet.author(tweet, me, 'tweet author'); }, - updatedBy(tweet, args, { Tweet, me }) { - return Tweet.updatedBy(tweet, me, 'tweet updatedBy'); + coauthors(tweet, args, { Tweet, me }) { + return Tweet.coauthors(tweet, args, me, 'tweet coauthors'); }, - author(tweet, args, { Tweet, me }) { - return Tweet.author(tweet, me, 'tweet author'); + likers(tweet, args, { Tweet, me }) { + return Tweet.likers(tweet, args, me, 'tweet likers'); }, - coauthors(tweet, { lastCreatedAt, limit }, { Tweet, me }) { - return Tweet.coauthors(tweet, { lastCreatedAt, limit }, me, 'tweet coauthors'); + createdBy(tweet, args, { Tweet, me }) { + return Tweet.createdBy(tweet, me, 'tweet createdBy'); }, - likers(tweet, { lastCreatedAt, limit }, { Tweet, me }) { - return Tweet.likers(tweet, { lastCreatedAt, limit }, me, 'tweet likers'); - }, + updatedBy(tweet, args, { Tweet, me }) { + return Tweet.updatedBy(tweet, me, 'tweet updatedBy'); + } }, Query: { tweets(root, { lastCreatedAt, limit }, { Tweet, me }) { @@ -31,7 +33,7 @@ const resolvers = { tweet(root, { id }, { Tweet, me }) { return Tweet.findOneById(id, me, 'tweet'); - }, + } }, Mutation: { async createTweet(root, { input }, { Tweet, me }) { @@ -44,13 +46,13 @@ const resolvers = { async removeTweet(root, { id }, { Tweet, me }) { return await Tweet.removeById(id, me, 'removeTweet'); - }, + } }, Subscription: { tweetCreated: tweet => tweet, tweetUpdated: tweet => tweet, - tweetRemoved: id => id, - }, + tweetRemoved: id => id + } }; export default resolvers; diff --git a/test/output-app/resolvers/User.js b/test/output-app/resolvers/User.js index e6a7c8a..f5eea86 100644 --- a/test/output-app/resolvers/User.js +++ b/test/output-app/resolvers/User.js @@ -1,32 +1,34 @@ +/* eslint-disable prettier */ +/* eslint comma-dangle: [2, "only-multiline"] */ const resolvers = { User: { id(user) { return user._id; }, - createdBy(user, args, { User, me }) { - return User.createdBy(user, me, 'user createdBy'); + tweets(user, args, { User, me }) { + return User.tweets(user, args, me, 'user tweets'); }, - updatedBy(user, args, { User, me }) { - return User.updatedBy(user, me, 'user updatedBy'); + liked(user, args, { User, me }) { + return User.liked(user, args, me, 'user liked'); }, - tweets(user, { minLikes, lastCreatedAt, limit }, { User, me }) { - return User.tweets(user, { minLikes, lastCreatedAt, limit }, me, 'user tweets'); + following(user, args, { User, me }) { + return User.following(user, args, me, 'user following'); }, - liked(user, { lastCreatedAt, limit }, { User, me }) { - return User.liked(user, { lastCreatedAt, limit }, me, 'user liked'); + followers(user, args, { User, me }) { + return User.followers(user, args, me, 'user followers'); }, - following(user, { lastCreatedAt, limit }, { User, me }) { - return User.following(user, { lastCreatedAt, limit }, me, 'user following'); + createdBy(user, args, { User, me }) { + return User.createdBy(user, me, 'user createdBy'); }, - followers(user, { lastCreatedAt, limit }, { User, me }) { - return User.followers(user, { lastCreatedAt, limit }, me, 'user followers'); - }, + updatedBy(user, args, { User, me }) { + return User.updatedBy(user, me, 'user updatedBy'); + } }, Query: { users(root, { lastCreatedAt, limit }, { User, me }) { @@ -35,7 +37,7 @@ const resolvers = { user(root, { id }, { User, me }) { return User.findOneById(id, me, 'user'); - }, + } }, Mutation: { async createUser(root, { input }, { User, me }) { @@ -48,13 +50,13 @@ const resolvers = { async removeUser(root, { id }, { User, me }) { return await User.removeById(id, me, 'removeUser'); - }, + } }, Subscription: { userCreated: user => user, userUpdated: user => user, - userRemoved: id => id, - }, + userRemoved: id => id + } }; export default resolvers; diff --git a/test/output-app/schema/Tweet.graphql b/test/output-app/schema/Tweet.graphql index 2257803..852cecb 100644 --- a/test/output-app/schema/Tweet.graphql +++ b/test/output-app/schema/Tweet.graphql @@ -1,4 +1,4 @@ -type Tweet @authorize(admin: ["create", "read", "update", "delete"], author: ["create", "read", "update", "delete"], coauthors: ["read", "update"], world: ["read"]) { +type Tweet { id: ObjID! author: User coauthors(lastCreatedAt: Float, limit: Int): [User] diff --git a/test/output-app/schema/User.graphql b/test/output-app/schema/User.graphql index 0b74c22..9859bda 100644 --- a/test/output-app/schema/User.graphql +++ b/test/output-app/schema/User.graphql @@ -1,4 +1,4 @@ -type User @authorize(admin: ["create", "read", "update", "delete"], this: ["create", "read", "update", "delete"]) { +type User { id: ObjID! role: String email: String! diff --git a/test/output-app/yarn.lock b/test/output-app/yarn.lock index 9d78a6c..0b74642 100644 --- a/test/output-app/yarn.lock +++ b/test/output-app/yarn.lock @@ -1072,6 +1072,10 @@ center-align@^0.1.1: align-text "^0.1.3" lazy-cache "^1.0.3" +chai-string@^1.4.0: + version "1.4.0" + resolved "https://registry.yarnpkg.com/chai-string/-/chai-string-1.4.0.tgz#359140c051d36a4e4b1a5fc6b910152f438a8d49" + chai@^3.5.0: version "3.5.0" resolved "https://registry.yarnpkg.com/chai/-/chai-3.5.0.tgz#4d02637b067fe958bdbfdd3a40ec56fef7373247" @@ -1263,11 +1267,12 @@ crc@3.4.0: version "3.4.0" resolved "https://registry.yarnpkg.com/crc/-/crc-3.4.0.tgz#4258e351613a74ef1153dfcb05e820c3e9715d7f" -create-graphql-server-authorization@^0.0.40: - version "0.0.40" - resolved "https://registry.yarnpkg.com/create-graphql-server-authorization/-/create-graphql-server-authorization-0.0.40.tgz#134e13e23274c44ad606dd3f7aca32455c238a96" +create-graphql-server-authorization@^0.0.42: + version "0.0.42" + resolved "https://registry.yarnpkg.com/create-graphql-server-authorization/-/create-graphql-server-authorization-0.0.42.tgz#441afd10a12434ab96d84e42a4e867cc56845f88" dependencies: babylon "^6.18.0" + chai-string "^1.4.0" global "^4.3.2" graphql "^0.11.1" handlebars "^4.0.10" diff --git a/yarn.lock b/yarn.lock index 110a0cb..0815063 100644 --- a/yarn.lock +++ b/yarn.lock @@ -974,6 +974,10 @@ chai-diff@^1.0.1: dependencies: diff "^2.2.1" +chai-string@^1.4.0: + version "1.4.0" + resolved "https://registry.yarnpkg.com/chai-string/-/chai-string-1.4.0.tgz#359140c051d36a4e4b1a5fc6b910152f438a8d49" + chai@^3.5.0: version "3.5.0" resolved "https://registry.yarnpkg.com/chai/-/chai-3.5.0.tgz#4d02637b067fe958bdbfdd3a40ec56fef7373247" @@ -1130,11 +1134,12 @@ cpr@^2.0.0: mkdirp "~0.5.1" rimraf "^2.5.4" -create-graphql-server-authorization@^0.0.40: - version "0.0.40" - resolved "https://registry.yarnpkg.com/create-graphql-server-authorization/-/create-graphql-server-authorization-0.0.40.tgz#134e13e23274c44ad606dd3f7aca32455c238a96" +create-graphql-server-authorization@^0.0.42: + version "0.0.42" + resolved "https://registry.yarnpkg.com/create-graphql-server-authorization/-/create-graphql-server-authorization-0.0.42.tgz#441afd10a12434ab96d84e42a4e867cc56845f88" dependencies: babylon "^6.18.0" + chai-string "^1.4.0" global "^4.3.2" graphql "^0.11.1" handlebars "^4.0.10" From 073de895feba9ee6454be8b0e7929898b112dd1d Mon Sep 17 00:00:00 2001 From: tobkle Date: Sat, 2 Sep 2017 02:36:30 +0200 Subject: [PATCH 68/69] with handlebars templating, without debugger --- bin/create-graphql-server.js | 1 - bin/gentest.js | 1 - 2 files changed, 2 deletions(-) diff --git a/bin/create-graphql-server.js b/bin/create-graphql-server.js index be2b25b..6088b04 100755 --- a/bin/create-graphql-server.js +++ b/bin/create-graphql-server.js @@ -93,7 +93,6 @@ function getFileUpdateList(inputSchemaFile, mode) { inputSchemaStr = `type ${adjustTypeName(inputSchemaFile)} {}`; } // generate code therefore in memory first - debugger; const { typeName, TypeName, diff --git a/bin/gentest.js b/bin/gentest.js index f688965..9fe88d1 100755 --- a/bin/gentest.js +++ b/bin/gentest.js @@ -11,7 +11,6 @@ const argv = minimist(process.argv.slice(2)); const commands = argv._; const file = commands[0] || path.join('test', 'input', 'User.graphql'); const targetDir = commands[1] || os.tmpdir(); -debugger; const inputSchemaStr = fs.readFileSync(file, 'utf8'); const { typeName, From d5b71635321f5f4e83b4bf6d3830b7d3213e72a9 Mon Sep 17 00:00:00 2001 From: tobkle Date: Wed, 6 Sep 2017 15:02:24 +0200 Subject: [PATCH 69/69] refactored: split authorization into packages, which are independent from auth --- circle.yml | 1 - generate/index.js | 4 +- generate/model/index.js | 8 +- .../default/default_default.template | 24 +- .../templates/user/default_user.template | 24 +- generate/resolvers/index.js | 9 +- generate/schema/index.js | 104 +- generate/util/generatePerField.js | 13 +- generate/util/graphql.js | 16 +- generate/util/read.js | 4 + package.json | 7 +- skel/README.md | 4 +- skel/package.json | 4 +- skel/server/authenticate.js | 2 +- skel/server/index.js | 8 +- test/generate/directives.js | 38 +- test/generate/model.js | 33 +- test/generate/resolvers.js | 31 +- test/generate/schema.js | 2 +- test/output-app/README.md | 4 +- test/output-app/log/all-logs-readable.log | 2283 +++++++++++++++++ test/output-app/model/Tweet.js | 7 +- test/output-app/model/User.js | 7 +- test/output-app/package.json | 4 +- test/output-app/schema/Tweet.graphql | 4 +- test/output-app/schema/User.graphql | 4 +- test/output-app/server/authenticate.js | 2 +- test/output-app/server/index.js | 8 +- test/output-app/yarn.lock | 53 +- yarn.lock | 53 +- 30 files changed, 2587 insertions(+), 178 deletions(-) diff --git a/circle.yml b/circle.yml index a976c20..03e07b7 100644 --- a/circle.yml +++ b/circle.yml @@ -4,7 +4,6 @@ dependencies: - yarn: pwd: test/output-app - test: pre: - npm start /tmp/app-output: diff --git a/generate/index.js b/generate/index.js index 364c1b8..3834c9a 100644 --- a/generate/index.js +++ b/generate/index.js @@ -3,7 +3,7 @@ import { parse, print } from 'graphql'; import { lcFirst } from './util/capitalization'; import generateModel from './model'; -import generateResolver from './resolvers'; +import generateResolvers from './resolvers'; import generateSchema from './schema'; export default function generate(inputSchemaStr) { @@ -13,7 +13,7 @@ export default function generate(inputSchemaStr) { const typeName = lcFirst(TypeName); const outputSchema = generateSchema(inputSchema); const outputSchemaStr = print(outputSchema); - const resolversStr = generateResolver(inputSchema); + const resolversStr = generateResolvers(inputSchema); const modelStr = generateModel(inputSchema); return { diff --git a/generate/model/index.js b/generate/model/index.js index dd9be36..c7aeebb 100644 --- a/generate/model/index.js +++ b/generate/model/index.js @@ -5,6 +5,11 @@ import { MODEL } from '../util/constants'; import { modulePath } from 'create-graphql-server-authorization'; export default function generateModel(inputSchema) { + const ast = generateModelAst(inputSchema); + return print(ast, { trailingComma: true }).code; +} + +export function generateModelAst(inputSchema) { const templateCode = getCode(MODEL, { inputSchema, @@ -15,5 +20,6 @@ export default function generateModel(inputSchema) { // validate syntax of generated template code const replacements = {}; const ast = templateToAst(templateCode, replacements); - return print(ast, { trailingComma: true }).code; + + return ast; } diff --git a/generate/model/templates/default/default_default.template b/generate/model/templates/default/default_default.template index 9a1436e..b4cf383 100644 --- a/generate/model/templates/default/default_default.template +++ b/generate/model/templates/default/default_default.template @@ -1,27 +1,21 @@ /* eslint-disable prettier */ import DataLoader from 'dataloader'; -import { - findByIds, - getLogFilename, - logger -} from 'create-graphql-server-authorization'; -const log = logger(getLogFilename()); export default class {{TypeName}} { constructor(context) { this.context = context; this.collection = context.db.collection('{{typeName}}'); this.pubsub = context.pubsub; - this.authorizedLoader = new DataLoader(ids => - findByIds(this.collection, ids) + this.loader = new DataLoader(ids => + this.context.findByIds(this.collection, ids) ); } async findOneById(id) { - if (!this.authorizedLoader) { + if (!this.loader) { return null; } - return await this.authorizedLoader.load(id); + return await this.loader.load(id); } find({ lastCreatedAt = 0, limit = 10, baseQuery = {} }) { @@ -48,7 +42,7 @@ export default class {{TypeName}} { if (!id) { throw new Error(`insert {{typeName}} not possible.`); } - log.debug(`inserted {{typeName}} ${id}.`); + this.context.log.debug(`inserted {{typeName}} ${id}.`); const insertedDoc = this.findOneById(id); this.pubsub.publish('{{typeName}}Inserted', insertedDoc); return insertedDoc; @@ -66,8 +60,8 @@ export default class {{TypeName}} { if (result.result.ok !== 1 || result.result.n !== 1) { throw new Error(`update {{typeName}} not possible for ${id}.`); } - log.debug(`updated {{typeName}} ${id}.`); - this.authorizedLoader.clear(id); + this.context.log.debug(`updated {{typeName}} ${id}.`); + this.loader.clear(id); const updatedDoc = this.findOneById(id); this.pubsub.publish('{{typeName}}Updated', updatedDoc); return updatedDoc; @@ -80,8 +74,8 @@ export default class {{TypeName}} { if (result.result.ok !== 1 || result.result.n !== 1) { throw new Error(`remove {{typeName}} not possible for ${id}.`); } - log.debug(`removed {{typeName}} ${id}.`); - this.authorizedLoader.clear(id); + this.context.log.debug(`removed {{typeName}} ${id}.`); + this.loader.clear(id); this.pubsub.publish('{{typeName}}Removed', id); return result; } diff --git a/generate/model/templates/user/default_user.template b/generate/model/templates/user/default_user.template index efedf6c..1777934 100644 --- a/generate/model/templates/user/default_user.template +++ b/generate/model/templates/user/default_user.template @@ -1,29 +1,23 @@ /* eslint-disable prettier */ import DataLoader from 'dataloader'; -import { - findByIds, - getLogFilename, - logger -} from 'create-graphql-server-authorization'; import bcrypt from 'bcrypt'; const SALT_ROUNDS = 10; -const log = logger(getLogFilename()); export default class {{TypeName}} { constructor(context) { this.context = context; this.collection = context.db.collection('{{typeName}}'); this.pubsub = context.pubsub; - this.authorizedLoader = new DataLoader(ids => - findByIds(this.collection, ids) + this.loader = new DataLoader(ids => + this.context.findByIds(this.collection, ids) ); } async findOneById(id) { - if (!this.authorizedLoader) { + if (!this.loader) { return null; } - return await this.authorizedLoader.load(id); + return await this.loader.load(id); } find({ lastCreatedAt = 0, limit = 10, baseQuery = {} }{{#if authorize}}, me, resolver{{/if}}) { @@ -54,7 +48,7 @@ export default class {{TypeName}} { if (!id) { throw new Error(`insert {{typeName}} not possible.`); } - log.debug(`inserted {{typeName}} ${id}.`); + this.context.log.debug(`inserted {{typeName}} ${id}.`); const insertedDoc = this.findOneById(id); this.pubsub.publish('{{typeName}}Inserted', insertedDoc); return insertedDoc; @@ -72,8 +66,8 @@ export default class {{TypeName}} { if (result.result.ok !== 1 || result.result.n !== 1) { throw new Error(`update {{typeName}} not possible for ${id}.`); } - log.debug(`updated {{typeName}} ${id}.`); - this.authorizedLoader.clear(id); + this.context.log.debug(`updated {{typeName}} ${id}.`); + this.loader.clear(id); const updatedDoc = this.findOneById(id); this.pubsub.publish('{{typeName}}Updated', updatedDoc); return updatedDoc; @@ -86,8 +80,8 @@ export default class {{TypeName}} { if (result.result.ok !== 1 || result.result.n !== 1) { throw new Error(`remove {{typeName}} not possible for ${id}.`); } - log.debug(`removed {{typeName}} ${id}.`); - this.authorizedLoader.clear(id); + this.context.log.debug(`removed {{typeName}} ${id}.`); + this.loader.clear(id); this.pubsub.publish('{{typeName}}Removed', id); return result; } diff --git a/generate/resolvers/index.js b/generate/resolvers/index.js index 3d44c61..a5a65d9 100644 --- a/generate/resolvers/index.js +++ b/generate/resolvers/index.js @@ -4,8 +4,12 @@ import { RESOLVER } from '../util/constants'; import { modulePath } from 'create-graphql-server-authorization'; -export default function generateResolver(inputSchema) { +export default function generateResolvers(inputSchema) { + const ast = generateResolversAst(inputSchema) + return print(ast, { trailingComma: true }).code; +} +export function generateResolversAst(inputSchema) { const templateCode = getCode(RESOLVER, { inputSchema, basePath: [__dirname, 'templates'], @@ -15,5 +19,6 @@ export default function generateResolver(inputSchema) { // validate syntax of generated template code const replacements = {}; const ast = templateToAst(templateCode, replacements); - return print(ast, { trailingComma: true }).code; + + return ast; } diff --git a/generate/schema/index.js b/generate/schema/index.js index d16b3d5..399f39d 100644 --- a/generate/schema/index.js +++ b/generate/schema/index.js @@ -1,8 +1,10 @@ import assert from 'assert'; import cloneDeep from 'lodash.clonedeep'; import includes from 'lodash.includes'; -import { lcFirst } from '../util/capitalization'; -import { adjustSchemaForAuthorization } from 'create-graphql-server-authorization'; + +import { + enhanceSchemaForAuthorization +} from 'create-graphql-server-authorization'; import { buildField, @@ -12,9 +14,8 @@ import { addPaginationArguments, applyCustomDirectives, idArgument, - isScalarField, SCALAR_TYPE_NAMES, - getType + getBaseType } from '../util/graphql'; /* eslint-disable no-param-reassign */ @@ -27,15 +28,10 @@ export default function generateSchema(inputSchema) { const outputSchema = cloneDeep(inputSchema); const type = outputSchema.definitions[0]; - const TypeName = type.name.value; - const typeName = lcFirst(TypeName); - - // remove @authorize directive from header directives - type.directives = type.directives.filter(directive => directive.name.value !== 'authorize'); + const typeName = type.name.value; const createInputFields = []; const updateInputFields = []; - type.fields.forEach((field) => { const directivesByName = {}; field.directives.forEach((directive) => { @@ -52,24 +48,29 @@ export default function generateSchema(inputSchema) { inputTypeModifier = '!'; } + // Simple Fields if (possibleInputType.kind === 'NamedType') { const isScalarField = includes(SCALAR_TYPE_NAMES, possibleInputType.name.value); - let inputFieldCreate = ''; - let inputFieldUpdate = ''; + let CreateInputField = ''; + let UpdateInputField = ''; if (isScalarField || !!directivesByName.enum) { - inputFieldCreate = field; - inputFieldUpdate = buildField(`${field.name.value}`, [], `${getType(field)}`); + // take field as it was entered + CreateInputField = field; + // on updates, on NonNullable entered fields, the user should be able to decide, if he wants to update + UpdateInputField = buildField(`${field.name.value}`, [], `${getBaseType(field.type).name.value}`); } else { - inputFieldCreate = buildField(`${field.name.value}Id`, [], `ObjID${inputTypeModifier}`); - inputFieldUpdate = buildField(`${field.name.value}Id`, [], `ObjID`); + CreateInputField = buildField(`${field.name.value}Id`, [], `ObjID${inputTypeModifier}`); + // same here, otherwise we always have to update fields, even if we don't want to update them + UpdateInputField = buildField(`${field.name.value}Id`, [], `ObjID`); } - createInputFields.push(inputFieldCreate); + createInputFields.push(CreateInputField); if (!directivesByName.unmodifiable) { - updateInputFields.push(inputFieldUpdate); + updateInputFields.push(UpdateInputField); } } + // Fields containing List of values if (possibleInputType.kind === 'ListType') { if (possibleInputType.type.kind === 'NonNullType') { @@ -82,19 +83,19 @@ export default function generateSchema(inputSchema) { } const isScalarField = includes(SCALAR_TYPE_NAMES, possibleInputType.name.value); - let inputFieldCreate = ''; - let inputFieldUpdate = ''; + let CreateInputField = ''; + let UpdateInputField = ''; if (isScalarField || !!directivesByName.enum) { - inputFieldCreate = `[${field}]`; - inputFieldUpdate = `[${field}]`; + CreateInputField = `[${field}]`; + UpdateInputField = `[${field}]`; } else { - inputFieldCreate = buildField(`${field.name.value}Ids`, [], `[ObjID${inputTypeModifier}]`); - inputFieldUpdate = buildField(`${field.name.value}Ids`, [], `[ObjID]`); + CreateInputField = buildField(`${field.name.value}Ids`, [], `[ObjID${inputTypeModifier}]`); + UpdateInputField = buildField(`${field.name.value}Ids`, [], `[ObjID]`); } - createInputFields.push(inputFieldCreate); + createInputFields.push(CreateInputField); if (!directivesByName.unmodifiable) { - updateInputFields.push(inputFieldUpdate); + updateInputFields.push(UpdateInputField); } } @@ -102,64 +103,53 @@ export default function generateSchema(inputSchema) { }); type.fields.unshift(buildField('id', [], 'ObjID!')); + type.fields.push(buildField('createdAt', [], 'Float!')); + type.fields.push(buildField('updatedAt', [], 'Float!')); - // adjustments to types from authorization - const adjustments = adjustSchemaForAuthorization(typeName, inputSchema); - adjustments && adjustments.forEach(field => { - const fieldSetup = buildField(field.name, [], field.type); - switch (field.mode){ - case 'create': - createInputFields.push(fieldSetup); - break; - case 'update': - updateInputFields.push(fieldSetup); - break; - case 'read': - type.fields.push(fieldSetup); - break; - } - }); - - const queryOneField = buildField(TypeName.toLowerCase(), [idArgument()], TypeName); - const queryAllField = buildField(`${TypeName.toLowerCase()}s`, [], `[${TypeName}!]`); + const queryOneField = buildField(typeName.toLowerCase(), [idArgument()], typeName); + const queryAllField = buildField(`${typeName.toLowerCase()}s`, [], `[${typeName}!]`); addPaginationArguments(queryAllField); outputSchema.definitions.push( buildTypeExtension(buildTypeDefinition('Query', [queryAllField, queryOneField])) ); - const createInputTypeName = `Create${TypeName}Input`; + const createInputTypeName = `Create${typeName}Input`; outputSchema.definitions.push( buildTypeDefinition(createInputTypeName, createInputFields, 'InputObjectTypeDefinition') ); - const updateInputTypeName = `Update${TypeName}Input`; + const updateInputTypeName = `Update${typeName}Input`; outputSchema.definitions.push( buildTypeDefinition(updateInputTypeName, updateInputFields, 'InputObjectTypeDefinition') ); // Create update input type if readonly fields + outputSchema.definitions.push(buildTypeExtension( buildTypeDefinition('Mutation', [ - buildField(`create${TypeName}`, [ + buildField(`create${typeName}`, [ buildArgument('input', `${createInputTypeName}!`), - ], TypeName), + ], typeName), - buildField(`update${TypeName}`, [ + buildField(`update${typeName}`, [ idArgument(), buildArgument('input', `${updateInputTypeName}!`), - ], TypeName), + ], typeName), - buildField(`remove${TypeName}`, [idArgument()], 'Boolean'), + buildField(`remove${typeName}`, [idArgument()], 'Boolean'), ]) )); outputSchema.definitions.push(buildTypeExtension( buildTypeDefinition('Subscription', [ - buildField(`${TypeName.toLowerCase()}Created`, [], TypeName), - buildField(`${TypeName.toLowerCase()}Updated`, [], TypeName), - buildField(`${TypeName.toLowerCase()}Removed`, [], 'ObjID'), + buildField(`${typeName.toLowerCase()}Created`, [], typeName), + buildField(`${typeName.toLowerCase()}Updated`, [], typeName), + buildField(`${typeName.toLowerCase()}Removed`, [], 'ObjID'), ]) )); - return outputSchema; -} + // enhance with Authorization + const outputSchemaWithAuth = enhanceSchemaForAuthorization(outputSchema); + + return outputSchemaWithAuth; +} \ No newline at end of file diff --git a/generate/util/generatePerField.js b/generate/util/generatePerField.js index dcfd9aa..d55cef7 100644 --- a/generate/util/generatePerField.js +++ b/generate/util/generatePerField.js @@ -17,16 +17,23 @@ export default function generatePerField(type, generators) { // We should probably find a way to use generatePerField for the schema too. const ignoreField = (field) => { const directivesByName = {}; - field.directives.forEach((d) => { directivesByName[d.name.value] = d; }); + if (field.directives) { + field.directives.forEach(d => { directivesByName[d.name.value] = d; }); + } return !isScalarField(field) && !directivesByName.enum; }; return type.fields.filter(ignoreField).map((originalField) => { const field = cloneDeep(originalField); - applyCustomDirectives(field); + if (field.directives) { + applyCustomDirectives(field); + } // find the first directive on the field that has a generator - const directive = field.directives.find(d => !!generators[d.name.value]); + let directive; + if (field.directives) { + directive = field.directives.find(d => !!generators[d.name.value]); + } const fieldName = field.name.value; const ReturnTypeName = getBaseType(field.type).name.value; diff --git a/generate/util/graphql.js b/generate/util/graphql.js index e182c78..c16c0ca 100644 --- a/generate/util/graphql.js +++ b/generate/util/graphql.js @@ -69,6 +69,7 @@ export function buildField(name, args, typeName) { kind: 'FieldDefinition', name: buildName(name), arguments: args, + directives: [], type: buildTypeReference(typeName), }; } @@ -105,18 +106,3 @@ export function applyCustomDirectives(field) { export function idArgument() { return buildArgument('id', 'ObjID!'); } - - -export function getType(field) { - if (field.type.kind === 'Name' || - field.type.kind === 'NamedType') - return field.type.name.value; - - else if (field.type.kind === 'NonNullType' && - (field.type.type.kind === 'Name' || - field.type.type.kind === 'NamedType') - ) - return field.type.type.name.value; - - return ''; -} diff --git a/generate/util/read.js b/generate/util/read.js index 8fe94a2..7675257 100644 --- a/generate/util/read.js +++ b/generate/util/read.js @@ -7,6 +7,10 @@ export default function readInput(path) { return parse(fs.readFileSync(path, 'utf8')); } +export function readString(path) { + return fs.readFileSync(path, 'utf8'); +} + const babylonParser = { parse(code) { return babylon.parse(code, { diff --git a/package.json b/package.json index 5f63e0e..fed94c8 100644 --- a/package.json +++ b/package.json @@ -21,8 +21,7 @@ "clean": "rm -rf dist/*", "build": "npm run clean && babel bin --out-dir dist/bin && babel generate -D --out-dir dist/generate && cp -r skel dist", "prepublish": "npm run build", - "gentest": "babel-node --inspect bin/gentest.js -- ", - "nodemon": "nodemon --watch generate generate/schema/index_new.js --exec babel-node" + "gentest": "babel-node bin/gentest.js -- " }, "config": { "logfile": "log/all-logs-readable.log", @@ -55,7 +54,9 @@ "babylon": "^6.14.1", "chalk": "^1.1.3", "cpr": "^2.0.0", - "create-graphql-server-authorization": "^0.0.42", + "create-graphql-server-authorization": "^0.0.45", + "create-graphql-server-find-by-ids": "^0.0.4", + "create-graphql-server-logging": "^0.0.3", "dataloader": "^1.3.0", "denodeify": "^1.2.1", "escape-string-regexp": "^1.0.5", diff --git a/skel/README.md b/skel/README.md index 085848b..fc7ed96 100644 --- a/skel/README.md +++ b/skel/README.md @@ -66,7 +66,7 @@ import { ObjectId } from 'mongodb'; import nodeify from 'nodeify'; import bcrypt from 'bcrypt'; import DataLoader from 'dataloader'; -import { findByIds } from 'create-graphql-server-authorization'; +import { findByIds } from 'create-graphql-server-find-by-ids'; const KEY = 'test-key'; let Loader; @@ -201,7 +201,7 @@ This uses the following functions from that module: ### function authlog A logging function that understands "resolvers", "modes" and "users". Simple wrapper around whatever logging function we use. -### function findByIds +### function findByIds (create-graphql-server-find-by-ids) This is an extended version of [mongo-find-by-ids](https://github.com/tmeasday/mongo-find-by-ids). The enhancement is only to provide an additional authQuery object, to extend the query to meet additional authorizations. diff --git a/skel/package.json b/skel/package.json index 65f152f..0f9b8e9 100644 --- a/skel/package.json +++ b/skel/package.json @@ -39,7 +39,9 @@ "bcrypt": "^1.0.2", "body-parser": "1.15.2", "cors": "^2.8.1", - "create-graphql-server-authorization": "^0.0.42", + "create-graphql-server-authorization": "^0.0.45", + "create-graphql-server-find-by-ids": "^0.0.4", + "create-graphql-server-logging": "^0.0.3", "dataloader": "^1.2.0", "denodeify": "^1.2.1", "dotenv": "2.0.0", diff --git a/skel/server/authenticate.js b/skel/server/authenticate.js index 283964a..2559482 100644 --- a/skel/server/authenticate.js +++ b/skel/server/authenticate.js @@ -5,7 +5,7 @@ import { ObjectId } from 'mongodb'; import nodeify from 'nodeify'; import bcrypt from 'bcrypt'; import DataLoader from 'dataloader'; -import { findByIds } from 'create-graphql-server-authorization'; +import { findByIds } from 'create-graphql-server-find-by-ids'; const KEY = 'test-key'; let Loader; diff --git a/skel/server/index.js b/skel/server/index.js index de2040e..ca7be63 100644 --- a/skel/server/index.js +++ b/skel/server/index.js @@ -8,8 +8,8 @@ import { MongoClient } from 'mongodb'; import cors from 'cors'; import passport from 'passport'; import morgan from 'morgan'; - -import { getLogFilename, logger } from 'create-graphql-server-authorization'; +import { findByIds } from 'create-graphql-server-find-by-ids'; +import { getLogFilename, logger } from 'create-graphql-server-logging'; import typeDefs from '../schema'; import resolvers from '../resolvers'; import addModelsToContext from '../model'; @@ -48,7 +48,9 @@ async function startServer() { app.use('/graphql', (req, res, next) => { passport.authenticate('jwt', { session: false }, (err, me) => { - req.context = addModelsToContext({ db, pubsub, me, UserCollection, log }); + req.context = addModelsToContext({ + db, pubsub, me, UserCollection, findByIds, log + }); graphqlExpress(() => { // Get the query, the same way express-graphql does it // https://github.com/graphql/express-graphql/blob/3fa6e68582d6d933d37fa9e841da5d2aa39261cd/src/index.js#L257 diff --git a/test/generate/directives.js b/test/generate/directives.js index bfc0291..49e8693 100644 --- a/test/generate/directives.js +++ b/test/generate/directives.js @@ -11,7 +11,7 @@ describe('directives', () => { const input = parse(`type Test { status: TestStatus @enum }`); - + it('leaves the typename unchanged in the schema', () => { const schema = generateSchema(input); @@ -36,20 +36,42 @@ describe('directives', () => { it('does not generate a resolver', () => { const ast = generateResolversAst(input); + let keys = []; + // less offensive, otherwise, we have to change it after each + // change in the templates + ast.program.body.forEach(body => { + if (body.declarations && + body.declarations.length > 0) { - const resolvers = ast.program.body[0].declarations[0]; - const Test = resolvers.init.properties.find(p => p.key.name === 'Test'); - const keys = Test.value.properties.map(p => p.key.name); + body.declarations.forEach(declaration => { + if (declaration.init && + declaration.init.properties && + declaration.init.properties.length > 0){ + const Test = declaration.init.properties.find(p => p.key.name === 'Test'); + if (Test && Test.value && Test.value.properties && Test.value.properties.length > 0) { + keys = keys.concat(Test.value.properties.map(p => p.key.name)); + } + } + }); + } + }); expect(keys).to.not.include('status'); }); it('does not generate a model function', () => { const ast = generateModelAst(input); - - const TestClass = ast.program.body[3].declaration.body; - const keys = TestClass.body.map(p => p.key.name); - + let keys = []; + // less offensive, otherwise, we have to change it after each + // change in the templates + ast.program.body.forEach(body =>{ + if (body.declaration && + body.declaration.body && + body.declaration.body.body && + body.declaration.body.body.length > 0) { + keys = keys.concat(body.declaration.body.body.map(p => p.key.name)); + } + }); expect(keys).to.not.include('status'); }); }); diff --git a/test/generate/model.js b/test/generate/model.js index 430f60b..b367820 100644 --- a/test/generate/model.js +++ b/test/generate/model.js @@ -3,36 +3,45 @@ import chai, { expect } from 'chai'; import chaiDiff from 'chai-diff'; import fs from 'fs'; -import readInput from '../../generate/read'; -import generateSchema from '../../generate/schema'; -import generateModel from '../../generate/model'; +import { readString } from '../../generate/util/read'; +import generate from '../../generate'; describe('generateModel', () => { chai.use(chaiDiff); describe('with user test file', () => { - const input = readInput(`${__dirname}/../input/User.graphql`); + const input = readString(`${__dirname}/../input/User.graphql`); it('generates correct JavaScript', () => { - const schema = generateSchema(input); - const output = generateModel(input, schema); - + const { + typeName, + TypeName, + outputSchemaStr, + resolversStr, + modelStr, + } = generate(input); + const expected = fs.readFileSync(`${__dirname}/../output-app/model/User.js`, 'utf8'); - expect(output).not.to.be.differentFrom(expected, { relaxedSpace: true }); + expect(modelStr).not.to.be.differentFrom(expected, { relaxedSpace: true }); }); }); describe('with tweet test file', () => { - const input = readInput(`${__dirname}/../input/Tweet.graphql`); + const input = readString(`${__dirname}/../input/Tweet.graphql`); it('generates correct JavaScript', () => { - const schema = generateSchema(input); - const output = generateModel(input, schema); + const { + typeName, + TypeName, + outputSchemaStr, + resolversStr, + modelStr, + } = generate(input); const expected = fs.readFileSync(`${__dirname}/../output-app/model/Tweet.js`, 'utf8'); - expect(output).not.to.be.differentFrom(expected, { relaxedSpace: true }); + expect(modelStr).not.to.be.differentFrom(expected, { relaxedSpace: true }); }); }); }); diff --git a/test/generate/resolvers.js b/test/generate/resolvers.js index 58c1af8..acafd4b 100644 --- a/test/generate/resolvers.js +++ b/test/generate/resolvers.js @@ -3,36 +3,45 @@ import chai, { expect } from 'chai'; import chaiDiff from 'chai-diff'; import fs from 'fs'; -import readInput from '../../generate/read'; -import generateSchema from '../../generate/schema'; -import generateResolvers from '../../generate/resolvers'; +import { readString } from '../../generate/util/read'; +import generate from '../../generate'; describe('generateResolvers', () => { chai.use(chaiDiff); describe('with user test file', () => { - const input = readInput(`${__dirname}/../input/User.graphql`); + const input = readString(`${__dirname}/../input/User.graphql`); it('generates correct JavaScript', () => { - const schema = generateSchema(input); - const output = generateResolvers(input, schema); + const { + typeName, + TypeName, + outputSchemaStr, + resolversStr, + modelStr, + } = generate(input); const expected = fs.readFileSync(`${__dirname}/../output-app/resolvers/User.js`, 'utf8'); - expect(output).not.to.be.differentFrom(expected, { relaxedSpace: true }); + expect(resolversStr).not.to.be.differentFrom(expected, { relaxedSpace: true }); }); }); describe('with tweet test file', () => { - const input = readInput(`${__dirname}/../input/Tweet.graphql`); + const input = readString(`${__dirname}/../input/Tweet.graphql`); it('generates correct JavaScript', () => { - const schema = generateSchema(input); - const output = generateResolvers(input, schema); + const { + typeName, + TypeName, + outputSchemaStr, + resolversStr, + modelStr, + } = generate(input); const expected = fs.readFileSync(`${__dirname}/../output-app/resolvers/Tweet.js`, 'utf8'); - expect(output).not.to.be.differentFrom(expected, { relaxedSpace: true }); + expect(resolversStr).not.to.be.differentFrom(expected, { relaxedSpace: true }); }); }); }); diff --git a/test/generate/schema.js b/test/generate/schema.js index 395b33a..fd6a3b7 100644 --- a/test/generate/schema.js +++ b/test/generate/schema.js @@ -4,7 +4,7 @@ import chaiDiff from 'chai-diff'; import fs from 'fs'; import { print } from 'graphql'; -import readInput from '../../generate/read'; +import readInput from '../../generate/util/read'; import generateSchema from '../../generate/schema'; describe('generateSchema', () => { diff --git a/test/output-app/README.md b/test/output-app/README.md index 085848b..fc7ed96 100644 --- a/test/output-app/README.md +++ b/test/output-app/README.md @@ -66,7 +66,7 @@ import { ObjectId } from 'mongodb'; import nodeify from 'nodeify'; import bcrypt from 'bcrypt'; import DataLoader from 'dataloader'; -import { findByIds } from 'create-graphql-server-authorization'; +import { findByIds } from 'create-graphql-server-find-by-ids'; const KEY = 'test-key'; let Loader; @@ -201,7 +201,7 @@ This uses the following functions from that module: ### function authlog A logging function that understands "resolvers", "modes" and "users". Simple wrapper around whatever logging function we use. -### function findByIds +### function findByIds (create-graphql-server-find-by-ids) This is an extended version of [mongo-find-by-ids](https://github.com/tmeasday/mongo-find-by-ids). The enhancement is only to provide an additional authQuery object, to extend the query to meet additional authorizations. diff --git a/test/output-app/log/all-logs-readable.log b/test/output-app/log/all-logs-readable.log index e69de29..bd9dceb 100644 --- a/test/output-app/log/all-logs-readable.log +++ b/test/output-app/log/all-logs-readable.log @@ -0,0 +1,2283 @@ +2017-09-06 14:28:31 -------------------------------------------------------------------------------- +2017-09-06 14:28:31 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-09-06 14:28:31 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:31 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:31 registered authorizedLoader successfully +2017-09-06 14:28:31 registered authorizedLoader successfully +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + __schema { + queryType { + name + } + } +} + +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + role + username + } +} + +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + role + username + } +} + +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca2") { + role + username + } +} + +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + id + username + bio + } +} + +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users { + username + createdAt + } +} + +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(limit: 1) { + username + createdAt + } +} + +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993) { + username + createdAt + } +} + +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + users(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } +} + +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readMany 'users' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers { + username + createdAt + } + } +} + +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(limit: 1) { + username + createdAt + } + } +} + +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + followers(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 Authorize readMany 'user followers' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following { + username + createdAt + } + } +} + +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(limit: 1) { + username + createdAt + } + } +} + +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993) { + username + createdAt + } + } +} + +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + following(lastCreatedAt: 1479776905993, limit: 1) { + username + createdAt + } + } +} + +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 Authorize readMany 'user following' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets { + id + createdAt + } + } +} + +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(limit: 1) { + id + createdAt + } + } +} + +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } + } +} + +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } + } +} + +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 Authorize readMany 'user tweets' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked { + id + createdAt + } + } +} + +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(limit: 1) { + id + createdAt + } + } +} + +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334) { + id + createdAt + } + } +} + +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca0") { + liked(lastCreatedAt: 1479964371334, limit: 1) { + id + createdAt + } + } +} + +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 Authorize readMany 'user liked' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + id + body + } +} + +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e351") { + author { + username + } + } +} + +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets { + id + createdAt + } +} + +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(limit: 1) { + id + createdAt + } +} + +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853) { + id + createdAt + } +} + +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweets(lastCreatedAt: 1479964340853, limit: 1) { + id + createdAt + } +} + +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readMany 'tweets' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers { + username + createdAt + } + } +} + +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(limit: 1) { + username + createdAt + } + } +} + +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993) { + username + createdAt + } + } +} + +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e353") { + likers(lastCreatedAt: 1479776904993, limit: 1) { + username + createdAt + } + } +} + +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 Authorize readMany 'tweet likers' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "admin"}) { + id + role + } +} + +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-09-06 14:28:58 inserted user 59afea0a66d3d67b39954b17. +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "tobkle", role: "admin", id: "59afea0a66d3d67b39954b17", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {email: "zol@gmail.com", password: "password", username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 Authorize create 'createUser' with user 'tobkle' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize create 'createUser' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-09-06 14:28:58 inserted user 59afea0a66d3d67b39954b18. +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "tobkle", role: "admin", id: "59afea0a66d3d67b39954b17", +Operation: "", variables: "", +Query: +{ + user(id: "59afea0a66d3d67b39954b18") { + username + bio + role + } +} + +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "tobkle", role: "admin", id: "59afea0a66d3d67b39954b17", +Operation: "", variables: "", +Query: +{ + user(id: "59afea0a66d3d67b39954b17") { + username + role + } +} + +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "tobkle", role: "admin", id: "59afea0a66d3d67b39954b17", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59afea0a66d3d67b39954b18", input: {username: "zoltan", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 updated user 59afea0a66d3d67b39954b18. +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "tobkle", role: "admin", id: "59afea0a66d3d67b39954b17", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59afea0a66d3d67b39954b17", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-09-06 14:28:58 updated user 59afea0a66d3d67b39954b17. +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "tobkle", role: "admin", id: "59afea0a66d3d67b39954b17", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59afea0a66d3d67b39954b18", input: {username: "zoltan", bio: "now an admin", role: "admin"}) { + username + bio + role + } +} + +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 updated user 59afea0a66d3d67b39954b18. +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "tobkle", role: "admin", id: "59afea0a66d3d67b39954b17", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59afea0a66d3d67b39954b17", input: {username: "tobkle", bio: "Maker of things, I guess", role: "editor"}) { + username + bio + role + } +} + +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize update 'updateUser' with user 'tobkle' and role 'admin' is authorized +2017-09-06 14:28:58 updated user 59afea0a66d3d67b39954b17. +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "tobkle", role: "editor", id: "59afea0a66d3d67b39954b17", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59afea0a66d3d67b39954b17", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-09-06 14:28:58 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59afea0a66d3d67b39954b17" + } + ] +} +2017-09-06 14:28:58 updated user 59afea0a66d3d67b39954b17. +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59afea0a66d3d67b39954b17" + } + ] +} +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "zoltan", role: "admin", id: "59afea0a66d3d67b39954b18", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59afea0a66d3d67b39954b17", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'zoltan' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'zoltan' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize update 'updateUser' with user 'zoltan' and role 'admin' is authorized +2017-09-06 14:28:58 updated user 59afea0a66d3d67b39954b17. +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "tobkle", role: "admin", id: "59afea0a66d3d67b39954b17", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59afea0a66d3d67b39954b18") +} + +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-09-06 14:28:58 removed user 59afea0a66d3d67b39954b18. +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "tobkle", role: "admin", id: "59afea0a66d3d67b39954b17", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59afea0a66d3d67b39954b17", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-09-06 14:28:58 inserted tweet 59afea0a66d3d67b39954b19. +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "tobkle", role: "admin", id: "59afea0a66d3d67b39954b17", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "tobkle", role: "admin", id: "59afea0a66d3d67b39954b17", +Operation: "", variables: "", +Query: +{ + tweet(id: "59afea0a66d3d67b39954b19") { + author { + id + } + body + } +} + +2017-09-06 14:28:58 Authorize create 'createTweet' with user 'tobkle' and role 'admin' is authorized +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 inserted tweet 59afea0a66d3d67b39954b1a. +2017-09-06 14:28:58 Authorize create 'createTweet' with user 'tobkle' and role: 'admin' is authorized by userRole. +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "tobkle", role: "admin", id: "59afea0a66d3d67b39954b17", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "tobkle", role: "admin", id: "59afea0a66d3d67b39954b17", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59afea0a66d3d67b39954b19", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 updated tweet 59afea0a66d3d67b39954b19. +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "tobkle", role: "admin", id: "59afea0a66d3d67b39954b17", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59afea0a66d3d67b39954b1a", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize update 'updateTweet' with user 'tobkle' and role 'admin' is authorized +2017-09-06 14:28:58 updated tweet 59afea0a66d3d67b39954b1a. +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "tobkle", role: "admin", id: "59afea0a66d3d67b39954b17", +Operation: "", variables: "", +Query: +{ + tweet(id: "59afea0a66d3d67b39954b19") { + body + } +} + +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "tobkle", role: "admin", id: "59afea0a66d3d67b39954b17", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59afea0a66d3d67b39954b19") +} + +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 removed tweet 59afea0a66d3d67b39954b19. +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "tobkle", role: "admin", id: "59afea0a66d3d67b39954b17", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59afea0a66d3d67b39954b1a") +} + +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize delete 'removeTweet' with user 'tobkle' and role 'admin' is authorized +2017-09-06 14:28:58 removed tweet 59afea0a66d3d67b39954b1a. +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "tobkle", role: "admin", id: "59afea0a66d3d67b39954b17", +Operation: "", variables: "", +Query: +{ + tweet(id: "59afea0a66d3d67b39954b19") { + body + } +} + +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "tobkle", role: "admin", id: "59afea0a66d3d67b39954b17", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59afea0a66d3d67b39954b17") +} + +2017-09-06 14:28:58 Authorize readOne 'user findOneById' with user 'tobkle' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'admin' is authorized +2017-09-06 14:28:58 Authorize delete 'removeUser' with user 'tobkle' and role 'admin' is authorized +2017-09-06 14:28:58 removed user 59afea0a66d3d67b39954b17. +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59afea0a66d3d67b39954b17") { + username + bio + role + } +} + +2017-09-06 14:28:58 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-09-06 14:28:58 ERROR Authorize readOne 'user' with user '' not authorized +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "admin"}) { + id + } +} + +2017-09-06 14:28:58 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 ERROR Authorize create 'createUser' with user '' and role: 'null' is not authorized. +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-09-06 14:28:58 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-09-06 14:28:58 ERROR Authorize readOne 'user' with user '' not authorized +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-09-06 14:28:58 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-09-06 14:28:58 ERROR Authorize update 'updateUser' with user '' and role: 'null' is not authorized. +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:58 -------------------------------------------------------------------------------- +2017-09-06 14:28:58 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-09-06 14:28:58 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-09-06 14:28:58 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-09-06 14:28:58 ERROR Authorize delete 'removeUser' with user '' and role: 'null' is not authorized. +2017-09-06 14:28:58 registered authorizedLoader successfully +2017-09-06 14:28:59 -------------------------------------------------------------------------------- +2017-09-06 14:28:59 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-09-06 14:28:59 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-09-06 14:28:59 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 -------------------------------------------------------------------------------- +2017-09-06 14:28:59 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-09-06 14:28:59 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-09-06 14:28:59 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-09-06 14:28:59 ERROR Authorize create 'createTweet' with user '' and role: 'null' is not authorized. +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 -------------------------------------------------------------------------------- +2017-09-06 14:28:59 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-09-06 14:28:59 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-09-06 14:28:59 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 ERROR Authorize readOne 'tweet author' with user '' not authorized +2017-09-06 14:28:59 -------------------------------------------------------------------------------- +2017-09-06 14:28:59 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-09-06 14:28:59 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-09-06 14:28:59 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-09-06 14:28:59 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 -------------------------------------------------------------------------------- +2017-09-06 14:28:59 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-09-06 14:28:59 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-09-06 14:28:59 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-09-06 14:28:59 ERROR Authorize update 'updateTweet' with user '' and role: 'null' is not authorized. +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 -------------------------------------------------------------------------------- +2017-09-06 14:28:59 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-09-06 14:28:59 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-09-06 14:28:59 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-09-06 14:28:59 ERROR Authorize delete 'removeTweet' with user '' and role: 'null' is not authorized. +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 -------------------------------------------------------------------------------- +2017-09-06 14:28:59 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "user"}) { + id + role + } +} + +2017-09-06 14:28:59 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:59 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:59 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-09-06 14:28:59 inserted user 59afea0b66d3d67b39954b1b. +2017-09-06 14:28:59 -------------------------------------------------------------------------------- +2017-09-06 14:28:59 Request: +User: "tobkle", role: "user", id: "59afea0b66d3d67b39954b1b", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {email: "zol@gmail.com", password: "password", username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-09-06 14:28:59 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59afea0b66d3d67b39954b1b" + } + ] +} +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'user' is not authorized. +2017-09-06 14:28:59 -------------------------------------------------------------------------------- +2017-09-06 14:28:59 Request: +User: "tobkle", role: "user", id: "59afea0b66d3d67b39954b1b", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-09-06 14:28:59 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59afea0b66d3d67b39954b1b" + } + ] +} +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 -------------------------------------------------------------------------------- +2017-09-06 14:28:59 Request: +User: "tobkle", role: "user", id: "59afea0b66d3d67b39954b1b", +Operation: "", variables: "", +Query: +{ + user(id: "59afea0b66d3d67b39954b1b") { + username + } +} + +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-09-06 14:28:59 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59afea0b66d3d67b39954b1b" + } + ] +} +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 -------------------------------------------------------------------------------- +2017-09-06 14:28:59 Request: +User: "tobkle", role: "user", id: "59afea0b66d3d67b39954b1b", +Operation: "", variables: "", +Query: +{ + user(id: "59afea0b66d3d67b39954b1b") { + username + role + } +} + +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-09-06 14:28:59 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59afea0b66d3d67b39954b1b" + } + ] +} +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 -------------------------------------------------------------------------------- +2017-09-06 14:28:59 Request: +User: "tobkle", role: "user", id: "59afea0b66d3d67b39954b1b", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-09-06 14:28:59 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59afea0b66d3d67b39954b1b" + } + ] +} +2017-09-06 14:28:59 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59afea0b66d3d67b39954b1b" + } + ] +} +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 -------------------------------------------------------------------------------- +2017-09-06 14:28:59 Request: +User: "tobkle", role: "user", id: "59afea0b66d3d67b39954b1b", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59afea0b66d3d67b39954b1b", input: {username: "tobkle", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-09-06 14:28:59 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59afea0b66d3d67b39954b1b" + } + ] +} +2017-09-06 14:28:59 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59afea0b66d3d67b39954b1b" + } + ] +} +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 updated user 59afea0b66d3d67b39954b1b. +2017-09-06 14:28:59 -------------------------------------------------------------------------------- +2017-09-06 14:28:59 Request: +User: "tobkle", role: "user", id: "59afea0b66d3d67b39954b1b", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59afea0b66d3d67b39954b1b", input: {username: "tobkle", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-09-06 14:28:59 Authorize update 'updateUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59afea0b66d3d67b39954b1b" + } + ] +} +2017-09-06 14:28:59 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59afea0b66d3d67b39954b1b" + } + ] +} +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 updated user 59afea0b66d3d67b39954b1b. +2017-09-06 14:28:59 -------------------------------------------------------------------------------- +2017-09-06 14:28:59 Request: +User: "tobkle", role: "user", id: "59afea0b66d3d67b39954b1b", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-09-06 14:28:59 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59afea0b66d3d67b39954b1b" + } + ] +} +2017-09-06 14:28:59 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59afea0b66d3d67b39954b1b" + } + ] +} +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 -------------------------------------------------------------------------------- +2017-09-06 14:28:59 Request: +User: "tobkle", role: "user", id: "59afea0b66d3d67b39954b1b", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59afea0b66d3d67b39954b1b", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-09-06 14:28:59 Authorize create 'createTweet' with user 'tobkle' and role: 'user' is authorized by docRole. +2017-09-06 14:28:59 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59afea0b66d3d67b39954b1b" + } + ] +} +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 inserted tweet 59afea0b66d3d67b39954b1c. +2017-09-06 14:28:59 -------------------------------------------------------------------------------- +2017-09-06 14:28:59 Request: +User: "tobkle", role: "user", id: "59afea0b66d3d67b39954b1b", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-09-06 14:28:59 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59afea0b66d3d67b39954b1b" + } + ] +} +2017-09-06 14:28:59 ERROR Authorize create 'createTweet' with user 'tobkle' and role: 'user' is not authorized. +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 -------------------------------------------------------------------------------- +2017-09-06 14:28:59 Request: +User: "tobkle", role: "user", id: "59afea0b66d3d67b39954b1b", +Operation: "", variables: "", +Query: +{ + tweet(id: "59afea0b66d3d67b39954b1c") { + author { + id + } + body + } +} + +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-09-06 14:28:59 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59afea0b66d3d67b39954b1b" + } + ] +} +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 -------------------------------------------------------------------------------- +2017-09-06 14:28:59 Request: +User: "tobkle", role: "user", id: "59afea0b66d3d67b39954b1b", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-09-06 14:28:59 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59afea0b66d3d67b39954b1b" + } + ] +} +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 -------------------------------------------------------------------------------- +2017-09-06 14:28:59 Request: +User: "tobkle", role: "user", id: "59afea0b66d3d67b39954b1b", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59afea0b66d3d67b39954b1c", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-09-06 14:28:59 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59afea0b66d3d67b39954b1b" + } + ] +} +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59afea0b66d3d67b39954b1b" + }, + { + "coauthorsIds": "59afea0b66d3d67b39954b1b" + } + ] +} +2017-09-06 14:28:59 updated tweet 59afea0b66d3d67b39954b1c. +2017-09-06 14:28:59 -------------------------------------------------------------------------------- +2017-09-06 14:28:59 Request: +User: "tobkle", role: "user", id: "59afea0b66d3d67b39954b1b", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-09-06 14:28:59 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59afea0b66d3d67b39954b1b" + } + ] +} +2017-09-06 14:28:59 Authorize update 'updateTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59afea0b66d3d67b39954b1b" + }, + { + "coauthorsIds": "59afea0b66d3d67b39954b1b" + } + ] +} +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 -------------------------------------------------------------------------------- +2017-09-06 14:28:59 Request: +User: "tobkle", role: "user", id: "59afea0b66d3d67b39954b1b", +Operation: "", variables: "", +Query: +{ + tweet(id: "59afea0b66d3d67b39954b1c") { + body + } +} + +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-09-06 14:28:59 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59afea0b66d3d67b39954b1b" + } + ] +} +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 -------------------------------------------------------------------------------- +2017-09-06 14:28:59 Request: +User: "tobkle", role: "user", id: "59afea0b66d3d67b39954b1b", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59afea0b66d3d67b39954b1c") +} + +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-09-06 14:28:59 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59afea0b66d3d67b39954b1b" + } + ] +} +2017-09-06 14:28:59 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59afea0b66d3d67b39954b1b" + } + ] +} +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 removed tweet 59afea0b66d3d67b39954b1c. +2017-09-06 14:28:59 -------------------------------------------------------------------------------- +2017-09-06 14:28:59 Request: +User: "tobkle", role: "user", id: "59afea0b66d3d67b39954b1b", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-09-06 14:28:59 Authorize delete 'removeTweet' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "authorId": "59afea0b66d3d67b39954b1b" + } + ] +} +2017-09-06 14:28:59 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59afea0b66d3d67b39954b1b" + } + ] +} +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 -------------------------------------------------------------------------------- +2017-09-06 14:28:59 Request: +User: "tobkle", role: "user", id: "59afea0b66d3d67b39954b1b", +Operation: "", variables: "", +Query: +{ + tweet(id: "59afea0b66d3d67b39954b1c") { + body + } +} + +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-09-06 14:28:59 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59afea0b66d3d67b39954b1b" + } + ] +} +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 -------------------------------------------------------------------------------- +2017-09-06 14:28:59 Request: +User: "tobkle", role: "user", id: "59afea0b66d3d67b39954b1b", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59afea0b66d3d67b39954b1b") +} + +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'user' is authorized +2017-09-06 14:28:59 Authorize delete 'removeUser' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59afea0b66d3d67b39954b1b" + } + ] +} +2017-09-06 14:28:59 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'user' with + authQuery: { + "$or": [ + { + "_id": "59afea0b66d3d67b39954b1b" + } + ] +} +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 removed user 59afea0b66d3d67b39954b1b. +2017-09-06 14:28:59 -------------------------------------------------------------------------------- +2017-09-06 14:28:59 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59afea0b66d3d67b39954b1b") { + username + bio + role + } +} + +2017-09-06 14:28:59 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-09-06 14:28:59 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-09-06 14:28:59 ERROR Authorize readOne 'user' with user '' not authorized +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 -------------------------------------------------------------------------------- +2017-09-06 14:28:59 Request: +User: "stubailo", role: "admin", id: "583291a1638566b3c5a92ca1", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {email: "tobias@gmail.com", password: "password", username: "tobkle", bio: "someone", role: "editor"}) { + id + role + } +} + +2017-09-06 14:28:59 Authorize readOne 'user findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:59 Authorize readOne 'tweet findOneById' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 Authorize create 'createUser' with user 'stubailo' and role 'admin' is authorized +2017-09-06 14:28:59 Authorize create 'createUser' with user 'stubailo' and role: 'admin' is authorized by userRole. +2017-09-06 14:28:59 inserted user 59afea0b66d3d67b39954b1d. +2017-09-06 14:28:59 -------------------------------------------------------------------------------- +2017-09-06 14:28:59 Request: +User: "tobkle", role: "editor", id: "59afea0b66d3d67b39954b1d", +Operation: "", variables: "", +Query: +mutation { + createUser(input: {email: "zol@gmail.com", password: "password", username: "zol", bio: "Maker of apps, product and engineering. Climber. Cyclist. Enthusiast. Product lead", role: "editor"}) { + id + } +} + +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-09-06 14:28:59 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59afea0b66d3d67b39954b1d" + } + ] +} +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 ERROR Authorize create 'createUser' with user 'tobkle' and role: 'editor' is not authorized. +2017-09-06 14:28:59 -------------------------------------------------------------------------------- +2017-09-06 14:28:59 Request: +User: "tobkle", role: "editor", id: "59afea0b66d3d67b39954b1d", +Operation: "", variables: "", +Query: +{ + user(id: "583291a1638566b3c5a92ca1") { + username + bio + role + } +} + +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-09-06 14:28:59 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59afea0b66d3d67b39954b1d" + } + ] +} +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 -------------------------------------------------------------------------------- +2017-09-06 14:28:59 Request: +User: "tobkle", role: "editor", id: "59afea0b66d3d67b39954b1d", +Operation: "", variables: "", +Query: +{ + user(id: "59afea0b66d3d67b39954b1d") { + username + role + } +} + +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-09-06 14:28:59 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59afea0b66d3d67b39954b1d" + } + ] +} +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 -------------------------------------------------------------------------------- +2017-09-06 14:28:59 Request: +User: "tobkle", role: "editor", id: "59afea0b66d3d67b39954b1d", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "583291a1638566b3c5a92ca1", input: {username: "zoltan", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-09-06 14:28:59 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59afea0b66d3d67b39954b1d" + } + ] +} +2017-09-06 14:28:59 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59afea0b66d3d67b39954b1d" + } + ] +} +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 -------------------------------------------------------------------------------- +2017-09-06 14:28:59 Request: +User: "tobkle", role: "editor", id: "59afea0b66d3d67b39954b1d", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59afea0b66d3d67b39954b1d", input: {username: "tmeasday", bio: "Maker of things, I guess"}) { + username + bio + } +} + +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 Authorize readOne 'tweet findOneById' with user 'tobkle' and role 'editor' is authorized +2017-09-06 14:28:59 Authorize update 'updateUser' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59afea0b66d3d67b39954b1d" + } + ] +} +2017-09-06 14:28:59 Authorize readOne 'user findOneById' with user 'tobkle' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59afea0b66d3d67b39954b1d" + } + ] +} +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 updated user 59afea0b66d3d67b39954b1d. +2017-09-06 14:28:59 -------------------------------------------------------------------------------- +2017-09-06 14:28:59 Request: +User: "tmeasday", role: "editor", id: "59afea0b66d3d67b39954b1d", +Operation: "", variables: "", +Query: +mutation { + updateUser(id: "59afea0b66d3d67b39954b1d", input: {username: "tmeasday", bio: "Maker of things, I guess", role: "admin"}) { + username + bio + role + } +} + +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-09-06 14:28:59 Authorize update 'updateUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59afea0b66d3d67b39954b1d" + } + ] +} +2017-09-06 14:28:59 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59afea0b66d3d67b39954b1d" + } + ] +} +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 updated user 59afea0b66d3d67b39954b1d. +2017-09-06 14:28:59 -------------------------------------------------------------------------------- +2017-09-06 14:28:59 Request: +User: "tmeasday", role: "editor", id: "59afea0b66d3d67b39954b1d", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "583291a1638566b3c5a92ca1") +} + +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-09-06 14:28:59 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59afea0b66d3d67b39954b1d" + } + ] +} +2017-09-06 14:28:59 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59afea0b66d3d67b39954b1d" + } + ] +} +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 -------------------------------------------------------------------------------- +2017-09-06 14:28:59 Request: +User: "tmeasday", role: "editor", id: "59afea0b66d3d67b39954b1d", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "59afea0b66d3d67b39954b1d", coauthorsIds: [], body: "This is a test tweet of user tobkle"}) { + id + } +} + +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-09-06 14:28:59 Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is authorized by docRole. +2017-09-06 14:28:59 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59afea0b66d3d67b39954b1d" + } + ] +} +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 inserted tweet 59afea0b66d3d67b39954b1e. +2017-09-06 14:28:59 -------------------------------------------------------------------------------- +2017-09-06 14:28:59 Request: +User: "tmeasday", role: "editor", id: "59afea0b66d3d67b39954b1d", +Operation: "", variables: "", +Query: +mutation { + createTweet(input: {authorId: "583291a1638566b3c5a92ca1", coauthorsIds: [], body: "We put our hearts into this talk about a #GraphQL-first workflow and how it helped us build apps fast:"}) { + id + } +} + +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-09-06 14:28:59 ERROR Authorize create 'createTweet' with user 'tmeasday' and role: 'editor' is not authorized. +2017-09-06 14:28:59 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59afea0b66d3d67b39954b1d" + } + ] +} +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 -------------------------------------------------------------------------------- +2017-09-06 14:28:59 Request: +User: "tmeasday", role: "editor", id: "59afea0b66d3d67b39954b1d", +Operation: "", variables: "", +Query: +{ + tweet(id: "59afea0b66d3d67b39954b1e") { + author { + id + } + body + } +} + +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-09-06 14:28:59 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59afea0b66d3d67b39954b1d" + } + ] +} +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 -------------------------------------------------------------------------------- +2017-09-06 14:28:59 Request: +User: "tmeasday", role: "editor", id: "59afea0b66d3d67b39954b1d", +Operation: "", variables: "", +Query: +{ + tweet(id: "583676d3618530145474e352") { + author { + id + } + body + } +} + +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-09-06 14:28:59 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59afea0b66d3d67b39954b1d" + } + ] +} +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 -------------------------------------------------------------------------------- +2017-09-06 14:28:59 Request: +User: "tmeasday", role: "editor", id: "59afea0b66d3d67b39954b1d", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "59afea0b66d3d67b39954b1e", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-09-06 14:28:59 updated tweet 59afea0b66d3d67b39954b1e. +2017-09-06 14:28:59 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59afea0b66d3d67b39954b1d" + }, + { + "coauthorsIds": "59afea0b66d3d67b39954b1d" + } + ] +} +2017-09-06 14:28:59 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59afea0b66d3d67b39954b1d" + } + ] +} +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 -------------------------------------------------------------------------------- +2017-09-06 14:28:59 Request: +User: "tmeasday", role: "editor", id: "59afea0b66d3d67b39954b1d", +Operation: "", variables: "", +Query: +mutation { + updateTweet(id: "583676d3618530145474e352", input: {body: "This is a modified test tweet"}) { + body + } +} + +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-09-06 14:28:59 Authorize update 'updateTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59afea0b66d3d67b39954b1d" + }, + { + "coauthorsIds": "59afea0b66d3d67b39954b1d" + } + ] +} +2017-09-06 14:28:59 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59afea0b66d3d67b39954b1d" + } + ] +} +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 -------------------------------------------------------------------------------- +2017-09-06 14:28:59 Request: +User: "tmeasday", role: "editor", id: "59afea0b66d3d67b39954b1d", +Operation: "", variables: "", +Query: +{ + tweet(id: "59afea0b66d3d67b39954b1e") { + body + } +} + +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-09-06 14:28:59 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59afea0b66d3d67b39954b1d" + } + ] +} +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 -------------------------------------------------------------------------------- +2017-09-06 14:28:59 Request: +User: "tmeasday", role: "editor", id: "59afea0b66d3d67b39954b1d", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "59afea0b66d3d67b39954b1e") +} + +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-09-06 14:28:59 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59afea0b66d3d67b39954b1d" + } + ] +} +2017-09-06 14:28:59 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59afea0b66d3d67b39954b1d" + } + ] +} +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 removed tweet 59afea0b66d3d67b39954b1e. +2017-09-06 14:28:59 -------------------------------------------------------------------------------- +2017-09-06 14:28:59 Request: +User: "tmeasday", role: "editor", id: "59afea0b66d3d67b39954b1d", +Operation: "", variables: "", +Query: +mutation { + removeTweet(id: "583676d3618530145474e352") +} + +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-09-06 14:28:59 Authorize delete 'removeTweet' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "authorId": "59afea0b66d3d67b39954b1d" + } + ] +} +2017-09-06 14:28:59 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59afea0b66d3d67b39954b1d" + } + ] +} +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 -------------------------------------------------------------------------------- +2017-09-06 14:28:59 Request: +User: "tmeasday", role: "editor", id: "59afea0b66d3d67b39954b1d", +Operation: "", variables: "", +Query: +{ + tweet(id: "59afea0b66d3d67b39954b1e") { + body + } +} + +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-09-06 14:28:59 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59afea0b66d3d67b39954b1d" + } + ] +} +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 -------------------------------------------------------------------------------- +2017-09-06 14:28:59 Request: +User: "tmeasday", role: "editor", id: "59afea0b66d3d67b39954b1d", +Operation: "", variables: "", +Query: +mutation { + removeUser(id: "59afea0b66d3d67b39954b1d") +} + +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 Authorize readOne 'tweet findOneById' with user 'tmeasday' and role 'editor' is authorized +2017-09-06 14:28:59 Authorize delete 'removeUser' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59afea0b66d3d67b39954b1d" + } + ] +} +2017-09-06 14:28:59 Authorize readOne 'user findOneById' with user 'tmeasday' and role: 'editor' with + authQuery: { + "$or": [ + { + "_id": "59afea0b66d3d67b39954b1d" + } + ] +} +2017-09-06 14:28:59 registered authorizedLoader successfully +2017-09-06 14:28:59 removed user 59afea0b66d3d67b39954b1d. +2017-09-06 14:28:59 -------------------------------------------------------------------------------- +2017-09-06 14:28:59 Request: +User: "", role: "", id: "", +Operation: "", variables: "", +Query: +{ + user(id: "59afea0b66d3d67b39954b1d") { + username + bio + role + } +} + +2017-09-06 14:28:59 ERROR Authorize readOne 'user findOneById' with user '' and role: 'null' is not authorized. +2017-09-06 14:28:59 Authorize readOne 'tweet findOneById' with user '' and role '' is authorized +2017-09-06 14:28:59 ERROR Authorize readOne 'user' with user '' not authorized +2017-09-06 14:28:59 registered authorizedLoader successfully diff --git a/test/output-app/model/Tweet.js b/test/output-app/model/Tweet.js index 40e233b..1817205 100644 --- a/test/output-app/model/Tweet.js +++ b/test/output-app/model/Tweet.js @@ -11,7 +11,6 @@ export default class Tweet { this.context = context; this.collection = context.db.collection('tweet'); this.pubsub = context.pubsub; - this.log = context.log; const { me, User } = context; queryForRoles( me, @@ -104,7 +103,7 @@ export default class Tweet { if (!id) { throw new Error(`insert tweet not possible.`); } - this.log.debug(`inserted tweet ${id}.`); + this.context.log.debug(`inserted tweet ${id}.`); const insertedDoc = this.findOneById(id, me, 'pubsub tweetInserted'); this.pubsub.publish('tweetInserted', insertedDoc); return insertedDoc; @@ -130,7 +129,7 @@ export default class Tweet { if (result.result.ok !== 1 || result.result.n !== 1) { throw new Error(`update tweet not possible for ${id}.`); } - this.log.debug(`updated tweet ${id}.`); + this.context.log.debug(`updated tweet ${id}.`); this.authorizedLoader.clear(id); const updatedDoc = this.findOneById(id, me, 'pubsub tweetUpdated'); this.pubsub.publish('tweetUpdated', updatedDoc); @@ -151,7 +150,7 @@ export default class Tweet { if (result.result.ok !== 1 || result.result.n !== 1) { throw new Error(`remove tweet not possible for ${id}.`); } - this.log.debug(`removed tweet ${id}.`); + this.context.log.debug(`removed tweet ${id}.`); this.authorizedLoader.clear(id); this.pubsub.publish('tweetRemoved', id); return result; diff --git a/test/output-app/model/User.js b/test/output-app/model/User.js index 344c0d6..670c416 100644 --- a/test/output-app/model/User.js +++ b/test/output-app/model/User.js @@ -14,7 +14,6 @@ export default class User { this.context = context; this.collection = context.db.collection('user'); this.pubsub = context.pubsub; - this.log = context.log; this.authRole = User.authRole; const { me } = context; queryForRoles( @@ -129,7 +128,7 @@ export default class User { if (!id) { throw new Error(`insert user not possible.`); } - this.log.debug(`inserted user ${id}.`); + this.context.log.debug(`inserted user ${id}.`); const insertedDoc = this.findOneById(id, me, 'pubsub userInserted'); this.pubsub.publish('userInserted', insertedDoc); return insertedDoc; @@ -162,7 +161,7 @@ export default class User { if (result.result.ok !== 1 || result.result.n !== 1) { throw new Error(`update user not possible for ${id}.`); } - this.log.debug(`updated user ${id}.`); + this.context.log.debug(`updated user ${id}.`); this.authorizedLoader.clear(id); const updatedDoc = this.findOneById(id, me, 'pubsub userUpdated'); this.pubsub.publish('userUpdated', updatedDoc); @@ -183,7 +182,7 @@ export default class User { if (result.result.ok !== 1 || result.result.n !== 1) { throw new Error(`remove user not possible for ${id}.`); } - this.log.debug(`removed user ${id}.`); + this.context.log.debug(`removed user ${id}.`); this.authorizedLoader.clear(id); this.pubsub.publish('userRemoved', id); return result; diff --git a/test/output-app/package.json b/test/output-app/package.json index 8dead59..68b7053 100644 --- a/test/output-app/package.json +++ b/test/output-app/package.json @@ -39,7 +39,9 @@ "bcrypt": "^1.0.2", "body-parser": "1.15.2", "cors": "^2.8.1", - "create-graphql-server-authorization": "^0.0.42", + "create-graphql-server-authorization": "^0.0.45", + "create-graphql-server-find-by-ids": "^0.0.4", + "create-graphql-server-logging": "^0.0.3", "dataloader": "^1.2.0", "denodeify": "^1.2.1", "dotenv": "2.0.0", diff --git a/test/output-app/schema/Tweet.graphql b/test/output-app/schema/Tweet.graphql index 852cecb..6ff5416 100644 --- a/test/output-app/schema/Tweet.graphql +++ b/test/output-app/schema/Tweet.graphql @@ -4,10 +4,10 @@ type Tweet { coauthors(lastCreatedAt: Float, limit: Int): [User] body: String likers(lastCreatedAt: Float, limit: Int): [User] - createdBy: User - updatedBy: User createdAt: Float! updatedAt: Float! + createdBy: User + updatedBy: User } extend type Query { diff --git a/test/output-app/schema/User.graphql b/test/output-app/schema/User.graphql index 9859bda..fcd6f86 100644 --- a/test/output-app/schema/User.graphql +++ b/test/output-app/schema/User.graphql @@ -9,10 +9,10 @@ type User { liked(lastCreatedAt: Float, limit: Int): [Tweet] following(lastCreatedAt: Float, limit: Int): [User] followers(lastCreatedAt: Float, limit: Int): [User] - createdBy: User - updatedBy: User createdAt: Float! updatedAt: Float! + createdBy: User + updatedBy: User } extend type Query { diff --git a/test/output-app/server/authenticate.js b/test/output-app/server/authenticate.js index 283964a..2559482 100644 --- a/test/output-app/server/authenticate.js +++ b/test/output-app/server/authenticate.js @@ -5,7 +5,7 @@ import { ObjectId } from 'mongodb'; import nodeify from 'nodeify'; import bcrypt from 'bcrypt'; import DataLoader from 'dataloader'; -import { findByIds } from 'create-graphql-server-authorization'; +import { findByIds } from 'create-graphql-server-find-by-ids'; const KEY = 'test-key'; let Loader; diff --git a/test/output-app/server/index.js b/test/output-app/server/index.js index de2040e..ca7be63 100644 --- a/test/output-app/server/index.js +++ b/test/output-app/server/index.js @@ -8,8 +8,8 @@ import { MongoClient } from 'mongodb'; import cors from 'cors'; import passport from 'passport'; import morgan from 'morgan'; - -import { getLogFilename, logger } from 'create-graphql-server-authorization'; +import { findByIds } from 'create-graphql-server-find-by-ids'; +import { getLogFilename, logger } from 'create-graphql-server-logging'; import typeDefs from '../schema'; import resolvers from '../resolvers'; import addModelsToContext from '../model'; @@ -48,7 +48,9 @@ async function startServer() { app.use('/graphql', (req, res, next) => { passport.authenticate('jwt', { session: false }, (err, me) => { - req.context = addModelsToContext({ db, pubsub, me, UserCollection, log }); + req.context = addModelsToContext({ + db, pubsub, me, UserCollection, findByIds, log + }); graphqlExpress(() => { // Get the query, the same way express-graphql does it // https://github.com/graphql/express-graphql/blob/3fa6e68582d6d933d37fa9e841da5d2aa39261cd/src/index.js#L257 diff --git a/test/output-app/yarn.lock b/test/output-app/yarn.lock index 0b74642..6dbdcd4 100644 --- a/test/output-app/yarn.lock +++ b/test/output-app/yarn.lock @@ -177,6 +177,12 @@ assert-plus@^0.2.0: version "0.2.0" resolved "https://registry.yarnpkg.com/assert-plus/-/assert-plus-0.2.0.tgz#d74e1b87e7affc0db8aadb7021f3fe48101ab234" +assert@^1.4.1: + version "1.4.1" + resolved "https://registry.yarnpkg.com/assert/-/assert-1.4.1.tgz#99912d591836b5a6f5b345c0f07eefc08fc65d91" + dependencies: + util "0.10.3" + assertion-error@^1.0.1: version "1.0.2" resolved "https://registry.yarnpkg.com/assertion-error/-/assertion-error-1.0.2.tgz#13ca515d86206da0bac66e834dd397d87581094c" @@ -1072,10 +1078,22 @@ center-align@^0.1.1: align-text "^0.1.3" lazy-cache "^1.0.3" +chai-json-equal@^0.0.1: + version "0.0.1" + resolved "https://registry.yarnpkg.com/chai-json-equal/-/chai-json-equal-0.0.1.tgz#338fcbbdaec63349379c7c4278c8a28da3b141a1" + +chai-spies-next@^0.9.3: + version "0.9.3" + resolved "https://registry.yarnpkg.com/chai-spies-next/-/chai-spies-next-0.9.3.tgz#672a84f68824af152ea1cbdda5a96f1a066302b9" + chai-string@^1.4.0: version "1.4.0" resolved "https://registry.yarnpkg.com/chai-string/-/chai-string-1.4.0.tgz#359140c051d36a4e4b1a5fc6b910152f438a8d49" +chai-subset@^1.6.0: + version "1.6.0" + resolved "https://registry.yarnpkg.com/chai-subset/-/chai-subset-1.6.0.tgz#a5d0ca14e329a79596ed70058b6646bd6988cfe9" + chai@^3.5.0: version "3.5.0" resolved "https://registry.yarnpkg.com/chai/-/chai-3.5.0.tgz#4d02637b067fe958bdbfdd3a40ec56fef7373247" @@ -1267,12 +1285,15 @@ crc@3.4.0: version "3.4.0" resolved "https://registry.yarnpkg.com/crc/-/crc-3.4.0.tgz#4258e351613a74ef1153dfcb05e820c3e9715d7f" -create-graphql-server-authorization@^0.0.42: - version "0.0.42" - resolved "https://registry.yarnpkg.com/create-graphql-server-authorization/-/create-graphql-server-authorization-0.0.42.tgz#441afd10a12434ab96d84e42a4e867cc56845f88" +create-graphql-server-authorization@^0.0.45: + version "0.0.45" + resolved "https://registry.yarnpkg.com/create-graphql-server-authorization/-/create-graphql-server-authorization-0.0.45.tgz#b871b25281f85044aea8d213ca0091ca1e638655" dependencies: + assert "^1.4.1" babylon "^6.18.0" chai-string "^1.4.0" + create-graphql-server-find-by-ids "^0.0.4" + create-graphql-server-logging "^0.0.3" global "^4.3.2" graphql "^0.11.1" handlebars "^4.0.10" @@ -1285,6 +1306,22 @@ create-graphql-server-authorization@^0.0.42: recast "^0.12.6" winston "^2.3.1" +create-graphql-server-find-by-ids@^0.0.4: + version "0.0.4" + resolved "https://registry.yarnpkg.com/create-graphql-server-find-by-ids/-/create-graphql-server-find-by-ids-0.0.4.tgz#02d35103a55648d5589f0023f242047462396ef6" + dependencies: + babylon "^6.18.0" + +create-graphql-server-logging@^0.0.3: + version "0.0.3" + resolved "https://registry.yarnpkg.com/create-graphql-server-logging/-/create-graphql-server-logging-0.0.3.tgz#8b8b9c44ee5d6a9964696059a26858d57ea3bb79" + dependencies: + babylon "^6.18.0" + chai-json-equal "^0.0.1" + chai-spies-next "^0.9.3" + chai-subset "^1.6.0" + winston "^2.3.1" + cryptiles@2.x.x: version "2.0.5" resolved "https://registry.yarnpkg.com/cryptiles/-/cryptiles-2.0.5.tgz#3bdfecdc608147c1c67202fa291e7dca59eaa3b8" @@ -2372,6 +2409,10 @@ inherits@2, inherits@2.0.3, inherits@^2.0.1, inherits@^2.0.3, inherits@~2.0.0, i version "2.0.3" resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.3.tgz#633c2c83e3da42a502f52466022480f4208261de" +inherits@2.0.1: + version "2.0.1" + resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.1.tgz#b17d08d326b4423e568eff719f91b0b1cbdf69f1" + ini@~1.3.0: version "1.3.4" resolved "https://registry.yarnpkg.com/ini/-/ini-1.3.4.tgz#0537cb79daf59b59a1a517dff706c86ec039162e" @@ -4354,6 +4395,12 @@ util-deprecate@~1.0.1: version "1.0.2" resolved "https://registry.yarnpkg.com/util-deprecate/-/util-deprecate-1.0.2.tgz#450d4dc9fa70de732762fbd2d4a28981419a0ccf" +util@0.10.3: + version "0.10.3" + resolved "https://registry.yarnpkg.com/util/-/util-0.10.3.tgz#7afb1afe50805246489e3db7fe0ed379336ac0f9" + dependencies: + inherits "2.0.1" + utils-merge@1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/utils-merge/-/utils-merge-1.0.0.tgz#0294fb922bb9375153541c4f7096231f287c8af8" diff --git a/yarn.lock b/yarn.lock index 0815063..dfc199e 100644 --- a/yarn.lock +++ b/yarn.lock @@ -142,6 +142,12 @@ assert-plus@^0.2.0: version "0.2.0" resolved "https://registry.yarnpkg.com/assert-plus/-/assert-plus-0.2.0.tgz#d74e1b87e7affc0db8aadb7021f3fe48101ab234" +assert@^1.4.1: + version "1.4.1" + resolved "https://registry.yarnpkg.com/assert/-/assert-1.4.1.tgz#99912d591836b5a6f5b345c0f07eefc08fc65d91" + dependencies: + util "0.10.3" + assertion-error@^1.0.1: version "1.0.2" resolved "https://registry.yarnpkg.com/assertion-error/-/assertion-error-1.0.2.tgz#13ca515d86206da0bac66e834dd397d87581094c" @@ -974,10 +980,22 @@ chai-diff@^1.0.1: dependencies: diff "^2.2.1" +chai-json-equal@^0.0.1: + version "0.0.1" + resolved "https://registry.yarnpkg.com/chai-json-equal/-/chai-json-equal-0.0.1.tgz#338fcbbdaec63349379c7c4278c8a28da3b141a1" + +chai-spies-next@^0.9.3: + version "0.9.3" + resolved "https://registry.yarnpkg.com/chai-spies-next/-/chai-spies-next-0.9.3.tgz#672a84f68824af152ea1cbdda5a96f1a066302b9" + chai-string@^1.4.0: version "1.4.0" resolved "https://registry.yarnpkg.com/chai-string/-/chai-string-1.4.0.tgz#359140c051d36a4e4b1a5fc6b910152f438a8d49" +chai-subset@^1.6.0: + version "1.6.0" + resolved "https://registry.yarnpkg.com/chai-subset/-/chai-subset-1.6.0.tgz#a5d0ca14e329a79596ed70058b6646bd6988cfe9" + chai@^3.5.0: version "3.5.0" resolved "https://registry.yarnpkg.com/chai/-/chai-3.5.0.tgz#4d02637b067fe958bdbfdd3a40ec56fef7373247" @@ -1134,12 +1152,15 @@ cpr@^2.0.0: mkdirp "~0.5.1" rimraf "^2.5.4" -create-graphql-server-authorization@^0.0.42: - version "0.0.42" - resolved "https://registry.yarnpkg.com/create-graphql-server-authorization/-/create-graphql-server-authorization-0.0.42.tgz#441afd10a12434ab96d84e42a4e867cc56845f88" +create-graphql-server-authorization@^0.0.45: + version "0.0.45" + resolved "https://registry.yarnpkg.com/create-graphql-server-authorization/-/create-graphql-server-authorization-0.0.45.tgz#b871b25281f85044aea8d213ca0091ca1e638655" dependencies: + assert "^1.4.1" babylon "^6.18.0" chai-string "^1.4.0" + create-graphql-server-find-by-ids "^0.0.4" + create-graphql-server-logging "^0.0.3" global "^4.3.2" graphql "^0.11.1" handlebars "^4.0.10" @@ -1152,6 +1173,22 @@ create-graphql-server-authorization@^0.0.42: recast "^0.12.6" winston "^2.3.1" +create-graphql-server-find-by-ids@^0.0.4: + version "0.0.4" + resolved "https://registry.yarnpkg.com/create-graphql-server-find-by-ids/-/create-graphql-server-find-by-ids-0.0.4.tgz#02d35103a55648d5589f0023f242047462396ef6" + dependencies: + babylon "^6.18.0" + +create-graphql-server-logging@^0.0.3: + version "0.0.3" + resolved "https://registry.yarnpkg.com/create-graphql-server-logging/-/create-graphql-server-logging-0.0.3.tgz#8b8b9c44ee5d6a9964696059a26858d57ea3bb79" + dependencies: + babylon "^6.18.0" + chai-json-equal "^0.0.1" + chai-spies-next "^0.9.3" + chai-subset "^1.6.0" + winston "^2.3.1" + cross-spawn@^5.1.0: version "5.1.0" resolved "https://registry.yarnpkg.com/cross-spawn/-/cross-spawn-5.1.0.tgz#e8bd0efee58fcff6f8f94510a0a554bbfa235449" @@ -1893,6 +1930,10 @@ inherits@2, inherits@^2.0.1, inherits@^2.0.3, inherits@~2.0.0, inherits@~2.0.1, version "2.0.3" resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.3.tgz#633c2c83e3da42a502f52466022480f4208261de" +inherits@2.0.1: + version "2.0.1" + resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.1.tgz#b17d08d326b4423e568eff719f91b0b1cbdf69f1" + ini@~1.3.0: version "1.3.4" resolved "https://registry.yarnpkg.com/ini/-/ini-1.3.4.tgz#0537cb79daf59b59a1a517dff706c86ec039162e" @@ -3204,6 +3245,12 @@ util-deprecate@~1.0.1: version "1.0.2" resolved "https://registry.yarnpkg.com/util-deprecate/-/util-deprecate-1.0.2.tgz#450d4dc9fa70de732762fbd2d4a28981419a0ccf" +util@0.10.3: + version "0.10.3" + resolved "https://registry.yarnpkg.com/util/-/util-0.10.3.tgz#7afb1afe50805246489e3db7fe0ed379336ac0f9" + dependencies: + inherits "2.0.1" + uuid@^3.0.0: version "3.1.0" resolved "https://registry.yarnpkg.com/uuid/-/uuid-3.1.0.tgz#3dd3d3e790abc24d7b0d3a034ffababe28ebbc04"